rudeshark.net/src/server/api/service/twitter.ts

import * as Koa from 'koa';
import * as Router from 'koa-router';
import * as uuid from 'uuid';
import autwh from 'autwh';
import redis from '../../../db/redis';
import User, { pack, ILocalUser } from '../../../models/user';
import event from '../../../publishers/stream';
import config from '../../../config';
import signin from '../common/signin';

function getUserToken(ctx: Koa.Context) {
	return ((ctx.headers['cookie'] || '').match(/i=(!\w+)/) || [null, null])[1];
}

function compareOrigin(ctx: Koa.Context) {
	function normalizeUrl(url: string) {
		return url[url.length - 1] === '/' ? url.substr(0, url.length - 1) : url;
	}

	const referer = ctx.headers['referer'];

	return (normalizeUrl(referer) == normalizeUrl(config.url));
}

// Init router
const router = new Router();

router.get('/disconnect/twitter', async ctx => {
	if (!compareOrigin(ctx)) {
		ctx.throw(400, 'invalid origin');
		return;
	}

	const userToken = getUserToken(ctx);
	if (userToken == null) {
		ctx.throw(400, 'signin required');
		return;
	}

	const user = await User.findOneAndUpdate({
		host: null,
		'token': userToken
	}, {
		$set: {
			'twitter': null
		}
	});

	ctx.body = `Twitterの連携を解除しました :v:`;

	// Publish i updated event
	event(user._id, 'i_updated', await pack(user, user, {
		detail: true,
		includeSecrets: true
	}));
});

if (config.twitter == null) {
	router.get('/connect/twitter', ctx => {
		ctx.body = '現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)';
	});

	router.get('/signin/twitter', ctx => {
		ctx.body = '現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)';
	});
} else {
	const twAuth = autwh({
		consumerKey: config.twitter.consumer_key,
		consumerSecret: config.twitter.consumer_secret,
		callbackUrl: `${config.url}/api/tw/cb`
	});

	router.get('/connect/twitter', async ctx => {
		if (!compareOrigin(ctx)) {
			ctx.throw(400, 'invalid origin');
			return;
		}

		const userToken = getUserToken(ctx);
		if (userToken == null) {
			ctx.throw(400, 'signin required');
			return;
		}

		const twCtx = await twAuth.begin();
		redis.set(userToken, JSON.stringify(twCtx));
		ctx.redirect(twCtx.url);
	});

	router.get('/signin/twitter', async ctx => {
		const twCtx = await twAuth.begin();

		const sessid = uuid();

		redis.set(sessid, JSON.stringify(twCtx));

		const expires = 1000 * 60 * 60; // 1h
		ctx.cookies.set('signin_with_twitter_session_id', sessid, {
			path: '/',
			domain: config.host,
			secure: config.url.startsWith('https'),
			httpOnly: true,
			expires: new Date(Date.now() + expires),
			maxAge: expires
		});

		ctx.redirect(twCtx.url);
	});

	router.get('/tw/cb', async ctx => {
		const userToken = getUserToken(ctx);

		if (userToken == null) {
			const sessid = ctx.cookies.get('signin_with_twitter_session_id');

			if (sessid == null) {
				ctx.throw(400, 'invalid session');
				return;
			}

			const get = new Promise<any>((res, rej) => {
				redis.get(sessid, async (_, twCtx) => {
					res(twCtx);
				});
			});

			const twCtx = await get;

			const result = await twAuth.done(JSON.parse(twCtx), ctx.query.oauth_verifier);

			const user = await User.findOne({
				host: null,
				'twitter.userId': result.userId
			}) as ILocalUser;

			if (user == null) {
				ctx.throw(404, `@${result.screenName}と連携しているMisskeyアカウントはありませんでした...`);
				return;
			}

			signin(ctx, user, true);
		} else {
			const verifier = ctx.query.oauth_verifier;

			if (verifier == null) {
				ctx.throw(400, 'invalid session');
				return;
			}

			const get = new Promise<any>((res, rej) => {
				redis.get(userToken, async (_, twCtx) => {
					res(twCtx);
				});
			});

			const twCtx = await get;

			const result = await twAuth.done(JSON.parse(twCtx), verifier);

			const user = await User.findOneAndUpdate({
				host: null,
				token: userToken
			}, {
				$set: {
					twitter: {
						accessToken: result.accessToken,
						accessTokenSecret: result.accessTokenSecret,
						userId: result.userId,
						screenName: result.screenName
					}
				}
			});

			ctx.body = `Twitter: @${result.screenName} を、Misskey: @${user.username} に接続しました！`;

			// Publish i updated event
			event(user._id, 'i_updated', await pack(user, user, {
				detail: true,
				includeSecrets: true
			}));
		}
	});
}

module.exports = router;
wip 2018-04-12 23:06:18 +02:00			`import * as Koa from 'koa';`
			`import * as Router from 'koa-router';`
#939 2017-11-23 05:25:33 +01:00			`import * as uuid from 'uuid';`
wip 2017-01-21 05:17:35 +01:00			`import autwh from 'autwh';`
Introduce processor 2018-03-28 18:20:40 +02:00			`import redis from '../../../db/redis';`
wip 2018-04-12 23:06:18 +02:00			`import User, { pack, ILocalUser } from '../../../models/user';`
Introduce publishers directory 2018-04-02 06:33:46 +02:00			`import event from '../../../publishers/stream';`
Introduce config module 2018-04-02 06:15:53 +02:00			`import config from '../../../config';`
#939 2017-11-23 05:25:33 +01:00			`import signin from '../common/signin';`
wip 2017-01-21 05:17:35 +01:00
wip 2018-04-12 23:06:18 +02:00			`function getUserToken(ctx: Koa.Context) {`
			`return ((ctx.headers['cookie'] \|\| '').match(/i=(!\w+)/) \|\| [null, null])[1];`
			`}`
他のウェブサイトから直接MisskeyAPIを利用できるように 2017-12-10 10:08:28 +01:00
wip 2018-04-12 23:06:18 +02:00			`function compareOrigin(ctx: Koa.Context) {`
			`function normalizeUrl(url: string) {`
			`return url[url.length - 1] === '/' ? url.substr(0, url.length - 1) : url;`
他のウェブサイトから直接MisskeyAPIを利用できるように 2017-12-10 10:08:28 +01:00			`}`

wip 2018-04-12 23:06:18 +02:00			`const referer = ctx.headers['referer'];`
Refactor 2017-12-10 09:50:02 +01:00
wip 2018-04-12 23:06:18 +02:00			`return (normalizeUrl(referer) == normalizeUrl(config.url));`
			`}`
Refactor 2017-12-10 09:50:02 +01:00
wip 2018-04-12 23:06:18 +02:00			`// Init router`
			`const router = new Router();`

			`router.get('/disconnect/twitter', async ctx => {`
			`if (!compareOrigin(ctx)) {`
			`ctx.throw(400, 'invalid origin');`
			`return;`
			`}`
[API] Implement disconnect/twitter 2017-01-21 11:26:45 +01:00
wip 2018-04-12 23:06:18 +02:00			`const userToken = getUserToken(ctx);`
			`if (userToken == null) {`
			`ctx.throw(400, 'signin required');`
			`return;`
			`}`
[API] Implement disconnect/twitter 2017-01-21 11:26:45 +01:00
wip 2018-04-12 23:06:18 +02:00			`const user = await User.findOneAndUpdate({`
			`host: null,`
			`'token': userToken`
			`}, {`
			`$set: {`
			`'twitter': null`
			`}`
[API] Implement disconnect/twitter 2017-01-21 11:26:45 +01:00			`});`

wip 2018-04-12 23:06:18 +02:00			ctx.body = `Twitterの連携を解除しました :v:`;
#939 2017-11-23 05:25:33 +01:00
wip 2018-04-12 23:06:18 +02:00			`// Publish i updated event`
			`event(user._id, 'i_updated', await pack(user, user, {`
			`detail: true,`
			`includeSecrets: true`
			`}));`
			`});`
#939 2017-11-23 05:25:33 +01:00
wip 2018-04-12 23:06:18 +02:00			`if (config.twitter == null) {`
			`router.get('/connect/twitter', ctx => {`
			`ctx.body = '現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)';`
			`});`
wip 2017-01-21 05:17:35 +01:00
wip 2018-04-12 23:06:18 +02:00			`router.get('/signin/twitter', ctx => {`
			`ctx.body = '現在Twitterへ接続できません (このインスタンスではTwitterはサポートされていません)';`
			`});`
			`} else {`
wip 2017-01-21 05:17:35 +01:00			`const twAuth = autwh({`
			`consumerKey: config.twitter.consumer_key,`
Fix bug 2018-04-09 13:03:38 +02:00			`consumerSecret: config.twitter.consumer_secret,`
			callbackUrl: `${config.url}/api/tw/cb`
wip 2017-01-21 05:17:35 +01:00			`});`

wip 2018-04-12 23:06:18 +02:00			`router.get('/connect/twitter', async ctx => {`
			`if (!compareOrigin(ctx)) {`
			`ctx.throw(400, 'invalid origin');`
他のウェブサイトから直接MisskeyAPIを利用できるように 2017-12-10 10:08:28 +01:00			`return;`
			`}`

wip 2018-04-12 23:06:18 +02:00			`const userToken = getUserToken(ctx);`
			`if (userToken == null) {`
			`ctx.throw(400, 'signin required');`
			`return;`
			`}`
他のウェブサイトから直接MisskeyAPIを利用できるように 2017-12-10 10:08:28 +01:00
wip 2018-04-12 23:06:18 +02:00			`const twCtx = await twAuth.begin();`
			`redis.set(userToken, JSON.stringify(twCtx));`
			`ctx.redirect(twCtx.url);`
wip 2017-01-21 05:17:35 +01:00			`});`

wip 2018-04-12 23:06:18 +02:00			`router.get('/signin/twitter', async ctx => {`
			`const twCtx = await twAuth.begin();`
#939 2017-11-23 05:25:33 +01:00
			`const sessid = uuid();`

wip 2018-04-12 23:06:18 +02:00			`redis.set(sessid, JSON.stringify(twCtx));`
#939 2017-11-23 05:25:33 +01:00
			`const expires = 1000 * 60 * 60; // 1h`
wip 2018-04-12 23:06:18 +02:00			`ctx.cookies.set('signin_with_twitter_session_id', sessid, {`
#939 2017-11-23 05:25:33 +01:00			`path: '/',`
wip 2018-04-12 23:06:18 +02:00			`domain: config.host,`
			`secure: config.url.startsWith('https'),`
#939 2017-11-23 05:25:33 +01:00			`httpOnly: true,`
			`expires: new Date(Date.now() + expires),`
			`maxAge: expires`
			`});`

wip 2018-04-12 23:06:18 +02:00			`ctx.redirect(twCtx.url);`
#939 2017-11-23 05:25:33 +01:00			`});`

Fix bug 2018-04-13 23:27:17 +02:00			`router.get('/tw/cb', async ctx => {`
wip 2018-04-12 23:06:18 +02:00			`const userToken = getUserToken(ctx);`
Refactor 2017-12-10 09:50:02 +01:00
			`if (userToken == null) {`
wip 2018-04-12 23:06:18 +02:00			`const sessid = ctx.cookies.get('signin_with_twitter_session_id');`
#939 2017-11-23 05:25:33 +01:00
wip 2018-04-12 23:06:18 +02:00			`if (sessid == null) {`
			`ctx.throw(400, 'invalid session');`
他のウェブサイトから直接MisskeyAPIを利用できるように 2017-12-10 10:08:28 +01:00			`return;`
#944 2017-11-23 07:59:32 +01:00			`}`

Fix bug 2018-04-13 23:41:33 +02:00			`const get = new Promise<any>((res, rej) => {`
			`redis.get(sessid, async (_, twCtx) => {`
			`res(twCtx);`
			`});`
			`});`
#939 2017-11-23 05:25:33 +01:00
Fix bug 2018-04-13 23:41:33 +02:00			`const twCtx = await get;`
#939 2017-11-23 05:25:33 +01:00
Fix bug 2018-04-13 23:41:33 +02:00			`const result = await twAuth.done(JSON.parse(twCtx), ctx.query.oauth_verifier);`
#944 2017-11-23 07:59:32 +01:00
Fix bug 2018-04-13 23:41:33 +02:00			`const user = await User.findOne({`
			`host: null,`
			`'twitter.userId': result.userId`
			`}) as ILocalUser;`

			`if (user == null) {`
			ctx.throw(404, `@${result.screenName}と連携しているMisskeyアカウントはありませんでした...`);
			`return;`
			`}`

			`signin(ctx, user, true);`
#944 2017-11-23 07:59:32 +01:00			`} else {`
wip 2018-04-12 23:06:18 +02:00			`const verifier = ctx.query.oauth_verifier;`
他のウェブサイトから直接MisskeyAPIを利用できるように 2017-12-10 10:08:28 +01:00
			`if (verifier == null) {`
wip 2018-04-12 23:06:18 +02:00			`ctx.throw(400, 'invalid session');`
他のウェブサイトから直接MisskeyAPIを利用できるように 2017-12-10 10:08:28 +01:00			`return;`
			`}`

Fix bug 2018-04-13 23:27:17 +02:00			`const get = new Promise<any>((res, rej) => {`
			`redis.get(userToken, async (_, twCtx) => {`
			`res(twCtx);`
#944 2017-11-23 07:59:32 +01:00			`});`
Fix bug 2018-04-13 23:27:17 +02:00			`});`

			`const twCtx = await get;`
#939 2017-11-23 05:25:33 +01:00
Fix bug 2018-04-13 23:27:17 +02:00			`const result = await twAuth.done(JSON.parse(twCtx), verifier);`
#939 2017-11-23 05:25:33 +01:00
Fix bug 2018-04-13 23:27:17 +02:00			`const user = await User.findOneAndUpdate({`
			`host: null,`
			`token: userToken`
			`}, {`
			`$set: {`
			`twitter: {`
			`accessToken: result.accessToken,`
			`accessTokenSecret: result.accessTokenSecret,`
			`userId: result.userId,`
			`screenName: result.screenName`
			`}`
			`}`
#944 2017-11-23 07:59:32 +01:00			`});`
Fix bug 2018-04-13 23:27:17 +02:00
			ctx.body = `Twitter: @${result.screenName} を、Misskey: @${user.username} に接続しました！`;

			`// Publish i updated event`
			`event(user._id, 'i_updated', await pack(user, user, {`
			`detail: true,`
			`includeSecrets: true`
			`}));`
#944 2017-11-23 07:59:32 +01:00			`}`
#939 2017-11-23 05:25:33 +01:00			`});`
wip 2018-04-12 23:06:18 +02:00			`}`

			`module.exports = router;`