summary refs log tree commit diff
path: root/api/src/routes/users
diff options
context:
space:
mode:
Diffstat (limited to 'api/src/routes/users')
-rw-r--r--api/src/routes/users/#id/index.ts13
-rw-r--r--api/src/routes/users/#id/profile.ts58
-rw-r--r--api/src/routes/users/#id/relationships.ts41
-rw-r--r--api/src/routes/users/@me/activities/statistics/applications.ts11
-rw-r--r--api/src/routes/users/@me/affinities/guilds.ts11
-rw-r--r--api/src/routes/users/@me/affinities/users.ts11
-rw-r--r--api/src/routes/users/@me/applications/#app_id/entitlements.ts11
-rw-r--r--api/src/routes/users/@me/billing/country-code.ts11
-rw-r--r--api/src/routes/users/@me/billing/payment-sources.ts11
-rw-r--r--api/src/routes/users/@me/billing/subscriptions.ts11
-rw-r--r--api/src/routes/users/@me/channels.ts25
-rw-r--r--api/src/routes/users/@me/connections.ts11
-rw-r--r--api/src/routes/users/@me/delete.ts32
-rw-r--r--api/src/routes/users/@me/devices.ts11
-rw-r--r--api/src/routes/users/@me/disable.ts26
-rw-r--r--api/src/routes/users/@me/email-settings.ts20
-rw-r--r--api/src/routes/users/@me/entitlements.ts11
-rw-r--r--api/src/routes/users/@me/guilds.ts57
-rw-r--r--api/src/routes/users/@me/guilds/premium/subscription-slots.ts11
-rw-r--r--api/src/routes/users/@me/index.ts91
-rw-r--r--api/src/routes/users/@me/library.ts11
-rw-r--r--api/src/routes/users/@me/mfa/codes.ts50
-rw-r--r--api/src/routes/users/@me/mfa/totp/disable.ts45
-rw-r--r--api/src/routes/users/@me/mfa/totp/enable.ts54
-rw-r--r--api/src/routes/users/@me/notes.ts60
-rw-r--r--api/src/routes/users/@me/relationships.ts213
-rw-r--r--api/src/routes/users/@me/settings.ts20
27 files changed, 0 insertions, 937 deletions
diff --git a/api/src/routes/users/#id/index.ts b/api/src/routes/users/#id/index.ts
deleted file mode 100644
index bdb1060f..00000000
--- a/api/src/routes/users/#id/index.ts
+++ /dev/null
@@ -1,13 +0,0 @@
-import { Router, Request, Response } from "express";
-import { User } from "@fosscord/util";
-import { route } from "@fosscord/api";
-
-const router: Router = Router();
-
-router.get("/", route({}), async (req: Request, res: Response) => {
-	const { id } = req.params;
-
-	res.json(await User.getPublicUser(id));
-});
-
-export default router;
diff --git a/api/src/routes/users/#id/profile.ts b/api/src/routes/users/#id/profile.ts
deleted file mode 100644
index 7a995a8c..00000000
--- a/api/src/routes/users/#id/profile.ts
+++ /dev/null
@@ -1,58 +0,0 @@
-import { Router, Request, Response } from "express";
-import { PublicConnectedAccount, PublicUser, User, UserPublic, Member } from "@fosscord/util";
-import { route } from "@fosscord/api";
-
-const router: Router = Router();
-
-export interface UserProfileResponse {
-	user: UserPublic;
-	connected_accounts: PublicConnectedAccount;
-	premium_guild_since?: Date;
-	premium_since?: Date;
-}
-
-router.get("/", route({ test: { response: { body: "UserProfileResponse" } } }), async (req: Request, res: Response) => {
-	if (req.params.id === "@me") req.params.id = req.user_id;
-	const user = await User.getPublicUser(req.params.id, { relations: ["connected_accounts"] });
-
-	let mutual_guilds: object[] = [];
-	let premium_guild_since;
-	const requested_member = await Member.find( { where: { id: req.params.id, } })
-	const self_member = await Member.find( { where: { id: req.user_id, } })
-
-	for(const rmem of requested_member) {
-		if(rmem.premium_since) {
-			if(premium_guild_since){
-				if(premium_guild_since > rmem.premium_since) {
-					premium_guild_since = rmem.premium_since;
-				}
-			} else {
-				premium_guild_since = rmem.premium_since;
-			}
-		}
-		for(const smem of self_member) {
-			if (smem.guild_id === rmem.guild_id) {
-				mutual_guilds.push({id: rmem.guild_id, nick: rmem.nick})
-			}
-		}
-	}
-	res.json({
-		connected_accounts: user.connected_accounts,
-		premium_guild_since: premium_guild_since, // TODO
-		premium_since: user.premium_since, // TODO
-		mutual_guilds: mutual_guilds, // TODO {id: "", nick: null} when ?with_mutual_guilds=true
-		user: {
-			username: user.username,
-			discriminator: user.discriminator,
-			id: user.id,
-			public_flags: user.public_flags,
-			avatar: user.avatar,
-			accent_color: user.accent_color,
-			banner: user.banner,
-			bio: req.user_bot ? null : user.bio,
-			bot: user.bot
-		}
-	});
-});
-
-export default router;
diff --git a/api/src/routes/users/#id/relationships.ts b/api/src/routes/users/#id/relationships.ts
deleted file mode 100644
index 61655c25..00000000
--- a/api/src/routes/users/#id/relationships.ts
+++ /dev/null
@@ -1,41 +0,0 @@
-import { Router, Request, Response } from "express";
-import { User } from "@fosscord/util";
-import { route } from "@fosscord/api";
-
-const router: Router = Router();
-
-export interface UserRelationsResponse {
-	object: {
-		id?: string,
-		username?: string,
-		avatar?: string, 
-		discriminator?: string, 
-		public_flags?: number
-	}
-}
-
-
-router.get("/", route({ test: { response: { body: "UserRelationsResponse" } } }), async (req: Request, res: Response) => {
-	let mutual_relations: object[] = [];
-    const requested_relations = await User.findOneOrFail({
-		where: { id: req.params.id },
-		relations: ["relationships"]
-	});
-    const self_relations = await User.findOneOrFail({
-		where: { id: req.user_id },
-		relations: ["relationships"]
-	});
-	
-    for(const rmem of requested_relations.relationships) {
-		for(const smem of self_relations.relationships)
-		if (rmem.to_id === smem.to_id && rmem.type === 1 && rmem.to_id !== req.user_id) {
-			let relation_user = await User.getPublicUser(rmem.to_id)
-
-			mutual_relations.push({id: relation_user.id, username: relation_user.username, avatar: relation_user.avatar, discriminator: relation_user.discriminator, public_flags: relation_user.public_flags})
-		}
-	}
-
-	res.json(mutual_relations)
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/activities/statistics/applications.ts b/api/src/routes/users/@me/activities/statistics/applications.ts
deleted file mode 100644
index 014df8af..00000000
--- a/api/src/routes/users/@me/activities/statistics/applications.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-
-const router = Router();
-
-router.get("/", route({}), (req: Request, res: Response) => {
-	// TODO:
-	res.json([]).status(200);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/affinities/guilds.ts b/api/src/routes/users/@me/affinities/guilds.ts
deleted file mode 100644
index 8d744744..00000000
--- a/api/src/routes/users/@me/affinities/guilds.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-
-const router = Router();
-
-router.get("/", route({}), (req: Request, res: Response) => {
-	// TODO:
-	res.status(200).send({ guild_affinities: [] });
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/affinities/users.ts b/api/src/routes/users/@me/affinities/users.ts
deleted file mode 100644
index 6d4e4991..00000000
--- a/api/src/routes/users/@me/affinities/users.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-
-const router = Router();
-
-router.get("/", route({}), (req: Request, res: Response) => {
-	// TODO:
-	res.status(200).send({ user_affinities: [], inverse_user_affinities: [] });
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/applications/#app_id/entitlements.ts b/api/src/routes/users/@me/applications/#app_id/entitlements.ts
deleted file mode 100644
index 411e95bf..00000000
--- a/api/src/routes/users/@me/applications/#app_id/entitlements.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Request, Response, Router } from "express";
-import { route } from "@fosscord/api";
-
-const router: Router = Router();
-
-router.get("/", route({}), async (req: Request, res: Response) => {
-	//TODO
-	res.json([]).status(200);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/billing/country-code.ts b/api/src/routes/users/@me/billing/country-code.ts
deleted file mode 100644
index 33d40796..00000000
--- a/api/src/routes/users/@me/billing/country-code.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Request, Response, Router } from "express";
-import { route } from "@fosscord/api";
-
-const router: Router = Router();
-
-router.get("/", route({}), async (req: Request, res: Response) => {
-	//TODO
-	res.json({ country_code: "US" }).status(200);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/billing/payment-sources.ts b/api/src/routes/users/@me/billing/payment-sources.ts
deleted file mode 100644
index 014df8af..00000000
--- a/api/src/routes/users/@me/billing/payment-sources.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-
-const router = Router();
-
-router.get("/", route({}), (req: Request, res: Response) => {
-	// TODO:
-	res.json([]).status(200);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/billing/subscriptions.ts b/api/src/routes/users/@me/billing/subscriptions.ts
deleted file mode 100644
index 411e95bf..00000000
--- a/api/src/routes/users/@me/billing/subscriptions.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Request, Response, Router } from "express";
-import { route } from "@fosscord/api";
-
-const router: Router = Router();
-
-router.get("/", route({}), async (req: Request, res: Response) => {
-	//TODO
-	res.json([]).status(200);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/channels.ts b/api/src/routes/users/@me/channels.ts
deleted file mode 100644
index 78f531e1..00000000
--- a/api/src/routes/users/@me/channels.ts
+++ /dev/null
@@ -1,25 +0,0 @@
-import { Request, Response, Router } from "express";
-import { Recipient, DmChannelDTO, Channel } from "@fosscord/util";
-import { route } from "@fosscord/api";
-
-const router: Router = Router();
-
-router.get("/", route({}), async (req: Request, res: Response) => {
-	const recipients = await Recipient.find({
-		where: { user_id: req.user_id, closed: false },
-		relations: ["channel", "channel.recipients"]
-	});
-	res.json(await Promise.all(recipients.map((r) => DmChannelDTO.from(r.channel, [req.user_id]))));
-});
-
-export interface DmChannelCreateSchema {
-	name?: string;
-	recipients: string[];
-}
-
-router.post("/", route({ body: "DmChannelCreateSchema" }), async (req: Request, res: Response) => {
-	const body = req.body as DmChannelCreateSchema;
-	res.json(await Channel.createDMChannel(body.recipients, req.user_id, body.name));
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/connections.ts b/api/src/routes/users/@me/connections.ts
deleted file mode 100644
index 411e95bf..00000000
--- a/api/src/routes/users/@me/connections.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Request, Response, Router } from "express";
-import { route } from "@fosscord/api";
-
-const router: Router = Router();
-
-router.get("/", route({}), async (req: Request, res: Response) => {
-	//TODO
-	res.json([]).status(200);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/delete.ts b/api/src/routes/users/@me/delete.ts
deleted file mode 100644
index 1d81c2b9..00000000
--- a/api/src/routes/users/@me/delete.ts
+++ /dev/null
@@ -1,32 +0,0 @@
-import { Router, Request, Response } from "express";
-import { Guild, Member, User } from "@fosscord/util";
-import { route } from "@fosscord/api";
-import bcrypt from "bcrypt";
-import { HTTPError } from "@fosscord/util";
-
-const router = Router();
-
-router.post("/", route({}), async (req: Request, res: Response) => {
-	const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["data"] }); //User object
-	let correctpass = true;
-
-	if (user.data.hash) {
-		// guest accounts can delete accounts without password
-		correctpass = await bcrypt.compare(req.body.password, user.data.hash);
-		if (!correctpass) {
-			throw new HTTPError(req.t("auth:login.INVALID_PASSWORD"));
-		}
-	}
-
-	// TODO: decrement guild member count
-
-	if (correctpass) {
-		await Promise.all([User.delete({ id: req.user_id }), Member.delete({ id: req.user_id })]);
-
-		res.sendStatus(204);
-	} else {
-		res.sendStatus(401);
-	}
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/devices.ts b/api/src/routes/users/@me/devices.ts
deleted file mode 100644
index 8556a3ad..00000000
--- a/api/src/routes/users/@me/devices.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-
-const router = Router();
-
-router.post("/", route({}), (req: Request, res: Response) => {
-	// TODO:
-	res.sendStatus(204);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/disable.ts b/api/src/routes/users/@me/disable.ts
deleted file mode 100644
index 4aff3774..00000000
--- a/api/src/routes/users/@me/disable.ts
+++ /dev/null
@@ -1,26 +0,0 @@
-import { User } from "@fosscord/util";
-import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-import bcrypt from "bcrypt";
-
-const router = Router();
-
-router.post("/", route({}), async (req: Request, res: Response) => {
-	const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["data"] }); //User object
-	let correctpass = true;
-
-	if (user.data.hash) {
-		// guest accounts can delete accounts without password
-		correctpass = await bcrypt.compare(req.body.password, user.data.hash); //Not sure if user typed right password :/
-	}
-
-	if (correctpass) {
-		await User.update({ id: req.user_id }, { disabled: true });
-
-		res.sendStatus(204);
-	} else {
-		res.status(400).json({ message: "Password does not match", code: 50018 });
-	}
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/email-settings.ts b/api/src/routes/users/@me/email-settings.ts
deleted file mode 100644
index 3114984e..00000000
--- a/api/src/routes/users/@me/email-settings.ts
+++ /dev/null
@@ -1,20 +0,0 @@
-import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-
-const router = Router();
-
-router.get("/", route({}), (req: Request, res: Response) => {
-	// TODO:
-	res.json({
-		categories: {
-			social: true,
-			communication: true,
-			tips: false,
-			updates_and_announcements: false,
-			recommendations_and_events: false
-		},
-		initialized: false
-	}).status(200);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/entitlements.ts b/api/src/routes/users/@me/entitlements.ts
deleted file mode 100644
index 341e2b4c..00000000
--- a/api/src/routes/users/@me/entitlements.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-
-const router = Router();
-
-router.get("/gifts", route({}), (req: Request, res: Response) => {
-	// TODO:
-	res.json([]).status(200);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/guilds.ts b/api/src/routes/users/@me/guilds.ts
deleted file mode 100644
index 4d4fccd4..00000000
--- a/api/src/routes/users/@me/guilds.ts
+++ /dev/null
@@ -1,57 +0,0 @@
-import { Router, Request, Response } from "express";
-import { Guild, Member, User, GuildDeleteEvent, GuildMemberRemoveEvent, emitEvent, Config } from "@fosscord/util";
-import { HTTPError } from "@fosscord/util";
-import { route } from "@fosscord/api";
-
-const router: Router = Router();
-
-router.get("/", route({}), async (req: Request, res: Response) => {
-	const members = await Member.find({ relations: ["guild"], where: { id: req.user_id } });
-
-	let guild = members.map((x) => x.guild);
-
-	if ("with_counts" in req.query && req.query.with_counts == "true") {
-		guild = []; // TODO: Load guilds with user role permissions number
-	}
-
-	res.json(guild);
-});
-
-// user send to leave a certain guild
-router.delete("/:guild_id", route({}), async (req: Request, res: Response) => {
-	const { autoJoin } = Config.get().guild;
-	const { guild_id } = req.params;
-	const guild = await Guild.findOneOrFail({ where: { id: guild_id }, select: ["owner_id"] });
-
-	if (!guild) throw new HTTPError("Guild doesn't exist", 404);
-	if (guild.owner_id === req.user_id) throw new HTTPError("You can't leave your own guild", 400);
-	if (autoJoin.enabled && autoJoin.guilds.includes(guild_id) && !autoJoin.canLeave) {
-		throw new HTTPError("You can't leave instance auto join guilds", 400);
-	}
-
-	await Promise.all([
-		Member.delete({ id: req.user_id, guild_id: guild_id }),
-		emitEvent({
-			event: "GUILD_DELETE",
-			data: {
-				id: guild_id
-			},
-			user_id: req.user_id
-		} as GuildDeleteEvent)
-	]);
-
-	const user = await User.getPublicUser(req.user_id);
-
-	await emitEvent({
-		event: "GUILD_MEMBER_REMOVE",
-		data: {
-			guild_id: guild_id,
-			user: user
-		},
-		guild_id: guild_id
-	} as GuildMemberRemoveEvent);
-
-	return res.sendStatus(204);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/guilds/premium/subscription-slots.ts b/api/src/routes/users/@me/guilds/premium/subscription-slots.ts
deleted file mode 100644
index 014df8af..00000000
--- a/api/src/routes/users/@me/guilds/premium/subscription-slots.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-
-const router = Router();
-
-router.get("/", route({}), (req: Request, res: Response) => {
-	// TODO:
-	res.json([]).status(200);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/index.ts b/api/src/routes/users/@me/index.ts
deleted file mode 100644
index 4cf96a8d..00000000
--- a/api/src/routes/users/@me/index.ts
+++ /dev/null
@@ -1,91 +0,0 @@
-import { Router, Request, Response } from "express";
-import { User, PrivateUserProjection, emitEvent, UserUpdateEvent, handleFile, FieldErrors } from "@fosscord/util";
-import { route } from "@fosscord/api";
-import bcrypt from "bcrypt";
-import { OrmUtils, generateToken } from "@fosscord/util";
-
-const router: Router = Router();
-
-export interface UserModifySchema {
-	/**
-	 * @minLength 1
-	 * @maxLength 100
-	 */
-	username?: string;
-	discriminator?: string;
-	avatar?: string | null;
-	/**
-	 * @maxLength 1024
-	 */
-	bio?: string;
-	accent_color?: number;
-	banner?: string | null;
-	password?: string;
-	new_password?: string;
-	code?: string;
-}
-
-router.get("/", route({}), async (req: Request, res: Response) => {
-	res.json(await User.findOne({ select: PrivateUserProjection, where: { id: req.user_id } }));
-});
-
-router.patch("/", route({ body: "UserModifySchema" }), async (req: Request, res: Response) => {
-	var token = null as any;
-	const body = req.body as UserModifySchema;
-
-	if (body.avatar) body.avatar = await handleFile(`/avatars/${req.user_id}`, body.avatar as string);
-	if (body.banner) body.banner = await handleFile(`/banners/${req.user_id}`, body.banner as string);
-	let user = await User.findOneOrFail({ where: { id: req.user_id }, select: [...PrivateUserProjection, "data"] });
-
-	if (body.password) {
-		if (user.data?.hash) {
-			const same_password = await bcrypt.compare(body.password, user.data.hash || "");
-			if (!same_password) {
-				throw FieldErrors({ password: { message: req.t("auth:login.INVALID_PASSWORD"), code: "INVALID_PASSWORD" } });
-			}
-		} else {
-			user.data.hash = await bcrypt.hash(body.password, 12);
-		}
-	}
-
-	if (body.new_password) {
-		if (!body.password && !user.email) {
-			throw FieldErrors({
-				password: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") }
-			});
-		}
-		user.data.hash = await bcrypt.hash(body.new_password, 12);
-		user.data.valid_tokens_since = new Date();
-		token = await generateToken(user.id) as string;
-	}
-
-    if(body.username){
-        let check_username = body?.username?.replace(/\s/g, '');
-        if(!check_username) {
-            throw FieldErrors({
-                username: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") }
-            });
-        }
-    }
-
-	user = OrmUtils.mergeDeep(user, body);
-	await user.save();
-
-	// @ts-ignore
-	delete user.data;
-
-	// TODO: send update member list event in gateway
-	await emitEvent({
-		event: "USER_UPDATE",
-		user_id: req.user_id,
-		data: user
-	} as UserUpdateEvent);
-	
-	res.json({
-		...user,
-		token
-	});
-});
-
-export default router;
-// {"message": "Invalid two-factor code", "code": 60008}
diff --git a/api/src/routes/users/@me/library.ts b/api/src/routes/users/@me/library.ts
deleted file mode 100644
index 7ac13bae..00000000
--- a/api/src/routes/users/@me/library.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-
-const router = Router();
-
-router.get("/", route({}), (req: Request, res: Response) => {
-	// TODO:
-	res.status(200).send([]);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/mfa/codes.ts b/api/src/routes/users/@me/mfa/codes.ts
deleted file mode 100644
index 75e3e964..00000000
--- a/api/src/routes/users/@me/mfa/codes.ts
+++ /dev/null
@@ -1,50 +0,0 @@
-import { Router, Request, Response } from "express";
-import { route } from "@fosscord/api";
-import { BackupCode, Config, FieldErrors, generateMfaBackupCodes, User } from "@fosscord/util";
-import bcrypt from "bcrypt";
-
-const router = Router();
-
-export interface MfaCodesSchema {
-	password: string;
-	regenerate?: boolean;
-}
-
-// TODO: This route is replaced with users/@me/mfa/codes-verification in newer clients
-
-router.post("/", route({ body: "MfaCodesSchema" }), async (req: Request, res: Response) => {
-	const { password, regenerate } = req.body as MfaCodesSchema;
-
-	const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["data"] });
-
-	if (!await bcrypt.compare(password, user.data.hash || "")) {
-		throw FieldErrors({ password: { message: req.t("auth:login.INVALID_PASSWORD"), code: "INVALID_PASSWORD" } });
-	}
-
-	var codes: BackupCode[];
-	if (regenerate && Config.get().security.twoFactor.generateBackupCodes) {
-		await BackupCode.update(
-			{ user: { id: req.user_id } },
-			{ expired: true }
-		);
-
-		codes = generateMfaBackupCodes(req.user_id);
-		await Promise.all(codes.map(x => x.save()));
-	}
-	else {
-		codes = await BackupCode.find({
-			where: {
-				user: {
-					id: req.user_id,
-				},
-				expired: false
-			}
-		});
-	}
-
-	return res.json({
-		backup_codes: codes.map(x => ({ ...x, expired: undefined })),
-	})
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/mfa/totp/disable.ts b/api/src/routes/users/@me/mfa/totp/disable.ts
deleted file mode 100644
index 2d385fda..00000000
--- a/api/src/routes/users/@me/mfa/totp/disable.ts
+++ /dev/null
@@ -1,45 +0,0 @@
-import { Router, Request, Response } from "express";
-import { route } from "@fosscord/api";
-import { verifyToken } from 'node-2fa';
-import { HTTPError } from "lambert-server";
-import { User, generateToken, BackupCode } from "@fosscord/util";
-
-const router = Router();
-
-export interface TotpDisableSchema {
-	code: string;
-}
-
-router.post("/", route({ body: "TotpDisableSchema" }), async (req: Request, res: Response) => {
-	const body = req.body as TotpDisableSchema;
-
-	const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["totp_secret"] });
-
-	const backup = await BackupCode.findOne({ where: { code: body.code } });
-	if (!backup) {
-		const ret = verifyToken(user.totp_secret!, body.code);
-		if (!ret || ret.delta != 0)
-			throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
-	}
-
-	await User.update(
-		{ id: req.user_id },
-		{
-			mfa_enabled: false,
-			totp_secret: "",
-		},
-	);
-
-	await BackupCode.update(
-		{ user: { id: req.user_id } },
-		{
-			expired: true,
-		}
-	);
-
-	return res.json({
-		token: await generateToken(user.id),
-	});
-});
-
-export default router;
\ No newline at end of file
diff --git a/api/src/routes/users/@me/mfa/totp/enable.ts b/api/src/routes/users/@me/mfa/totp/enable.ts
deleted file mode 100644
index 87f36d55..00000000
--- a/api/src/routes/users/@me/mfa/totp/enable.ts
+++ /dev/null
@@ -1,54 +0,0 @@
-import { Router, Request, Response } from "express";
-import { User, generateToken, BackupCode, generateMfaBackupCodes, Config } from "@fosscord/util";
-import { route } from "@fosscord/api";
-import bcrypt from "bcrypt";
-import { HTTPError } from "lambert-server";
-import { verifyToken } from 'node-2fa';
-
-const router = Router();
-
-export interface TotpEnableSchema {
-	password: string;
-	code?: string;
-	secret?: string;
-}
-
-router.post("/", route({ body: "TotpEnableSchema" }), async (req: Request, res: Response) => {
-	const body = req.body as TotpEnableSchema;
-
-	const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["data"] });
-
-	// TODO: Are guests allowed to enable 2fa?
-	if (user.data.hash) {
-		if (!await bcrypt.compare(body.password, user.data.hash)) {
-			throw new HTTPError(req.t("auth:login.INVALID_PASSWORD"));
-		}
-	}
-
-	if (!body.secret)
-		throw new HTTPError(req.t("auth:login.INVALID_TOTP_SECRET"), 60005);
-
-	if (!body.code)
-		throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
-
-	if (verifyToken(body.secret, body.code)?.delta != 0)
-		throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
-
-	let backup_codes: BackupCode[] = [];
-	if (Config.get().security.twoFactor.generateBackupCodes) {
-		backup_codes = generateMfaBackupCodes(req.user_id);
-		await Promise.all(backup_codes.map(x => x.save()));
-	}
-
-	await User.update(
-		{ id: req.user_id },
-		{ mfa_enabled: true, totp_secret: body.secret }
-	);
-
-	res.send({
-		token: await generateToken(user.id),
-		backup_codes: backup_codes.map(x => ({ ...x, expired: undefined })),
-	});
-});
-
-export default router;
\ No newline at end of file
diff --git a/api/src/routes/users/@me/notes.ts b/api/src/routes/users/@me/notes.ts
deleted file mode 100644
index f938f088..00000000
--- a/api/src/routes/users/@me/notes.ts
+++ /dev/null
@@ -1,60 +0,0 @@
-import { Request, Response, Router } from "express";
-import { route } from "@fosscord/api";
-import { User, Note, emitEvent, Snowflake } from "@fosscord/util";
-
-const router: Router = Router();
-
-router.get("/:id", route({}), async (req: Request, res: Response) => {
-	const { id } = req.params;
-
-	const note = await Note.findOneOrFail({
-		where: {
-			owner: { id: req.user_id },
-			target: { id: id },
-		}
-	});
-
-	return res.json({
-		note: note?.content,
-		note_user_id: id,
-		user_id: req.user_id,
-	});
-});
-
-router.put("/:id", route({}), async (req: Request, res: Response) => {
-	const { id } = req.params;
-	const owner = await User.findOneOrFail({ where: { id: req.user_id } });
-	const target = await User.findOneOrFail({ where: { id: id } });		//if noted user does not exist throw
-	const { note } = req.body;
-
-	if (note && note.length) {
-		// upsert a note
-		if (await Note.findOne({ where: { owner: { id: owner.id }, target: { id: target.id } } })) {
-			Note.update(
-				{ owner: { id: owner.id }, target: { id: target.id } },
-				{ owner, target, content: note }
-			);
-		}
-		else {
-			Note.insert(
-				{ id: Snowflake.generate(), owner, target, content: note }
-			);
-		}
-	}
-	else {
-		await Note.delete({ owner: { id: owner.id }, target: { id: target.id } });
-	}
-
-	await emitEvent({
-		event: "USER_NOTE_UPDATE",
-		data: {
-			note: note,
-			id: target.id
-		},
-		user_id: owner.id,
-	});
-
-	return res.status(204);
-});
-
-export default router;
diff --git a/api/src/routes/users/@me/relationships.ts b/api/src/routes/users/@me/relationships.ts
deleted file mode 100644
index 6e22f4f3..00000000
--- a/api/src/routes/users/@me/relationships.ts
+++ /dev/null
@@ -1,213 +0,0 @@
-import {
-	RelationshipAddEvent,
-	User,
-	PublicUserProjection,
-	RelationshipType,
-	RelationshipRemoveEvent,
-	emitEvent,
-	Relationship,
-	Config
-} from "@fosscord/util";
-import { Router, Response, Request } from "express";
-import { HTTPError } from "@fosscord/util";
-import { DiscordApiErrors } from "@fosscord/util";
-import { route } from "@fosscord/api";
-import { OrmUtils } from "@fosscord/util";
-
-const router = Router();
-
-const userProjection: (keyof User)[] = ["relationships", ...PublicUserProjection];
-
-router.get("/", route({}), async (req: Request, res: Response) => {
-	const user = await User.findOneOrFail({
-		where: { id: req.user_id },
-		relations: ["relationships", "relationships.to"],
-		select: ["relationships"]
-	});
-
-	//TODO DTO
-	const related_users = user.relationships.map((r) => {
-		return {
-			id: r.to.id,
-			type: r.type,
-			nickname: null,
-			user: r.to.toPublicUser()
-		};
-	});
-
-	return res.json(related_users);
-});
-
-export interface RelationshipPutSchema {
-	type?: RelationshipType;
-}
-
-router.put("/:id", route({ body: "RelationshipPutSchema" }), async (req: Request, res: Response) => {
-	return await updateRelationship(
-		req,
-		res,
-		await User.findOneOrFail({ where: { id: req.params.id }, relations: ["relationships", "relationships.to"], select: userProjection }),
-		req.body.type ?? RelationshipType.friends
-	);
-});
-
-export interface RelationshipPostSchema {
-	discriminator: string;
-	username: string;
-}
-
-router.post("/", route({ body: "RelationshipPostSchema" }), async (req: Request, res: Response) => {
-	return await updateRelationship(
-		req,
-		res,
-		await User.findOneOrFail({
-			relations: ["relationships", "relationships.to"],
-			select: userProjection,
-			where: {
-				discriminator: String(req.body.discriminator).padStart(4, "0"), //Discord send the discriminator as integer, we need to add leading zeroes
-				username: req.body.username
-			}
-		}),
-		req.body.type
-	);
-});
-
-router.delete("/:id", route({}), async (req: Request, res: Response) => {
-	const { id } = req.params;
-	if (id === req.user_id) throw new HTTPError("You can't remove yourself as a friend");
-
-	const user = await User.findOneOrFail({ where: { id: req.user_id }, select: userProjection, relations: ["relationships"] });
-	const friend = await User.findOneOrFail({ where: { id: id }, select: userProjection, relations: ["relationships"] });
-
-	const relationship = user.relationships.find((x) => x.to_id === id);
-	const friendRequest = friend.relationships.find((x) => x.to_id === req.user_id);
-
-	if (!relationship) throw new HTTPError("You are not friends with the user", 404);
-	if (relationship?.type === RelationshipType.blocked) {
-		// unblock user
-
-		await Promise.all([
-			Relationship.delete({ id: relationship.id }),
-			emitEvent({
-				event: "RELATIONSHIP_REMOVE",
-				user_id: req.user_id,
-				data: relationship.toPublicRelationship()
-			} as RelationshipRemoveEvent)
-		]);
-		return res.sendStatus(204);
-	}
-	if (friendRequest && friendRequest.type !== RelationshipType.blocked) {
-		await Promise.all([
-			Relationship.delete({ id: friendRequest.id }),
-			await emitEvent({
-				event: "RELATIONSHIP_REMOVE",
-				data: friendRequest.toPublicRelationship(),
-				user_id: id
-			} as RelationshipRemoveEvent)
-		]);
-	}
-
-	await Promise.all([
-		Relationship.delete({ id: relationship.id }),
-		emitEvent({
-			event: "RELATIONSHIP_REMOVE",
-			data: relationship.toPublicRelationship(),
-			user_id: req.user_id
-		} as RelationshipRemoveEvent)
-	]);
-
-	return res.sendStatus(204);
-});
-
-export default router;
-
-async function updateRelationship(req: Request, res: Response, friend: User, type: RelationshipType) {
-	const id = friend.id;
-	if (id === req.user_id) throw new HTTPError("You can't add yourself as a friend");
-
-	const user = await User.findOneOrFail({
-		where: { id: req.user_id },
-		relations: ["relationships", "relationships.to"],
-		select: userProjection
-	});
-
-	let relationship = user.relationships.find((x) => x.to_id === id);
-	const friendRequest = friend.relationships.find((x) => x.to_id === req.user_id);
-
-	// TODO: you can add infinitely many blocked users (should this be prevented?)
-	if (type === RelationshipType.blocked) {
-		if (relationship) {
-			if (relationship.type === RelationshipType.blocked) throw new HTTPError("You already blocked the user");
-			relationship.type = RelationshipType.blocked;
-			await relationship.save();
-		} else {
-			relationship = await (OrmUtils.mergeDeep(new Relationship(), { to_id: id, type: RelationshipType.blocked, from_id: req.user_id }) as Relationship).save();
-		}
-
-		if (friendRequest && friendRequest.type !== RelationshipType.blocked) {
-			await Promise.all([
-				Relationship.delete({ id: friendRequest.id }),
-				emitEvent({
-					event: "RELATIONSHIP_REMOVE",
-					data: friendRequest.toPublicRelationship(),
-					user_id: id
-				} as RelationshipRemoveEvent)
-			]);
-		}
-
-		await emitEvent({
-			event: "RELATIONSHIP_ADD",
-			data: relationship.toPublicRelationship(),
-			user_id: req.user_id
-		} as RelationshipAddEvent);
-
-		return res.sendStatus(204);
-	}
-
-	const { maxFriends } = Config.get().limits.user;
-	if (user.relationships.length >= maxFriends) throw DiscordApiErrors.MAXIMUM_FRIENDS.withParams(maxFriends);
-
-	let incoming_relationship = OrmUtils.mergeDeep(new Relationship(), { nickname: undefined, type: RelationshipType.incoming, to: user, from: friend });
-	let outgoing_relationship = OrmUtils.mergeDeep(new Relationship(), {
-		nickname: undefined,
-		type: RelationshipType.outgoing,
-		to: friend,
-		from: user
-	});
-
-	if (friendRequest) {
-		if (friendRequest.type === RelationshipType.blocked) throw new HTTPError("The user blocked you");
-		if (friendRequest.type === RelationshipType.friends) throw new HTTPError("You are already friends with the user");
-		// accept friend request
-		incoming_relationship = friendRequest as any; //TODO: checkme, any cast
-		incoming_relationship.type = RelationshipType.friends;
-	}
-
-	if (relationship) {
-		if (relationship.type === RelationshipType.outgoing) throw new HTTPError("You already sent a friend request");
-		if (relationship.type === RelationshipType.blocked) throw new HTTPError("Unblock the user before sending a friend request");
-		if (relationship.type === RelationshipType.friends) throw new HTTPError("You are already friends with the user");
-		outgoing_relationship = relationship as any; //TODO: checkme, any cast
-		outgoing_relationship.type = RelationshipType.friends;
-	}
-
-	await Promise.all([
-		incoming_relationship.save(),
-		outgoing_relationship.save(),
-		emitEvent({
-			event: "RELATIONSHIP_ADD",
-			data: outgoing_relationship.toPublicRelationship(),
-			user_id: req.user_id
-		} as RelationshipAddEvent),
-		emitEvent({
-			event: "RELATIONSHIP_ADD",
-			data: {
-				...incoming_relationship.toPublicRelationship(),
-				should_notify: true
-			},
-			user_id: id
-		} as RelationshipAddEvent)
-	]);
-
-	return res.sendStatus(204);
-}
diff --git a/api/src/routes/users/@me/settings.ts b/api/src/routes/users/@me/settings.ts
deleted file mode 100644
index 70f8a218..00000000
--- a/api/src/routes/users/@me/settings.ts
+++ /dev/null
@@ -1,20 +0,0 @@
-import { Router, Response, Request } from "express";
-import { User, UserSettings } from "@fosscord/util";
-import { route } from "@fosscord/api";
-
-const router = Router();
-
-export interface UserSettingsSchema extends Partial<UserSettings> {}
-
-router.patch("/", route({ body: "UserSettingsSchema" }), async (req: Request, res: Response) => {
-	const body = req.body as UserSettings;
-	if (body.locale === "en") body.locale = "en-US"; // fix discord client crash on unkown locale
-
-	const user = await User.findOneOrFail({ where: { id: req.user_id, bot: false } });
-	user.settings = { ...user.settings, ...body };
-	await user.save();
-
-	res.sendStatus(204);
-});
-
-export default router;