From 3a4992633ee62d5edfbb484d9c6bcb3cf158489d Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Mon, 31 Jul 2023 14:34:36 +0200
Subject: Migrate server to ESM

Sorry for the very big commit that may lead to git log issues and merge
conflicts, but it's a major step forward:

 * Server can be faster at startup because imports() are async and we can
   easily lazy import big modules
 * Angular doesn't seem to support ES import (with .js extension), so we
   had to correctly organize peertube into a monorepo:
    * Use yarn workspace feature
    * Use typescript reference projects for dependencies
    * Shared projects have been moved into "packages", each one is now a
      node module (with a dedicated package.json/tsconfig.json)
    * server/tools have been moved into apps/ and is now a dedicated app
      bundled and published on NPM so users don't have to build peertube
      cli tools manually
    * server/tests have been moved into packages/ so we don't compile
      them every time we want to run the server
 * Use isolatedModule option:
   * Had to move from const enum to const
     (https://www.typescriptlang.org/docs/handbook/enums.html#objects-vs-enums)
   * Had to explictely specify "type" imports when used in decorators
 * Prefer tsx (that uses esbuild under the hood) instead of ts-node to
   load typescript files (tests with mocha or scripts):
     * To reduce test complexity as esbuild doesn't support decorator
       metadata, we only test server files that do not import server
       models
     * We still build tests files into js files for a faster CI
 * Remove unmaintained peertube CLI import script
 * Removed some barrels to speed up execution (less imports)
---
 server/controllers/api/users/two-factor.ts | 95 ------------------------------
 1 file changed, 95 deletions(-)
 delete mode 100644 server/controllers/api/users/two-factor.ts

(limited to 'server/controllers/api/users/two-factor.ts')

diff --git a/server/controllers/api/users/two-factor.ts b/server/controllers/api/users/two-factor.ts
deleted file mode 100644
index e6ae9e4dd..000000000
--- a/server/controllers/api/users/two-factor.ts
+++ /dev/null
@@ -1,95 +0,0 @@
-import express from 'express'
-import { generateOTPSecret, isOTPValid } from '@server/helpers/otp'
-import { encrypt } from '@server/helpers/peertube-crypto'
-import { CONFIG } from '@server/initializers/config'
-import { Redis } from '@server/lib/redis'
-import { asyncMiddleware, authenticate, usersCheckCurrentPasswordFactory } from '@server/middlewares'
-import {
-  confirmTwoFactorValidator,
-  disableTwoFactorValidator,
-  requestOrConfirmTwoFactorValidator
-} from '@server/middlewares/validators/two-factor'
-import { HttpStatusCode, TwoFactorEnableResult } from '@shared/models'
-
-const twoFactorRouter = express.Router()
-
-twoFactorRouter.post('/:id/two-factor/request',
-  authenticate,
-  asyncMiddleware(usersCheckCurrentPasswordFactory(req => req.params.id)),
-  asyncMiddleware(requestOrConfirmTwoFactorValidator),
-  asyncMiddleware(requestTwoFactor)
-)
-
-twoFactorRouter.post('/:id/two-factor/confirm-request',
-  authenticate,
-  asyncMiddleware(requestOrConfirmTwoFactorValidator),
-  confirmTwoFactorValidator,
-  asyncMiddleware(confirmRequestTwoFactor)
-)
-
-twoFactorRouter.post('/:id/two-factor/disable',
-  authenticate,
-  asyncMiddleware(usersCheckCurrentPasswordFactory(req => req.params.id)),
-  asyncMiddleware(disableTwoFactorValidator),
-  asyncMiddleware(disableTwoFactor)
-)
-
-// ---------------------------------------------------------------------------
-
-export {
-  twoFactorRouter
-}
-
-// ---------------------------------------------------------------------------
-
-async function requestTwoFactor (req: express.Request, res: express.Response) {
-  const user = res.locals.user
-
-  const { secret, uri } = generateOTPSecret(user.email)
-
-  const encryptedSecret = await encrypt(secret, CONFIG.SECRETS.PEERTUBE)
-  const requestToken = await Redis.Instance.setTwoFactorRequest(user.id, encryptedSecret)
-
-  return res.json({
-    otpRequest: {
-      requestToken,
-      secret,
-      uri
-    }
-  } as TwoFactorEnableResult)
-}
-
-async function confirmRequestTwoFactor (req: express.Request, res: express.Response) {
-  const requestToken = req.body.requestToken
-  const otpToken = req.body.otpToken
-  const user = res.locals.user
-
-  const encryptedSecret = await Redis.Instance.getTwoFactorRequestToken(user.id, requestToken)
-  if (!encryptedSecret) {
-    return res.fail({
-      message: 'Invalid request token',
-      status: HttpStatusCode.FORBIDDEN_403
-    })
-  }
-
-  if (await isOTPValid({ encryptedSecret, token: otpToken }) !== true) {
-    return res.fail({
-      message: 'Invalid OTP token',
-      status: HttpStatusCode.FORBIDDEN_403
-    })
-  }
-
-  user.otpSecret = encryptedSecret
-  await user.save()
-
-  return res.sendStatus(HttpStatusCode.NO_CONTENT_204)
-}
-
-async function disableTwoFactor (req: express.Request, res: express.Response) {
-  const user = res.locals.user
-
-  user.otpSecret = null
-  await user.save()
-
-  return res.sendStatus(HttpStatusCode.NO_CONTENT_204)
-}
-- 
cgit v1.2.3