diff --git a/run.bat b/run.bat
deleted file mode 100644
index e019cfae..00000000
--- a/run.bat
+++ /dev/null
@@ -1,2 +0,0 @@
-npm build
-npm run runserver
\ No newline at end of file
diff --git a/run.sh b/run.sh
deleted file mode 100644
index e019cfae..00000000
--- a/run.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-npm build
-npm run runserver
\ No newline at end of file
diff --git a/server.bat b/server.bat
new file mode 100644
index 00000000..5041f2e7
--- /dev/null
+++ b/server.bat
@@ -0,0 +1,3 @@
+npm install
+npm run build
+npm run runserver
\ No newline at end of file
diff --git a/server.sh b/server.sh
new file mode 100644
index 00000000..5041f2e7
--- /dev/null
+++ b/server.sh
@@ -0,0 +1,3 @@
+npm install
+npm run build
+npm run runserver
\ No newline at end of file
diff --git a/server/node/server.cjs b/server/node/server.cjs
index fcb79b57..54807175 100644
--- a/server/node/server.cjs
+++ b/server/node/server.cjs
@@ -2,18 +2,26 @@ const express = require('express');
const app = express();
const path = require('path');
const htmlparser = require('node-html-parser');
-const { existsSync, mkdirSync } = require('fs');
+const { existsSync, mkdirSync, readFileSync, writeFileSync } = require('fs');
const bodyParser = require('body-parser');
const fs = require('fs/promises')
app.use(express.static(path.join(process.cwd(), 'dist'), {index: false}));
app.use(bodyParser.json({ limit: 100000000 }));
+
+let password = ''
+
const savePath = path.join(process.cwd(), "save")
if(!existsSync(savePath)){
mkdirSync(savePath)
}
+const passwordPath = path.join(process.cwd(), 'save', '__password')
+if(existsSync(passwordPath)){
+ password = readFileSync(passwordPath, 'utf-8')
+}
+
app.get('/', async (req, res, next) => {
console.log("connected")
try {
@@ -62,9 +70,38 @@ app.post('/proxy', async (req, res, next) => {
res.send(originalBody);
});
+app.get('/api/password', async(req, res)=> {
+ if(password === ''){
+ res.send({status: 'unset'})
+ }
+ else if(req.headers['risu-auth'] === password){
+ res.send({status:'correct'})
+ }
+ else{
+ res.send({status:'incorrect'})
+ }
+})
+
+
+app.post('/api/set_password', async (req, res) => {
+ if(password === ''){
+ password = req.body.password
+ writeFileSync(passwordPath, password, 'utf-8')
+ }
+ res.status(400).send("already set")
+})
+
app.get('/api/read', async (req, res, next) => {
+ if(req.headers['risu-auth'].trim() !== password.trim()){
+ console.log('incorrect')
+ res.status(400).send({
+ error:'Password Incorrect'
+ });
+ return
+ }
const filePath = req.headers['file-path'];
if (!filePath) {
+ console.log('no path')
res.status(400).send({
error:'File path required'
});
@@ -91,6 +128,13 @@ app.get('/api/read', async (req, res, next) => {
});
app.get('/api/remove', async (req, res, next) => {
+ if(req.headers['risu-auth'].trim() !== password.trim()){
+ console.log('incorrect')
+ res.status(400).send({
+ error:'Password Incorrect'
+ });
+ return
+ }
const filePath = req.headers['file-path'];
if (!filePath) {
res.status(400).send({
@@ -110,6 +154,13 @@ app.get('/api/remove', async (req, res, next) => {
});
app.get('/api/list', async (req, res, next) => {
+ if(req.headers['risu-auth'].trim() !== password.trim()){
+ console.log('incorrect')
+ res.status(400).send({
+ error:'Password Incorrect'
+ });
+ return
+ }
try {
const data = (await fs.readdir(path.join(savePath))).map((v) => {
return Buffer.from(v, 'hex').toString('utf-8')
@@ -124,6 +175,13 @@ app.get('/api/list', async (req, res, next) => {
});
app.post('/api/write', async (req, res, next) => {
+ if(req.headers['risu-auth'].trim() !== password.trim()){
+ console.log('incorrect')
+ res.status(400).send({
+ error:'Password Incorrect'
+ });
+ return
+ }
const filePath = req.headers['file-path'];
const fileContent = Buffer.from(req.body.content, 'base64');
if (!filePath || !fileContent) {
diff --git a/src-tauri/tauri.conf.json b/src-tauri/tauri.conf.json
index 4d3b3538..56f3ede1 100644
--- a/src-tauri/tauri.conf.json
+++ b/src-tauri/tauri.conf.json
@@ -8,7 +8,7 @@
},
"package": {
"productName": "RisuAI",
- "version": "1.20.0"
+ "version": "1.20.1"
},
"tauri": {
"allowlist": {
diff --git a/src/lang/en.ts b/src/lang/en.ts
index e597ed3c..3768db19 100644
--- a/src/lang/en.ts
+++ b/src/lang/en.ts
@@ -280,5 +280,7 @@ export const languageEnglish = {
globalRegexScript: "Global Regex",
accessibility: "Accessibility",
sendWithEnter: "Send with Enter Key",
- clickToEdit: "Click Text to Edit"
+ clickToEdit: "Click Text to Edit",
+ setNodePassword: "Set your password to security",
+ inputNodePassword: "Input your password. if you can't remember, remove save/__password.txt in your server files and restart the server."
}
\ No newline at end of file
diff --git a/src/lib/Others/AlertComp.svelte b/src/lib/Others/AlertComp.svelte
index 2c0e324e..fd350ff0 100644
--- a/src/lib/Others/AlertComp.svelte
+++ b/src/lib/Others/AlertComp.svelte
@@ -14,10 +14,15 @@
btn.focus()
}
if($alertStore.type !== 'input'){
+ console.log('reset input')
input = ''
}
})()
+
+ alertStore.subscribe(() => {
+ console.log('alup')
+ })
{#if $alertStore.type !== 'none' && $alertStore.type !== 'toast'}
@@ -73,11 +78,12 @@
})
}}>OK
{:else if $alertStore.type === 'input'}
-
+
{:else if $alertStore.type === 'selectChar'}
diff --git a/src/lib/Setting/Pages/FilesSettings.svelte b/src/lib/Setting/Pages/FilesSettings.svelte
index cc6bc9b3..9ea31835 100644
--- a/src/lib/Setting/Pages/FilesSettings.svelte
+++ b/src/lib/Setting/Pages/FilesSettings.svelte
@@ -2,7 +2,7 @@
import { language } from "src/lang";
import { alertConfirm } from "src/ts/alert";
import { checkDriver } from "src/ts/drive/drive";
- import { isTauri } from "src/ts/storage/globalApi";
+ import { isNodeServer, isTauri } from "src/ts/storage/globalApi";
@@ -11,7 +11,7 @@
on:click={async () => {
if(await alertConfirm(language.backupConfirm)){
localStorage.setItem('backup', 'save')
- if(isTauri){
+ if(isTauri || isNodeServer){
checkDriver('savetauri')
}
else{
@@ -27,7 +27,7 @@
on:click={async () => {
if((await alertConfirm(language.backupLoadConfirm)) && (await alertConfirm(language.backupLoadConfirm2))){
localStorage.setItem('backup', 'load')
- if(isTauri){
+ if(isTauri || isNodeServer){
checkDriver('loadtauri')
}
else{
diff --git a/src/ts/drive/drive.ts b/src/ts/drive/drive.ts
index 089defe0..aa6fd430 100644
--- a/src/ts/drive/drive.ts
+++ b/src/ts/drive/drive.ts
@@ -1,7 +1,7 @@
import { get } from "svelte/store";
import { alertError, alertInput, alertNormal, alertSelect, alertStore } from "../alert";
import { DataBase, setDatabase, type Database } from "../storage/database";
-import { forageStorage, getUnpargeables, isTauri } from "../storage/globalApi";
+import { forageStorage, getUnpargeables, isNodeServer, isTauri, openURL } from "../storage/globalApi";
import pako from "pako";
import { BaseDirectory, exists, readBinaryFile, readDir, writeBinaryFile } from "@tauri-apps/api/fs";
import { language } from "../../lang";
@@ -10,7 +10,7 @@ import { open } from '@tauri-apps/api/shell';
export async function checkDriver(type:'save'|'load'|'loadtauri'|'savetauri'|'reftoken'){
const CLIENT_ID = '580075990041-l26k2d3c0nemmqiu3d3aag01npfrkn76.apps.googleusercontent.com';
- const REDIRECT_URI = isTauri ? "https://risuai.xyz/" : `https://${location.host}/`
+ const REDIRECT_URI = (isTauri || isNodeServer) ? "https://risuai.xyz/" : `https://${location.host}/`
const SCOPE = 'https://www.googleapis.com/auth/drive.file https://www.googleapis.com/auth/drive.appdata';
const encodedRedirectUri = encodeURIComponent(REDIRECT_URI);
const authorizationUrl = `https://accounts.google.com/o/oauth2/auth?client_id=${CLIENT_ID}&redirect_uri=${encodedRedirectUri}&scope=${SCOPE}&response_type=code&state=${type}`;
@@ -18,7 +18,7 @@ export async function checkDriver(type:'save'|'load'|'loadtauri'|'savetauri'|'re
if(type === 'reftoken'){
const authorizationUrl = `https://accounts.google.com/o/oauth2/auth?client_id=${CLIENT_ID}&redirect_uri=${encodedRedirectUri}&scope=${SCOPE}&response_type=code&state=${"accesstauri"}&access_type=offline&prompt=consent`;
- open(authorizationUrl)
+ openURL(authorizationUrl)
return
}
@@ -28,7 +28,12 @@ export async function checkDriver(type:'save'|'load'|'loadtauri'|'savetauri'|'re
else{
try {
- open(authorizationUrl)
+ if(isTauri){
+ openURL(authorizationUrl)
+ }
+ else{
+ window.open(authorizationUrl)
+ }
let code = await alertInput(language.pasteAuthCode)
if(code.includes(' ')){
code = code.substring(code.lastIndexOf(' ')).trim()
diff --git a/src/ts/storage/database.ts b/src/ts/storage/database.ts
index ad4ce377..19d3757a 100644
--- a/src/ts/storage/database.ts
+++ b/src/ts/storage/database.ts
@@ -7,7 +7,7 @@ import { cloneDeep } from 'lodash';
export const DataBase = writable({} as any as Database)
export const loadedStore = writable(false)
-export let appVer = '1.20.0'
+export let appVer = '1.20.1'
export function setDatabase(data:Database){
diff --git a/src/ts/storage/nodeStorage.ts b/src/ts/storage/nodeStorage.ts
index a4734014..8f458006 100644
--- a/src/ts/storage/nodeStorage.ts
+++ b/src/ts/storage/nodeStorage.ts
@@ -1,6 +1,12 @@
+import { language } from "src/lang"
+import { alertInput } from "../alert"
+
+let auth:string = null
+let authChecked = false
export class NodeStorage{
async setItem(key:string, value:Uint8Array) {
+ await this.checkAuth()
const da = await fetch('/api/write', {
method: "POST",
body: JSON.stringify({
@@ -8,7 +14,8 @@ export class NodeStorage{
}),
headers: {
'content-type': 'application/json',
- 'file-path': Buffer.from(key, 'utf-8').toString('hex')
+ 'file-path': Buffer.from(key, 'utf-8').toString('hex'),
+ 'risu-auth': auth
}
})
if(da.status < 200 || da.status >= 300){
@@ -21,10 +28,12 @@ export class NodeStorage{
}
async getItem(key:string):Promise {
+ await this.checkAuth()
const da = await fetch('/api/read', {
method: "GET",
headers: {
- 'file-path': Buffer.from(key, 'utf-8').toString('hex')
+ 'file-path': Buffer.from(key, 'utf-8').toString('hex'),
+ 'risu-auth': auth
}
})
const data = await da.json()
@@ -40,8 +49,12 @@ export class NodeStorage{
return Buffer.from(data.content, 'base64')
}
async keys():Promise{
+ await this.checkAuth()
const da = await fetch('/api/list', {
method: "GET",
+ headers:{
+ 'risu-auth': auth
+ }
})
const data = await da.json()
if(da.status < 200 || da.status >= 300){
@@ -53,10 +66,12 @@ export class NodeStorage{
return data.content
}
async removeItem(key:string){
+ await this.checkAuth()
const da = await fetch('/api/list', {
method: "GET",
headers: {
- 'file-path': Buffer.from(key, 'utf-8').toString('hex')
+ 'file-path': Buffer.from(key, 'utf-8').toString('hex'),
+ 'risu-auth': auth
}
})
if(da.status < 200 || da.status >= 300){
@@ -68,6 +83,58 @@ export class NodeStorage{
}
}
+ private async checkAuth(){
+ if(!auth){
+ auth = localStorage.getItem('risuauth')
+ }
+
+ if(!authChecked){
+ const data = await (await fetch('/api/password',{
+ headers: {
+ 'risu-auth': auth ?? ''
+ }
+ })).json()
+
+ if(data.status === 'unset'){
+ const input = await digestPassword(await alertInput(language.setNodePassword))
+ await fetch('/api/set_password',{
+ method: "POST",
+ body:JSON.stringify({
+ password: input
+ }),
+ headers: {
+ 'content-type': 'application/json'
+ }
+ })
+ auth = input
+ localStorage.setItem('risuauth', auth)
+ }
+ else if(data.status === 'incorrect'){
+ while(true){
+ const input = await digestPassword(await alertInput(language.inputNodePassword))
+ const data = await (await fetch('/api/password',{
+ headers: {
+ 'risu-auth': input ?? ''
+ }
+ })).json()
+ if(data.status !== 'unset'){
+ auth = input
+ localStorage.setItem('risuauth', auth)
+ await this.checkAuth()
+ break
+ }
+ }
+ }
+ }
+ }
+
listItem = this.keys
-}
\ No newline at end of file
+}
+
+async function digestPassword(message:string) {
+ const encoder = new TextEncoder();
+ const data = encoder.encode(message);
+ const hash = Buffer.from(await crypto.subtle.digest("SHA-256", data)).toString('hex');
+ return hash;
+ }
\ No newline at end of file
diff --git a/version.json b/version.json
index 0308d191..6eee19d0 100644
--- a/version.json
+++ b/version.json
@@ -1 +1 @@
-{"version":"1.20.0"}
\ No newline at end of file
+{"version":"1.20.1"}
\ No newline at end of file