sync changes

2025-10-01 09:50:32 -07:00
parent 4de76c34c2
commit b1ac3d6f58
16 changed files with 114 additions and 60 deletions
--- a/routes/auth.js
+++ b/routes/auth.js
@@ -6,8 +6,8 @@ import { randomStringBase62, getHumanReadableUserAgent } from "../liberals/misc.
 app.get("/api/auth/whoami", (rreq,rres) => {
    if (!rreq.cookies["APIToken"] && !rreq.get("Authorization")) {
        rres.send({ "loggedIn": false, "username": "", "scopes": "" })
-    } else {
-        db`select s.scopes, u.username from sessions s join users u on s.owner = u.id where s.token = ${rreq.cookies["APIToken"] ?? rreq.get("Authorization")}`.then(dbRes => {
+    } else { // select 
+        db`select scopes,username from sessions where token = ${rreq.cookies["APIToken"] ?? rreq.get("Authorization")}`.then(dbRes => {
            if (dbRes.length > 0 && dbRes.length < 2) {
                rres.send({ "loggedIn": true, "username": dbRes[0]?.username, "scopes": dbRes[0]?.scopes.split(",") })
            } else {
@@ -75,7 +75,7 @@ app.get("/api/auth/callback", (rreq,rres) => {
                            let newExpiration = Date.now() + 86400
                            let newComment = `Login token for ${getHumanReadableUserAgent(rreq.get("User-Agent"))} on ${rreq.get("cf-connecting-ip") ?? rreq.ip}`

-                            db`insert into sessions (token,owner,scopes,expires,comment) values (${newToken},(select id from users where oidc_username = ${fetchRes2.username}),${fetchRes2.enstrayedapi_scopes},${newExpiration},${newComment});`.then(dbRes1 => {
+                            db`insert into sessions (token,username,scopes,expires,comment) values (${newToken},${fetchRes2.username},${fetchRes2.enstrayedapi_scopes},${newExpiration},${newComment});`.then(dbRes1 => {
                                if (rreq.query.state.split("_")[0] === "redirect") {
                                    let newDestination = atob(rreq.query.state.split("_")[1].replace("-","/"))
                                    rres.setHeader("Set-Cookie", `APIToken=${newToken}; Domain=${rreq.hostname}; Expires=${new Date(newExpiration).toUTCString()}; Path=/`).redirect(newDestination)
--- a/routes/dynamic.js
+++ b/routes/dynamic.js
@@ -8,4 +8,12 @@ app.get("/dynamic/icon/*", (rreq, rres) => {
    } catch {
        rres.sendStatus(404)
    }
+})
+
+app.get("/dynamic/background/*", (rreq,rres) => {
+    if (rreq.headers["accept"].includes("image/jxl")) {
+        rres.setHeader("Content-Type", "image/jxl").sendFile( `${process.cwd()}/website/dynamic/backgrounds/${rreq.path.split("/")[3]}.jxl`)
+    } else {
+        rres.setHeader("Content-Type", "image/jpeg").sendFile( `${process.cwd()}/website/dynamic/backgrounds/${rreq.path.split("/")[3]}.jpg`)
+    }
 })
--- a/routes/helpdesk.js
+++ b/routes/helpdesk.js
@@ -26,7 +26,14 @@ app.get("/helpdesk/ticket/new", (rreq,rres) => {
 })

 app.get("/api/helpdesk/forms/*", (rreq, rres) => {
-    rres.sendFile(process.cwd()+"/website/helpdesk/forms/"+rreq.url.replace("/api/helpdesk/forms/",""))
+    fs.readFile(process.cwd()+"/website/helpdesk/forms/"+rreq.url.replace("/api/helpdesk/forms/","")+".json","utf-8", (error, data) => {
+        if (error) {
+            rres.status(400).send("Unable to retrieve requested form")
+        } else {
+            rres.type('json').send(data)
+        }
+    })
+
 })

 app.get("/helpdesk/static/*", (rreq,rres) => {