const logger = require('winston'); const multipart = require('connect-multiparty'); const config = require('../config/speechConfig.js'); const multipartMiddleware = multipart({uploadDir: config.files.uploadDirectory}); const db = require('../models'); const { publish } = require('../controllers/publishController.js'); const { getClaimList, resolveUri, getClaim } = require('../helpers/lbryApi.js'); const { createPublishParams, validateApiPublishRequest, validatePublishSubmission, cleanseChannelName, cleanseUserName, checkClaimNameAvailability, checkChannelAvailability } = require('../helpers/publishHelpers.js'); const errorHandlers = require('../helpers/errorHandlers.js'); const { authenticateOrSkip } = require('../auth/authentication.js'); function addGetResultsToFileData (fileInfo, getResult) { fileInfo.fileName = getResult.file_name; fileInfo.filePath = getResult.download_path; return fileInfo; } function createFileData ({ name, claimId, outpoint, height, address, nsfw, contentType }) { return { name, claimId, outpoint, height, address, fileName: '', filePath: '', fileType: contentType, nsfw, }; } module.exports = (app) => { // route to run a claim_list request on the daemon app.get('/api/claim-list/:name', ({ ip, originalUrl, params }, res) => { getClaimList(params.name) .then(claimsList => { res.status(200).json(claimsList); }) .catch(error => { errorHandlers.handleApiError(originalUrl, ip, error, res); }); }); // route to see if asset is available locally app.get('/api/file-is-available/:name/:claimId', ({ ip, originalUrl, params }, res) => { const name = params.name; const claimId = params.claimId; let isLocalFileAvailable = false; db.File.findOne({where: {name, claimId}}) .then(result => { if (result) { isLocalFileAvailable = true; } res.status(200).json({status: 'success', message: isLocalFileAvailable}); }) .catch(error => { errorHandlers.handleApiError(originalUrl, ip, error, res); }); }); // route to get an asset app.get('/api/claim-get/:name/:claimId', ({ ip, originalUrl, params }, res) => { const name = params.name; const claimId = params.claimId; // resolve the claim db.Claim.resolveClaim(name, claimId) .then(resolveResult => { // make sure a claim actually exists at that uri if (!resolveResult) { throw new Error('No matching uri found in Claim table'); } let fileData = createFileData(resolveResult); // get the claim return Promise.all([fileData, getClaim(`${name}#${claimId}`)]); }) .then(([ fileData, getResult ]) => { fileData = addGetResultsToFileData(fileData, getResult); return Promise.all([db.upsert(db.File, fileData, {name, claimId}, 'File'), getResult]); }) .then(([ fileRecord, {message, completed} ]) => { res.status(200).json({ status: 'success', message, completed }); }) .catch(error => { errorHandlers.handleApiError(originalUrl, ip, error, res); }); }); // route to check whether spee.ch has published to a claim app.get('/api/claim-is-available/:name', ({ params }, res) => { checkClaimNameAvailability(params.name) .then(result => { if (result === true) { res.status(200).json(true); } else { // logger.debug(`Rejecting '${params.name}' because that name has already been claimed on spee.ch`); res.status(200).json(false); } }) .catch(error => { res.status(500).json(error); }); }); // route to check whether spee.ch has published to a channel app.get('/api/channel-is-available/:name', ({ params }, res) => { checkChannelAvailability(params.name) .then(result => { if (result === true) { res.status(200).json(true); } else { // logger.debug(`Rejecting '${params.name}' because that channel has already been claimed on spee.ch`); res.status(200).json(false); } }) .catch(error => { res.status(500).json(error); }); }); // route to run a resolve request on the daemon app.get('/api/claim-resolve/:uri', ({ headers, ip, originalUrl, params }, res) => { resolveUri(params.uri) .then(resolvedUri => { res.status(200).json(resolvedUri); }) .catch(error => { errorHandlers.handleApiError(originalUrl, ip, error, res); }); }); // route to run a publish request on the daemon app.post('/api/claim-publish', multipartMiddleware, ({ body, files, ip, originalUrl, user }, res) => { let file, fileName, filePath, fileType, name, nsfw, license, title, description, thumbnail, anonymous, skipAuth, channelName, channelPassword; // validate that mandatory parts of the request are present try { validateApiPublishRequest(body, files); } catch (error) { logger.debug('publish request rejected, insufficient request parameters'); res.status(400).json({success: false, message: error.message}); return; } // validate file, name, license, and nsfw file = files.file; fileName = file.path.substring(file.path.lastIndexOf('/') + 1); filePath = file.path; fileType = file.type; name = body.name; nsfw = (body.nsfw === 'true'); try { validatePublishSubmission(file, name, nsfw); } catch (error) { logger.debug('publish request rejected'); res.status(400).json({success: false, message: error.message}); return; } // optional inputs license = body.license || null; title = body.title || null; description = body.description || null; thumbnail = body.thumbnail || null; anonymous = (body.channelName === 'null') || (body.channelName === undefined); if (user) { channelName = user.channelName || null; } else { channelName = body.channelName || null; } channelPassword = body.channelPassword || null; skipAuth = false; // case 1: publish from spee.ch, client logged in if (user) { skipAuth = true; if (anonymous) { channelName = null; } // case 2: publish from api or spee.ch, client not logged in } else { if (anonymous) { skipAuth = true; channelName = null; } } channelName = cleanseChannelName(channelName); logger.debug(`name: ${name}, license: ${license} title: "${title}" description: "${description}" channelName: "${channelName}" channelPassword: "${channelPassword}" nsfw: "${nsfw}"`); // check channel authorization authenticateOrSkip(skipAuth, channelName, channelPassword) .then(authenticated => { if (!authenticated) { throw new Error('Authentication failed, you do not have access to that channel'); } // make sure the claim name is available return checkClaimNameAvailability(name); }) .then(result => { if (!result) { throw new Error('That name is already in use by spee.ch.'); } // create publish parameters object return createPublishParams(filePath, name, title, description, license, nsfw, thumbnail, channelName); }) .then(publishParams => { logger.debug('publishParams:', publishParams); // publish the asset return publish(publishParams, fileName, fileType); }) .then(result => { res.status(200).json({ success: true, message: { name, url : `spee.ch/${result.claim_id}/${name}`, lbryTx: result, }, }); }) .catch(error => { errorHandlers.handleApiError(originalUrl, ip, error, res); }); }); // route to get a short claim id from long claim Id app.get('/api/claim-shorten-id/:longId/:name', ({ params }, res) => { db.Claim.getShortClaimIdFromLongClaimId(params.longId, params.name) .then(shortId => { res.status(200).json(shortId); }) .catch(error => { logger.error('api error getting short channel id', error); res.status(400).json(error.message); }); }); // route to get a short channel id from long channel Id app.get('/api/channel-shorten-id/:longId/:name', ({ ip, originalUrl, params }, res) => { db.Certificate.getShortChannelIdFromLongChannelId(params.longId, params.name) .then(shortId => { logger.debug('sending back short channel id', shortId); res.status(200).json(shortId); }) .catch(error => { logger.error('api error getting short channel id', error); errorHandlers.handleApiError(originalUrl, ip, error, res); }); }); app.put('/api/password', ({ body, ip, originalUrl }, res) => { let userName; let { channelName, oldPassword, newPassword } = body; // validate all necessary params were provided if (!channelName || !oldPassword || !newPassword) { res.status(400).json({success: false, message: 'provide channelName, oldPassword, and newPassword'}); } // cleanse channel name userName = cleanseUserName(channelName); // validate password and respond db .User .findOne({where: {userName: userName}}) .then(user => { if (!user) { return res.status(401).json({success: false, message: 'Incorrect username or password.'}); } return user.comparePassword(oldPassword, (passwordErr, isMatch) => { if (passwordErr) { throw passwordErr; } if (!isMatch) { return res.status(401).json({success: false, message: 'Incorrect username or password.'}); } logger.debug('Password was a match, updating password'); return user .changePassword(newPassword) .then(() => { logger.debug('Password successfully updated'); res.status(200).json({success: true, message: 'password successfully changed'}); }) .catch(error => { throw error; }); }); }) .catch(error => { errorHandlers.handleApiError('password reset', originalUrl, ip, error, res); }); }); };