comparing 5cd5df3ee9e3ec96583c23d7a6cea620d1cb2095 and main on cduck.me/statusphere-example-app-fork

+7 -5

.env.template

···

       1
       1
        
       # Environment Configuration

     

       2
       2
       -
       NODE_ENV="development" # Options: 'development', 'production'

     

       3
       3
       -
       PORT="8080"            # The port your server will listen on

     

       4
       4
       -
       PUBLIC_URL=""          # Set when deployed publicly, e.g. "https://mysite.com". Informs OAuth client id.

     

       5
       5
       -
       DB_PATH="db.sqlite"    # The SQLite database path. Set as ":memory:" to use a temporary in-memory database.

     

       2
       2
       +
       NODE_ENV="development"     # Options: 'development', 'production'

     

       3
       3
       +
       PORT="8080"                # The port your server will listen on

     

       4
       4
       +
       DB_PATH=":memory:"         # The SQLite database path. Set as ":memory:" to use a temporary in-memory database.

     

       5
       5
       +
       # PUBLIC_URL=""            # Set when deployed publicly, e.g. "https://mysite.com". Informs OAuth client id.

     

       6
       6
       +
       # LOG_LEVEL="info"         # Options: 'fatal', 'error', 'warn', 'info', 'debug'

     

       7
       7
       +
       # PDS_URL="https://my.pds" # The default PDS for login and sign-ups

     

       6
       8
        
       

     

       7
       7
       -
       # Secrets: *MUST* set this in production

     

       9
       9
       +
       # Secrets below *MUST* be set in production

     

       8
       10
        
       

     

       9
       11
        
       # May be generated with `openssl rand -base64 33`

     

       10
       12
        
       # COOKIE_SECRET=""

+2 -2

.gitignore

···

       14
       14
        
       dist-ssr

     

       15
       15
        
       *.local

     

       16
       16
        
       .env

     

       17
       17
       +
       *.sqlite

     

       17
       18
        
       

     

       18
       19
        
       # Editor directories and files

     

       19
       20
        
       !.vscode/extensions.json

     
···

       23
       24
        
       *.ntvs*

     

       24
       25
        
       *.njsproj

     

       25
       26
        
       *.sln

     

       26
       26
       -
       *.sw?

     

       27
       27
       -
       *.sqlite

     

       27
       27
       +
       *.sw?

+2 -8

.vscode/settings.json

···

       1
       1
        
       {

     

       2
       2
        
         "editor.formatOnSave": true,

     

       3
       3
       -
         "editor.defaultFormatter": "biomejs.biome",

     

       3
       3
       +
         "editor.defaultFormatter": "esbenp.prettier-vscode",

     

       4
       4
        
         "editor.codeActionsOnSave": {

     

       5
       5
        
           "quickfix.biome": "explicit",

     

       6
       6
        
           "source.organizeImports.biome": "explicit",

     
···

       11
       11
        
             "url": "https://cdn.jsdelivr.net/npm/tsup/schema.json",

     

       12
       12
        
             "fileMatch": ["package.json", "tsup.config.json"]

     

       13
       13
        
           }

     

       14
       14
       -
         ],

     

       15
       15
       -
         "[typescript]": {

     

       16
       16
       -
           "editor.defaultFormatter": "esbenp.prettier-vscode"

     

       17
       17
       -
         },

     

       18
       18
       -
         "[javascript]": {

     

       19
       19
       -
           "editor.defaultFormatter": "esbenp.prettier-vscode"

     

       20
       20
       -
         }

     

       14
       14
       +
         ]

     

       21
       15
        
       }

+42

README.md

···

       19
       19
        
       npm run dev

     

       20
       20
        
       # Navigate to http://localhost:8080

     

       21
       21
        
       ```

     

       22
       22
       +
       

     

       23
       23
       +
       ## Deploying

     

       24
       24
       +
       

     

       25
       25
       +
       In production, you will need a private key to sign OAuth tokens request. Use the

     

       26
       26
       +
       following command to generate a new private key:

     

       27
       27
       +
       

     

       28
       28
       +
       ```sh

     

       29
       29
       +
       ./bin/gen-jwk

     

       30
       30
       +
       ```

     

       31
       31
       +
       

     

       32
       32
       +
       The generated key must be added to the environment variables (`.env` file) in `PRIVATE_KEYS`.

     

       33
       33
       +
       

     

       34
       34
       +
       ```env

     

       35
       35
       +
       PRIVATE_KEYS='[{"kty":"EC","kid":"12",...}]'

     

       36
       36
       +
       ```

     

       37
       37
       +
       

     

       38
       38
       +
       > [!NOTE]

     

       39
       39
       +
       >

     

       40
       40
       +
       > The `PRIVATE_KEYS` can contain multiple keys. The first key in the array is

     

       41
       41
       +
       > the most recent one, and it will be used to sign new tokens. When a key is

     

       42
       42
       +
       > removed, all associated sessions will be invalidated.

     

       43
       43
       +
       

     

       44
       44
       +
       Make sure to also set the `COOKIE_SECRET`, which is used to sign session

     

       45
       45
       +
       cookies, in your environment variables (`.env` file). You should use a random

     

       46
       46
       +
       string for this:

     

       47
       47
       +
       

     

       48
       48
       +
       ```sh

     

       49
       49
       +
       openssl rand -base64 33

     

       50
       50
       +
       ```

     

       51
       51
       +
       

     

       52
       52
       +
       Finally, set the `PUBLIC_URL` to the URL where your app will be accessible. This

     

       53
       53
       +
       will allow the authorization servers to download the app's public keys.

     

       54
       54
       +
       

     

       55
       55
       +
       ```env

     

       56
       56
       +
       PUBLIC_URL="https://your-app-url.com"

     

       57
       57
       +
       ```

     

       58
       58
       +
       

     

       59
       59
       +
       > [!NOTE]

     

       60
       60
       +
       >

     

       61
       61
       +
       > You can use services like [ngrok](https://ngrok.com/) to expose your local

     

       62
       62
       +
       > server to the internet for testing purposes. Just set the `PUBLIC_URL` to the

     

       63
       63
       +
       > ngrok URL.

+1 -1

src/auth/client.ts

···

       31
       31
        
       

     

       32
       32
        
         // If a keyset is defined (meaning the client is confidential). Let's make

     

       33
       33
        
         // sure it has a private key for signing. Note: findPrivateKey will throw if

     

       34
       34
       -
         // the keyset does no contain a suitable private key.

     

       34
       34
       +
         // the keyset does not contain a suitable private key.

     

       35
       35
        
         const pk = keyset?.findPrivateKey({ use: 'sig' })

     

       36
       36
        
       

     

       37
       37
        
         const clientMetadata: OAuthClientMetadataInput = env.PUBLIC_URL

+3 -11

src/auth/storage.ts

···

       4
       4
        
         NodeSavedState,

     

       5
       5
        
         NodeSavedStateStore,

     

       6
       6
        
       } from '@atproto/oauth-client-node'

     

       7
       7
       -
       import { Database } from '#/db'

     

       7
       7
       +
       import type { Database } from '#/db'

     

       8
       8
        
       

     

       9
       9
        
       export class StateStore implements NodeSavedStateStore {

     

       10
       10
        
         constructor(private db: Database) {}

     

       11
       11
        
         async get(key: string): Promise<NodeSavedState | undefined> {

     

       12
       12
       -
           const result = await this.db

     

       13
       13
       -
             .selectFrom('auth_state')

     

       14
       14
       -
             .selectAll()

     

       15
       15
       -
             .where('key', '=', key)

     

       16
       16
       -
             .executeTakeFirst()

     

       12
       12
       +
           const result = await this.db.selectFrom('auth_state').selectAll().where('key', '=', key).executeTakeFirst()

     

       17
       13
        
           if (!result) return

     

       18
       14
        
           return JSON.parse(result.state) as NodeSavedState

     

       19
       15
        
         }

     
···

       33
       29
        
       export class SessionStore implements NodeSavedSessionStore {

     

       34
       30
        
         constructor(private db: Database) {}

     

       35
       31
        
         async get(key: string): Promise<NodeSavedSession | undefined> {

     

       36
       36
       -
           const result = await this.db

     

       37
       37
       -
             .selectFrom('auth_session')

     

       38
       38
       -
             .selectAll()

     

       39
       39
       -
             .where('key', '=', key)

     

       40
       40
       -
             .executeTakeFirst()

     

       32
       32
       +
           const result = await this.db.selectFrom('auth_session').selectAll().where('key', '=', key).executeTakeFirst()

     

       41
       33
        
           if (!result) return

     

       42
       34
        
           return JSON.parse(result.session) as NodeSavedSession

     

       43
       35
        
         }

+16 -4

src/context.ts

···

       3
       3
        
       import { pino } from 'pino'

     

       4
       4
        
       

     

       5
       5
        
       import { createOAuthClient } from '#/auth/client'

     

       6
       6
       -
       import { createDb, Database } from '#/db'

     

       6
       6
       +
       import { createDb, Database, migrateToLatest } from '#/db'

     

       7
       7
        
       import { createIngester } from '#/ingester'

     

       8
       8
        
       import { env } from '#/env'

     

       9
       9
       +
       import {

     

       10
       10
       +
         BidirectionalResolver,

     

       11
       11
       +
         createBidirectionalResolver,

     

       12
       12
       +
       } from '#/id-resolver'

     

       9
       13
        
       

     

       10
       14
        
       /**

     

       11
       15
        
        * Application state passed to the router and elsewhere

     
···

       15
       19
        
         ingester: Firehose

     

       16
       20
        
         logger: pino.Logger

     

       17
       21
        
         oauthClient: NodeOAuthClient

     

       18
       18
       -
         identityResolver: NodeOAuthClient['identityResolver']

     

       22
       22
       +
         resolver: BidirectionalResolver

     

       23
       23
       +
         destroy: () => Promise<void>

     

       19
       24
        
       }

     

       20
       25
        
       

     

       21
       26
        
       export async function createAppContext(): Promise<AppContext> {

     

       22
       22
       -
         const db = await createDb()

     

       27
       27
       +
         const db = createDb(env.DB_PATH)

     

       28
       28
       +
         await migrateToLatest(db)

     

       23
       29
        
         const oauthClient = await createOAuthClient(db)

     

       24
       30
        
         const ingester = createIngester(db)

     

       25
       31
        
         const logger = pino({ name: 'server', level: env.LOG_LEVEL })

     

       32
       32
       +
         const resolver = createBidirectionalResolver(oauthClient)

     

       26
       33
        
       

     

       27
       34
        
         return {

     

       28
       35
        
           db,

     

       29
       36
        
           ingester,

     

       30
       37
        
           logger,

     

       31
       38
        
           oauthClient,

     

       32
       32
       -
           identityResolver: oauthClient.identityResolver,

     

       39
       39
       +
           resolver,

     

       40
       40
       +
       

     

       41
       41
       +
           async destroy() {

     

       42
       42
       +
             await ingester.destroy()

     

       43
       43
       +
             await db.destroy()

     

       44
       44
       +
           },

     

       33
       45
        
         }

     

       34
       46
        
       }

+10 -17

src/db.ts

···

       1
       1
        
       import SqliteDb from 'better-sqlite3'

     

       2
       2
        
       import {

     

       3
       3
        
         Kysely,

     

       4
       4
       -
         Migration,

     

       5
       5
       -
         MigrationProvider,

     

       6
       4
        
         Migrator,

     

       7
       5
        
         SqliteDialect,

     

       6
       6
       +
         Migration,

     

       7
       7
       +
         MigrationProvider,

     

       8
       8
        
       } from 'kysely'

     

       9
       9
       -
       

     

       10
       10
       -
       import { env } from '#/env'

     

       11
       9
        
       

     

       12
       10
        
       // Types

     

       13
       11
        
       

     
···

       79
       77
        
       

     

       80
       78
        
       // APIs

     

       81
       79
        
       

     

       82
       82
       -
       export async function createDb(options?: {

     

       83
       83
       -
         /** @default true */

     

       84
       84
       -
         migrate?: boolean

     

       85
       85
       -
       }): Promise<Database> {

     

       86
       86
       -
         const db = new Kysely<DatabaseSchema>({

     

       80
       80
       +
       export const createDb = (location: string): Database => {

     

       81
       81
       +
         return new Kysely<DatabaseSchema>({

     

       87
       82
        
           dialect: new SqliteDialect({

     

       88
       88
       -
             database: new SqliteDb(env.DB_PATH),

     

       83
       83
       +
             database: new SqliteDb(location),

     

       89
       84
        
           }),

     

       90
       85
        
         })

     

       86
       86
       +
       }

     

       91
       87
        
       

     

       92
       92
       -
         if (options?.migrate !== false) {

     

       93
       93
       -
           const migrator = new Migrator({ db, provider: migrationProvider })

     

       94
       94
       -
           const { error } = await migrator.migrateToLatest()

     

       95
       95
       -
           if (error) throw error

     

       96
       96
       -
         }

     

       97
       97
       -
       

     

       98
       98
       -
         return db

     

       88
       88
       +
       export const migrateToLatest = async (db: Database) => {

     

       89
       89
       +
         const migrator = new Migrator({ db, provider: migrationProvider })

     

       90
       90
       +
         const { error } = await migrator.migrateToLatest()

     

       91
       91
       +
         if (error) throw error

     

       99
       92
        
       }

     

       100
       93
        
       

     

       101
       94
        
       export type Database = Kysely<DatabaseSchema>

+12 -9

src/env.ts

···

       1
       1
        
       import dotenv from 'dotenv'

     

       2
       2
       -
       import { cleanEnv, port, str, testOnly } from 'envalid'

     

       3
       3
       -
       import { envalidJsonWebKeys } from '#/lib/jwk'

     

       2
       2
       +
       import { cleanEnv, port, str, testOnly, url } from 'envalid'

     

       3
       3
       +
       import { envalidJsonWebKeys as keys } from '#/lib/jwk'

     

       4
       4
        
       

     

       5
       5
        
       dotenv.config()

     

       6
       6
        
       

     
···

       10
       10
        
           choices: ['development', 'production', 'test'],

     

       11
       11
        
         }),

     

       12
       12
        
         PORT: port({ devDefault: testOnly(3000) }),

     

       13
       13
       -
         PUBLIC_URL: str({}),

     

       13
       13
       +
         PUBLIC_URL: url({ default: undefined }),

     

       14
       14
        
         DB_PATH: str({ devDefault: ':memory:' }),

     

       15
       15
        
         COOKIE_SECRET: str({ devDefault: '00000000000000000000000000000000' }),

     

       16
       16
       -
         PRIVATE_KEYS: envalidJsonWebKeys({ default: undefined }),

     

       17
       17
       -
         LOG_LEVEL: str({ default: 'info' }),

     

       18
       18
       -
         PDS_OWNER: str({ default: 'Bluesky' }),

     

       19
       19
       -
         PDS_URL: str({ default: 'https://bsky.social' }),

     

       20
       20
       -
         PLC_URL: str({ default: 'https://plc.directory' }),

     

       21
       21
       -
         FIREHOSE_URL: str({ default: 'wss://bsky.network' }),

     

       16
       16
       +
         PRIVATE_KEYS: keys({ default: undefined }),

     

       17
       17
       +
         LOG_LEVEL: str({

     

       18
       18
       +
           devDefault: 'debug',

     

       19
       19
       +
           default: 'info',

     

       20
       20
       +
           choices: ['fatal', 'error', 'warn', 'info', 'debug', 'trace', 'silent'],

     

       21
       21
       +
         }),

     

       22
       22
       +
         PDS_URL: url({ default: undefined }),

     

       23
       23
       +
         PLC_URL: url({ default: undefined }),

     

       24
       24
       +
         FIREHOSE_URL: url({ default: undefined }),

     

       22
       25
        
       })

+37

src/id-resolver.ts

···

       1
       1
       +
       import { OAuthClient } from '@atproto/oauth-client-node'

     

       2
       2
       +
       

     

       3
       3
       +
       export interface BidirectionalResolver {

     

       4
       4
       +
         resolveDidToHandle(did: string): Promise<string | undefined>

     

       5
       5
       +
         resolveDidsToHandles(

     

       6
       6
       +
           dids: string[],

     

       7
       7
       +
         ): Promise<Record<string, string | undefined>>

     

       8
       8
       +
       }

     

       9
       9
       +
       

     

       10
       10
       +
       export function createBidirectionalResolver({

     

       11
       11
       +
         identityResolver,

     

       12
       12
       +
       }: OAuthClient): BidirectionalResolver {

     

       13
       13
       +
         return {

     

       14
       14
       +
           async resolveDidToHandle(did: string): Promise<string | undefined> {

     

       15
       15
       +
             try {

     

       16
       16
       +
               const { handle } = await identityResolver.resolve(did)

     

       17
       17
       +
               if (handle) return handle

     

       18
       18
       +
             } catch {

     

       19
       19
       +
               // Ignore

     

       20
       20
       +
             }

     

       21
       21
       +
           },

     

       22
       22
       +
       

     

       23
       23
       +
           async resolveDidsToHandles(

     

       24
       24
       +
             dids: string[],

     

       25
       25
       +
           ): Promise<Record<string, string | undefined>> {

     

       26
       26
       +
             const uniqueDids = [...new Set(dids)]

     

       27
       27
       +
       

     

       28
       28
       +
             return Object.fromEntries(

     

       29
       29
       +
               await Promise.all(

     

       30
       30
       +
                 uniqueDids.map((did) =>

     

       31
       31
       +
                   this.resolveDidToHandle(did).then((handle) => [did, handle]),

     

       32
       32
       +
                 ),

     

       33
       33
       +
               ),

     

       34
       34
       +
             )

     

       35
       35
       +
           },

     

       36
       36
       +
         }

     

       37
       37
       +
       }

+3 -4

src/index.ts

···

       1
       1
       -
       import { createHttpTerminator } from 'http-terminator'

     

       2
       1
        
       import { once } from 'node:events'

     

       3
       2
        
       

     

       4
       3
        
       import { createAppContext } from '#/context'

     

       5
       4
        
       import { env } from '#/env'

     

       5
       5
       +
       import { startServer } from '#/lib/http'

     

       6
       6
        
       import { run } from '#/lib/process'

     

       7
       7
        
       import { createRouter } from '#/routes'

     

       8
       8
       -
       import { startServer } from '#/lib/http'

     

       9
       8
        
       

     

       10
       9
        
       run(async (killSignal) => {

     

       11
       10
        
         // Create the application context

     
···

       30
       29
        
         // Gracefully shutdown the http server

     

       31
       30
        
         await terminate()

     

       32
       31
        
       

     

       33
       33
       -
         // Close the firehose connection

     

       34
       34
       -
         await ctx.ingester.destroy()

     

       32
       32
       +
         // Gracefully shutdown the application context

     

       33
       33
       +
         await ctx.destroy()

     

       35
       34
        
       })

+6 -6

src/ingester.ts

···

       11
       11
        
       export function createIngester(db: Database) {

     

       12
       12
        
         const logger = pino({ name: 'firehose', level: env.LOG_LEVEL })

     

       13
       13
        
         return new Firehose({

     

       14
       14
       -
           service: env.FIREHOSE_URL,

     

       15
       15
       -
           idResolver: new IdResolver({

     

       16
       16
       -
             plcUrl: env.PLC_URL,

     

       17
       17
       -
             didCache: new MemoryCache(HOUR, DAY),

     

       18
       18
       -
           }),

     

       14
       14
       +
           filterCollections: ['xyz.statusphere.status'],

     

       19
       15
        
           handleEvent: async (evt: Event) => {

     

       20
       16
        
             // Watch for write events

     

       21
       17
        
             if (evt.event === 'create' || evt.event === 'update') {

     
···

       70
       66
        
           onError: (err: unknown) => {

     

       71
       67
        
             logger.error({ err }, 'error on firehose ingestion')

     

       72
       68
        
           },

     

       73
       73
       -
           filterCollections: ['xyz.statusphere.status'],

     

       74
       69
        
           excludeIdentity: true,

     

       75
       70
        
           excludeAccount: true,

     

       71
       71
       +
           service: env.FIREHOSE_URL,

     

       72
       72
       +
           idResolver: new IdResolver({

     

       73
       73
       +
             plcUrl: env.PLC_URL,

     

       74
       74
       +
             didCache: new MemoryCache(HOUR, DAY),

     

       75
       75
       +
           }),

     

       76
       76
        
         })

     

       77
       77
        
       }

+12 -21

src/lib/http.ts

···

       1
       1
       +
       import { Request, Response } from 'express'

     

       1
       2
        
       import { createHttpTerminator } from 'http-terminator'

     

       2
       3
        
       import { once } from 'node:events'

     

       3
       4
        
       import type {

     
···

       9
       10
        
       

     

       10
       11
        
       export type NextFunction = (err?: unknown) => void

     

       11
       12
        
       

     

       12
       12
       -
       export type Handler<

     

       13
       13
       +
       export type Middleware<

     

       13
       14
        
         Req extends IncomingMessage = IncomingMessage,

     

       14
       14
       -
         Res extends ServerResponse<Req> = ServerResponse<Req>,

     

       15
       15
       +
         Res extends ServerResponse = ServerResponse,

     

       15
       16
        
       > = (req: Req, res: Res, next: NextFunction) => void

     

       16
       17
        
       

     

       17
       17
       -
       export type AsyncHandler<

     

       18
       18
       +
       export type Handler<

     

       18
       19
        
         Req extends IncomingMessage = IncomingMessage,

     

       19
       19
       -
         Res extends ServerResponse<Req> = ServerResponse<Req>,

     

       20
       20
       -
       > = (req: Req, res: Res, next: NextFunction) => Promise<void>

     

       21
       21
       -
       

     

       20
       20
       +
         Res extends ServerResponse = ServerResponse,

     

       21
       21
       +
       > = (req: Req, res: Res) => unknown | Promise<unknown>

     

       22
       22
        
       /**

     

       23
       23
        
        * Wraps a request handler middleware to ensure that `next` is called if it

     

       24
       24
        
        * throws or returns a promise that rejects.

     

       25
       25
        
        */

     

       26
       26
        
       export function handler<

     

       27
       27
       -
         Req extends IncomingMessage = IncomingMessage,

     

       28
       28
       -
         Res extends ServerResponse<Req> = ServerResponse<Req>,

     

       29
       29
       -
       >(fn: Handler<Req, Res> | AsyncHandler<Req, Res>): Handler<Req, Res> {

     

       30
       30
       -
         return (req, res, next) => {

     

       31
       31
       -
           // Optimization: NodeJS prefers objects over functions for garbage collection

     

       32
       32
       -
           const nextSafe = nextOnce.bind({ next })

     

       27
       27
       +
         Req extends IncomingMessage = Request,

     

       28
       28
       +
         Res extends ServerResponse = Response,

     

       29
       29
       +
       >(fn: Handler<Req, Res>): Middleware<Req, Res> {

     

       30
       30
       +
         return async (req, res, next) => {

     

       33
       31
        
           try {

     

       34
       34
       -
             const result = fn(req, res, nextSafe)

     

       35
       35
       -
             if (result instanceof Promise) result.catch(nextSafe)

     

       32
       32
       +
             await fn(req, res)

     

       36
       33
        
           } catch (err) {

     

       37
       37
       -
             nextSafe(err)

     

       34
       34
       +
             next(err)

     

       38
       35
        
           }

     

       39
       39
       -
         }

     

       40
       40
       -
       

     

       41
       41
       -
         function nextOnce(this: { next: NextFunction | null }, err?: unknown) {

     

       42
       42
       -
           const { next } = this

     

       43
       43
       -
           this.next = null

     

       44
       44
       -
           next?.(err)

     

       45
       36
        
         }

     

       46
       37
        
       }

     

       47
       38

+3 -3

src/lib/process.ts

···

       4
       4
        
        * Runs a function with an abort signal that will be triggered when the process

     

       5
       5
        
        * receives a termination signal.

     

       6
       6
        
        */

     

       7
       7
       -
       export async function run<F extends (signal: AbortSignal) => unknown>(

     

       7
       7
       +
       export async function run<F extends (signal: AbortSignal) => Promise<void>>(

     

       8
       8
        
         fn: F,

     

       9
       9
       -
       ): Promise<Awaited<ReturnType<F>>> {

     

       9
       9
       +
       ): Promise<void> {

     

       10
       10
        
         const killController = new AbortController()

     

       11
       11
        
       

     

       12
       12
        
         const abort = (signal?: string) => {

     
···

       17
       17
        
         for (const sig of SIGNALS) process.on(sig, abort)

     

       18
       18
        
       

     

       19
       19
        
         try {

     

       20
       20
       -
           return (await fn(killController.signal)) as Awaited<ReturnType<F>>

     

       20
       20
       +
           await fn(killController.signal)

     

       21
       21
        
         } finally {

     

       22
       22
        
           abort()

     

       23
       23
        
         }

src/lib/util.ts

···

       1
       1
       +
       export function ifString<T>(value: T): (T & string) | undefined {

     

       2
       2
       +
         if (typeof value === 'string') return value

     

       3
       3
       +
         return undefined

     

       4
       4
       +
       }

+1 -1

src/pages/home.ts

···

       4
       4
        
       

     

       5
       5
        
       const TODAY = new Date().toDateString()

     

       6
       6
        
       

     

       7
       7
       -
       const STATUS_OPTIONS = [

     

       7
       7
       +
       export const STATUS_OPTIONS = [

     

       8
       8
        
         '👍',

     

       9
       9
        
         '👎',

     

       10
       10
        
         '💙',

+7 -1

src/pages/login.ts

···

       12
       12
        
       }

     

       13
       13
        
       

     

       14
       14
        
       function content({ error }: Props) {

     

       15
       15
       +
         const signupService =

     

       16
       16
       +
           !env.PDS_URL || env.PDS_URL === 'https://bsky.social'

     

       17
       17
       +
             ? 'Bluesky'

     

       18
       18
       +
             : new URL(env.PDS_URL).hostname

     

       19
       19
       +
       

     

       15
       20
        
         return html`<div id="root">

     

       16
       21
        
           <div id="header">

     

       17
       22
        
             <h1>Statusphere</h1>

     
···

       25
       30
        
                 placeholder="Enter your handle (eg alice.bsky.social)"

     

       26
       31
        
                 required

     

       27
       32
        
               />

     

       33
       33
       +
       

     

       28
       34
        
               <button type="submit">Log in</button>

     

       29
       35
        
             </form>

     

       30
       36
        
       

     

       31
       37
        
             <a href="/signup" class="button signup-cta">

     

       32
       32
       -
               Login or Sign up with a ${env.PDS_OWNER} account

     

       38
       38
       +
               Login or Sign up with a ${signupService} account

     

       33
       39
        
             </a>

     

       34
       40
        
       

     

       35
       41
        
             ${error ? html`<p>Error: <i>${error}</i></p>` : undefined}

+25 -7

src/pages/public/styles.css

···

       18
       18
        
         Josh's Custom CSS Reset

     

       19
       19
        
         https://www.joshwcomeau.com/css/custom-css-reset/

     

       20
       20
        
       */

     

       21
       21
       -
       *, *::before, *::after {

     

       21
       21
       +
       *,

     

       22
       22
       +
       *::before,

     

       23
       23
       +
       *::after {

     

       22
       24
        
         box-sizing: border-box;

     

       23
       25
        
       }

     

       24
       26
        
       * {

     
···

       28
       30
        
         line-height: 1.5;

     

       29
       31
        
         -webkit-font-smoothing: antialiased;

     

       30
       32
        
       }

     

       31
       31
       -
       img, picture, video, canvas, svg {

     

       33
       33
       +
       img,

     

       34
       34
       +
       picture,

     

       35
       35
       +
       video,

     

       36
       36
       +
       canvas,

     

       37
       37
       +
       svg {

     

       32
       38
        
         display: block;

     

       33
       39
        
         max-width: 100%;

     

       34
       40
        
       }

     

       35
       35
       -
       input, button, textarea, select {

     

       41
       41
       +
       input,

     

       42
       42
       +
       button,

     

       43
       43
       +
       textarea,

     

       44
       44
       +
       select {

     

       36
       45
        
         font: inherit;

     

       37
       46
        
       }

     

       38
       38
       -
       p, h1, h2, h3, h4, h5, h6 {

     

       47
       47
       +
       p,

     

       48
       48
       +
       h1,

     

       49
       49
       +
       h2,

     

       50
       50
       +
       h3,

     

       51
       51
       +
       h4,

     

       52
       52
       +
       h5,

     

       53
       53
       +
       h6 {

     

       39
       54
        
         overflow-wrap: break-word;

     

       40
       55
        
       }

     

       41
       41
       -
       #root, #__next {

     

       56
       56
       +
       #root,

     

       57
       57
       +
       #__next {

     

       42
       58
        
         isolation: isolate;

     

       43
       59
        
       }

     

       44
       60
        
       

     

       45
       61
        
       /*

     

       46
       62
        
         Common components

     

       47
       63
        
       */

     

       48
       48
       -
       button, .button {

     

       64
       64
       +
       button,

     

       65
       65
       +
       .button {

     

       49
       66
        
         display: inline-block;

     

       50
       67
        
         border: 0;

     

       51
       68
        
         background-color: var(--primary-500);

     
···

       55
       72
        
         cursor: pointer;

     

       56
       73
        
         text-decoration: none;

     

       57
       74
        
       }

     

       58
       58
       -
       button:hover, .button:hover {

     

       75
       75
       +
       button:hover,

     

       76
       76
       +
       .button:hover {

     

       59
       77
        
         background: var(--primary-400);

     

       60
       78
        
       }

     

       61
       79

+104 -88

src/routes.ts

···

       3
       3
        
       import { OAuthResolverError } from '@atproto/oauth-client-node'

     

       4
       4
        
       import express, { Request, Response } from 'express'

     

       5
       5
        
       import { getIronSession } from 'iron-session'

     

       6
       6
       -
       import assert from 'node:assert'

     

       7
       6
        
       import type {

     

       8
       7
        
         IncomingMessage,

     

       9
       8
        
         RequestListener,

     
···

       12
       11
        
       import path from 'node:path'

     

       13
       12
        
       

     

       14
       13
        
       import type { AppContext } from '#/context'

     

       14
       14
       +
       import { env } from '#/env'

     

       15
       15
        
       import * as Profile from '#/lexicon/types/app/bsky/actor/profile'

     

       16
       16
        
       import * as Status from '#/lexicon/types/xyz/statusphere/status'

     

       17
       17
       -
       import { env } from '#/env'

     

       18
       17
        
       import { handler } from '#/lib/http'

     

       18
       18
       +
       import { ifString } from '#/lib/util'

     

       19
       19
        
       import { page } from '#/lib/view'

     

       20
       20
        
       import { home } from '#/pages/home'

     

       21
       21
        
       import { login } from '#/pages/login'

     

       22
       22
        
       

     

       23
       23
       +
       // Max age, in seconds, for static routes and assets

     

       24
       24
       +
       const MAX_AGE = env.NODE_ENV === 'production' ? 60 : 0

     

       25
       25
       +
       

     

       23
       26
        
       type Session = { did?: string }

     

       24
       27
        
       

     

       25
       28
        
       // Helper function to get the Atproto Agent for the active session

     
···

       28
       31
        
         res: ServerResponse,

     

       29
       32
        
         ctx: AppContext,

     

       30
       33
        
       ) {

     

       34
       34
       +
         res.setHeader('Vary', 'Cookie')

     

       35
       35
       +
       

     

       31
       36
        
         const session = await getIronSession<Session>(req, res, {

     

       32
       37
        
           cookieName: 'sid',

     

       33
       38
        
           password: env.COOKIE_SECRET,

     

       34
       39
        
         })

     

       35
       40
        
         if (!session.did) return null

     

       36
       36
       -
         try {

     

       37
       37
       -
           // force rotating the credentials if the request has a no-cache header

     

       38
       38
       -
           const refresh = req.headers['cache-control']?.includes('no-cache') || 'auto'

     

       39
       41
        
       

     

       40
       40
       -
           const oauthSession = await ctx.oauthClient.restore(session.did, refresh)

     

       42
       42
       +
         // This page is dynamic and should not be cached publicly

     

       43
       43
       +
         res.setHeader('cache-control', `max-age=${MAX_AGE}, private`)

     

       44
       44
       +
       

     

       45
       45
       +
         try {

     

       46
       46
       +
           const oauthSession = await ctx.oauthClient.restore(session.did)

     

       41
       47
        
           return oauthSession ? new Agent(oauthSession) : null

     

       42
       48
        
         } catch (err) {

     

       43
       49
        
           ctx.logger.warn({ err }, 'oauth restore failed')

     
···

       46
       52
        
         }

     

       47
       53
        
       }

     

       48
       54
        
       

     

       49
       49
       -
       export function createRouter(ctx: AppContext): RequestListener {

     

       50
       50
       -
         const app = express()

     

       55
       55
       +
       export const createRouter = (ctx: AppContext): RequestListener => {

     

       56
       56
       +
         const router = express()

     

       51
       57
        
       

     

       52
       58
        
         // Static assets

     

       53
       53
       -
         app.use('/public', express.static(path.join(__dirname, 'pages', 'public')))

     

       59
       59
       +
         router.use(

     

       60
       60
       +
           '/public',

     

       61
       61
       +
           express.static(path.join(__dirname, 'pages', 'public'), {

     

       62
       62
       +
             maxAge: MAX_AGE * 1000,

     

       63
       63
       +
           }),

     

       64
       64
       +
         )

     

       54
       65
        
       

     

       55
       66
        
         // OAuth metadata

     

       56
       56
       -
         app.get(

     

       67
       67
       +
         router.get(

     

       57
       68
        
           '/oauth-client-metadata.json',

     

       58
       58
       -
           handler((req: Request, res: Response) => {

     

       69
       69
       +
           handler((req, res) => {

     

       70
       70
       +
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       59
       71
        
             res.json(ctx.oauthClient.clientMetadata)

     

       60
       72
        
           }),

     

       61
       73
        
         )

     

       62
       74
        
       

     

       63
       75
        
         // Public keys

     

       64
       64
       -
         app.get(

     

       76
       76
       +
         router.get(

     

       65
       77
        
           '/.well-known/jwks.json',

     

       66
       66
       -
           handler((req: Request, res: Response) => {

     

       78
       78
       +
           handler((req, res) => {

     

       79
       79
       +
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       67
       80
        
             res.json(ctx.oauthClient.jwks)

     

       68
       81
        
           }),

     

       69
       82
        
         )

     

       70
       83
        
       

     

       71
       84
        
         // OAuth callback to complete session creation

     

       72
       72
       -
         app.get(

     

       85
       85
       +
         router.get(

     

       73
       86
        
           '/oauth/callback',

     

       74
       74
       -
           handler(async (req: Request, res: Response) => {

     

       87
       87
       +
           handler(async (req, res) => {

     

       88
       88
       +
             res.setHeader('cache-control', 'no-store')

     

       89
       89
       +
       

     

       75
       90
        
             const params = new URLSearchParams(req.originalUrl.split('?')[1])

     

       76
       91
        
             try {

     

       77
       77
       -
               const { session } = await ctx.oauthClient.callback(params)

     

       78
       78
       -
               const clientSession = await getIronSession<Session>(req, res, {

     

       92
       92
       +
               // Load the session cookie

     

       93
       93
       +
               const session = await getIronSession<Session>(req, res, {

     

       79
       94
        
                 cookieName: 'sid',

     

       80
       95
        
                 password: env.COOKIE_SECRET,

     

       81
       96
        
               })

     

       82
       82
       -
               assert(!clientSession.did, 'session already exists')

     

       83
       83
       -
               clientSession.did = session.did

     

       84
       84
       -
               await clientSession.save()

     

       85
       85
       -
               return res.redirect('/')

     

       97
       97
       +
       

     

       98
       98
       +
               // If the user is already signed in, destroy the old credentials

     

       99
       99
       +
               if (session.did) {

     

       100
       100
       +
                 try {

     

       101
       101
       +
                   const oauthSession = await ctx.oauthClient.restore(session.did)

     

       102
       102
       +
                   if (oauthSession) oauthSession.signOut()

     

       103
       103
       +
                 } catch (err) {

     

       104
       104
       +
                   ctx.logger.warn({ err }, 'oauth restore failed')

     

       105
       105
       +
                 }

     

       106
       106
       +
               }

     

       107
       107
       +
       

     

       108
       108
       +
               // Complete the OAuth flow

     

       109
       109
       +
               const oauth = await ctx.oauthClient.callback(params)

     

       110
       110
       +
       

     

       111
       111
       +
               // Update the session cookie

     

       112
       112
       +
               session.did = oauth.session.did

     

       113
       113
       +
       

     

       114
       114
       +
               await session.save()

     

       86
       115
        
             } catch (err) {

     

       87
       116
        
               ctx.logger.error({ err }, 'oauth callback failed')

     

       88
       88
       -
               return res.redirect('/?error')

     

       89
       117
        
             }

     

       118
       118
       +
       

     

       119
       119
       +
             return res.redirect('/')

     

       90
       120
        
           }),

     

       91
       121
        
         )

     

       92
       122
        
       

     

       93
       123
        
         // Login page

     

       94
       94
       -
         app.get(

     

       124
       124
       +
         router.get(

     

       95
       125
        
           '/login',

     

       96
       96
       -
           handler((req: Request, res: Response) => {

     

       126
       126
       +
           handler(async (req, res) => {

     

       127
       127
       +
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       97
       128
        
             res.type('html').send(page(login({})))

     

       98
       129
        
           }),

     

       99
       130
        
         )

     

       100
       131
        
       

     

       101
       132
        
         // Login handler

     

       102
       102
       -
         app.post(

     

       133
       133
       +
         router.post(

     

       103
       134
        
           '/login',

     

       104
       104
       -
           express.urlencoded({ extended: true }),

     

       105
       105
       -
           handler(async (req: Request, res: Response) => {

     

       106
       106
       -
             // Validate

     

       107
       107
       -
             const input = req.body?.input

     

       108
       108
       -
             if (typeof input !== 'string') {

     

       109
       109
       -
               return void res

     

       110
       110
       -
                 .type('html')

     

       111
       111
       -
                 .send(page(login({ error: 'invalid input' })))

     

       112
       112
       -
             }

     

       135
       135
       +
           express.urlencoded(),

     

       136
       136
       +
           handler(async (req, res) => {

     

       137
       137
       +
             // Never store this route

     

       138
       138
       +
             res.setHeader('cache-control', 'no-store')

     

       113
       139
        
       

     

       114
       140
        
             // Initiate the OAuth flow

     

       115
       141
        
             try {

     

       142
       142
       +
               // Validate input: can be a handle, a DID or a service URL (PDS).

     

       143
       143
       +
               const input = ifString(req.body.input)

     

       144
       144
       +
               if (!input) {

     

       145
       145
       +
                 throw new Error('Invalid input')

     

       146
       146
       +
               }

     

       147
       147
       +
       

     

       148
       148
       +
               // Initiate the OAuth flow

     

       116
       149
        
               const url = await ctx.oauthClient.authorize(input, {

     

       117
       150
        
                 scope: 'atproto transition:generic',

     

       118
       151
        
               })

     

       152
       152
       +
       

     

       119
       153
        
               res.redirect(url.toString())

     

       120
       154
        
             } catch (err) {

     

       121
       155
        
               ctx.logger.error({ err }, 'oauth authorize failed')

     

       122
       122
       -
               res.type('html').send(

     

       123
       123
       -
                 page(

     

       124
       124
       -
                   login({

     

       125
       125
       -
                     error:

     

       126
       126
       -
                       err instanceof OAuthResolverError

     

       127
       127
       -
                         ? err.message

     

       128
       128
       -
                         : "couldn't initiate login",

     

       129
       129
       -
                   }),

     

       130
       130
       -
                 ),

     

       131
       131
       -
               )

     

       156
       156
       +
       

     

       157
       157
       +
               const error = err instanceof Error ? err.message : 'unexpected error'

     

       158
       158
       +
       

     

       159
       159
       +
               return res.type('html').send(page(login({ error })))

     

       132
       160
        
             }

     

       133
       161
        
           }),

     

       134
       162
        
         )

     

       135
       163
        
       

     

       136
       164
        
         // Signup

     

       137
       137
       -
         app.get(

     

       165
       165
       +
         router.get(

     

       138
       166
        
           '/signup',

     

       139
       139
       -
           handler(async (req: Request, res: Response) => {

     

       167
       167
       +
           handler(async (req, res) => {

     

       168
       168
       +
             res.setHeader('cache-control', `max-age=${MAX_AGE}, public`)

     

       169
       169
       +
       

     

       140
       170
        
             try {

     

       141
       141
       -
               const url = await ctx.oauthClient.authorize(env.PDS_URL, {

     

       171
       171
       +
               const service = env.PDS_URL ?? 'https://bsky.social'

     

       172
       172
       +
               const url = await ctx.oauthClient.authorize(service, {

     

       142
       173
        
                 scope: 'atproto transition:generic',

     

       143
       174
        
               })

     

       144
       175
        
               res.redirect(url.toString())

     
···

       159
       190
        
         )

     

       160
       191
        
       

     

       161
       192
        
         // Logout handler

     

       162
       162
       -
         app.post(

     

       193
       193
       +
         router.post(

     

       163
       194
        
           '/logout',

     

       164
       164
       -
           handler(async (req: Request, res: Response) => {

     

       195
       195
       +
           handler(async (req, res) => {

     

       196
       196
       +
             // Never store this route

     

       197
       197
       +
             res.setHeader('cache-control', 'no-store')

     

       198
       198
       +
       

     

       165
       199
        
             const session = await getIronSession<Session>(req, res, {

     

       166
       200
        
               cookieName: 'sid',

     

       167
       201
        
               password: env.COOKIE_SECRET,

     
···

       184
       218
        
         )

     

       185
       219
        
       

     

       186
       220
        
         // Homepage

     

       187
       187
       -
         app.get(

     

       221
       221
       +
         router.get(

     

       188
       222
        
           '/',

     

       189
       189
       -
           handler(async (req: Request, res: Response) => {

     

       223
       223
       +
           handler(async (req, res) => {

     

       190
       224
        
             // If the user is signed in, get an agent which communicates with their server

     

       191
       225
        
             const agent = await getSessionAgent(req, res, ctx)

     

       192
       226
        
       

     
···

       206
       240
        
                   .executeTakeFirst()

     

       207
       241
        
               : undefined

     

       208
       242
        
       

     

       209
       209
       -
             // Map (unique) user DIDs to their domain-name handles

     

       210
       210
       -
             const uniqueDids = [...new Set(statuses.map((s) => s.authorDid))]

     

       211
       211
       -
       

     

       212
       212
       -
             const didHandleMap: Record<string, string | undefined> =

     

       213
       213
       -
               Object.fromEntries(

     

       214
       214
       -
                 await Promise.all(

     

       215
       215
       -
                   uniqueDids.map((did) =>

     

       216
       216
       -
                     ctx.identityResolver.resolve(did).then(

     

       217
       217
       -
                       (r) => [did, r.handle],

     

       218
       218
       -
                       () => [did, undefined],

     

       219
       219
       -
                     ),

     

       220
       220
       -
                   ),

     

       221
       221
       -
                 ),

     

       222
       222
       -
               )

     

       243
       243
       +
             // Map user DIDs to their domain-name handles

     

       244
       244
       +
             const didHandleMap = await ctx.resolver.resolveDidsToHandles(

     

       245
       245
       +
               statuses.map((s) => s.authorDid),

     

       246
       246
       +
             )

     

       223
       247
        
       

     

       224
       248
        
             if (!agent) {

     

       225
       249
        
               // Serve the logged-out view

     

       226
       226
       -
               return void res

     

       227
       227
       -
                 .type('html')

     

       228
       228
       -
                 .send(page(home({ statuses, didHandleMap })))

     

       250
       250
       +
               return res.type('html').send(page(home({ statuses, didHandleMap })))

     

       229
       251
        
             }

     

       230
       252
        
       

     

       231
       253
        
             // Fetch additional information about the logged-in user

     
···

       247
       269
        
                 : {}

     

       248
       270
        
       

     

       249
       271
        
             // Serve the logged-in view

     

       250
       250
       -
             res.type('html').send(

     

       251
       251
       -
               page(

     

       252
       252
       -
                 home({

     

       253
       253
       -
                   statuses,

     

       254
       254
       -
                   didHandleMap,

     

       255
       255
       -
                   profile,

     

       256
       256
       -
                   myStatus,

     

       257
       257
       -
                 }),

     

       258
       258
       -
               ),

     

       259
       259
       -
             )

     

       272
       272
       +
             res

     

       273
       273
       +
               .type('html')

     

       274
       274
       +
               .send(page(home({ statuses, didHandleMap, profile, myStatus })))

     

       260
       275
        
           }),

     

       261
       276
        
         )

     

       262
       277
        
       

     

       263
       278
        
         // "Set status" handler

     

       264
       264
       -
         app.post(

     

       279
       279
       +
         router.post(

     

       265
       280
        
           '/status',

     

       266
       266
       -
           express.urlencoded({ extended: true }),

     

       267
       267
       -
           handler(async (req: Request, res: Response) => {

     

       281
       281
       +
           express.urlencoded(),

     

       282
       282
       +
           handler(async (req, res) => {

     

       268
       283
        
             // If the user is signed in, get an agent which communicates with their server

     

       269
       284
        
             const agent = await getSessionAgent(req, res, ctx)

     

       270
       285
        
             if (!agent) {

     

       271
       271
       -
               return void res

     

       286
       286
       +
               return res

     

       272
       287
        
                 .status(401)

     

       273
       288
        
                 .type('html')

     

       274
       289
        
                 .send('<h1>Error: Session required</h1>')

     

       275
       290
        
             }

     

       276
       291
        
       

     

       277
       277
       -
             // Construct & validate their status record

     

       278
       278
       -
             const rkey = TID.nextStr()

     

       292
       292
       +
             // Construct their status record

     

       279
       293
        
             const record = {

     

       280
       294
        
               $type: 'xyz.statusphere.status',

     

       281
       295
        
               status: req.body?.status,

     

       282
       296
        
               createdAt: new Date().toISOString(),

     

       283
       297
        
             }

     

       298
       298
       +
       

     

       299
       299
       +
             // Make sure the record generated from the input is valid

     

       284
       300
        
             if (!Status.validateRecord(record).success) {

     

       285
       285
       -
               return void res

     

       301
       301
       +
               return res

     

       286
       302
        
                 .status(400)

     

       287
       303
        
                 .type('html')

     

       288
       304
        
                 .send('<h1>Error: Invalid status</h1>')

     
···

       294
       310
        
               const res = await agent.com.atproto.repo.putRecord({

     

       295
       311
        
                 repo: agent.assertDid,

     

       296
       312
        
                 collection: 'xyz.statusphere.status',

     

       297
       297
       -
                 rkey,

     

       313
       313
       +
                 rkey: TID.nextStr(),

     

       298
       314
        
                 record,

     

       299
       315
        
                 validate: false,

     

       300
       316
        
               })

     

       301
       317
        
               uri = res.data.uri

     

       302
       318
        
             } catch (err) {

     

       303
       319
        
               ctx.logger.warn({ err }, 'failed to write record')

     

       304
       304
       -
               return void res

     

       320
       320
       +
               return res

     

       305
       321
        
                 .status(500)

     

       306
       322
        
                 .type('html')

     

       307
       323
        
                 .send('<h1>Error: Failed to write record</h1>')

     
···

       333
       349
        
           }),

     

       334
       350
        
         )

     

       335
       351
        
       

     

       336
       336
       -
         return app

     

       352
       352
       +
         return router

     

       337
       353
        
       }

Compare changes