hfs 0.26.8 → 0.27.2

package/src/config.ts

@@ -1,166 +0,0 @@
-// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
-
-import EventEmitter from 'events'
-import { APP_PATH, argv, ORIGINAL_CWD } from './const'
-import { watchLoad } from './watchLoad'
-import yaml from 'yaml'
-import _ from 'lodash'
-import { debounceAsync, same, objSameKeys, onOff, wait, with_ } from './misc'
-import { copyFileSync, existsSync, renameSync, statSync } from 'fs'
-import { join, resolve } from 'path'
-import events from './events'
-
-const FILE = 'config.yaml'
-
-const configProps: Record<string, ConfigProps<any>> = {}
-
-let started = false // this will tell the difference for subscribeConfig()s that are called before or after config is loaded
-let state: Record<string, any> = {}
-const cfgEvents = new EventEmitter()
-cfgEvents.setMaxListeners(10_000)
-const path = with_(argv.config || process.env.HFS_CONFIG, p => {
-    if (!p)
-        return FILE
-    p = resolve(ORIGINAL_CWD, p)
-    try {
-        if (statSync(p).isDirectory()) // try to detect if path points to a folder, in which case we add the standard filename
-            return join(p, FILE)
-    }
-    catch {}
-    return p
-})
-console.log("config", path)
-const legacyPosition = join(APP_PATH, FILE)
-if (!existsSync(path) && existsSync(legacyPosition))
-    try {
-        renameSync(legacyPosition, path)
-        console.log("moved from legacy position", legacyPosition)
-    }
-    catch {
-        try { // attempt copying, in case moving the source file proves to be impractical
-            copyFileSync(legacyPosition, path)
-            console.log("copied from legacy position", legacyPosition)
-        }
-        catch {}
-    }
-const { save } = watchLoad(path, values => setConfig(values||{}, false), {
-    failedOnFirstAttempt(){
-        console.log("No config file, using defaults")
-        setConfig({}, false)
-    }
-})
-
-interface ConfigProps<T> {
-    defaultValue?: T,
-}
-export function defineConfig<T>(k: string, defaultValue?: T) {
-    configProps[k] = { defaultValue }
-    type Updater = (currentValue:T) => T
-    return {
-        key() {
-            return k
-        },
-        get(): T {
-            return getConfig(k)
-        },
-        sub(cb: (v:T, was?:T)=>void) {
-            return subscribeConfig(k, cb)
-        },
-        set(v: T | Updater) {
-            if (typeof v === 'function')
-                this.set((v as Updater)(this.get()))
-            else
-                setConfig1(k, v)
-        }
-    }
-}
-
-export function getConfigDefinition(k: string) {
-    return configProps[k]
-}
-
-const stack: any[] = []
-function subscribeConfig<T>(k:string, cb: (v:T, was?:T)=>void) {
-    if (started) // initial event already passed, we'll make the first call
-        cb(getConfig(k))
-    const eventName = 'new.'+k
-    return onOff(cfgEvents, {
-        [eventName]() {
-            if (stack.includes(cb)) return // avoid infinite loop in case a subscriber changes the value
-            stack.push(cb) // @ts-ignore arguments
-            try { return cb.apply(this,arguments) }
-            finally { stack.pop() }
-        }
-    })
-}
-
-export function getConfig(k:string) {
-    return state[k] ?? _.cloneDeep(configProps[k]?.defaultValue) // clone to avoid changing
-}
-
-export function getWholeConfig({ omit, only }: { omit?:string[], only?:string[] }) {
-    const defs = objSameKeys(configProps, x => x.defaultValue)
-    let copy = _.defaults({}, state, defs)
-    if (omit?.length)
-        copy = _.omit(copy, omit)
-    if (only)
-       copy = _.pick(copy, only)
-    return _.cloneDeep(copy)
-}
-
-// pass a value to `save` to force saving decision, or leave undefined for auto. Passing false will also reset previously loaded configs.
-export function setConfig(newCfg: Record<string,any>, save?: boolean) {
-    if (!started) { // first time we consider also CLI args
-        const argCfg = _.pickBy(objSameKeys(configProps, (x,k) => argv[k]), x => x !== undefined)
-        if (! _.isEmpty(argCfg)) {
-            saveConfigAsap().then() // don't set `save` argument, as it would interfere below at check `save===false`
-            Object.assign(newCfg, argCfg)
-        }
-    }
-    for (const k in newCfg)
-        apply(k, newCfg[k])
-    if (save) {
-        saveConfigAsap().then()
-        return
-    }
-    if (started) {
-        if (save === false) // false is used when loading whole config, and in such case we should not leave previous values untreated. Also, we need this only after we already `started`.
-            for (const k of Object.keys(state))
-                if (!newCfg.hasOwnProperty(k))
-                    apply(k, newCfg[k])
-        return
-    }
-    // first time we emit also for the default values
-    for (const k of Object.keys(configProps))
-        if (!newCfg.hasOwnProperty(k))
-            apply(k, newCfg[k])
-    started = true
-    events.emit('config ready')
-
-    function apply(k: string, newV: any) {
-        return setConfig1(k, newV, save === undefined)
-    }
-}
-
-function setConfig1(k: string, newV: any, saveChanges=true) {
-    if (_.isPlainObject(newV))
-        newV = _.pickBy(newV, x => x !== undefined)
-    if (same(newV, configProps[k]?.defaultValue))
-        newV = undefined
-    if (started && same(newV, state[k])) return // no change
-    const was = getConfig(k) // include cloned default, if necessary
-    state[k] = newV
-    cfgEvents.emit('new.'+k, getConfig(k), was)
-    if (saveChanges)
-        saveConfigAsap().then()
-}
-
-export const saveConfigAsap = debounceAsync(async () => {
-    while (!started)
-        await wait(100)
-    let txt = yaml.stringify(state, { lineWidth:1000 })
-    if (txt.trim() === '{}')  // most users wouldn't understand
-        txt = ''
-    save(path, txt)
-        .catch(err => console.error('Failed at saving config file, please ensure it is writable.', String(err)))
-})

package/src/connections.ts

@@ -1,60 +0,0 @@
-// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
-
-import { Socket } from 'net'
-import events from './events'
-import Koa from 'koa'
-import _ from 'lodash'
-
-export class Connection {
-    readonly started = new Date()
-    sent = 0
-    outSpeed?: number
-    ctx?: Koa.Context
-    private _cachedIp?: string
-    [rest:symbol]: any // let other modules add extra data, but using symbols to avoid name collision
-
-    constructor(readonly socket: Socket) {
-        all.push(this)
-        socket.on('close', () => {
-            all.splice(all.indexOf(this), 1)
-            events.emit('connectionClosed', this)
-        })
-        events.emit('connection', this)
-    }
-
-    get ip() { // prioritize ctx.ip as it supports proxies, but fallback for when ctx is not yet available
-        return this.ctx?.ip || (this._cachedIp ??= normalizeIp(this.socket.remoteAddress||''))
-    }
-
-    get secure() {
-        return (this.socket as any).server.cert > ''
-    }
-}
-
-export function normalizeIp(ip: string) {
-    return ip.replace(/^::ffff:/,'') // simplify ipv6-mapped addresses
-}
-
-const all: Connection[] = []
-
-export function newConnection(socket: Socket) {
-    new Connection(socket)
-}
-
-export function getConnections(): Readonly<typeof all> {
-    return all
-}
-
-export function socket2connection(socket: Socket) {
-    return all.find(x => // socket exposed by Koa is TLSSocket which encapsulates simple Socket, and I've found no way to access it for simple comparison
-        x.socket.remotePort === socket.remotePort // but we can still match them because IP:PORT is key
-        && x.socket.remoteAddress === socket.remoteAddress )
-}
-
-export function updateConnection(conn: Connection, change: Partial<Connection>) {
-    // if no change is detected, skip update. ctx is a special case
-    if (!change.ctx && Object.entries(change).every(([k,v]) => _.isEqual(v, conn[k as keyof Connection]) ))
-        return
-    Object.assign(conn, change)
-    events.emit('connectionUpdated', conn, change)
-}

package/src/const.ts

@@ -1,57 +0,0 @@
-// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
-
-import minimist from 'minimist'
-import * as fs from 'fs'
-import { homedir } from 'os'
-import { mkdirSync } from 'fs'
-import { basename, dirname, join } from 'path'
-
-export const argv = minimist(process.argv.slice(2))
-export const DEV = process.env.DEV || argv.dev ? 'DEV' : ''
-export const ORIGINAL_CWD = process.cwd()
-export const HFS_STARTED = new Date()
-const PKG_PATH = join(__dirname, '..', 'package.json')
-export const BUILD_TIMESTAMP = fs.statSync(PKG_PATH).mtime.toISOString()
-const pkg = JSON.parse(fs.readFileSync(PKG_PATH,'utf8'))
-export const VERSION = pkg.version
-export const DAY = 86_400_000
-export const SESSION_DURATION = DAY
-
-export const API_VERSION = 4.1 // array.$width
-export const COMPATIBLE_API_VERSION = 1 // while changes in the api are not breaking, this number stays the same, otherwise is made equal to API_VERSION
-
-export const SPECIAL_URI = '/~/'
-export const FRONTEND_URI = SPECIAL_URI + 'frontend/'
-export const ADMIN_URI = SPECIAL_URI + 'admin/'
-export const API_URI = SPECIAL_URI + 'api/'
-export const PLUGINS_PUB_URI = SPECIAL_URI + 'plugins/'
-
-export const METHOD_NOT_ALLOWED = 405
-export const NO_CONTENT = 204
-export const FORBIDDEN = 403
-export const UNAUTHORIZED = 401
-
-export const IS_WINDOWS = process.platform === 'win32'
-const IS_BINARY = !basename(process.argv0).includes('node') // this won't be node if pkg was used
-export const APP_PATH = dirname(IS_BINARY ? process.argv0 : __dirname)
-
-// we want this to be the first stuff to be printed, then we print it in this module, that is executed at the beginning
-if (DEV) console.clear()
-else console.debug = ()=>{}
-console.log(`HFS ~ HTTP File Server - Copyright 2021-2022, Massimo Melina <a@rejetto.com>`)
-console.log(`License https://www.gnu.org/licenses/gpl-3.0.txt`)
-console.log('started', HFS_STARTED.toLocaleString(), DEV)
-console.log('version', VERSION||'-')
-console.log('build', BUILD_TIMESTAMP||'-')
-if (argv.cwd)
-    process.chdir(argv.cwd)
-else if (!process.argv0.endsWith('.exe')) { // still considering whether to use this behavior with Windows users, who may be less accustomed to it
-    const dir = join(homedir(), '.hfs')
-    try { mkdirSync(dir) }
-    catch(e: any) {
-        if (e.code !== 'EEXIST')
-            console.error(e)
-    }
-    process.chdir(dir)
-}
-console.log('cwd', process.cwd())

package/src/crypt.ts

@@ -1,16 +0,0 @@
-// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
-
-// simple wrapper
-// @ts-ignore
-import { pbkdf2, pbkdf2Verify } from "./pbkdf2"
-import assert from 'assert'
-
-export async function hashPassword(s: string) {
-    return 'p2:' + await pbkdf2(s)
-}
-
-export async function verifyPassword(hashed: string, given: string) {
-    const i = hashed.indexOf(':')
-    assert(i>0, 'bad hashed')
-    return await pbkdf2Verify(hashed.slice(i+1), given) // for the time being we totally ignore the "method" part
-}

package/src/debounceAsync.ts

@@ -1,51 +0,0 @@
-// like lodash.debounce, but also avoids async invocations to overlap
-export default function debounceAsync<CB extends (...args: any[]) => Promise<R>, R>(
-    callback: CB,
-    wait: number=100,
-    { leading=false, maxWait=Infinity }={}
-) {
-    let started = 0 // latest callback invocation
-    let runningCallback: Promise<R> | undefined // latest callback invocation result
-    let runningDebouncer: Promise<R | undefined> // latest wrapper invocation
-    let waitingSince = 0 // we are delaying invocation since
-    let whoIsWaiting: undefined | any[] // args' array object identifies the pending instance, and incidentally stores args
-    const interceptingWrapper = (...args:any[]) => runningDebouncer = debouncer.apply(null, args)
-    return Object.assign(interceptingWrapper, {
-        cancel: () => {
-            waitingSince = 0
-            whoIsWaiting = undefined
-        },
-        flush: () => runningCallback ?? exec(),
-    })
-
-    async function debouncer(...args:any[]) {
-        if (runningCallback)
-            return await runningCallback
-        whoIsWaiting = args
-        waitingSince ||= Date.now()
-        const waitingCap = maxWait - (Date.now() - (waitingSince || started))
-        const waitFor = Math.min(waitingCap, leading ? wait - (Date.now() - started) : wait)
-        if (waitFor > 0)
-            await new Promise(resolve => setTimeout(resolve, waitFor))
-        if (!whoIsWaiting) // canceled
-            return void(waitingSince = 0)
-        if (whoIsWaiting !== args) // another fresher call is waiting
-            return runningDebouncer
-        return await exec()
-    }
-
-    async function exec() {
-        if (!whoIsWaiting) return
-        waitingSince = 0
-        started = Date.now()
-        try {
-            runningCallback = callback.apply(null, whoIsWaiting)
-            return await runningCallback
-        }
-        finally {
-            whoIsWaiting = undefined
-            runningCallback = undefined
-        }
-    }
-}
-

package/src/events.ts

@@ -1,6 +0,0 @@
-// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
-
-import EventEmitter from 'events'
-
-// app-wide events
-export default new EventEmitter()

package/src/frontEndApis.ts

@@ -1,17 +0,0 @@
-// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
-
-import { ApiHandlers } from './apiMiddleware'
-import { file_list } from './api.file_list'
-import * as api_auth from './api.auth'
-import { defineConfig } from './config'
-
-const customHeader = defineConfig('custom_header')
-
-export const frontEndApis: ApiHandlers = {
-    file_list,
-    ...api_auth,
-
-    config() {
-        return Object.fromEntries([customHeader].map(x => [x.key(), x.get()]))
-    }
-}

package/src/github.ts

@@ -1,102 +0,0 @@
-import events from './events'
-import { httpsString, httpsStream, unzip } from './misc'
-import { getAvailablePlugins, mapPlugins, parsePluginSource, PATH as PLUGINS_PATH, rescan } from './plugins'
-// @ts-ignore
-import unzipper from 'unzip-stream'
-import { ApiError } from './apiMiddleware'
-import _ from 'lodash'
-
-const DIST_ROOT = 'dist/'
-
-type DownloadStatus = true | undefined
-const downloading: Record<string, DownloadStatus> = {}
-
-function downloadProgress(id: string, status: DownloadStatus) {
-    if (status === undefined)
-        delete downloading[id]
-    else
-        downloading[id] = status
-    events.emit('pluginDownload_'+id, status)
-}
-
-export async function downloadPlugin(repo: string, branch='', overwrite?: boolean) {
-    if (downloading[repo])
-        return new ApiError(409, "already downloading")
-    downloadProgress(repo, true)
-    const rec = await getRepoInfo(repo)
-    if (!branch)
-        branch = rec.default_branch
-    const short = repo.split('/')[1] // second part, repo without the owner
-    const folder2repo = getFolder2repo()
-    const folder = overwrite ? _.findKey(folder2repo, x => x===repo)! // use existing folder
-        : short in folder2repo ? repo.replace('/','-') // longer form only if another plugin is using short form
-            : short
-    const installPath = PLUGINS_PATH + '/' + folder
-    const GITHUB_ZIP_ROOT = short + '-' + branch // GitHub puts everything within this folder
-    const rootWithinZip = GITHUB_ZIP_ROOT + '/' + DIST_ROOT
-    const stream = await httpsStream(`https://github.com/${repo}/archive/refs/heads/${branch}.zip`)
-    await unzip(stream, path =>
-        path.startsWith(rootWithinZip) && installPath + '/' + path.slice(rootWithinZip.length) )
-    downloadProgress(repo, undefined)
-    await rescan() // workaround: for some reason, operations are not triggering the rescan of the watched folder. Let's invoke it.
-    return folder
-}
-
-export function getRepoInfo(id: string) {
-    return apiGithub('repos/'+id)
-}
-
-export async function readOnlinePlugin(repoInfo: { full_name: string, default_branch: string }, branch='') {
-    const url = `https://raw.githubusercontent.com/${repoInfo.full_name}/${branch || repoInfo.default_branch}/${DIST_ROOT}plugin.js`
-    const res = await httpsString(url)
-    if (!res.ok)
-        throw res.statusCode
-    const pl = parsePluginSource(repoInfo.full_name, res.body) // use 'repo' as 'id' client-side
-    pl.branch = branch || undefined
-    return pl
-}
-
-export function getFolder2repo() {
-    const ret = Object.fromEntries(getAvailablePlugins().map(x => [x.id, x.repo]))
-    Object.assign(ret, Object.fromEntries(mapPlugins(x => [x.id, x.getData().repo])))
-    return ret
-}
-
-async function apiGithub(uri: string) {
-    const res = await httpsString('https://api.github.com/'+uri, {
-        headers: {
-            'User-Agent': 'HFS',
-            Accept: 'application/vnd.github.v3+json',
-        }
-    })
-    if (!res.ok)
-        throw res.statusCode
-    return JSON.parse(res.body)
-}
-
-export async function* searchPlugins(text: string) {
-    const res = await apiGithub('search/repositories?q=topic:hfs-plugin+' + encodeURI(text))
-    for (const it of res.items) {
-        const repo = it.full_name
-        let pl = await readOnlinePlugin(it)
-        if (!pl.apiRequired) continue // mandatory field
-        if (pl.badApi) { // we try other branches (starting with 'api')
-            const branches: string[] = (await apiGithub('repos/' + it.full_name + '/branches'))
-                .map((x: any) => x.name).filter((x: string) => x.startsWith('api')).sort()
-            for (const branch of branches) {
-                pl = await readOnlinePlugin(it, branch)
-                if (!pl.apiRequired)
-                    pl.badApi = '-'
-                if (!pl.badApi)
-                    break
-            }
-        }
-        if (pl.badApi)
-            continue
-        Object.assign(pl, { // inject some extra useful fields
-            downloading: downloading[repo],
-            license: it.license?.spdx_id,
-        }, _.pick(it, ['pushed_at', 'stargazers_count']))
-        yield pl
-    }
-}

package/src/index.ts

@@ -1,53 +0,0 @@
-#!/usr/bin/env node
-// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
-
-import Koa from 'koa'
-import mount from 'koa-mount'
-import { apiMiddleware } from './apiMiddleware'
-import { API_URI, DEV } from './const'
-import { frontEndApis } from './frontEndApis'
-import { log } from './log'
-import { pluginsMiddleware } from './plugins'
-import { throttler } from './throttler'
-import { headRequests, gzipper, sessions, serveGuiAndSharedFiles, someSecurity, prepareState, paramsDecoder } from './middlewares'
-import './listen'
-import './commands'
-import { adminApis } from './adminApis'
-import { defineConfig } from './config'
-import { ok } from 'assert'
-import _ from 'lodash'
-import { randomId } from './misc'
-
-ok(_.intersection(Object.keys(frontEndApis), Object.keys(adminApis)).length === 0) // they share same endpoints
-
-const keys = process.env.COOKIE_SIGN_KEYS?.split(',') || [randomId(30)]
-export const app = new Koa({ keys })
-app.use(someSecurity)
-    .use(sessions(app))
-    .use(prepareState)
-    .use(headRequests)
-    .use(log())
-    .use(throttler)
-    .use(gzipper)
-    .use(paramsDecoder)
-    .use(pluginsMiddleware())
-    .use(mount(API_URI, apiMiddleware({ ...frontEndApis, ...adminApis })))
-    .use(serveGuiAndSharedFiles)
-    .on('error', errorHandler)
-
-function errorHandler(err:Error & { code:string, path:string }) {
-    const { code } = err
-    if (DEV && code === 'ENOENT' && err.path.endsWith('sockjs-node')) return // spam out dev stuff
-    if (code === 'ECANCELED' || code === 'ECONNRESET' || code === 'ECONNABORTED' || code === 'EPIPE') return // someone interrupted, don't care
-    console.error('server error', err)
-}
-
-process.on('uncaughtException', err => {
-    if ((err as any).syscall !== 'watch')
-        console.error(err)
-})
-
-defineConfig('proxies', 0).sub(n => {
-    app.proxy = n > 0
-    app.maxIpsCount = n
-})