@scrypted/server 0.79.0 → 0.81.0

package/src/runtime.ts

@@ -1,4 +1,3 @@
-import net from 'net';
 import { Device, DeviceInformation, DeviceProvider, EngineIOHandler, HttpRequest, HttpRequestHandler, ScryptedDevice, ScryptedInterface, ScryptedInterfaceMethod, ScryptedInterfaceProperty, ScryptedNativeId, ScryptedUser as SU } from '@scrypted/types';
 import AdmZip from 'adm-zip';
 import crypto from 'crypto';
@@ -9,6 +8,7 @@ import { ParamsDictionary } from 'express-serve-static-core';
 import fs from 'fs';
 import http, { ServerResponse } from 'http';
 import https from 'https';
+import net from 'net';
 import type { spawn as ptySpawn } from 'node-pty-prebuilt-multiarch';
 import path from 'path';
 import { ParsedQs } from 'qs';
@@ -17,8 +17,10 @@ import { PassThrough } from 'stream';
 import tar from 'tar';
 import { URL } from "url";
 import WebSocket, { Server as WebSocketServer } from "ws";
+import { computeClusterObjectHash } from './cluster/cluster-hash';
+import { ClusterObject } from './cluster/connect-rpc-object';
 import { Plugin, PluginDevice, ScryptedAlert, ScryptedUser } from './db-types';
-import { fetchBuffer, getNpmPackageInfo } from './http-fetch-helpers';
+import { getNpmPackageInfo, httpFetch } from './http-fetch-helpers';
 import { createResponseInterface } from './http-interfaces';
 import { getDisplayName, getDisplayRoom, getDisplayType, getProvidedNameOrDefault, getProvidedRoomOrDefault, getProvidedTypeOrDefault } from './infer-defaults';
 import { IOServer } from './io';
@@ -35,7 +37,6 @@ import { getPluginVolume } from './plugin/plugin-volume';
 import { NodeForkWorker } from './plugin/runtime/node-fork-worker';
 import { PythonRuntimeWorker } from './plugin/runtime/python-worker';
 import { RuntimeWorker, RuntimeWorkerOptions } from './plugin/runtime/runtime-worker';
-import { ClusterObject } from './cluster/connect-rpc-object';
 import { getIpAddress, SCRYPTED_INSECURE_PORT, SCRYPTED_SECURE_PORT } from './server-settings';
 import { AddressSettings } from './services/addresses';
 import { Alerts } from './services/alerts';
@@ -45,7 +46,6 @@ import { PluginComponent } from './services/plugin';
 import { ServiceControl } from './services/service-control';
 import { UsersService } from './services/users';
 import { getState, ScryptedStateManager, setState } from './state';
-import { computeClusterObjectHash } from './cluster/cluster-hash';
 
 interface DeviceProxyPair {
     handler: PluginDeviceProxyHandler;
@@ -619,7 +619,8 @@ export class ScryptedRuntime extends PluginHttp<HttpPluginData> {
         }
         console.log('installing package', pkg, version);
 
-        const { body: tarball } = await fetchBuffer(`${registry.versions[version].dist.tarball}`, {
+        const { body: tarball } = await httpFetch( {
+            url: `${registry.versions[version].dist.tarball}`,
             // force ipv4 in case of busted ipv6.
             family: 4,
         });

package/src/scrypted-server-main.ts

@@ -23,7 +23,7 @@ import { getScryptedVolume } from './plugin/plugin-volume';
 import { RPCResultError } from './rpc';
 import { ScryptedRuntime } from './runtime';
 import { getHostAddresses, SCRYPTED_DEBUG_PORT, SCRYPTED_INSECURE_PORT, SCRYPTED_SECURE_PORT } from './server-settings';
-import { setScryptedUserPassword } from './services/users';
+import { setScryptedUserPassword, UsersService } from './services/users';
 import { sleep } from './sleep';
 import { ONE_DAY_MILLISECONDS, UserToken } from './usertoken';
 
@@ -135,6 +135,15 @@ async function start(mainFilename: string, options?: {
     certSetting.value = keyPair;
     certSetting = await db.upsert(certSetting);
 
+    let hasLogin = await db.getCount(ScryptedUser) > 0;
+    if (process.env.SCRYPTED_ADMIN_USERNAME) {
+        let user = await db.tryGet(ScryptedUser, process.env.SCRYPTED_ADMIN_USERNAME);
+        if (!user) {
+            user = await UsersService.addUserToDatabase(db, process.env.SCRYPTED_ADMIN_USERNAME, crypto.randomBytes(8).toString('hex'), undefined);
+            hasLogin = true;
+        }
+    }
+
     const basicAuth = httpAuth.basic({
         realm: 'Scrypted',
     }, async (username, password, callback) => {
@@ -187,6 +196,24 @@ async function start(mainFilename: string, options?: {
         };
     }
 
+    const getDefaultAuthentication = (req: Request) => {
+        const defaultAuthentication = !req.query.disableDefaultAuthentication && process.env.SCRYPTED_DEFAULT_AUTHENTICATION;
+        if (defaultAuthentication) {
+            const referer = req.headers.referer;
+            if (referer) {
+                try {
+                    const u = new URL(referer);
+                    if (u.searchParams.has('disableDefaultAuthentication'))
+                        return;
+                }
+                catch (e) {
+                    // no/invalid referer, allow the default auth
+                }
+            }
+            return scrypted.usersService.users.get(defaultAuthentication);
+        }
+    }
+
     app.use(async (req, res, next) => {
         const defaultAuthentication = getDefaultAuthentication(req);
         if (defaultAuthentication) {
@@ -308,27 +335,6 @@ async function start(mainFilename: string, options?: {
     await options?.onRuntimeCreated?.(scrypted);
     await scrypted.start();
 
-    await listenServerPort('SCRYPTED_SECURE_PORT', SCRYPTED_SECURE_PORT, secure);
-    await listenServerPort('SCRYPTED_INSECURE_PORT', SCRYPTED_INSECURE_PORT, insecure);
-
-    console.log('#######################################################');
-    console.log(`Scrypted Volume           : ${volumeDir}`);
-    console.log(`Scrypted Server (Local)   : https://localhost:${SCRYPTED_SECURE_PORT}/`);
-    for (const address of getHostAddresses(true, true)) {
-        console.log(`Scrypted Server (Remote)  : https://${address}:${SCRYPTED_SECURE_PORT}/`);
-    }
-    console.log(`Version:       : ${await scrypted.info.getVersion()}`);
-    console.log('#######################################################');
-    console.log('Scrypted insecure http service port:', SCRYPTED_INSECURE_PORT);
-    console.log('Ports can be changed with environment variables.')
-    console.log('https: $SCRYPTED_SECURE_PORT')
-    console.log('http : $SCRYPTED_INSECURE_PORT')
-    console.log('Certificate can be modified via tls.createSecureContext options in')
-    console.log('JSON file located at SCRYPTED_HTTPS_OPTIONS_FILE environment variable:');
-    console.log('export SCRYPTED_HTTPS_OPTIONS_FILE=/path/to/options.json');
-    console.log('https://nodejs.org/api/tls.html#tlscreatesecurecontextoptions')
-    console.log('#######################################################');
-
     app.get(['/web/component/script/npm/:pkg', '/web/component/script/npm/@:owner/:pkg'], async (req, res) => {
         const { owner, pkg } = req.params;
         let endpoint = pkg;
@@ -460,16 +466,6 @@ async function start(mainFilename: string, options?: {
         }
     });
 
-    let hasLogin = await db.getCount(ScryptedUser) > 0;
-
-    if (process.env.SCRYPTED_ADMIN_USERNAME) {
-        let user = await db.tryGet(ScryptedUser, process.env.SCRYPTED_ADMIN_USERNAME);
-        if (!user) {
-            user = await scrypted.usersService.addUserInternal(process.env.SCRYPTED_ADMIN_USERNAME, crypto.randomBytes(8).toString('hex'), undefined);
-            hasLogin = true;
-        }
-    }
-
     app.options('/login', (req, res) => {
         res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
         res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization, Content-Length, X-Requested-With');
@@ -583,24 +579,6 @@ async function start(mainFilename: string, options?: {
         }
     }
 
-    const getDefaultAuthentication = (req: Request) => {
-        const defaultAuthentication = !req.query.disableDefaultAuthentication && process.env.SCRYPTED_DEFAULT_AUTHENTICATION;
-        if (defaultAuthentication) {
-            const referer = req.headers.referer;
-            if (referer) {
-                try {
-                    const u = new URL(referer);
-                    if (u.searchParams.has('disableDefaultAuthentication'))
-                        return;
-                }
-                catch (e) {
-                    // no/invalid referer, allow the default auth
-                }
-            }
-            return scrypted.usersService.users.get(defaultAuthentication);
-        }
-    }
-
     app.get('/login', async (req, res) => {
         await checkResetLogin();
 
@@ -695,6 +673,27 @@ async function start(mainFilename: string, options?: {
 
     app.get('/', (_req, res) => res.redirect('./endpoint/@scrypted/core/public/'));
 
+    await listenServerPort('SCRYPTED_SECURE_PORT', SCRYPTED_SECURE_PORT, secure);
+    await listenServerPort('SCRYPTED_INSECURE_PORT', SCRYPTED_INSECURE_PORT, insecure);
+
+    console.log('#######################################################');
+    console.log(`Scrypted Volume           : ${volumeDir}`);
+    console.log(`Scrypted Server (Local)   : https://localhost:${SCRYPTED_SECURE_PORT}/`);
+    for (const address of getHostAddresses(true, true)) {
+        console.log(`Scrypted Server (Remote)  : https://${address}:${SCRYPTED_SECURE_PORT}/`);
+    }
+    console.log(`Version:       : ${await scrypted.info.getVersion()}`);
+    console.log('#######################################################');
+    console.log('Scrypted insecure http service port:', SCRYPTED_INSECURE_PORT);
+    console.log('Ports can be changed with environment variables.')
+    console.log('https: $SCRYPTED_SECURE_PORT')
+    console.log('http : $SCRYPTED_INSECURE_PORT')
+    console.log('Certificate can be modified via tls.createSecureContext options in')
+    console.log('JSON file located at SCRYPTED_HTTPS_OPTIONS_FILE environment variable:');
+    console.log('export SCRYPTED_HTTPS_OPTIONS_FILE=/path/to/options.json');
+    console.log('https://nodejs.org/api/tls.html#tlscreatesecurecontextoptions')
+    console.log('#######################################################');
+
     return scrypted;
 }
 

package/src/services/service-control.ts

@@ -1,5 +1,5 @@
 import fs from 'fs';
-import { fetchJSON } from "../http-fetch-helpers";
+import { httpFetch } from "../http-fetch-helpers";
 import { ScryptedRuntime } from "../runtime";
 
 export class ServiceControl {
@@ -23,7 +23,8 @@ export class ServiceControl {
         const webhookUpdate = process.env.SCRYPTED_WEBHOOK_UPDATE;
         if (webhookUpdate) {
             const webhookUpdateAuthorization = process.env.SCRYPTED_WEBHOOK_UPDATE_AUTHORIZATION;
-            await fetchJSON(webhookUpdate, {
+            await httpFetch({
+                url: webhookUpdate,
                 headers: {
                     Authorization: webhookUpdateAuthorization,
                 }

package/src/services/users.ts

@@ -1,4 +1,5 @@
 import { ScryptedUser } from "../db-types";
+import WrappedLevel from "../level";
 import { ScryptedRuntime } from "../runtime";
 import crypto from 'crypto';
 
@@ -6,6 +7,16 @@ export class UsersService {
     users = new Map<string, ScryptedUser>();
     usersPromise: Promise<ScryptedUser[]>;
 
+    static async addUserToDatabase(db: WrappedLevel, username: string, password: string, aclId: string) {
+        const user = new ScryptedUser();
+        user._id = username;
+        user.aclId = aclId;
+        user.token = crypto.randomBytes(16).toString('hex');
+        setScryptedUserPassword(user, password, Date.now());
+        await db.upsert(user);
+        return user;
+    }
+
     constructor(public scrypted: ScryptedRuntime) {
     }
 
@@ -55,12 +66,7 @@ export class UsersService {
     async addUserInternal(username: string, password: string, aclId: string) {
         await this.ensureUsersPromise();
 
-        const user = new ScryptedUser();
-        user._id = username;
-        user.aclId = aclId;
-        user.token = crypto.randomBytes(16).toString('hex');
-        setScryptedUserPassword(user, password, Date.now());
-        await this.scrypted.datastore.upsert(user);
+        const user = await UsersService.addUserToDatabase(this.scrypted.datastore, username, password, aclId);
         this.users.set(username, user);
         this.updateUsersPromise();