Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Amatsugu
|
1266518532 | ||
|
Amatsugu
|
719df155fb | ||
|
Amatsugu
|
e81d432b1f | ||
|
Amatsugu
|
61d70aee28 |
@@ -47,6 +47,9 @@ pub fn MediaItem(props: MediaItemProps) -> Element
|
||||
ContextMenu{
|
||||
ContextMenuTrigger{
|
||||
a {
|
||||
onmousemove: move |e: MouseEvent|{
|
||||
|
||||
},
|
||||
class: "mediaItem {class_string}",
|
||||
href: "{HOST}{url}",
|
||||
target: "_blank",
|
||||
|
||||
@@ -10,13 +10,13 @@
|
||||
<PackageReference Include="FFMpegCore" Version="5.4.0" />
|
||||
<PackageReference Include="Fido2.Models" Version="4.0.1" />
|
||||
<PackageReference Include="Isopoh.Cryptography.Argon2" Version="2.0.0" />
|
||||
<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="10.0.5" />
|
||||
<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="10.0.7" />
|
||||
<PackageReference Include="MaybeError" Version="1.2.0" />
|
||||
<PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="10.0.5" />
|
||||
<PackageReference Include="MongoDB.Driver" Version="3.7.1" />
|
||||
<PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="10.0.7" />
|
||||
<PackageReference Include="MongoDB.Driver" Version="3.8.0" />
|
||||
<PackageReference Include="MongoDB.Driver.Core.Extensions.DiagnosticSources" Version="3.0.0" />
|
||||
<PackageReference Include="SixLabors.ImageSharp.Drawing" Version="2.1.7" />
|
||||
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.17.0" />
|
||||
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.18.0" />
|
||||
<PackageReference Include="ZLinq" Version="1.5.6" />
|
||||
</ItemGroup>
|
||||
|
||||
|
||||
@@ -25,6 +25,11 @@ public class AobaService(IMongoDatabase db)
|
||||
return await _media.Find(m => m.MediaId == id).FirstOrDefaultAsync(cancellationToken);
|
||||
}
|
||||
|
||||
public async Task<List<Media>> GetMediaAsync(IEnumerable<ObjectId> ids, CancellationToken cancellationToken = default)
|
||||
{
|
||||
return await _media.Find(m => ids.Contains(m.MediaId)).ToListAsync(cancellationToken);
|
||||
}
|
||||
|
||||
public async Task<PagedResult<Media>> FindMediaAsync(string? query, ObjectId userId, int page = 1, int pageSize = 100, CancellationToken cancellationToken = default)
|
||||
{
|
||||
var filters = new List<FilterDefinition<Media>>()
|
||||
|
||||
@@ -53,6 +53,23 @@ public class ThumbnailService(IMongoDatabase db, AobaService aobaService)
|
||||
return null;
|
||||
}
|
||||
|
||||
public async Task<Error?> DeleteThumbnailDirectAsync(ObjectId thumbnailId)
|
||||
{
|
||||
try
|
||||
{
|
||||
await _gridfs.DeleteAsync(thumbnailId);
|
||||
}
|
||||
catch (GridFSFileNotFoundException)
|
||||
{
|
||||
//Ignore if the file was not found (somehow already deleted)
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
return new ExceptionError(e);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
///
|
||||
/// </summary>
|
||||
|
||||
@@ -10,22 +10,22 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="Fido2.AspNet" Version="4.0.1" />
|
||||
<PackageReference Include="Grpc.AspNetCore" Version="2.76.0" />
|
||||
<PackageReference Include="Grpc.AspNetCore.Web" Version="2.76.0" />
|
||||
<PackageReference Include="Grpc.AspNetCore" Version="2.80.0" />
|
||||
<PackageReference Include="Grpc.AspNetCore.Web" Version="2.80.0" />
|
||||
<PackageReference Include="Grpc.Tools" Version="2.80.0">
|
||||
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
|
||||
<PrivateAssets>all</PrivateAssets>
|
||||
</PackageReference>
|
||||
<PackageReference Include="Isopoh.Cryptography.Argon2" Version="2.0.0" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.5" />
|
||||
<PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="8.17.0" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.7" />
|
||||
<PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="8.18.0" />
|
||||
<PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.23.0" />
|
||||
<PackageReference Include="MimeTypesMap" Version="1.0.9" />
|
||||
<PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.15.2" />
|
||||
<PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.15.3" />
|
||||
<PackageReference Include="OpenTelemetry.Exporter.Prometheus.AspNetCore" Version="1.9.0-beta.2" />
|
||||
<PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.15.2" />
|
||||
<PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.15.1" />
|
||||
<PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.15.0" />
|
||||
<PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.15.3" />
|
||||
<PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.15.2" />
|
||||
<PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.15.1" />
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
|
||||
+168
-168
@@ -1,126 +1,126 @@
|
||||
using AobaCore;
|
||||
|
||||
using AobaServer.Auth;
|
||||
using AobaServer.Middleware;
|
||||
using AobaServer.Models;
|
||||
using AobaServer.Services;
|
||||
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.AspNetCore.Http.Features;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
|
||||
using MongoDB.Driver;
|
||||
using MongoDB.Driver.Core.Extensions.DiagnosticSources;
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
builder.WebHost.ConfigureKestrel(o =>
|
||||
{
|
||||
o.Limits.MaxRequestBodySize = null;
|
||||
#if !DEBUG
|
||||
o.ListenAnyIP(8081, lo =>
|
||||
{
|
||||
lo.Protocols = Microsoft.AspNetCore.Server.Kestrel.Core.HttpProtocols.Http2;
|
||||
});
|
||||
o.ListenAnyIP(8080, lo =>
|
||||
{
|
||||
lo.Protocols = Microsoft.AspNetCore.Server.Kestrel.Core.HttpProtocols.Http1AndHttp2;
|
||||
});
|
||||
#endif
|
||||
});
|
||||
var config = builder.Configuration;
|
||||
// Add services to the container.
|
||||
builder.Services.AddControllers(opt => opt.ModelBinderProviders.Add(new BsonIdModelBinderProvider()));
|
||||
|
||||
builder.Services.AddObersability(builder.Configuration);
|
||||
builder.Services.AddGrpc();
|
||||
|
||||
//DB
|
||||
var dbString = config["DB_STRING"];
|
||||
var settings = MongoClientSettings.FromConnectionString(dbString);
|
||||
settings.ClusterConfigurator = cb => cb.Subscribe(new DiagnosticsActivityEventSubscriber());
|
||||
var dbClient = new MongoClient(settings);
|
||||
var db = dbClient.GetDatabase("Aoba");
|
||||
|
||||
builder.Services.AddSingleton(dbClient);
|
||||
builder.Services.AddSingleton<IMongoDatabase>(db);
|
||||
|
||||
var authCfg = new AuthConfigService(db);
|
||||
builder.Services.AddSingleton(authCfg);
|
||||
|
||||
|
||||
var authInfo = authCfg.GetDefaultAuthInfoAsync().GetAwaiter().GetResult();
|
||||
var signingKey = new SymmetricSecurityKey(authInfo.SecureKey);
|
||||
|
||||
var validationParams = new TokenValidationParameters
|
||||
{
|
||||
ValidateIssuerSigningKey = true,
|
||||
IssuerSigningKey = signingKey,
|
||||
ValidateIssuer = true,
|
||||
ValidIssuer = authInfo.Issuer,
|
||||
ValidateAudience = true,
|
||||
ValidAudience = authInfo.Audience,
|
||||
ValidateLifetime = false,
|
||||
ClockSkew = TimeSpan.FromMinutes(1),
|
||||
};
|
||||
|
||||
builder.Services.AddCors(o =>
|
||||
{
|
||||
o.AddPolicy("AllowAll", p =>
|
||||
{
|
||||
p.AllowAnyOrigin();
|
||||
p.AllowAnyMethod();
|
||||
p.AllowAnyHeader();
|
||||
});
|
||||
o.AddPolicy("RPC", p =>
|
||||
{
|
||||
p.AllowAnyMethod();
|
||||
p.AllowAnyHeader();
|
||||
p.WithExposedHeaders("Grpc-Status", "Grpc-Message", "Grpc-Encoding", "Grpc-Accept-Encoding");
|
||||
p.AllowAnyOrigin();
|
||||
});
|
||||
});
|
||||
|
||||
var metricsAuthInfo = authCfg.GetAuthInfoAsync("aoba", "metrics").GetAwaiter().GetResult();
|
||||
builder.Services.AddAuthentication(options =>
|
||||
{
|
||||
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
options.DefaultChallengeScheme = "Aoba";
|
||||
}).AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => //Bearer auth
|
||||
{
|
||||
options.TokenValidationParameters = validationParams;
|
||||
options.TokenHandlers.Add(new MetricsTokenValidator(metricsAuthInfo));
|
||||
options.Events = new JwtBearerEvents
|
||||
{
|
||||
OnMessageReceived = ctx => //Retreive token from cookie if not found in headers
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(ctx.Token))
|
||||
ctx.Token = ctx.Request.Headers.Authorization.FirstOrDefault()?.Replace("Bearer ", "");
|
||||
|
||||
#if DEBUG //allow cookie based auth when in debug mode
|
||||
if (string.IsNullOrWhiteSpace(ctx.Token))
|
||||
ctx.Token = ctx.Request.Cookies.FirstOrDefault(c => c.Key == "token").Value;
|
||||
#endif
|
||||
|
||||
return Task.CompletedTask;
|
||||
},
|
||||
OnAuthenticationFailed = ctx =>
|
||||
{
|
||||
ctx.Response.Cookies.Append("token", "", new CookieOptions
|
||||
{
|
||||
MaxAge = TimeSpan.Zero,
|
||||
Expires = DateTime.Now
|
||||
});
|
||||
ctx.Options.ForwardChallenge = "Aoba";
|
||||
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
};
|
||||
}).AddScheme<AuthenticationSchemeOptions, AobaAuthenticationHandler>("Aoba", null);
|
||||
|
||||
|
||||
builder.Services.AddAoba();
|
||||
using AobaCore;
|
||||
|
||||
using AobaServer.Auth;
|
||||
using AobaServer.Middleware;
|
||||
using AobaServer.Models;
|
||||
using AobaServer.Services;
|
||||
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.AspNetCore.Http.Features;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
|
||||
using MongoDB.Driver;
|
||||
using MongoDB.Driver.Core.Extensions.DiagnosticSources;
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
builder.WebHost.ConfigureKestrel(o =>
|
||||
{
|
||||
o.Limits.MaxRequestBodySize = null;
|
||||
#if !DEBUG
|
||||
o.ListenAnyIP(8081, lo =>
|
||||
{
|
||||
lo.Protocols = Microsoft.AspNetCore.Server.Kestrel.Core.HttpProtocols.Http2;
|
||||
});
|
||||
o.ListenAnyIP(8080, lo =>
|
||||
{
|
||||
lo.Protocols = Microsoft.AspNetCore.Server.Kestrel.Core.HttpProtocols.Http1AndHttp2;
|
||||
});
|
||||
#endif
|
||||
});
|
||||
var config = builder.Configuration;
|
||||
// Add services to the container.
|
||||
builder.Services.AddControllers(opt => opt.ModelBinderProviders.Add(new BsonIdModelBinderProvider()));
|
||||
|
||||
builder.Services.AddObersability(builder.Configuration);
|
||||
builder.Services.AddGrpc();
|
||||
|
||||
//DB
|
||||
var dbString = config["DB_STRING"];
|
||||
var settings = MongoClientSettings.FromConnectionString(dbString);
|
||||
settings.ClusterConfigurator = cb => cb.Subscribe(new DiagnosticsActivityEventSubscriber());
|
||||
var dbClient = new MongoClient(settings);
|
||||
var db = dbClient.GetDatabase("Aoba");
|
||||
|
||||
builder.Services.AddSingleton(dbClient);
|
||||
builder.Services.AddSingleton<IMongoDatabase>(db);
|
||||
|
||||
var authCfg = new AuthConfigService(db);
|
||||
builder.Services.AddSingleton(authCfg);
|
||||
|
||||
|
||||
var authInfo = authCfg.GetDefaultAuthInfoAsync().GetAwaiter().GetResult();
|
||||
var signingKey = new SymmetricSecurityKey(authInfo.SecureKey);
|
||||
|
||||
var validationParams = new TokenValidationParameters
|
||||
{
|
||||
ValidateIssuerSigningKey = true,
|
||||
IssuerSigningKey = signingKey,
|
||||
ValidateIssuer = true,
|
||||
ValidIssuer = authInfo.Issuer,
|
||||
ValidateAudience = true,
|
||||
ValidAudience = authInfo.Audience,
|
||||
ValidateLifetime = false,
|
||||
ClockSkew = TimeSpan.FromMinutes(1),
|
||||
};
|
||||
|
||||
builder.Services.AddCors(o =>
|
||||
{
|
||||
o.AddPolicy("AllowAll", p =>
|
||||
{
|
||||
p.AllowAnyOrigin();
|
||||
p.AllowAnyMethod();
|
||||
p.AllowAnyHeader();
|
||||
});
|
||||
o.AddPolicy("RPC", p =>
|
||||
{
|
||||
p.AllowAnyMethod();
|
||||
p.AllowAnyHeader();
|
||||
p.WithExposedHeaders("Grpc-Status", "Grpc-Message", "Grpc-Encoding", "Grpc-Accept-Encoding");
|
||||
p.AllowAnyOrigin();
|
||||
});
|
||||
});
|
||||
|
||||
var metricsAuthInfo = authCfg.GetAuthInfoAsync("aoba", "metrics").GetAwaiter().GetResult();
|
||||
builder.Services.AddAuthentication(options =>
|
||||
{
|
||||
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
options.DefaultChallengeScheme = "Aoba";
|
||||
}).AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => //Bearer auth
|
||||
{
|
||||
options.TokenValidationParameters = validationParams;
|
||||
options.TokenHandlers.Add(new MetricsTokenValidator(metricsAuthInfo));
|
||||
options.Events = new JwtBearerEvents
|
||||
{
|
||||
OnMessageReceived = ctx => //Retreive token from cookie if not found in headers
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(ctx.Token))
|
||||
ctx.Token = ctx.Request.Headers.Authorization.FirstOrDefault()?.Replace("Bearer ", "");
|
||||
|
||||
#if DEBUG //allow cookie based auth when in debug mode
|
||||
if (string.IsNullOrWhiteSpace(ctx.Token))
|
||||
ctx.Token = ctx.Request.Cookies.FirstOrDefault(c => c.Key == "token").Value;
|
||||
#endif
|
||||
|
||||
return Task.CompletedTask;
|
||||
},
|
||||
OnAuthenticationFailed = ctx =>
|
||||
{
|
||||
ctx.Response.Cookies.Append("token", "", new CookieOptions
|
||||
{
|
||||
MaxAge = TimeSpan.Zero,
|
||||
Expires = DateTime.Now
|
||||
});
|
||||
ctx.Options.ForwardChallenge = "Aoba";
|
||||
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
};
|
||||
}).AddScheme<AuthenticationSchemeOptions, AobaAuthenticationHandler>("Aoba", null);
|
||||
|
||||
|
||||
builder.Services.AddAoba();
|
||||
builder.Services.AddFido2(opts =>
|
||||
{
|
||||
opts.ServerName = "Aoba";
|
||||
@@ -130,48 +130,48 @@ builder.Services.AddFido2(opts =>
|
||||
#else
|
||||
opts.Origins = new HashSet<string> { "https://aoba.app" };
|
||||
#endif
|
||||
});
|
||||
#if DEBUG
|
||||
builder.Services.AddHostedService<DebugService>();
|
||||
#endif
|
||||
builder.Services.Configure<FormOptions>(opt =>
|
||||
{
|
||||
opt.ValueLengthLimit = int.MaxValue;
|
||||
opt.MultipartBodyLengthLimit = long.MaxValue;
|
||||
});
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
// Configure the HTTP request pipeline.
|
||||
if (!app.Environment.IsDevelopment())
|
||||
{
|
||||
app.UseExceptionHandler("/Home/Error");
|
||||
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
|
||||
app.UseHsts();
|
||||
}
|
||||
|
||||
app.UseGrpcWeb(new GrpcWebOptions { DefaultEnabled = true });
|
||||
app.UseStaticFiles();
|
||||
app.UseRouting();
|
||||
|
||||
|
||||
app.UseCors();
|
||||
|
||||
|
||||
app.UseAuthentication();
|
||||
app.UseAuthorization();
|
||||
|
||||
app.MapControllers();
|
||||
app.MapObserability();
|
||||
app.MapGrpcService<AobaRpcService>()
|
||||
.RequireAuthorization()
|
||||
.RequireCors("RPC");
|
||||
app.MapGrpcService<MetricsRpcService>()
|
||||
.RequireAuthorization()
|
||||
.RequireCors("RPC");
|
||||
app.MapGrpcService<AobaAuthService>()
|
||||
.AllowAnonymous()
|
||||
.RequireCors("RPC");
|
||||
app.MapFallbackToFile("index.html");
|
||||
|
||||
app.Run();
|
||||
});
|
||||
#if DEBUG
|
||||
builder.Services.AddHostedService<DebugService>();
|
||||
#endif
|
||||
builder.Services.Configure<FormOptions>(opt =>
|
||||
{
|
||||
opt.ValueLengthLimit = int.MaxValue;
|
||||
opt.MultipartBodyLengthLimit = long.MaxValue;
|
||||
});
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
// Configure the HTTP request pipeline.
|
||||
if (!app.Environment.IsDevelopment())
|
||||
{
|
||||
app.UseExceptionHandler("/Home/Error");
|
||||
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
|
||||
app.UseHsts();
|
||||
}
|
||||
|
||||
app.UseGrpcWeb(new GrpcWebOptions { DefaultEnabled = true });
|
||||
app.UseStaticFiles();
|
||||
app.UseRouting();
|
||||
|
||||
|
||||
app.UseCors();
|
||||
|
||||
|
||||
app.UseAuthentication();
|
||||
app.UseAuthorization();
|
||||
|
||||
app.MapControllers();
|
||||
app.MapObserability();
|
||||
app.MapGrpcService<AobaRpcService>()
|
||||
.RequireAuthorization()
|
||||
.RequireCors("RPC");
|
||||
app.MapGrpcService<MetricsRpcService>()
|
||||
.RequireAuthorization()
|
||||
.RequireCors("RPC");
|
||||
app.MapGrpcService<AobaAuthService>()
|
||||
.AllowAnonymous()
|
||||
.RequireCors("RPC");
|
||||
app.MapFallbackToFile("index.html");
|
||||
|
||||
app.Run();
|
||||
|
||||
@@ -13,7 +13,7 @@ using System.Text.Json;
|
||||
|
||||
namespace AobaServer.Services;
|
||||
|
||||
public class AobaRpcService(AobaService aobaService, AccountsService accountsService, AuthConfigService authConfig) : AobaRpc.AobaRpcBase
|
||||
public class AobaRpcService(AobaService aobaService, ThumbnailService thumbnailService, AccountsService accountsService, AuthConfigService authConfig) : AobaRpc.AobaRpcBase
|
||||
{
|
||||
public override async Task<MediaResponse> GetMedia(Id request, ServerCallContext context)
|
||||
{
|
||||
@@ -59,13 +59,30 @@ public class AobaRpcService(AobaService aobaService, AccountsService accountsSer
|
||||
|
||||
public override async Task<Empty> DeleteMedia(Id request, ServerCallContext context)
|
||||
{
|
||||
await aobaService.DeleteFileAsync(request.ToObjectId(), context.CancellationToken);
|
||||
var media = await aobaService.GetMediaAsync(request.ToObjectId());
|
||||
if (media == null)
|
||||
return new Empty();
|
||||
await aobaService.DeleteFileAsync(media.MediaId, context.CancellationToken);
|
||||
foreach (var (_, id) in media.Thumbnails)
|
||||
{
|
||||
await thumbnailService.DeleteThumbnailDirectAsync(id);
|
||||
}
|
||||
return new Empty();
|
||||
}
|
||||
|
||||
public override async Task<Empty> DeleteMediaBulk(IdList request, ServerCallContext context)
|
||||
{
|
||||
var media = await aobaService.GetMediaAsync(request.ToObjectId(), context.CancellationToken);
|
||||
if(media.Count == 0)
|
||||
return new Empty();
|
||||
await aobaService.DeleteFilesAsync(request.ToObjectId(), context.CancellationToken);
|
||||
foreach (var item in media)
|
||||
{
|
||||
foreach (var (_, id) in item.Thumbnails)
|
||||
{
|
||||
await thumbnailService.DeleteThumbnailDirectAsync(id);
|
||||
}
|
||||
}
|
||||
return new Empty();
|
||||
}
|
||||
}
|
||||
@@ -8,5 +8,6 @@ public class DebugService(AobaService aobaService, ThumbnailService thumbnailSer
|
||||
{
|
||||
protected override async Task ExecuteAsync(CancellationToken stoppingToken)
|
||||
{
|
||||
//todo: clean up orphaned thumbnails
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user