learn-request-queue/src/app.ts

353 lines
13 KiB
TypeScript

import * as config from "./config";
import * as requests from "./requests";
import * as twitch from "./twitch";
import * as queries from "./queries";
import { log, LogLevel } from "./logging"
import { URLSearchParams } from "url";
import express from "express";
import session from "express-session";
import pg from "pg";
import pgSessionStore from "connect-pg-simple";
import fetch, { Response as FetchResponse } from "node-fetch";
import db from "./db";
import errorHandler from "./errors";
import * as version from "./version";
console.log("Starting at " + new Date().toISOString());
// Ensure that any API token we have is valid - if not, destroy the session,
// logging out the user. Should be called before checking whether a user is
// logged in.
async function validateApiToken(session: Express.Session) {
if (session.tokenpair && ! (await twitch.isApiTokenValid(session.tokenpair))) {
session.destroy(()=>{});
}
}
const app = express();
app.use(express.static('public'));
app.use(express.urlencoded({extended: false}));
app.use(session({
secret: config.sessionSecret,
saveUninitialized: false,
resave: false,
store: new (pgSessionStore(session))({
pool: db
})
}));
// API
app.get("/api/getRequests", async (request, response) => {
if (!request.session) {
throw new Error ("Missing request.session")
}
var requestCount = ( request.query.count ? parseInt(request.query.count as string, 10) : 5 );
await validateApiToken(request.session);
if (request.session.user) {
requests.getRequestsVoted(requestCount,request.session.user.id).then((val: Array<any>) => response.send(val))
.catch((e: any) => errorHandler(request,response,e));
} else {
requests.getRequests(requestCount).then((val: Array<any>) => response.send(val))
.catch((e: any) => errorHandler(request,response,e));
}
});
app.get("/api/getAllRequests", async (request, response) => {
if (!request.session) {
throw new Error ("Missing request.session")
}
var requestCount = ( request.query.count ? parseInt(request.query.count as string, 10) : 5 );
await validateApiToken(request.session);
if (request.session.user) {
requests.getAllRequestsVoted(requestCount,request.session.user.id).then((val: Array<any>) => response.send(val))
.catch((e: any) => errorHandler(request,response,e));
} else {
requests.getAllRequests(requestCount).then((val: Array<any>) => response.send(val))
.catch((e: any) => errorHandler(request,response,e));
}
});
app.post("/api/addRequest", async (request, response) => {
response.type('text/plain');
if (request.session) await validateApiToken(request.session);
if (!request.session || !request.session.user) {
response.status(401);
response.send("Session expired; please log in again");
return;
}
var banned = await db.query(Object.assign(queries.checkBan, { values: [request.session.user.id] })).then((result: pg.QueryResult) => result.rowCount > 0);
if (banned) {
response.status(401);
response.send("You are banned; you may not add new requests.");
return;
}
if (!request.body.url) {
response.status(400);
response.send("Missing url");
return;
}
var url = request.body.url as string;
var requester = request.session.user.id;
requests.addRequest(url,requester).then((val: [number,string]) => {
response.status(val[0]);
response.send(val[1]);
})
.catch((e: any) => errorHandler(request,response,e));
});
app.post("/api/updateRequestState", async (request, response) => {
if (request.session) await validateApiToken(request.session);
if (!request.session || !request.session.user) {
response.status(401);
response.send("Session expired; please log in again");
return;
}
var streamerid = await db.query(queries.getStreamerId).then((result: pg.QueryResult) => result.rows[0]['userid']);
if (request.session.user.id != streamerid) {
response.status(401);
response.send("You are not the streamer");
return;
}
if (!request.body.url) {
response.status(400);
response.send("Missing url");
return;
}
if (!request.body.state) {
response.status(400);
response.send("Missing state");
return;
}
var url = request.body.url as string;
var state = request.body.state as string;
response.type('text/plain');
requests.updateRequestState(url,state).then((val: [number,string]) => {
response.status(val[0]);
response.send(val[1]);
})
.catch((e: any) => errorHandler(request,response,e));
});
app.post("/api/updateRequestScoreModifier", async (request, response) => {
if (request.session) await validateApiToken(request.session);
if (!request.session || !request.session.user) {
response.status(401);
response.send("Session expired; please log in again");
return;
}
var streamerid = await db.query(queries.getStreamerId).then((result: pg.QueryResult) => result.rows[0]['userid']);
if (request.session.user.id != streamerid) {
response.status(401);
response.send("You are not the streamer");
return;
}
if (!request.body.url) {
response.status(400);
response.send("Missing url");
return;
}
if (!request.body.scoreDiff) {
response.status(400);
response.send("Missing scoreDiff");
return;
}
var url = request.body.url as string;
var scoreDiff = parseInt(request.body.scoreDiff as string, 10);
response.type('text/plain');
requests.updateRequestScoreModifier(url,scoreDiff).then((val: [number,string]) => {
response.status(val[0]);
response.send(val[1]);
})
.catch((e: any) => errorHandler(request,response,e));
});
app.post("/api/deleteRequest", async (request, response) => {
if (request.session) await validateApiToken(request.session);
if (!request.session || !request.session.user) {
response.status(401);
response.send("Session expired; please log in again");
return;
}
var streamerid = await db.query(queries.getStreamerId).then((result: pg.QueryResult) => result.rows[0]['userid']);
if (request.session.user.id != streamerid) {
response.status(401);
response.send("You are not the streamer");
return;
}
if (!request.body.url) {
response.status(400);
response.send("Missing url");
return;
}
var url = request.body.url as string;
response.type('text/plain');
requests.deleteRequest(url).then((val: [number,string]) => {
response.status(val[0]);
response.send(val[1]);
})
.catch((e: any) => errorHandler(request,response,e));
});
app.post("/api/addVote", async (request,response) => {
response.type('text/plain');
if (request.session) await validateApiToken(request.session);
if (!request.session || !request.session.user) {
response.status(401);
response.send("Session expired; please log in again");
return;
}
var banned = await db.query(Object.assign(queries.checkBan,{ values: [request.session.user.id] })).then((result: pg.QueryResult) => result.rowCount > 0);
if (banned) {
response.status(401);
response.send("You are banned; you may not vote on requests.");
return;
}
if (!request.body.url) {
response.status(400);
response.send("Missing url");
return;
}
var url = request.body.url as string;
var user = request.session.user.id;
requests.addVote(url,user).then((val: [number,string]) => {
response.status(val[0]);
response.send(val[1]);
})
.catch((e: any) => errorHandler(request,response,e));
});
app.post("/api/deleteVote", async (request,response) => {
response.type('text/plain');
if (request.session) await validateApiToken(request.session);
if (!request.session || !request.session.user) {
response.status(401);
response.send("Session expired; please log in again");
return;
}
if (!request.body.url) {
response.status(400);
response.send("Missing url");
return;
}
var url = request.body.url as string;
var user = request.session.user.id;
requests.deleteVote(url,user).then((val: [number,string]) => {
response.status(val[0]);
response.send(val[1]);
})
.catch((e: any) => errorHandler(request,response,e));
});
// Twitch callback
app.get("/callback", async (request, response) => {
if (request.query.error) {
response.redirect(307, '/');
return;
}
var authcode = request.query.code as string;
var tokenResponse = await fetch("https://id.twitch.tv/oauth2/token", { method: "POST", body: new URLSearchParams({
client_id: config.twitchClientId,
client_secret: config.twitchSecret,
code: authcode,
grant_type: "authorization_code",
redirect_uri: `${config.urlPrefix}/callback`
})}).then((res: FetchResponse) => res.json() as Promise<twitch.TokenPair>)
.catch((e: any) => errorHandler(request,response,e));
if (typeof request.session == 'undefined') throw new Error('Session is undefined');
if (typeof tokenResponse == 'undefined') throw new Error('tokenResponse is undefined');
request.session.tokenpair = { access_token: tokenResponse.access_token, refresh_token: tokenResponse.refresh_token };
request.session.user = (await twitch.apiRequest(request.session.tokenpair,"/users")).data[0];
db.query(Object.assign(queries.updateUser,{ values: [request.session.user.id,request.session.user.display_name,request.session.user.profile_image_url] }));
var streamer = await db.query(queries.getStreamerId).then((result: pg.QueryResult) => result.rows[0]);
if (typeof streamer == 'undefined' || request.session.user.id == streamer['userid']) {
if (typeof (tokenResponse as any).scope != 'undefined') { // Scopes requested - update streamer info
db.query(Object.assign(queries.updateStreamer,{ values: [request.session.user.id,JSON.stringify(request.session.tokenpair)] }));
} else { // Scopes not requested - redirect and request them
response.redirect(307, `https://id.twitch.tv/oauth2/authorize?client_id=${config.twitchClientId}&redirect_uri=${config.urlPrefix}/callback&response_type=code&scope=channel:read:subscriptions moderation:read`);
return;
}
}
response.redirect(307, '/');
});
// Frontend templates
app.get("/", async (request, response) => {
if (request.session) await validateApiToken(request.session);
var streamerInfo = await db.query(queries.getStreamerInfo).then((result: pg.QueryResult) => result.rows[0]);
var validStates = JSON.stringify((await db.query(queries.getValidStates).then((result: pg.QueryResult) => result.rows)).map((row: any) => row.state));
if (typeof streamerInfo == 'undefined') response.redirect(307, `https://id.twitch.tv/oauth2/authorize?client_id=${config.twitchClientId}&redirect_uri=${config.urlPrefix}/callback&response_type=code&scope=channel:read:subscriptions moderation:read`);
if (!request.session || !request.session.user) {
response.render('main.eta', {
loggedIn: false,
clientId: config.twitchClientId,
urlPrefix: config.urlPrefix,
streamerName: streamerInfo['displayname'],
streamerProfilePicture: streamerInfo['imageurl']
});
} else {
response.render('main.eta', {
loggedIn: true,
userName: request.session.user.display_name,
userProfilePicture: request.session.user.profile_image_url,
validStates: validStates,
isStreamer: streamerInfo['userid'] == request.session.user.id,
streamerName: streamerInfo['displayname'],
streamerProfilePicture: streamerInfo['imageurl']
});
}
});
// Streamer Panel
//app.get("/streamer/", async (request, response) => {
//
//});
// Logout
app.get("/logout", async (request, response) => request.session!.destroy(() => response.redirect(307, '/')));
async function processBannedUsers() {
log(LogLevel.INFO,"processBannedUsers run at " + new Date().toISOString());
var streamer = await db.query(queries.getStreamerIdToken).then((result: pg.QueryResult) => result.rows[0]);
if (typeof streamer == 'undefined') return;
var response = await twitch.streamerApiRequest("/moderation/banned?broadcaster_id=" + streamer['userid']);
var dbconn = await db.connect();
try {
await dbconn.query('BEGIN');
dbconn.query("DELETE FROM bans");
log(LogLevel.DEBUG,"Ban list:")
log(LogLevel.DEBUG,JSON.stringify(response.data,null,2));
var insertBanQuery = "INSERT INTO bans (userid) VALUES ";
var banRow = 0;
var bansArray: number[] = [];
for (var ban of response.data) {
if (ban.expires_at == '') {
banRow++;
insertBanQuery += `($${banRow}), `;
bansArray.push(ban.user_id as number);
}
}
var banQueryConfig = {
text: insertBanQuery.slice(0,-2), // Cut last `, ` off of the end
values: bansArray
};
log(LogLevel.DEBUG,"banQueryConfig object:")
log(LogLevel.DEBUG,JSON.stringify(banQueryConfig,null,2))
dbconn.query(banQueryConfig);
dbconn.query("CALL update_scores()");
await dbconn.query('COMMIT');
} catch (e) {
await dbconn.query('ROLLBACK');
} finally {
dbconn.release();
}
setTimeout(processBannedUsers,3600000+Math.floor(Math.random()*900000)) // Run every 1-1.25 hours to balance load
}
setTimeout(processBannedUsers,600000+Math.floor(Math.random()*600000))
// Check version then listen
version.checkVersion().then(_ => app.listen(config.port, () => {
console.log(`Listening on port ${config.port}`);
}));