commit 5f706a73089b7eef83900266f3eac0c4cf21cd3b · cduck.me/statusphere-example-app-fork

+6 -6

src/ingester.ts

···

       11
        
       export function createIngester(db: Database) {

     

       12
        
         const logger = pino({ name: 'firehose', level: env.LOG_LEVEL })

     

       13
        
         return new Firehose({

     

       14
       -
           service: env.FIREHOSE_URL,

     

       15
       -
           idResolver: new IdResolver({

     

       16
       -
             plcUrl: env.PLC_URL,

     

       17
       -
             didCache: new MemoryCache(HOUR, DAY),

     

       18
       -
           }),

     

       19
        
           handleEvent: async (evt: Event) => {

     

       20
        
             // Watch for write events

     

       21
        
             if (evt.event === 'create' || evt.event === 'update') {

     
···

       70
        
           onError: (err: unknown) => {

     

       71
        
             logger.error({ err }, 'error on firehose ingestion')

     

       72
        
           },

     

       73
       -
           filterCollections: ['xyz.statusphere.status'],

     

       74
        
           excludeIdentity: true,

     

       75
        
           excludeAccount: true,

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       76
        
         })

     

       77
        
       }

···

       11
        
       export function createIngester(db: Database) {

     

       12
        
         const logger = pino({ name: 'firehose', level: env.LOG_LEVEL })

     

       13
        
         return new Firehose({

     

       14
       +
           filterCollections: ['xyz.statusphere.status'],

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       15
        
           handleEvent: async (evt: Event) => {

     

       16
        
             // Watch for write events

     

       17
        
             if (evt.event === 'create' || evt.event === 'update') {

     
···

       66
        
           onError: (err: unknown) => {

     

       67
        
             logger.error({ err }, 'error on firehose ingestion')

     

       68
        
           },

     

       0
        
       
     

       69
        
           excludeIdentity: true,

     

       70
        
           excludeAccount: true,

     

       71
       +
           service: env.FIREHOSE_URL,

     

       72
       +
           idResolver: new IdResolver({

     

       73
       +
             plcUrl: env.PLC_URL,

     

       74
       +
             didCache: new MemoryCache(HOUR, DAY),

     

       75
       +
           }),

     

       76
        
         })

     

       77
        
       }

+5 -4

src/lib/http.ts

···

       0
        
       
     

       1
        
       import { createHttpTerminator } from 'http-terminator'

     

       2
        
       import { once } from 'node:events'

     

       3
        
       import type {

     
···

       11
        
       

     

       12
        
       export type Middleware<

     

       13
        
         Req extends IncomingMessage = IncomingMessage,

     

       14
       -
         Res extends ServerResponse<Req> = ServerResponse<Req>,

     

       15
        
       > = (req: Req, res: Res, next: NextFunction) => void

     

       16
        
       

     

       17
        
       export type Handler<

     

       18
        
         Req extends IncomingMessage = IncomingMessage,

     

       19
       -
         Res extends ServerResponse<Req> = ServerResponse<Req>,

     

       20
        
       > = (req: Req, res: Res) => unknown | Promise<unknown>

     

       21
        
       /**

     

       22
        
        * Wraps a request handler middleware to ensure that `next` is called if it

     

       23
        
        * throws or returns a promise that rejects.

     

       24
        
        */

     

       25
        
       export function handler<

     

       26
       -
         Req extends IncomingMessage = IncomingMessage,

     

       27
       -
         Res extends ServerResponse<Req> = ServerResponse<Req>,

     

       28
        
       >(fn: Handler<Req, Res>): Middleware<Req, Res> {

     

       29
        
         return async (req, res, next) => {

     

       30
        
           try {

···

       1
       +
       import { Request, Response } from 'express'

     

       2
        
       import { createHttpTerminator } from 'http-terminator'

     

       3
        
       import { once } from 'node:events'

     

       4
        
       import type {

     
···

       12
        
       

     

       13
        
       export type Middleware<

     

       14
        
         Req extends IncomingMessage = IncomingMessage,

     

       15
       +
         Res extends ServerResponse = ServerResponse,

     

       16
        
       > = (req: Req, res: Res, next: NextFunction) => void

     

       17
        
       

     

       18
        
       export type Handler<

     

       19
        
         Req extends IncomingMessage = IncomingMessage,

     

       20
       +
         Res extends ServerResponse = ServerResponse,

     

       21
        
       > = (req: Req, res: Res) => unknown | Promise<unknown>

     

       22
        
       /**

     

       23
        
        * Wraps a request handler middleware to ensure that `next` is called if it

     

       24
        
        * throws or returns a promise that rejects.

     

       25
        
        */

     

       26
        
       export function handler<

     

       27
       +
         Req extends IncomingMessage = Request,

     

       28
       +
         Res extends ServerResponse = Response,

     

       29
        
       >(fn: Handler<Req, Res>): Middleware<Req, Res> {

     

       30
        
         return async (req, res, next) => {

     

       31
        
           try {

+28 -36

src/routes.ts

···

       31
        
         res: ServerResponse,

     

       32
        
         ctx: AppContext,

     

       33
        
       ) {

     

       0
        
       
     

       0
        
       
     

       34
        
         const session = await getIronSession<Session>(req, res, {

     

       35
        
           cookieName: 'sid',

     

       36
        
           password: env.COOKIE_SECRET,

     

       37
        
         })

     

       38
        
         if (!session.did) return null

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       39
        
         try {

     

       40
        
           const oauthSession = await ctx.oauthClient.restore(session.did)

     

       41
        
           return oauthSession ? new Agent(oauthSession) : null

     
···

       60
        
         // OAuth metadata

     

       61
        
         router.get(

     

       62
        
           '/oauth-client-metadata.json',

     

       63
       -
           handler((req: Request, res: Response) => {

     

       64
        
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       65
        
             res.json(ctx.oauthClient.clientMetadata)

     

       66
        
           }),

     
···

       69
        
         // Public keys

     

       70
        
         router.get(

     

       71
        
           '/.well-known/jwks.json',

     

       72
       -
           handler((req: Request, res: Response) => {

     

       73
        
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       74
        
             res.json(ctx.oauthClient.jwks)

     

       75
        
           }),

     
···

       78
        
         // OAuth callback to complete session creation

     

       79
        
         router.get(

     

       80
        
           '/oauth/callback',

     

       81
       -
           handler(async (req: Request, res: Response) => {

     

       82
        
             res.setHeader('cache-control', 'no-store')

     

       83
        
       

     

       84
        
             const params = new URLSearchParams(req.originalUrl.split('?')[1])

     
···

       116
        
         // Login page

     

       117
        
         router.get(

     

       118
        
           '/login',

     

       119
       -
           handler(async (req: Request, res: Response) => {

     

       120
        
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       121
       -
       

     

       122
       -
             return res.type('html').send(page(login({})))

     

       123
        
           }),

     

       124
        
         )

     

       125
        
       

     
···

       127
        
         router.post(

     

       128
        
           '/login',

     

       129
        
           express.urlencoded(),

     

       130
       -
           handler(async (req: Request, res: Response) => {

     

       0
        
       
     

       131
        
             res.setHeader('cache-control', 'no-store')

     

       132
        
       

     

       133
       -
             const input = ifString(req.body.input)

     

       134
       -
       

     

       135
       -
             // Validate

     

       136
       -
             if (!input) {

     

       137
       -
               return res.type('html').send(page(login({ error: 'invalid input' })))

     

       138
       -
             }

     

       139
       -
       

     

       140
       -
             // @NOTE "input" can be a handle, a DID or a service URL (PDS).

     

       141
       -
       

     

       142
        
             // Initiate the OAuth flow

     

       143
        
             try {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       144
        
               const url = await ctx.oauthClient.authorize(input, {

     

       145
        
                 scope: 'atproto transition:generic',

     

       146
        
               })

     

       0
        
       
     

       147
        
               res.redirect(url.toString())

     

       148
        
             } catch (err) {

     

       149
        
               ctx.logger.error({ err }, 'oauth authorize failed')

     

       150
        
       

     

       151
       -
               const error =

     

       152
       -
                 err instanceof OAuthResolverError

     

       153
       -
                   ? err.message

     

       154
       -
                   : "couldn't initiate login"

     

       155
        
       

     

       156
        
               return res.type('html').send(page(login({ error })))

     

       157
        
             }

     
···

       161
        
         // Signup

     

       162
        
         router.get(

     

       163
        
           '/signup',

     

       164
       -
           handler(async (req: Request, res: Response) => {

     

       165
        
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       166
        
       

     

       167
        
             try {

     
···

       189
        
         // Logout handler

     

       190
        
         router.post(

     

       191
        
           '/logout',

     

       192
       -
           handler(async (req: Request, res: Response) => {

     

       193
        
             // Never store this route

     

       194
        
             res.setHeader('cache-control', 'no-store')

     

       195
        
       

     
···

       217
        
         // Homepage

     

       218
        
         router.get(

     

       219
        
           '/',

     

       220
       -
           handler(async (req: Request, res: Response) => {

     

       221
       -
             // Prevent caching of this page when the credentials change

     

       222
       -
             res.setHeader('Vary', 'Cookie')

     

       223
       -
       

     

       224
        
             // If the user is signed in, get an agent which communicates with their server

     

       225
        
             const agent = await getSessionAgent(req, res, ctx)

     

       226
        
       

     
···

       250
        
               return res.type('html').send(page(home({ statuses, didHandleMap })))

     

       251
        
             }

     

       252
        
       

     

       253
       -
             // Make sure this page does not get cached in public caches (proxies)

     

       254
       -
             res.setHeader('cache-control', 'private')

     

       255
       -
       

     

       256
        
             // Fetch additional information about the logged-in user

     

       257
        
             const profileResponse = await agent.com.atproto.repo

     

       258
        
               .getRecord({

     
···

       282
        
         router.post(

     

       283
        
           '/status',

     

       284
        
           express.urlencoded(),

     

       285
       -
           handler(async (req: Request, res: Response) => {

     

       286
       -
             // Never store this route

     

       287
       -
             res.setHeader('cache-control', 'no-store')

     

       288
       -
       

     

       289
        
             // If the user is signed in, get an agent which communicates with their server

     

       290
        
             const agent = await getSessionAgent(req, res, ctx)

     

       291
        
             if (!agent) {

     
···

       295
        
                 .send('<h1>Error: Session required</h1>')

     

       296
        
             }

     

       297
        
       

     

       298
       -
             // Construct & validate their status record

     

       299
       -
             const rkey = TID.nextStr()

     

       300
        
             const record = {

     

       301
        
               $type: 'xyz.statusphere.status',

     

       302
        
               status: req.body?.status,

     
···

       317
        
               const res = await agent.com.atproto.repo.putRecord({

     

       318
        
                 repo: agent.assertDid,

     

       319
        
                 collection: 'xyz.statusphere.status',

     

       320
       -
                 rkey,

     

       321
        
                 record,

     

       322
        
                 validate: false,

     

       323
        
               })

···

       31
        
         res: ServerResponse,

     

       32
        
         ctx: AppContext,

     

       33
        
       ) {

     

       34
       +
         res.setHeader('Vary', 'Cookie')

     

       35
       +
       

     

       36
        
         const session = await getIronSession<Session>(req, res, {

     

       37
        
           cookieName: 'sid',

     

       38
        
           password: env.COOKIE_SECRET,

     

       39
        
         })

     

       40
        
         if (!session.did) return null

     

       41
       +
       

     

       42
       +
         // This page is dynamic and should not be cached publicly

     

       43
       +
         res.setHeader('cache-control', `max-age=${MAX_AGE}, private`)

     

       44
       +
       

     

       45
        
         try {

     

       46
        
           const oauthSession = await ctx.oauthClient.restore(session.did)

     

       47
        
           return oauthSession ? new Agent(oauthSession) : null

     
···

       66
        
         // OAuth metadata

     

       67
        
         router.get(

     

       68
        
           '/oauth-client-metadata.json',

     

       69
       +
           handler((req, res) => {

     

       70
        
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       71
        
             res.json(ctx.oauthClient.clientMetadata)

     

       72
        
           }),

     
···

       75
        
         // Public keys

     

       76
        
         router.get(

     

       77
        
           '/.well-known/jwks.json',

     

       78
       +
           handler((req, res) => {

     

       79
        
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       80
        
             res.json(ctx.oauthClient.jwks)

     

       81
        
           }),

     
···

       84
        
         // OAuth callback to complete session creation

     

       85
        
         router.get(

     

       86
        
           '/oauth/callback',

     

       87
       +
           handler(async (req, res) => {

     

       88
        
             res.setHeader('cache-control', 'no-store')

     

       89
        
       

     

       90
        
             const params = new URLSearchParams(req.originalUrl.split('?')[1])

     
···

       122
        
         // Login page

     

       123
        
         router.get(

     

       124
        
           '/login',

     

       125
       +
           handler(async (req, res) => {

     

       126
        
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       127
       +
             res.type('html').send(page(login({})))

     

       0
        
       
     

       128
        
           }),

     

       129
        
         )

     

       130
        
       

     
···

       132
        
         router.post(

     

       133
        
           '/login',

     

       134
        
           express.urlencoded(),

     

       135
       +
           handler(async (req, res) => {

     

       136
       +
             // Never store this route

     

       137
        
             res.setHeader('cache-control', 'no-store')

     

       138
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       139
        
             // Initiate the OAuth flow

     

       140
        
             try {

     

       141
       +
               // Validate input: can be a handle, a DID or a service URL (PDS).

     

       142
       +
               const input = ifString(req.body.input)

     

       143
       +
               if (!input) {

     

       144
       +
                 throw new Error('Invalid input')

     

       145
       +
               }

     

       146
       +
       

     

       147
       +
               // Initiate the OAuth flow

     

       148
        
               const url = await ctx.oauthClient.authorize(input, {

     

       149
        
                 scope: 'atproto transition:generic',

     

       150
        
               })

     

       151
       +
       

     

       152
        
               res.redirect(url.toString())

     

       153
        
             } catch (err) {

     

       154
        
               ctx.logger.error({ err }, 'oauth authorize failed')

     

       155
        
       

     

       156
       +
               const error = err instanceof Error ? err.message : 'unexpected error'

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       157
        
       

     

       158
        
               return res.type('html').send(page(login({ error })))

     

       159
        
             }

     
···

       163
        
         // Signup

     

       164
        
         router.get(

     

       165
        
           '/signup',

     

       166
       +
           handler(async (req, res) => {

     

       167
        
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       168
        
       

     

       169
        
             try {

     
···

       191
        
         // Logout handler

     

       192
        
         router.post(

     

       193
        
           '/logout',

     

       194
       +
           handler(async (req, res) => {

     

       195
        
             // Never store this route

     

       196
        
             res.setHeader('cache-control', 'no-store')

     

       197
        
       

     
···

       219
        
         // Homepage

     

       220
        
         router.get(

     

       221
        
           '/',

     

       222
       +
           handler(async (req, res) => {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       223
        
             // If the user is signed in, get an agent which communicates with their server

     

       224
        
             const agent = await getSessionAgent(req, res, ctx)

     

       225
        
       

     
···

       249
        
               return res.type('html').send(page(home({ statuses, didHandleMap })))

     

       250
        
             }

     

       251
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       252
        
             // Fetch additional information about the logged-in user

     

       253
        
             const profileResponse = await agent.com.atproto.repo

     

       254
        
               .getRecord({

     
···

       278
        
         router.post(

     

       279
        
           '/status',

     

       280
        
           express.urlencoded(),

     

       281
       +
           handler(async (req, res) => {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       282
        
             // If the user is signed in, get an agent which communicates with their server

     

       283
        
             const agent = await getSessionAgent(req, res, ctx)

     

       284
        
             if (!agent) {

     
···

       288
        
                 .send('<h1>Error: Session required</h1>')

     

       289
        
             }

     

       290
        
       

     

       291
       +
             // Construct their status record

     

       0
        
       
     

       292
        
             const record = {

     

       293
        
               $type: 'xyz.statusphere.status',

     

       294
        
               status: req.body?.status,

     
···

       309
        
               const res = await agent.com.atproto.repo.putRecord({

     

       310
        
                 repo: agent.assertDid,

     

       311
        
                 collection: 'xyz.statusphere.status',

     

       312
       +
                 rkey: TID.nextStr(),

     

       313
        
                 record,

     

       314
        
                 validate: false,

     

       315
        
               })