versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2025-12-06 16:38:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor(api): ♻️ Move more API routes to new OpenAPI format

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-09-15 14:28:47 +02:00
parent 166d1c59a5
commit b755fc5d62
No known key found for this signature in database
14 changed files with 1037 additions and 686 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

106
api/api/v1/favourites/index.ts
View file

@ -1,15 +1,11 @@
import { import { apiRoute, applyConfig, auth, idValidator } from "@/api";
apiRoute, import { createRoute } from "@hono/zod-openapi";
applyConfig,
auth,
handleZodError,
idValidator,
} from "@/api";
import { zValidator } from "@hono/zod-validator";
import { and, gt, gte, lt, sql } from "drizzle-orm"; import { and, gt, gte, lt, sql } from "drizzle-orm";
import { z } from "zod"; import { z } from "zod";
import { Notes, RolePermissions } from "~/drizzle/schema"; import { Notes, RolePermissions } from "~/drizzle/schema";
import { Note } from "~/packages/database-interface/note";
import { Timeline } from "~/packages/database-interface/timeline"; import { Timeline } from "~/packages/database-interface/timeline";
import { ErrorSchema } from "~/types/api";
export const meta = applyConfig({ export const meta = applyConfig({
allowedMethods: ["GET"], allowedMethods: ["GET"],
@ -35,44 +31,62 @@ export const schemas = {
}), }),
}; };
export default apiRoute((app) => const route = createRoute({
app.on( method: "get",
meta.allowedMethods, path: "/api/v1/favourites",
meta.route, summary: "Get favourites",
zValidator("query", schemas.query, handleZodError), middleware: [auth(meta.auth, meta.permissions)],
auth(meta.auth, meta.permissions), request: {
async (context) => { query: schemas.query,
const { max_id, since_id, min_id, limit } = },
context.req.valid("query"); responses: {
200: {
const { user } = context.get("auth"); description: "Favourites",
content: {
if (!user) { "application/json": {
return context.json({ error: "Unauthorized" }, 401); schema: z.array(Note.schema),
}
const { objects: favourites, link } =
await Timeline.getNoteTimeline(
and(
max_id ? lt(Notes.id, max_id) : undefined,
since_id ? gte(Notes.id, since_id) : undefined,
min_id ? gt(Notes.id, min_id) : undefined,
sql`EXISTS (SELECT 1 FROM "Likes" WHERE "Likes"."likedId" = ${Notes.id} AND "Likes"."likerId" = ${user.id})`,
),
limit,
context.req.url,
user?.id,
);
return context.json(
await Promise.all(
favourites.map(async (note) => note.toApi(user)),
),
200,
{
Link: link,
}, },
); },
}, },
), 401: {
description: "Unauthorized",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
},
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
const { max_id, since_id, min_id, limit } = context.req.valid("query");
const { user } = context.get("auth");
if (!user) {
return context.json({ error: "Unauthorized" }, 401);
}
const { objects: favourites, link } = await Timeline.getNoteTimeline(
and(
max_id ? lt(Notes.id, max_id) : undefined,
since_id ? gte(Notes.id, since_id) : undefined,
min_id ? gt(Notes.id, min_id) : undefined,
sql`EXISTS (SELECT 1 FROM "Likes" WHERE "Likes"."likedId" = ${Notes.id} AND "Likes"."likerId" = ${user.id})`,
),
limit,
context.req.url,
user?.id,
);
return context.json(
await Promise.all(favourites.map(async (note) => note.toApi(user))),
200,
{
Link: link,
},
);
}),
); );

123
api/api/v1/follow_requests/:account_id/authorize.ts
View file

@ -1,10 +1,11 @@
import { apiRoute, applyConfig, auth, handleZodError } from "@/api"; import { apiRoute, applyConfig, auth } from "@/api";
import { zValidator } from "@hono/zod-validator"; import { createRoute } from "@hono/zod-openapi";
import { z } from "zod"; import { z } from "zod";
import { sendFollowAccept } from "~/classes/functions/user"; import { sendFollowAccept } from "~/classes/functions/user";
import { RolePermissions } from "~/drizzle/schema"; import { RolePermissions } from "~/drizzle/schema";
import { Relationship } from "~/packages/database-interface/relationship"; import { Relationship } from "~/packages/database-interface/relationship";
import { User } from "~/packages/database-interface/user"; import { User } from "~/packages/database-interface/user";
import { ErrorSchema } from "~/types/api";
export const meta = applyConfig({ export const meta = applyConfig({
allowedMethods: ["POST"], allowedMethods: ["POST"],
@ -27,49 +28,79 @@ export const schemas = {
}), }),
}; };
export default apiRoute((app) => const route = createRoute({
app.on( method: "post",
meta.allowedMethods, path: "/api/v1/follow_requests/{account_id}/authorize",
meta.route, summary: "Authorize follow request",
zValidator("param", schemas.param, handleZodError), middleware: [auth(meta.auth, meta.permissions)],
auth(meta.auth, meta.permissions), request: {
async (context) => { params: schemas.param,
const { user } = context.get("auth"); },
responses: {
if (!user) { 200: {
return context.json({ error: "Unauthorized" }, 401); description: "Relationship",
} content: {
"application/json": {
const { account_id } = context.req.valid("param"); schema: Relationship.schema,
},
const account = await User.fromId(account_id); },
if (!account) {
return context.json({ error: "Account not found" }, 404);
}
const oppositeRelationship = await Relationship.fromOwnerAndSubject(
account,
user,
);
await oppositeRelationship.update({
requested: false,
following: true,
});
const foundRelationship = await Relationship.fromOwnerAndSubject(
user,
account,
);
// Check if accepting remote follow
if (account.isRemote()) {
// Federate follow accept
await sendFollowAccept(account, user);
}
return context.json(foundRelationship.toApi());
}, },
), 401: {
description: "Unauthorized",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
404: {
description: "Account not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
},
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
const { user } = context.get("auth");
if (!user) {
return context.json({ error: "Unauthorized" }, 401);
}
const { account_id } = context.req.valid("param");
const account = await User.fromId(account_id);
if (!account) {
return context.json({ error: "Account not found" }, 404);
}
const oppositeRelationship = await Relationship.fromOwnerAndSubject(
account,
user,
);
await oppositeRelationship.update({
requested: false,
following: true,
});
const foundRelationship = await Relationship.fromOwnerAndSubject(
user,
account,
);
// Check if accepting remote follow
if (account.isRemote()) {
// Federate follow accept
await sendFollowAccept(account, user);
}
return context.json(foundRelationship.toApi(), 200);
}),
); );

123
api/api/v1/follow_requests/:account_id/reject.ts
View file

@ -1,10 +1,11 @@
import { apiRoute, applyConfig, auth, handleZodError } from "@/api"; import { apiRoute, applyConfig, auth } from "@/api";
import { zValidator } from "@hono/zod-validator"; import { createRoute } from "@hono/zod-openapi";
import { z } from "zod"; import { z } from "zod";
import { sendFollowReject } from "~/classes/functions/user"; import { sendFollowReject } from "~/classes/functions/user";
import { RolePermissions } from "~/drizzle/schema"; import { RolePermissions } from "~/drizzle/schema";
import { Relationship } from "~/packages/database-interface/relationship"; import { Relationship } from "~/packages/database-interface/relationship";
import { User } from "~/packages/database-interface/user"; import { User } from "~/packages/database-interface/user";
import { ErrorSchema } from "~/types/api";
export const meta = applyConfig({ export const meta = applyConfig({
allowedMethods: ["POST"], allowedMethods: ["POST"],
@ -27,49 +28,79 @@ export const schemas = {
}), }),
}; };
export default apiRoute((app) => const route = createRoute({
app.on( method: "post",
meta.allowedMethods, path: "/api/v1/follow_requests/{account_id}/reject",
meta.route, summary: "Reject follow request",
zValidator("param", schemas.param, handleZodError), middleware: [auth(meta.auth, meta.permissions)],
auth(meta.auth, meta.permissions), request: {
async (context) => { params: schemas.param,
const { user } = context.get("auth"); },
responses: {
if (!user) { 200: {
return context.json({ error: "Unauthorized" }, 401); description: "Relationship",
} content: {
"application/json": {
const { account_id } = context.req.valid("param"); schema: Relationship.schema,
},
const account = await User.fromId(account_id); },
if (!account) {
return context.json({ error: "Account not found" }, 404);
}
const oppositeRelationship = await Relationship.fromOwnerAndSubject(
account,
user,
);
await oppositeRelationship.update({
requested: false,
following: false,
});
const foundRelationship = await Relationship.fromOwnerAndSubject(
user,
account,
);
// Check if rejecting remote follow
if (account.isRemote()) {
// Federate follow reject
await sendFollowReject(account, user);
}
return context.json(foundRelationship.toApi());
}, },
), 401: {
description: "Unauthorized",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
404: {
description: "Account not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
},
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
const { user } = context.get("auth");
if (!user) {
return context.json({ error: "Unauthorized" }, 401);
}
const { account_id } = context.req.valid("param");
const account = await User.fromId(account_id);
if (!account) {
return context.json({ error: "Account not found" }, 404);
}
const oppositeRelationship = await Relationship.fromOwnerAndSubject(
account,
user,
);
await oppositeRelationship.update({
requested: false,
following: false,
});
const foundRelationship = await Relationship.fromOwnerAndSubject(
user,
account,
);
// Check if rejecting remote follow
if (account.isRemote()) {
// Federate follow reject
await sendFollowReject(account, user);
}
return context.json(foundRelationship.toApi(), 200);
}),
); );

103
api/api/v1/follow_requests/index.ts
View file

@ -1,15 +1,11 @@
import { import { apiRoute, applyConfig, auth, idValidator } from "@/api";
apiRoute, import { createRoute } from "@hono/zod-openapi";
applyConfig,
auth,
handleZodError,
idValidator,
} from "@/api";
import { zValidator } from "@hono/zod-validator";
import { and, gt, gte, lt, sql } from "drizzle-orm"; import { and, gt, gte, lt, sql } from "drizzle-orm";
import { z } from "zod"; import { z } from "zod";
import { RolePermissions, Users } from "~/drizzle/schema"; import { RolePermissions, Users } from "~/drizzle/schema";
import { Timeline } from "~/packages/database-interface/timeline"; import { Timeline } from "~/packages/database-interface/timeline";
import { User } from "~/packages/database-interface/user";
import { ErrorSchema } from "~/types/api";
export const meta = applyConfig({ export const meta = applyConfig({
allowedMethods: ["GET"], allowedMethods: ["GET"],
@ -35,41 +31,62 @@ export const schemas = {
}), }),
}; };
export default apiRoute((app) => const route = createRoute({
app.on( method: "get",
meta.allowedMethods, path: "/api/v1/follow_requests",
meta.route, summary: "Get follow requests",
zValidator("query", schemas.query, handleZodError), middleware: [auth(meta.auth, meta.permissions)],
auth(meta.auth, meta.permissions), request: {
async (context) => { query: schemas.query,
const { max_id, since_id, min_id, limit } = },
context.req.valid("query"); responses: {
200: {
const { user } = context.get("auth"); description: "Follow requests",
content: {
if (!user) { "application/json": {
return context.json({ error: "Unauthorized" }, 401); schema: z.array(User.schema),
}
const { objects: followRequests, link } =
await Timeline.getUserTimeline(
and(
max_id ? lt(Users.id, max_id) : undefined,
since_id ? gte(Users.id, since_id) : undefined,
min_id ? gt(Users.id, min_id) : undefined,
sql`EXISTS (SELECT 1 FROM "Relationships" WHERE "Relationships"."subjectId" = ${user.id} AND "Relationships"."ownerId" = ${Users.id} AND "Relationships"."requested" = true)`,
),
limit,
context.req.url,
);
return context.json(
followRequests.map((u) => u.toApi()),
200,
{
Link: link,
}, },
); },
}, },
), 401: {
description: "Unauthorized",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
},
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
const { max_id, since_id, min_id, limit } = context.req.valid("query");
const { user } = context.get("auth");
if (!user) {
return context.json({ error: "Unauthorized" }, 401);
}
const { objects: followRequests, link } =
await Timeline.getUserTimeline(
and(
max_id ? lt(Users.id, max_id) : undefined,
since_id ? gte(Users.id, since_id) : undefined,
min_id ? gt(Users.id, min_id) : undefined,
sql`EXISTS (SELECT 1 FROM "Relationships" WHERE "Relationships"."subjectId" = ${user.id} AND "Relationships"."ownerId" = ${Users.id} AND "Relationships"."requested" = true)`,
),
limit,
context.req.url,
);
return context.json(
followRequests.map((u) => u.toApi()),
200,
{
Link: link,
},
);
}),
); );

21
api/api/v1/frontend/config/index.ts
View file

@ -1,4 +1,5 @@
import { apiRoute, applyConfig } from "@/api"; import { apiRoute, applyConfig } from "@/api";
import { createRoute, z } from "@hono/zod-openapi";
import { config } from "~/packages/config-manager"; import { config } from "~/packages/config-manager";
export const meta = applyConfig({ export const meta = applyConfig({
@ -13,8 +14,24 @@ export const meta = applyConfig({
route: "/api/v1/frontend/config", route: "/api/v1/frontend/config",
}); });
const route = createRoute({
method: "get",
path: "/api/v1/frontend/config",
summary: "Get frontend config",
responses: {
200: {
description: "Frontend config",
content: {
"application/json": {
schema: z.record(z.string(), z.any()).default({}),
},
},
},
},
});
export default apiRoute((app) => export default apiRoute((app) =>
app.on(meta.allowedMethods, meta.route, (context) => { app.openapi(route, (context) => {
return context.json(config.frontend.settings); return context.json(config.frontend.settings, 200);
}), }),
); );

176
api/api/v1/instance/index.ts
View file

@ -1,5 +1,6 @@
import { apiRoute, applyConfig, auth } from "@/api"; import { apiRoute, applyConfig, auth } from "@/api";
import { proxyUrl } from "@/response"; import { proxyUrl } from "@/response";
import { createRoute, z } from "@hono/zod-openapi";
import { and, eq, isNull } from "drizzle-orm"; import { and, eq, isNull } from "drizzle-orm";
import { Users } from "~/drizzle/schema"; import { Users } from "~/drizzle/schema";
import manifest from "~/package.json"; import manifest from "~/package.json";
@ -20,87 +21,100 @@ export const meta = applyConfig({
}, },
}); });
export default apiRoute((app) => const route = createRoute({
app.on( method: "get",
meta.allowedMethods, path: "/api/v1/instance",
meta.route, summary: "Get instance information",
auth(meta.auth, meta.permissions), middleware: [auth(meta.auth)],
async (context) => { responses: {
// Get software version from package.json 200: {
const version = manifest.version; description: "Instance information",
content: {
const statusCount = await Note.getCount(); // TODO: Add schemas for this response
"application/json": {
const userCount = await User.getCount(); schema: z.any(),
const contactAccount = await User.fromSql(
and(isNull(Users.instanceId), eq(Users.isAdmin, true)),
);
const knownDomainsCount = await Instance.getCount();
// TODO: fill in more values
return context.json({
approval_required: false,
configuration: {
polls: {
max_characters_per_option:
config.validation.max_poll_option_size,
max_expiration: config.validation.max_poll_duration,
max_options: config.validation.max_poll_options,
min_expiration: config.validation.min_poll_duration,
},
statuses: {
characters_reserved_per_url: 0,
max_characters: config.validation.max_note_size,
max_media_attachments:
config.validation.max_media_attachments,
},
}, },
description: config.instance.description, },
email: "",
invites_enabled: false,
registrations: config.signups.registration,
languages: ["en"],
rules: config.signups.rules.map((r, index) => ({
id: String(index),
text: r,
})),
stats: {
domain_count: knownDomainsCount,
status_count: statusCount,
user_count: userCount,
},
thumbnail: proxyUrl(config.instance.logo),
banner: proxyUrl(config.instance.banner),
title: config.instance.name,
uri: config.http.base_url,
urls: {
streaming_api: "",
},
version: "4.3.0-alpha.3+glitch",
versia_version: version,
sso: {
forced: false,
providers: config.oidc.providers.map((p) => ({
name: p.name,
icon: proxyUrl(p.icon) || undefined,
id: p.id,
})),
},
contact_account: contactAccount?.toApi() || undefined,
} satisfies Record<string, unknown> & {
banner: string | null;
versia_version: string;
sso: {
forced: boolean;
providers: {
id: string;
name: string;
icon?: string;
}[];
};
});
}, },
), },
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
// Get software version from package.json
const version = manifest.version;
const statusCount = await Note.getCount();
const userCount = await User.getCount();
const contactAccount = await User.fromSql(
and(isNull(Users.instanceId), eq(Users.isAdmin, true)),
);
const knownDomainsCount = await Instance.getCount();
// TODO: fill in more values
return context.json({
approval_required: false,
configuration: {
polls: {
max_characters_per_option:
config.validation.max_poll_option_size,
max_expiration: config.validation.max_poll_duration,
max_options: config.validation.max_poll_options,
min_expiration: config.validation.min_poll_duration,
},
statuses: {
characters_reserved_per_url: 0,
max_characters: config.validation.max_note_size,
max_media_attachments:
config.validation.max_media_attachments,
},
},
description: config.instance.description,
email: "",
invites_enabled: false,
registrations: config.signups.registration,
languages: ["en"],
rules: config.signups.rules.map((r, index) => ({
id: String(index),
text: r,
})),
stats: {
domain_count: knownDomainsCount,
status_count: statusCount,
user_count: userCount,
},
thumbnail: proxyUrl(config.instance.logo),
banner: proxyUrl(config.instance.banner),
title: config.instance.name,
uri: config.http.base_url,
urls: {
streaming_api: "",
},
version: "4.3.0-alpha.3+glitch",
versia_version: version,
sso: {
forced: false,
providers: config.oidc.providers.map((p) => ({
name: p.name,
icon: proxyUrl(p.icon) || undefined,
id: p.id,
})),
},
contact_account: contactAccount?.toApi() || undefined,
} satisfies Record<string, unknown> & {
banner: string | null;
versia_version: string;
sso: {
forced: boolean;
providers: {
id: string;
name: string;
icon?: string;
}[];
};
});
}),
); );

48
api/api/v1/instance/privacy_policy.ts
View file

@ -1,5 +1,6 @@
import { apiRoute, applyConfig, auth } from "@/api"; import { apiRoute, applyConfig, auth } from "@/api";
import { renderMarkdownInPath } from "@/markdown"; import { renderMarkdownInPath } from "@/markdown";
import { createRoute, z } from "@hono/zod-openapi";
import { config } from "~/packages/config-manager"; import { config } from "~/packages/config-manager";
export const meta = applyConfig({ export const meta = applyConfig({
@ -14,21 +15,36 @@ export const meta = applyConfig({
}, },
}); });
export default apiRoute((app) => const route = createRoute({
app.on( method: "get",
meta.allowedMethods, path: "/api/v1/instance/privacy_policy",
meta.route, summary: "Get instance privacy policy",
auth(meta.auth, meta.permissions), middleware: [auth(meta.auth)],
async (context) => { responses: {
const { content, lastModified } = await renderMarkdownInPath( 200: {
config.instance.privacy_policy_path ?? "", description: "Instance privacy policy",
"This instance has not provided any privacy policy.", content: {
); "application/json": {
schema: z.object({
return context.json({ updated_at: z.string(),
updated_at: lastModified.toISOString(), content: z.string(),
content, }),
}); },
},
}, },
), },
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
const { content, lastModified } = await renderMarkdownInPath(
config.instance.privacy_policy_path ?? "",
"This instance has not provided any privacy policy.",
);
return context.json({
updated_at: lastModified.toISOString(),
content,
});
}),
); );

47
api/api/v1/instance/rules.ts
View file

@ -1,4 +1,5 @@
import { apiRoute, applyConfig, auth } from "@/api"; import { apiRoute, applyConfig, auth } from "@/api";
import { createRoute, z } from "@hono/zod-openapi";
import { config } from "~/packages/config-manager"; import { config } from "~/packages/config-manager";
export const meta = applyConfig({ export const meta = applyConfig({
@ -13,19 +14,37 @@ export const meta = applyConfig({
}, },
}); });
export default apiRoute((app) => const route = createRoute({
app.on( method: "get",
meta.allowedMethods, path: "/api/v1/instance/rules",
meta.route, summary: "Get instance rules",
auth(meta.auth, meta.permissions), middleware: [auth(meta.auth)],
async (context) => { responses: {
return context.json( 200: {
config.signups.rules.map((rule, index) => ({ description: "Instance rules",
id: String(index), content: {
text: rule, "application/json": {
hint: "", schema: z.array(
})), z.object({
); id: z.string(),
text: z.string(),
hint: z.string(),
}),
),
},
},
}, },
), },
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
return context.json(
config.signups.rules.map((rule, index) => ({
id: String(index),
text: rule,
hint: "",
})),
);
}),
); );

48
api/api/v1/instance/tos.ts
View file

@ -1,5 +1,6 @@
import { apiRoute, applyConfig, auth } from "@/api"; import { apiRoute, applyConfig, auth } from "@/api";
import { renderMarkdownInPath } from "@/markdown"; import { renderMarkdownInPath } from "@/markdown";
import { createRoute, z } from "@hono/zod-openapi";
import { config } from "~/packages/config-manager"; import { config } from "~/packages/config-manager";
export const meta = applyConfig({ export const meta = applyConfig({
@ -14,21 +15,36 @@ export const meta = applyConfig({
}, },
}); });
export default apiRoute((app) => const route = createRoute({
app.on( method: "get",
meta.allowedMethods, path: "/api/v1/instance/tos",
meta.route, summary: "Get instance terms of service",
auth(meta.auth, meta.permissions), middleware: [auth(meta.auth)],
async (context) => { responses: {
const { content, lastModified } = await renderMarkdownInPath( 200: {
config.instance.tos_path ?? "", description: "Instance terms of service",
"This instance has not provided any terms of service.", content: {
); "application/json": {
schema: z.object({
return context.json({ updated_at: z.string(),
updated_at: lastModified.toISOString(), content: z.string(),
content, }),
}); },
},
}, },
), },
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
const { content, lastModified } = await renderMarkdownInPath(
config.instance.tos_path ?? "",
"This instance has not provided any terms of service.",
);
return context.json({
updated_at: lastModified.toISOString(),
content,
});
}),
); );

441
api/api/v1/markers/index.ts
View file

@ -1,16 +1,11 @@
import { import { apiRoute, applyConfig, auth, idValidator } from "@/api";
apiRoute, import { createRoute } from "@hono/zod-openapi";
applyConfig,
auth,
handleZodError,
idValidator,
} from "@/api";
import { zValidator } from "@hono/zod-validator";
import type { Marker as ApiMarker } from "@versia/client/types"; import type { Marker as ApiMarker } from "@versia/client/types";
import { and, count, eq } from "drizzle-orm"; import { and, count, eq } from "drizzle-orm";
import { z } from "zod"; import { z } from "zod";
import { db } from "~/drizzle/db"; import { db } from "~/drizzle/db";
import { Markers, RolePermissions } from "~/drizzle/schema"; import { Markers, RolePermissions } from "~/drizzle/schema";
import { ErrorSchema } from "~/types/api";
export const meta = applyConfig({ export const meta = applyConfig({
allowedMethods: ["GET", "POST"], allowedMethods: ["GET", "POST"],
@ -29,191 +24,255 @@ export const meta = applyConfig({
}); });
export const schemas = { export const schemas = {
query: z.object({ markers: z.object({
"timeline[]": z home: z
.array(z.enum(["home", "notifications"])) .object({
.max(2) last_read_id: z.string().regex(idValidator),
.or(z.enum(["home", "notifications"])) version: z.number(),
updated_at: z.string(),
})
.nullable()
.optional(),
notifications: z
.object({
last_read_id: z.string().regex(idValidator),
version: z.number(),
updated_at: z.string(),
})
.nullable()
.optional(), .optional(),
"home[last_read_id]": z.string().regex(idValidator).optional(),
"notifications[last_read_id]": z.string().regex(idValidator).optional(),
}), }),
}; };
export default apiRoute((app) => const routeGet = createRoute({
app.on( method: "get",
meta.allowedMethods, path: "/api/v1/markers",
meta.route, summary: "Get markers",
zValidator("query", schemas.query, handleZodError), middleware: [auth(meta.auth, meta.permissions)],
auth(meta.auth, meta.permissions), request: {
async (context) => { query: z.object({
const { "timeline[]": timelines } = context.req.valid("query"); "timeline[]": z
const { user } = context.get("auth"); .array(z.enum(["home", "notifications"]))
.max(2)
const timeline = Array.isArray(timelines) ? timelines : []; .or(z.enum(["home", "notifications"]))
.optional(),
if (!user) { }),
return context.json({ error: "Unauthorized" }, 401); },
} responses: {
200: {
switch (context.req.method) { description: "Markers",
case "GET": { content: {
if (!timeline) { "application/json": {
return context.json({}); schema: schemas.markers,
} },
},
const markers: ApiMarker = {
home: undefined,
notifications: undefined,
};
if (timeline.includes("home")) {
const found = await db.query.Markers.findFirst({
where: (marker, { and, eq }) =>
and(
eq(marker.userId, user.id),
eq(marker.timeline, "home"),
),
});
const totalCount = await db
.select({
count: count(),
})
.from(Markers)
.where(
and(
eq(Markers.userId, user.id),
eq(Markers.timeline, "home"),
),
);
if (found?.noteId) {
markers.home = {
last_read_id: found.noteId,
version: totalCount[0].count,
updated_at: new Date(
found.createdAt,
).toISOString(),
};
}
}
if (timeline.includes("notifications")) {
const found = await db.query.Markers.findFirst({
where: (marker, { and, eq }) =>
and(
eq(marker.userId, user.id),
eq(marker.timeline, "notifications"),
),
});
const totalCount = await db
.select({
count: count(),
})
.from(Markers)
.where(
and(
eq(Markers.userId, user.id),
eq(Markers.timeline, "notifications"),
),
);
if (found?.notificationId) {
markers.notifications = {
last_read_id: found.notificationId,
version: totalCount[0].count,
updated_at: new Date(
found.createdAt,
).toISOString(),
};
}
}
return context.json(markers);
}
case "POST": {
const {
"home[last_read_id]": homeId,
"notifications[last_read_id]": notificationsId,
} = context.req.valid("query");
const markers: ApiMarker = {
home: undefined,
notifications: undefined,
};
if (homeId) {
const insertedMarker = (
await db
.insert(Markers)
.values({
userId: user.id,
timeline: "home",
noteId: homeId,
})
.returning()
)[0];
const totalCount = await db
.select({
count: count(),
})
.from(Markers)
.where(
and(
eq(Markers.userId, user.id),
eq(Markers.timeline, "home"),
),
);
markers.home = {
last_read_id: homeId,
version: totalCount[0].count,
updated_at: new Date(
insertedMarker.createdAt,
).toISOString(),
};
}
if (notificationsId) {
const insertedMarker = (
await db
.insert(Markers)
.values({
userId: user.id,
timeline: "notifications",
notificationId: notificationsId,
})
.returning()
)[0];
const totalCount = await db
.select({
count: count(),
})
.from(Markers)
.where(
and(
eq(Markers.userId, user.id),
eq(Markers.timeline, "notifications"),
),
);
markers.notifications = {
last_read_id: notificationsId,
version: totalCount[0].count,
updated_at: new Date(
insertedMarker.createdAt,
).toISOString(),
};
}
return context.json(markers);
}
}
}, },
), 401: {
); description: "Unauthorized",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
},
});
const routePost = createRoute({
method: "post",
path: "/api/v1/markers",
summary: "Update markers",
middleware: [auth(meta.auth, meta.permissions)],
request: {
query: z.object({
"home[last_read_id]": z.string().regex(idValidator).optional(),
"notifications[last_read_id]": z
.string()
.regex(idValidator)
.optional(),
}),
},
responses: {
200: {
description: "Markers",
content: {
"application/json": {
schema: schemas.markers,
},
},
},
401: {
description: "Unauthorized",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
},
});
export default apiRoute((app) => {
app.openapi(routeGet, async (context) => {
const { "timeline[]": timelines } = context.req.valid("query");
const { user } = context.get("auth");
const timeline = Array.isArray(timelines) ? timelines : [];
if (!user) {
return context.json({ error: "Unauthorized" }, 401);
}
if (!timeline) {
return context.json({}, 200);
}
const markers: ApiMarker = {
home: undefined,
notifications: undefined,
};
if (timeline.includes("home")) {
const found = await db.query.Markers.findFirst({
where: (marker, { and, eq }) =>
and(
eq(marker.userId, user.id),
eq(marker.timeline, "home"),
),
});
const totalCount = await db
.select({
count: count(),
})
.from(Markers)
.where(
and(
eq(Markers.userId, user.id),
eq(Markers.timeline, "home"),
),
);
if (found?.noteId) {
markers.home = {
last_read_id: found.noteId,
version: totalCount[0].count,
updated_at: new Date(found.createdAt).toISOString(),
};
}
}
if (timeline.includes("notifications")) {
const found = await db.query.Markers.findFirst({
where: (marker, { and, eq }) =>
and(
eq(marker.userId, user.id),
eq(marker.timeline, "notifications"),
),
});
const totalCount = await db
.select({
count: count(),
})
.from(Markers)
.where(
and(
eq(Markers.userId, user.id),
eq(Markers.timeline, "notifications"),
),
);
if (found?.notificationId) {
markers.notifications = {
last_read_id: found.notificationId,
version: totalCount[0].count,
updated_at: new Date(found.createdAt).toISOString(),
};
}
}
return context.json(markers, 200);
});
app.openapi(routePost, async (context) => {
const {
"home[last_read_id]": homeId,
"notifications[last_read_id]": notificationsId,
} = context.req.valid("query");
const { user } = context.get("auth");
if (!user) {
return context.json({ error: "Unauthorized" }, 401);
}
const markers: ApiMarker = {
home: undefined,
notifications: undefined,
};
if (homeId) {
const insertedMarker = (
await db
.insert(Markers)
.values({
userId: user.id,
timeline: "home",
noteId: homeId,
})
.returning()
)[0];
const totalCount = await db
.select({
count: count(),
})
.from(Markers)
.where(
and(
eq(Markers.userId, user.id),
eq(Markers.timeline, "home"),
),
);
markers.home = {
last_read_id: homeId,
version: totalCount[0].count,
updated_at: new Date(insertedMarker.createdAt).toISOString(),
};
}
if (notificationsId) {
const insertedMarker = (
await db
.insert(Markers)
.values({
userId: user.id,
timeline: "notifications",
notificationId: notificationsId,
})
.returning()
)[0];
const totalCount = await db
.select({
count: count(),
})
.from(Markers)
.where(
and(
eq(Markers.userId, user.id),
eq(Markers.timeline, "notifications"),
),
);
markers.notifications = {
last_read_id: notificationsId,
version: totalCount[0].count,
updated_at: new Date(insertedMarker.createdAt).toISOString(),
};
}
return context.json(markers, 200);
});
});

206
api/api/v1/media/:id/index.ts
View file

@ -1,16 +1,11 @@
import { import { apiRoute, applyConfig, auth } from "@/api";
apiRoute, import { createRoute } from "@hono/zod-openapi";
applyConfig,
auth,
handleZodError,
idValidator,
} from "@/api";
import { zValidator } from "@hono/zod-validator";
import { z } from "zod"; import { z } from "zod";
import { MediaManager } from "~/classes/media/media-manager"; import { MediaManager } from "~/classes/media/media-manager";
import { RolePermissions } from "~/drizzle/schema"; import { RolePermissions } from "~/drizzle/schema";
import { config } from "~/packages/config-manager/index"; import { config } from "~/packages/config-manager/index";
import { Attachment } from "~/packages/database-interface/attachment"; import { Attachment } from "~/packages/database-interface/attachment";
import { ErrorSchema } from "~/types/api";
export const meta = applyConfig({ export const meta = applyConfig({
allowedMethods: ["GET", "PUT"], allowedMethods: ["GET", "PUT"],
@ -30,7 +25,7 @@ export const meta = applyConfig({
export const schemas = { export const schemas = {
param: z.object({ param: z.object({
id: z.string(), id: z.string().uuid(),
}), }),
form: z.object({ form: z.object({
thumbnail: z.instanceof(File).optional(), thumbnail: z.instanceof(File).optional(),
@ -42,69 +37,132 @@ export const schemas = {
}), }),
}; };
export default apiRoute((app) => const routePut = createRoute({
app.on( method: "put",
meta.allowedMethods, path: "/api/v1/media/{id}",
meta.route, summary: "Update media",
zValidator("param", schemas.param, handleZodError), middleware: [auth(meta.auth, meta.permissions)],
zValidator("form", schemas.form, handleZodError), request: {
auth(meta.auth, meta.permissions), params: schemas.param,
async (context) => { body: {
const { id } = context.req.valid("param"); content: {
"multipart/form-data": {
if (!id.match(idValidator)) { schema: schemas.form,
return context.json( },
{ error: "Invalid ID, must be of type UUIDv7" }, },
404,
);
}
const attachment = await Attachment.fromId(id);
if (!attachment) {
return context.json({ error: "Media not found" }, 404);
}
switch (context.req.method) {
case "GET": {
if (attachment.data.url) {
return context.json(attachment.toApi());
}
return context.newResponse(null, 206);
}
case "PUT": {
const { description, thumbnail } =
context.req.valid("form");
let thumbnailUrl = attachment.data.thumbnailUrl;
const mediaManager = new MediaManager(config);
if (thumbnail) {
const { path } = await mediaManager.addFile(thumbnail);
thumbnailUrl = Attachment.getUrl(path);
}
const descriptionText =
description || attachment.data.description;
if (
descriptionText !== attachment.data.description ||
thumbnailUrl !== attachment.data.thumbnailUrl
) {
await attachment.update({
description: descriptionText,
thumbnailUrl,
});
return context.json(attachment.toApi());
}
return context.json(attachment.toApi());
}
}
return context.json({ error: "Method not allowed" }, 405);
}, },
), },
); responses: {
204: {
description: "Media updated",
content: {
"application/json": {
schema: Attachment.schema,
},
},
},
401: {
description: "Unauthorized",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
404: {
description: "Media not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
},
});
const routeGet = createRoute({
method: "get",
path: "/api/v1/media/{id}",
summary: "Get media",
middleware: [auth(meta.auth, meta.permissions)],
request: {
params: schemas.param,
},
responses: {
200: {
description: "Media",
content: {
"application/json": {
schema: Attachment.schema,
},
},
},
404: {
description: "Media not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
401: {
description: "Unauthorized",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
},
});
export default apiRoute((app) => {
app.openapi(routePut, async (context) => {
const { id } = context.req.valid("param");
const attachment = await Attachment.fromId(id);
if (!attachment) {
return context.json({ error: "Media not found" }, 404);
}
const { description, thumbnail } = context.req.valid("form");
let thumbnailUrl = attachment.data.thumbnailUrl;
const mediaManager = new MediaManager(config);
if (thumbnail) {
const { path } = await mediaManager.addFile(thumbnail);
thumbnailUrl = Attachment.getUrl(path);
}
const descriptionText = description || attachment.data.description;
if (
descriptionText !== attachment.data.description ||
thumbnailUrl !== attachment.data.thumbnailUrl
) {
await attachment.update({
description: descriptionText,
thumbnailUrl,
});
return context.json(attachment.toApi(), 204);
}
return context.json(attachment.toApi(), 204);
});
app.openapi(routeGet, async (context) => {
const { id } = context.req.valid("param");
const attachment = await Attachment.fromId(id);
if (!attachment) {
return context.json({ error: "Media not found" }, 404);
}
return context.json(attachment.toApi(), 200);
});
});

175
api/api/v1/media/index.ts
View file

@ -1,11 +1,12 @@
import { apiRoute, applyConfig, auth, handleZodError } from "@/api"; import { apiRoute, applyConfig, auth } from "@/api";
import { zValidator } from "@hono/zod-validator"; import { createRoute } from "@hono/zod-openapi";
import sharp from "sharp"; import sharp from "sharp";
import { z } from "zod"; import { z } from "zod";
import { MediaManager } from "~/classes/media/media-manager"; import { MediaManager } from "~/classes/media/media-manager";
import { RolePermissions } from "~/drizzle/schema"; import { RolePermissions } from "~/drizzle/schema";
import { config } from "~/packages/config-manager/index"; import { config } from "~/packages/config-manager/index";
import { Attachment } from "~/packages/database-interface/attachment"; import { Attachment } from "~/packages/database-interface/attachment";
import { ErrorSchema } from "~/types/api";
export const meta = applyConfig({ export const meta = applyConfig({
allowedMethods: ["POST"], allowedMethods: ["POST"],
@ -35,68 +36,112 @@ export const schemas = {
}), }),
}; };
export default apiRoute((app) => const route = createRoute({
app.on( method: "post",
meta.allowedMethods, path: "/api/v1/media",
meta.route, summary: "Upload media",
zValidator("form", schemas.form, handleZodError), middleware: [auth(meta.auth, meta.permissions)],
auth(meta.auth, meta.permissions), request: {
async (context) => { body: {
const { file, thumbnail, description } = context.req.valid("form"); content: {
"multipart/form-data": {
if (file.size > config.validation.max_media_size) { schema: schemas.form,
return context.json( },
{ },
error: `File too large, max size is ${config.validation.max_media_size} bytes`,
},
413,
);
}
if (
config.validation.enforce_mime_types &&
!config.validation.allowed_mime_types.includes(file.type)
) {
return context.json({ error: "Invalid file type" }, 415);
}
const sha256 = new Bun.SHA256();
const isImage = file.type.startsWith("image/");
const metadata = isImage
? await sharp(await file.arrayBuffer()).metadata()
: null;
const mediaManager = new MediaManager(config);
const { path, blurhash } = await mediaManager.addFile(file);
const url = Attachment.getUrl(path);
let thumbnailUrl = "";
if (thumbnail) {
const { path } = await mediaManager.addFile(thumbnail);
thumbnailUrl = Attachment.getUrl(path);
}
const newAttachment = await Attachment.insert({
url,
thumbnailUrl,
sha256: sha256.update(await file.arrayBuffer()).digest("hex"),
mimeType: file.type,
description: description ?? "",
size: file.size,
blurhash: blurhash ?? undefined,
width: metadata?.width ?? undefined,
height: metadata?.height ?? undefined,
});
// TODO: Add job to process videos and other media
return context.json(newAttachment.toApi());
}, },
), },
responses: {
200: {
description: "Attachment",
content: {
"application/json": {
schema: Attachment.schema,
},
},
},
401: {
description: "Unauthorized",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
413: {
description: "File too large",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
415: {
description: "Disallowed file type",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
},
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
const { file, thumbnail, description } = context.req.valid("form");
if (file.size > config.validation.max_media_size) {
return context.json(
{
error: `File too large, max size is ${config.validation.max_media_size} bytes`,
},
413,
);
}
if (
config.validation.enforce_mime_types &&
!config.validation.allowed_mime_types.includes(file.type)
) {
return context.json({ error: "Disallowed file type" }, 415);
}
const sha256 = new Bun.SHA256();
const isImage = file.type.startsWith("image/");
const metadata = isImage
? await sharp(await file.arrayBuffer()).metadata()
: null;
const mediaManager = new MediaManager(config);
const { path, blurhash } = await mediaManager.addFile(file);
const url = Attachment.getUrl(path);
let thumbnailUrl = "";
if (thumbnail) {
const { path } = await mediaManager.addFile(thumbnail);
thumbnailUrl = Attachment.getUrl(path);
}
const newAttachment = await Attachment.insert({
url,
thumbnailUrl,
sha256: sha256.update(await file.arrayBuffer()).digest("hex"),
mimeType: file.type,
description: description ?? "",
size: file.size,
blurhash: blurhash ?? undefined,
width: metadata?.width ?? undefined,
height: metadata?.height ?? undefined,
});
// TODO: Add job to process videos and other media
return context.json(newAttachment.toApi(), 200);
}),
); );

99
api/api/v1/mutes/index.ts
View file

@ -1,15 +1,11 @@
import { import { apiRoute, applyConfig, auth, idValidator } from "@/api";
apiRoute, import { createRoute } from "@hono/zod-openapi";
applyConfig,
auth,
handleZodError,
idValidator,
} from "@/api";
import { zValidator } from "@hono/zod-validator";
import { and, gt, gte, lt, sql } from "drizzle-orm"; import { and, gt, gte, lt, sql } from "drizzle-orm";
import { z } from "zod"; import { z } from "zod";
import { RolePermissions, Users } from "~/drizzle/schema"; import { RolePermissions, Users } from "~/drizzle/schema";
import { Timeline } from "~/packages/database-interface/timeline"; import { Timeline } from "~/packages/database-interface/timeline";
import { User } from "~/packages/database-interface/user";
import { ErrorSchema } from "~/types/api";
export const meta = applyConfig({ export const meta = applyConfig({
allowedMethods: ["GET"], allowedMethods: ["GET"],
@ -36,39 +32,60 @@ export const schemas = {
}), }),
}; };
export default apiRoute((app) => const route = createRoute({
app.on( method: "get",
meta.allowedMethods, path: "/api/v1/mutes",
meta.route, summary: "Get muted users",
zValidator("query", schemas.query, handleZodError), middleware: [auth(meta.auth, meta.permissions)],
auth(meta.auth, meta.permissions), request: {
async (context) => { query: schemas.query,
const { max_id, since_id, limit, min_id } = },
context.req.valid("query"); responses: {
const { user } = context.get("auth"); 200: {
description: "Muted users",
if (!user) { content: {
return context.json({ error: "Unauthorized" }, 401); "application/json": {
} schema: z.array(User.schema),
const { objects: mutes, link } = await Timeline.getUserTimeline(
and(
max_id ? lt(Users.id, max_id) : undefined,
since_id ? gte(Users.id, since_id) : undefined,
min_id ? gt(Users.id, min_id) : undefined,
sql`EXISTS (SELECT 1 FROM "Relationships" WHERE "Relationships"."subjectId" = ${Users.id} AND "Relationships"."ownerId" = ${user.id} AND "Relationships"."muting" = true)`,
),
limit,
context.req.url,
);
return context.json(
mutes.map((u) => u.toApi()),
200,
{
Link: link,
}, },
); },
}, },
), 401: {
description: "Unauthorized",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
},
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
const { max_id, since_id, limit, min_id } = context.req.valid("query");
const { user } = context.get("auth");
if (!user) {
return context.json({ error: "Unauthorized" }, 401);
}
const { objects: mutes, link } = await Timeline.getUserTimeline(
and(
max_id ? lt(Users.id, max_id) : undefined,
since_id ? gte(Users.id, since_id) : undefined,
min_id ? gt(Users.id, min_id) : undefined,
sql`EXISTS (SELECT 1 FROM "Relationships" WHERE "Relationships"."subjectId" = ${Users.id} AND "Relationships"."ownerId" = ${user.id} AND "Relationships"."muting" = true)`,
),
limit,
context.req.url,
);
return context.json(
mutes.map((u) => u.toApi()),
200,
{
Link: link,
},
);
}),
); );

7
packages/database-interface/attachment.ts
View file

@ -1,8 +1,5 @@
import { proxyUrl } from "@/response"; import { proxyUrl } from "@/response";
import type { import type { Attachment as ApiAttachment } from "@versia/client/types";
AsyncAttachment as ApiAsyncAttachment,
Attachment as ApiAttachment,
} from "@versia/client/types";
import type { ContentFormat } from "@versia/federation/types"; import type { ContentFormat } from "@versia/federation/types";
import { import {
type InferInsertModel, type InferInsertModel,
@ -212,7 +209,7 @@ export class Attachment extends BaseInterface<typeof Attachments> {
}; };
} }
public toApi(): ApiAttachment | ApiAsyncAttachment { public toApi(): ApiAttachment {
return { return {
id: this.data.id, id: this.data.id,
type: this.getMastodonType(), type: this.getMastodonType(),