From f10df31f5c9b99300a54a1c45d45269a96a16a92 Mon Sep 17 00:00:00 2001 From: Umimaso Date: Sat, 19 Jun 2021 14:50:11 +0100 Subject: feat: add widget endpoints Implemented the four widget related endpoints of the api. Partial user object being returned as part of the widget.json endpoint [1] is an intentional choice related to privacy [2]. The widget.json endpoint will require additional changes upon completion of other work. Member details will need to return extra key/values for connected users to voice channels. An additional avatar_url value will hold an unique avatar url for the user + guild, fetched via a CDN endpoint widget-avatars. New dependencies `canvas` and `image-size`. Canvas is used to create the widget.png endpoint image [3]. Image-size is used to set the canvas' size to match the widget template images. Use regex in determining if a NO_AUTHORIZATION_ROUTES is hit or not. [1] https://discord.com/developers/docs/resources/guild#get-guild-widget [2] https://github.com/discord/discord-api-docs/issues/1287 [3] https://discord.com/developers/docs/resources/guild#get-guild-widget-image Closes: #9, #110 --- src/middlewares/Authentication.ts | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'src/middlewares/Authentication.ts') diff --git a/src/middlewares/Authentication.ts b/src/middlewares/Authentication.ts index 630a45ff..b53632a8 100644 --- a/src/middlewares/Authentication.ts +++ b/src/middlewares/Authentication.ts @@ -3,11 +3,12 @@ import { HTTPError } from "lambert-server"; import { checkToken, Config } from "@fosscord/server-util"; export const NO_AUTHORIZATION_ROUTES = [ - "/api/v8/auth/login", - "/api/v8/auth/register", - "/api/v8/webhooks/", - "/api/v8/gateway", - "/api/v8/experiments" + /^\/api\/v8\/auth\/login/, + /^\/api\/v8\/auth\/register/, + /^\/api\/v8\/webhooks\//, + /^\/api\/v8\/gateway/, + /^\/api\/v8\/experiments/, + /^\/api(\/v\d+)?\/guilds\/\d+\/widget\.(json|png)/ ]; declare global { @@ -22,7 +23,7 @@ declare global { export async function Authentication(req: Request, res: Response, next: NextFunction) { if (!req.url.startsWith("/api")) return next(); if (req.url.startsWith("/api/v8/invites") && req.method === "GET") return next(); - if (NO_AUTHORIZATION_ROUTES.some((x) => req.url.startsWith(x))) return next(); + if (NO_AUTHORIZATION_ROUTES.some((x) => x.test(req.url))) return next(); if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401)); try { -- cgit 1.5.1 From 4c0c09c8bc800a9f16e16c00804f0e9074cdf15d Mon Sep 17 00:00:00 2001 From: Umimaso Date: Sat, 19 Jun 2021 15:49:49 +0100 Subject: feat: add routing for unversioned api requests Create new route for /api which can handle routing of unversioned requests. Update regex for NO_AUTHORIZATION_ROUTES to support unversioned requests. --- src/Server.ts | 1 + src/middlewares/Authentication.ts | 10 +++++----- 2 files changed, 6 insertions(+), 5 deletions(-) (limited to 'src/middlewares/Authentication.ts') diff --git a/src/Server.ts b/src/Server.ts index 5ae65918..452bc1fe 100644 --- a/src/Server.ts +++ b/src/Server.ts @@ -94,6 +94,7 @@ export class FosscordServer extends Server { this.app = prefix; this.routes = await this.registerRoutes(path.join(__dirname, "routes", "/")); + app.use("/api", prefix); // allow unversioned requests app.use("/api/v8", prefix); this.app = app; this.app.use(ErrorHandler); diff --git a/src/middlewares/Authentication.ts b/src/middlewares/Authentication.ts index b53632a8..4b0f2b38 100644 --- a/src/middlewares/Authentication.ts +++ b/src/middlewares/Authentication.ts @@ -3,11 +3,11 @@ import { HTTPError } from "lambert-server"; import { checkToken, Config } from "@fosscord/server-util"; export const NO_AUTHORIZATION_ROUTES = [ - /^\/api\/v8\/auth\/login/, - /^\/api\/v8\/auth\/register/, - /^\/api\/v8\/webhooks\//, - /^\/api\/v8\/gateway/, - /^\/api\/v8\/experiments/, + /^\/api(\/v\d+)?\/auth\/login/, + /^\/api(\/v\d+)?\/auth\/register/, + /^\/api(\/v\d+)?\/webhooks\//, + /^\/api(\/v\d+)?\/gateway/, + /^\/api(\/v\d+)?\/experiments/, /^\/api(\/v\d+)?\/guilds\/\d+\/widget\.(json|png)/ ]; -- cgit 1.5.1