@abtnode/webapp 1.8.63-beta-a36b5e1a → 1.8.63

package/api/routes/auth/switch-profile.js

@@ -1,69 +0,0 @@
-const path = require('path');
-const get = require('lodash/get');
-
-const { messages } = require('@abtnode/auth/lib/auth');
-const formatContext = require('@abtnode/util/lib/format-context');
-const { extractUserAvatar } = require('@abtnode/util/lib/user-avatar');
-const { NODE_DATA_DIR_NAME } = require('@abtnode/constant');
-
-module.exports = function createRoutes(node) {
-  return {
-    action: 'switch-profile',
-    onConnect: async ({ userDid, extraParams: { locale, connectedDid } }) => {
-      if (userDid && connectedDid && userDid !== connectedDid) {
-        throw new Error(messages.userMismatch[locale]);
-      }
-
-      const info = await node.getNodeInfo();
-      const user = await node.getUser({ teamDid: info.did, user: { did: userDid } });
-      if (!user) {
-        throw new Error(messages.notAllowed[locale]);
-      }
-      if (!user.approved) {
-        throw new Error(messages.notAuthorized[locale]);
-      }
-
-      return {
-        profile: {
-          fields: ['fullName', 'email', 'avatar'],
-          description: messages.requestProfile[locale],
-        },
-      };
-    },
-
-    onAuth: async ({ claims, userDid, extraParams: { locale }, req }) => {
-      const info = await node.getNodeInfo();
-      const user = await node.getUser({ teamDid: info.did, user: { did: userDid } });
-
-      if (!user) {
-        throw new Error(messages.notAllowed[locale]);
-      }
-      if (!user.approved) {
-        throw new Error(messages.notAuthorized[locale]);
-      }
-
-      const profile = claims.find(x => x.type === 'profile');
-
-      const doc = await node.updateUser({
-        teamDid: info.did,
-        user: {
-          ...user,
-          ...profile,
-          avatar: await extractUserAvatar(get(profile, 'avatar'), {
-            dataDir: path.join(node.dataDirs.data, NODE_DATA_DIR_NAME),
-          }),
-          locale,
-        },
-      });
-      await node.createAuditLog(
-        {
-          action: 'switchProfile',
-          args: { teamDid: info.did, userDid, profile },
-          context: formatContext(Object.assign(req, { user })),
-          result: doc,
-        },
-        node
-      );
-    },
-  };
-};

package/api/routes/auth/util.js

@@ -1,135 +0,0 @@
-const { createPassport, createPassportVC, createUserPassport } = require('@abtnode/auth/lib/passport');
-const { ROLES, VC_TYPE_NODE_PASSPORT } = require('@abtnode/constant');
-const formatContext = require('@abtnode/util/lib/format-context');
-const { getPassportStatusEndpoint } = require('@abtnode/auth/lib/auth');
-const { authenticateByNFT, getOwnershipNFTClaim } = require('@abtnode/auth/lib/server');
-const getNodeWallet = require('@abtnode/util/lib/get-app-wallet');
-const { messages } = require('@abtnode/auth/lib/auth');
-
-const logger = require('@abtnode/logger')(require('../../../package.json').name);
-const { createSessionToken } = require('../../libs/login');
-
-const localMessages = {
-  requestProfile: {
-    en: 'This node has already been accepted, please login.',
-    zh: '请提供节点所有者信息',
-  },
-  alreadyAccepted: {
-    en: 'Already accepted, please login',
-    zh: '已经接受过该节点，请登录。',
-  },
-};
-
-const onAddNodeOwnerAuth = async ({
-  action,
-  req,
-  node,
-  baseUrl,
-  claims,
-  userDid,
-  locale,
-  challenge,
-  userPk,
-  updateSession,
-}) => {
-  // get profile
-  const profile = claims.find(x => x.type === 'profile');
-  if (!profile) {
-    throw new Error(messages.missingProfileClaim[locale]);
-  }
-
-  const { teamDid, ownerDid, ownerNFT } = await authenticateByNFT({ node, claims, userDid, challenge, locale });
-
-  const info = await node.getNodeInfo();
-
-  const newOwnerInfo = { did: userDid, pk: userPk };
-
-  const ownerNft = info.ownerNft || {};
-  // 只有在 action 是 accept-server 时才需要更新 ownerNft
-  if (action === 'accept-server') {
-    // 更新 ownerNft holder
-    ownerNft.holder = ownerDid;
-  } else {
-    // 添加新用户
-    ownerNft.did = ownerNFT;
-  }
-
-  await node.updateNodeOwner({ nodeOwner: newOwnerInfo, ownerNft });
-
-  logger.info('verify owner to node', { userDid });
-
-  const passportVC = createPassportVC({
-    issuerName: info.name,
-    issuerWallet: getNodeWallet(info.sk),
-    ownerDid: userDid,
-    passport: await createPassport({
-      name: ROLES.OWNER,
-      node,
-      teamDid,
-      locale,
-      endpoint: baseUrl,
-    }),
-    endpoint: getPassportStatusEndpoint({
-      baseUrl,
-      userDid,
-      teamDid,
-    }),
-    types: [VC_TYPE_NODE_PASSPORT],
-    tag: info.did,
-    ownerProfile: profile,
-    preferredColor: 'default',
-  });
-
-  const role = ROLES.OWNER;
-  const passport = createUserPassport(passportVC, { role });
-
-  // Add owner as approved member
-  const doc = await node.addUser({
-    teamDid,
-    user: {
-      ...profile,
-      did: userDid,
-      pk: userPk,
-      approved: true,
-      locale,
-      passports: [passport],
-      firstLoginAt: new Date().toISOString(),
-      lastLoginAt: new Date().toISOString(),
-    },
-  });
-  await node.createAuditLog(
-    {
-      action: 'addUser',
-      args: { teamDid, userDid, reason: 'claim server with server nft' },
-      context: formatContext(Object.assign(req, { user: doc })),
-      result: doc,
-    },
-    node
-  );
-
-  // Generate new session token that client can save to localStorage
-  const sessionToken = await createSessionToken(userDid, { passport, role });
-  await updateSession({ sessionToken }, true);
-
-  // Issue owner passport
-  return {
-    disposition: 'attachment',
-    type: 'VerifiableCredential',
-    data: passportVC,
-  };
-};
-
-const getAssetProfile =
-  node =>
-  ({ extraParams: { locale } }) => {
-    return getOwnershipNFTClaim(node, locale);
-  };
-
-const getProfileClaim = async locale => {
-  return {
-    fields: ['fullName', 'email', 'avatar'],
-    description: localMessages.requestProfile[locale],
-  };
-};
-
-module.exports = { getAssetProfile, getProfileClaim, onAddNodeOwnerAuth };

package/api/routes/auth/verify-owner.js

@@ -1,39 +0,0 @@
-const { messages } = require('@abtnode/auth/lib/auth');
-
-const { onAddNodeOwnerAuth, getProfileClaim, getAssetProfile } = require('./util');
-
-module.exports = function createRoutes(node) {
-  return {
-    action: 'verify-owner',
-    onConnect: () => {
-      return {
-        asset: getAssetProfile(node),
-        profile: async ({ extraParams: { locale } }) => {
-          if (await node.isInitialized()) {
-            throw new Error(messages.alreadyInitiated[locale]);
-          }
-
-          return getProfileClaim(locale);
-        },
-      };
-    },
-
-    onAuth: async ({ claims, userDid, userPk, challenge, updateSession, extraParams: { locale }, req, baseUrl }) => {
-      if (await node.isInitialized()) {
-        throw new Error(messages.alreadyInitiated[locale]);
-      }
-
-      return onAddNodeOwnerAuth({
-        node,
-        req,
-        claims,
-        userDid,
-        userPk,
-        challenge,
-        updateSession,
-        locale,
-        baseUrl,
-      });
-    },
-  };
-};

package/api/routes/auth/verify-purchase.js

@@ -1,185 +0,0 @@
-const get = require('lodash/get');
-const { isFreeBlocklet } = require('@blocklet/meta/lib/util');
-const { BlockletEvents } = require('@blocklet/constant');
-const { VC_TYPE_BLOCKLET_PURCHASE } = require('@abtnode/constant');
-const { messages: defaultMessages, getVCFromClaims } = require('@abtnode/auth/lib/auth');
-const logger = require('@abtnode/logger')(require('../../../package.json').name);
-
-const { getBlockletUrl } = require('../../util');
-
-const messages = {
-  ...defaultMessages,
-  requestCredential: {
-    en: 'Please provide blocklet purchase NFT',
-    zh: '请提供 Blocklet 购买凭证 NFT',
-  },
-  missingCredentialClaim: {
-    en: 'Blocklet purchase NFT not provided',
-    zh: '请提供 Blocklet 购买凭证 NFT',
-  },
-  missingChallenge: {
-    en: 'Purchase NFT presentation does not include valid challenge',
-    zh: '购买 NFT 中缺少正确的随机因子',
-  },
-  invalidCredentialType: {
-    en: `Invalid blocklet purchase NFT type, expect ${VC_TYPE_BLOCKLET_PURCHASE}`,
-    zh: `无效的 Blocklet 购买凭证 NFT 类型，必须是 ${VC_TYPE_BLOCKLET_PURCHASE}`,
-  },
-  blockletDidNotMatch: {
-    en: 'This NFT is for another blocklet',
-    zh: '购买凭证和要安装的 Blocklet 不匹配',
-  },
-  invalidCredentialProof: {
-    en: 'Invalid blocklet purchase NFT signature proof',
-    zh: '无效的购买凭证签名',
-  },
-  purchaseNotRequired: {
-    en: 'This blocklet is free and does not require any purchase',
-    zh: '该 Blocklet 可免费安装，不需要购买',
-  },
-  alreadyInstalled: {
-    en: 'This blocklet is already installed on this server',
-    zh: '该 Blocklet 已经安装，不需要购买',
-  },
-  rootBlockletNotInstalled: {
-    en: 'The blocklet cannot be mounted to a blocklet that is not installed',
-    zh: '该 Blocklet 无法挂载到未安装的 Blocklet',
-  },
-  sessionNotFound: {
-    en: 'Purchase session not found',
-    zh: '购买会话不存在',
-  },
-};
-
-const getTrustedIssuers = registryId => [registryId];
-
-const vcTypes = [VC_TYPE_BLOCKLET_PURCHASE];
-
-module.exports = function createRoutes(node) {
-  const { node: nodeState } = node.states;
-  return {
-    action: 'verify-purchase',
-    claims: {
-      verifiableCredential: async ({ extraParams: { locale, sid } }) => {
-        const session = await node.getSession({ id: sid });
-        if (!session) {
-          throw new Error(messages.sessionNotFound[locale]);
-        }
-
-        let exist;
-        let result;
-        let info;
-
-        if (session.type === 'component') {
-          let blocklet;
-
-          [blocklet, result, info] = await Promise.all([
-            node.getBlocklet({ did: session.rootDid, attachConfig: false }),
-            node.getBlockletMetaFromUrl({ url: session.url }),
-            // FIXME: session.url must be a meta url in a blocklet store
-            node.getRegistryMeta(new URL(session.url).origin),
-          ]);
-
-          if (!blocklet) {
-            throw new Error(messages.rootBlockletNotInstalled[locale]);
-          }
-
-          exist = blocklet.children.find(x => x.meta.did === result.meta.did);
-        } else {
-          [exist, result, info] = await Promise.all([
-            node.getBlocklet({ did: session.blockletDid, attachConfig: false }),
-            node.getBlockletMetaFromUrl({ url: getBlockletUrl(session.registryUrl, session.blockletDid) }),
-            node.getRegistryMeta(session.registryUrl),
-          ]);
-        }
-
-        if (exist) {
-          throw new Error(messages.alreadyInstalled[locale]);
-        }
-
-        if (isFreeBlocklet(result.meta) === true) {
-          throw new Error(messages.purchaseNotRequired[locale]);
-        }
-
-        return {
-          description: messages.requestCredential[locale],
-          item: vcTypes,
-          trustedIssuers: getTrustedIssuers(info.id),
-          tag: result.meta.did,
-        };
-      },
-    },
-
-    onError: async ({ err, extraParams: { sid } }) => {
-      const session = await node.updateSession({ id: sid, data: { status: 'error', message: err.message } });
-      nodeState.emit(BlockletEvents.purchaseChange, { did: session.blockletDid, session });
-      logger.error('emit blocklet purchase error event', session);
-    },
-
-    onDecline: async ({ extraParams: { sid } }) => {
-      const session = await node.updateSession({ id: sid, data: { status: 'declined' } });
-      nodeState.emit(BlockletEvents.purchaseChange, { did: session.blockletDid, session });
-      logger.info('emit blocklet purchase decline event', session);
-    },
-
-    onAuth: async ({ userDid, claims, challenge, extraParams: { sid, locale } }) => {
-      const session = await node.getSession({ id: sid });
-      if (!session) {
-        throw new Error(messages.sessionNotFound[locale]);
-      }
-
-      let info;
-      if (session.type === 'component') {
-        // FIXME: session.url must be a meta url in a blocklet store
-        info = await node.getRegistryMeta(new URL(session.url).origin);
-      } else {
-        info = await node.getRegistryMeta(session.registryUrl);
-      }
-
-      // get vc
-      const trustedIssuers = getTrustedIssuers(info.id);
-      const { vc } = await getVCFromClaims({
-        claims,
-        challenge,
-        trustedIssuers,
-        vcTypes,
-        locale,
-      });
-
-      if (!vc) {
-        throw new Error(messages.missingCredentialClaim[locale]);
-      }
-
-      const claim = get(vc, 'credentialSubject.purchased.blocklet') || get(vc, 'credentialSubject.purchased.blocklets');
-      const blocklets = Array.isArray(claim) ? claim : [claim];
-      if (!blocklets.find(x => x.id === session.blockletDid)) {
-        throw new Error(messages.blockletDidNotMatch[locale]);
-      }
-
-      const newSession = await node.updateSession({ id: sid, data: { status: 'confirmed' } });
-      nodeState.emit(BlockletEvents.purchaseChange, { did: session.blockletDid, session: newSession });
-      logger.info('emit blocklet purchase confirm event', newSession);
-
-      // trigger blocklet install if every check passed
-      const context = { user: { did: userDid } };
-      let api;
-      let params;
-      if (session.type === 'component') {
-        api = node.installComponent.bind(node);
-        const { rootDid, mountPoint, url, name, did, title } = session;
-        params = { rootDid, mountPoint, url, name, did, title };
-      } else {
-        api = node.installBlocklet.bind(node);
-        params = { did: session.blockletDid };
-      }
-
-      api(params, context)
-        .then(() => {
-          logger.info('install blocklet after verify purchase nft', session);
-        })
-        .catch(err => {
-          logger.error('install blocklet after verify purchase nft failed', { session, err });
-        });
-    },
-  };
-};

package/api/routes/blocklet-info.js

@@ -1,246 +0,0 @@
-/* eslint-disable no-console */
-const path = require('path');
-const LRU = require('lru-cache');
-const get = require('lodash/get');
-const cloneDeep = require('lodash/cloneDeep');
-const md5 = require('@abtnode/util/lib/md5');
-const { formatEnv } = require('@abtnode/util/lib/security');
-const {
-  attachSendLogoContext,
-  ensureBlockletExist,
-  ensureCustomSquareLogo,
-  ensureBundleLogo,
-  fallbackLogo,
-  cacheError,
-} = require('@abtnode/util/lib/logo-middleware');
-const normalizePathPrefix = require('@abtnode/util/lib/normalize-path-prefix');
-const { WELLKNOWN_SERVICE_PATH_PREFIX } = require('@abtnode/constant');
-const { BlockletEvents, BLOCKLET_PREFERENCE_PREFIX } = require('@blocklet/constant');
-const getBlockletInfo = require('@blocklet/meta/lib/info');
-const { forEachBlocklet, isPreferenceKey, findComponentById } = require('@blocklet/meta/lib/util');
-const {
-  joinLink,
-  parseNavigation,
-  filterNavigation,
-  cleanOrphanNavigation,
-} = require('@blocklet/meta/lib/parse-navigation-from-blocklet');
-const parseNavigationOld = require('@blocklet/meta/lib/parse-navigation');
-
-const logger = require('@abtnode/logger')(require('../../package.json').name);
-
-const getConfigs = require('../util/get-configs');
-const { fillDashboardNavigation, ensureSessionManagerNavigation } = require('../util/navigation');
-
-module.exports = {
-  init(app, node, { enableCache = false } = {}) {
-    const isDev = process.env.NODE_ENV === 'development';
-    // staticDir in development is ../../public
-    const staticDir = isDev ? path.resolve(__dirname, '../../public') : path.resolve(__dirname, './build');
-
-    const onSendFallbackLogo = ({ res, sendOptions }) => {
-      res.sendFile('/images/blocklet.png', { root: staticDir, ...sendOptions });
-    };
-
-    app.get(
-      '/blocklet/logo/:did',
-      attachSendLogoContext({
-        onSendFallbackLogo,
-        onGetBlocklet: ({ req }) => {
-          const { did } = req.params;
-          return node.ensureBlockletIntegrity(did);
-        },
-      }),
-
-      ensureBlockletExist,
-      ensureCustomSquareLogo,
-      ensureBundleLogo,
-      fallbackLogo,
-      cacheError
-    );
-
-    app.get(
-      '/blocklet/logo-bundle/**',
-      attachSendLogoContext({
-        onSendFallbackLogo,
-        onGetBlocklet: async ({ req }) => {
-          const dids = req.url.split('?')[0].replace('/blocklet/logo-bundle/', '').split('/').filter(Boolean);
-          const blocklet = await node.ensureBlockletIntegrity(dids[0]);
-          return findComponentById(blocklet, dids);
-        },
-      }),
-
-      ensureBlockletExist,
-      ensureBundleLogo,
-      fallbackLogo,
-      cacheError
-    );
-
-    // cache at most 50 and at most 5 minute
-    const metaCache = new LRU({ max: 50, maxAge: 5 * 60 * 1000 });
-    const getCacheKey = (did, childDid) => md5(`${did}-${childDid}-meta`);
-
-    [BlockletEvents.started, BlockletEvents.reloaded, BlockletEvents.updated].forEach(event => {
-      node.on(event, blocklet => {
-        const did = get(blocklet, 'meta.did');
-        forEachBlocklet(
-          blocklet,
-          b => {
-            const childDid = get(b, 'meta.did');
-            metaCache.del(getCacheKey(did, childDid));
-          },
-          { sync: true }
-        );
-      });
-    });
-
-    app.get(/.*\/__(meta|blocklet)__\.js$/, async (req, res) => {
-      const did = req.headers['x-blocklet-did'] || '';
-      const componentId = req.headers['x-blocklet-component-id'] || '';
-      if (req.query.force) {
-        metaCache.del(getCacheKey(componentId));
-      }
-
-      let configs = [];
-      let blocklet = {};
-      let name;
-      let description;
-      let appId;
-      let appUrl;
-      let appLogo;
-      let appLogoRect;
-
-      const respond = env => {
-        if (req.query.type === 'json') {
-          return res.json(
-            env.reduce((acc, x) => {
-              acc[x.key] = x.value;
-              return acc;
-            }, {})
-          );
-        }
-
-        const envStr = env.map(x => `${x.key}: ${JSON.stringify(x.value)}`).join(',');
-        const jsStr = `window.blocklet = {${envStr}}`;
-        return res.type('js').send(jsStr);
-      };
-
-      const cacheKey = getCacheKey(componentId);
-      if (enableCache) {
-        const cache = metaCache.get(cacheKey);
-        if (cache) {
-          return respond(cache);
-        }
-      }
-
-      if (did) {
-        try {
-          blocklet = await node.ensureBlockletIntegrity(did);
-          configs = getConfigs(blocklet, componentId);
-          const info = getBlockletInfo(blocklet, null, { returnWallet: false });
-          name = info.name;
-          description = info.description;
-          appId = blocklet.appDid;
-          appUrl = blocklet.environmentObj.BLOCKLET_APP_URL;
-          appLogo = blocklet.environmentObj.BLOCKLET_APP_LOGO;
-          appLogoRect = blocklet.environmentObj.BLOCKLET_APP_LOGO_RECT;
-        } catch (error) {
-          logger.error('get __blocklet__.js failed', { did, componentId, error });
-        }
-      }
-
-      const nodeInfo = await node.getNodeInfo();
-      const groupPathPrefix = normalizePathPrefix(req.headers['x-group-path-prefix']) || '/';
-
-      const env = [
-        ...configs.filter(x => !isPreferenceKey(x)),
-
-        // Unify with backend sdk
-        { key: 'appId', value: appId },
-        { key: 'appName', value: name },
-        { key: 'name', value: name }, // deprecated
-        { key: 'appDescription', value: description },
-        { key: 'description', value: description }, // deprecated
-        { key: 'appUrl', value: appUrl },
-        { key: 'isComponent', value: did !== componentId },
-
-        // Web only
-        { key: 'prefix', value: normalizePathPrefix(req.headers['x-path-prefix']) || '/' },
-        { key: 'groupPrefix', value: groupPathPrefix },
-        { key: 'version', value: get(blocklet, 'meta.version', '') },
-        { key: 'componentId', value: componentId },
-        { key: 'did', value: did }, // deprecated
-        {
-          key: 'appLogo',
-          value:
-            appLogo || normalizePathPrefix(`${groupPathPrefix}${WELLKNOWN_SERVICE_PATH_PREFIX}/blocklet/logo`) || '/',
-        },
-        {
-          key: 'appLogoRect',
-          value: appLogoRect || '',
-        },
-        { key: 'webWalletUrl', value: nodeInfo.webWalletUrl },
-
-        {
-          key: 'preferences',
-          value: configs
-            .filter(x => x.key.startsWith(BLOCKLET_PREFERENCE_PREFIX))
-            .reduce((acc, x) => {
-              acc[x.key.replace(BLOCKLET_PREFERENCE_PREFIX, '')] = formatEnv(x.value, false);
-              return acc;
-            }, {}),
-        },
-      ];
-
-      if (get(blocklet, 'meta.theme')) {
-        env.push({ key: 'theme', value: blocklet.meta.theme });
-      }
-
-      if (get(blocklet, 'meta.copyright')) {
-        env.push({ key: 'copyright', value: blocklet.meta.copyright });
-      }
-
-      const { navigationList, components } = parseNavigation(blocklet, {
-        beforeProcess(rawList) {
-          const copyList = cloneDeep(rawList);
-          fillDashboardNavigation(copyList);
-          if (!copyList.some(x => x.id && (x.section || []).includes('sessionManager'))) {
-            ensureSessionManagerNavigation(copyList);
-          }
-          return copyList;
-        },
-      });
-      let navigation = [];
-
-      // HACK: 如果新的方案未找到任何 navigations，则回滚回原有的方式找 navigation（新的方案需要每一个菜单都有 id，没有 id 的会自动过滤掉，此方案为一个过渡方案）
-      const cleanList = navigationList.filter(item => item.from !== 'tmpl');
-      if (cleanList.length === 0) {
-        navigation = parseNavigationOld(blocklet.meta?.navigation || [], blocklet, groupPathPrefix);
-        fillDashboardNavigation(navigation);
-        ensureSessionManagerNavigation(navigation);
-      } else {
-        navigation = filterNavigation(navigationList, components);
-        navigation = joinLink(navigation, components);
-        navigation = cleanOrphanNavigation(navigation);
-      }
-
-      env.push({ key: 'navigation', value: navigation });
-
-      const mountPoints = [];
-      for (const x of blocklet.children || []) {
-        mountPoints.push({
-          title: x.meta.title,
-          name: x.meta.bundleName,
-          did: x.meta.bundleDid,
-          mountPoint: x.mountPoint || '',
-        });
-      }
-      env.push({ key: 'componentMountPoints', value: mountPoints });
-
-      if (enableCache) {
-        metaCache.set(cacheKey, env);
-      }
-
-      return respond(env);
-    });
-  },
-};