mirror of
https://github.com/versia-pub/server.git
synced 2025-12-06 08:28:19 +01:00
refactor(api): ♻️ Improve authentication checker API
This commit is contained in:
Jesse Wierzbinski
parent
621dd7e9d9
commit
dc12b269f5
|
|
@ -35,7 +35,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/block",
|
||||
summary: "Block user",
|
||||
description: "Block a user",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:blocks"],
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnBlocks,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "Updated relationship",
|
||||
|
|
|
|||
|
|
@ -46,7 +46,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/follow",
|
||||
summary: "Follow user",
|
||||
description: "Follow a user",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:follows"],
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnFollows,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "Updated relationship",
|
||||
|
|
|
|||
|
|
@ -43,7 +43,16 @@ const route = createRoute({
|
|||
summary: "Get account followers",
|
||||
description:
|
||||
"Gets an paginated list of accounts that follow the specified account",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
scopes: ["read:accounts"],
|
||||
permissions: [
|
||||
RolePermissions.ViewAccountFollows,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
query: schemas.query,
|
||||
|
|
|
|||
|
|
@ -43,7 +43,16 @@ const route = createRoute({
|
|||
summary: "Get account following",
|
||||
description:
|
||||
"Gets an paginated list of accounts that the specified account follows",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
scopes: ["read:accounts"],
|
||||
permissions: [
|
||||
RolePermissions.ViewAccountFollows,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
query: schemas.query,
|
||||
|
|
|
|||
|
|
@ -32,7 +32,12 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}",
|
||||
summary: "Get account data",
|
||||
description: "Gets the specified account data",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
permissions: [RolePermissions.ViewAccounts],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -44,7 +44,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/mute",
|
||||
summary: "Mute user",
|
||||
description: "Mute a user",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:mutes"],
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnMutes,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
body: {
|
||||
|
|
@ -90,10 +99,6 @@ export default apiRoute((app) =>
|
|||
// TODO: Add duration support
|
||||
const { notifications } = context.req.valid("json");
|
||||
|
||||
if (!user) {
|
||||
throw new ApiError(401, "Unauthorized");
|
||||
}
|
||||
|
||||
const otherUser = await User.fromId(id);
|
||||
|
||||
if (!otherUser) {
|
||||
|
|
|
|||
|
|
@ -38,7 +38,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/note",
|
||||
summary: "Set note",
|
||||
description: "Set a note on a user's profile, visible only to you",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:accounts"],
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnAccount,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
body: {
|
||||
|
|
|
|||
|
|
@ -35,7 +35,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/pin",
|
||||
summary: "Pin user",
|
||||
description: "Pin a user to your profile",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:accounts"],
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnAccount,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -32,7 +32,13 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/refetch",
|
||||
summary: "Refetch user",
|
||||
description: "Refetch a user's profile from the remote server",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:accounts"],
|
||||
permissions: [RolePermissions.ViewAccounts],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -35,7 +35,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/remove_from_followers",
|
||||
summary: "Remove user from followers",
|
||||
description: "Remove a user from your followers",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:follows"],
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnFollows,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -35,7 +35,12 @@ const routePost = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/accounts/{id}/roles/{role_id}",
|
||||
summary: "Assign role to user",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageRoles],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
@ -74,7 +79,12 @@ const routeDelete = createRoute({
|
|||
method: "delete",
|
||||
path: "/api/v1/accounts/{id}/roles/{role_id}",
|
||||
summary: "Remove role from user",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageRoles],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -29,7 +29,11 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/accounts/{id}/roles",
|
||||
summary: "List user roles",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -59,7 +59,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/statuses",
|
||||
summary: "Get account statuses",
|
||||
description: "Gets an paginated list of statuses by the specified account",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
permissions: [
|
||||
RolePermissions.ViewNotes,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
scopes: ["read:statuses"],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
query: schemas.query,
|
||||
|
|
|
|||
|
|
@ -35,7 +35,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/unblock",
|
||||
summary: "Unblock user",
|
||||
description: "Unblock a user",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:blocks"],
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnBlocks,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -35,7 +35,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/unfollow",
|
||||
summary: "Unfollow user",
|
||||
description: "Unfollow a user",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:follows"],
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnFollows,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -35,7 +35,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/unmute",
|
||||
summary: "Unmute user",
|
||||
description: "Unmute a user",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:mutes"],
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnMutes,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -35,7 +35,16 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/{id}/unpin",
|
||||
summary: "Unpin user",
|
||||
description: "Unpin a user from your profile",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:accounts"],
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnAccount,
|
||||
RolePermissions.ViewAccounts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -39,7 +39,14 @@ const route = createRoute({
|
|||
summary: "Get familiar followers",
|
||||
description:
|
||||
"Obtain a list of all accounts that follow a given account, filtered for accounts you follow.",
|
||||
middleware: [auth(meta.auth, meta.permissions), qsQuery()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["read:follows"],
|
||||
permissions: [RolePermissions.ManageOwnFollows],
|
||||
}),
|
||||
qsQuery(),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -33,7 +33,12 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/id",
|
||||
summary: "Get account by username",
|
||||
description: "Get an account by username",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
permissions: [RolePermissions.Search],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -44,7 +44,11 @@ const route = createRoute({
|
|||
summary: "Create account",
|
||||
description: "Register a new account",
|
||||
middleware: [
|
||||
auth(meta.auth, meta.permissions, meta.challenge),
|
||||
auth({
|
||||
auth: false,
|
||||
scopes: ["write:accounts"],
|
||||
challenge: true,
|
||||
}),
|
||||
jsonOrForm(),
|
||||
],
|
||||
request: {
|
||||
|
|
|
|||
|
|
@ -34,7 +34,12 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/lookup",
|
||||
summary: "Lookup account",
|
||||
description: "Lookup an account by acct",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
permissions: [RolePermissions.Search],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -32,7 +32,14 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/relationships",
|
||||
summary: "Get relationships",
|
||||
description: "Get relationships by account ID",
|
||||
middleware: [auth(meta.auth, meta.permissions), qsQuery()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["read:follows"],
|
||||
permissions: [RolePermissions.ManageOwnFollows],
|
||||
}),
|
||||
qsQuery(),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -50,7 +50,13 @@ export const route = createRoute({
|
|||
path: "/api/v1/accounts/search",
|
||||
summary: "Search accounts",
|
||||
description: "Search for accounts",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
permissions: [RolePermissions.Search, RolePermissions.ViewAccounts],
|
||||
scopes: ["read:accounts"],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -151,7 +151,14 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/update_credentials",
|
||||
summary: "Update credentials",
|
||||
description: "Update user credentials",
|
||||
middleware: [auth(meta.auth, meta.permissions), jsonOrForm()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnAccount],
|
||||
scopes: ["write:accounts"],
|
||||
}),
|
||||
jsonOrForm(),
|
||||
] as const,
|
||||
request: {
|
||||
body: {
|
||||
content: {
|
||||
|
|
|
|||
|
|
@ -21,7 +21,12 @@ const route = createRoute({
|
|||
path: "/api/v1/accounts/verify_credentials",
|
||||
summary: "Verify credentials",
|
||||
description: "Get your own account information",
|
||||
middleware: [auth(meta.auth)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["read:accounts"],
|
||||
}),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "Account",
|
||||
|
|
|
|||
|
|
@ -24,7 +24,12 @@ const route = createRoute({
|
|||
path: "/api/v1/apps/verify_credentials",
|
||||
summary: "Verify credentials",
|
||||
description: "Get your own application information",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnApps],
|
||||
}),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "Application",
|
||||
|
|
|
|||
|
|
@ -36,7 +36,13 @@ const route = createRoute({
|
|||
path: "/api/v1/blocks",
|
||||
summary: "Get blocks",
|
||||
description: "Get users you have blocked",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["read:blocks"],
|
||||
permissions: [RolePermissions.ManageOwnBlocks],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -24,7 +24,11 @@ const route = createRoute({
|
|||
path: "/api/v1/challenges",
|
||||
summary: "Generate a challenge",
|
||||
description: "Generate a challenge to solve",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
}),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "Challenge",
|
||||
|
|
|
|||
|
|
@ -23,7 +23,12 @@ const route = createRoute({
|
|||
path: "/api/v1/custom_emojis",
|
||||
summary: "Get custom emojis",
|
||||
description: "Get custom emojis",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
permissions: [RolePermissions.ViewEmojis],
|
||||
}),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "Emojis",
|
||||
|
|
|
|||
|
|
@ -71,7 +71,12 @@ const routeGet = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/emojis/{id}",
|
||||
summary: "Get emoji data",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ViewEmojis],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
@ -92,14 +97,6 @@ const routeGet = createRoute({
|
|||
},
|
||||
},
|
||||
},
|
||||
403: {
|
||||
description: "Insufficient credentials",
|
||||
content: {
|
||||
"application/json": {
|
||||
schema: ErrorSchema,
|
||||
},
|
||||
},
|
||||
},
|
||||
404: {
|
||||
description: "Emoji not found",
|
||||
content: {
|
||||
|
|
@ -115,7 +112,16 @@ const routePatch = createRoute({
|
|||
method: "patch",
|
||||
path: "/api/v1/emojis/{id}",
|
||||
summary: "Modify emoji",
|
||||
middleware: [auth(meta.auth, meta.permissions), jsonOrForm()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnEmojis,
|
||||
RolePermissions.ViewEmojis,
|
||||
],
|
||||
}),
|
||||
jsonOrForm(),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
body: {
|
||||
|
|
@ -180,7 +186,15 @@ const routeDelete = createRoute({
|
|||
method: "delete",
|
||||
path: "/api/v1/emojis/{id}",
|
||||
summary: "Delete emoji",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnEmojis,
|
||||
RolePermissions.ViewEmojis,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
@ -222,16 +236,12 @@ export default apiRoute((app) => {
|
|||
throw new ApiError(404, "Emoji not found");
|
||||
}
|
||||
|
||||
// Check if user is admin
|
||||
// Don't leak non-global emojis to non-admins
|
||||
if (
|
||||
!user.hasPermission(RolePermissions.ManageEmojis) &&
|
||||
emoji.data.ownerId !== user.data.id
|
||||
) {
|
||||
throw new ApiError(
|
||||
403,
|
||||
"Cannot modify emoji not owned by you",
|
||||
`This emoji is either global (and you do not have the '${RolePermissions.ManageEmojis}' permission) or not owned by you`,
|
||||
);
|
||||
throw new ApiError(404, "Emoji not found");
|
||||
}
|
||||
|
||||
return context.json(emoji.toApi(), 200);
|
||||
|
|
|
|||
|
|
@ -67,7 +67,16 @@ const route = createRoute({
|
|||
path: "/api/v1/emojis",
|
||||
summary: "Upload emoji",
|
||||
description: "Upload an emoji",
|
||||
middleware: [auth(meta.auth, meta.permissions), jsonOrForm()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnEmojis,
|
||||
RolePermissions.ViewEmojis,
|
||||
],
|
||||
}),
|
||||
jsonOrForm(),
|
||||
] as const,
|
||||
request: {
|
||||
body: {
|
||||
content: {
|
||||
|
|
|
|||
|
|
@ -34,7 +34,12 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/favourites",
|
||||
summary: "Get favourites",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnLikes],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -30,7 +30,12 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/follow_requests/{account_id}/authorize",
|
||||
summary: "Authorize follow request",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnFollows],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -30,7 +30,12 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/follow_requests/{account_id}/reject",
|
||||
summary: "Reject follow request",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnFollows],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -34,7 +34,12 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/follow_requests",
|
||||
summary: "Get follow requests",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnFollows],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -22,7 +22,11 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/instance",
|
||||
summary: "Get instance information",
|
||||
middleware: [auth(meta.auth)],
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
}),
|
||||
],
|
||||
responses: {
|
||||
200: {
|
||||
description: "Instance information",
|
||||
|
|
|
|||
|
|
@ -18,7 +18,11 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/instance/privacy_policy",
|
||||
summary: "Get instance privacy policy",
|
||||
middleware: [auth(meta.auth)],
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
}),
|
||||
],
|
||||
responses: {
|
||||
200: {
|
||||
description: "Instance privacy policy",
|
||||
|
|
|
|||
|
|
@ -17,7 +17,11 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/instance/rules",
|
||||
summary: "Get instance rules",
|
||||
middleware: [auth(meta.auth)],
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
}),
|
||||
],
|
||||
responses: {
|
||||
200: {
|
||||
description: "Instance rules",
|
||||
|
|
|
|||
|
|
@ -18,7 +18,11 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/instance/tos",
|
||||
summary: "Get instance terms of service",
|
||||
middleware: [auth(meta.auth)],
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
}),
|
||||
],
|
||||
responses: {
|
||||
200: {
|
||||
description: "Instance terms of service",
|
||||
|
|
|
|||
|
|
@ -48,7 +48,12 @@ const routeGet = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/markers",
|
||||
summary: "Get markers",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnAccount],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: z.object({
|
||||
"timeline[]": z
|
||||
|
|
@ -82,7 +87,12 @@ const routePost = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/markers",
|
||||
summary: "Update markers",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnAccount],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: z.object({
|
||||
"home[last_read_id]": z.string().regex(idValidator).optional(),
|
||||
|
|
|
|||
|
|
@ -41,7 +41,13 @@ const routePut = createRoute({
|
|||
method: "put",
|
||||
path: "/api/v1/media/{id}",
|
||||
summary: "Update media",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:media"],
|
||||
permissions: [RolePermissions.ManageOwnMedia],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
body: {
|
||||
|
|
@ -84,7 +90,12 @@ const routeGet = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/media/{id}",
|
||||
summary: "Get media",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnMedia],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -40,7 +40,13 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/media",
|
||||
summary: "Upload media",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:media"],
|
||||
permissions: [RolePermissions.ManageOwnMedia],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
body: {
|
||||
content: {
|
||||
|
|
|
|||
|
|
@ -35,7 +35,13 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/mutes",
|
||||
summary: "Get muted users",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["read:mutes"],
|
||||
permissions: [RolePermissions.ManageOwnMutes],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -31,7 +31,13 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/notifications/{id}/dismiss",
|
||||
summary: "Dismiss notification",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:notifications"],
|
||||
permissions: [RolePermissions.ManageOwnNotifications],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -31,14 +31,24 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/notifications/{id}",
|
||||
summary: "Get notification",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnNotifications],
|
||||
scopes: ["read:notifications"],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
responses: {
|
||||
200: {
|
||||
description: "Notification",
|
||||
schema: Notification.schema,
|
||||
content: {
|
||||
"application/json": {
|
||||
schema: Notification.schema,
|
||||
},
|
||||
},
|
||||
},
|
||||
401: {
|
||||
description: "Unauthorized",
|
||||
|
|
|
|||
|
|
@ -23,7 +23,13 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/notifications/clear",
|
||||
summary: "Clear notifications",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnNotifications],
|
||||
scopes: ["write:notifications"],
|
||||
}),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "Notifications cleared",
|
||||
|
|
|
|||
|
|
@ -30,7 +30,13 @@ const route = createRoute({
|
|||
method: "delete",
|
||||
path: "/api/v1/notifications/destroy_multiple",
|
||||
summary: "Dismiss multiple notifications",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnNotifications],
|
||||
scopes: ["write:notifications"],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ export const meta = applyConfig({
|
|||
permissions: {
|
||||
required: [
|
||||
RolePermissions.ManageOwnNotifications,
|
||||
RolePermissions.ViewPrimateTimelines,
|
||||
RolePermissions.ViewPrivateTimelines,
|
||||
],
|
||||
},
|
||||
});
|
||||
|
|
@ -94,7 +94,15 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/notifications",
|
||||
summary: "Get notifications",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnNotifications,
|
||||
RolePermissions.ViewPrivateTimelines,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -23,7 +23,13 @@ const route = createRoute({
|
|||
method: "delete",
|
||||
path: "/api/v1/profile/avatar",
|
||||
summary: "Delete avatar",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnAccount],
|
||||
scopes: ["write:account"],
|
||||
}),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "User",
|
||||
|
|
|
|||
|
|
@ -23,7 +23,13 @@ const route = createRoute({
|
|||
method: "delete",
|
||||
path: "/api/v1/profile/header",
|
||||
summary: "Delete header",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnAccount],
|
||||
scopes: ["write:account"],
|
||||
}),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "User",
|
||||
|
|
|
|||
|
|
@ -34,7 +34,11 @@ const routeGet = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/roles/{id}",
|
||||
summary: "Get role data",
|
||||
middleware: [auth(meta.auth)],
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
}),
|
||||
],
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
@ -70,7 +74,12 @@ const routePatch = createRoute({
|
|||
method: "patch",
|
||||
path: "/api/v1/roles/{id}",
|
||||
summary: "Update role data",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageRoles],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
body: {
|
||||
|
|
@ -116,7 +125,12 @@ const routeDelete = createRoute({
|
|||
method: "delete",
|
||||
path: "/api/v1/roles/{id}",
|
||||
summary: "Delete role",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageRoles],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -29,7 +29,11 @@ const routeGet = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/roles",
|
||||
summary: "Get all roles",
|
||||
middleware: [auth(meta.auth)],
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
}),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "List of all roles",
|
||||
|
|
@ -54,7 +58,12 @@ const routePost = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/roles",
|
||||
summary: "Create a new role",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageRoles],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
body: {
|
||||
content: {
|
||||
|
|
|
|||
|
|
@ -29,7 +29,12 @@ export const schemas = {
|
|||
const route = createRoute({
|
||||
method: "get",
|
||||
path: "/api/v1/statuses/{id}/context",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
permissions: [RolePermissions.ViewNotes],
|
||||
}),
|
||||
] as const,
|
||||
summary: "Get status context",
|
||||
request: {
|
||||
params: schemas.param,
|
||||
|
|
|
|||
|
|
@ -30,7 +30,15 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/statuses/{id}/favourite",
|
||||
summary: "Favourite a status",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnLikes,
|
||||
RolePermissions.ViewNotes,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -37,7 +37,15 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/statuses/{id}/favourited_by",
|
||||
summary: "Get users who favourited a status",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ViewNotes,
|
||||
RolePermissions.ViewNoteLikes,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
query: schemas.query,
|
||||
|
|
|
|||
|
|
@ -92,7 +92,12 @@ const routeGet = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/statuses/{id}",
|
||||
summary: "Get status",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
permissions: [RolePermissions.ViewNotes],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
@ -120,7 +125,15 @@ const routeDelete = createRoute({
|
|||
method: "delete",
|
||||
path: "/api/v1/statuses/{id}",
|
||||
summary: "Delete a status",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnNotes,
|
||||
RolePermissions.ViewNotes,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
@ -156,7 +169,16 @@ const routePut = createRoute({
|
|||
method: "put",
|
||||
path: "/api/v1/statuses/{id}",
|
||||
summary: "Update a status",
|
||||
middleware: [auth(meta.auth, meta.permissions), jsonOrForm()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnNotes,
|
||||
RolePermissions.ViewNotes,
|
||||
],
|
||||
}),
|
||||
jsonOrForm(),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
body: {
|
||||
|
|
|
|||
|
|
@ -31,7 +31,15 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/statuses/{id}/pin",
|
||||
summary: "Pin a status",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnNotes,
|
||||
RolePermissions.ViewNotes,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -34,7 +34,16 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/statuses/{id}/reblog",
|
||||
summary: "Reblog a status",
|
||||
middleware: [auth(meta.auth, meta.permissions), jsonOrForm()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnBoosts,
|
||||
RolePermissions.ViewNotes,
|
||||
],
|
||||
}),
|
||||
jsonOrForm(),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
body: {
|
||||
|
|
|
|||
|
|
@ -37,7 +37,15 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/statuses/{id}/reblogged_by",
|
||||
summary: "Get users who reblogged a status",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ViewNotes,
|
||||
RolePermissions.ViewNoteBoosts,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
query: schemas.query,
|
||||
|
|
|
|||
|
|
@ -31,7 +31,15 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/statuses/{id}/source",
|
||||
summary: "Get status source",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnNotes,
|
||||
RolePermissions.ViewNotes,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -30,7 +30,15 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/statuses/{id}/unfavourite",
|
||||
summary: "Unfavourite a status",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnNotes,
|
||||
RolePermissions.ViewNotes,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -30,7 +30,15 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/statuses/{id}/unpin",
|
||||
summary: "Unpin a status",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnNotes,
|
||||
RolePermissions.ViewNotes,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -31,7 +31,15 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v1/statuses/{id}/unreblog",
|
||||
summary: "Unreblog a status",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnNotes,
|
||||
RolePermissions.ViewNotes,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -103,7 +103,13 @@ export const schemas = {
|
|||
const route = createRoute({
|
||||
method: "post",
|
||||
path: "/api/v1/statuses",
|
||||
middleware: [auth(meta.auth, meta.permissions), jsonOrForm()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnNotes],
|
||||
}),
|
||||
jsonOrForm(),
|
||||
] as const,
|
||||
summary: "Post a new status",
|
||||
request: {
|
||||
body: {
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ export const meta = applyConfig({
|
|||
RolePermissions.ManageOwnNotes,
|
||||
RolePermissions.ViewNotes,
|
||||
RolePermissions.ViewAccounts,
|
||||
RolePermissions.ViewPrimateTimelines,
|
||||
RolePermissions.ViewPrivateTimelines,
|
||||
],
|
||||
},
|
||||
});
|
||||
|
|
@ -39,7 +39,17 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/timelines/home",
|
||||
summary: "Get home timeline",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [
|
||||
RolePermissions.ManageOwnNotes,
|
||||
RolePermissions.ViewNotes,
|
||||
RolePermissions.ViewAccounts,
|
||||
RolePermissions.ViewPrivateTimelines,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -49,7 +49,16 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v1/timelines/public",
|
||||
summary: "Get public timeline",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
permissions: [
|
||||
RolePermissions.ViewNotes,
|
||||
RolePermissions.ViewAccounts,
|
||||
RolePermissions.ViewPublicTimelines,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -89,7 +89,12 @@ const routeGet = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v2/filters/{id}",
|
||||
summary: "Get filter",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnFilters],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
@ -125,7 +130,13 @@ const routePut = createRoute({
|
|||
method: "put",
|
||||
path: "/api/v2/filters/{id}",
|
||||
summary: "Update filter",
|
||||
middleware: [auth(meta.auth, meta.permissions), jsonOrForm()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnFilters],
|
||||
}),
|
||||
jsonOrForm(),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
body: {
|
||||
|
|
@ -168,7 +179,12 @@ const routeDelete = createRoute({
|
|||
method: "delete",
|
||||
path: "/api/v2/filters/{id}",
|
||||
summary: "Delete filter",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnFilters],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
params: schemas.param,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -77,7 +77,13 @@ const routeGet = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v2/filters",
|
||||
summary: "Get filters",
|
||||
middleware: [auth(meta.auth, meta.permissions), jsonOrForm()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnFilters],
|
||||
}),
|
||||
jsonOrForm(),
|
||||
] as const,
|
||||
responses: {
|
||||
200: {
|
||||
description: "Filters",
|
||||
|
|
@ -102,7 +108,13 @@ const routePost = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v2/filters",
|
||||
summary: "Create filter",
|
||||
middleware: [auth(meta.auth, meta.permissions), jsonOrForm()] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.ManageOwnFilters],
|
||||
}),
|
||||
jsonOrForm(),
|
||||
] as const,
|
||||
request: {
|
||||
body: {
|
||||
content: {
|
||||
|
|
|
|||
|
|
@ -40,7 +40,13 @@ const route = createRoute({
|
|||
method: "post",
|
||||
path: "/api/v2/media",
|
||||
summary: "Upload media",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: true,
|
||||
scopes: ["write:media"],
|
||||
permissions: [RolePermissions.ManageOwnMedia],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
body: {
|
||||
content: {
|
||||
|
|
|
|||
|
|
@ -52,7 +52,17 @@ const route = createRoute({
|
|||
method: "get",
|
||||
path: "/api/v2/search",
|
||||
summary: "Instance database search",
|
||||
middleware: [auth(meta.auth, meta.permissions)] as const,
|
||||
middleware: [
|
||||
auth({
|
||||
auth: false,
|
||||
scopes: ["read:search"],
|
||||
permissions: [
|
||||
RolePermissions.Search,
|
||||
RolePermissions.ViewAccounts,
|
||||
RolePermissions.ViewNotes,
|
||||
],
|
||||
}),
|
||||
] as const,
|
||||
request: {
|
||||
query: schemas.query,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -549,7 +549,7 @@ export enum RolePermissions {
|
|||
ManageOwnApps = "owner:app",
|
||||
Search = "search",
|
||||
ViewPublicTimelines = "public_timelines",
|
||||
ViewPrimateTimelines = "private_timelines",
|
||||
ViewPrivateTimelines = "private_timelines",
|
||||
IgnoreRateLimits = "ignore_rate_limits",
|
||||
Impersonate = "impersonate",
|
||||
ManageInstance = "instance",
|
||||
|
|
@ -584,7 +584,7 @@ export const DEFAULT_ROLES = [
|
|||
RolePermissions.ManageOwnApps,
|
||||
RolePermissions.Search,
|
||||
RolePermissions.ViewPublicTimelines,
|
||||
RolePermissions.ViewPrimateTimelines,
|
||||
RolePermissions.ViewPrivateTimelines,
|
||||
RolePermissions.OAuth,
|
||||
];
|
||||
|
||||
|
|
|
|||
|
|
@ -71,7 +71,7 @@ export default (plugin: PluginType): void =>
|
|||
path: "/oauth/authorize",
|
||||
middleware: [
|
||||
auth({
|
||||
required: false,
|
||||
auth: false,
|
||||
}),
|
||||
jsonOrForm(),
|
||||
plugin.middleware,
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ export default (plugin: PluginType): void => {
|
|||
},
|
||||
middleware: [
|
||||
auth({
|
||||
required: false,
|
||||
auth: false,
|
||||
}),
|
||||
plugin.middleware,
|
||||
] as const,
|
||||
|
|
|
|||
|
|
@ -16,14 +16,10 @@ export default (plugin: PluginType): void => {
|
|||
path: "/api/v1/sso/{id}",
|
||||
summary: "Get linked account",
|
||||
middleware: [
|
||||
auth(
|
||||
{
|
||||
required: true,
|
||||
},
|
||||
{
|
||||
required: [RolePermissions.OAuth],
|
||||
},
|
||||
),
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.OAuth],
|
||||
}),
|
||||
plugin.middleware,
|
||||
] as const,
|
||||
request: {
|
||||
|
|
@ -115,14 +111,10 @@ export default (plugin: PluginType): void => {
|
|||
path: "/api/v1/sso/{id}",
|
||||
summary: "Unlink account",
|
||||
middleware: [
|
||||
auth(
|
||||
{
|
||||
required: true,
|
||||
},
|
||||
{
|
||||
required: [RolePermissions.OAuth],
|
||||
},
|
||||
),
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.OAuth],
|
||||
}),
|
||||
plugin.middleware,
|
||||
] as const,
|
||||
request: {
|
||||
|
|
|
|||
|
|
@ -19,14 +19,10 @@ export default (plugin: PluginType): void => {
|
|||
path: "/api/v1/sso",
|
||||
summary: "Get linked accounts",
|
||||
middleware: [
|
||||
auth(
|
||||
{
|
||||
required: true,
|
||||
},
|
||||
{
|
||||
required: [RolePermissions.OAuth],
|
||||
},
|
||||
),
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.OAuth],
|
||||
}),
|
||||
plugin.middleware,
|
||||
] as const,
|
||||
responses: {
|
||||
|
|
@ -82,14 +78,10 @@ export default (plugin: PluginType): void => {
|
|||
path: "/api/v1/sso",
|
||||
summary: "Link account",
|
||||
middleware: [
|
||||
auth(
|
||||
{
|
||||
required: true,
|
||||
},
|
||||
{
|
||||
required: [RolePermissions.OAuth],
|
||||
},
|
||||
),
|
||||
auth({
|
||||
auth: true,
|
||||
permissions: [RolePermissions.OAuth],
|
||||
}),
|
||||
plugin.middleware,
|
||||
] as const,
|
||||
request: {
|
||||
|
|
|
|||
60
utils/api.ts
60
utils/api.ts
|
|
@ -1,7 +1,7 @@
|
|||
import type { OpenAPIHono } from "@hono/zod-openapi";
|
||||
import { getLogger } from "@logtape/logtape";
|
||||
import { Application, Token, db } from "@versia/kit/db";
|
||||
import { Challenges } from "@versia/kit/tables";
|
||||
import { Challenges, type RolePermissions } from "@versia/kit/tables";
|
||||
import { extractParams, verifySolution } from "altcha-lib";
|
||||
import chalk from "chalk";
|
||||
import { type SQL, eq } from "drizzle-orm";
|
||||
|
|
@ -27,7 +27,7 @@ import { fromZodError } from "zod-validation-error";
|
|||
import { ApiError } from "~/classes/errors/api-error";
|
||||
import type { AuthData } from "~/classes/functions/user";
|
||||
import { config } from "~/packages/config-manager/index.ts";
|
||||
import type { ApiRouteMetadata, HonoEnv, HttpVerb } from "~/types/api";
|
||||
import type { ApiRouteMetadata, HonoEnv } from "~/types/api";
|
||||
|
||||
export const applyConfig = (routeMeta: ApiRouteMetadata): ApiRouteMetadata => {
|
||||
const newMeta = routeMeta;
|
||||
|
|
@ -161,19 +161,14 @@ export const handleZodError = (
|
|||
|
||||
const checkPermissions = (
|
||||
auth: AuthData | null,
|
||||
permissionData: ApiRouteMetadata["permissions"],
|
||||
context: Context,
|
||||
required: RolePermissions[],
|
||||
): void => {
|
||||
const userPerms = auth?.user
|
||||
? auth.user.getAllPermissions()
|
||||
: config.permissions.anonymous;
|
||||
const requiredPerms =
|
||||
permissionData?.methodOverrides?.[context.req.method as HttpVerb] ??
|
||||
permissionData?.required ??
|
||||
[];
|
||||
|
||||
if (!requiredPerms.every((perm) => userPerms.includes(perm))) {
|
||||
const missingPerms = requiredPerms.filter(
|
||||
if (!required.every((perm) => userPerms.includes(perm))) {
|
||||
const missingPerms = required.filter(
|
||||
(perm) => !userPerms.includes(perm),
|
||||
);
|
||||
throw new ApiError(
|
||||
|
|
@ -186,8 +181,7 @@ const checkPermissions = (
|
|||
|
||||
const checkRouteNeedsAuth = (
|
||||
auth: AuthData | null,
|
||||
authData: ApiRouteMetadata["auth"],
|
||||
context: Context,
|
||||
required: boolean,
|
||||
): AuthData => {
|
||||
if (auth?.user && auth?.token) {
|
||||
return {
|
||||
|
|
@ -196,10 +190,7 @@ const checkRouteNeedsAuth = (
|
|||
application: auth.application,
|
||||
};
|
||||
}
|
||||
if (
|
||||
authData.required ||
|
||||
authData.methodOverrides?.[context.req.method as HttpVerb]
|
||||
) {
|
||||
if (required) {
|
||||
throw new ApiError(401, "This route requires authentication");
|
||||
}
|
||||
|
||||
|
|
@ -211,10 +202,10 @@ const checkRouteNeedsAuth = (
|
|||
};
|
||||
|
||||
export const checkRouteNeedsChallenge = async (
|
||||
challengeData: ApiRouteMetadata["challenge"],
|
||||
required: boolean,
|
||||
context: Context,
|
||||
): Promise<void> => {
|
||||
if (!challengeData) {
|
||||
if (!required) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
@ -265,12 +256,22 @@ export const checkRouteNeedsChallenge = async (
|
|||
.where(eq(Challenges.id, challenge_id));
|
||||
};
|
||||
|
||||
export const auth = (
|
||||
authData: ApiRouteMetadata["auth"],
|
||||
permissionData?: ApiRouteMetadata["permissions"],
|
||||
challengeData?: ApiRouteMetadata["challenge"],
|
||||
): MiddlewareHandler<HonoEnv, string> =>
|
||||
createMiddleware<HonoEnv>(async (context, next) => {
|
||||
type HonoEnvWithAuth = HonoEnv & {
|
||||
Variables: {
|
||||
auth: AuthData & { user: NonNullable<AuthData["user"]> };
|
||||
};
|
||||
};
|
||||
|
||||
export const auth = <AuthRequired extends boolean>(options: {
|
||||
auth: AuthRequired;
|
||||
permissions?: RolePermissions[];
|
||||
challenge?: boolean;
|
||||
scopes?: string[];
|
||||
// If authRequired is true, HonoEnv.Variables.auth.user will never be null
|
||||
}): MiddlewareHandler<
|
||||
AuthRequired extends true ? HonoEnvWithAuth : HonoEnv
|
||||
> => {
|
||||
return createMiddleware(async (context, next) => {
|
||||
const header = context.req.header("Authorization");
|
||||
const tokenString = header?.split(" ")[1];
|
||||
|
||||
|
|
@ -287,22 +288,23 @@ export const auth = (
|
|||
};
|
||||
|
||||
// Authentication check
|
||||
const authCheck = checkRouteNeedsAuth(auth, authData, context);
|
||||
const authCheck = checkRouteNeedsAuth(auth, options.auth);
|
||||
|
||||
context.set("auth", authCheck);
|
||||
|
||||
// Permissions check
|
||||
if (permissionData) {
|
||||
checkPermissions(auth, permissionData, context);
|
||||
if (options.permissions) {
|
||||
checkPermissions(auth, options.permissions);
|
||||
}
|
||||
|
||||
// Challenge check
|
||||
if (challengeData && config.validation.challenges.enabled) {
|
||||
await checkRouteNeedsChallenge(challengeData, context);
|
||||
if (options.challenge && config.validation.challenges.enabled) {
|
||||
await checkRouteNeedsChallenge(options.challenge, context);
|
||||
}
|
||||
|
||||
await next();
|
||||
});
|
||||
};
|
||||
|
||||
// Helper function to parse form data
|
||||
async function parseFormData(context: Context): Promise<{
|
||||
|
|
|
|||
Loading…
Reference in a new issue