Loading package-lock.json +18 −13 Original line number Diff line number Diff line Loading @@ -7872,22 +7872,24 @@ "dev": true }, "node_modules/@types/express": { "version": "4.17.21", "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.21.tgz", "integrity": "sha512-ejlPM315qwLpaQlQDTjPdsUFSc6ZsP4AN6AlWnogPjQ7CVi7PYF3YVz+CY3jE2pwYf7E/7HlDAN0rV2GxTG0HQ==", "version": "5.0.0", "resolved": "https://registry.npmjs.org/@types/express/-/express-5.0.0.tgz", "integrity": "sha512-DvZriSMehGHL1ZNLzi6MidnsDhUZM/x2pRdDIKdwbUNqqwHxMlRdkxtn6/EPKyqKpHqTl/4nRZsRNLpZxZRpPQ==", "dev": true, "license": "MIT", "dependencies": { "@types/body-parser": "*", "@types/express-serve-static-core": "^4.17.33", "@types/express-serve-static-core": "^5.0.0", "@types/qs": "*", "@types/serve-static": "*" } }, "node_modules/@types/express-serve-static-core": { "version": "4.17.42", "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.42.tgz", "integrity": "sha512-ckM3jm2bf/MfB3+spLPWYPUH573plBFwpOhqQ2WottxYV85j1HQFlxmnTq57X1yHY9awZPig06hL/cLMgNWHIQ==", "version": "5.0.3", "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-5.0.3.tgz", "integrity": "sha512-JEhMNwUJt7bw728CydvYzntD0XJeTmDnvwLlbfbAhE7Tbslm/ax6bdIiUwTgeVlZTsJQPwZwKpAkyDtIjsvx3g==", "dev": true, "license": "MIT", "dependencies": { "@types/node": "*", "@types/qs": "*", Loading Loading @@ -7997,16 +7999,18 @@ } }, "node_modules/@types/qs": { "version": "6.9.11", "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.11.tgz", "integrity": "sha512-oGk0gmhnEJK4Yyk+oI7EfXsLayXatCWPHary1MtcmbAifkobT9cM9yutG/hZKIseOU0MqbIwQ/u2nn/Gb+ltuQ==", "dev": true "version": "6.9.17", "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.17.tgz", "integrity": "sha512-rX4/bPcfmvxHDv0XjfJELTTr+iB+tn032nPILqHm5wbthUUUuVtNGGqzhya9XUxjTP8Fpr0qYgSZZKxGY++svQ==", "dev": true, "license": "MIT" }, "node_modules/@types/range-parser": { "version": "1.2.7", "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz", "integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ==", "dev": true "dev": true, "license": "MIT" }, "node_modules/@types/react": { "version": "19.0.2", Loading Loading @@ -8037,6 +8041,7 @@ "resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz", "integrity": "sha512-x2EM6TJOybec7c52BX0ZspPodMsQUd5L6PRwOunVyVUhXiBSKf3AezDL8Dgvgt5o0UfKNfuA0eMLr2wLT4AiBA==", "dev": true, "license": "MIT", "dependencies": { "@types/mime": "^1", "@types/node": "*" Loading Loading @@ -16656,7 +16661,7 @@ "devDependencies": { "@tsconfig/recommended": "^1.0.8", "@types/cors": "^2.8.17", "@types/express": "^4.17.17", "@types/express": "^5.0.0", "@types/express-session": "^1.18.1", "@types/uuid": "^10.0.0", "dotenv": "^16.4.7", packages/server/src/api/admin.ts +26 −31 Original line number Diff line number Diff line Loading @@ -180,9 +180,7 @@ app.get("/canvas/:x/:y", async (req, res) => { app.post("/canvas/stress", async (req, res) => { if (process.env.NODE_ENV === "production") { res .status(500) .json({ res.status(500).json({ success: false, error: "this is terrible idea to execute this in production", }); Loading Loading @@ -415,7 +413,8 @@ app.put("/canvas/fill", async (req, res) => { */ app.get("/ip", async (req, res) => { if (typeof req.query.address !== "string") { return res.status(400).json({ success: false, error: "missing ?address=" }); res.status(400).json({ success: false, error: "missing ?address=" }); return; } const ip: string = req.query.address; Loading Loading @@ -646,18 +645,18 @@ app.post("/user/all/notice", async (req, res) => { let title: string = req.body.title; if (typeof req.body.title !== "string") { return res .status(400) .json({ success: false, error: "Title is not a string" }); res.status(400).json({ success: false, error: "Title is not a string" }); return; } if ( typeof req.body.body !== "undefined" && typeof req.body.body !== "string" ) { return res res .status(400) .json({ success: false, error: "Body is set but is not a string" }); return; } const sockets = await SocketServer.instance.io.fetchSockets(); Loading Loading @@ -700,18 +699,18 @@ app.post("/user/:sub/notice", async (req, res) => { let title: string = req.body.title; if (typeof req.body.title !== "string") { return res .status(400) .json({ success: false, error: "Title is not a string" }); res.status(400).json({ success: false, error: "Title is not a string" }); return; } if ( typeof req.body.body !== "undefined" && typeof req.body.body !== "string" ) { return res res .status(400) .json({ success: false, error: "Body is set but is not a string" }); return; } user.notify({ Loading Loading @@ -899,9 +898,8 @@ app.get("/instance/:domain/ban", async (req, res) => { const ban = await instance.getEffectiveBan(); if (!ban) { return res .status(404) .json({ success: false, error: "Instance not banned" }); res.status(404).json({ success: false, error: "Instance not banned" }); return; } res.json({ success: true, ban }); Loading Loading @@ -1080,17 +1078,15 @@ app.get("/audit/:id", async (req, res) => { let id = parseInt(req.params.id); if (isNaN(id)) { return res .status(400) .json({ success: false, error: "id is not a number" }); res.status(400).json({ success: false, error: "id is not a number" }); return; } const auditLog = await prisma.auditLog.findFirst({ where: { id } }); if (!auditLog) { return res .status(404) .json({ success: false, error: "Audit log not found" }); res.status(404).json({ success: false, error: "Audit log not found" }); return; } res.json({ success: true, auditLog }); Loading @@ -1107,15 +1103,15 @@ app.put("/audit/:id/reason", async (req, res) => { let reason: string; if (isNaN(id)) { return res .status(400) .json({ success: false, error: "id is not a number" }); res.status(400).json({ success: false, error: "id is not a number" }); return; } if (typeof req.body.reason !== "string" && req.body.reason !== null) { return res res .status(400) .json({ success: false, error: "reason is not a string or null" }); return; } reason = req.body.reason; Loading @@ -1127,9 +1123,8 @@ app.put("/audit/:id/reason", async (req, res) => { }); if (!auditLog) { return res .status(404) .json({ success: false, error: "audit log is not found" }); res.status(404).json({ success: false, error: "audit log is not found" }); return; } const newAudit = await prisma.auditLog.update({ Loading packages/server/src/api/client.ts +10 −7 Original line number Diff line number Diff line Loading @@ -121,10 +121,11 @@ app.get("/callback", RateLimiter.HIGH, async (req, res) => { } if (!exchange || !exchange.access_token) { return res.status(400).json({ res.status(400).json({ success: false, error: "FAILED TOKEN EXCHANGE", }); return; } try { Loading Loading @@ -210,14 +211,14 @@ app.get("/canvas/pixel/:x/:y", RateLimiter.HIGH, async (req, res) => { const y = parseInt(req.params.y); if (isNaN(x) || isNaN(y)) { return res .status(400) .json({ success: false, error: "x or y is not a number" }); res.status(400).json({ success: false, error: "x or y is not a number" }); return; } const pixel = await Canvas.getPixel(x, y); if (!pixel) { return res.json({ success: false, error: "no_pixel" }); res.json({ success: false, error: "no_pixel" }); return; } const otherPixels = await prisma.pixel.count({ where: { x, y } }); Loading Loading @@ -258,7 +259,8 @@ app.get("/heatmap", async (req, res) => { const heatmap = await Canvas.getCachedHeatmap(); if (!heatmap) { return res.json({ success: false, error: "heatmap_not_generated" }); res.json({ success: false, error: "heatmap_not_generated" }); return; } res.json({ success: true, heatmap }); Loading @@ -272,7 +274,8 @@ app.get("/heatmap", async (req, res) => { app.get("/user/:sub", RateLimiter.HIGH, async (req, res) => { const user = await prisma.user.findFirst({ where: { sub: req.params.sub } }); if (!user) { return res.status(404).json({ success: false, error: "unknown_user" }); res.status(404).json({ success: false, error: "unknown_user" }); return; } res.json({ Loading Loading
package-lock.json +18 −13 Original line number Diff line number Diff line Loading @@ -7872,22 +7872,24 @@ "dev": true }, "node_modules/@types/express": { "version": "4.17.21", "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.21.tgz", "integrity": "sha512-ejlPM315qwLpaQlQDTjPdsUFSc6ZsP4AN6AlWnogPjQ7CVi7PYF3YVz+CY3jE2pwYf7E/7HlDAN0rV2GxTG0HQ==", "version": "5.0.0", "resolved": "https://registry.npmjs.org/@types/express/-/express-5.0.0.tgz", "integrity": "sha512-DvZriSMehGHL1ZNLzi6MidnsDhUZM/x2pRdDIKdwbUNqqwHxMlRdkxtn6/EPKyqKpHqTl/4nRZsRNLpZxZRpPQ==", "dev": true, "license": "MIT", "dependencies": { "@types/body-parser": "*", "@types/express-serve-static-core": "^4.17.33", "@types/express-serve-static-core": "^5.0.0", "@types/qs": "*", "@types/serve-static": "*" } }, "node_modules/@types/express-serve-static-core": { "version": "4.17.42", "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.42.tgz", "integrity": "sha512-ckM3jm2bf/MfB3+spLPWYPUH573plBFwpOhqQ2WottxYV85j1HQFlxmnTq57X1yHY9awZPig06hL/cLMgNWHIQ==", "version": "5.0.3", "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-5.0.3.tgz", "integrity": "sha512-JEhMNwUJt7bw728CydvYzntD0XJeTmDnvwLlbfbAhE7Tbslm/ax6bdIiUwTgeVlZTsJQPwZwKpAkyDtIjsvx3g==", "dev": true, "license": "MIT", "dependencies": { "@types/node": "*", "@types/qs": "*", Loading Loading @@ -7997,16 +7999,18 @@ } }, "node_modules/@types/qs": { "version": "6.9.11", "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.11.tgz", "integrity": "sha512-oGk0gmhnEJK4Yyk+oI7EfXsLayXatCWPHary1MtcmbAifkobT9cM9yutG/hZKIseOU0MqbIwQ/u2nn/Gb+ltuQ==", "dev": true "version": "6.9.17", "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.17.tgz", "integrity": "sha512-rX4/bPcfmvxHDv0XjfJELTTr+iB+tn032nPILqHm5wbthUUUuVtNGGqzhya9XUxjTP8Fpr0qYgSZZKxGY++svQ==", "dev": true, "license": "MIT" }, "node_modules/@types/range-parser": { "version": "1.2.7", "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz", "integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ==", "dev": true "dev": true, "license": "MIT" }, "node_modules/@types/react": { "version": "19.0.2", Loading Loading @@ -8037,6 +8041,7 @@ "resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz", "integrity": "sha512-x2EM6TJOybec7c52BX0ZspPodMsQUd5L6PRwOunVyVUhXiBSKf3AezDL8Dgvgt5o0UfKNfuA0eMLr2wLT4AiBA==", "dev": true, "license": "MIT", "dependencies": { "@types/mime": "^1", "@types/node": "*" Loading Loading @@ -16656,7 +16661,7 @@ "devDependencies": { "@tsconfig/recommended": "^1.0.8", "@types/cors": "^2.8.17", "@types/express": "^4.17.17", "@types/express": "^5.0.0", "@types/express-session": "^1.18.1", "@types/uuid": "^10.0.0", "dotenv": "^16.4.7",
packages/server/src/api/admin.ts +26 −31 Original line number Diff line number Diff line Loading @@ -180,9 +180,7 @@ app.get("/canvas/:x/:y", async (req, res) => { app.post("/canvas/stress", async (req, res) => { if (process.env.NODE_ENV === "production") { res .status(500) .json({ res.status(500).json({ success: false, error: "this is terrible idea to execute this in production", }); Loading Loading @@ -415,7 +413,8 @@ app.put("/canvas/fill", async (req, res) => { */ app.get("/ip", async (req, res) => { if (typeof req.query.address !== "string") { return res.status(400).json({ success: false, error: "missing ?address=" }); res.status(400).json({ success: false, error: "missing ?address=" }); return; } const ip: string = req.query.address; Loading Loading @@ -646,18 +645,18 @@ app.post("/user/all/notice", async (req, res) => { let title: string = req.body.title; if (typeof req.body.title !== "string") { return res .status(400) .json({ success: false, error: "Title is not a string" }); res.status(400).json({ success: false, error: "Title is not a string" }); return; } if ( typeof req.body.body !== "undefined" && typeof req.body.body !== "string" ) { return res res .status(400) .json({ success: false, error: "Body is set but is not a string" }); return; } const sockets = await SocketServer.instance.io.fetchSockets(); Loading Loading @@ -700,18 +699,18 @@ app.post("/user/:sub/notice", async (req, res) => { let title: string = req.body.title; if (typeof req.body.title !== "string") { return res .status(400) .json({ success: false, error: "Title is not a string" }); res.status(400).json({ success: false, error: "Title is not a string" }); return; } if ( typeof req.body.body !== "undefined" && typeof req.body.body !== "string" ) { return res res .status(400) .json({ success: false, error: "Body is set but is not a string" }); return; } user.notify({ Loading Loading @@ -899,9 +898,8 @@ app.get("/instance/:domain/ban", async (req, res) => { const ban = await instance.getEffectiveBan(); if (!ban) { return res .status(404) .json({ success: false, error: "Instance not banned" }); res.status(404).json({ success: false, error: "Instance not banned" }); return; } res.json({ success: true, ban }); Loading Loading @@ -1080,17 +1078,15 @@ app.get("/audit/:id", async (req, res) => { let id = parseInt(req.params.id); if (isNaN(id)) { return res .status(400) .json({ success: false, error: "id is not a number" }); res.status(400).json({ success: false, error: "id is not a number" }); return; } const auditLog = await prisma.auditLog.findFirst({ where: { id } }); if (!auditLog) { return res .status(404) .json({ success: false, error: "Audit log not found" }); res.status(404).json({ success: false, error: "Audit log not found" }); return; } res.json({ success: true, auditLog }); Loading @@ -1107,15 +1103,15 @@ app.put("/audit/:id/reason", async (req, res) => { let reason: string; if (isNaN(id)) { return res .status(400) .json({ success: false, error: "id is not a number" }); res.status(400).json({ success: false, error: "id is not a number" }); return; } if (typeof req.body.reason !== "string" && req.body.reason !== null) { return res res .status(400) .json({ success: false, error: "reason is not a string or null" }); return; } reason = req.body.reason; Loading @@ -1127,9 +1123,8 @@ app.put("/audit/:id/reason", async (req, res) => { }); if (!auditLog) { return res .status(404) .json({ success: false, error: "audit log is not found" }); res.status(404).json({ success: false, error: "audit log is not found" }); return; } const newAudit = await prisma.auditLog.update({ Loading
packages/server/src/api/client.ts +10 −7 Original line number Diff line number Diff line Loading @@ -121,10 +121,11 @@ app.get("/callback", RateLimiter.HIGH, async (req, res) => { } if (!exchange || !exchange.access_token) { return res.status(400).json({ res.status(400).json({ success: false, error: "FAILED TOKEN EXCHANGE", }); return; } try { Loading Loading @@ -210,14 +211,14 @@ app.get("/canvas/pixel/:x/:y", RateLimiter.HIGH, async (req, res) => { const y = parseInt(req.params.y); if (isNaN(x) || isNaN(y)) { return res .status(400) .json({ success: false, error: "x or y is not a number" }); res.status(400).json({ success: false, error: "x or y is not a number" }); return; } const pixel = await Canvas.getPixel(x, y); if (!pixel) { return res.json({ success: false, error: "no_pixel" }); res.json({ success: false, error: "no_pixel" }); return; } const otherPixels = await prisma.pixel.count({ where: { x, y } }); Loading Loading @@ -258,7 +259,8 @@ app.get("/heatmap", async (req, res) => { const heatmap = await Canvas.getCachedHeatmap(); if (!heatmap) { return res.json({ success: false, error: "heatmap_not_generated" }); res.json({ success: false, error: "heatmap_not_generated" }); return; } res.json({ success: true, heatmap }); Loading @@ -272,7 +274,8 @@ app.get("/heatmap", async (req, res) => { app.get("/user/:sub", RateLimiter.HIGH, async (req, res) => { const user = await prisma.user.findFirst({ where: { sub: req.params.sub } }); if (!user) { return res.status(404).json({ success: false, error: "unknown_user" }); res.status(404).json({ success: false, error: "unknown_user" }); return; } res.json({ Loading
