@rmdes/indiekit-endpoint-microsub 1.0.55 → 1.0.57

package/lib/cache/redis.js

@@ -3,8 +3,8 @@
  * @module cache/redis
  */
 
-import Redis from "ioredis";
-
+// Redis is dynamically imported only when needed so the package is optional
+let Redis;
 let redisClient;
 
 /**
@@ -12,7 +12,7 @@ let redisClient;
  * @param {object} application - Indiekit application
  * @returns {object|undefined} Redis client or undefined
  */
-export function getRedisClient(application) {
+export async function getRedisClient(application) {
   // Check if Redis is already initialized on the application
   if (application.redis) {
     return application.redis;
@@ -27,6 +27,15 @@ export function getRedisClient(application) {
   const redisUrl = application.config?.application?.redisUrl;
   if (redisUrl) {
     try {
+      if (!Redis) {
+        try {
+          Redis = (await import("ioredis")).default;
+        } catch {
+          console.warn("[Microsub] ioredis not available");
+          return;
+        }
+      }
+
       redisClient = new Redis(redisUrl, {
         maxRetriesPerRequest: 3,
         retryStrategy(times) {
@@ -56,6 +65,15 @@ export function getRedisClient(application) {
   }
 }
 
+/**
+ * Namespace cache keys to prevent cross-instance collisions
+ * @param {string} key - Raw cache key
+ * @returns {string} Namespaced key
+ */
+function nsKey(key) {
+  return `microsub:${key}`;
+}
+
 /**
  * Get value from cache
  * @param {object} redis - Redis client
@@ -68,7 +86,7 @@ export async function getCache(redis, key) {
   }
 
   try {
-    const value = await redis.get(key);
+    const value = await redis.get(nsKey(key));
     if (value) {
       return JSON.parse(value);
     }
@@ -92,9 +110,10 @@ export async function setCache(redis, key, value, ttl = 300) {
 
   try {
     const serialized = JSON.stringify(value);
+    const nk = nsKey(key);
     await (ttl
-      ? redis.set(key, serialized, "EX", ttl)
-      : redis.set(key, serialized));
+      ? redis.set(nk, serialized, "EX", ttl)
+      : redis.set(nk, serialized));
   } catch {
     // Ignore cache errors
   }
@@ -112,7 +131,7 @@ export async function deleteCache(redis, key) {
   }
 
   try {
-    await redis.del(key);
+    await redis.del(nsKey(key));
   } catch {
     // Ignore cache errors
   }

package/lib/controllers/channels.js

@@ -17,7 +17,7 @@ import { getUserId } from "../utils/auth.js";
 import {
   validateChannel,
   validateChannelName,
-  parseArrayParameter as parseArrayParametereter,
+  parseArrayParameter,
 } from "../utils/validation.js";
 
 /**
@@ -62,7 +62,7 @@ export async function action(request, response) {
 
   // Reorder channels
   if (method === "order") {
-    const channelUids = parseArrayParametereter(request.body, "channels");
+    const channelUids = parseArrayParameter(request.body, "channels");
     if (channelUids.length === 0) {
       throw new IndiekitError("Missing channels[] parameter", {
         status: 400,

package/lib/controllers/reader/actor.js

@@ -0,0 +1,142 @@
+/**
+ * ActivityPub actor profiles
+ * @module controllers/reader/actor
+ */
+
+import { fetchActorOutbox } from "../../activitypub/outbox-fetcher.js";
+
+const ACTOR_OUTBOX_LIMIT = 30;
+
+/**
+ * Find the ActivityPub plugin instance from installed plugins.
+ * @param {object} request - Express request
+ * @returns {object|undefined} The AP plugin instance
+ */
+function getApPlugin(request) {
+  const installedPlugins = request.app.locals.installedPlugins;
+  if (!installedPlugins) return undefined;
+  return [...installedPlugins].find(
+    (p) => p.name === "ActivityPub endpoint",
+  );
+}
+
+/**
+ * Actor profile — fetch and display a remote AP actor's recent posts
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ */
+export async function actorProfile(request, response) {
+  const actorUrl = request.query.url;
+  if (!actorUrl) {
+    return response.status(400).render("404");
+  }
+
+  // Check if we already follow this actor
+  const { application } = request.app.locals;
+  const apFollowing = application?.collections?.get("ap_following");
+  let isFollowing = false;
+  if (apFollowing) {
+    const existing = await apFollowing.findOne({ actorUrl });
+    isFollowing = !!existing;
+  }
+
+  // Check if AP plugin is available (for follow button visibility)
+  const apPlugin = getApPlugin(request);
+  const canFollow = !!apPlugin;
+
+  try {
+    const { actor, items } = await fetchActorOutbox(actorUrl, { limit: ACTOR_OUTBOX_LIMIT });
+
+    response.render("actor", {
+      title: actor.name || "Actor",
+      actor,
+      items,
+      actorUrl,
+      isFollowing,
+      canFollow,
+      baseUrl: request.baseUrl,
+      readerBaseUrl: request.baseUrl,
+      activeView: "channels",
+      breadcrumbs: [
+        { text: "Reader", href: request.baseUrl },
+        { text: actor.name || "Actor" },
+      ],
+    });
+  } catch (error) {
+    console.error(`[Microsub] Actor profile fetch failed: ${error.message}`);
+    response.render("actor", {
+      title: "Actor",
+      actor: { name: actorUrl, url: actorUrl, photo: "", summary: "" },
+      items: [],
+      actorUrl,
+      isFollowing,
+      canFollow,
+      baseUrl: request.baseUrl,
+      readerBaseUrl: request.baseUrl,
+      activeView: "channels",
+      error: "Could not fetch this actor's profile. They may have restricted access.",
+      breadcrumbs: [
+        { text: "Reader", href: request.baseUrl },
+        { text: "Actor" },
+      ],
+    });
+  }
+}
+
+/**
+ * Follow an ActivityPub actor
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ */
+export async function followActorAction(request, response) {
+  const { actorUrl, actorName } = request.body;
+  if (!actorUrl) {
+    return response.status(400).redirect(request.baseUrl + "/channels/activitypub");
+  }
+
+  const apPlugin = getApPlugin(request);
+  if (!apPlugin) {
+    console.error("[Microsub] Cannot follow: ActivityPub plugin not installed");
+    return response.redirect(
+      `${request.baseUrl}/actor?url=${encodeURIComponent(actorUrl)}`,
+    );
+  }
+
+  const result = await apPlugin.followActor(actorUrl, { name: actorName });
+  if (!result.ok) {
+    console.error(`[Microsub] Follow via AP plugin failed: ${result.error}`);
+  }
+
+  return response.redirect(
+    `${request.baseUrl}/actor?url=${encodeURIComponent(actorUrl)}`,
+  );
+}
+
+/**
+ * Unfollow an ActivityPub actor
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ */
+export async function unfollowActorAction(request, response) {
+  const { actorUrl } = request.body;
+  if (!actorUrl) {
+    return response.status(400).redirect(request.baseUrl + "/channels/activitypub");
+  }
+
+  const apPlugin = getApPlugin(request);
+  if (!apPlugin) {
+    console.error("[Microsub] Cannot unfollow: ActivityPub plugin not installed");
+    return response.redirect(
+      `${request.baseUrl}/actor?url=${encodeURIComponent(actorUrl)}`,
+    );
+  }
+
+  const result = await apPlugin.unfollowActor(actorUrl);
+  if (!result.ok) {
+    console.error(`[Microsub] Unfollow via AP plugin failed: ${result.error}`);
+  }
+
+  return response.redirect(
+    `${request.baseUrl}/actor?url=${encodeURIComponent(actorUrl)}`,
+  );
+}

package/lib/controllers/reader/channel.js

@@ -0,0 +1,301 @@
+/**
+ * Channel CRUD + HTML fragments
+ * @module controllers/reader/channel
+ */
+
+import {
+  getChannels,
+  getChannel,
+  createChannel,
+  updateChannelSettings,
+  deleteChannel,
+} from "../../storage/channels.js";
+import { getFeedsForChannel } from "../../storage/feeds.js";
+import { getTimelineItems } from "../../storage/items.js";
+import { countReadItems } from "../../storage/items-read-state.js";
+import { getUserId } from "../../utils/auth.js";
+import {
+  validateChannelName,
+  validateExcludeTypes,
+  validateExcludeRegex,
+} from "../../utils/validation.js";
+import { proxyItemImages } from "../../media/proxy.js";
+
+/**
+ * Reader index - redirect to channels
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ */
+export async function index(request, response) {
+  const lastView = request.session?.microsubView || "timeline";
+  const validViews = ["channels", "deck", "timeline"];
+  const view = validViews.includes(lastView) ? lastView : "timeline";
+  response.redirect(`${request.baseUrl}/${view}`);
+}
+
+/**
+ * List channels
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ */
+export async function channels(request, response) {
+  const { application } = request.app.locals;
+  const userId = getUserId(request);
+
+  const channelList = await getChannels(application, userId);
+
+  if (request.session) request.session.microsubView = "channels";
+
+  response.render("reader", {
+    title: request.__("microsub.views.channels"),
+    channels: channelList,
+    baseUrl: request.baseUrl,
+    readerBaseUrl: request.baseUrl,
+    activeView: "channels",
+    breadcrumbs: [
+      { text: "Reader", href: request.baseUrl },
+      { text: "Channels" },
+    ],
+  });
+}
+
+/**
+ * New channel form
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ */
+export async function newChannel(request, response) {
+  response.render("channel-new", {
+    title: request.__("microsub.channels.new"),
+    baseUrl: request.baseUrl,
+    readerBaseUrl: request.baseUrl,
+    activeView: "channels",
+    breadcrumbs: [
+      { text: "Reader", href: request.baseUrl },
+      { text: "Channels", href: `${request.baseUrl}/channels` },
+      { text: request.__("microsub.channels.new") },
+    ],
+  });
+}
+
+/**
+ * Create channel
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ */
+export async function createChannelAction(request, response) {
+  const { application } = request.app.locals;
+  const userId = getUserId(request);
+  const { name } = request.body;
+
+  validateChannelName(name);
+
+  await createChannel(application, { name, userId });
+
+  response.redirect(`${request.baseUrl}/channels`);
+}
+
+/**
+ * View channel timeline
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ * @returns {Promise<void>}
+ */
+export async function channel(request, response) {
+  const { application } = request.app.locals;
+  const userId = getUserId(request);
+  const { uid } = request.params;
+  const { before, after, showRead } = request.query;
+
+  const channelDocument = await getChannel(application, uid, userId);
+  if (!channelDocument) {
+    return response.status(404).render("404");
+  }
+
+  // Check if showing read items
+  const showReadItems = showRead === "true";
+
+  const timeline = await getTimelineItems(application, channelDocument._id, {
+    before,
+    after,
+    userId,
+    showRead: showReadItems,
+  });
+
+  // Proxy images through media endpoint for privacy
+  const proxyBaseUrl = application.url;
+  if (proxyBaseUrl && timeline.items) {
+    timeline.items = timeline.items.map((item) =>
+      proxyItemImages(item, proxyBaseUrl),
+    );
+  }
+
+  // Count read items to show "View read items" button
+  const readCount = await countReadItems(
+    application,
+    channelDocument._id,
+    userId,
+  );
+
+  response.render("channel", {
+    title: channelDocument.name,
+    channel: channelDocument,
+    items: timeline.items,
+    paging: timeline.paging,
+    readCount,
+    showRead: showReadItems,
+    baseUrl: request.baseUrl,
+    readerBaseUrl: request.baseUrl,
+    activeView: "channels",
+    breadcrumbs: [
+      { text: "Reader", href: request.baseUrl },
+      { text: "Channels", href: `${request.baseUrl}/channels` },
+      { text: channelDocument.name },
+    ],
+  });
+}
+
+/**
+ * Return rendered HTML fragments for infinite scroll
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ * @returns {Promise<void>}
+ */
+export async function channelHtml(request, response) {
+  const { application } = request.app.locals;
+  const userId = getUserId(request);
+  const { uid } = request.params;
+  const { before, after, showRead } = request.query;
+
+  const channelDocument = await getChannel(application, uid, userId);
+  if (!channelDocument) {
+    return response.status(404).json({ error: "Channel not found" });
+  }
+
+  const showReadItems = showRead === "true";
+
+  const timeline = await getTimelineItems(application, channelDocument._id, {
+    before,
+    after,
+    userId,
+    showRead: showReadItems,
+  });
+
+  // Proxy images
+  const proxyBaseUrl = application.url;
+  if (proxyBaseUrl && timeline.items) {
+    timeline.items = timeline.items.map((item) =>
+      proxyItemImages(item, proxyBaseUrl),
+    );
+  }
+
+  // Render items via layout-less fragment template (standard response.render
+  // with callback returns HTML string without sending a response)
+  const fragmentHtml = await new Promise((resolve, reject) => {
+    response.render("partials/items-fragment", {
+      items: timeline.items,
+      channel: channelDocument,
+      baseUrl: request.baseUrl,
+    }, (error, html) => error ? reject(error) : resolve(html));
+  });
+
+  response.json({
+    html: fragmentHtml,
+    paging: timeline.paging,
+    count: timeline.items.length,
+  });
+}
+
+/**
+ * Channel settings form
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ * @returns {Promise<void>}
+ */
+export async function settings(request, response) {
+  const { application } = request.app.locals;
+  const userId = getUserId(request);
+  const { uid } = request.params;
+
+  const channelDocument = await getChannel(application, uid, userId);
+  if (!channelDocument) {
+    return response.status(404).render("404");
+  }
+
+  response.render("settings", {
+    title: request.__("microsub.settings.title", {
+      channel: channelDocument.name,
+    }),
+    channel: channelDocument,
+    baseUrl: request.baseUrl,
+    readerBaseUrl: request.baseUrl,
+    activeView: "channels",
+    breadcrumbs: [
+      { text: "Reader", href: request.baseUrl },
+      { text: "Channels", href: `${request.baseUrl}/channels` },
+      { text: channelDocument.name, href: `${request.baseUrl}/channels/${uid}` },
+      { text: "Settings" },
+    ],
+  });
+}
+
+/**
+ * Update channel settings
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ * @returns {Promise<void>}
+ */
+export async function updateSettings(request, response) {
+  const { application } = request.app.locals;
+  const userId = getUserId(request);
+  const { uid } = request.params;
+  const { excludeTypes, excludeRegex } = request.body;
+
+  const channelDocument = await getChannel(application, uid, userId);
+  if (!channelDocument) {
+    return response.status(404).render("404");
+  }
+
+  const validatedTypes = validateExcludeTypes(
+    Array.isArray(excludeTypes) ? excludeTypes : [excludeTypes].filter(Boolean),
+  );
+  const validatedRegex = validateExcludeRegex(excludeRegex);
+
+  await updateChannelSettings(
+    application,
+    uid,
+    {
+      excludeTypes: validatedTypes,
+      excludeRegex: validatedRegex,
+    },
+    userId,
+  );
+
+  response.redirect(`${request.baseUrl}/channels/${uid}`);
+}
+
+/**
+ * Delete channel
+ * @param {object} request - Express request
+ * @param {object} response - Express response
+ * @returns {Promise<void>}
+ */
+export async function deleteChannelAction(request, response) {
+  const { application } = request.app.locals;
+  const userId = getUserId(request);
+  const { uid } = request.params;
+
+  // Don't allow deleting system channels
+  if (uid === "notifications" || uid === "activitypub") {
+    return response.redirect(`${request.baseUrl}/channels`);
+  }
+
+  const channelDocument = await getChannel(application, uid, userId);
+  if (!channelDocument) {
+    return response.status(404).render("404");
+  }
+
+  await deleteChannel(application, uid, userId);
+
+  response.redirect(`${request.baseUrl}/channels`);
+}