2016-10-09 19:14:02 +00:00
|
|
|
"use strict";
|
|
|
|
|
2016-09-05 12:37:27 +00:00
|
|
|
const pkg = require("../package.json");
|
2018-01-11 11:33:36 +00:00
|
|
|
const _ = require("lodash");
|
2018-06-15 20:31:06 +00:00
|
|
|
const log = require("./log");
|
2018-01-11 11:33:36 +00:00
|
|
|
const path = require("path");
|
|
|
|
const os = require("os");
|
|
|
|
const fs = require("fs");
|
|
|
|
const net = require("net");
|
|
|
|
const bcrypt = require("bcryptjs");
|
2018-03-02 18:28:54 +00:00
|
|
|
const colors = require("chalk");
|
2019-03-08 10:29:49 +00:00
|
|
|
const crypto = require("crypto");
|
2014-10-04 23:22:23 +00:00
|
|
|
|
2017-12-07 03:54:54 +00:00
|
|
|
let homePath;
|
|
|
|
let configPath;
|
|
|
|
let usersPath;
|
|
|
|
let storagePath;
|
|
|
|
let packagesPath;
|
2018-09-03 07:30:05 +00:00
|
|
|
let fileUploadPath;
|
2018-04-17 08:06:08 +00:00
|
|
|
let userLogsPath;
|
2020-03-30 20:15:32 +00:00
|
|
|
let clientCertificatesPath;
|
2017-12-07 03:54:54 +00:00
|
|
|
|
|
|
|
const Helper = {
|
2016-06-08 09:26:24 +00:00
|
|
|
config: null,
|
2017-12-07 03:54:54 +00:00
|
|
|
expandHome,
|
|
|
|
getHomePath,
|
|
|
|
getPackagesPath,
|
|
|
|
getPackageModulePath,
|
|
|
|
getStoragePath,
|
|
|
|
getConfigPath,
|
2018-09-03 07:30:05 +00:00
|
|
|
getFileUploadPath,
|
2017-12-07 03:54:54 +00:00
|
|
|
getUsersPath,
|
|
|
|
getUserConfigPath,
|
|
|
|
getUserLogsPath,
|
2020-03-30 20:15:32 +00:00
|
|
|
getClientCertificatesPath,
|
2017-12-07 03:54:54 +00:00
|
|
|
setHome,
|
|
|
|
getVersion,
|
2019-03-08 10:29:49 +00:00
|
|
|
getVersionCacheBust,
|
2020-08-21 11:26:35 +00:00
|
|
|
getVersionNumber,
|
2017-12-07 03:54:54 +00:00
|
|
|
getGitCommit,
|
|
|
|
ip2hex,
|
2018-03-10 11:54:51 +00:00
|
|
|
mergeConfig,
|
2018-04-03 14:49:22 +00:00
|
|
|
getDefaultNick,
|
2018-03-11 18:17:57 +00:00
|
|
|
parseHostmask,
|
|
|
|
compareHostmask,
|
2021-11-02 20:42:17 +00:00
|
|
|
compareWithWildcard,
|
2016-10-21 19:00:43 +00:00
|
|
|
|
|
|
|
password: {
|
|
|
|
hash: passwordHash,
|
|
|
|
compare: passwordCompare,
|
|
|
|
requiresUpdate: passwordRequiresUpdate,
|
|
|
|
},
|
2014-09-13 12:23:17 +00:00
|
|
|
};
|
|
|
|
|
2016-05-09 16:19:16 +00:00
|
|
|
module.exports = Helper;
|
|
|
|
|
2019-07-17 09:33:59 +00:00
|
|
|
Helper.config = require(path.resolve(path.join(__dirname, "..", "defaults", "config.js")));
|
2016-06-08 09:26:24 +00:00
|
|
|
|
2016-09-05 12:37:27 +00:00
|
|
|
function getVersion() {
|
|
|
|
const gitCommit = getGitCommit();
|
2018-04-15 22:19:25 +00:00
|
|
|
const version = `v${pkg.version}`;
|
|
|
|
return gitCommit ? `source (${gitCommit} / ${version})` : version;
|
2016-09-05 12:37:27 +00:00
|
|
|
}
|
|
|
|
|
2020-08-21 11:26:35 +00:00
|
|
|
function getVersionNumber() {
|
|
|
|
return pkg.version;
|
|
|
|
}
|
|
|
|
|
2016-09-05 12:37:27 +00:00
|
|
|
let _gitCommit;
|
2018-02-20 07:28:04 +00:00
|
|
|
|
2016-09-05 12:37:27 +00:00
|
|
|
function getGitCommit() {
|
|
|
|
if (_gitCommit !== undefined) {
|
|
|
|
return _gitCommit;
|
|
|
|
}
|
2018-02-20 07:28:04 +00:00
|
|
|
|
2021-12-03 17:14:26 +00:00
|
|
|
if (!fs.existsSync(path.resolve(__dirname, "..", ".git"))) {
|
2018-04-16 14:08:30 +00:00
|
|
|
_gitCommit = null;
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
2016-09-05 12:37:27 +00:00
|
|
|
try {
|
|
|
|
_gitCommit = require("child_process")
|
2018-04-16 13:35:17 +00:00
|
|
|
.execSync(
|
|
|
|
"git rev-parse --short HEAD", // Returns hash of current commit
|
|
|
|
{stdio: ["ignore", "pipe", "ignore"]}
|
|
|
|
)
|
2016-09-05 12:37:27 +00:00
|
|
|
.toString()
|
|
|
|
.trim();
|
|
|
|
return _gitCommit;
|
|
|
|
} catch (e) {
|
|
|
|
// Not a git repository or git is not installed
|
|
|
|
_gitCommit = null;
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-03-08 10:29:49 +00:00
|
|
|
function getVersionCacheBust() {
|
2020-03-21 20:55:36 +00:00
|
|
|
const hash = crypto.createHash("sha256").update(Helper.getVersion()).digest("hex");
|
2019-03-08 10:29:49 +00:00
|
|
|
|
|
|
|
return hash.substring(0, 10);
|
|
|
|
}
|
|
|
|
|
2017-12-07 03:54:54 +00:00
|
|
|
function setHome(newPath) {
|
|
|
|
homePath = expandHome(newPath);
|
|
|
|
configPath = path.join(homePath, "config.js");
|
|
|
|
usersPath = path.join(homePath, "users");
|
|
|
|
storagePath = path.join(homePath, "storage");
|
2018-09-03 07:30:05 +00:00
|
|
|
fileUploadPath = path.join(homePath, "uploads");
|
2018-02-08 05:19:44 +00:00
|
|
|
packagesPath = path.join(homePath, "packages");
|
2018-04-17 08:06:08 +00:00
|
|
|
userLogsPath = path.join(homePath, "logs");
|
2020-03-30 20:15:32 +00:00
|
|
|
clientCertificatesPath = path.join(homePath, "certificates");
|
2016-06-08 09:26:24 +00:00
|
|
|
|
|
|
|
// Reload config from new home location
|
2017-12-07 03:54:54 +00:00
|
|
|
if (fs.existsSync(configPath)) {
|
2017-12-10 06:03:00 +00:00
|
|
|
const userConfig = require(configPath);
|
|
|
|
|
|
|
|
if (_.isEmpty(userConfig)) {
|
2019-07-17 09:33:59 +00:00
|
|
|
log.warn(
|
|
|
|
`The file located at ${colors.green(
|
|
|
|
configPath
|
|
|
|
)} does not appear to expose anything.`
|
|
|
|
);
|
|
|
|
log.warn(
|
|
|
|
`Make sure it is non-empty and the configuration is exported using ${colors.bold(
|
|
|
|
"module.exports = { ... }"
|
|
|
|
)}.`
|
|
|
|
);
|
2017-12-10 06:03:00 +00:00
|
|
|
log.warn("Using default configuration...");
|
|
|
|
}
|
|
|
|
|
2018-03-10 11:54:51 +00:00
|
|
|
mergeConfig(this.config, userConfig);
|
2016-07-04 20:15:30 +00:00
|
|
|
}
|
2016-12-10 08:53:06 +00:00
|
|
|
|
2019-10-31 11:21:22 +00:00
|
|
|
if (this.config.fileUpload.baseUrl) {
|
|
|
|
try {
|
|
|
|
new URL("test/file.png", this.config.fileUpload.baseUrl);
|
|
|
|
} catch (e) {
|
|
|
|
this.config.fileUpload.baseUrl = null;
|
|
|
|
|
|
|
|
log.warn(`The ${colors.bold("fileUpload.baseUrl")} you specified is invalid: ${e}`);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-07-17 09:33:59 +00:00
|
|
|
const manifestPath = path.resolve(
|
|
|
|
path.join(__dirname, "..", "public", "thelounge.webmanifest")
|
|
|
|
);
|
2018-11-13 11:21:19 +00:00
|
|
|
|
|
|
|
// Check if manifest exists, if not, the app most likely was not built
|
|
|
|
if (!fs.existsSync(manifestPath)) {
|
2019-07-17 09:33:59 +00:00
|
|
|
log.error(
|
|
|
|
`The client application was not built. Run ${colors.bold(
|
|
|
|
"NODE_ENV=production yarn build"
|
|
|
|
)} to resolve this.`
|
|
|
|
);
|
2018-11-13 11:21:19 +00:00
|
|
|
process.exit(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Load theme color from the web manifest
|
|
|
|
const manifest = JSON.parse(fs.readFileSync(manifestPath, "utf8"));
|
2017-11-12 18:24:21 +00:00
|
|
|
this.config.themeColor = manifest.theme_color;
|
2021-11-23 18:48:59 +00:00
|
|
|
|
|
|
|
// log dir probably shouldn't be world accessible.
|
|
|
|
// Create it with the desired permission bits if it doesn't exist yet.
|
|
|
|
let logsStat = undefined;
|
|
|
|
|
|
|
|
try {
|
|
|
|
logsStat = fs.statSync(userLogsPath);
|
|
|
|
} catch {
|
|
|
|
// ignored on purpose, node v14.17.0 will give us {throwIfNoEntry: false}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!logsStat) {
|
|
|
|
try {
|
|
|
|
fs.mkdirSync(userLogsPath, {recursive: true, mode: 0o750});
|
|
|
|
} catch (e) {
|
|
|
|
log.error("Unable to create logs directory", e);
|
|
|
|
}
|
|
|
|
} else if (logsStat && logsStat.mode & 0o001) {
|
|
|
|
log.warn(
|
|
|
|
"contents of",
|
|
|
|
userLogsPath,
|
|
|
|
"can be accessed by any user, the log files may be exposed"
|
|
|
|
);
|
|
|
|
|
|
|
|
if (os.platform() !== "win32") {
|
|
|
|
log.warn(`run \`chmod o-x ${userLogsPath}\` to correct it`);
|
|
|
|
}
|
|
|
|
}
|
2016-05-09 16:19:16 +00:00
|
|
|
}
|
|
|
|
|
2017-12-07 03:54:54 +00:00
|
|
|
function getHomePath() {
|
|
|
|
return homePath;
|
|
|
|
}
|
|
|
|
|
|
|
|
function getConfigPath() {
|
|
|
|
return configPath;
|
|
|
|
}
|
|
|
|
|
2018-09-03 07:30:05 +00:00
|
|
|
function getFileUploadPath() {
|
|
|
|
return fileUploadPath;
|
|
|
|
}
|
|
|
|
|
2017-12-07 03:54:54 +00:00
|
|
|
function getUsersPath() {
|
|
|
|
return usersPath;
|
|
|
|
}
|
|
|
|
|
2016-05-08 06:21:31 +00:00
|
|
|
function getUserConfigPath(name) {
|
2017-12-07 03:54:54 +00:00
|
|
|
return path.join(usersPath, name + ".json");
|
2016-05-08 06:21:31 +00:00
|
|
|
}
|
|
|
|
|
2018-04-17 08:06:08 +00:00
|
|
|
function getUserLogsPath() {
|
|
|
|
return userLogsPath;
|
2016-05-15 21:13:51 +00:00
|
|
|
}
|
|
|
|
|
2020-03-30 20:15:32 +00:00
|
|
|
function getClientCertificatesPath() {
|
|
|
|
return clientCertificatesPath;
|
|
|
|
}
|
|
|
|
|
2017-07-06 15:33:09 +00:00
|
|
|
function getStoragePath() {
|
2017-12-07 03:54:54 +00:00
|
|
|
return storagePath;
|
2017-07-06 15:33:09 +00:00
|
|
|
}
|
|
|
|
|
2017-06-22 21:09:55 +00:00
|
|
|
function getPackagesPath() {
|
2017-12-07 03:54:54 +00:00
|
|
|
return packagesPath;
|
2017-06-22 21:09:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
function getPackageModulePath(packageName) {
|
2018-02-08 05:19:44 +00:00
|
|
|
return path.join(Helper.getPackagesPath(), "node_modules", packageName);
|
2017-06-22 21:09:55 +00:00
|
|
|
}
|
|
|
|
|
2016-11-19 18:32:47 +00:00
|
|
|
function ip2hex(address) {
|
|
|
|
// no ipv6 support
|
|
|
|
if (!net.isIPv4(address)) {
|
|
|
|
return "00000000";
|
|
|
|
}
|
|
|
|
|
2019-07-17 09:33:59 +00:00
|
|
|
return address
|
|
|
|
.split(".")
|
2020-03-21 20:55:36 +00:00
|
|
|
.map(function (octet) {
|
2019-07-17 09:33:59 +00:00
|
|
|
let hex = parseInt(octet, 10).toString(16);
|
2016-11-19 18:32:47 +00:00
|
|
|
|
2019-07-17 09:33:59 +00:00
|
|
|
if (hex.length === 1) {
|
|
|
|
hex = "0" + hex;
|
|
|
|
}
|
2016-11-19 18:32:47 +00:00
|
|
|
|
2019-07-17 09:33:59 +00:00
|
|
|
return hex;
|
|
|
|
})
|
|
|
|
.join("");
|
2016-11-19 18:32:47 +00:00
|
|
|
}
|
|
|
|
|
2017-12-08 04:33:43 +00:00
|
|
|
// Expand ~ into the current user home dir.
|
|
|
|
// This does *not* support `~other_user/tmp` => `/home/other_user/tmp`.
|
2016-05-08 06:21:31 +00:00
|
|
|
function expandHome(shortenedPath) {
|
2017-04-17 19:48:28 +00:00
|
|
|
if (!shortenedPath) {
|
|
|
|
return "";
|
|
|
|
}
|
2016-04-27 08:13:25 +00:00
|
|
|
|
2017-08-16 07:06:20 +00:00
|
|
|
const home = os.homedir().replace("$", "$$$$");
|
2016-05-08 06:21:31 +00:00
|
|
|
return path.resolve(shortenedPath.replace(/^~($|\/|\\)/, home + "$1"));
|
2016-04-27 08:13:25 +00:00
|
|
|
}
|
2016-10-21 19:00:43 +00:00
|
|
|
|
|
|
|
function passwordRequiresUpdate(password) {
|
|
|
|
return bcrypt.getRounds(password) !== 11;
|
|
|
|
}
|
|
|
|
|
|
|
|
function passwordHash(password) {
|
|
|
|
return bcrypt.hashSync(password, bcrypt.genSaltSync(11));
|
|
|
|
}
|
|
|
|
|
|
|
|
function passwordCompare(password, expected) {
|
2017-03-23 07:47:51 +00:00
|
|
|
return bcrypt.compare(password, expected);
|
2016-10-21 19:00:43 +00:00
|
|
|
}
|
2018-03-10 11:54:51 +00:00
|
|
|
|
2018-04-03 14:49:22 +00:00
|
|
|
function getDefaultNick() {
|
|
|
|
if (!this.config.defaults.nick) {
|
|
|
|
return "thelounge";
|
|
|
|
}
|
|
|
|
|
|
|
|
return this.config.defaults.nick.replace(/%/g, () => Math.floor(Math.random() * 10));
|
|
|
|
}
|
|
|
|
|
2018-03-10 11:54:51 +00:00
|
|
|
function mergeConfig(oldConfig, newConfig) {
|
2019-07-08 11:12:31 +00:00
|
|
|
for (const key in newConfig) {
|
|
|
|
if (!Object.prototype.hasOwnProperty.call(oldConfig, key)) {
|
2019-03-04 18:35:21 +00:00
|
|
|
log.warn(`Unknown key "${colors.bold(key)}", please verify your config.`);
|
|
|
|
}
|
2019-07-08 11:12:31 +00:00
|
|
|
}
|
2019-03-04 18:35:21 +00:00
|
|
|
|
2019-07-08 11:12:31 +00:00
|
|
|
return _.mergeWith(oldConfig, newConfig, (objValue, srcValue, key) => {
|
2018-03-10 11:54:51 +00:00
|
|
|
// Do not override config variables if the type is incorrect (e.g. object changed into a string)
|
2019-07-17 09:33:59 +00:00
|
|
|
if (
|
|
|
|
typeof objValue !== "undefined" &&
|
|
|
|
objValue !== null &&
|
|
|
|
typeof objValue !== typeof srcValue
|
|
|
|
) {
|
2018-03-10 11:54:51 +00:00
|
|
|
log.warn(`Incorrect type for "${colors.bold(key)}", please verify your config.`);
|
|
|
|
|
|
|
|
return objValue;
|
|
|
|
}
|
|
|
|
|
|
|
|
// For arrays, simply override the value with user provided one.
|
|
|
|
if (_.isArray(objValue)) {
|
|
|
|
return srcValue;
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
2018-03-11 18:17:57 +00:00
|
|
|
|
|
|
|
function parseHostmask(hostmask) {
|
|
|
|
let nick = "";
|
|
|
|
let ident = "*";
|
|
|
|
let hostname = "*";
|
|
|
|
let parts = [];
|
|
|
|
|
|
|
|
// Parse hostname first, then parse the rest
|
|
|
|
parts = hostmask.split("@");
|
|
|
|
|
|
|
|
if (parts.length >= 2) {
|
|
|
|
hostname = parts[1] || "*";
|
|
|
|
hostmask = parts[0];
|
|
|
|
}
|
|
|
|
|
|
|
|
hostname = hostname.toLowerCase();
|
|
|
|
|
|
|
|
parts = hostmask.split("!");
|
|
|
|
|
|
|
|
if (parts.length >= 2) {
|
|
|
|
ident = parts[1] || "*";
|
|
|
|
hostmask = parts[0];
|
|
|
|
}
|
|
|
|
|
|
|
|
ident = ident.toLowerCase();
|
|
|
|
|
|
|
|
nick = hostmask.toLowerCase() || "*";
|
|
|
|
|
|
|
|
const result = {
|
|
|
|
nick: nick,
|
|
|
|
ident: ident,
|
|
|
|
hostname: hostname,
|
|
|
|
};
|
|
|
|
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
|
|
|
function compareHostmask(a, b) {
|
2019-07-17 09:33:59 +00:00
|
|
|
return (
|
2021-11-02 20:42:17 +00:00
|
|
|
compareWithWildcard(a.nick, b.nick) &&
|
|
|
|
compareWithWildcard(a.ident, b.ident) &&
|
|
|
|
compareWithWildcard(a.hostname, b.hostname)
|
2019-07-17 09:33:59 +00:00
|
|
|
);
|
2018-03-11 18:17:57 +00:00
|
|
|
}
|
2021-11-02 20:42:17 +00:00
|
|
|
|
|
|
|
function compareWithWildcard(a, b) {
|
|
|
|
// we allow '*' and '?' wildcards in our comparison.
|
|
|
|
// this is mostly aligned with https://modern.ircdocs.horse/#wildcard-expressions
|
|
|
|
// but we do not support the escaping. The ABNF does not seem to be clear as to
|
|
|
|
// how to escape the escape char '\', which is valid in a nick,
|
|
|
|
// whereas the wildcards tend not to be (as per RFC1459).
|
|
|
|
|
|
|
|
// The "*" wildcard is ".*" in regex, "?" is "."
|
|
|
|
// so we tokenize and join with the proper char back together,
|
|
|
|
// escaping any other regex modifier
|
|
|
|
const wildmany_split = a.split("*").map((sub) => {
|
|
|
|
const wildone_split = sub.split("?").map((p) => _.escapeRegExp(p));
|
|
|
|
return wildone_split.join(".");
|
|
|
|
});
|
|
|
|
const user_regex = wildmany_split.join(".*");
|
|
|
|
const re = new RegExp(`^${user_regex}$`, "i"); // case insensitive
|
|
|
|
return re.test(b);
|
|
|
|
}
|