ani-web 2.0.7

package/server/dist/controllers/proxy.controller.js

@@ -0,0 +1,353 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ProxyController = exports.axiosInstance = void 0;
+const axios_1 = __importDefault(require("axios"));
+const axios_retry_1 = __importDefault(require("axios-retry"));
+const path_1 = __importDefault(require("path"));
+const http_1 = __importDefault(require("http"));
+const https_1 = __importDefault(require("https"));
+const node_cache_1 = __importDefault(require("node-cache"));
+const config_1 = require("../config");
+const fs_1 = __importDefault(require("fs"));
+const proxyCache = new node_cache_1.default({ stdTTL: 30, checkperiod: 60 });
+const httpAgent = new http_1.default.Agent({ keepAlive: true, maxSockets: 100 });
+const httpsAgent = new https_1.default.Agent({ keepAlive: true, maxSockets: 100 });
+httpAgent.setMaxListeners(100);
+httpsAgent.setMaxListeners(100);
+exports.axiosInstance = axios_1.default.create({
+    httpAgent,
+    httpsAgent,
+    timeout: 30000,
+});
+(0, axios_retry_1.default)(exports.axiosInstance, { retries: 3, retryDelay: axios_retry_1.default.exponentialDelay });
+class ProxyController {
+    static KWIK_DOMAINS = new Set(['kwik.cx', 'kwik.si', 'kwik.pro']);
+    static ANIMEPAHE_URL = 'https://animepahe.pw/';
+    abortWhenClientLeaves(res, abortController) {
+        res.on('close', () => {
+            if (!res.writableEnded) {
+                abortController.abort();
+            }
+        });
+    }
+    validateKwikUrl(value) {
+        if (typeof value !== 'string')
+            return null;
+        try {
+            const url = new URL(value);
+            const isSecure = url.protocol === 'https:';
+            const isKwik = ProxyController.KWIK_DOMAINS.has(url.hostname.toLowerCase());
+            const isEmbedPath = /^\/e\/[A-Za-z0-9_-]+$/.test(url.pathname);
+            const noAuthOrQuery = !url.username && !url.password && !url.search && !url.hash;
+            return isSecure && isKwik && isEmbedPath && noAuthOrQuery ? url : null;
+        }
+        catch {
+            return null;
+        }
+    }
+    handleProxy = async (req, res) => {
+        const { url, referer } = req.query;
+        if (!url)
+            return res.status(400).send('URL required');
+        const urlStr = url;
+        const refererStr = referer || '';
+        const cacheKey = `m3u8-${urlStr}-${refererStr}`;
+        const abortController = new AbortController();
+        this.abortWhenClientLeaves(res, abortController);
+        try {
+            const headers = {
+                'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
+            };
+            if (referer)
+                headers['Referer'] = refererStr;
+            if (req.headers.range)
+                headers['Range'] = req.headers.range;
+            if (urlStr.includes('.m3u8')) {
+                const cached = proxyCache.get(cacheKey);
+                if (cached) {
+                    return res
+                        .set('Content-Type', 'application/vnd.apple.mpegurl')
+                        .set('Access-Control-Allow-Origin', '*')
+                        .send(cached);
+                }
+                const resp = await exports.axiosInstance.get(urlStr, {
+                    headers,
+                    responseType: 'text',
+                    signal: abortController.signal,
+                });
+                const baseUrl = new URL(urlStr);
+                const proxiedMediaUrl = (targetUrl) => `/api/proxy?url=${encodeURIComponent(targetUrl)}&referer=${encodeURIComponent(refererStr)}`;
+                const needsProxy = Boolean(refererStr);
+                const rewritten = resp.data
+                    .split('\n')
+                    .map((line) => {
+                    const trimmed = line.trim();
+                    if (!trimmed)
+                        return line;
+                    if (trimmed.startsWith('#')) {
+                        return trimmed.replace(/URI="([^"]+)"/g, (_, uri) => {
+                            const absolute = new URL(uri, baseUrl).href;
+                            return `URI="${needsProxy || absolute.includes('.m3u8') ? proxiedMediaUrl(absolute) : absolute}"`;
+                        });
+                    }
+                    const absolute = new URL(trimmed, baseUrl).href;
+                    return needsProxy || absolute.includes('.m3u8') ? proxiedMediaUrl(absolute) : absolute;
+                })
+                    .join('\n');
+                proxyCache.set(cacheKey, rewritten);
+                res
+                    .set('Content-Type', 'application/vnd.apple.mpegurl')
+                    .set('Access-Control-Allow-Origin', '*')
+                    .send(rewritten);
+            }
+            else {
+                const resp = await (0, exports.axiosInstance)({
+                    method: 'get',
+                    url: urlStr,
+                    responseType: 'stream',
+                    headers,
+                    signal: abortController.signal,
+                });
+                res.status(resp.status);
+                const forwardHeaders = [
+                    'content-type',
+                    'content-length',
+                    'content-range',
+                    'accept-ranges',
+                    'cache-control',
+                    'last-modified',
+                    'etag',
+                ];
+                Object.keys(resp.headers).forEach((k) => {
+                    if (forwardHeaders.includes(k.toLowerCase())) {
+                        res.set(k, resp.headers[k]);
+                    }
+                });
+                res.set('Access-Control-Allow-Origin', '*');
+                resp.data.on('error', () => {
+                    abortController.abort();
+                    if (!res.headersSent)
+                        res.status(502).send('Upstream error');
+                    else
+                        res.destroy();
+                });
+                res.on('close', () => {
+                    if (!resp.data.destroyed) {
+                        resp.data.destroy();
+                    }
+                });
+                resp.data.pipe(res);
+            }
+        }
+        catch (e) {
+            if (axios_1.default.isCancel(e))
+                return;
+            if (!res.headersSent)
+                res.status(500).send('Proxy error');
+        }
+    };
+    handleEmbedProxy = async (req, res) => {
+        const kwikUrl = this.validateKwikUrl(req.query.url);
+        if (!kwikUrl)
+            return res.status(400).send('Invalid or unsupported gateway URL');
+        const abortController = new AbortController();
+        this.abortWhenClientLeaves(res, abortController);
+        try {
+            const { data: originalHtml } = await exports.axiosInstance.get(kwikUrl.href, {
+                headers: {
+                    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0',
+                    Referer: ProxyController.ANIMEPAHE_URL,
+                    Origin: 'https://animepahe.pw',
+                },
+                responseType: 'text',
+                signal: abortController.signal,
+            });
+            const patched = this.applyKwikPatches(originalHtml, kwikUrl);
+            if (!patched)
+                return res.status(502).send('Failed to patch video gateway');
+            return res
+                .status(200)
+                .set('Content-Type', 'text/html; charset=utf-8')
+                .set('Cache-Control', 'private, max-age=120')
+                .send(patched);
+        }
+        catch (e) {
+            if (axios_1.default.isCancel(e))
+                return;
+            if (!res.headersSent)
+                res.status(502).send('Gateway proxy error');
+        }
+    };
+    applyKwikPatches(html, kwikUrl) {
+        const safeReferer = JSON.stringify(kwikUrl.href).replace(/</g, '\\u003c');
+        const patched = html.replace(/\b(src|href|url)\s*[=:]\s*(["']?)(\/\/[^"'>)]+|\/(?!\/)[^"'>)]*)\2/gi, (match, attr, quote, path) => {
+            const full = path.startsWith('//') ? `https:${path}` : `${kwikUrl.origin}${path}`;
+            const prefix = match.startsWith('url') ? `url(` : `${attr}=`;
+            const suffix = match.startsWith('url') ? `)` : '';
+            return `${prefix}${quote}${full}${quote}${suffix}`;
+        });
+        const iconProxy = `/api/proxy?url=${encodeURIComponent(`${kwikUrl.origin}/app/js/vendor/plyr.svg`)}&referer=${encodeURIComponent(kwikUrl.href)}`;
+        const plyrPatch = `<script>if(window.Plyr) Plyr.defaults.iconUrl=${JSON.stringify(iconProxy).replace(/</g, '\\u003c')};</script>`;
+        const hlsPatch = `<script>
+      (function() {
+        var hook = function() {
+          if (!window.Hls) return;
+          var original = Hls.prototype.loadSource;
+          Hls.prototype.loadSource = function(src) {
+            if (typeof src === 'string' && src.includes('.m3u8')) {
+              src = window.location.origin + '/api/proxy?url=' + encodeURIComponent(src) + '&referer=' + encodeURIComponent(${safeReferer});
+            }
+            return original.call(this, src);
+          };
+        };
+        if (window.Hls) hook();
+        else {
+          var observer = new MutationObserver(function() {
+            if (window.Hls) { hook(); observer.disconnect(); }
+          });
+          observer.observe(document.documentElement, { childList: true, subtree: true });
+        }
+      })();
+    </script>`;
+        const endBridgePatch = `<script>
+      (function() {
+        var notified = false;
+        var notifyEnded = function() {
+          if (notified) return;
+          notified = true;
+          window.parent.postMessage({ type: 'ANI_WEB_MEDIA_ENDED' }, window.location.origin);
+        };
+
+        var attachToVideos = function(root) {
+          var scope = root || document;
+          var videos = scope.querySelectorAll ? scope.querySelectorAll('video') : [];
+          Array.prototype.forEach.call(videos, function(video) {
+            if (video.dataset && video.dataset.aniWebEndedBridge === 'true') return;
+            if (video.dataset) video.dataset.aniWebEndedBridge = 'true';
+            video.addEventListener('ended', notifyEnded, { once: true });
+          });
+        };
+
+        attachToVideos(document);
+
+        var observer = new MutationObserver(function() {
+          attachToVideos(document);
+        });
+
+        observer.observe(document.documentElement, { childList: true, subtree: true });
+      })();
+    </script>`;
+        const beforePlyr = patched.replace(/(<script[^>]+\/plyr\.min\.js[^>]*><\/script>)/i, `$1${plyrPatch}`);
+        const final = beforePlyr
+            .replace(/(<script[^>]+hls(?:\.min)?\.js[^>]*><\/script>)/i, `$1${hlsPatch}`)
+            .replace(/<\/body>/i, `${endBridgePatch}</body>`);
+        return final === html ? null : final;
+    }
+    handleSubtitleProxy = async (req, res) => {
+        const { url, referer } = req.query;
+        if (!url)
+            return res.status(400).send('URL required');
+        const abortController = new AbortController();
+        this.abortWhenClientLeaves(res, abortController);
+        try {
+            const headers = {
+                'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
+            };
+            if (referer)
+                headers['Referer'] = referer;
+            const response = await exports.axiosInstance.get(url, {
+                headers,
+                responseType: 'text',
+                signal: abortController.signal,
+            });
+            res.set('Content-Type', 'text/vtt; charset=utf-8').send(response.data);
+        }
+        catch (e) {
+            if (axios_1.default.isCancel(e))
+                return;
+            res.status(500).send('Proxy error');
+        }
+    };
+    handleImageProxy = async (req, res) => {
+        const { url, cookie, ua } = req.query;
+        if (!url)
+            return res.status(400).send('URL required');
+        const targetUrl = url;
+        const abortController = new AbortController();
+        this.abortWhenClientLeaves(res, abortController);
+        let refererValue = 'https://allanime.day';
+        const headers = {
+            'User-Agent': ua ||
+                'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
+        };
+        try {
+            if (targetUrl.includes('animepahe')) {
+                refererValue = 'https://animepahe.pw/';
+                const rawCookie = cookie || '';
+                let sanitized = rawCookie.trim();
+                sanitized = sanitized.replace(/^cf_clearance/i, '');
+                sanitized = sanitized.replace(/^[:=]\s*/, '');
+                sanitized = sanitized.replace(/["']/g, '').trim();
+                headers['Cookie'] = `cf_clearance=${sanitized}`;
+            }
+            else if (targetUrl.includes('anilist.co')) {
+                refererValue = 'https://anilist.co/';
+            }
+            else if (targetUrl.includes('gogocdn.net')) {
+                refererValue = 'https://gogoanime.lu/';
+            }
+            else if (targetUrl.includes('youtube-anime.com') || targetUrl.includes('allanime.day')) {
+                refererValue = 'https://allanime.day/';
+            }
+            else if (targetUrl.includes('animeya.cc')) {
+                refererValue = 'https://animeya.cc/';
+            }
+            headers['Referer'] = refererValue;
+            const imageResponse = await (0, exports.axiosInstance)({
+                method: 'get',
+                url: targetUrl,
+                responseType: 'stream',
+                headers,
+                timeout: 30000,
+                signal: abortController.signal,
+            });
+            if (imageResponse.status === 200) {
+                res.set('Cache-Control', 'public, max-age=604800, immutable');
+                res.set('Content-Type', String(imageResponse.headers['content-type'] ?? 'image/webp'));
+                imageResponse.data.pipe(res);
+            }
+            else {
+                this.sendPlaceholder(res);
+            }
+        }
+        catch (e) {
+            if (axios_1.default.isCancel(e)) {
+                return;
+            }
+            if (!res.headersSent) {
+                this.sendPlaceholder(res);
+            }
+        }
+    };
+    sendPlaceholder(res) {
+        const possiblePaths = [
+            path_1.default.join(config_1.CONFIG.PACKAGE_ROOT, 'client/public/placeholder.svg'),
+            path_1.default.join(config_1.CONFIG.PACKAGE_ROOT, 'client/dist/placeholder.svg'),
+            path_1.default.join(config_1.CONFIG.SERVER_ROOT, '..', 'client/public/placeholder.svg'),
+        ];
+        for (const p of possiblePaths) {
+            if (fs_1.default.existsSync(p)) {
+                return res.sendFile(p, (err) => {
+                    if (err && !res.headersSent) {
+                        res.status(404).send('Not Found');
+                    }
+                });
+            }
+        }
+        res.status(404).send('Not Found');
+    }
+}
+exports.ProxyController = ProxyController;

package/server/dist/controllers/settings.controller.js

@@ -0,0 +1,159 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SettingsController = void 0;
+const sync_1 = require("../sync");
+const xml2js_1 = require("xml2js");
+const logger_1 = __importDefault(require("../logger"));
+const path_1 = __importDefault(require("path"));
+const fs_1 = __importDefault(require("fs"));
+const config_1 = require("../config");
+const settings_repository_1 = require("../repositories/settings.repository");
+const machine_id_1 = require("../utils/machine-id");
+const discord_rpc_1 = require("../discord-rpc");
+class SettingsController {
+    provider;
+    constructor(provider) {
+        this.provider = provider;
+    }
+    getSettings = async (req, res) => {
+        try {
+            const row = await settings_repository_1.SettingsRepository.getByKey(req.db, req.query.key);
+            let value = row ? row.value : null;
+            if (value === null && req.query.key === 'discordRPCEnabled') {
+                value = 'true';
+            }
+            res.json({ value: value });
+        }
+        catch {
+            res.status(500).json({ error: 'DB error' });
+        }
+    };
+    updateSettings = async (req, res) => {
+        try {
+            await (0, sync_1.performWriteTransaction)(req.db, (tx) => {
+                settings_repository_1.SettingsRepository.upsert(tx, req.body.key, String(req.body.value));
+            });
+            if (req.body.key === 'discordRPCEnabled') {
+                discord_rpc_1.discordRPCService.setEnabled(req.body.value === 'true' || req.body.value === true);
+            }
+            res.json({ success: true });
+        }
+        catch {
+            res.status(500).json({ error: 'DB error' });
+        }
+    };
+    backupDatabase = (req, res) => {
+        const backupPath = path_1.default.join(config_1.CONFIG.ROOT, 'ani-web-backup.db');
+        try {
+            req.db.backup(backupPath);
+            res.download(backupPath, 'ani-web-backup.db', () => {
+                fs_1.default.unlink(backupPath, () => { });
+            });
+        }
+        catch (err) {
+            logger_1.default.error({ err }, 'Manual backup failed');
+            return res.status(500).json({ error: 'Backup failed' });
+        }
+    };
+    restoreDatabase = (req, res, db, initializeDatabase, setDb) => {
+        if (!req.file)
+            return res.status(400).json({ error: 'No file uploaded.' });
+        const dbName = config_1.CONFIG.IS_DEV ? config_1.CONFIG.DB_NAME_DEV : config_1.CONFIG.DB_NAME_PROD;
+        const tempPath = path_1.default.join(config_1.CONFIG.ROOT, `restore_temp.db`);
+        const dbPath = path_1.default.join(config_1.CONFIG.ROOT, dbName);
+        db.close((closeErr) => {
+            if (closeErr)
+                return res.status(500).json({ error: 'Failed to close database.' });
+            try {
+                req.db.checkpoint();
+            }
+            catch (checkpointErr) {
+                logger_1.default.warn({ err: checkpointErr }, 'WAL checkpoint failed');
+            }
+            try {
+                if (fs_1.default.existsSync(`${dbPath}-wal`))
+                    fs_1.default.unlinkSync(`${dbPath}-wal`);
+                if (fs_1.default.existsSync(`${dbPath}-shm`))
+                    fs_1.default.unlinkSync(`${dbPath}-shm`);
+            }
+            catch (cleanupErr) {
+                logger_1.default.warn({ err: cleanupErr }, 'Failed to clean up WAL files');
+            }
+            fs_1.default.rename(tempPath, dbPath, async (renameErr) => {
+                if (renameErr) {
+                    try {
+                        const reopenedDb = await initializeDatabase(dbPath);
+                        setDb(reopenedDb);
+                        req.db = reopenedDb;
+                    }
+                    catch (e) {
+                        logger_1.default.error({ err: e }, 'Failed to reopen DB after rename failure');
+                    }
+                    return res.status(500).json({ error: 'Failed to replace database file.' });
+                }
+                try {
+                    const newDb = await initializeDatabase(dbPath);
+                    setDb(newDb);
+                    req.db = newDb;
+                    res.json({ success: true, message: 'Database restored.' });
+                }
+                catch (e) {
+                    logger_1.default.error({ err: e }, 'Failed to initialize restored database');
+                    res.status(500).json({ error: 'Failed to initialize restored database.' });
+                }
+            });
+        });
+    };
+    importMalXml = async (req, res) => {
+        if (!req.file)
+            return res.status(400).json({ error: 'No file' });
+        const { erase } = req.body;
+        let result;
+        try {
+            result = await (0, xml2js_1.parseStringPromise)(req.file.buffer.toString());
+        }
+        catch {
+            return res.status(400).json({ error: 'Invalid XML' });
+        }
+        const animeList = result?.myanimelist?.anime || [];
+        let skippedCount = 0;
+        const showsToInsert = [];
+        const BATCH_SIZE = 5;
+        for (let i = 0; i < animeList.length; i += BATCH_SIZE) {
+            const batch = animeList.slice(i, i + BATCH_SIZE);
+            const batchResults = await Promise.allSettled(batch.map((item) => this.provider.search({ query: item.series_title[0] })));
+            batchResults.forEach((r, idx) => {
+                if (r.status === 'fulfilled' && r.value.length > 0) {
+                    showsToInsert.push({
+                        id: r.value[0]._id,
+                        name: r.value[0].name,
+                        thumbnail: r.value[0].thumbnail,
+                        status: batch[idx].my_status[0],
+                    });
+                }
+                else {
+                    skippedCount++;
+                }
+            });
+        }
+        await (0, sync_1.performWriteTransaction)(req.db, (tx) => {
+            if (erase)
+                settings_repository_1.SettingsRepository.clearWatchlist(tx);
+            settings_repository_1.SettingsRepository.upsertWatchlistBatch(tx, showsToInsert);
+        });
+        res.json({ imported: showsToInsert.length, skipped: skippedCount });
+    };
+    getInstallationId = (_req, res) => {
+        try {
+            res.json({ id: (0, machine_id_1.getMachineId)() });
+        }
+        catch (err) {
+            logger_1.default.error({ err }, 'Failed to get machine ID');
+            res.status(500).json({ error: 'Failed to get machine ID' });
+        }
+    };
+}
+exports.SettingsController = SettingsController;