PeerTube/server/core/controllers/plugins.ts

175 lines
5.7 KiB
TypeScript
Raw Normal View History

2021-08-27 14:32:44 +02:00
import express from 'express'
2019-07-12 11:39:58 +02:00
import { join } from 'path'
import { getCompleteLocale, is18nLocale } from '@peertube/peertube-core-utils'
import { HttpStatusCode, PluginType } from '@peertube/peertube-models'
import { isProdInstance } from '@peertube/peertube-node-utils'
import { logger } from '@server/helpers/logger.js'
import { CONFIG } from '@server/initializers/config.js'
import { optionalAuthenticate } from '@server/middlewares/auth.js'
import { buildRateLimiter } from '@server/middlewares/index.js'
import { PLUGIN_GLOBAL_CSS_PATH } from '../initializers/constants.js'
import { PluginManager, RegisteredPlugin } from '../lib/plugins/plugin-manager.js'
import { getExternalAuthValidator, getPluginValidator, pluginStaticDirectoryValidator } from '../middlewares/validators/plugins.js'
import { serveThemeCSSValidator } from '../middlewares/validators/themes.js'
2019-07-23 09:48:48 +02:00
const sendFileOptions = {
maxAge: '30 days',
immutable: isProdInstance()
2019-07-23 09:48:48 +02:00
}
const pluginsRouter = express.Router()
2023-07-25 15:18:10 +02:00
const pluginsRateLimiter = buildRateLimiter({
windowMs: CONFIG.RATES_LIMIT.PLUGINS.WINDOW_MS,
max: CONFIG.RATES_LIMIT.PLUGINS.MAX
})
2019-07-12 11:39:58 +02:00
pluginsRouter.get('/plugins/global.css',
2023-07-25 15:18:10 +02:00
pluginsRateLimiter,
2019-07-08 14:02:03 +02:00
servePluginGlobalCSS
)
2019-07-26 14:44:50 +02:00
pluginsRouter.get('/plugins/translations/:locale.json',
2023-07-25 15:18:10 +02:00
pluginsRateLimiter,
2019-07-26 14:44:50 +02:00
getPluginTranslations
)
2020-04-28 14:49:03 +02:00
pluginsRouter.get('/plugins/:pluginName/:pluginVersion/auth/:authName',
2023-07-25 15:18:10 +02:00
pluginsRateLimiter,
2020-04-28 14:49:03 +02:00
getPluginValidator(PluginType.PLUGIN),
getExternalAuthValidator,
handleAuthInPlugin
)
2019-07-12 11:39:58 +02:00
pluginsRouter.get('/plugins/:pluginName/:pluginVersion/static/:staticEndpoint(*)',
2023-07-25 15:18:10 +02:00
pluginsRateLimiter,
getPluginValidator(PluginType.PLUGIN),
pluginStaticDirectoryValidator,
servePluginStaticDirectory
)
2019-07-12 11:39:58 +02:00
pluginsRouter.get('/plugins/:pluginName/:pluginVersion/client-scripts/:staticEndpoint(*)',
2023-07-25 15:18:10 +02:00
pluginsRateLimiter,
getPluginValidator(PluginType.PLUGIN),
pluginStaticDirectoryValidator,
servePluginClientScripts
)
pluginsRouter.use('/plugins/:pluginName/router',
2023-07-25 15:18:10 +02:00
pluginsRateLimiter,
getPluginValidator(PluginType.PLUGIN, false),
optionalAuthenticate,
servePluginCustomRoutes
)
pluginsRouter.use('/plugins/:pluginName/:pluginVersion/router',
2023-07-25 15:18:10 +02:00
pluginsRateLimiter,
getPluginValidator(PluginType.PLUGIN),
optionalAuthenticate,
servePluginCustomRoutes
)
2019-07-12 11:39:58 +02:00
pluginsRouter.get('/themes/:pluginName/:pluginVersion/static/:staticEndpoint(*)',
2023-07-25 15:18:10 +02:00
pluginsRateLimiter,
getPluginValidator(PluginType.THEME),
pluginStaticDirectoryValidator,
2019-07-12 11:39:58 +02:00
servePluginStaticDirectory
)
pluginsRouter.get('/themes/:pluginName/:pluginVersion/client-scripts/:staticEndpoint(*)',
2023-07-25 15:18:10 +02:00
pluginsRateLimiter,
getPluginValidator(PluginType.THEME),
pluginStaticDirectoryValidator,
2019-07-12 11:39:58 +02:00
servePluginClientScripts
)
pluginsRouter.get('/themes/:themeName/:themeVersion/css/:staticEndpoint(*)',
2023-07-25 15:18:10 +02:00
pluginsRateLimiter,
2019-07-12 11:39:58 +02:00
serveThemeCSSValidator,
serveThemeCSSDirectory
)
// ---------------------------------------------------------------------------
export {
pluginsRouter
}
// ---------------------------------------------------------------------------
2019-07-08 14:02:03 +02:00
function servePluginGlobalCSS (req: express.Request, res: express.Response) {
2019-07-23 09:48:48 +02:00
// Only cache requests that have a ?hash=... query param
const globalCSSOptions = req.query.hash
? sendFileOptions
: {}
return res.sendFile(PLUGIN_GLOBAL_CSS_PATH, globalCSSOptions)
2019-07-08 14:02:03 +02:00
}
2019-07-26 14:44:50 +02:00
function getPluginTranslations (req: express.Request, res: express.Response) {
const locale = req.params.locale
if (is18nLocale(locale)) {
const completeLocale = getCompleteLocale(locale)
const json = PluginManager.Instance.getTranslations(completeLocale)
return res.json(json)
}
return res.status(HttpStatusCode.NOT_FOUND_404).end()
2019-07-26 14:44:50 +02:00
}
function servePluginStaticDirectory (req: express.Request, res: express.Response) {
const plugin: RegisteredPlugin = res.locals.registeredPlugin
const staticEndpoint = req.params.staticEndpoint
2019-07-08 14:02:03 +02:00
const [ directory, ...file ] = staticEndpoint.split('/')
const staticPath = plugin.staticDirs[directory]
if (!staticPath) return res.status(HttpStatusCode.NOT_FOUND_404).end()
2019-07-08 14:02:03 +02:00
const filepath = file.join('/')
2019-07-23 09:48:48 +02:00
return res.sendFile(join(plugin.path, staticPath, filepath), sendFileOptions)
}
function servePluginCustomRoutes (req: express.Request, res: express.Response, next: express.NextFunction) {
const plugin: RegisteredPlugin = res.locals.registeredPlugin
const router = PluginManager.Instance.getRouter(plugin.npmName)
if (!router) return res.status(HttpStatusCode.NOT_FOUND_404).end()
return router(req, res, next)
}
function servePluginClientScripts (req: express.Request, res: express.Response) {
const plugin: RegisteredPlugin = res.locals.registeredPlugin
const staticEndpoint = req.params.staticEndpoint
2019-07-08 14:02:03 +02:00
const file = plugin.clientScripts[staticEndpoint]
if (!file) return res.status(HttpStatusCode.NOT_FOUND_404).end()
2019-07-08 14:02:03 +02:00
2019-07-23 09:48:48 +02:00
return res.sendFile(join(plugin.path, staticEndpoint), sendFileOptions)
}
2019-07-12 11:39:58 +02:00
function serveThemeCSSDirectory (req: express.Request, res: express.Response) {
const plugin: RegisteredPlugin = res.locals.registeredPlugin
const staticEndpoint = req.params.staticEndpoint
if (plugin.css.includes(staticEndpoint) === false) {
return res.status(HttpStatusCode.NOT_FOUND_404).end()
2019-07-12 11:39:58 +02:00
}
2019-07-23 09:48:48 +02:00
return res.sendFile(join(plugin.path, staticEndpoint), sendFileOptions)
2019-07-12 11:39:58 +02:00
}
2020-04-28 14:49:03 +02:00
function handleAuthInPlugin (req: express.Request, res: express.Response) {
const authOptions = res.locals.externalAuth
try {
logger.debug('Forwarding auth plugin request in %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName)
authOptions.onAuthRequest(req, res)
} catch (err) {
logger.error('Forward request error in auth %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName, { err })
2020-04-28 14:49:03 +02:00
}
}