API v1 & major refactoring: Hono, file read optimizations, and upload streaming

config.json

@@ -27,5 +27,5 @@
     },
 
     "trustProxy": true,
-    "forceSSL": true
+    "forceSSL": false
 }

src/server/index.ts

@@ -8,13 +8,10 @@ import ServeError from "./lib/errors"
 import Files from "./lib/files"
 import * as auth from "./lib/auth"
 import * as Accounts from "./lib/accounts"
-
-import * as authRoutes from "./routes/authRoutes";
-import * as fileApiRoutes from "./routes/fileApiRoutes";
-import * as adminRoutes from "./routes/adminRoutes";
-import * as primaryApi from "./routes/primaryApi";
 import { getAccount } from "./lib/middleware";
 
+import APIRouter from "./routes/api"
+
 require("dotenv").config()
 
 let pkg = require(`${process.cwd()}/package.json`)
@@ -46,19 +43,12 @@ app.get("/server",(req,res) => {
     }))
 })
 
-app
-    .use("/auth",authRoutes.authRoutes)
-    .use("/admin",adminRoutes.adminRoutes)
-    .use("/files", fileApiRoutes.fileApiRoutes)
-    .use(primaryApi.primaryApi)
 // funcs
 
 // init data
 
 if (!fs.existsSync(__dirname+"/../.data/")) fs.mkdirSync(__dirname+"/../.data/")
 
-
-
 // discord
 
 let client = new Client({intents:[
@@ -68,12 +58,11 @@ let client = new Client({intents:[
 
 let files = new Files(client,config)
 
-authRoutes.setFilesObj(files)
-adminRoutes.setFilesObj(files)
-fileApiRoutes.setFilesObj(files)
-primaryApi.setFilesObj(files)
-
-// routes (could probably make these use routers)
+let apiRouter = new APIRouter(files)
+apiRouter.loadAPIMethods().then(() => {
+    app.use(apiRouter.root)
+    console.log("API OK!")
+})
 
 // index, clone
 

src/server/lib/accounts.ts

@@ -35,23 +35,22 @@ export interface Account {
  * @returns A Promise which returns the new account's ID
  */
 
-export function create(username:string,pwd:string,admin:boolean=false):Promise<string> {
-    return new Promise((resolve,reject) => {
-        let accId = crypto.randomBytes(12).toString("hex")
-
-        Accounts.push(
-            {
-                id:     accId,
-                username: username,
-                password: password.hash(pwd),
-                files: [],
-                admin: admin,
-                defaultFileVisibility: "public"
-            }
-        )
-
-        save().then(() => resolve(accId))
-    })
+export async function create(username:string,pwd:string,admin:boolean=false):Promise<string> {
+    let accId = crypto.randomBytes(12).toString("hex")
+
+    Accounts.push(
+        {
+            id:     accId,
+            username: username,
+            password: password.hash(pwd),
+            files: [],
+            admin: admin,
+            defaultFileVisibility: "public"
+        }
+    )
+
+    await save()
+    return accId
 }
 
 /**

src/server/lib/mail.ts

@@ -27,19 +27,14 @@ transport =
  * @returns Promise which resolves to the output from nodemailer.transport.sendMail
  */
 export function sendMail(to: string, subject: string, content: string) {
-    return new Promise((resolve,reject) => {
-        transport.sendMail({
-            to,
-            subject,
-            "from": mailConfig.send.from,
-            "html": `<span style="font-size:x-large;font-weight:600;">monofile <span style="opacity:0.5">accounts</span></span><br><span style="opacity:0.5">Gain control of your uploads.</span><hr><br>${
-                content
-                    .replace(/\<span username\>/g, `<span code><span style="color:#DDAA66;padding-right:3px;">@</span>`)
-                    .replace(/\<span code\>/g,`<span style="font-family:monospace;padding:3px 5px 3px 5px;border-radius:8px;background-color:#1C1C1C;color:#DDDDDD;">`)
-            }<br><br><span style="opacity:0.5">If you do not believe that you are the intended recipient of this email, please disregard this message.</span>`
-        }, (err, info) => {
-            if (err) reject(err)
-            else resolve(info)
-        })
+    return transport.sendMail({
+        to,
+        subject,
+        "from": mailConfig.send.from,
+        "html": `<span style="font-size:x-large;font-weight:600;">monofile <span style="opacity:0.5">accounts</span></span><br><span style="opacity:0.5">Gain control of your uploads.</span><hr><br>${
+            content
+                .replace(/\<span username\>/g, `<span code><span style="color:#DDAA66;padding-right:3px;">@</span>`)
+                .replace(/\<span code\>/g,`<span style="font-family:monospace;padding:3px 5px 3px 5px;border-radius:8px;background-color:#1C1C1C;color:#DDDDDD;">`)
+        }<br><br><span style="opacity:0.5">If you do not believe that you are the intended recipient of this email, please disregard this message.</span>`
     })
 }

src/server/lib/middleware.ts

@@ -70,4 +70,45 @@ export const requiresPermissions = function(...tokenPermissions: auth.TokenPermi
 export const noAPIAccess: RequestHandler = function(req, res, next) {
     if (auth.getType(auth.tokenFor(req)) == "App") ServeError(res, 403, "apps are not allowed to access this endpoint")
     else next()
+}
+
+/**
+  @description Add a restriction to this route; the condition must be true to allow API requests.
+*/
+
+export const assertAPI = function(condition: (acc:Accounts.Account, token:string) => boolean):RequestHandler {
+    return function(req, res, next) {
+        let reqToken = auth.tokenFor(req)
+        if (auth.getType(reqToken) == "App" && condition(res.locals.acc, reqToken)) ServeError(res, 403, "apps are not allowed to access this endpoint")
+        else next()
+    }
+}
+
+type SchemeType = "array" | "object" | "string" | "number" | "boolean"
+
+interface SchemeObject {
+    type: "object"
+    children: {
+        [key: string]: SchemeParameter
+    }
+}
+
+interface SchemeArray {
+    type: "array",
+    children: SchemeParameter /* All children of the array must be this type */ 
+            | SchemeParameter[] /* Array must match this pattern */
+}
+
+type SchemeParameter = SchemeType | SchemeObject | SchemeArray
+
+/**
+ * @description Blocks requests based on whether or not the token being used to access the route is of type `User` unless a condition is met.
+ * @param tokenPermissions Permissions which your route requires.
+ * @returns Express middleware
+ */
+
+export const sanitize = function(scheme: SchemeObject):RequestHandler {
+    return function(req, res, next) {
+
+    }
 }