[frontend] Restructure Frontend Sources (#634)

* 🐸restructure frontend stuff, include admin and future user panel in main repo, properly deduplicate bundles for css+js across uses * rename bundled to dist, caught by gitignore * re-include status.css for profile template * default to localhost * serve frontend panels * add todo message for abstraction * refactor oauth registration flow * oauth restructure * update footer template * change panel routes * remove superfluous css imports * write bundle to disk from test server, use forked budo-express * wrap all page content in container for robustness with addons etc injection other elements in body * update documentation, goreleaser, Dockerfile * update template meta tags * add AGPL-3.0+ license header everywhere * only attach update listener on EventEmitter * cleaner config for various frontend bundles * fix bundler script paths * Merge commit 'd191931932b9293ce1be44ed08a1e69b9fcc1e25' * fix up dockerfile, goreleaser * go mod tidy * add uglifyify * move status hide/show js to frontend bundle * fix stylesheet color( func regressions * update contributing docs for new build path * update goreleaser + docker building * resolve dependency paths properly * update package name * use api errorhandler Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2025-06-05 21:59:39 +02:00 · 2022-06-09 12:51:19 +02:00
parent f30a581268
commit b43f9ceca9
47 changed files with 8061 additions and 1918 deletions
--- a/web/source/lib/oauth.js
+++ b/web/source/lib/oauth.js
@ -0,0 +1,220 @@
+/*
+   GoToSocial
+   Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+"use strict";
+
+const Promise = require("bluebird");
+
+function getCurrentUrl() {
+	return window.location.origin + window.location.pathname; // strips ?query=string and #hash
+}
+
+module.exports = function oauthClient(config, initState) {
+	/* config: 
+		instance: instance domain (https://testingtesting123.xyz)
+		client_name: "GoToSocial Admin Panel"
+		scope: []
+		website: 
+	*/
+
+	let state = initState;
+	if (initState == undefined) {
+		state = localStorage.getItem("oauth");
+		if (state == undefined) {
+			state = {
+				config
+			};
+			storeState();
+		} else {
+			state = JSON.parse(state);
+		}
+	}
+
+	function storeState() {
+		localStorage.setItem("oauth", JSON.stringify(state));
+	}
+
+	/* register app
+		/api/v1/apps
+	*/
+	function register() {
+		if (state.client_id != undefined) {
+			return true; // we already have a registration
+		}
+		let url = new URL(config.instance);
+		url.pathname = "/api/v1/apps";
+
+		return fetch(url.href, {
+			method: "POST",
+			headers: {
+				'Content-Type': 'application/json'
+			},
+			body: JSON.stringify({
+				client_name: config.client_name,
+				redirect_uris: getCurrentUrl(),
+				scopes: config.scope.join(" "),
+				website: getCurrentUrl()
+			})
+		}).then((res) => {
+			if (res.status != 200) {
+				throw res;
+			}
+			return res.json();
+		}).then((json) => {
+			state.client_id = json.client_id;
+			state.client_secret = json.client_secret;
+			storeState();
+		});
+	}
+	
+	/* authorize:
+		/oauth/authorize
+			?client_id=CLIENT_ID
+			&redirect_uri=window.location.href
+			&response_type=code
+			&scope=admin
+	*/
+	function authorize() {
+		let url = new URL(config.instance);
+		url.pathname = "/oauth/authorize";
+		url.searchParams.set("client_id", state.client_id);
+		url.searchParams.set("redirect_uri", getCurrentUrl());
+		url.searchParams.set("response_type", "code");
+		url.searchParams.set("scope", config.scope.join(" "));
+
+		window.location.assign(url.href);
+	}
+	
+	function callback() {
+		if (state.access_token != undefined) {
+			return; // we're already done :)
+		}
+		let params = (new URL(window.location)).searchParams;
+	
+		let token = params.get("code");
+		if (token != null) {
+			console.log("got token callback:", token);
+		}
+
+		return authorizeToken(token)
+			.catch((e) => {
+				console.log("Error processing oauth callback:", e);
+				logout(); // just to be sure
+			});
+	}
+
+	function authorizeToken(token) {
+		let url = new URL(config.instance);
+		url.pathname = "/oauth/token";
+		return fetch(url.href, {
+			method: "POST",
+			headers: {
+				"Content-Type": "application/json"
+			},
+			body: JSON.stringify({
+				client_id: state.client_id,
+				client_secret: state.client_secret,
+				redirect_uri: getCurrentUrl(),
+				grant_type: "authorization_code",
+				code: token
+			})
+		}).then((res) => {
+			if (res.status != 200) {
+				throw res;
+			}
+			return res.json();
+		}).then((json) => {
+			state.access_token = json.access_token;
+			storeState();
+			window.location = getCurrentUrl(); // clear ?token=
+		});
+	}
+
+	function isAuthorized() {
+		return (state.access_token != undefined);
+	}
+
+	function apiRequest(path, method, data, type="json") {
+		if (!isAuthorized()) {
+			throw new Error("Not Authenticated");
+		}
+		let url = new URL(config.instance);
+		let [p, s] = path.split("?");
+		url.pathname = p;
+		if (s != undefined) {
+			url.search = s;
+		}
+		let headers = {
+			"Authorization": `Bearer ${state.access_token}`
+		};
+		let body = data;
+		if (type == "json" && body != undefined) {
+			headers["Content-Type"] = "application/json";
+			body = JSON.stringify(data);
+		}
+		return fetch(url.href, {
+			method,
+			headers,
+			body
+		}).then((res) => {
+			return Promise.all([res.json(), res]);
+		}).then(([json, res]) => {
+			if (res.status != 200) {
+				if (json.error) {
+					throw new Error(json.error);
+				} else {
+					throw new Error(`${res.status}: ${res.statusText}`);
+				}
+			} else {
+				return json;
+			}
+		});
+	}
+
+	function logout() {
+		let url = new URL(config.instance);
+		url.pathname = "/oauth/revoke";
+		return fetch(url.href, {
+			method: "POST",
+			headers: {
+				"Content-Type": "application/json"
+			},
+			body: JSON.stringify({
+				client_id: state.client_id,
+				client_secret: state.client_secret,
+				token: state.access_token,
+			})
+		}).then((res) => {
+			if (res.status != 200) {
+				// GoToSocial doesn't actually implement this route yet,
+				// so error is to be expected
+				return;
+			}
+			return res.json();
+		}).catch(() => {
+			// see above
+		}).then(() => {
+			localStorage.removeItem("oauth");
+			window.location = getCurrentUrl();
+		});
+	}
+
+	return {
+		register, authorize, callback, isAuthorized, apiRequest, logout
+	};
+};
--- a/web/source/lib/split-css.js
+++ b/web/source/lib/split-css.js
@ -0,0 +1,76 @@
+/*
+   GoToSocial
+   Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+"use strict";
+
+const fs = require("fs");
+const path = require("path");
+
+const {Writable} = require("stream");
+const {out} = require("../index.js");
+
+const fromRegex = /\/\* from (.+?) \*\//;
+module.exports = function splitCSS() {
+	let chunks = [];
+	return new Writable({
+		write: function(chunk, encoding, next) {
+			chunks.push(chunk);
+			next();
+		},
+		final: function() {
+			let stream = chunks.join("");
+			let input;
+			let content = [];
+
+			function write() {
+				if (content.length != 0) {
+					if (input == undefined) {
+						throw new Error("Got CSS content without filename, can't output: ", content);
+					} else {
+						console.log("writing to", out(input));
+						fs.writeFileSync(out(input), content.join("\n"));
+					}
+					content = [];
+				}
+			}
+
+			const cssDir = path.join(__dirname, "../css");
+
+			stream.split("\n").forEach((line) => {
+				if (line.startsWith("/* from")) {
+					let found = fromRegex.exec(line);
+					if (found != null) {
+						write();
+
+						let parts = path.parse(found[1]);
+						if (path.relative(cssDir, path.join(process.cwd(), parts.dir)) == "") {
+							input = parts.base;
+						} else {
+							// prefix filename with path
+							let relative = path.relative(path.join(__dirname, "../"), path.join(process.cwd(), found[1]));
+							input = relative.replace(/\//g, "-");
+						}
+					}
+				} else {
+					content.push(line);
+				}
+			});
+			write();
+		}
+	});
+};