DiscordTickets/src/http.js

const fastify = require('fastify')({ trustProxy: process.env.HTTP_TRUST_PROXY === 'true' });
const oauth = require('@fastify/oauth2');
const { randomBytes } = require('crypto');
const { short } = require('leeks.js');
const { join } = require('path');
const { files } = require('node-dir');
const { PermissionsBitField } = require('discord.js');

process.env.ORIGIN = process.env.HTTP_INTERNAL || process.env.HTTP_EXTERNAL;

module.exports = async client => {
	// oauth2 plugin
	fastify.states = new Map();
	fastify.register(oauth, {
		callbackUri: `${process.env.HTTP_EXTERNAL}/auth/callback`,
		checkStateFunction: (state, callback) => {
			if (fastify.states.has(state)) {
				callback();
				return;
			}
			callback(new Error('Invalid state'));
		},
		credentials: {
			auth: oauth.DISCORD_CONFIGURATION,
			client: {
				id: client.user.id,
				secret: process.env.DISCORD_SECRET,
			},
		},
		generateStateFunction: req => {
			const state = randomBytes(12).toString('hex');
			fastify.states.set(state, req.query.r);
			return state;
		},
		name: 'discord',
		scope: ['applications.commands.permissions.update', 'guilds', 'identify'],
		startRedirectPath: '/auth/login',
	});

	// cookies plugin
	fastify.register(require('@fastify/cookie'));

	// jwt plugin
	fastify.register(require('@fastify/jwt'), {
		cookie: {
			cookieName: 'token',
			signed: false,
		},
		secret: process.env.ENCRYPTION_KEY,
	});

	// auth
	fastify.decorate('authenticate', async (req, res) => {
		try {
			const data = await req.jwtVerify();
			if (data.expiresAt < Date.now()) throw 'expired';
			if (data.createdAt < new Date(process.env.INVALIDATE_TOKENS).getTime()) throw 'expired';
		} catch (error) {
			return res.code(401).send({
				error: 'Unauthorised',
				message: error === 'expired' ? 'Your token has expired; please re-authenticate.' : 'You are not authenticated.',
				statusCode: 401,
			});
		}
	});

	fastify.decorate('isAdmin', async (req, res) => {
		try {
			const userId = req.user.id;
			const guildId = req.params.guild;
			const guild = client.guilds.cache.get(guildId);
			if (!guild) {
				return res.code(404).send({
					error: 'Not Found',
					message: 'The requested resource could not be found.',
					statusCode: 404,

				});
			}
			const guildMember = await guild.members.fetch(userId);
			const isAdmin = guildMember?.permissions.has(PermissionsBitField.Flags.ManageGuild) || client.supers.includes(userId);
			if (!isAdmin) {
				return res.code(403).send({
					error: 'Forbidden',
					message: 'You are not permitted for this action.',
					statusCode: 403,

				});
			}
		} catch (err) {
			res.send(err);
		}
	});

	// body processing
	fastify.addHook('preHandler', (req, res, done) => {
		if (req.body && typeof req.body === 'object') {
			for (const prop in req.body) {
				if (typeof req.body[prop] === 'string') {
					req.body[prop] = req.body[prop].trim();
				}
			}
		}
		done();
	});

	// logging
	fastify.addHook('onResponse', (req, res, done) => {
		done();
		const status = (res.statusCode >= 500
			? '&4'
			: res.statusCode >= 400
				? '&6'
				: res.statusCode >= 300
					? '&3'
					: res.statusCode >= 200
						? '&2'
						: '&f') + res.statusCode;
		let responseTime = res.getResponseTime().toFixed(2);
		responseTime = (responseTime >= 100
			? '&c'
			: responseTime >= 10
				? '&e'
				: '&a') + responseTime + 'ms';
		const level = req.routerPath === '/status'
			? 'debug'
			:  req.routerPath === '/*'
				? 'verbose'
				: 'info';
		client.log[level].http(short(`${req.id} ${req.ip} ${req.method} ${req.routerPath ?? '*'} &m-+>&r ${status}&b in ${responseTime}`));
		if (!req.routerPath) client.log.verbose.http(`${req.id} ${req.method} ${req.url}`);
		done();
	});

	fastify.addHook('onError', async (req, res, err) => client.log.error.http(req.id, err));

	// route loading
	const dir = join(__dirname, '/routes');
	files(dir, {
		exclude: /^\./,
		match: /.js$/,
		sync: true,
	}).forEach(file => {
		const path = file
			.substring(0, file.length - 3) // remove `.js`
			.substring(dir.length) // remove higher directories
			.replace(/\\/g, '/') // replace `\` with `/` because Windows is stupid
			.replace(/\[(\w+)\]/gi, ':$1') // convert [] to :
			.replace('/index', '') || '/'; // remove index
		const route = require(file);

		Object.keys(route).forEach(method => fastify.route({
			config: { client },
			method: method.toUpperCase(),
			path,
			...route[method](fastify),
		})); // register route
	});

	const { handler } = await import('@discord-tickets/settings/build/handler.js');

	// https://stackoverflow.com/questions/72317071/how-to-set-up-fastify-correctly-so-that-sveltekit-works-fine
	fastify.all('/*', {}, (req, res) => handler(req.raw, res.raw, () => { }));

	// start the fastify server
	fastify.listen({
		host: process.env.HTTP_HOST,
		port: process.env.HTTP_PORT,
	}, (err, addr) => {
		if (err) client.log.error.http(err);
		else client.log.success.http(`Listening at ${addr}`);
	});

	process.on('sveltekit:error', ({
		error,
		errorId,
	}) => {
		client.log.error.http(`SvelteKit ${errorId} ${error}`);
	});
};
fix: http, improve env 2023-02-01 23:19:48 +02:00			`const fastify = require('fastify')({ trustProxy: process.env.HTTP_TRUST_PROXY === 'true' });`
Add authentication 2022-05-06 23:17:53 +03:00			`const oauth = require('@fastify/oauth2');`
feat: oauth2 callback redirect (closes #333) 2023-03-11 01:46:24 +02:00			`const { randomBytes } = require('crypto');`
Add logging 2022-05-06 02:12:38 +03:00			`const { short } = require('leeks.js');`
Start on API 2022-05-06 02:01:19 +03:00			`const { join } = require('path');`
Node v18, discord.js v14 2022-07-18 15:34:29 +03:00			`const { files } = require('node-dir');`
bug fixes 2022-10-04 23:23:01 +03:00			`const { PermissionsBitField } = require('discord.js');`
Start on API 2022-05-06 02:01:19 +03:00
feat: add `HTTP_INTERNAL` env variable 2024-01-20 22:50:35 +02:00			`process.env.ORIGIN = process.env.HTTP_INTERNAL \|\| process.env.HTTP_EXTERNAL;`
Integrate settings UI 2022-09-06 22:30:28 +03:00
Complete settings integration 2022-09-06 22:46:18 +03:00			`module.exports = async client => {`
Add authentication 2022-05-06 23:17:53 +03:00			`// oauth2 plugin`
feat: oauth2 callback redirect (closes #333) 2023-03-11 01:46:24 +02:00			`fastify.states = new Map();`
Add authentication 2022-05-06 23:17:53 +03:00			`fastify.register(oauth, {`
Settings reverse proxy (doesn't work) 2022-09-07 23:24:16 +03:00			callbackUri: `${process.env.HTTP_EXTERNAL}/auth/callback`,
feat: oauth2 callback redirect (closes #333) 2023-03-11 01:46:24 +02:00			`checkStateFunction: (state, callback) => {`
			`if (fastify.states.has(state)) {`
			`callback();`
			`return;`
			`}`
			`callback(new Error('Invalid state'));`
			`},`
Add authentication 2022-05-06 23:17:53 +03:00			`credentials: {`
			`auth: oauth.DISCORD_CONFIGURATION,`
			`client: {`
			`id: client.user.id,`
			`secret: process.env.DISCORD_SECRET,`
			`},`
			`},`
feat: oauth2 callback redirect (closes #333) 2023-03-11 01:46:24 +02:00			`generateStateFunction: req => {`
			`const state = randomBytes(12).toString('hex');`
			`fastify.states.set(state, req.query.r);`
			`return state;`
			`},`
Add authentication 2022-05-06 23:17:53 +03:00			`name: 'discord',`
feat(api): show guilds that the bot isn't in 2023-03-10 02:24:33 +02:00			`scope: ['applications.commands.permissions.update', 'guilds', 'identify'],`
Add authentication 2022-05-06 23:17:53 +03:00			`startRedirectPath: '/auth/login',`
			`});`

			`// cookies plugin`
			`fastify.register(require('@fastify/cookie'));`

			`// jwt plugin`
			`fastify.register(require('@fastify/jwt'), {`
			`cookie: {`
			`cookieName: 'token',`
			`signed: false,`
			`},`
Changes 2022-07-16 01:19:42 +03:00			`secret: process.env.ENCRYPTION_KEY,`
Add authentication 2022-05-06 23:17:53 +03:00			`});`

			`// auth`
			`fastify.decorate('authenticate', async (req, res) => {`
			`try {`
			`const data = await req.jwtVerify();`
feat: add API service keys 2023-03-13 00:21:21 +02:00			`if (data.expiresAt < Date.now()) throw 'expired';`
			`if (data.createdAt < new Date(process.env.INVALIDATE_TOKENS).getTime()) throw 'expired';`
			`} catch (error) {`
			`return res.code(401).send({`
			`error: 'Unauthorised',`
			`message: error === 'expired' ? 'Your token has expired; please re-authenticate.' : 'You are not authenticated.',`
			`statusCode: 401,`
			`});`
Add authentication 2022-05-06 23:17:53 +03:00			`}`
			`});`

Update guilds route 2022-05-07 20:28:38 +03:00			`fastify.decorate('isAdmin', async (req, res) => {`
			`try {`
feat: add API service keys 2023-03-13 00:21:21 +02:00			`const userId = req.user.id;`
Update guilds route 2022-05-07 20:28:38 +03:00			`const guildId = req.params.guild;`
			`const guild = client.guilds.cache.get(guildId);`
Changes 2022-07-16 01:19:42 +03:00			`if (!guild) {`
			`return res.code(404).send({`
			`error: 'Not Found',`
			`message: 'The requested resource could not be found.',`
			`statusCode: 404,`
Update guilds route 2022-05-07 20:28:38 +03:00
Changes 2022-07-16 01:19:42 +03:00			`});`
			`}`
			`const guildMember = await guild.members.fetch(userId);`
bug fixes 2022-10-04 23:23:01 +03:00			`const isAdmin = guildMember?.permissions.has(PermissionsBitField.Flags.ManageGuild) \|\| client.supers.includes(userId);`
More fixes 2022-07-18 23:53:17 +03:00			`if (!isAdmin) {`
Changes 2022-07-16 01:19:42 +03:00			`return res.code(403).send({`
			`error: 'Forbidden',`
			`message: 'You are not permitted for this action.',`
			`statusCode: 403,`
Update guilds route 2022-05-07 20:28:38 +03:00
			`});`
			`}`
			`} catch (err) {`
			`res.send(err);`
			`}`
			`});`

More fixes 2022-07-18 23:53:17 +03:00			`// body processing`
			`fastify.addHook('preHandler', (req, res, done) => {`
			`if (req.body && typeof req.body === 'object') {`
			`for (const prop in req.body) {`
			`if (typeof req.body[prop] === 'string') {`
			`req.body[prop] = req.body[prop].trim();`
			`}`
			`}`
			`}`
			`done();`
			`});`

Add authentication 2022-05-06 23:17:53 +03:00			`// logging`
Add logging 2022-05-06 02:12:38 +03:00			`fastify.addHook('onResponse', (req, res, done) => {`
			`done();`
			`const status = (res.statusCode >= 500`
			`? '&4'`
			`: res.statusCode >= 400`
			`? '&6'`
			`: res.statusCode >= 300`
			`? '&3'`
			`: res.statusCode >= 200`
			`? '&2'`
			`: '&f') + res.statusCode;`
Fix sqlite middleware 2022-09-04 21:55:32 +03:00			`let responseTime = res.getResponseTime().toFixed(2);`
fix: HTTP log colours 2023-05-24 18:24:19 +03:00			`responseTime = (responseTime >= 100`
Add logging 2022-05-06 02:12:38 +03:00			`? '&c'`
fix: HTTP log colours 2023-05-24 18:24:19 +03:00			`: responseTime >= 10`
Add logging 2022-05-06 02:12:38 +03:00			`? '&e'`
Fix sqlite middleware 2022-09-04 21:55:32 +03:00			`: '&a') + responseTime + 'ms';`
feat(docker): add non-root user, labels, and healthcheck (closes #433) Now works with Pterodactyl. 2023-06-15 02:21:52 +03:00			`const level = req.routerPath === '/status'`
			`? 'debug'`
			`: req.routerPath === '/*'`
			`? 'verbose'`
			`: 'info';`
fix http logging spam, and login loop 2022-09-08 00:15:46 +03:00			client.log[level].http(short(`${req.id} ${req.ip} ${req.method} ${req.routerPath ?? '*'} &m-+>&r ${status}&b in ${responseTime}`));
Settings reverse proxy (doesn't work) 2022-09-07 23:24:16 +03:00			if (!req.routerPath) client.log.verbose.http(`${req.id} ${req.method} ${req.url}`);
Add authentication 2022-05-06 23:17:53 +03:00			`done();`
Add logging 2022-05-06 02:12:38 +03:00			`});`

Settings reverse proxy (doesn't work) 2022-09-07 23:24:16 +03:00			`fastify.addHook('onError', async (req, res, err) => client.log.error.http(req.id, err));`
Add authentication 2022-05-06 23:17:53 +03:00
			`// route loading`
Start on API 2022-05-06 02:01:19 +03:00			`const dir = join(__dirname, '/routes');`
Node v18, discord.js v14 2022-07-18 15:34:29 +03:00			`files(dir, {`
			`exclude: /^\./,`
			`match: /.js$/,`
			`sync: true,`
			`}).forEach(file => {`
			`const path = file`
			.substring(0, file.length - 3) // remove `.js`
			`.substring(dir.length) // remove higher directories`
fix: API not working on Windows 2022-08-26 01:35:17 +03:00			.replace(/\\/g, '/') // replace `\` with `/` because Windows is stupid
Node v18, discord.js v14 2022-07-18 15:34:29 +03:00			`.replace(/\[(\w+)\]/gi, ':$1') // convert [] to :`
			`.replace('/index', '') \|\| '/'; // remove index`
			`const route = require(file);`
Complete settings integration 2022-09-06 22:46:18 +03:00
Node v18, discord.js v14 2022-07-18 15:34:29 +03:00			`Object.keys(route).forEach(method => fastify.route({`
			`config: { client },`
			`method: method.toUpperCase(),`
			`path,`
			`...route[method](fastify),`
			`})); // register route`
			`});`
Start on API 2022-05-06 02:01:19 +03:00
Integrate settings UI 2022-09-06 22:30:28 +03:00			`const { handler } = await import('@discord-tickets/settings/build/handler.js');`
feat: settings v2 2023-03-11 01:47:43 +02:00
			`// https://stackoverflow.com/questions/72317071/how-to-set-up-fastify-correctly-so-that-sveltekit-works-fine`
			`fastify.all('/*', {}, (req, res) => handler(req.raw, res.raw, () => { }));`
Settings reverse proxy (doesn't work) 2022-09-07 23:24:16 +03:00
			`// start the fastify server`
fix: listen on `0.0.0.0` 2023-01-31 14:53:22 +02:00			`fastify.listen({`
fix: http, improve env 2023-02-01 23:19:48 +02:00			`host: process.env.HTTP_HOST,`
			`port: process.env.HTTP_PORT,`
fix: listen on `0.0.0.0` 2023-01-31 14:53:22 +02:00			`}, (err, addr) => {`
Settings reverse proxy (doesn't work) 2022-09-07 23:24:16 +03:00			`if (err) client.log.error.http(err);`
			else client.log.success.http(`Listening at ${addr}`);
Node v18, discord.js v14 2022-07-18 15:34:29 +03:00			`});`
feat: settings v2 2023-03-11 01:47:43 +02:00
			`process.on('sveltekit:error', ({`
			`error,`
			`errorId,`
			`}) => {`
			client.log.error.http(`SvelteKit ${errorId} ${error}`);
			`});`
feat: add API service keys 2023-03-13 00:21:21 +02:00			`};`