Update to 1.20.1 (#126)

2023-05-28 01:49:32 +09:00
parent de385f9ee3 fa0e8ba138
commit 14d7a0e355
13 changed files with 162 additions and 22 deletions
--- a/run.bat
+++ b/run.bat
@@ -1,2 +0,0 @@
-npm build
-npm run runserver
--- a/run.sh
+++ b/run.sh
@@ -1,2 +0,0 @@
-npm build
-npm run runserver
--- a/server.bat
+++ b/server.bat
@@ -0,0 +1,3 @@
+npm install
+npm run build
+npm run runserver
--- a/server.sh
+++ b/server.sh
@@ -0,0 +1,3 @@
+npm install
+npm run build
+npm run runserver
--- a/server/node/server.cjs
+++ b/server/node/server.cjs
@@ -2,18 +2,26 @@ const express = require('express');
 const app = express();
 const path = require('path');
 const htmlparser = require('node-html-parser');
-const { existsSync, mkdirSync } = require('fs');
+const { existsSync, mkdirSync, readFileSync, writeFileSync } = require('fs');
 const bodyParser = require('body-parser');
 const fs = require('fs/promises')

 app.use(express.static(path.join(process.cwd(), 'dist'), {index: false}));
 app.use(bodyParser.json({ limit: 100000000 }));

+
+let password = ''
+
 const savePath = path.join(process.cwd(), "save")
 if(!existsSync(savePath)){
    mkdirSync(savePath)
 }

+const passwordPath = path.join(process.cwd(), 'save', '__password')
+if(existsSync(passwordPath)){
+    password = readFileSync(passwordPath, 'utf-8')
+}
+
 app.get('/', async (req, res, next) => {
    console.log("connected")
    try {
@@ -62,9 +70,38 @@ app.post('/proxy', async (req, res, next) => {
    res.send(originalBody);
 });

+app.get('/api/password', async(req, res)=> {
+    if(password === ''){
+        res.send({status: 'unset'})
+    }
+    else if(req.headers['risu-auth']  === password){
+        res.send({status:'correct'})
+    }
+    else{
+        res.send({status:'incorrect'})
+    }
+})
+
+
+app.post('/api/set_password', async (req, res) => {
+    if(password === ''){
+        password = req.body.password
+        writeFileSync(passwordPath, password, 'utf-8')
+    }
+    res.status(400).send("already set")
+})
+
 app.get('/api/read', async (req, res, next) => {
+    if(req.headers['risu-auth'].trim() !== password.trim()){
+        console.log('incorrect')
+        res.status(400).send({
+            error:'Password Incorrect'
+        });
+        return
+    }
    const filePath = req.headers['file-path'];
    if (!filePath) {
+        console.log('no path')
        res.status(400).send({
            error:'File path required'
        });
@@ -91,6 +128,13 @@ app.get('/api/read', async (req, res, next) => {
 });

 app.get('/api/remove', async (req, res, next) => {
+    if(req.headers['risu-auth'].trim() !== password.trim()){
+        console.log('incorrect')
+        res.status(400).send({
+            error:'Password Incorrect'
+        });
+        return
+    }
    const filePath = req.headers['file-path'];
    if (!filePath) {
        res.status(400).send({
@@ -110,6 +154,13 @@ app.get('/api/remove', async (req, res, next) => {
 });

 app.get('/api/list', async (req, res, next) => {
+    if(req.headers['risu-auth'].trim() !== password.trim()){
+        console.log('incorrect')
+        res.status(400).send({
+            error:'Password Incorrect'
+        });
+        return
+    }
    try {
        const data = (await fs.readdir(path.join(savePath))).map((v) => {
            return Buffer.from(v, 'hex').toString('utf-8')
@@ -124,6 +175,13 @@ app.get('/api/list', async (req, res, next) => {
 });

 app.post('/api/write', async (req, res, next) => {
+    if(req.headers['risu-auth'].trim() !== password.trim()){
+        console.log('incorrect')
+        res.status(400).send({
+            error:'Password Incorrect'
+        });
+        return
+    }
    const filePath = req.headers['file-path'];
    const fileContent = Buffer.from(req.body.content, 'base64');
    if (!filePath || !fileContent) {
--- a/src-tauri/tauri.conf.json
+++ b/src-tauri/tauri.conf.json
@@ -8,7 +8,7 @@
  },
  "package": {
    "productName": "RisuAI",
-    "version": "1.20.0"
+    "version": "1.20.1"
  },
  "tauri": {
    "allowlist": {
--- a/src/lang/en.ts
+++ b/src/lang/en.ts
@@ -280,5 +280,7 @@ export const languageEnglish = {
    globalRegexScript: "Global Regex",
    accessibility: "Accessibility",
    sendWithEnter: "Send with Enter Key",
-    clickToEdit: "Click Text to Edit"
+    clickToEdit: "Click Text to Edit",
+    setNodePassword: "Set your password to security",
+    inputNodePassword: "Input your password. if you can't remember, remove save/__password.txt in your server files and restart the server."
 }
--- a/src/lib/Others/AlertComp.svelte
+++ b/src/lib/Others/AlertComp.svelte
@@ -14,10 +14,15 @@
            btn.focus()
        }
        if($alertStore.type !== 'input'){
+            console.log('reset input')
            input = ''
        }
        
    })()
+
+    alertStore.subscribe(() => {
+        console.log('alup')
+    })
 </script>

 {#if $alertStore.type !== 'none' &&  $alertStore.type !== 'toast'}
@@ -73,11 +78,12 @@
                    })
                }}>OK</button>
            {:else if $alertStore.type === 'input'}
-                <input class="text-neutral-200 mt-2 p-2 bg-transparent input-text focus:bg-selected" bind:value={input}>
+                <input class="text-neutral-200 mt-2 p-2 bg-transparent input-text focus:bg-selected" value="" id="alert-input">
                <button bind:this={btn} class="mt-4 border-borderc bg-transparent outline-none border-solid border-1 p-2 text-lg text-neutral-200 hover:bg-green-500 transition-colors focus:border-3" on:click={() => {
                    alertStore.set({
                        type: 'none',
-                        msg: input
+                        //@ts-ignore
+                        msg: document.querySelector('#alert-input')?.value
                    })
                }}>OK</button>
            {:else if $alertStore.type === 'selectChar'}
--- a/src/lib/Setting/Pages/FilesSettings.svelte
+++ b/src/lib/Setting/Pages/FilesSettings.svelte
@@ -2,7 +2,7 @@
    import { language } from "src/lang";
    import { alertConfirm } from "src/ts/alert";
    import { checkDriver } from "src/ts/drive/drive";
-    import { isTauri } from "src/ts/storage/globalApi";
+    import { isNodeServer, isTauri } from "src/ts/storage/globalApi";

 </script>

@@ -11,7 +11,7 @@
    on:click={async () => {
        if(await alertConfirm(language.backupConfirm)){
            localStorage.setItem('backup', 'save')
-            if(isTauri){
+            if(isTauri || isNodeServer){
                checkDriver('savetauri')
            }
            else{
@@ -27,7 +27,7 @@
    on:click={async () => {
        if((await alertConfirm(language.backupLoadConfirm)) && (await alertConfirm(language.backupLoadConfirm2))){
            localStorage.setItem('backup', 'load')
-            if(isTauri){
+            if(isTauri || isNodeServer){
                checkDriver('loadtauri')
            }
            else{
--- a/src/ts/drive/drive.ts
+++ b/src/ts/drive/drive.ts
@@ -1,7 +1,7 @@
 import { get } from "svelte/store";
 import { alertError, alertInput, alertNormal, alertSelect, alertStore } from "../alert";
 import { DataBase, setDatabase, type Database } from "../storage/database";
-import { forageStorage, getUnpargeables, isTauri } from "../storage/globalApi";
+import { forageStorage, getUnpargeables, isNodeServer, isTauri, openURL } from "../storage/globalApi";
 import pako from "pako";
 import { BaseDirectory, exists, readBinaryFile, readDir, writeBinaryFile } from "@tauri-apps/api/fs";
 import { language } from "../../lang";
@@ -10,7 +10,7 @@ import { open } from '@tauri-apps/api/shell';

 export async function checkDriver(type:'save'|'load'|'loadtauri'|'savetauri'|'reftoken'){
    const CLIENT_ID = '580075990041-l26k2d3c0nemmqiu3d3aag01npfrkn76.apps.googleusercontent.com';
-    const REDIRECT_URI = isTauri ? "https://risuai.xyz/" : `https://${location.host}/`
+    const REDIRECT_URI = (isTauri || isNodeServer) ? "https://risuai.xyz/" : `https://${location.host}/`
    const SCOPE = 'https://www.googleapis.com/auth/drive.file https://www.googleapis.com/auth/drive.appdata';
    const encodedRedirectUri = encodeURIComponent(REDIRECT_URI);
    const authorizationUrl = `https://accounts.google.com/o/oauth2/auth?client_id=${CLIENT_ID}&redirect_uri=${encodedRedirectUri}&scope=${SCOPE}&response_type=code&state=${type}`;
@@ -18,7 +18,7 @@ export async function checkDriver(type:'save'|'load'|'loadtauri'|'savetauri'|'re

    if(type === 'reftoken'){
        const authorizationUrl = `https://accounts.google.com/o/oauth2/auth?client_id=${CLIENT_ID}&redirect_uri=${encodedRedirectUri}&scope=${SCOPE}&response_type=code&state=${"accesstauri"}&access_type=offline&prompt=consent`;
-        open(authorizationUrl)
+        openURL(authorizationUrl)
        return
    }

@@ -28,7 +28,12 @@ export async function checkDriver(type:'save'|'load'|'loadtauri'|'savetauri'|'re
    else{
        
        try {
-            open(authorizationUrl)
+            if(isTauri){
+                openURL(authorizationUrl)
+            }
+            else{
+                window.open(authorizationUrl)
+            }
            let code = await alertInput(language.pasteAuthCode)
            if(code.includes(' ')){
                code = code.substring(code.lastIndexOf(' ')).trim()
--- a/src/ts/storage/database.ts
+++ b/src/ts/storage/database.ts
@@ -7,7 +7,7 @@ import { cloneDeep } from 'lodash';

 export const DataBase = writable({} as any as Database)
 export const loadedStore = writable(false)
-export let appVer = '1.20.0'
+export let appVer = '1.20.1'


 export function setDatabase(data:Database){
--- a/src/ts/storage/nodeStorage.ts
+++ b/src/ts/storage/nodeStorage.ts
@@ -1,6 +1,12 @@
+import { language } from "src/lang"
+import { alertInput } from "../alert"
+
+let auth:string = null
+let authChecked = false

 export class NodeStorage{
    async setItem(key:string, value:Uint8Array) {
+        await this.checkAuth()
        const da = await fetch('/api/write', {
            method: "POST",
            body: JSON.stringify({
@@ -8,7 +14,8 @@ export class NodeStorage{
            }),
            headers: {
                'content-type': 'application/json',
-                'file-path': Buffer.from(key, 'utf-8').toString('hex')
+                'file-path': Buffer.from(key, 'utf-8').toString('hex'),
+                'risu-auth': auth
            }
        })
        if(da.status < 200 || da.status >= 300){
@@ -21,10 +28,12 @@ export class NodeStorage{

    }
    async getItem(key:string):Promise<Buffer> {
+        await this.checkAuth()
        const da = await fetch('/api/read', {
            method: "GET",
            headers: {
-                'file-path': Buffer.from(key, 'utf-8').toString('hex')
+                'file-path': Buffer.from(key, 'utf-8').toString('hex'),
+                'risu-auth': auth
            }
        })
        const data = await da.json()
@@ -40,8 +49,12 @@ export class NodeStorage{
        return Buffer.from(data.content, 'base64')
    }
    async keys():Promise<string[]>{
+        await this.checkAuth()
        const da = await fetch('/api/list', {
            method: "GET",
+            headers:{
+                'risu-auth': auth
+            }
        })
        const data = await da.json()
        if(da.status < 200 || da.status >= 300){
@@ -53,10 +66,12 @@ export class NodeStorage{
        return data.content
    }
    async removeItem(key:string){
+        await this.checkAuth()
        const da = await fetch('/api/list', {
            method: "GET",
            headers: {
-                'file-path': Buffer.from(key, 'utf-8').toString('hex')
+                'file-path': Buffer.from(key, 'utf-8').toString('hex'),
+                'risu-auth': auth
            }
        })
        if(da.status < 200 || da.status >= 300){
@@ -68,6 +83,58 @@ export class NodeStorage{
        }
    }

+    private async checkAuth(){
+        if(!auth){
+            auth = localStorage.getItem('risuauth')
+        }
+
+        if(!authChecked){
+            const data = await (await fetch('/api/password',{
+                headers: {
+                    'risu-auth': auth ?? ''
+                }
+            })).json()
+
+            if(data.status === 'unset'){
+                const input = await digestPassword(await alertInput(language.setNodePassword))
+                await fetch('/api/set_password',{
+                    method: "POST",
+                    body:JSON.stringify({
+                        password: input 
+                    }),
+                    headers: {
+                        'content-type': 'application/json'
+                    }
+                })
+                auth = input
+                localStorage.setItem('risuauth', auth)
+            }
+            else if(data.status === 'incorrect'){
+                while(true){
+                    const input = await digestPassword(await alertInput(language.inputNodePassword))
+                    const data = await (await fetch('/api/password',{
+                        headers: {
+                            'risu-auth': input ?? ''
+                        }
+                    })).json()
+                    if(data.status !== 'unset'){
+                        auth = input
+                        localStorage.setItem('risuauth', auth)
+                        await this.checkAuth()
+                        break
+                    }
+                }
+            }
+        }
+    }
+

    listItem = this.keys
-}
+}
+
+async function digestPassword(message:string) {
+    const encoder = new TextEncoder();
+    const data = encoder.encode(message);
+    const hash = Buffer.from(await crypto.subtle.digest("SHA-256", data)).toString('hex');
+    return hash;
+  }
--- a/version.json
+++ b/version.json
@@ -1 +1 @@
-{"version":"1.20.0"}
+{"version":"1.20.1"}