diff options
Diffstat (limited to 'server/controllers')
| -rw-r--r-- | server/controllers/api/index.ts | 4 | ||||
| -rw-r--r-- | server/controllers/api/users/index.ts | 12 | ||||
| -rw-r--r-- | server/controllers/api/users/token.ts | 5 | ||||
| -rw-r--r-- | server/controllers/api/videos/view.ts | 2 | ||||
| -rw-r--r-- | server/controllers/feeds.ts | 10 | ||||
| -rw-r--r-- | server/controllers/lazy-static.ts | 21 |
6 files changed, 31 insertions, 23 deletions
diff --git a/server/controllers/api/index.ts b/server/controllers/api/index.ts index 5f49336b1..d1d4ef765 100644 --- a/server/controllers/api/index.ts +++ b/server/controllers/api/index.ts | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | import cors from 'cors' | 1 | import cors from 'cors' |
| 2 | import express from 'express' | 2 | import express from 'express' |
| 3 | import RateLimit from 'express-rate-limit' | 3 | import { buildRateLimiter } from '@server/middlewares' |
| 4 | import { HttpStatusCode } from '../../../shared/models' | 4 | import { HttpStatusCode } from '../../../shared/models' |
| 5 | import { badRequest } from '../../helpers/express-utils' | 5 | import { badRequest } from '../../helpers/express-utils' |
| 6 | import { CONFIG } from '../../initializers/config' | 6 | import { CONFIG } from '../../initializers/config' |
| @@ -29,7 +29,7 @@ apiRouter.use(cors({ | |||
| 29 | credentials: true | 29 | credentials: true |
| 30 | })) | 30 | })) |
| 31 | 31 | ||
| 32 | const apiRateLimiter = RateLimit({ | 32 | const apiRateLimiter = buildRateLimiter({ |
| 33 | windowMs: CONFIG.RATES_LIMIT.API.WINDOW_MS, | 33 | windowMs: CONFIG.RATES_LIMIT.API.WINDOW_MS, |
| 34 | max: CONFIG.RATES_LIMIT.API.MAX | 34 | max: CONFIG.RATES_LIMIT.API.MAX |
| 35 | }) | 35 | }) |
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 8a06bfe93..46e80d56d 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts | |||
| @@ -1,5 +1,4 @@ | |||
| 1 | import express from 'express' | 1 | import express from 'express' |
| 2 | import RateLimit from 'express-rate-limit' | ||
| 3 | import { tokensRouter } from '@server/controllers/api/users/token' | 2 | import { tokensRouter } from '@server/controllers/api/users/token' |
| 4 | import { Hooks } from '@server/lib/plugins/hooks' | 3 | import { Hooks } from '@server/lib/plugins/hooks' |
| 5 | import { OAuthTokenModel } from '@server/models/oauth/oauth-token' | 4 | import { OAuthTokenModel } from '@server/models/oauth/oauth-token' |
| @@ -17,9 +16,11 @@ import { Notifier } from '../../../lib/notifier' | |||
| 17 | import { Redis } from '../../../lib/redis' | 16 | import { Redis } from '../../../lib/redis' |
| 18 | import { buildUser, createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user' | 17 | import { buildUser, createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user' |
| 19 | import { | 18 | import { |
| 19 | adminUsersSortValidator, | ||
| 20 | asyncMiddleware, | 20 | asyncMiddleware, |
| 21 | asyncRetryTransactionMiddleware, | 21 | asyncRetryTransactionMiddleware, |
| 22 | authenticate, | 22 | authenticate, |
| 23 | buildRateLimiter, | ||
| 23 | ensureUserHasRight, | 24 | ensureUserHasRight, |
| 24 | ensureUserRegistrationAllowed, | 25 | ensureUserRegistrationAllowed, |
| 25 | ensureUserRegistrationAllowedForIP, | 26 | ensureUserRegistrationAllowedForIP, |
| @@ -32,7 +33,6 @@ import { | |||
| 32 | usersListValidator, | 33 | usersListValidator, |
| 33 | usersRegisterValidator, | 34 | usersRegisterValidator, |
| 34 | usersRemoveValidator, | 35 | usersRemoveValidator, |
| 35 | usersSortValidator, | ||
| 36 | usersUpdateValidator | 36 | usersUpdateValidator |
| 37 | } from '../../../middlewares' | 37 | } from '../../../middlewares' |
| 38 | import { | 38 | import { |
| @@ -54,13 +54,13 @@ import { myVideoPlaylistsRouter } from './my-video-playlists' | |||
| 54 | 54 | ||
| 55 | const auditLogger = auditLoggerFactory('users') | 55 | const auditLogger = auditLoggerFactory('users') |
| 56 | 56 | ||
| 57 | const signupRateLimiter = RateLimit({ | 57 | const signupRateLimiter = buildRateLimiter({ |
| 58 | windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS, | 58 | windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS, |
| 59 | max: CONFIG.RATES_LIMIT.SIGNUP.MAX, | 59 | max: CONFIG.RATES_LIMIT.SIGNUP.MAX, |
| 60 | skipFailedRequests: true | 60 | skipFailedRequests: true |
| 61 | }) | 61 | }) |
| 62 | 62 | ||
| 63 | const askSendEmailLimiter = RateLimit({ | 63 | const askSendEmailLimiter = buildRateLimiter({ |
| 64 | windowMs: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, | 64 | windowMs: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, |
| 65 | max: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.MAX | 65 | max: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.MAX |
| 66 | }) | 66 | }) |
| @@ -84,7 +84,7 @@ usersRouter.get('/', | |||
| 84 | authenticate, | 84 | authenticate, |
| 85 | ensureUserHasRight(UserRight.MANAGE_USERS), | 85 | ensureUserHasRight(UserRight.MANAGE_USERS), |
| 86 | paginationValidator, | 86 | paginationValidator, |
| 87 | usersSortValidator, | 87 | adminUsersSortValidator, |
| 88 | setDefaultSort, | 88 | setDefaultSort, |
| 89 | setDefaultPagination, | 89 | setDefaultPagination, |
| 90 | usersListValidator, | 90 | usersListValidator, |
| @@ -277,7 +277,7 @@ async function autocompleteUsers (req: express.Request, res: express.Response) { | |||
| 277 | } | 277 | } |
| 278 | 278 | ||
| 279 | async function listUsers (req: express.Request, res: express.Response) { | 279 | async function listUsers (req: express.Request, res: express.Response) { |
| 280 | const resultList = await UserModel.listForApi({ | 280 | const resultList = await UserModel.listForAdminApi({ |
| 281 | start: req.query.start, | 281 | start: req.query.start, |
| 282 | count: req.query.count, | 282 | count: req.query.count, |
| 283 | sort: req.query.sort, | 283 | sort: req.query.sort, |
diff --git a/server/controllers/api/users/token.ts b/server/controllers/api/users/token.ts index 258b50fe9..012a49791 100644 --- a/server/controllers/api/users/token.ts +++ b/server/controllers/api/users/token.ts | |||
| @@ -1,18 +1,17 @@ | |||
| 1 | import express from 'express' | 1 | import express from 'express' |
| 2 | import RateLimit from 'express-rate-limit' | ||
| 3 | import { logger } from '@server/helpers/logger' | 2 | import { logger } from '@server/helpers/logger' |
| 4 | import { CONFIG } from '@server/initializers/config' | 3 | import { CONFIG } from '@server/initializers/config' |
| 5 | import { getAuthNameFromRefreshGrant, getBypassFromExternalAuth, getBypassFromPasswordGrant } from '@server/lib/auth/external-auth' | 4 | import { getAuthNameFromRefreshGrant, getBypassFromExternalAuth, getBypassFromPasswordGrant } from '@server/lib/auth/external-auth' |
| 6 | import { handleOAuthToken } from '@server/lib/auth/oauth' | 5 | import { handleOAuthToken } from '@server/lib/auth/oauth' |
| 7 | import { BypassLogin, revokeToken } from '@server/lib/auth/oauth-model' | 6 | import { BypassLogin, revokeToken } from '@server/lib/auth/oauth-model' |
| 8 | import { Hooks } from '@server/lib/plugins/hooks' | 7 | import { Hooks } from '@server/lib/plugins/hooks' |
| 9 | import { asyncMiddleware, authenticate, openapiOperationDoc } from '@server/middlewares' | 8 | import { asyncMiddleware, authenticate, buildRateLimiter, openapiOperationDoc } from '@server/middlewares' |
| 10 | import { buildUUID } from '@shared/extra-utils' | 9 | import { buildUUID } from '@shared/extra-utils' |
| 11 | import { ScopedToken } from '@shared/models/users/user-scoped-token' | 10 | import { ScopedToken } from '@shared/models/users/user-scoped-token' |
| 12 | 11 | ||
| 13 | const tokensRouter = express.Router() | 12 | const tokensRouter = express.Router() |
| 14 | 13 | ||
| 15 | const loginRateLimiter = RateLimit({ | 14 | const loginRateLimiter = buildRateLimiter({ |
| 16 | windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS, | 15 | windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS, |
| 17 | max: CONFIG.RATES_LIMIT.LOGIN.MAX | 16 | max: CONFIG.RATES_LIMIT.LOGIN.MAX |
| 18 | }) | 17 | }) |
diff --git a/server/controllers/api/videos/view.ts b/server/controllers/api/videos/view.ts index db1091f2d..dee1ec67c 100644 --- a/server/controllers/api/videos/view.ts +++ b/server/controllers/api/videos/view.ts | |||
| @@ -26,7 +26,7 @@ export { | |||
| 26 | // --------------------------------------------------------------------------- | 26 | // --------------------------------------------------------------------------- |
| 27 | 27 | ||
| 28 | async function viewVideo (req: express.Request, res: express.Response) { | 28 | async function viewVideo (req: express.Request, res: express.Response) { |
| 29 | const video = res.locals.onlyVideo | 29 | const video = res.locals.onlyImmutableVideo |
| 30 | 30 | ||
| 31 | const body = req.body as VideoView | 31 | const body = req.body as VideoView |
| 32 | 32 | ||
diff --git a/server/controllers/feeds.ts b/server/controllers/feeds.ts index c929a6726..9eb31ed93 100644 --- a/server/controllers/feeds.ts +++ b/server/controllers/feeds.ts | |||
| @@ -1,13 +1,13 @@ | |||
| 1 | import express from 'express' | 1 | import express from 'express' |
| 2 | import { Feed } from '@peertube/feed' | ||
| 3 | import { extname } from 'path' | 2 | import { extname } from 'path' |
| 3 | import { Feed } from '@peertube/feed' | ||
| 4 | import { mdToOneLinePlainText, toSafeHtml } from '@server/helpers/markdown' | 4 | import { mdToOneLinePlainText, toSafeHtml } from '@server/helpers/markdown' |
| 5 | import { getServerActor } from '@server/models/application/application' | 5 | import { getServerActor } from '@server/models/application/application' |
| 6 | import { getCategoryLabel } from '@server/models/video/formatter/video-format-utils' | 6 | import { getCategoryLabel } from '@server/models/video/formatter/video-format-utils' |
| 7 | import { VideoInclude } from '@shared/models' | 7 | import { VideoInclude } from '@shared/models' |
| 8 | import { buildNSFWFilter } from '../helpers/express-utils' | 8 | import { buildNSFWFilter } from '../helpers/express-utils' |
| 9 | import { CONFIG } from '../initializers/config' | 9 | import { CONFIG } from '../initializers/config' |
| 10 | import { FEEDS, MIMETYPES, PREVIEWS_SIZE, ROUTE_CACHE_LIFETIME, WEBSERVER } from '../initializers/constants' | 10 | import { MIMETYPES, PREVIEWS_SIZE, ROUTE_CACHE_LIFETIME, WEBSERVER } from '../initializers/constants' |
| 11 | import { | 11 | import { |
| 12 | asyncMiddleware, | 12 | asyncMiddleware, |
| 13 | commonVideosFiltersValidator, | 13 | commonVideosFiltersValidator, |
| @@ -76,7 +76,7 @@ async function generateVideoCommentsFeed (req: express.Request, res: express.Res | |||
| 76 | 76 | ||
| 77 | const comments = await VideoCommentModel.listForFeed({ | 77 | const comments = await VideoCommentModel.listForFeed({ |
| 78 | start, | 78 | start, |
| 79 | count: FEEDS.COUNT, | 79 | count: CONFIG.FEEDS.COMMENTS.COUNT, |
| 80 | videoId: video ? video.id : undefined, | 80 | videoId: video ? video.id : undefined, |
| 81 | accountId: account ? account.id : undefined, | 81 | accountId: account ? account.id : undefined, |
| 82 | videoChannelId: videoChannel ? videoChannel.id : undefined | 82 | videoChannelId: videoChannel ? videoChannel.id : undefined |
| @@ -166,7 +166,7 @@ async function generateVideoFeed (req: express.Request, res: express.Response) { | |||
| 166 | const server = await getServerActor() | 166 | const server = await getServerActor() |
| 167 | const { data } = await VideoModel.listForApi({ | 167 | const { data } = await VideoModel.listForApi({ |
| 168 | start, | 168 | start, |
| 169 | count: FEEDS.COUNT, | 169 | count: CONFIG.FEEDS.VIDEOS.COUNT, |
| 170 | sort: req.query.sort, | 170 | sort: req.query.sort, |
| 171 | displayOnlyForFollower: { | 171 | displayOnlyForFollower: { |
| 172 | actorId: server.id, | 172 | actorId: server.id, |
| @@ -202,7 +202,7 @@ async function generateVideoFeedForSubscriptions (req: express.Request, res: exp | |||
| 202 | 202 | ||
| 203 | const { data } = await VideoModel.listForApi({ | 203 | const { data } = await VideoModel.listForApi({ |
| 204 | start, | 204 | start, |
| 205 | count: FEEDS.COUNT, | 205 | count: CONFIG.FEEDS.VIDEOS.COUNT, |
| 206 | sort: req.query.sort, | 206 | sort: req.query.sort, |
| 207 | nsfw, | 207 | nsfw, |
| 208 | 208 | ||
diff --git a/server/controllers/lazy-static.ts b/server/controllers/lazy-static.ts index 55bf02660..8a180b5bc 100644 --- a/server/controllers/lazy-static.ts +++ b/server/controllers/lazy-static.ts | |||
| @@ -1,9 +1,10 @@ | |||
| 1 | import cors from 'cors' | 1 | import cors from 'cors' |
| 2 | import express from 'express' | 2 | import express from 'express' |
| 3 | import { VideosTorrentCache } from '@server/lib/files-cache/videos-torrent-cache' | 3 | import { VideosTorrentCache } from '@server/lib/files-cache/videos-torrent-cache' |
| 4 | import { MActorImage } from '@server/types/models' | ||
| 4 | import { HttpStatusCode } from '../../shared/models/http/http-error-codes' | 5 | import { HttpStatusCode } from '../../shared/models/http/http-error-codes' |
| 5 | import { logger } from '../helpers/logger' | 6 | import { logger } from '../helpers/logger' |
| 6 | import { LAZY_STATIC_PATHS, STATIC_MAX_AGE } from '../initializers/constants' | 7 | import { ACTOR_IMAGES_SIZE, LAZY_STATIC_PATHS, STATIC_MAX_AGE } from '../initializers/constants' |
| 7 | import { VideosCaptionCache, VideosPreviewCache } from '../lib/files-cache' | 8 | import { VideosCaptionCache, VideosPreviewCache } from '../lib/files-cache' |
| 8 | import { actorImagePathUnsafeCache, pushActorImageProcessInQueue } from '../lib/local-actor' | 9 | import { actorImagePathUnsafeCache, pushActorImageProcessInQueue } from '../lib/local-actor' |
| 9 | import { asyncMiddleware } from '../middlewares' | 10 | import { asyncMiddleware } from '../middlewares' |
| @@ -67,10 +68,7 @@ async function getActorImage (req: express.Request, res: express.Response, next: | |||
| 67 | await pushActorImageProcessInQueue({ | 68 | await pushActorImageProcessInQueue({ |
| 68 | filename: image.filename, | 69 | filename: image.filename, |
| 69 | fileUrl: image.fileUrl, | 70 | fileUrl: image.fileUrl, |
| 70 | size: { | 71 | size: getActorImageSize(image), |
| 71 | height: image.height, | ||
| 72 | width: image.width | ||
| 73 | }, | ||
| 74 | type: image.type | 72 | type: image.type |
| 75 | }) | 73 | }) |
| 76 | } catch (err) { | 74 | } catch (err) { |
| @@ -94,7 +92,7 @@ async function getActorImage (req: express.Request, res: express.Response, next: | |||
| 94 | if (err.status === HttpStatusCode.NOT_FOUND_404 && !image.isOwned()) { | 92 | if (err.status === HttpStatusCode.NOT_FOUND_404 && !image.isOwned()) { |
| 95 | logger.error('Cannot lazy serve actor image %s.', filename, { err }) | 93 | logger.error('Cannot lazy serve actor image %s.', filename, { err }) |
| 96 | 94 | ||
| 97 | actorImagePathUnsafeCache.del(filename) | 95 | actorImagePathUnsafeCache.delete(filename) |
| 98 | 96 | ||
| 99 | image.onDisk = false | 97 | image.onDisk = false |
| 100 | image.save() | 98 | image.save() |
| @@ -105,6 +103,17 @@ async function getActorImage (req: express.Request, res: express.Response, next: | |||
| 105 | }) | 103 | }) |
| 106 | } | 104 | } |
| 107 | 105 | ||
| 106 | function getActorImageSize (image: MActorImage): { width: number, height: number } { | ||
| 107 | if (image.width && image.height) { | ||
| 108 | return { | ||
| 109 | height: image.height, | ||
| 110 | width: image.width | ||
| 111 | } | ||
| 112 | } | ||
| 113 | |||
| 114 | return ACTOR_IMAGES_SIZE[image.type][0] | ||
| 115 | } | ||
| 116 | |||
| 108 | async function getPreview (req: express.Request, res: express.Response) { | 117 | async function getPreview (req: express.Request, res: express.Response) { |
| 109 | const result = await VideosPreviewCache.Instance.getFilePath(req.params.filename) | 118 | const result = await VideosPreviewCache.Instance.getFilePath(req.params.filename) |
| 110 | if (!result) return res.status(HttpStatusCode.NOT_FOUND_404).end() | 119 | if (!result) return res.status(HttpStatusCode.NOT_FOUND_404).end() |