LBRYCommunity/spee.ch
1
0
Fork 0
Code Issues 95 Pull requests 2 Projects Releases 4 Packages Wiki Activity

updated publish command to take claim_id

Browse source
This commit is contained in:
bill bittner 2018-03-05 14:44:37 -08:00
parent a999ee9e8e
commit 7b7c435571
5 changed files with 93 additions and 107 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

72
auth/authentication.js
View file

@ -2,31 +2,71 @@ const db = require('../models');
const logger = require('winston'); const logger = require('winston');
module.exports = { module.exports = {
authenticateChannelCredentials (channelName, userPassword) { authenticateUser (channelName, channelId, channelPassword, user) {
// case: no channelName or channel Id are provided (anonymous), regardless of whether user token is provided
if (!channelName && !channelId) {
return {
channelName : null,
channelClaimId: null,
};
}
// case: channelName or channel Id are provided with user token
if (user) {
if (channelName && channelName !== user.channelName) {
throw new Error('the provided channel name does not match user credentials');
}
if (channelId && channelId !== user.channelClaimId) {
throw new Error('the provided channel id does not match user credentials');
}
return {
channelName : user.channelName,
channelClaimId: user.channelClaimId,
};
}
// case: channelName or channel Id are provided with password instead of user token
if (!channelPassword) throw new Error('no channel password provided');
return module.exports.authenticateChannelCredentials(channelName, channelId, channelPassword);
},
authenticateChannelCredentials (channelName, channelId, userPassword) {
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
const userName = channelName.substring(1); // hoisted variables
logger.debug(`authenticateChannelCredentials > channelName: ${channelName} username: ${userName} pass: ${userPassword}`); let channelData;
db.User // build the params for finding the channel
.findOne({where: { userName }}) let channelFindParams = {};
if (channelName) channelFindParams['channelName'] = channelName;
if (channelId) channelFindParams['channelClaimId'] = channelId;
// find the channel
db.Channel
.findOne({
where: channelFindParams,
})
.then(channel => {
if (!channel) {
logger.debug('no channel found');
throw new Error('Authentication failed, you do not have access to that channel');
}
channelData = channel.get();
logger.debug('channel data:', channelData);
return db.User.findOne({
where: { userName: channelData.channelName.substring(1) },
});
})
.then(user => { .then(user => {
if (!user) { if (!user) {
logger.debug('no user found'); logger.debug('no user found');
resolve(false); throw new Error('Authentication failed, you do not have access to that channel');
return;
} }
return user.comparePassword(userPassword, (passwordErr, isMatch) => { return user.comparePassword(userPassword, (passwordErr, isMatch) => {
if (passwordErr) { if (passwordErr) {
logger.error('comparePassword error:', passwordErr); logger.error('comparePassword error:', passwordErr);
resolve(false); throw new Error('Authentication failed, you do not have access to that channel');
return;
} }
if (!isMatch) { if (!isMatch) {
logger.debug('incorrect password'); logger.debug('incorrect password');
resolve(false); throw new Error('Authentication failed, you do not have access to that channel');
return;
} }
logger.debug('...password was a match...'); logger.debug('...password was a match...');
resolve(true); resolve(channelData);
}); });
}) })
.catch(error => { .catch(error => {
@ -34,12 +74,4 @@ module.exports = {
}); });
}); });
}, },
authenticateIfNoUserToken (channelName, channelPassword, user) {
return new Promise((resolve, reject) => {
if (user || !channelName) {
return resolve(true);
}
return resolve(module.exports.authenticateChannelCredentials(channelName, channelPassword));
});
},
}; };

21
controllers/publishController.js
View file

@ -86,10 +86,9 @@ module.exports = {
}); });
}); });
}, },
checkClaimNameAvailability (name) { validateClaimName (name) {
return new Promise((resolve, reject) => {
// find any records where the name is used // find any records where the name is used
db.File.findAll({ where: { name } }) return db.File.findAll({ where: { name } })
.then(result => { .then(result => {
if (result.length >= 1) { if (result.length >= 1) {
const claimAddress = config.wallet.lbryClaimAddress; const claimAddress = config.wallet.lbryClaimAddress;
@ -99,17 +98,11 @@ module.exports = {
}); });
// return based on whether any non-spee.ch claims were left // return based on whether any non-spee.ch claims were left
if (filteredResult.length >= 1) { if (filteredResult.length >= 1) {
resolve(false); throw new Error('That claim is already in use');
} else { };
resolve(true); return name;
} };
} else { return name;
resolve(true);
}
})
.catch(error => {
reject(error);
});
}); });
}, },
checkChannelAvailability (name) { checkChannelAvailability (name) {

30
helpers/publishHelpers.js
View file

@ -57,30 +57,6 @@ module.exports = {
fileType: file.type, fileType: file.type,
}; };
}, },
parsePublishApiChannel ({channelName, channelPassword}, user) {
logger.debug('publish api parser input:', {channelName, channelPassword, user});
// if anonymous or '' provided, publish will be anonymous (even if client is logged in)
// if a channel name is provided...
if (channelName) {
// make sure a password was provided if no user token is provided
if (!user && !channelPassword) {
throw new Error('Unauthenticated channel name provided without password');
}
// if request comes from the client with a token
// ensure this publish uses that channel name
if (user) {
channelName = user.channelName;
} ;
// add the @ if the channel name is missing it
if (channelName.indexOf('@') !== 0) {
channelName = `@${channelName}`;
}
}
return {
channelName,
channelPassword,
};
},
validateFileTypeAndSize (file) { validateFileTypeAndSize (file) {
// check file type and size // check file type and size
switch (file.type) { switch (file.type) {
@ -110,7 +86,7 @@ module.exports = {
} }
return file; return file;
}, },
createPublishParams (filePath, name, title, description, license, nsfw, thumbnail, channelName) { createPublishParams (filePath, name, title, description, license, nsfw, thumbnail) {
logger.debug(`Creating Publish Parameters`); logger.debug(`Creating Publish Parameters`);
// provide defaults for title // provide defaults for title
if (title === null || title.trim() === '') { if (title === null || title.trim() === '') {
@ -143,10 +119,6 @@ module.exports = {
if (thumbnail !== null) { if (thumbnail !== null) {
publishParams['metadata']['thumbnail'] = thumbnail; publishParams['metadata']['thumbnail'] = thumbnail;
} }
// add channel to params, if applicable
if (channelName) {
publishParams['channel_name'] = channelName;
}
return publishParams; return publishParams;
}, },
deleteTemporaryFile (filePath) { deleteTemporaryFile (filePath) {

8
react/containers/PublishUrlInput/view.jsx
View file

@ -38,13 +38,9 @@ class PublishUrlInput extends React.Component {
} }
checkClaimIsAvailable (claim) { checkClaimIsAvailable (claim) {
request(`/api/claim/availability/${claim}`) request(`/api/claim/availability/${claim}`)
.then(isAvailable => { .then(validatedClaimName => {
// console.log('checkClaimIsAvailable request response:', isAvailable); console.log('api/claim/availability response:', validatedClaimName);
if (isAvailable) {
this.props.onUrlError(null); this.props.onUrlError(null);
} else {
this.props.onUrlError('That url has already been claimed');
}
}) })
.catch((error) => { .catch((error) => {
this.props.onUrlError(error.message); this.props.onUrlError(error.message);

45
routes/api-routes.js
View file

@ -3,12 +3,12 @@ const multipart = require('connect-multiparty');
const { files, site } = require('../config/speechConfig.js'); const { files, site } = require('../config/speechConfig.js');
const multipartMiddleware = multipart({uploadDir: files.uploadDirectory}); const multipartMiddleware = multipart({uploadDir: files.uploadDirectory});
const db = require('../models'); const db = require('../models');
const { checkClaimNameAvailability, checkChannelAvailability, publish } = require('../controllers/publishController.js'); const { validateClaimName, checkChannelAvailability, publish } = require('../controllers/publishController.js');
const { getClaimList, resolveUri, getClaim } = require('../helpers/lbryApi.js'); const { getClaimList, resolveUri, getClaim } = require('../helpers/lbryApi.js');
const { createPublishParams, parsePublishApiRequestBody, parsePublishApiRequestFiles, parsePublishApiChannel, addGetResultsToFileData, createFileData } = require('../helpers/publishHelpers.js'); const { createPublishParams, parsePublishApiRequestBody, parsePublishApiRequestFiles, addGetResultsToFileData, createFileData } = require('../helpers/publishHelpers.js');
const errorHandlers = require('../helpers/errorHandlers.js'); const errorHandlers = require('../helpers/errorHandlers.js');
const { sendGAAnonymousPublishTiming, sendGAChannelPublishTiming } = require('../helpers/googleAnalytics.js'); const { sendGAAnonymousPublishTiming, sendGAChannelPublishTiming } = require('../helpers/googleAnalytics.js');
const { authenticateIfNoUserToken } = require('../auth/authentication.js'); const { authenticateUser } = require('../auth/authentication.js');
const { getChannelData, getChannelClaims, getClaimId } = require('../controllers/serveController.js'); const { getChannelData, getChannelClaims, getClaimId } = require('../controllers/serveController.js');
const NO_CHANNEL = 'NO_CHANNEL'; const NO_CHANNEL = 'NO_CHANNEL';
@ -108,13 +108,9 @@ module.exports = (app) => {
}); });
// route to check whether this site published to a claim // route to check whether this site published to a claim
app.get('/api/claim/availability/:name', ({ ip, originalUrl, params }, res) => { app.get('/api/claim/availability/:name', ({ ip, originalUrl, params }, res) => {
checkClaimNameAvailability(params.name) validateClaimName(params.name)
.then(result => { .then(result => {
if (result === true) { res.status(200).json(result);
res.status(200).json(true);
} else {
res.status(200).json(false);
}
}) })
.catch(error => { .catch(error => {
errorHandlers.handleErrorResponse(originalUrl, ip, error, res); errorHandlers.handleErrorResponse(originalUrl, ip, error, res);
@ -135,7 +131,7 @@ module.exports = (app) => {
logger.debug('api/claim-publish body:', body); logger.debug('api/claim-publish body:', body);
logger.debug('api/claim-publish files:', files); logger.debug('api/claim-publish files:', files);
// define variables // define variables
let name, fileName, filePath, fileType, nsfw, license, title, description, thumbnail, channelName, channelPassword; let name, fileName, filePath, fileType, nsfw, license, title, description, thumbnail, channelName, channelId, channelPassword;
// record the start time of the request // record the start time of the request
const publishStartTime = Date.now(); const publishStartTime = Date.now();
// validate the body and files of the request // validate the body and files of the request
@ -143,27 +139,24 @@ module.exports = (app) => {
// validateApiPublishRequest(body, files); // validateApiPublishRequest(body, files);
({name, nsfw, license, title, description, thumbnail} = parsePublishApiRequestBody(body)); ({name, nsfw, license, title, description, thumbnail} = parsePublishApiRequestBody(body));
({fileName, filePath, fileType} = parsePublishApiRequestFiles(files)); ({fileName, filePath, fileType} = parsePublishApiRequestFiles(files));
({channelName, channelPassword} = parsePublishApiChannel(body, user)); ({channelName, channelId, channelPassword} = body);
} catch (error) { } catch (error) {
return res.status(400).json({success: false, message: error.message}); return res.status(400).json({success: false, message: error.message});
} }
// check channel authorization // check channel authorization
authenticateIfNoUserToken(channelName, channelPassword, user) Promise.all([
.then(authenticated => { authenticateUser(channelName, channelId, channelPassword, user),
if (!authenticated) { validateClaimName(name),
throw new Error('Authentication failed, you do not have access to that channel'); createPublishParams(filePath, name, title, description, license, nsfw, thumbnail),
])
.then(([{channelName, channelClaimId}, validatedClaimName, publishParams]) => {
// add channel details to the publish params
if (channelName && channelClaimId) {
publishParams['channel_name'] = channelName;
publishParams['channel_id'] = channelClaimId;
} }
// make sure the claim name is available logger.debug('validated claim name:', validatedClaimName);
return checkClaimNameAvailability(name); logger.debug('publish params:', publishParams);
})
.then(result => {
if (!result) {
throw new Error('That name is already claimed by another user.');
}
// create publish parameters object
return createPublishParams(filePath, name, title, description, license, nsfw, thumbnail, channelName);
})
.then(publishParams => {
// publish the asset // publish the asset
return publish(publishParams, fileName, fileType); return publish(publishParams, fileName, fileType);
}) })