iio/pingvin-share
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: iio:v0.2.0
Branches Tags
iio:main iio:i18n_crowdin iio:gh-pages iio:link-copy-modal
iio:v1.13.0 iio:1.12.1 iio:v1.12.0 iio:v1.11.1 iio:v1.11.0 iio:v1 iio:v1.10.4 iio:v1.10.3 iio:v1.10.2 iio:v1.10.1 iio:v1.10.0 iio:v1.9.1 iio:v1.9.0 iio:v1.8.2 iio:v1.8.1 iio:v1.8.0 iio:v1.7.2 iio:v1.7.1 iio:v1.7.0 iio:v1.6.1 iio:v1.6.0 iio:v1.5.0 iio:v1.4.0 iio:v1.3.0 iio:v1.2.4 iio:v1.2.3 iio:v1.2.2 iio:v1.2.1 iio:v1.2.0 iio:v1.1.3 iio:v1.1.2 iio:v1.1.1 iio:v1.1.0 iio:v1.0.4 iio:v1.0.3 iio:v1.0.2 iio:v1.0.1 iio:v1.0.0 iio:v0.29.0 iio:v0.28.0 iio:v0.27.0 iio:v0.26.0 iio:v0.25.0 iio:v0.24.2 iio:v0.24.1 iio:v0.24.0 iio:v0.23.1 iio:v0.23.0 iio:v0.22.2 iio:v0.22.1 iio:v0.22.0 iio:v0.21.5 iio:v0.21.4 iio:v0.21.3 iio:v0.21.2 iio:v0.21.1 iio:v0.21.0 iio:v0.20.3 iio:v0.20.2 iio:v0.20.1 iio:v0.20.0 iio:v0.19.2 iio:v0.19.1 iio:v0.19.0 iio:v0.18.2 iio:v0.18.1 iio:v0.18.0 iio:v0.17.5 iio:v0.17.4 iio:v0.17.3 iio:v0.17.2 iio:v0.17.1 iio:v0.17.0 iio:v0.16.1 iio:v0.16.0 iio:v0.15.0 iio:v0.14.1 iio:v0.14.0 iio:v0.13.1 iio:v0.13.0 iio:v0.12.1 iio:v0.12.0 iio:v0.11.1 iio:v0.11.0 iio:v0.10.2 iio:v0.10.1 iio:v0.10.0 iio:v0.9.0 iio:v0.8.0 iio:v0.7.0 iio:v0.6.1 iio:v0.6.0 iio:v0.5.1 iio:v0.5.0 iio:v0.4.0 iio:v0.3.6 iio:v0.3.5 iio:v0.3.4 iio:v0.3.3 iio:v0.3.2 iio:v0.3.1 iio:v0.3.0 iio:v0.2.0 iio:v0.1.1 iio:v0.1.0 iio:v0.0.1
...
compare: iio:v0.5.1
Branches Tags
iio:main iio:i18n_crowdin iio:gh-pages iio:link-copy-modal
iio:v1.13.0 iio:1.12.1 iio:v1.12.0 iio:v1.11.1 iio:v1.11.0 iio:v1 iio:v1.10.4 iio:v1.10.3 iio:v1.10.2 iio:v1.10.1 iio:v1.10.0 iio:v1.9.1 iio:v1.9.0 iio:v1.8.2 iio:v1.8.1 iio:v1.8.0 iio:v1.7.2 iio:v1.7.1 iio:v1.7.0 iio:v1.6.1 iio:v1.6.0 iio:v1.5.0 iio:v1.4.0 iio:v1.3.0 iio:v1.2.4 iio:v1.2.3 iio:v1.2.2 iio:v1.2.1 iio:v1.2.0 iio:v1.1.3 iio:v1.1.2 iio:v1.1.1 iio:v1.1.0 iio:v1.0.4 iio:v1.0.3 iio:v1.0.2 iio:v1.0.1 iio:v1.0.0 iio:v0.29.0 iio:v0.28.0 iio:v0.27.0 iio:v0.26.0 iio:v0.25.0 iio:v0.24.2 iio:v0.24.1 iio:v0.24.0 iio:v0.23.1 iio:v0.23.0 iio:v0.22.2 iio:v0.22.1 iio:v0.22.0 iio:v0.21.5 iio:v0.21.4 iio:v0.21.3 iio:v0.21.2 iio:v0.21.1 iio:v0.21.0 iio:v0.20.3 iio:v0.20.2 iio:v0.20.1 iio:v0.20.0 iio:v0.19.2 iio:v0.19.1 iio:v0.19.0 iio:v0.18.2 iio:v0.18.1 iio:v0.18.0 iio:v0.17.5 iio:v0.17.4 iio:v0.17.3 iio:v0.17.2 iio:v0.17.1 iio:v0.17.0 iio:v0.16.1 iio:v0.16.0 iio:v0.15.0 iio:v0.14.1 iio:v0.14.0 iio:v0.13.1 iio:v0.13.0 iio:v0.12.1 iio:v0.12.0 iio:v0.11.1 iio:v0.11.0 iio:v0.10.2 iio:v0.10.1 iio:v0.10.0 iio:v0.9.0 iio:v0.8.0 iio:v0.7.0 iio:v0.6.1 iio:v0.6.0 iio:v0.5.1 iio:v0.5.0 iio:v0.4.0 iio:v0.3.6 iio:v0.3.5 iio:v0.3.4 iio:v0.3.3 iio:v0.3.2 iio:v0.3.1 iio:v0.3.0 iio:v0.2.0 iio:v0.1.1 iio:v0.1.0 iio:v0.0.1

84 Commits
v0.2.0 ... v0.5.1

Author SHA1 Message Date
Elias Schneider
54f591cd60 release: 0.5.1 2023-01-04 16:02:54 +01:00
Elias Schneider
f836a0a3cd chore: add db migration 2023-01-04 15:58:15 +01:00
Elias Schneider
11174656e4 fix: email configuration updated without restart 2023-01-04 15:30:49 +01:00
Elias Schneider
faea1abcc4 feat: use cookies for authentication 2023-01-04 11:54:28 +01:00
Elias Schneider
71658ad39d feat: show version and show button if new release is available on admin page 2022-12-30 19:23:17 +01:00
Elias Schneider
167f0f8c7a chore: improve release scripts 2022-12-30 18:59:05 +01:00
Elias Schneider
85551dc3d3 release: 0.5.0 2022-12-30 14:41:23 +01:00
Elias Schneider
5bc4f902f6 feat: improve config UI (#69) 
* add first concept

* completed configuration ui update

* add button for testing email configuration

* improve mobile layout

* add migration

* run formatter

* delete unnecessary modal

* remove unused comment
 2022-12-30 14:40:23 +01:00
Elias Schneider
e5b50f855c fix: refresh token gets deleted on session end 2022-12-26 12:57:54 +01:00
Elias Schneider
b73144295b refactor: extract totp operations in seperate service 2022-12-26 12:43:36 +01:00
Elias Schneider
ef21bac59b feat: manually switch color scheme 2022-12-24 23:58:31 +01:00
Elias Schneider
cabaee588b feat: custom mail subject 2022-12-23 10:57:09 +01:00
Elias Schneider
aac363bb37 release: 0.4.0 2022-12-21 18:25:00 +01:00
Elias Schneider
af71317ec4 Merge remote-tracking branch 'origin/main' into main 2022-12-21 18:01:06 +01:00
Steve
16480f6e95 feat: TOTP (two-factor) Authentication (#55) 
* Working on some initial prototype stuff for TOTP

* Fixed a bug that prevented the change password menu from working

* Enable/disable totp working

* Added the new login procedure including TOTP! :)

* misc: Changed bad description for the TOTP_SECRET env var

* I forgot to include the migration for the new prisma stuff

* fix: refresh user context instead refreshing the page

* refactor: simplify totp error handling

* Removed U2F tab + format schema

* fix: tokens not saved in cookies

* refactor: deleted commented out code

* refactor: move password text to input description

* refactor: remove tabler icon package

Co-authored-by: Elias Schneider <login@eliasschneider.com>
Co-authored-by: Elias Schneider <58886915+stonith404@users.noreply.github.com>
 2022-12-21 17:58:37 +01:00
Elias Schneider
1a034a1966 refector: remove unnecessary content type header 2022-12-15 21:50:22 +01:00
Elias Schneider
0616a68bd2 feat: custom email message 2022-12-15 21:44:04 +01:00
Elias Schneider
bfb47ba6e8 release: 0.3.6 2022-12-13 18:45:52 +01:00
Elias Schneider
c1d87a1c29 test: improve tests for new feature 2022-12-13 18:44:17 +01:00
Elias Schneider
4c7e161217 chore: create prisma migration 2022-12-13 18:39:13 +01:00
Elias Schneider
844c47e129 fix: rerange accordion items 2022-12-13 09:57:48 +01:00
Elias Schneider
9b0c08d0cd fix: remove dot in email link 2022-12-13 09:06:18 +01:00
Elias Schneider
37fda220e9 Merge branch 'main' of https://github.com/stonith404/pingvin-share 2022-12-12 22:38:40 +01:00
Elias Schneider
3b7f5ddc52 Create close_inactive_issues.yml 2022-12-12 14:34:36 +01:00
Elias Schneider
8728fa5207 feat: add description field to share 2022-12-12 11:54:13 +01:00
Elias Schneider
c265129dcc Create SECURITY.md 2022-12-12 11:11:28 +01:00
Elias Schneider
78dd4a7e2a chore: add issue templates 2022-12-12 11:00:10 +01:00
Elias Schneider
3cad4dd487 docs: add synology nas installation by Marius 2022-12-11 12:38:58 +01:00
Elias Schneider
d1d3462056 release: 0.3.5 2022-12-11 12:23:46 +01:00
Elias Schneider
5b01108777 fix: zip doesn't contain file extension 2022-12-11 12:22:01 +01:00
Elias Schneider
3d1d4d0fc7 fix: only create zip if more than one file is in the share 2022-12-11 12:19:42 +01:00
Elias Schneider
7c0d62a429 Update FUNDING.yml 2022-12-10 23:26:57 +01:00
Elias Schneider
d010a8a2d3 feat: upload 3 files at same time 2022-12-10 23:16:10 +01:00
Elias Schneider
9798e26872 fix: setup wizard table doesn't take full width 2022-12-10 18:45:53 +01:00
Elias Schneider
0c10dc674f Merge pull request #37 from Neyxo/improvement-30-docker-image 
Improved docker image (size & speed)
 2022-12-10 18:33:45 +01:00
Elias Schneider
084e911eed fix: remove unnecessary port expose 2022-12-10 18:32:14 +01:00
Elias Schneider
797f8938ca fix: use node slim to fix arm builds 2022-12-10 18:31:39 +01:00
Elias Schneider
05cbb7b27e fix: jobs never get executed 2022-12-10 17:16:49 +01:00
Elias Schneider
905bab9c86 release: 0.3.4 2022-12-10 15:46:53 +01:00
Jean-Michel Carrel
8e38c5fed7 Improved docker image (size & speed) 2022-12-10 15:34:01 +01:00
Elias Schneider
7e877ce9f4 fix: show alternative to copy button if site is not using https 2022-12-10 13:16:23 +01:00
Elias Schneider
b1bfb09dfd fix: tables on mobile 2022-12-09 14:37:09 +01:00
Elias Schneider
c8a4521677 fix: sign up page available when registration is disabled 2022-12-09 12:05:43 +01:00
Elias Schneider
3c74cc14df release: 0.3.3 2022-12-08 23:22:59 +01:00
Elias Schneider
a165f8ec4d refactor: remove console log 2022-12-08 23:22:15 +01:00
Elias Schneider
d6a88f2a22 performance: reduce docker image size 2022-12-08 23:21:31 +01:00
Elias Schneider
b8172efd59 fix: allow empty strings in config variable 2022-12-08 23:21:16 +01:00
Elias Schneider
cbe37c6798 fix: obscured text length 2022-12-08 23:12:25 +01:00
Elias Schneider
a545c44426 fix: improve admin dashboard color and layout 2022-12-08 22:43:14 +01:00
Elias Schneider
08a2f60f72 chore: add migration for v0.3.3 2022-12-08 21:58:58 +01:00
Elias Schneider
907e56af0f fix: space character in email 2022-12-08 20:04:56 +01:00
Elias Schneider
888a0c5faf feat: add support for different email and user 2022-12-08 20:00:04 +01:00
Elias Schneider
bfb0d151ea fix: obscure critical config variables 2022-12-08 19:14:06 +01:00
Elias Schneider
1f63f22591 docs: add review to README 2022-12-08 17:30:12 +01:00
Elias Schneider
a2d5e0f72c test: fix system tests not await backend start 2022-12-07 13:44:02 +01:00
Elias Schneider
c0d0f6fa90 release: 0.3.2 2022-12-07 12:41:14 +01:00
Elias Schneider
4a016ed57d fix: unauthenticated dialog not shown 2022-12-06 11:05:04 +01:00
Elias Schneider
5ea63fb60b fix: use session storage for share token 2022-12-06 10:54:17 +01:00
Elias Schneider
57cb683c64 fix: make share password optional 2022-12-05 23:58:18 +01:00
Elias Schneider
783b8c2e91 release: 0.3.1 2022-12-05 22:09:53 +01:00
Elias Schneider
75f57a4e57 fix: dropzone rejection on chrome 2022-12-05 22:09:41 +01:00
Elias Schneider
eb142b75f7 ci/cd: remove .env step 2022-12-05 18:23:19 +01:00
Elias Schneider
90a3c69954 release: 0.3.0 2022-12-05 18:18:41 +01:00
Elias Schneider
50887b000d Merge pull request #27 from stonith404/feat/administrator-page 
Feat/administrator page
 2022-12-05 18:12:57 +01:00
Elias Schneider
e2527de976 refactor: remove type email 2022-12-05 18:09:18 +01:00
Elias Schneider
b5c7b04fcb chore: upgrade dependencies 2022-12-05 17:27:19 +01:00
Elias Schneider
38f493ac5a refactor: run formatter 2022-12-05 16:54:15 +01:00
Elias Schneider
0499548dd3 refactor: convert config variables to upper case 2022-12-05 16:53:52 +01:00
Elias Schneider
d4a0f1a4f1 fix: unable to update user privileges 2022-12-05 16:17:41 +01:00
Elias Schneider
c795b988df fix: share password validation 2022-12-05 16:04:10 +01:00
Elias Schneider
7a3967fd6f feat: add user management 2022-12-05 15:53:24 +01:00
Elias Schneider
31b3f6cb2f feat: add user operations to backend 2022-12-05 10:02:19 +01:00
Elias Schneider
e9526fc039 fix: database migration by adding a username 2022-12-02 23:00:24 +01:00
Elias Schneider
6b0b979414 docs: updated README for new version 2022-12-02 20:33:17 +01:00
Elias Schneider
176196bc35 refactor: remove providers and controllers from app module 2022-12-02 20:17:28 +01:00
Elias Schneider
e958a83b87 fix: docker build 2022-12-02 15:10:49 +01:00
Elias Schneider
63368557c1 refactor: remove .env variables 2022-12-02 14:45:42 +01:00
Elias Schneider
1dbfe0bbc9 fix: convert async function to sync function 2022-12-02 14:43:52 +01:00
Elias Schneider
b649d8bf8e feat: add job that deleted temporary files 2022-12-01 23:21:12 +01:00
Elias Schneider
b579b8f330 feat: add setup wizard 2022-12-01 23:07:49 +01:00
Elias Schneider
493705e4ef feat: add add new config strategy to frontend 2022-11-28 17:50:36 +01:00
Elias Schneider
1b5e53ff7e feat: add new config strategy to backend 2022-11-28 15:04:32 +01:00
Elias Schneider
13f98cc32c feat: add administrator guard 2022-11-14 17:03:45 +01:00
Elias Schneider
29b4a825d1 test: add email recepients to request body 2022-11-13 23:38:04 +01:00
114 changed files with 5811 additions and 1782 deletions
Expand all files Collapse all files

18
.env.example
View File

@@ -1,18 +0,0 @@
# Read what every environment variable does: https://github.com/stonith404/pingvin-share#environment-variables
# General
APP_URL=http://localhost:3000
SHOW_HOME_PAGE=true
ALLOW_REGISTRATION=true
ALLOW_UNAUTHENTICATED_SHARES=false
MAX_FILE_SIZE=1000000000
# Security
JWT_SECRET=long-random-string
# Email
EMAIL_RECIPIENTS_ENABLED=false
SMTP_HOST=smtp.example.com
SMTP_PORT=587
SMTP_EMAIL=pingvin-share@example.com
SMTP_PASSWORD=example

2
.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1,2 @@
# These are supported funding model platforms
github: stonith404

45
.github/ISSUE_TEMPLATE/bug.yml vendored Normal file
View File

@@ -0,0 +1,45 @@
name: "🐛 Bug Report"
description: "Submit a bug report to help us improve"
title: "🐛 Bug Report: "
labels: [bug]
body:
- type: markdown
attributes:
value: |
Thanks for taking the time to fill out our bug report form 🙏
- type: textarea
id: steps-to-reproduce
validations:
required: true
attributes:
label: "👟 Reproduction steps"
description: "How do you trigger this bug? Please walk us through it step by step."
placeholder: "When I ..."
- type: textarea
id: expected-behavior
validations:
required: true
attributes:
label: "👍 Expected behavior"
description: "What did you think would happen?"
placeholder: "It should ..."
- type: textarea
id: actual-behavior
validations:
required: true
attributes:
label: "👎 Actual Behavior"
description: "What did actually happen? Add screenshots, if applicable."
placeholder: "It actually ..."
- type: input
id: operating-system
attributes:
label: "🌐 Browser"
description: "Which browser do you use?"
placeholder: "Firefox"
validations:
required: true
- type: markdown
attributes:
value: |
Before submitting, please check if the issues hasn't been raised before.

29
.github/ISSUE_TEMPLATE/feature.yml vendored Normal file
View File

@@ -0,0 +1,29 @@
name: 🚀 Feature
description: "Submit a proposal for a new feature"
title: "🚀 Feature: "
labels: [feature]
body:
- type: markdown
attributes:
value: |
Thanks for taking the time to fill out our feature request form 🙏
- type: textarea
id: feature-description
validations:
required: true
attributes:
label: "🔖 Feature description"
description: "A clear and concise description of what the feature is."
placeholder: "You should add ..."
- type: textarea
id: pitch
validations:
required: true
attributes:
label: "🎤 Pitch"
description: "Please explain why this feature should be implemented and how it would be used. Add examples, if applicable."
placeholder: "In my use-case, ..."
- type: markdown
attributes:
value: |
Before submitting, please check if the issues hasn't been raised before.

3
.github/workflows/backend-system-tests.yml vendored
View File

@@ -17,9 +17,6 @@ jobs:
- name: Install Dependencies
working-directory: ./backend
run: npm install
- name: Create .env file
working-directory: ./backend
run: mv .env.example .env
- name: Run Server and Test with Newman
working-directory: ./backend
run: npm run test:system

22
.github/workflows/close_inactive_issues.yml vendored Normal file
View File

@@ -0,0 +1,22 @@
name: Close inactive issues
on:
schedule:
- cron: "00 00 * * *"
jobs:
close-issues:
runs-on: ubuntu-latest
permissions:
issues: write
pull-requests: write
steps:
- uses: actions/stale@v4
with:
days-before-issue-stale: 30
days-before-issue-close: 14
stale-issue-label: "stale"
stale-issue-message: "This issue is stale because it has been open for 30 days with no activity."
close-issue-message: "This issue was closed because it has been inactive for 14 days since being marked as stale."
days-before-pr-stale: -1
days-before-pr-close: -1
repo-token: ${{ secrets.GITHUB_TOKEN }}

128
CHANGELOG.md
View File

@@ -1,3 +1,131 @@
### [0.5.1](https://github.com/stonith404/pingvin-share/compare/v0.5.0...v0.5.1) (2023-01-04)
### Features
* show version and show button if new release is available on admin page ([71658ad](https://github.com/stonith404/pingvin-share/commit/71658ad39d7e3638de659e8230fad4e05f60fdd8))
* use cookies for authentication ([faea1ab](https://github.com/stonith404/pingvin-share/commit/faea1abcc4b533f391feaed427e211fef9166fe4))
### Bug Fixes
* email configuration updated without restart ([1117465](https://github.com/stonith404/pingvin-share/commit/11174656e425c4be60e4f7b1ea8463678e5c60d2))
## [0.5.0](https://github.com/stonith404/pingvin-share/compare/v0.4.0...v0.5.0) (2022-12-30)
### Features
* custom mail subject ([cabaee5](https://github.com/stonith404/pingvin-share/commit/cabaee588b50877872d210c870bfb9c95b541921))
* improve config UI ([#69](https://github.com/stonith404/pingvin-share/issues/69)) ([5bc4f90](https://github.com/stonith404/pingvin-share/commit/5bc4f902f6218a09423491404806a4b7fb865c98))
* manually switch color scheme ([ef21bac](https://github.com/stonith404/pingvin-share/commit/ef21bac59b11dc68649ab3b195dcb89d2b192e7b))
### Bug Fixes
* refresh token gets deleted on session end ([e5b50f8](https://github.com/stonith404/pingvin-share/commit/e5b50f855c02aa4b5c9ee873dd5a7ab25759972d))
## [0.4.0](https://github.com/stonith404/pingvin-share/compare/v0.3.6...v0.4.0) (2022-12-21)
### Features
* custom email message ([0616a68](https://github.com/stonith404/pingvin-share/commit/0616a68bd2e0c9cb559ebdf294e353dd3f69c9a5))
* TOTP (two-factor) Authentication ([#55](https://github.com/stonith404/pingvin-share/issues/55)) ([16480f6](https://github.com/stonith404/pingvin-share/commit/16480f6e9572011fadeb981a388b92cb646fa6d9))
### [0.3.6](https://github.com/stonith404/pingvin-share/compare/v0.3.5...v0.3.6) (2022-12-13)
### Features
* add description field to share ([8728fa5](https://github.com/stonith404/pingvin-share/commit/8728fa5207524e9aee26d68eafe1b6fff367d749))
### Bug Fixes
* remove dot in email link ([9b0c08d](https://github.com/stonith404/pingvin-share/commit/9b0c08d0cdeeeef217ccba57f593fea9d8858371))
* rerange accordion items ([844c47e](https://github.com/stonith404/pingvin-share/commit/844c47e1290fb0f7dedb41a18be59ed5ab83dabc))
### [0.3.5](https://github.com/stonith404/pingvin-share/compare/v0.3.4...v0.3.5) (2022-12-11)
### Features
* upload 3 files at same time ([d010a8a](https://github.com/stonith404/pingvin-share/commit/d010a8a2d366708b1bb5088e9c1e9f9378d3e023))
### Bug Fixes
* jobs never get executed ([05cbb7b](https://github.com/stonith404/pingvin-share/commit/05cbb7b27ef98a3a80dd9edc318f1dcc9a8bd442))
* only create zip if more than one file is in the share ([3d1d4d0](https://github.com/stonith404/pingvin-share/commit/3d1d4d0fc7c0351724387c3721280c334ae94d98))
* remove unnecessary port expose ([084e911](https://github.com/stonith404/pingvin-share/commit/084e911eed95eb22fea0bf185803ba32c3eda1a9))
* setup wizard table doesn't take full width ([9798e26](https://github.com/stonith404/pingvin-share/commit/9798e26872064edc1049138cf73479b1354a43ed))
* use node slim to fix arm builds ([797f893](https://github.com/stonith404/pingvin-share/commit/797f8938cac9cc3bb788f632d97eba5c49fe98a5))
* zip doesn't contain file extension ([5b01108](https://github.com/stonith404/pingvin-share/commit/5b0110877745f1fcde4952737a93c07ef4a2a92d))
### [0.3.4](https://github.com/stonith404/pingvin-share/compare/v0.3.3...v0.3.4) (2022-12-10)
### Bug Fixes
* show alternative to copy button if site is not using https ([7e877ce](https://github.com/stonith404/pingvin-share/commit/7e877ce9f4b82d61c9b238e17def9f4c29e7aeb8))
* sign up page available when registration is disabled ([c8a4521](https://github.com/stonith404/pingvin-share/commit/c8a4521677280d6aba89d293a1fe0c38adf9f92c))
* tables on mobile ([b1bfb09](https://github.com/stonith404/pingvin-share/commit/b1bfb09dfd5c90cc18847470a9ce1ce8397c1476))
### [0.3.3](https://github.com/stonith404/pingvin-share/compare/v0.3.2...v0.3.3) (2022-12-08)
### Features
* add support for different email and user ([888a0c5](https://github.com/stonith404/pingvin-share/commit/888a0c5fafc51b6872ed71e37d4b40c9bf6a07f1))
### Bug Fixes
* allow empty strings in config variable ([b8172ef](https://github.com/stonith404/pingvin-share/commit/b8172efd59fb3271ab9b818b13a7003342b2cebd))
* improve admin dashboard color and layout ([a545c44](https://github.com/stonith404/pingvin-share/commit/a545c444261c90105dcb165ebcf4b26634e729ca))
* obscure critical config variables ([bfb0d15](https://github.com/stonith404/pingvin-share/commit/bfb0d151ea2ba125e536a16b1873e143a67e9f64))
* obscured text length ([cbe37c6](https://github.com/stonith404/pingvin-share/commit/cbe37c679853ecef1522ed213e4cac5defd5b45a))
* space character in email ([907e56a](https://github.com/stonith404/pingvin-share/commit/907e56af0faccdbc8d7f5ab3418a4ad71ff849f5))
### [0.3.2](https://github.com/stonith404/pingvin-share/compare/v0.3.1...v0.3.2) (2022-12-07)
### Bug Fixes
* make share password optional ([57cb683](https://github.com/stonith404/pingvin-share/commit/57cb683c64eaedec2697ea6863948bd2ae68dd75))
* unauthenticated dialog not shown ([4a016ed](https://github.com/stonith404/pingvin-share/commit/4a016ed57db526ee900c567f7b7f0991f948c631))
* use session storage for share token ([5ea63fb](https://github.com/stonith404/pingvin-share/commit/5ea63fb60be0c508c38ba228cc8ac6dd7b403aac))
### [0.3.1](https://github.com/stonith404/pingvin-share/compare/v0.3.0...v0.3.1) (2022-12-05)
### Bug Fixes
* dropzone rejection on chrome ([75f57a4](https://github.com/stonith404/pingvin-share/commit/75f57a4e57fb13cc62e87428e8302b453ea6b44b))
## [0.3.0](https://github.com/stonith404/pingvin-share/compare/v0.2.0...v0.3.0) (2022-12-05)
### Features
* add add new config strategy to frontend ([493705e](https://github.com/stonith404/pingvin-share/commit/493705e4ef21cb638620b0037b9ff2cec8046c95))
* add administrator guard ([13f98cc](https://github.com/stonith404/pingvin-share/commit/13f98cc32c804c786c71b10dc4cf029d7795be76))
* add job that deleted temporary files ([b649d8b](https://github.com/stonith404/pingvin-share/commit/b649d8bf8e849aff3f350e3c5fd0151a063b9706))
* add new config strategy to backend ([1b5e53f](https://github.com/stonith404/pingvin-share/commit/1b5e53ff7ee00228eda6dc5c62d5cd8c3752b03b))
* add setup wizard ([b579b8f](https://github.com/stonith404/pingvin-share/commit/b579b8f3309e2d7070e6a82c5da76ab8029bee11))
* add user management ([7a3967f](https://github.com/stonith404/pingvin-share/commit/7a3967fd6f76a03461d05e962e82fe5130528ca5))
* add user operations to backend ([31b3f6c](https://github.com/stonith404/pingvin-share/commit/31b3f6cb2fc662623df92cdbaf803f1b98a696ae))
### Bug Fixes
* convert async function to sync function ([1dbfe0b](https://github.com/stonith404/pingvin-share/commit/1dbfe0bbc9821bbee02220484c87cf9fe12fd033))
* database migration by adding a username ([e9526fc](https://github.com/stonith404/pingvin-share/commit/e9526fc0390cc8ba70c824370041ea9aaf6f9ef9))
* docker build ([e958a83](https://github.com/stonith404/pingvin-share/commit/e958a83b87a452e42fb38c12d4b11d71b2323c2d))
* share password validation ([c795b98](https://github.com/stonith404/pingvin-share/commit/c795b988df437c85efb91e0f6f8ec782f38dbe3d))
* unable to update user privileges ([d4a0f1a](https://github.com/stonith404/pingvin-share/commit/d4a0f1a4f16b7980fb244a4e582ceeb9bfaff877))
## [0.2.0](https://github.com/stonith404/pingvin-share/compare/v0.1.1...v0.2.0) (2022-11-13)

16
CONTRIBUTING.md
View File

@@ -3,10 +3,11 @@
We would ❤️ for you to contribute to Pingvin Share and help make it better! All contributions are welcome, including issues, suggestions, pull requests and more.
## Getting started
You've found a bug, have suggestion or something else, just create an issue on GitHub and we can get in touch 😊.
## Submit a Pull Request
## Submit a Pull Request
Once you created a issue and you want to create a pull request, follow this guide.
Branch naming convention is as following
@@ -74,20 +75,21 @@ The backend is built with [Nest.js](https://nestjs.com) and uses Typescript.
#### Setup
1. Open the `backend` folder
2. Duplicate the `.env.example` file, rename the duplicate to `.env` and change the environment variables if needed
3. Install the dependencies with `npm install`
4. Push the database schema to the database by running `npx prisma db push`
2. Install the dependencies with `npm install`
3. Push the database schema to the database by running `npx prisma db push`
4. Seed the database with `npx prisma db seed`
5. Start the backend with `npm run dev`
### Frontend
The frontend is built with [Next.js](https://nextjs.org) and uses Typescript.
#### Setup
1. Start the backend first
2. Open the `frontend` folder
3. Duplicate the `.env.example` file, rename the duplicate to `.env` and change the environment variables if needed
4. Install the dependencies with `npm install`
5. Start the frontend with `npm run dev`
3. Install the dependencies with `npm install`
4. Start the frontend with `npm run dev`
You're all set!

45
Dockerfile
View File

@@ -1,34 +1,51 @@
FROM node:18-alpine AS frontend-builder
# Using node slim because prisma ORM needs libc for ARM builds
# Stage 1: on frontend dependency change
FROM node:18-slim AS frontend-dependencies
WORKDIR /opt/app
COPY frontend/package.json frontend/package-lock.json ./
RUN npm ci
# Stage 2: on frontend change
FROM node:18-slim AS frontend-builder
WORKDIR /opt/app
COPY ./frontend .
COPY --from=frontend-dependencies /opt/app/node_modules ./node_modules
RUN npm run build
FROM node:18 AS backend-builder
# Stage 3: on backend dependency change
FROM node:18-slim AS backend-dependencies
WORKDIR /opt/app
COPY backend/package.json backend/package-lock.json ./
RUN npm ci
COPY ./backend .
RUN npx prisma generate
RUN npm run build
FROM node:18 AS runner
WORKDIR /opt/app/frontend
# Stage 4:on backend change
FROM node:18-slim AS backend-builder
RUN apt-get update && apt-get install -y openssl
WORKDIR /opt/app
COPY ./backend .
COPY --from=backend-dependencies /opt/app/node_modules ./node_modules
RUN npx prisma generate
RUN npm run build && npm prune --production
# Stage 5: Final image
FROM node:18-slim AS runner
ENV NODE_ENV=production
COPY --from=frontend-builder /opt/app/next.config.js .
RUN apt-get update && apt-get install -y openssl
WORKDIR /opt/app/frontend
COPY --from=frontend-builder /opt/app/public ./public
COPY --from=frontend-builder /opt/app/.next ./.next
COPY --from=frontend-builder /opt/app/node_modules ./node_modules
# Automatically leverage output traces to reduce image size
# https://nextjs.org/docs/advanced-features/output-file-tracing
COPY --from=frontend-builder /opt/app/.next/standalone ./
COPY --from=frontend-builder /opt/app/.next/static ./.next/static
WORKDIR /opt/app/backend
COPY --from=backend-builder /opt/app/node_modules ./node_modules
COPY --from=backend-builder /opt/app/dist ./dist
COPY --from=backend-builder /opt/app/prisma ./prisma
COPY --from=backend-builder /opt/app/package.json ./
WORKDIR /opt/app
RUN npm i -g dotenv-cli
EXPOSE 3000
CMD cd frontend && dotenv node_modules/.bin/next start & cd backend && npm run prod
CMD node frontend/server.js & cd backend && npm run prod

39
README.md
View File

@@ -2,14 +2,9 @@
Pingvin Share is self-hosted file sharing platform and an alternative for WeTransfer.
## 🎪 Showcase
Demo: https://pingvin-share.dev.eliasschneider.com
<img src="https://user-images.githubusercontent.com/58886915/167101708-b85032ad-f5b1-480a-b8d7-ec0096ea2a43.png" width="700"/>
## ✨ Features
- Spin up your instance within 2 minutes
- Create a share with files that you can access with a link
- No file size limit, only your disk will be your limit
- Set a share expiration
@@ -17,35 +12,31 @@ Demo: https://pingvin-share.dev.eliasschneider.com
- Email recepients
- Light & dark mode
## 🐧 Get to know Pingvin Share
- [Demo](https://pingvin-share.dev.eliasschneider.com)
- [Review by DB Tech](https://www.youtube.com/watch?v=rWwNeZCOPJA)
<img src="https://user-images.githubusercontent.com/58886915/167101708-b85032ad-f5b1-480a-b8d7-ec0096ea2a43.png" width="700"/>
## ⌨️ Setup
> Pleas note that Pingvin Share is in early stage and could include some bugs
1. Download the `docker-compose.yml` and `.env.example` file.
2. Rename the `.env.example` file to `.env` and change the environment variables so that they fit to your environment. If you need help with the environment variables take a look [here](#environment-variables)
3. Run `docker-compose up -d`
### Recommended installation
1. Download the `docker-compose.yml` file
2. Run `docker-compose up -d`
The website is now listening available on `http://localhost:3000`, have fun with Pingvin Share 🐧!
### Environment variables
### Additional resources
| Variable | Description | Possible values |
| ------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- | --------------- |
| `APP_URL` | On which URL Pingvin Share is available. E.g http://localhost or https://pingvin-share.com. | URL |
| `SHOW_HOME_PAGE` | Whether the Pingvin Share home page should be shown. | true/false |
| `ALLOW_REGISTRATION` | Whether a new user can create a new account. | true/false |
| `ALLOW_UNAUTHENTICATED_SHARES` | Whether a user can create a share without being signed in. | true/false |
| `MAX_FILE_SIZE` | Maximum allowed size per file in bytes. | Number |
| `JWT_SECRET` | Long random string to sign the JWT's. | Random string |
| `EMAIL_RECIPIENTS_ENABLED` | Whether email reciepients are enabled. Only set this to true if you entered the host, port, email and password of your SMTP server. | true/false |
| `SMTP_HOST`, `SMTP_PORT`, `SMTP_EMAIL`, `SMTP_PASSWORD` | Credentials for your SMTP server. | - |
- [Synology NAS installation](https://mariushosting.com/how-to-install-pingvin-share-on-your-synology-nas/)
### Upgrade to a new version
1. Check if your local `docker-compose.yml` and `.env` files are up to date with the files in the repository
2. Run `docker compose pull && docker compose up -d` to update your docker container
> Note: If you installed Pingvin Share before it used Sqlite, you unfortunately have to set up the project from scratch again, sorry for that.
Run `docker compose pull && docker compose up -d` to update your docker container
## 🖤 Contribute

7
SECURITY.md Normal file
View File

@@ -0,0 +1,7 @@
# Security Policy
## Supported Versions
As Pingvin Share is in beta, older versions don't get security updates. Please consider to update Pingvin Share regularly. Updates can be automated with e.g [Watchtower](https://github.com/containrrr/watchtower).
## Reporting a Vulnerability
Thank you for taking the time to report a vulnerability. Please DO NOT create an issue on GitHub because the vulnerability could get exploited. Instead please write an email to [elias@eliasschneider.com](mailto:elias@eliasschneider.com).

15
backend/.env.example
View File

@@ -1,15 +0,0 @@
# General
APP_URL=http://localhost:3000
ALLOW_REGISTRATION=true
MAX_FILE_SIZE=5000000000
ALLOW_UNAUTHENTICATED_SHARES=false
# Security
JWT_SECRET=random-string
# Email
EMAIL_RECIPIENTS_ENABLED=false
SMTP_HOST=smtp.example.com
SMTP_PORT=587
SMTP_EMAIL=pingvin-share@example.com
SMTP_PASSWORD=example

1225
backend/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

60
backend/package.json
View File

@@ -1,68 +1,76 @@
{
"name": "pingvin-share-backend",
"version": "0.0.1",
"version": "0.5.1",
"scripts": {
"build": "nest build",
"dev": "dotenv -- nest start --watch",
"prod": "npx prisma migrate deploy && dotenv node dist/main",
"dev": "nest start --watch",
"prod": "prisma migrate deploy && prisma db seed && node dist/src/main",
"lint": "eslint 'src/**/*.ts'",
"format": "prettier --write 'src/**/*.ts'",
"test:system": "npx prisma migrate reset -f && nest start & sleep 10 && newman run ./test/system/newman-system-tests.json"
"test:system": "prisma migrate reset -f && nest start & wait-on http://localhost:8080/api/configs && newman run ./test/system/newman-system-tests.json"
},
"prisma": {
"seed": "ts-node prisma/seed/config.seed.ts"
},
"dependencies": {
"@nestjs/common": "^9.1.2",
"@nestjs/common": "^9.2.1",
"@nestjs/config": "^2.2.0",
"@nestjs/core": "^9.1.2",
"@nestjs/core": "^9.2.1",
"@nestjs/jwt": "^9.0.0",
"@nestjs/mapped-types": "^1.2.0",
"@nestjs/passport": "^9.0.0",
"@nestjs/platform-express": "^9.1.2",
"@nestjs/platform-express": "^9.2.1",
"@nestjs/schedule": "^2.1.0",
"@nestjs/swagger": "^6.1.2",
"@nestjs/throttler": "^3.1.0",
"@prisma/client": "^4.7.1",
"archiver": "^5.3.1",
"argon2": "^0.29.1",
"argon2": "^0.30.2",
"class-transformer": "^0.5.1",
"class-validator": "^0.13.2",
"content-disposition": "^0.5.4",
"cookie-parser": "^1.4.6",
"mime-types": "^2.1.35",
"moment": "^2.29.4",
"multer": "^1.4.5-lts.1",
"nodemailer": "^6.8.0",
"otplib": "^12.0.1",
"passport": "^0.6.0",
"passport-jwt": "^4.0.0",
"passport-local": "^1.0.0",
"qrcode-svg": "^1.1.0",
"reflect-metadata": "^0.1.13",
"rimraf": "^3.0.2",
"rxjs": "^7.5.7"
"rxjs": "^7.6.0",
"ts-node": "^10.9.1"
},
"devDependencies": {
"@nestjs/cli": "^9.1.4",
"@nestjs/cli": "^9.1.5",
"@nestjs/schematics": "^9.0.3",
"@nestjs/testing": "^9.1.2",
"@prisma/client": "^4.4.0",
"@nestjs/testing": "^9.2.1",
"@types/archiver": "^5.3.1",
"@types/cookie-parser": "^1.4.3",
"@types/cron": "^2.0.0",
"@types/express": "^4.17.14",
"@types/mime-types": "^2.1.1",
"@types/multer": "^1.4.7",
"@types/node": "^18.7.23",
"@types/node": "^18.11.10",
"@types/nodemailer": "^6.4.6",
"@types/passport-jwt": "^3.0.7",
"@types/qrcode-svg": "^1.1.1",
"@types/supertest": "^2.0.12",
"@typescript-eslint/eslint-plugin": "^5.40.0",
"@typescript-eslint/parser": "^5.40.0",
"@typescript-eslint/eslint-plugin": "^5.45.0",
"@typescript-eslint/parser": "^5.45.0",
"cross-env": "^7.0.3",
"dotenv-cli": "^6.0.0",
"eslint": "^8.25.0",
"eslint-config-prettier": "^8.3.0",
"eslint-plugin-prettier": "^4.0.0",
"eslint": "^8.29.0",
"eslint-config-prettier": "^8.5.0",
"eslint-plugin-prettier": "^4.2.1",
"newman": "^5.3.2",
"prettier": "^2.7.1",
"prisma": "^4.4.0",
"prettier": "^2.8.0",
"prisma": "^4.7.1",
"source-map-support": "^0.5.21",
"ts-loader": "^9.4.1",
"ts-node": "^10.9.1",
"tsconfig-paths": "4.1.0",
"typescript": "^4.8.4"
"ts-loader": "^9.4.2",
"tsconfig-paths": "4.1.1",
"typescript": "^4.9.3",
"wait-on": "^6.0.1"
}
}

37
backend/prisma/migrations/20221201220540_config_and_admin_functionalities/migration.sql Normal file
View File

@@ -0,0 +1,37 @@
/*
Warnings:
- You are about to drop the column `firstName` on the `User` table. All the data in the column will be lost.
- You are about to drop the column `lastName` on the `User` table. All the data in the column will be lost.
- Added the required column `username` to the `User` table without a default value. This is not possible if the table is not empty.
*/
-- CreateTable
CREATE TABLE "Config" (
"updatedAt" DATETIME NOT NULL,
"key" TEXT NOT NULL PRIMARY KEY,
"type" TEXT NOT NULL,
"value" TEXT NOT NULL,
"description" TEXT NOT NULL,
"secret" BOOLEAN NOT NULL DEFAULT true,
"locked" BOOLEAN NOT NULL DEFAULT false
);
-- RedefineTables
PRAGMA foreign_keys=OFF;
CREATE TABLE "new_User" (
"id" TEXT NOT NULL PRIMARY KEY,
"createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" DATETIME NOT NULL,
"username" TEXT NOT NULL,
"email" TEXT NOT NULL,
"password" TEXT NOT NULL,
"isAdmin" BOOLEAN NOT NULL DEFAULT false
);
INSERT INTO "new_User" ("createdAt", "email", "id", "password", "updatedAt", "username") SELECT "createdAt", "email", "id", "password", "updatedAt", 'user-' || User.id as "username" FROM "User";
DROP TABLE "User";
ALTER TABLE "new_User" RENAME TO "User";
CREATE UNIQUE INDEX "User_username_key" ON "User"("username");
CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
PRAGMA foreign_key_check;
PRAGMA foreign_keys=ON;

17
backend/prisma/migrations/20221208191607_v0_3_3/migration.sql Normal file
View File

@@ -0,0 +1,17 @@
-- RedefineTables
PRAGMA foreign_keys=OFF;
CREATE TABLE "new_Config" (
"updatedAt" DATETIME NOT NULL,
"key" TEXT NOT NULL PRIMARY KEY,
"type" TEXT NOT NULL,
"value" TEXT NOT NULL,
"description" TEXT NOT NULL,
"obscured" BOOLEAN NOT NULL DEFAULT false,
"secret" BOOLEAN NOT NULL DEFAULT true,
"locked" BOOLEAN NOT NULL DEFAULT false
);
INSERT INTO "new_Config" ("description", "key", "locked", "secret", "type", "updatedAt", "value") SELECT "description", "key", "locked", "secret", "type", "updatedAt", "value" FROM "Config";
DROP TABLE "Config";
ALTER TABLE "new_Config" RENAME TO "Config";
PRAGMA foreign_key_check;
PRAGMA foreign_keys=ON;

2
backend/prisma/migrations/20221213173854_v0_3_6/migration.sql Normal file
View File

@@ -0,0 +1,2 @@
-- AlterTable
ALTER TABLE "Share" ADD COLUMN "description" TEXT;

31
backend/prisma/migrations/20221219061131_user_entity/migration.sql Normal file
View File

@@ -0,0 +1,31 @@
-- CreateTable
CREATE TABLE "LoginToken" (
"token" TEXT NOT NULL PRIMARY KEY,
"createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
"expiresAt" DATETIME NOT NULL,
"userId" TEXT NOT NULL,
"used" BOOLEAN NOT NULL DEFAULT false,
CONSTRAINT "LoginToken_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE CASCADE ON UPDATE CASCADE
);
-- RedefineTables
PRAGMA foreign_keys=OFF;
CREATE TABLE "new_User" (
"id" TEXT NOT NULL PRIMARY KEY,
"createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" DATETIME NOT NULL,
"username" TEXT NOT NULL,
"email" TEXT NOT NULL,
"password" TEXT NOT NULL,
"isAdmin" BOOLEAN NOT NULL DEFAULT false,
"totpEnabled" BOOLEAN NOT NULL DEFAULT false,
"totpVerified" BOOLEAN NOT NULL DEFAULT false,
"totpSecret" TEXT
);
INSERT INTO "new_User" ("createdAt", "email", "id", "isAdmin", "password", "updatedAt", "username") SELECT "createdAt", "email", "id", "isAdmin", "password", "updatedAt", "username" FROM "User";
DROP TABLE "User";
ALTER TABLE "new_User" RENAME TO "User";
CREATE UNIQUE INDEX "User_username_key" ON "User"("username");
CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
PRAGMA foreign_key_check;
PRAGMA foreign_keys=ON;

56
backend/prisma/migrations/20221230120407_category_attribute_config/migration.sql Normal file
View File

@@ -0,0 +1,56 @@
/*
Warnings:
- Added the required column `category` to the `Config` table without a default value. This is not possible if the table is not empty.
*/
-- RedefineTables
PRAGMA foreign_keys=OFF;
CREATE TABLE "new_Config" (
"updatedAt" DATETIME NOT NULL,
"key" TEXT NOT NULL PRIMARY KEY,
"type" TEXT NOT NULL,
"value" TEXT NOT NULL,
"description" TEXT NOT NULL,
"category" TEXT,
"obscured" BOOLEAN NOT NULL DEFAULT false,
"secret" BOOLEAN NOT NULL DEFAULT true,
"locked" BOOLEAN NOT NULL DEFAULT false
);
INSERT INTO "new_Config" ("description", "key", "locked", "obscured", "secret", "type", "updatedAt", "value") SELECT "description", "key", "locked", "obscured", "secret", "type", "updatedAt", "value" FROM "Config";
DROP TABLE "Config";
ALTER TABLE "new_Config" RENAME TO "Config";
UPDATE config SET category = "internal" WHERE key = "SETUP_FINISHED";
UPDATE config SET category = "internal" WHERE key = "TOTP_SECRET";
UPDATE config SET category = "internal" WHERE key = "JWT_SECRET";
UPDATE config SET category = "general" WHERE key = "APP_URL";
UPDATE config SET category = "general" WHERE key = "SHOW_HOME_PAGE";
UPDATE config SET category = "share" WHERE key = "ALLOW_REGISTRATION";
UPDATE config SET category = "share" WHERE key = "ALLOW_UNAUTHENTICATED_SHARES";
UPDATE config SET category = "share" WHERE key = "MAX_FILE_SIZE";
UPDATE config SET category = "email" WHERE key = "ENABLE_EMAIL_RECIPIENTS";
UPDATE config SET category = "email" WHERE key = "EMAIL_MESSAGE";
UPDATE config SET category = "email" WHERE key = "EMAIL_SUBJECT";
UPDATE config SET category = "email" WHERE key = "SMTP_HOST";
UPDATE config SET category = "email" WHERE key = "SMTP_PORT";
UPDATE config SET category = "email" WHERE key = "SMTP_EMAIL";
UPDATE config SET category = "email" WHERE key = "SMTP_USERNAME";
UPDATE config SET category = "email" WHERE key = "SMTP_PASSWORD";
CREATE TABLE "new_Config" (
"updatedAt" DATETIME NOT NULL,
"key" TEXT NOT NULL PRIMARY KEY,
"type" TEXT NOT NULL,
"value" TEXT NOT NULL,
"description" TEXT NOT NULL,
"category" TEXT NOT NULL,
"obscured" BOOLEAN NOT NULL DEFAULT false,
"secret" BOOLEAN NOT NULL DEFAULT true,
"locked" BOOLEAN NOT NULL DEFAULT false
);
INSERT INTO "new_Config" ("description", "key", "locked", "obscured", "secret", "type", "updatedAt", "value", "category") SELECT "description", "key", "locked", "obscured", "secret", "type", "updatedAt", "value", "category" FROM "Config";
DROP TABLE "Config";
ALTER TABLE "new_Config" RENAME TO "Config";
PRAGMA foreign_key_check;
PRAGMA foreign_keys=ON;

23
backend/prisma/migrations/20230104145733_v0_5_1/migration.sql Normal file
View File

@@ -0,0 +1,23 @@
/*
Warnings:
- The primary key for the `RefreshToken` table will be changed. If it partially fails, the table could be left without primary key constraint.
- The required column `id` was added to the `RefreshToken` table with a prisma-level default value. This is not possible if the table is not empty. Please add this column as optional, then populate it before making it required.
*/
-- RedefineTables
PRAGMA foreign_keys=OFF;
CREATE TABLE "new_RefreshToken" (
"id" TEXT NOT NULL PRIMARY KEY,
"token" TEXT NOT NULL,
"createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
"expiresAt" DATETIME NOT NULL,
"userId" TEXT NOT NULL,
CONSTRAINT "RefreshToken_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE CASCADE ON UPDATE CASCADE
);
INSERT INTO "new_RefreshToken" ("createdAt", "expiresAt", "token", "userId") SELECT "createdAt", "expiresAt", "token", "userId" FROM "RefreshToken";
DROP TABLE "RefreshToken";
ALTER TABLE "new_RefreshToken" RENAME TO "RefreshToken";
CREATE UNIQUE INDEX "RefreshToken_token_key" ON "RefreshToken"("token");
PRAGMA foreign_key_check;
PRAGMA foreign_keys=ON;

41
backend/prisma/schema.prisma
View File

@@ -12,17 +12,23 @@ model User {
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
email String @unique
password String
firstName String?
lastName String?
username String @unique
email String @unique
password String
isAdmin Boolean @default(false)
shares Share[]
refreshTokens RefreshToken[]
loginTokens LoginToken[]
totpEnabled Boolean @default(false)
totpVerified Boolean @default(false)
totpSecret String?
}
model RefreshToken {
token String @id @default(uuid())
id String @id @default(uuid())
token String @unique @default(uuid())
createdAt DateTime @default(now())
expiresAt DateTime
@@ -31,6 +37,17 @@ model RefreshToken {
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
}
model LoginToken {
token String @id @default(uuid())
createdAt DateTime @default(now())
expiresAt DateTime
userId String
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
used Boolean @default(false)
}
model Share {
id String @id @default(uuid())
createdAt DateTime @default(now())
@@ -39,6 +56,7 @@ model Share {
isZipReady Boolean @default(false)
views Int @default(0)
expiration DateTime
description String?
creatorId String?
creator User? @relation(fields: [creatorId], references: [id], onDelete: Cascade)
@@ -76,3 +94,16 @@ model ShareSecurity {
shareId String? @unique
share Share? @relation(fields: [shareId], references: [id], onDelete: Cascade)
}
model Config {
updatedAt DateTime @updatedAt
key String @id
type String
value String
description String
category String
obscured Boolean @default(false)
secret Boolean @default(true)
locked Boolean @default(false)
}

188
backend/prisma/seed/config.seed.ts Normal file
View File

@@ -0,0 +1,188 @@
import { Prisma, PrismaClient } from "@prisma/client";
import * as crypto from "crypto";
const configVariables: Prisma.ConfigCreateInput[] = [
{
key: "SETUP_FINISHED",
description: "Whether the setup has been finished",
type: "boolean",
value: "false",
category: "internal",
secret: false,
locked: true,
},
{
key: "APP_URL",
description: "On which URL Pingvin Share is available",
type: "string",
value: "http://localhost:3000",
category: "general",
secret: false,
},
{
key: "SHOW_HOME_PAGE",
description: "Whether to show the home page",
type: "boolean",
value: "true",
category: "general",
secret: false,
},
{
key: "ALLOW_REGISTRATION",
description: "Whether registration is allowed",
type: "boolean",
value: "true",
category: "share",
secret: false,
},
{
key: "ALLOW_UNAUTHENTICATED_SHARES",
description: "Whether unauthorized users can create shares",
type: "boolean",
value: "false",
category: "share",
secret: false,
},
{
key: "MAX_FILE_SIZE",
description: "Maximum file size in bytes",
type: "number",
value: "1000000000",
category: "share",
secret: false,
},
{
key: "JWT_SECRET",
description: "Long random string used to sign JWT tokens",
type: "string",
value: crypto.randomBytes(256).toString("base64"),
category: "internal",
locked: true,
},
{
key: "TOTP_SECRET",
description: "A 16 byte random string used to generate TOTP secrets",
type: "string",
value: crypto.randomBytes(16).toString("base64"),
category: "internal",
locked: true,
},
{
key: "ENABLE_EMAIL_RECIPIENTS",
description:
"Whether to send emails to recipients. Only set this to true if you entered the host, port, email, user and password of your SMTP server.",
type: "boolean",
value: "false",
category: "email",
secret: false,
},
{
key: "EMAIL_MESSAGE",
description:
"Message which gets sent to the recipients. {creator} and {shareUrl} will be replaced with the creator's name and the share URL.",
type: "text",
value:
"Hey!\n{creator} shared some files with you. View or download the files with this link: {shareUrl}\nShared securely with Pingvin Share 🐧",
category: "email",
},
{
key: "EMAIL_SUBJECT",
description: "Subject of the email which gets sent to the recipients.",
type: "string",
value: "Files shared with you",
category: "email",
},
{
key: "SMTP_HOST",
description: "Host of the SMTP server",
type: "string",
value: "",
category: "email",
},
{
key: "SMTP_PORT",
description: "Port of the SMTP server",
type: "number",
value: "0",
category: "email",
},
{
key: "SMTP_EMAIL",
description: "Email address which the emails get sent from",
type: "string",
value: "",
category: "email",
},
{
key: "SMTP_USERNAME",
description: "Username of the SMTP server",
type: "string",
value: "",
category: "email",
},
{
key: "SMTP_PASSWORD",
description: "Password of the SMTP server",
type: "string",
value: "",
obscured: true,
category: "email",
},
];
const prisma = new PrismaClient();
async function main() {
for (const variable of configVariables) {
const existingConfigVariable = await prisma.config.findUnique({
where: { key: variable.key },
});
// Create a new config variable if it doesn't exist
if (!existingConfigVariable) {
await prisma.config.create({
data: variable,
});
}
}
const configVariablesFromDatabase = await prisma.config.findMany();
// Delete the config variable if it doesn't exist anymore
for (const configVariableFromDatabase of configVariablesFromDatabase) {
const configVariable = configVariables.find(
(v) => v.key == configVariableFromDatabase.key
);
if (!configVariable) {
await prisma.config.delete({
where: { key: configVariableFromDatabase.key },
});
// Update the config variable if the metadata changed
} else if (
JSON.stringify({
...configVariable,
key: configVariableFromDatabase.key,
value: configVariableFromDatabase.value,
}) != JSON.stringify(configVariableFromDatabase)
) {
await prisma.config.update({
where: { key: configVariableFromDatabase.key },
data: {
...configVariable,
key: configVariableFromDatabase.key,
value: configVariableFromDatabase.value,
},
});
}
}
}
main()
.then(async () => {
await prisma.$disconnect();
})
.catch(async (e) => {
console.error(e);
await prisma.$disconnect();
process.exit(1);
});

51
backend/src/app.module.ts
View File

@@ -1,19 +1,19 @@
import { Module } from "@nestjs/common";
import { ConfigModule } from "@nestjs/config";
import { HttpException, HttpStatus, Module } from "@nestjs/common";
import { ScheduleModule } from "@nestjs/schedule";
import { AuthModule } from "./auth/auth.module";
import { JobsService } from "./jobs/jobs.service";
import { APP_GUARD } from "@nestjs/core";
import { ThrottlerGuard, ThrottlerModule } from "@nestjs/throttler";
import { FileController } from "./file/file.controller";
import { MulterModule } from "@nestjs/platform-express";
import { ThrottlerModule } from "@nestjs/throttler";
import { Request } from "express";
import { ConfigModule } from "./config/config.module";
import { ConfigService } from "./config/config.service";
import { EmailModule } from "./email/email.module";
import { FileModule } from "./file/file.module";
import { PrismaModule } from "./prisma/prisma.module";
import { PrismaService } from "./prisma/prisma.service";
import { ShareController } from "./share/share.controller";
import { ShareModule } from "./share/share.module";
import { UserController } from "./user/user.controller";
import { EmailModule } from "./email/email.module";
import { UserModule } from "./user/user.module";
import { JobsModule } from "./jobs/jobs.module";
@Module({
imports: [
@@ -22,21 +22,32 @@ import { EmailModule } from "./email/email.module";
FileModule,
EmailModule,
PrismaModule,
ConfigModule.forRoot({ isGlobal: true }),
ConfigModule,
JobsModule,
UserModule,
MulterModule.registerAsync({
useFactory: (config: ConfigService) => ({
fileFilter: (req: Request, file, cb) => {
const MAX_FILE_SIZE = config.get("MAX_FILE_SIZE");
const requestFileSize = parseInt(req.headers["content-length"]);
const isValidFileSize = requestFileSize <= MAX_FILE_SIZE;
cb(
!isValidFileSize &&
new HttpException(
`File must be smaller than ${MAX_FILE_SIZE} bytes`,
HttpStatus.PAYLOAD_TOO_LARGE
),
isValidFileSize
);
},
}),
inject: [ConfigService],
}),
ThrottlerModule.forRoot({
ttl: 60,
limit: 100,
}),
ScheduleModule.forRoot(),
],
providers: [
PrismaService,
JobsService,
{
provide: APP_GUARD,
useClass: ThrottlerGuard,
},
],
controllers: [UserController, ShareController, FileController],
})
export class AppModule {}

134
backend/src/auth/auth.controller.ts
View File

@@ -3,43 +3,159 @@ import {
Controller,
ForbiddenException,
HttpCode,
Patch,
Post,
Req,
Res,
UnauthorizedException,
UseGuards,
} from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { Throttle } from "@nestjs/throttler";
import { User } from "@prisma/client";
import { Request, Response } from "express";
import { ConfigService } from "src/config/config.service";
import { AuthService } from "./auth.service";
import { AuthTotpService } from "./authTotp.service";
import { GetUser } from "./decorator/getUser.decorator";
import { AuthRegisterDTO } from "./dto/authRegister.dto";
import { AuthSignInDTO } from "./dto/authSignIn.dto";
import { RefreshAccessTokenDTO } from "./dto/refreshAccessToken.dto";
import { AuthSignInTotpDTO } from "./dto/authSignInTotp.dto";
import { EnableTotpDTO } from "./dto/enableTotp.dto";
import { UpdatePasswordDTO } from "./dto/updatePassword.dto";
import { VerifyTotpDTO } from "./dto/verifyTotp.dto";
import { JwtGuard } from "./guard/jwt.guard";
@Controller("auth")
export class AuthController {
constructor(
private authService: AuthService,
private authTotpService: AuthTotpService,
private config: ConfigService
) {}
@Throttle(10, 5 * 60)
@Post("signUp")
signUp(@Body() dto: AuthRegisterDTO) {
if (this.config.get("ALLOW_REGISTRATION") == "false")
async signUp(
@Body() dto: AuthRegisterDTO,
@Res({ passthrough: true }) response: Response
) {
if (!this.config.get("ALLOW_REGISTRATION"))
throw new ForbiddenException("Registration is not allowed");
return this.authService.signUp(dto);
const result = await this.authService.signUp(dto);
response = this.addTokensToResponse(
response,
result.accessToken,
result.refreshToken
);
return result;
}
@Throttle(10, 5 * 60)
@Post("signIn")
@HttpCode(200)
signIn(@Body() dto: AuthSignInDTO) {
return this.authService.signIn(dto);
async signIn(
@Body() dto: AuthSignInDTO,
@Res({ passthrough: true }) response: Response
) {
const result = await this.authService.signIn(dto);
if (result.accessToken && result.refreshToken) {
response = this.addTokensToResponse(
response,
result.accessToken,
result.refreshToken
);
}
return result;
}
@Throttle(10, 5 * 60)
@Post("signIn/totp")
@HttpCode(200)
async signInTotp(
@Body() dto: AuthSignInTotpDTO,
@Res({ passthrough: true }) response: Response
) {
const result = await this.authTotpService.signInTotp(dto);
response = this.addTokensToResponse(
response,
result.accessToken,
result.refreshToken
);
return result;
}
@Patch("password")
@UseGuards(JwtGuard)
async updatePassword(@GetUser() user: User, @Body() dto: UpdatePasswordDTO) {
await this.authService.updatePassword(user, dto.oldPassword, dto.password);
}
@Post("token")
@HttpCode(200)
async refreshAccessToken(@Body() body: RefreshAccessTokenDTO) {
async refreshAccessToken(
@Req() request: Request,
@Res({ passthrough: true }) response: Response
) {
if (!request.cookies.refresh_token) throw new UnauthorizedException();
const accessToken = await this.authService.refreshAccessToken(
body.refreshToken
request.cookies.refresh_token
);
response.cookie("access_token", accessToken, { httpOnly: true });
return { accessToken };
}
@Post("signOut")
async signOut(
@Req() request: Request,
@Res({ passthrough: true }) response: Response
) {
await this.authService.signOut(request.cookies.access_token);
response.cookie("access_token", "accessToken", { maxAge: -1 });
response.cookie("refresh_token", "", {
path: "/api/auth/token",
httpOnly: true,
maxAge: -1,
});
}
@Post("totp/enable")
@UseGuards(JwtGuard)
async enableTotp(@GetUser() user: User, @Body() body: EnableTotpDTO) {
return this.authTotpService.enableTotp(user, body.password);
}
@Post("totp/verify")
@UseGuards(JwtGuard)
async verifyTotp(@GetUser() user: User, @Body() body: VerifyTotpDTO) {
return this.authTotpService.verifyTotp(user, body.password, body.code);
}
@Post("totp/disable")
@UseGuards(JwtGuard)
async disableTotp(@GetUser() user: User, @Body() body: VerifyTotpDTO) {
// Note: We use VerifyTotpDTO here because it has both fields we need: password and totp code
return this.authTotpService.disableTotp(user, body.password, body.code);
}
private addTokensToResponse(
response: Response,
accessToken: string,
refreshToken: string
) {
response.cookie("access_token", accessToken);
response.cookie("refresh_token", refreshToken, {
path: "/api/auth/token",
httpOnly: true,
maxAge: 60 * 60 * 24 * 30 * 3,
});
return response;
}
}

3
backend/src/auth/auth.module.ts
View File

@@ -2,12 +2,13 @@ import { Module } from "@nestjs/common";
import { JwtModule } from "@nestjs/jwt";
import { AuthController } from "./auth.controller";
import { AuthService } from "./auth.service";
import { AuthTotpService } from "./authTotp.service";
import { JwtStrategy } from "./strategy/jwt.strategy";
@Module({
imports: [JwtModule.register({})],
controllers: [AuthController],
providers: [AuthService, JwtStrategy],
providers: [AuthService, AuthTotpService, JwtStrategy],
exports: [AuthService],
})
export class AuthModule {}

81
backend/src/auth/auth.service.ts
View File

@@ -1,14 +1,15 @@
import {
BadRequestException,
ForbiddenException,
Injectable,
UnauthorizedException,
} from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { JwtService } from "@nestjs/jwt";
import { User } from "@prisma/client";
import { PrismaClientKnownRequestError } from "@prisma/client/runtime";
import * as argon from "argon2";
import * as moment from "moment";
import { ConfigService } from "src/config/config.service";
import { PrismaService } from "src/prisma/prisma.service";
import { AuthRegisterDTO } from "./dto/authRegister.dto";
import { AuthSignInDTO } from "./dto/authSignIn.dto";
@@ -27,44 +28,77 @@ export class AuthService {
const user = await this.prisma.user.create({
data: {
email: dto.email,
username: dto.username,
password: hash,
isAdmin: !this.config.get("SETUP_FINISHED"),
},
});
const accessToken = await this.createAccessToken(user);
const refreshToken = await this.createRefreshToken(user.id);
const { refreshToken, refreshTokenId } = await this.createRefreshToken(
user.id
);
const accessToken = await this.createAccessToken(user, refreshTokenId);
return { accessToken, refreshToken };
} catch (e) {
if (e instanceof PrismaClientKnownRequestError) {
if (e.code == "P2002") {
throw new BadRequestException("Credentials taken");
const duplicatedField: string = e.meta.target[0];
throw new BadRequestException(
`A user with this ${duplicatedField} already exists`
);
}
}
}
}
async signIn(dto: AuthSignInDTO) {
const user = await this.prisma.user.findUnique({
if (!dto.email && !dto.username)
throw new BadRequestException("Email or username is required");
const user = await this.prisma.user.findFirst({
where: {
email: dto.email,
OR: [{ email: dto.email }, { username: dto.username }],
},
});
if (!user || !(await argon.verify(user.password, dto.password)))
throw new UnauthorizedException("Wrong email or password");
const accessToken = await this.createAccessToken(user);
const refreshToken = await this.createRefreshToken(user.id);
// TODO: Make all old loginTokens invalid when a new one is created
// Check if the user has TOTP enabled
if (user.totpVerified) {
const loginToken = await this.createLoginToken(user.id);
return { loginToken };
}
const { refreshToken, refreshTokenId } = await this.createRefreshToken(
user.id
);
const accessToken = await this.createAccessToken(user, refreshTokenId);
return { accessToken, refreshToken };
}
async createAccessToken(user: User) {
async updatePassword(user: User, oldPassword: string, newPassword: string) {
if (!(await argon.verify(user.password, oldPassword)))
throw new ForbiddenException("Invalid password");
const hash = await argon.hash(newPassword);
this.prisma.user.update({
where: { id: user.id },
data: { password: hash },
});
}
async createAccessToken(user: User, refreshTokenId: string) {
return this.jwtService.sign(
{
sub: user.id,
email: user.email,
refreshTokenId,
},
{
expiresIn: "15min",
@@ -73,6 +107,14 @@ export class AuthService {
);
}
async signOut(accessToken: string) {
const { refreshTokenId } = this.jwtService.decode(accessToken) as {
refreshTokenId: string;
};
await this.prisma.refreshToken.delete({ where: { id: refreshTokenId } });
}
async refreshAccessToken(refreshToken: string) {
const refreshTokenMetaData = await this.prisma.refreshToken.findUnique({
where: { token: refreshToken },
@@ -82,16 +124,27 @@ export class AuthService {
if (!refreshTokenMetaData || refreshTokenMetaData.expiresAt < new Date())
throw new UnauthorizedException();
return this.createAccessToken(refreshTokenMetaData.user);
return this.createAccessToken(
refreshTokenMetaData.user,
refreshTokenMetaData.id
);
}
async createRefreshToken(userId: string) {
const refreshToken = (
await this.prisma.refreshToken.create({
data: { userId, expiresAt: moment().add(3, "months").toDate() },
const { id, token } = await this.prisma.refreshToken.create({
data: { userId, expiresAt: moment().add(3, "months").toDate() },
});
return { refreshTokenId: id, refreshToken: token };
}
async createLoginToken(userId: string) {
const loginToken = (
await this.prisma.loginToken.create({
data: { userId, expiresAt: moment().add(5, "minutes").toDate() },
})
).token;
return refreshToken;
return loginToken;
}
}

230
backend/src/auth/authTotp.service.ts Normal file
View File

@@ -0,0 +1,230 @@
import {
BadRequestException,
ForbiddenException,
Injectable,
UnauthorizedException,
} from "@nestjs/common";
import { User } from "@prisma/client";
import * as argon from "argon2";
import * as crypto from "crypto";
import { authenticator, totp } from "otplib";
import * as qrcode from "qrcode-svg";
import { ConfigService } from "src/config/config.service";
import { PrismaService } from "src/prisma/prisma.service";
import { AuthService } from "./auth.service";
import { AuthSignInTotpDTO } from "./dto/authSignInTotp.dto";
@Injectable()
export class AuthTotpService {
constructor(
private config: ConfigService,
private prisma: PrismaService,
private authService: AuthService
) {}
async signInTotp(dto: AuthSignInTotpDTO) {
if (!dto.email && !dto.username)
throw new BadRequestException("Email or username is required");
const user = await this.prisma.user.findFirst({
where: {
OR: [{ email: dto.email }, { username: dto.username }],
},
});
if (!user || !(await argon.verify(user.password, dto.password)))
throw new UnauthorizedException("Wrong email or password");
const token = await this.prisma.loginToken.findFirst({
where: {
token: dto.loginToken,
},
});
if (!token || token.userId != user.id || token.used)
throw new UnauthorizedException("Invalid login token");
if (token.expiresAt < new Date())
throw new UnauthorizedException("Login token expired");
// Check the TOTP code
const { totpSecret } = await this.prisma.user.findUnique({
where: { id: user.id },
select: { totpSecret: true },
});
if (!totpSecret) {
throw new BadRequestException("TOTP is not enabled");
}
const decryptedSecret = this.decryptTotpSecret(totpSecret, dto.password);
const expected = authenticator.generate(decryptedSecret);
if (dto.totp !== expected) {
throw new BadRequestException("Invalid code");
}
// Set the login token to used
await this.prisma.loginToken.update({
where: { token: token.token },
data: { used: true },
});
const { refreshToken, refreshTokenId } =
await this.authService.createRefreshToken(user.id);
const accessToken = await this.authService.createAccessToken(
user,
refreshTokenId
);
return { accessToken, refreshToken };
}
encryptTotpSecret(totpSecret: string, password: string) {
let iv = this.config.get("TOTP_SECRET");
iv = Buffer.from(iv, "base64");
const key = crypto
.createHash("sha256")
.update(String(password))
.digest("base64")
.substr(0, 32);
const cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
let encrypted = cipher.update(totpSecret);
encrypted = Buffer.concat([encrypted, cipher.final()]);
return encrypted.toString("base64");
}
decryptTotpSecret(encryptedTotpSecret: string, password: string) {
let iv = this.config.get("TOTP_SECRET");
iv = Buffer.from(iv, "base64");
const key = crypto
.createHash("sha256")
.update(String(password))
.digest("base64")
.substr(0, 32);
const encryptedText = Buffer.from(encryptedTotpSecret, "base64");
const decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
let decrypted = decipher.update(encryptedText);
decrypted = Buffer.concat([decrypted, decipher.final()]);
return decrypted.toString();
}
async enableTotp(user: User, password: string) {
if (!(await argon.verify(user.password, password)))
throw new ForbiddenException("Invalid password");
// Check if we have a secret already
const { totpVerified } = await this.prisma.user.findUnique({
where: { id: user.id },
select: { totpVerified: true },
});
if (totpVerified) {
throw new BadRequestException("TOTP is already enabled");
}
// TODO: Maybe make the issuer configurable with env vars?
const secret = authenticator.generateSecret();
const encryptedSecret = this.encryptTotpSecret(secret, password);
const otpURL = totp.keyuri(
user.username || user.email,
"pingvin-share",
secret
);
await this.prisma.user.update({
where: { id: user.id },
data: {
totpEnabled: true,
totpSecret: encryptedSecret,
},
});
// TODO: Maybe we should generate the QR code on the client rather than the server?
const qrCode = new qrcode({
content: otpURL,
container: "svg-viewbox",
join: true,
}).svg();
return {
totpAuthUrl: otpURL,
totpSecret: secret,
qrCode:
"data:image/svg+xml;base64," + Buffer.from(qrCode).toString("base64"),
};
}
// TODO: Maybe require a token to verify that the user who started enabling totp is the one who is verifying it?
async verifyTotp(user: User, password: string, code: string) {
if (!(await argon.verify(user.password, password)))
throw new ForbiddenException("Invalid password");
const { totpSecret } = await this.prisma.user.findUnique({
where: { id: user.id },
select: { totpSecret: true },
});
if (!totpSecret) {
throw new BadRequestException("TOTP is not in progress");
}
const decryptedSecret = this.decryptTotpSecret(totpSecret, password);
const expected = authenticator.generate(decryptedSecret);
if (code !== expected) {
throw new BadRequestException("Invalid code");
}
await this.prisma.user.update({
where: { id: user.id },
data: {
totpVerified: true,
},
});
return true;
}
async disableTotp(user: User, password: string, code: string) {
if (!(await argon.verify(user.password, password)))
throw new ForbiddenException("Invalid password");
const { totpSecret } = await this.prisma.user.findUnique({
where: { id: user.id },
select: { totpSecret: true },
});
if (!totpSecret) {
throw new BadRequestException("TOTP is not enabled");
}
const decryptedSecret = this.decryptTotpSecret(totpSecret, password);
const expected = authenticator.generate(decryptedSecret);
if (code !== expected) {
throw new BadRequestException("Invalid code");
}
await this.prisma.user.update({
where: { id: user.id },
data: {
totpVerified: false,
totpEnabled: false,
totpSecret: null,
},
});
return true;
}
}

7
backend/src/auth/dto/authRegister.dto.ts
View File

@@ -1,3 +1,8 @@
import { PickType } from "@nestjs/mapped-types";
import { UserDTO } from "src/user/dto/user.dto";
export class AuthRegisterDTO extends UserDTO {}
export class AuthRegisterDTO extends PickType(UserDTO, [
"email",
"username",
"password",
] as const) {}

16
backend/src/auth/dto/authSignIn.dto.ts
View File

@@ -1,7 +1,13 @@
import { PickType } from "@nestjs/swagger";
import { PickType } from "@nestjs/mapped-types";
import { IsEmail, IsOptional, IsString } from "class-validator";
import { UserDTO } from "src/user/dto/user.dto";
export class AuthSignInDTO extends PickType(UserDTO, [
"email",
"password",
] as const) {}
export class AuthSignInDTO extends PickType(UserDTO, ["password"] as const) {
@IsEmail()
@IsOptional()
email: string;
@IsString()
@IsOptional()
username: string;
}

21
backend/src/auth/dto/authSignInTotp.dto.ts Normal file
View File

@@ -0,0 +1,21 @@
import { PickType } from "@nestjs/mapped-types";
import { IsEmail, IsOptional, IsString } from "class-validator";
import { UserDTO } from "src/user/dto/user.dto";
export class AuthSignInTotpDTO extends PickType(UserDTO, [
"password",
] as const) {
@IsEmail()
@IsOptional()
email: string;
@IsString()
@IsOptional()
username: string;
@IsString()
totp: string;
@IsString()
loginToken: string;
}

4
backend/src/auth/dto/enableTotp.dto.ts Normal file
View File

@@ -0,0 +1,4 @@
import { PickType } from "@nestjs/mapped-types";
import { UserDTO } from "src/user/dto/user.dto";
export class EnableTotpDTO extends PickType(UserDTO, ["password"] as const) {}

6
backend/src/auth/dto/refreshAccessToken.dto.ts
View File

@@ -1,6 +0,0 @@
import { IsNotEmpty } from "class-validator";
export class RefreshAccessTokenDTO {
@IsNotEmpty()
refreshToken: string;
}

8
backend/src/auth/dto/updatePassword.dto.ts Normal file
View File

@@ -0,0 +1,8 @@
import { PickType } from "@nestjs/mapped-types";
import { IsString } from "class-validator";
import { UserDTO } from "src/user/dto/user.dto";
export class UpdatePasswordDTO extends PickType(UserDTO, ["password"]) {
@IsString()
oldPassword: string;
}

8
backend/src/auth/dto/verifyTotp.dto.ts Normal file
View File

@@ -0,0 +1,8 @@
import { PickType } from "@nestjs/mapped-types";
import { IsString } from "class-validator";
import { UserDTO } from "src/user/dto/user.dto";
export class VerifyTotpDTO extends PickType(UserDTO, ["password"] as const) {
@IsString()
code: string;
}

13
backend/src/auth/guard/isAdmin.guard.ts Normal file
View File

@@ -0,0 +1,13 @@
import { CanActivate, ExecutionContext, Injectable } from "@nestjs/common";
import { User } from "@prisma/client";
@Injectable()
export class AdministratorGuard implements CanActivate {
canActivate(context: ExecutionContext) {
const { user }: { user: User } = context.switchToHttp().getRequest();
if (!user) return false;
return user.isAdmin;
}
}

8
backend/src/auth/guard/jwt.guard.ts
View File

@@ -1,15 +1,17 @@
import { ExecutionContext } from "@nestjs/common";
import { ExecutionContext, Injectable } from "@nestjs/common";
import { AuthGuard } from "@nestjs/passport";
import { ConfigService } from "src/config/config.service";
@Injectable()
export class JwtGuard extends AuthGuard("jwt") {
constructor() {
constructor(private config: ConfigService) {
super();
}
async canActivate(context: ExecutionContext): Promise<boolean> {
try {
return (await super.canActivate(context)) as boolean;
} catch {
return process.env.ALLOW_UNAUTHENTICATED_SHARES == "true";
return this.config.get("ALLOW_UNAUTHENTICATED_SHARES");
}
}
}

14
backend/src/auth/strategy/jwt.strategy.ts
View File

@@ -1,24 +1,30 @@
import { Injectable } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { PassportStrategy } from "@nestjs/passport";
import { User } from "@prisma/client";
import { ExtractJwt, Strategy } from "passport-jwt";
import { Request } from "express";
import { Strategy } from "passport-jwt";
import { ConfigService } from "src/config/config.service";
import { PrismaService } from "src/prisma/prisma.service";
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor(config: ConfigService, private prisma: PrismaService) {
config.get("JWT_SECRET");
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
jwtFromRequest: JwtStrategy.extractJWT,
secretOrKey: config.get("JWT_SECRET"),
});
}
private static extractJWT(req: Request) {
if (!req.cookies.access_token) return null;
return req.cookies.access_token;
}
async validate(payload: { sub: string }) {
const user: User = await this.prisma.user.findUnique({
where: { id: payload.sub },
});
return user;
}
}

48
backend/src/config/config.controller.ts Normal file
View File

@@ -0,0 +1,48 @@
import { Body, Controller, Get, Patch, Post, UseGuards } from "@nestjs/common";
import { AdministratorGuard } from "src/auth/guard/isAdmin.guard";
import { JwtGuard } from "src/auth/guard/jwt.guard";
import { EmailService } from "src/email/email.service";
import { ConfigService } from "./config.service";
import { AdminConfigDTO } from "./dto/adminConfig.dto";
import { ConfigDTO } from "./dto/config.dto";
import { TestEmailDTO } from "./dto/testEmail.dto";
import UpdateConfigDTO from "./dto/updateConfig.dto";
@Controller("configs")
export class ConfigController {
constructor(
private configService: ConfigService,
private emailService: EmailService
) {}
@Get()
async list() {
return new ConfigDTO().fromList(await this.configService.list());
}
@Get("admin")
@UseGuards(JwtGuard, AdministratorGuard)
async listForAdmin() {
return new AdminConfigDTO().fromList(
await this.configService.listForAdmin()
);
}
@Patch("admin")
@UseGuards(JwtGuard, AdministratorGuard)
async updateMany(@Body() data: UpdateConfigDTO[]) {
await this.configService.updateMany(data);
}
@Post("admin/finishSetup")
@UseGuards(JwtGuard, AdministratorGuard)
async finishSetup() {
return await this.configService.finishSetup();
}
@Post("admin/testEmail")
@UseGuards(JwtGuard, AdministratorGuard)
async testEmail(@Body() { email }: TestEmailDTO) {
await this.emailService.sendTestMail(email);
}
}

23
backend/src/config/config.module.ts Normal file
View File

@@ -0,0 +1,23 @@
import { Global, Module } from "@nestjs/common";
import { EmailModule } from "src/email/email.module";
import { PrismaService } from "src/prisma/prisma.service";
import { ConfigController } from "./config.controller";
import { ConfigService } from "./config.service";
@Global()
@Module({
imports: [EmailModule],
providers: [
{
provide: "CONFIG_VARIABLES",
useFactory: async (prisma: PrismaService) => {
return await prisma.config.findMany();
},
inject: [PrismaService],
},
ConfigService,
],
controllers: [ConfigController],
exports: [ConfigService],
})
export class ConfigModule {}

84
backend/src/config/config.service.ts Normal file
View File

@@ -0,0 +1,84 @@
import {
BadRequestException,
Inject,
Injectable,
NotFoundException,
} from "@nestjs/common";
import { Config } from "@prisma/client";
import { PrismaService } from "src/prisma/prisma.service";
@Injectable()
export class ConfigService {
constructor(
@Inject("CONFIG_VARIABLES") private configVariables: Config[],
private prisma: PrismaService
) {}
get(key: string): any {
const configVariable = this.configVariables.filter(
(variable) => variable.key == key
)[0];
if (!configVariable) throw new Error(`Config variable ${key} not found`);
if (configVariable.type == "number") return parseInt(configVariable.value);
if (configVariable.type == "boolean") return configVariable.value == "true";
if (configVariable.type == "string" || configVariable.type == "text")
return configVariable.value;
}
async listForAdmin() {
return await this.prisma.config.findMany({
where: { locked: { equals: false } },
});
}
async list() {
return await this.prisma.config.findMany({
where: { secret: { equals: false } },
});
}
async updateMany(data: { key: string; value: string | number | boolean }[]) {
for (const variable of data) {
await this.update(variable.key, variable.value);
}
return data;
}
async update(key: string, value: string | number | boolean) {
const configVariable = await this.prisma.config.findUnique({
where: { key },
});
if (!configVariable || configVariable.locked)
throw new NotFoundException("Config variable not found");
if (
typeof value != configVariable.type &&
typeof value == "string" &&
configVariable.type != "text"
) {
throw new BadRequestException(
`Config variable must be of type ${configVariable.type}`
);
}
const updatedVariable = await this.prisma.config.update({
where: { key },
data: { value: value.toString() },
});
this.configVariables = await this.prisma.config.findMany();
return updatedVariable;
}
async finishSetup() {
return await this.prisma.config.update({
where: { key: "SETUP_FINISHED" },
data: { value: "true" },
});
}
}

31
backend/src/config/dto/adminConfig.dto.ts Normal file
View File

@@ -0,0 +1,31 @@
import { Expose, plainToClass } from "class-transformer";
import { ConfigDTO } from "./config.dto";
export class AdminConfigDTO extends ConfigDTO {
@Expose()
secret: boolean;
@Expose()
updatedAt: Date;
@Expose()
description: string;
@Expose()
obscured: boolean;
@Expose()
category: string;
from(partial: Partial<AdminConfigDTO>) {
return plainToClass(AdminConfigDTO, partial, {
excludeExtraneousValues: true,
});
}
fromList(partial: Partial<AdminConfigDTO>[]) {
return partial.map((part) =>
plainToClass(AdminConfigDTO, part, { excludeExtraneousValues: true })
);
}
}

18
backend/src/config/dto/config.dto.ts Normal file
View File

@@ -0,0 +1,18 @@
import { Expose, plainToClass } from "class-transformer";
export class ConfigDTO {
@Expose()
key: string;
@Expose()
value: string;
@Expose()
type: string;
fromList(partial: Partial<ConfigDTO>[]) {
return partial.map((part) =>
plainToClass(ConfigDTO, part, { excludeExtraneousValues: true })
);
}
}

7
backend/src/config/dto/testEmail.dto.ts Normal file
View File

@@ -0,0 +1,7 @@
import { IsEmail, IsNotEmpty } from "class-validator";
export class TestEmailDTO {
@IsEmail()
@IsNotEmpty()
email: string;
}

12
backend/src/config/dto/updateConfig.dto.ts Normal file
View File

@@ -0,0 +1,12 @@
import { IsNotEmpty, IsString, ValidateIf } from "class-validator";
class UpdateConfigDTO {
@IsString()
key: string;
@IsNotEmpty()
@ValidateIf((dto) => dto.value !== "")
value: string | number | boolean;
}
export default UpdateConfigDTO;

48
backend/src/email/email.service.ts
View File

@@ -1,38 +1,48 @@
import { Injectable, InternalServerErrorException } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { User } from "@prisma/client";
import * as nodemailer from "nodemailer";
import { ConfigService } from "src/config/config.service";
@Injectable()
export class EmailService {
constructor(private config: ConfigService) {}
// create reusable transporter object using the default SMTP transport
transporter = nodemailer.createTransport({
host: this.config.get("SMTP_HOST"),
port: parseInt(this.config.get("SMTP_PORT")),
secure: parseInt(this.config.get("SMTP_PORT")) == 465,
auth: {
user: this.config.get("SMTP_EMAIL"),
pass: this.config.get("SMTP_PASSWORD"),
},
});
getTransporter() {
return nodemailer.createTransport({
host: this.config.get("SMTP_HOST"),
port: parseInt(this.config.get("SMTP_PORT")),
secure: parseInt(this.config.get("SMTP_PORT")) == 465,
auth: {
user: this.config.get("SMTP_USERNAME"),
pass: this.config.get("SMTP_PASSWORD"),
},
});
}
async sendMail(recipientEmail: string, shareId: string, creator: User) {
if (this.config.get("EMAIL_RECIPIENTS_ENABLED") == "false")
if (!this.config.get("ENABLE_EMAIL_RECIPIENTS"))
throw new InternalServerErrorException("Email service disabled");
const shareUrl = `${this.config.get("APP_URL")}/share/${shareId}`;
const creatorIdentifier = creator ?
creator.firstName && creator.lastName
? `${creator.firstName} ${creator.lastName}`
: creator.email : "A Pingvin Share user";
await this.transporter.sendMail({
await this.getTransporter().sendMail({
from: `"Pingvin Share" <${this.config.get("SMTP_EMAIL")}>`,
to: recipientEmail,
subject: "Files shared with you",
text: `Hey!\n${creatorIdentifier} shared some files with you. View or dowload the files with this link: ${shareUrl}.\n Shared securely with Pingvin Share 🐧`,
subject: this.config.get("EMAIL_SUBJECT"),
text: this.config
.get("EMAIL_MESSAGE")
.replaceAll("\\n", "\n")
.replaceAll("{creator}", creator.username)
.replaceAll("{shareUrl}", shareUrl),
});
}
async sendTestMail(recipientEmail: string) {
await this.getTransporter().sendMail({
from: `"Pingvin Share" <${this.config.get("SMTP_EMAIL")}>`,
to: recipientEmail,
subject: "Test email",
text: "This is a test email",
});
}
}

17
backend/src/file/file.controller.ts
View File

@@ -2,7 +2,6 @@ import {
Controller,
Get,
Param,
ParseFilePipeBuilder,
Post,
Res,
StreamableFile,
@@ -32,13 +31,7 @@ export class FileController {
})
)
async create(
@UploadedFile(
new ParseFilePipeBuilder()
.addMaxSizeValidator({
maxSize: parseInt(process.env.MAX_FILE_SIZE),
})
.build()
)
@UploadedFile()
file: Express.Multer.File,
@Param("shareId") shareId: string
) {
@@ -52,7 +45,6 @@ export class FileController {
@Get(":fileId/download")
@UseGuards(ShareSecurityGuard)
async getFileDownloadUrl(
@Res({ passthrough: true }) res: Response,
@Param("shareId") shareId: string,
@Param("fileId") fileId: string
) {
@@ -64,16 +56,11 @@ export class FileController {
@Get("zip/download")
@UseGuards(ShareSecurityGuard)
async getZipArchiveDownloadURL(
@Res({ passthrough: true }) res: Response,
@Param("shareId") shareId: string,
@Param("fileId") fileId: string
) {
const url = this.fileService.getFileDownloadUrl(shareId, fileId);
res.set({
"Content-Type": "application/zip",
});
return { url };
}
@@ -86,7 +73,7 @@ export class FileController {
const zip = this.fileService.getZip(shareId);
res.set({
"Content-Type": "application/zip",
"Content-Disposition": `attachment ; filename="pingvin-share-${shareId}"`,
"Content-Disposition": `attachment ; filename="pingvin-share-${shareId}.zip"`,
});
return new StreamableFile(zip);

3
backend/src/file/file.module.ts
View File

@@ -3,11 +3,12 @@ import { JwtModule } from "@nestjs/jwt";
import { ShareModule } from "src/share/share.module";
import { FileController } from "./file.controller";
import { FileService } from "./file.service";
import { FileValidationPipe } from "./pipe/fileValidation.pipe";
@Module({
imports: [JwtModule.register({}), ShareModule],
controllers: [FileController],
providers: [FileService],
providers: [FileService, FileValidationPipe],
exports: [FileService],
})
export class FileModule {}

3
backend/src/file/file.service.ts
View File

@@ -3,11 +3,11 @@ import {
Injectable,
NotFoundException,
} from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { JwtService } from "@nestjs/jwt";
import { randomUUID } from "crypto";
import * as fs from "fs";
import * as mime from "mime-types";
import { ConfigService } from "src/config/config.service";
import { PrismaService } from "src/prisma/prisma.service";
@Injectable()
@@ -80,6 +80,7 @@ export class FileService {
getFileDownloadUrl(shareId: string, fileId: string) {
const downloadToken = this.generateFileDownloadToken(shareId, fileId);
return `${this.config.get(
"APP_URL"
)}/api/shares/${shareId}/files/${fileId}?token=${downloadToken}`;

17
backend/src/file/pipe/fileValidation.pipe.ts Normal file
View File

@@ -0,0 +1,17 @@
import {
ArgumentMetadata,
BadRequestException,
Injectable,
PipeTransform,
} from "@nestjs/common";
import { ConfigService } from "src/config/config.service";
@Injectable()
export class FileValidationPipe implements PipeTransform {
constructor(private config: ConfigService) {}
async transform(value: any, metadata: ArgumentMetadata) {
if (value.size > this.config.get("MAX_FILE_SIZE"))
throw new BadRequestException("File is ");
return value;
}
}

9
backend/src/jobs/jobs.module.ts Normal file
View File

@@ -0,0 +1,9 @@
import { Module } from "@nestjs/common";
import { FileModule } from "src/file/file.module";
import { JobsService } from "./jobs.service";
@Module({
imports: [FileModule],
providers: [JobsService],
})
export class JobsModule {}

17
backend/src/jobs/jobs.service.ts
View File

@@ -1,5 +1,6 @@
import { Injectable } from "@nestjs/common";
import { Cron } from "@nestjs/schedule";
import * as fs from "fs";
import * as moment from "moment";
import { FileService } from "src/file/file.service";
import { PrismaService } from "src/prisma/prisma.service";
@@ -35,6 +36,22 @@ export class JobsService {
console.log(`job: deleted ${expiredShares.length} expired shares`);
}
@Cron("0 0 * * *")
deleteTemporaryFiles() {
const files = fs.readdirSync("./data/uploads/_temp");
for (const file of files) {
const stats = fs.statSync(`./data/uploads/_temp/${file}`);
const isOlderThanOneDay = moment(stats.mtime)
.add(1, "day")
.isBefore(moment());
if (isOlderThanOneDay) fs.rmSync(`./data/uploads/_temp/${file}`);
}
console.log(`job: deleted ${files.length} temporary files`);
}
@Cron("0 * * * *")
async deleteExpiredRefreshTokens() {
const expiredRefreshTokens = await this.prisma.refreshToken.deleteMany({

4
backend/src/main.ts
View File

@@ -1,14 +1,16 @@
import { ClassSerializerInterceptor, ValidationPipe } from "@nestjs/common";
import { NestFactory, Reflector } from "@nestjs/core";
import { NestExpressApplication } from "@nestjs/platform-express";
import * as cookieParser from "cookie-parser";
import * as fs from "fs";
import { AppModule } from "./app.module";
async function bootstrap() {
const app = await NestFactory.create<NestExpressApplication>(AppModule);
app.useGlobalPipes(new ValidationPipe());
app.useGlobalPipes(new ValidationPipe({ whitelist: true }));
app.useGlobalInterceptors(new ClassSerializerInterceptor(app.get(Reflector)));
app.use(cookieParser());
app.set("trust proxy", true);
await fs.promises.mkdir("./data/uploads/_temp", { recursive: true });

5
backend/src/prisma/prisma.service.ts
View File

@@ -1,14 +1,13 @@
import { Injectable } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { PrismaClient } from "@prisma/client";
@Injectable()
export class PrismaService extends PrismaClient {
constructor(config: ConfigService) {
constructor() {
super({
datasources: {
db: {
url: "file:../data/pingvin-share.db",
url: "file:../data/pingvin-share.db?connection_limit=1",
},
},
});

8
backend/src/share/dto/createShare.dto.ts
View File

@@ -1,9 +1,11 @@
import { Type } from "class-transformer";
import {
IsEmail,
IsOptional,
IsString,
Length,
Matches,
MaxLength,
ValidateNested,
} from "class-validator";
import { ShareSecurityDTO } from "./shareSecurity.dto";
@@ -11,7 +13,7 @@ import { ShareSecurityDTO } from "./shareSecurity.dto";
export class CreateShareDTO {
@IsString()
@Matches("^[a-zA-Z0-9_-]*$", undefined, {
message: "ID only can contain letters, numbers, underscores and hyphens",
message: "ID can only contain letters, numbers, underscores and hyphens",
})
@Length(3, 50)
id: string;
@@ -19,6 +21,10 @@ export class CreateShareDTO {
@IsString()
expiration: string;
@MaxLength(512)
@IsOptional()
description: string;
@IsEmail({}, { each: true })
recipients: string[];

3
backend/src/share/dto/share.dto.ts
View File

@@ -17,6 +17,9 @@ export class ShareDTO {
@Type(() => PublicUserDTO)
creator: PublicUserDTO;
@Expose()
description: string;
from(partial: Partial<ShareDTO>) {
return plainToClass(ShareDTO, partial, { excludeExtraneousValues: true });
}

4
backend/src/share/dto/sharePassword.dto.ts
View File

@@ -1,3 +1,7 @@
import { IsOptional, IsString } from "class-validator";
export class SharePasswordDto {
@IsString()
@IsOptional()
password: string;
}

9
backend/src/share/share.service.ts
View File

@@ -4,13 +4,13 @@ import {
Injectable,
NotFoundException,
} from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { JwtService } from "@nestjs/jwt";
import { Share, User } from "@prisma/client";
import * as archiver from "archiver";
import * as argon from "argon2";
import * as fs from "fs";
import * as moment from "moment";
import { ConfigService } from "src/config/config.service";
import { EmailService } from "src/email/email.service";
import { FileService } from "src/file/file.service";
import { PrismaService } from "src/prisma/prisma.service";
@@ -105,9 +105,10 @@ export class ShareService {
);
// Asynchronously create a zip of all files
this.createZip(id).then(() =>
this.prisma.share.update({ where: { id }, data: { isZipReady: true } })
);
if (share.files.length > 1)
this.createZip(id).then(() =>
this.prisma.share.update({ where: { id }, data: { isZipReady: true } })
);
// Send email for each recepient
for (const recepient of share.recipients) {

15
backend/src/user/dto/createUser.dto.ts Normal file
View File

@@ -0,0 +1,15 @@
import { Expose, plainToClass } from "class-transformer";
import { Allow } from "class-validator";
import { UserDTO } from "./user.dto";
export class CreateUserDTO extends UserDTO {
@Expose()
@Allow()
isAdmin: boolean;
from(partial: Partial<CreateUserDTO>) {
return plainToClass(CreateUserDTO, partial, {
excludeExtraneousValues: true,
});
}
}

4
backend/src/user/dto/publicUser.dto.ts
View File

@@ -1,4 +1,4 @@
import { PickType } from "@nestjs/swagger";
import { PickType } from "@nestjs/mapped-types";
import { UserDTO } from "./user.dto";
export class PublicUserDTO extends PickType(UserDTO, ["email"] as const) {}
export class PublicUserDTO extends PickType(UserDTO, ["username"] as const) {}

6
backend/src/user/dto/updateOwnUser.dto.ts Normal file
View File

@@ -0,0 +1,6 @@
import { OmitType, PartialType } from "@nestjs/mapped-types";
import { UserDTO } from "./user.dto";
export class UpdateOwnUserDTO extends PartialType(
OmitType(UserDTO, ["isAdmin", "password"] as const)
) {}

4
backend/src/user/dto/updateUser.dto.ts Normal file
View File

@@ -0,0 +1,4 @@
import { PartialType } from "@nestjs/mapped-types";
import { CreateUserDTO } from "./createUser.dto";
export class UpdateUserDto extends PartialType(CreateUserDTO) {}

27
backend/src/user/dto/user.dto.ts
View File

@@ -1,26 +1,37 @@
import { Expose, plainToClass } from "class-transformer";
import { IsEmail, IsNotEmpty, IsString } from "class-validator";
import { IsEmail, Length, Matches, MinLength } from "class-validator";
export class UserDTO {
@Expose()
id: string;
@Expose()
firstName: string;
@Matches("^[a-zA-Z0-9_.]*$", undefined, {
message: "Username can only contain letters, numbers, dots and underscores",
})
@Length(3, 32)
username: string;
@Expose()
lastName: string;
@Expose()
@IsNotEmpty()
@IsEmail()
email: string;
@IsNotEmpty()
@IsString()
@MinLength(8)
password: string;
@Expose()
isAdmin: boolean;
@Expose()
totpVerified: boolean;
from(partial: Partial<UserDTO>) {
return plainToClass(UserDTO, partial, { excludeExtraneousValues: true });
}
fromList(partial: Partial<UserDTO>[]) {
return partial.map((part) =>
plainToClass(UserDTO, part, { excludeExtraneousValues: true })
);
}
}

59
backend/src/user/user.controller.ts
View File

@@ -1,14 +1,71 @@
import { Controller, Get, UseGuards } from "@nestjs/common";
import {
Body,
Controller,
Delete,
Get,
Param,
Patch,
Post,
UseGuards,
} from "@nestjs/common";
import { User } from "@prisma/client";
import { GetUser } from "src/auth/decorator/getUser.decorator";
import { AdministratorGuard } from "src/auth/guard/isAdmin.guard";
import { JwtGuard } from "src/auth/guard/jwt.guard";
import { CreateUserDTO } from "./dto/createUser.dto";
import { UpdateOwnUserDTO } from "./dto/updateOwnUser.dto";
import { UpdateUserDto } from "./dto/updateUser.dto";
import { UserDTO } from "./dto/user.dto";
import { UserSevice } from "./user.service";
@Controller("users")
export class UserController {
constructor(private userService: UserSevice) {}
// Own user operations
@Get("me")
@UseGuards(JwtGuard)
async getCurrentUser(@GetUser() user: User) {
return new UserDTO().from(user);
}
@Patch("me")
@UseGuards(JwtGuard)
async updateCurrentUser(
@GetUser() user: User,
@Body() data: UpdateOwnUserDTO
) {
return new UserDTO().from(await this.userService.update(user.id, data));
}
@Delete("me")
@UseGuards(JwtGuard)
async deleteCurrentUser(@GetUser() user: User) {
return new UserDTO().from(await this.userService.delete(user.id));
}
// Global user operations
@Get()
@UseGuards(JwtGuard, AdministratorGuard)
async list() {
return new UserDTO().fromList(await this.userService.list());
}
@Post()
@UseGuards(JwtGuard, AdministratorGuard)
async create(@Body() user: CreateUserDTO) {
return new UserDTO().from(await this.userService.create(user));
}
@Patch(":id")
@UseGuards(JwtGuard, AdministratorGuard)
async update(@Param("id") id: string, @Body() user: UpdateUserDto) {
return new UserDTO().from(await this.userService.update(id, user));
}
@Delete(":id")
@UseGuards(JwtGuard, AdministratorGuard)
async delete(@Param("id") id: string) {
return new UserDTO().from(await this.userService.delete(id));
}
}

9
backend/src/user/user.module.ts Normal file
View File

@@ -0,0 +1,9 @@
import { Module } from "@nestjs/common";
import { UserController } from "./user.controller";
import { UserSevice } from "./user.service";
@Module({
providers: [UserSevice],
controllers: [UserController],
})
export class UserModule {}

65
backend/src/user/user.service.ts Normal file
View File

@@ -0,0 +1,65 @@
import { BadRequestException, Injectable } from "@nestjs/common";
import { PrismaClientKnownRequestError } from "@prisma/client/runtime";
import * as argon from "argon2";
import { PrismaService } from "src/prisma/prisma.service";
import { CreateUserDTO } from "./dto/createUser.dto";
import { UpdateUserDto } from "./dto/updateUser.dto";
import { UserDTO } from "./dto/user.dto";
@Injectable()
export class UserSevice {
constructor(private prisma: PrismaService) {}
async list() {
return await this.prisma.user.findMany();
}
async get(id: string) {
return await this.prisma.user.findUnique({ where: { id } });
}
async create(dto: CreateUserDTO) {
const hash = await argon.hash(dto.password);
try {
return await this.prisma.user.create({
data: {
...dto,
password: hash,
},
});
} catch (e) {
if (e instanceof PrismaClientKnownRequestError) {
if (e.code == "P2002") {
const duplicatedField: string = e.meta.target[0];
throw new BadRequestException(
`A user with this ${duplicatedField} already exists`
);
}
}
}
}
async update(id: string, user: UpdateUserDto) {
try {
const hash = user.password && (await argon.hash(user.password));
return await this.prisma.user.update({
where: { id },
data: { ...user, password: hash },
});
} catch (e) {
if (e instanceof PrismaClientKnownRequestError) {
if (e.code == "P2002") {
const duplicatedField: string = e.meta.target[0];
throw new BadRequestException(
`A user with this ${duplicatedField} already exists`
);
}
}
}
}
async delete(id: string) {
return await this.prisma.user.delete({ where: { id } });
}
}

87
backend/test/system/newman-system-tests.json
View File

@@ -1,6 +1,6 @@
{
"info": {
"_postman_id": "243b0832-3a6a-4389-bb71-4d988c0a86d9",
"_postman_id": "4b16228d-41ef-4c6b-8a0b-294a30a4cfc2",
"name": "Pingvin Share Testing",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
"_exporter_id": "17822132"
@@ -18,12 +18,12 @@
"exec": [
"if(pm.response.to.have.status(201)){",
" const token = pm.response.json()[\"accessToken\"]",
" pm.collectionVariables.set(\"USER_AUTH_TOKEN\", token)",
"",
" // Get user id",
" const jwtPayload = JSON.parse(atob(token.split('.')[1]));",
" const userId = jwtPayload[\"sub\"]",
" pm.collectionVariables.set(\"USER_ID\", userId)",
"",
" pm.collectionVariables.set(\"COOKIES\", pm.response.headers.get(\"Set-Cookie\"))",
"}",
""
],
@@ -36,7 +36,7 @@
"header": [],
"body": {
"mode": "raw",
"raw": "{\n \"firstName\" : \"System\",\n \"lastName\" : \"Test\",\n \"email\": \"system@test.org\",\n \"password\": \"J2y8unpJUcJDRv\"\n}",
"raw": "{\n \"email\": \"system@test.org\",\n \"username\": \"system.test\",\n \"password\": \"J2y8unpJUcJDRv\"\n}",
"options": {
"raw": {
"language": "json"
@@ -80,6 +80,7 @@
" pm.expect(responseBody).to.have.property(\"accessToken\")",
" pm.expect(responseBody).to.have.property(\"refreshToken\")",
"});",
"",
""
],
"type": "text/javascript"
@@ -97,7 +98,7 @@
],
"body": {
"mode": "raw",
"raw": "{\n \"firstName\" : \"System\",\n \"lastName\" : \"Test2\",\n \"email\": \"system2@test.org\",\n \"password\": \"N44HcHgeuAvfCT\"\n}",
"raw": "{\n \"email\": \"system2@test.org\",\n \"username\": \"system2.test\",\n \"password\": \"N44HcHgeuAvfCT\"\n}",
"options": {
"raw": {
"language": "json"
@@ -431,7 +432,7 @@
" const responseBody = pm.response.json();",
" pm.expect(responseBody).to.have.property(\"id\")",
" pm.expect(responseBody).to.have.property(\"expiration\")",
" pm.expect(Object.keys(responseBody).length).be.equal(2)",
" pm.expect(Object.keys(responseBody).length).be.equal(3)",
"});",
""
],
@@ -444,7 +445,7 @@
"header": [],
"body": {
"mode": "raw",
"raw": "{\n \"id\": \"test-share\",\n \"expiration\": \"1-day\",\n \"security\": {\n \"password\": \"share-password\",\n \"maxViews\": 1\n }\n}",
"raw": "{\n \"id\": \"test-share\",\n \"expiration\": \"1-day\",\n \"recipients\": [],\n \"security\": {\n \"password\": \"share-password\",\n \"maxViews\": 1\n }\n}",
"options": {
"raw": {
"language": "json"
@@ -517,6 +518,60 @@
},
"response": []
},
{
"name": "Upload file 2",
"event": [
{
"listen": "test",
"script": {
"exec": [
"pm.test(\"Status code is 201\", () => {",
" pm.response.to.have.status(201);",
"});",
"",
"pm.test(\"Response body correct\", () => {",
" const responseBody = pm.response.json();",
" pm.expect(responseBody).to.have.property(\"id\")",
" pm.expect(Object.keys(responseBody).length).be.equal(1)",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "formdata",
"formdata": [
{
"key": "file",
"type": "file",
"src": "./test/system/test-file.txt"
}
]
},
"url": {
"raw": "{{API_URL}}/shares/:shareId/files",
"host": [
"{{API_URL}}"
],
"path": [
"shares",
":shareId",
"files"
],
"variable": [
{
"key": "shareId",
"value": "test-share"
}
]
}
},
"response": []
},
{
"name": "Complete share",
"event": [
@@ -532,7 +587,7 @@
" const responseBody = pm.response.json();",
" pm.expect(responseBody).to.have.property(\"id\")",
" pm.expect(responseBody).to.have.property(\"expiration\")",
" pm.expect(Object.keys(responseBody).length).be.equal(2)",
" pm.expect(Object.keys(responseBody).length).be.equal(3)",
"});",
""
],
@@ -942,9 +997,9 @@
" pm.response.to.have.status(200);",
"});",
"",
"pm.test(\"Response contains 1 file\", () => {",
"pm.test(\"Response contains 2 files\", () => {",
" const responseBody = pm.response.json();",
" pm.expect(responseBody.files.length).be.equal(1)",
" pm.expect(responseBody.files.length).be.equal(2)",
"});",
"",
"",
@@ -1502,23 +1557,13 @@
]
}
],
"auth": {
"type": "bearer",
"bearer": [
{
"key": "token",
"value": "{{USER_AUTH_TOKEN}}",
"type": "string"
}
]
},
"event": [
{
"listen": "prerequest",
"script": {
"type": "text/javascript",
"exec": [
""
"pm.request.addHeader(\"Cookie\", pm.collectionVariables.get(\"COOKIES\"))"
]
}
},

12
docker-compose.yml
View File

@@ -5,17 +5,5 @@ services:
restart: unless-stopped
ports:
- 3000:3000
environment:
- APP_URL=${APP_URL}
- SHOW_HOME_PAGE=${SHOW_HOME_PAGE}
- ALLOW_REGISTRATION=${ALLOW_REGISTRATION}
- ALLOW_UNAUTHENTICATED_SHARES=${ALLOW_UNAUTHENTICATED_SHARES}
- MAX_FILE_SIZE=${MAX_FILE_SIZE}
- JWT_SECRET=${JWT_SECRET}
- EMAIL_RECIPIENTS_ENABLED=${EMAIL_RECIPIENTS_ENABLED}
- SMTP_HOST=${SMTP_HOST}
- SMTP_PORT=${SMTP_PORT}
- SMTP_EMAIL=${SMTP_EMAIL}
- SMTP_PASSWORD=${SMTP_PASSWORD}
volumes:
- "${PWD}/data:/opt/app/backend/data"

5
frontend/.env.example
View File

@@ -1,5 +0,0 @@
SHOW_HOME_PAGE=true
ALLOW_REGISTRATION=true
MAX_FILE_SIZE=1000000000
ALLOW_UNAUTHENTICATED_SHARES=false
EMAIL_RECIPIENTS_ENABLED=false

19
frontend/next.config.js
View File

@@ -1,19 +1,14 @@
/** @type {import('next').NextConfig} */
const nextConfig = {
publicRuntimeConfig: {
ALLOW_REGISTRATION: process.env.ALLOW_REGISTRATION,
SHOW_HOME_PAGE: process.env.SHOW_HOME_PAGE,
MAX_FILE_SIZE: process.env.MAX_FILE_SIZE,
ALLOW_UNAUTHENTICATED_SHARES: process.env.ALLOW_UNAUTHENTICATED_SHARES,
EMAIL_RECIPIENTS_ENABLED: process.env.EMAIL_RECIPIENTS_ENABLED
}
}
const { version } = require('./package.json');
const withPWA = require("next-pwa")({
dest: "public",
disable: process.env.NODE_ENV == "development"
disable: process.env.NODE_ENV == "development",
});
module.exports = withPWA(nextConfig);
module.exports = withPWA({
output: "standalone", env: {
VERSION: version,
},
});

1935
frontend/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

56
frontend/package.json
View File

@@ -1,48 +1,48 @@
{
"name": "pingvin-share",
"version": "0.0.1",
"name": "pingvin-share-frontend",
"version": "0.5.1",
"scripts": {
"dev": "dotenv next dev",
"dev": "next dev",
"build": "next build",
"start": "dotenv next start",
"start": "next start",
"lint": "next lint",
"format": "prettier --write \"src/**/*.ts*\""
},
"dependencies": {
"@emotion/react": "^11.10.4",
"@emotion/react": "^11.10.5",
"@emotion/server": "^11.10.0",
"@mantine/core": "^5.5.2",
"@mantine/dropzone": "^5.5.2",
"@mantine/form": "^5.5.2",
"@mantine/hooks": "^5.5.2",
"@mantine/modals": "^5.5.2",
"@mantine/next": "^5.5.2",
"@mantine/notifications": "^5.5.2",
"axios": "^0.26.1",
"cookies-next": "^2.0.4",
"@mantine/core": "^5.9.2",
"@mantine/dropzone": "^5.9.2",
"@mantine/form": "^5.9.2",
"@mantine/hooks": "^5.9.2",
"@mantine/modals": "^5.9.2",
"@mantine/next": "^5.9.2",
"@mantine/notifications": "^5.9.2",
"axios": "^1.2.0",
"cookies-next": "^2.1.1",
"file-saver": "^2.0.5",
"jose": "^4.8.1",
"jose": "^4.11.1",
"moment": "^2.29.4",
"next": "^13.0.0",
"next": "^13.0.6",
"next-cookies": "^2.0.3",
"next-http-proxy-middleware": "^1.2.4",
"next-http-proxy-middleware": "^1.2.5",
"next-pwa": "^5.6.0",
"p-limit": "^4.0.0",
"react": "^18.2.0",
"react-dom": "^18.2.0",
"react-icons": "^4.4.0",
"react-icons": "^4.7.1",
"yup": "^0.32.11"
},
"devDependencies": {
"@types/node": "17.0.23",
"@types/react": "18.0.4",
"@types/react-dom": "18.0.0",
"axios": "^0.26.1",
"dotenv-cli": "^6.0.0",
"eslint": "8.13.0",
"eslint-config-next": "^13.0.0",
"@types/node": "18.11.10",
"@types/react": "18.0.26",
"@types/react-dom": "18.0.9",
"axios": "^1.2.0",
"eslint": "8.29.0",
"eslint-config-next": "^13.0.6",
"eslint-config-prettier": "^8.5.0",
"prettier": "^2.7.1",
"tar": "^6.1.11",
"typescript": "^4.6.3"
"prettier": "^2.8.0",
"tar": "^6.1.12",
"typescript": "^4.9.3"
}
}

67
frontend/src/components/account/ThemeSwitcher.tsx Normal file
View File

@@ -0,0 +1,67 @@
import {
Box,
Center,
ColorScheme,
SegmentedControl,
Stack,
useMantineColorScheme,
} from "@mantine/core";
import { useColorScheme } from "@mantine/hooks";
import { useState } from "react";
import { TbDeviceLaptop, TbMoon, TbSun } from "react-icons/tb";
import usePreferences from "../../hooks/usePreferences";
const ThemeSwitcher = () => {
const preferences = usePreferences();
const [colorScheme, setColorScheme] = useState(
preferences.get("colorScheme")
);
const { toggleColorScheme } = useMantineColorScheme();
const systemColorScheme = useColorScheme();
return (
<Stack>
<SegmentedControl
value={colorScheme}
onChange={(value) => {
preferences.set("colorScheme", value);
setColorScheme(value);
toggleColorScheme(
value == "system" ? systemColorScheme : (value as ColorScheme)
);
}}
data={[
{
label: (
<Center>
<TbMoon size={16} />
<Box ml={10}>Dark</Box>
</Center>
),
value: "dark",
},
{
label: (
<Center>
<TbSun size={16} />
<Box ml={10}>Light</Box>
</Center>
),
value: "light",
},
{
label: (
<Center>
<TbDeviceLaptop size={16} />
<Box ml={10}>System</Box>
</Center>
),
value: "system",
},
]}
/>
</Stack>
);
};
export default ThemeSwitcher;

128
frontend/src/components/account/showEnableTotpModal.tsx Normal file
View File

@@ -0,0 +1,128 @@
import {
Button,
Center,
Col,
Grid,
Image,
Stack,
Text,
TextInput,
Title,
Tooltip,
} from "@mantine/core";
import { useForm, yupResolver } from "@mantine/form";
import { useModals } from "@mantine/modals";
import { ModalsContextProps } from "@mantine/modals/lib/context";
import * as yup from "yup";
import useUser from "../../hooks/user.hook";
import authService from "../../services/auth.service";
import toast from "../../utils/toast.util";
const showEnableTotpModal = (
modals: ModalsContextProps,
refreshUser: () => {},
options: {
qrCode: string;
secret: string;
password: string;
}
) => {
return modals.openModal({
title: <Title order={4}>Enable TOTP</Title>,
children: (
<CreateEnableTotpModal options={options} refreshUser={refreshUser} />
),
});
};
const CreateEnableTotpModal = ({
options,
refreshUser,
}: {
options: {
qrCode: string;
secret: string;
password: string;
};
refreshUser: () => {};
}) => {
const modals = useModals();
const validationSchema = yup.object().shape({
code: yup
.string()
.min(6)
.max(6)
.required()
.matches(/^[0-9]+$/, { message: "Code must be a number" }),
});
const form = useForm({
initialValues: {
code: "",
},
validate: yupResolver(validationSchema),
});
return (
<div>
<Center>
<Stack>
<Text>Step 1: Add your authenticator</Text>
<Image src={options.qrCode} alt="QR Code" />
<Center>
<span>OR</span>
</Center>
<Tooltip label="Click to copy">
<Button
onClick={() => {
navigator.clipboard.writeText(options.secret);
toast.success("Copied to clipboard");
}}
>
{options.secret}
</Button>
</Tooltip>
<Center>
<Text fz="xs">Enter manually</Text>
</Center>
<Text>Step 2: Validate your code</Text>
<form
onSubmit={form.onSubmit((values) => {
authService
.verifyTOTP(values.code, options.password)
.then(() => {
toast.success("Successfully enabled TOTP");
modals.closeAll();
refreshUser();
})
.catch(toast.axiosError);
})}
>
<Grid align="flex-end">
<Col xs={9}>
<TextInput
variant="filled"
label="Code"
placeholder="******"
{...form.getInputProps("code")}
/>
</Col>
<Col xs={3}>
<Button variant="outline" type="submit">
Verify
</Button>
</Col>
</Grid>
</form>
</Stack>
</Center>
</div>
);
};
export default showEnableTotpModal;

16
frontend/src/components/account/showShareLinkModal.tsx Normal file
View File

@@ -0,0 +1,16 @@
import { Stack, TextInput } from "@mantine/core";
import { ModalsContextProps } from "@mantine/modals/lib/context";
const showShareLinkModal = (modals: ModalsContextProps, shareId: string) => {
const link = `${window.location.origin}/share/${shareId}`;
return modals.openModal({
title: "Share link",
children: (
<Stack align="stretch">
<TextInput variant="filled" value={link} />
</Stack>
),
});
};
export default showShareLinkModal;

86
frontend/src/components/admin/ManageUserTable.tsx Normal file
View File

@@ -0,0 +1,86 @@
import { ActionIcon, Box, Group, Skeleton, Table } from "@mantine/core";
import { useModals } from "@mantine/modals";
import { TbCheck, TbEdit, TbTrash } from "react-icons/tb";
import User from "../../types/user.type";
import showUpdateUserModal from "./showUpdateUserModal";
const ManageUserTable = ({
users,
getUsers,
deleteUser,
isLoading,
}: {
users: User[];
getUsers: () => void;
deleteUser: (user: User) => void;
isLoading: boolean;
}) => {
const modals = useModals();
return (
<Box sx={{ display: "block", overflowX: "auto" }}>
<Table verticalSpacing="sm">
<thead>
<tr>
<th>Username</th>
<th>Email</th>
<th>Admin</th>
<th></th>
</tr>
</thead>
<tbody>
{isLoading
? skeletonRows
: users.map((user) => (
<tr key={user.id}>
<td>{user.username}</td>
<td>{user.email}</td>
<td>{user.isAdmin && <TbCheck />}</td>
<td>
<Group position="right">
<ActionIcon
variant="light"
color="primary"
size="sm"
onClick={() =>
showUpdateUserModal(modals, user, getUsers)
}
>
<TbEdit />
</ActionIcon>
<ActionIcon
variant="light"
color="red"
size="sm"
onClick={() => deleteUser(user)}
>
<TbTrash />
</ActionIcon>
</Group>
</td>
</tr>
))}
</tbody>
</Table>
</Box>
);
};
const skeletonRows = [...Array(10)].map((v, i) => (
<tr key={i}>
<td>
<Skeleton key={i} height={20} />
</td>
<td>
<Skeleton key={i} height={20} />
</td>
<td>
<Skeleton key={i} height={20} />
</td>
<td>
<Skeleton key={i} height={20} />
</td>
</tr>
));
export default ManageUserTable;

76
frontend/src/components/admin/configuration/AdminConfigInput.tsx Normal file
View File

@@ -0,0 +1,76 @@
import {
NumberInput,
PasswordInput,
Stack,
Switch,
Textarea,
TextInput,
} from "@mantine/core";
import { useForm } from "@mantine/form";
import { AdminConfig, UpdateConfig } from "../../../types/config.type";
const AdminConfigInput = ({
configVariable,
updateConfigVariable,
}: {
configVariable: AdminConfig;
updateConfigVariable: (variable: UpdateConfig) => void;
}) => {
const form = useForm({
initialValues: {
stringValue: configVariable.value,
textValue: configVariable.value,
numberValue: parseInt(configVariable.value),
booleanValue: configVariable.value == "true",
},
});
const onValueChange = (configVariable: AdminConfig, value: any) => {
form.setFieldValue(`${configVariable.type}Value`, value);
updateConfigVariable({ key: configVariable.key, value: value });
};
return (
<Stack align="end">
{configVariable.type == "string" &&
(configVariable.obscured ? (
<PasswordInput
style={{ width: "100%" }}
{...form.getInputProps("stringValue")}
onChange={(e) => onValueChange(configVariable, e.target.value)}
/>
) : (
<TextInput
style={{ width: "100%" }}
{...form.getInputProps("stringValue")}
onChange={(e) => onValueChange(configVariable, e.target.value)}
/>
))}
{configVariable.type == "text" && (
<Textarea
style={{ width: "100%" }}
autosize
{...form.getInputProps("textValue")}
onChange={(e) => onValueChange(configVariable, e.target.value)}
/>
)}
{configVariable.type == "number" && (
<NumberInput
{...form.getInputProps("numberValue")}
onChange={(number) => onValueChange(configVariable, number)}
/>
)}
{configVariable.type == "boolean" && (
<>
<Switch
{...form.getInputProps("booleanValue", { type: "checkbox" })}
onChange={(e) => onValueChange(configVariable, e.target.checked)}
/>
</>
)}
</Stack>
);
};
export default AdminConfigInput;

140
frontend/src/components/admin/configuration/AdminConfigTable.tsx Normal file
View File

@@ -0,0 +1,140 @@
import {
Box,
Button,
Group,
Paper,
Space,
Stack,
Text,
Title,
} from "@mantine/core";
import { useMediaQuery } from "@mantine/hooks";
import { useEffect, useState } from "react";
import useConfig from "../../../hooks/config.hook";
import configService from "../../../services/config.service";
import {
AdminConfigGroupedByCategory,
UpdateConfig,
} from "../../../types/config.type";
import {
capitalizeFirstLetter,
configVariableToFriendlyName,
} from "../../../utils/string.util";
import toast from "../../../utils/toast.util";
import AdminConfigInput from "./AdminConfigInput";
import TestEmailButton from "./TestEmailButton";
const AdminConfigTable = () => {
const config = useConfig();
const isMobile = useMediaQuery("(max-width: 560px)");
let updatedConfigVariables: UpdateConfig[] = [];
const updateConfigVariable = (configVariable: UpdateConfig) => {
const index = updatedConfigVariables.findIndex(
(item) => item.key === configVariable.key
);
if (index > -1) {
updatedConfigVariables[index] = configVariable;
} else {
updatedConfigVariables.push(configVariable);
}
};
const [configVariablesByCategory, setCofigVariablesByCategory] =
useState<AdminConfigGroupedByCategory>({});
const getConfigVariables = async () => {
await configService.listForAdmin().then((configVariables) => {
const configVariablesByCategory = configVariables.reduce(
(categories: any, item) => {
const category = categories[item.category] || [];
category.push(item);
categories[item.category] = category;
return categories;
},
{}
);
setCofigVariablesByCategory(configVariablesByCategory);
});
};
useEffect(() => {
getConfigVariables();
}, []);
return (
<Box mb="lg">
{Object.entries(configVariablesByCategory).map(
([category, configVariables]) => {
return (
<Paper key={category} withBorder p="lg" mb="xl">
<Title mb="xs" order={3}>
{capitalizeFirstLetter(category)}
</Title>
{configVariables.map((configVariable) => (
<>
<Group position="apart">
<Stack
style={{ maxWidth: isMobile ? "100%" : "40%" }}
spacing={0}
>
<Title order={6}>
{configVariableToFriendlyName(configVariable.key)}
</Title>
<Text color="dimmed" size="sm" mb="xs">
{configVariable.description}
</Text>
</Stack>
<Stack></Stack>
<Box style={{ width: isMobile ? "100%" : "50%" }}>
<AdminConfigInput
key={configVariable.key}
updateConfigVariable={updateConfigVariable}
configVariable={configVariable}
/>
</Box>
</Group>
<Space h="lg" />
</>
))}
{category == "email" && (
<Group position="right">
<TestEmailButton />
</Group>
)}
</Paper>
);
}
)}
<Group position="right">
<Button
onClick={() => {
if (config.get("SETUP_FINISHED")) {
configService
.updateMany(updatedConfigVariables)
.then(() =>
toast.success("Configurations updated successfully")
)
.catch(toast.axiosError);
} else {
configService
.updateMany(updatedConfigVariables)
.then(async () => {
await configService.finishSetup();
window.location.reload();
})
.catch(toast.axiosError);
}
}}
>
Save
</Button>
</Group>
</Box>
);
};
export default AdminConfigTable;

27
frontend/src/components/admin/configuration/TestEmailButton.tsx Normal file
View File

@@ -0,0 +1,27 @@
import { Button } from "@mantine/core";
import useUser from "../../../hooks/user.hook";
import configService from "../../../services/config.service";
import toast from "../../../utils/toast.util";
const TestEmailButton = () => {
const { user } = useUser();
return (
<Button
variant="light"
onClick={() =>
configService
.sendTestEmail(user!.email)
.then(() => toast.success("Email sent successfully"))
.catch(() =>
toast.error(
"Failed to send the email. Please check the backend logs for more information."
)
)
}
>
Send test email
</Button>
);
};
export default TestEmailButton;

84
frontend/src/components/admin/showCreateUserModal.tsx Normal file
View File

@@ -0,0 +1,84 @@
import {
Button,
Group,
PasswordInput,
Stack,
Switch,
TextInput,
Title,
} from "@mantine/core";
import { useForm, yupResolver } from "@mantine/form";
import { ModalsContextProps } from "@mantine/modals/lib/context";
import * as yup from "yup";
import userService from "../../services/user.service";
import toast from "../../utils/toast.util";
const showCreateUserModal = (
modals: ModalsContextProps,
getUsers: () => void
) => {
return modals.openModal({
title: <Title order={5}>Create user</Title>,
children: <Body modals={modals} getUsers={getUsers} />,
});
};
const Body = ({
modals,
getUsers,
}: {
modals: ModalsContextProps;
getUsers: () => void;
}) => {
const form = useForm({
initialValues: {
username: "",
email: "",
password: "",
isAdmin: false,
},
validate: yupResolver(
yup.object().shape({
email: yup.string().email(),
username: yup.string().min(3),
password: yup.string().min(8),
})
),
});
return (
<Stack>
<form
onSubmit={form.onSubmit(async (values) => {
userService
.create(values)
.then(() => {
getUsers();
modals.closeAll();
})
.catch(toast.axiosError);
})}
>
<Stack>
<TextInput label="Username" {...form.getInputProps("username")} />
<TextInput label="Email" {...form.getInputProps("email")} />
<PasswordInput
label="New password"
{...form.getInputProps("password")}
/>
<Switch
mt="xs"
labelPosition="left"
label="Admin privileges"
{...form.getInputProps("isAdmin", { type: "checkbox" })}
/>
<Group position="right">
<Button type="submit">Create</Button>
</Group>
</Stack>
</form>
</Stack>
);
};
export default showCreateUserModal;

127
frontend/src/components/admin/showUpdateUserModal.tsx Normal file
View File

@@ -0,0 +1,127 @@
import {
Accordion,
Button,
Group,
PasswordInput,
Stack,
Switch,
TextInput,
Title,
} from "@mantine/core";
import { useForm, yupResolver } from "@mantine/form";
import { ModalsContextProps } from "@mantine/modals/lib/context";
import * as yup from "yup";
import userService from "../../services/user.service";
import User from "../../types/user.type";
import toast from "../../utils/toast.util";
const showUpdateUserModal = (
modals: ModalsContextProps,
user: User,
getUsers: () => void
) => {
return modals.openModal({
title: <Title order={5}>Update {user.username}</Title>,
children: <Body user={user} modals={modals} getUsers={getUsers} />,
});
};
const Body = ({
user,
modals,
getUsers,
}: {
modals: ModalsContextProps;
user: User;
getUsers: () => void;
}) => {
const accountForm = useForm({
initialValues: {
username: user.username,
email: user.email,
isAdmin: user.isAdmin,
},
validate: yupResolver(
yup.object().shape({
email: yup.string().email(),
username: yup.string().min(3),
})
),
});
const passwordForm = useForm({
initialValues: {
password: "",
},
validate: yupResolver(
yup.object().shape({
password: yup.string().min(8),
})
),
});
return (
<Stack>
<form
id="accountForm"
onSubmit={accountForm.onSubmit(async (values) => {
userService
.update(user.id, values)
.then(() => {
getUsers();
modals.closeAll();
})
.catch(toast.axiosError);
})}
>
<Stack>
<TextInput
label="Username"
{...accountForm.getInputProps("username")}
/>
<TextInput label="Email" {...accountForm.getInputProps("email")} />
<Switch
mt="xs"
labelPosition="left"
label="Admin privileges"
{...accountForm.getInputProps("isAdmin", { type: "checkbox" })}
/>
</Stack>
</form>
<Accordion>
<Accordion.Item sx={{ borderBottom: "none" }} value="changePassword">
<Accordion.Control>Change password</Accordion.Control>
<Accordion.Panel>
<form
onSubmit={passwordForm.onSubmit(async (values) => {
userService
.update(user.id, {
password: values.password,
})
.then(() => toast.success("Password changed successfully"))
.catch(toast.axiosError);
})}
>
<Stack>
<PasswordInput
label="New password"
{...passwordForm.getInputProps("password")}
/>
<Button variant="light" type="submit">
Save new password
</Button>
</Stack>
</form>
</Accordion.Panel>
</Accordion.Item>
</Accordion>
<Group position="right">
<Button type="submit" form="accountForm">
Save
</Button>
</Group>
</Stack>
);
};
export default showUpdateUserModal;

139
frontend/src/components/auth/SignInForm.tsx Normal file
View File

@@ -0,0 +1,139 @@
import {
Anchor,
Button,
Container,
Paper,
PasswordInput,
Text,
TextInput,
Title,
} from "@mantine/core";
import { useForm, yupResolver } from "@mantine/form";
import { showNotification } from "@mantine/notifications";
import Link from "next/link";
import React from "react";
import { TbInfoCircle } from "react-icons/tb";
import * as yup from "yup";
import useConfig from "../../hooks/config.hook";
import authService from "../../services/auth.service";
import toast from "../../utils/toast.util";
const SignInForm = () => {
const config = useConfig();
const [showTotp, setShowTotp] = React.useState(false);
const [loginToken, setLoginToken] = React.useState("");
const validationSchema = yup.object().shape({
emailOrUsername: yup.string().required(),
password: yup.string().min(8).required(),
totp: yup.string().when("totpRequired", {
is: true,
then: yup.string().min(6).max(6).required(),
otherwise: yup.string(),
}),
});
const form = useForm({
initialValues: {
emailOrUsername: "",
password: "",
totp: "",
},
validate: yupResolver(validationSchema),
});
const signIn = (email: string, password: string) => {
authService
.signIn(email, password)
.then((response) => {
if (response.data["loginToken"]) {
// Prompt the user to enter their totp code
setShowTotp(true);
showNotification({
icon: <TbInfoCircle />,
color: "blue",
radius: "md",
title: "Two-factor authentication required",
message: "Please enter your two-factor authentication code",
});
setLoginToken(response.data["loginToken"]);
} else {
window.location.replace("/");
}
})
.catch(toast.axiosError);
};
const signInTotp = (email: string, password: string, totp: string) => {
authService
.signInTotp(email, password, totp, loginToken)
.then(() => window.location.replace("/"))
.catch((error) => {
if (error?.response?.data?.message == "Login token expired") {
toast.error("Login token expired");
// Refresh the page to start over
window.location.reload();
}
toast.axiosError(error);
form.setValues({ totp: "" });
});
};
return (
<Container size={420} my={40}>
<Title
align="center"
sx={(theme) => ({
fontFamily: `Greycliff CF, ${theme.fontFamily}`,
fontWeight: 900,
})}
>
Welcome back
</Title>
{config.get("ALLOW_REGISTRATION") && (
<Text color="dimmed" size="sm" align="center" mt={5}>
You don't have an account yet?{" "}
<Anchor component={Link} href={"signUp"} size="sm">
{"Sign up"}
</Anchor>
</Text>
)}
<Paper withBorder shadow="md" p={30} mt={30} radius="md">
<form
onSubmit={form.onSubmit((values) => {
if (showTotp)
signInTotp(values.emailOrUsername, values.password, values.totp);
else signIn(values.emailOrUsername, values.password);
})}
>
<TextInput
label="Email or username"
placeholder="you@email.com"
{...form.getInputProps("emailOrUsername")}
/>
<PasswordInput
label="Password"
placeholder="Your password"
mt="md"
{...form.getInputProps("password")}
/>
{showTotp && (
<TextInput
variant="filled"
label="Code"
placeholder="******"
mt="md"
{...form.getInputProps("totp")}
/>
)}
<Button fullWidth mt="xl" type="submit">
Sign in
</Button>
</form>
</Paper>
</Container>
);
};
export default SignInForm;

52
frontend/src/components/auth/AuthForm.tsx → frontend/src/components/auth/SignUpForm.tsx
View File

@@ -9,39 +9,35 @@ import {
Title,
} from "@mantine/core";
import { useForm, yupResolver } from "@mantine/form";
import getConfig from "next/config";
import Link from "next/link";
import * as yup from "yup";
import useConfig from "../../hooks/config.hook";
import authService from "../../services/auth.service";
import toast from "../../utils/toast.util";
const { publicRuntimeConfig } = getConfig();
const SignUpForm = () => {
const config = useConfig();
const AuthForm = ({ mode }: { mode: "signUp" | "signIn" }) => {
const validationSchema = yup.object().shape({
email: yup.string().email().required(),
username: yup.string().min(3).required(),
password: yup.string().min(8).required(),
});
const form = useForm({
initialValues: {
email: "",
username: "",
password: "",
},
validate: yupResolver(validationSchema),
});
const signIn = (email: string, password: string) => {
const signUp = (email: string, username: string, password: string) => {
authService
.signIn(email, password)
.then(() => window.location.replace("/upload"))
.catch((e) => toast.error(e.response.data.message));
};
const signUp = (email: string, password: string) => {
authService
.signUp(email, password)
.then(() => signIn(email, password))
.catch((e) => toast.error(e.response.data.message));
.signUp(email, username, password)
.then(() => window.location.replace("/"))
.catch(toast.axiosError);
};
return (
@@ -53,33 +49,31 @@ const AuthForm = ({ mode }: { mode: "signUp" | "signIn" }) => {
fontWeight: 900,
})}
>
{mode == "signUp" ? "Sign up" : "Welcome back"}
Sign up
</Title>
{publicRuntimeConfig.ALLOW_REGISTRATION == "true" && (
{config.get("ALLOW_REGISTRATION") && (
<Text color="dimmed" size="sm" align="center" mt={5}>
{mode == "signUp"
? "You have an account already?"
: "You don't have an account yet?"}{" "}
<Anchor
component={Link}
href={mode == "signUp" ? "signIn" : "signUp"}
size="sm"
>
{mode == "signUp" ? "Sign in" : "Sign up"}
You have an account already?{" "}
<Anchor component={Link} href={"signIn"} size="sm">
Sign in
</Anchor>
</Text>
)}
<Paper withBorder shadow="md" p={30} mt={30} radius="md">
<form
onSubmit={form.onSubmit((values) =>
mode == "signIn"
? signIn(values.email, values.password)
: signUp(values.email, values.password)
signUp(values.email, values.username, values.password)
)}
>
<TextInput
label="Username"
placeholder="john.doe"
{...form.getInputProps("username")}
/>
<TextInput
label="Email"
placeholder="you@email.com"
mt="md"
{...form.getInputProps("email")}
/>
<PasswordInput
@@ -89,7 +83,7 @@ const AuthForm = ({ mode }: { mode: "signUp" | "signIn" }) => {
{...form.getInputProps("password")}
/>
<Button fullWidth mt="xl" type="submit">
{mode == "signUp" ? "Let's get started" : "Sign in"}
Let's get started
</Button>
</form>
</Paper>
@@ -97,4 +91,4 @@ const AuthForm = ({ mode }: { mode: "signUp" | "signIn" }) => {
);
};
export default AuthForm;
export default SignUpForm;

20
frontend/src/components/navBar/ActionAvatar.tsx
View File

@@ -1,9 +1,12 @@
import { ActionIcon, Avatar, Menu } from "@mantine/core";
import Link from "next/link";
import { TbDoorExit, TbLink } from "react-icons/tb";
import { TbDoorExit, TbLink, TbSettings, TbUser } from "react-icons/tb";
import useUser from "../../hooks/user.hook";
import authService from "../../services/auth.service";
const ActionAvatar = () => {
const { user } = useUser();
return (
<Menu position="bottom-start" withinPortal>
<Menu.Target>
@@ -19,9 +22,22 @@ const ActionAvatar = () => {
>
My shares
</Menu.Item>
<Menu.Item component={Link} href="/account" icon={<TbUser size={14} />}>
My account
</Menu.Item>
{user!.isAdmin && (
<Menu.Item
component={Link}
href="/admin"
icon={<TbSettings size={14} />}
>
Administration
</Menu.Item>
)}
<Menu.Item
onClick={async () => {
authService.signOut();
await authService.signOut();
}}
icon={<TbDoorExit size={14} />}
>

12
frontend/src/components/navBar/NavBar.tsx
View File

@@ -11,15 +11,13 @@ import {
Transition,
} from "@mantine/core";
import { useDisclosure } from "@mantine/hooks";
import getConfig from "next/config";
import Link from "next/link";
import { ReactNode, useEffect, useState } from "react";
import useConfig from "../../hooks/config.hook";
import useUser from "../../hooks/user.hook";
import Logo from "../Logo";
import ActionAvatar from "./ActionAvatar";
const { publicRuntimeConfig } = getConfig();
const HEADER_HEIGHT = 60;
type NavLink = {
@@ -109,7 +107,9 @@ const useStyles = createStyles((theme) => ({
}));
const NavBar = () => {
const user = useUser();
const { user } = useUser();
const config = useConfig();
const [opened, toggleOpened] = useDisclosure(false);
const authenticatedLinks = [
@@ -130,7 +130,7 @@ const NavBar = () => {
]);
useEffect(() => {
if (publicRuntimeConfig.SHOW_HOME_PAGE == "true")
if (config.get("SHOW_HOME_PAGE"))
setUnauthenticatedLinks((array) => [
{
link: "/",
@@ -139,7 +139,7 @@ const NavBar = () => {
...array,
]);
if (publicRuntimeConfig.ALLOW_REGISTRATION == "true")
if (config.get("ALLOW_REGISTRATION"))
setUnauthenticatedLinks((array) => [
...array,
{

90
frontend/src/components/share/FileList.tsx
View File

@@ -9,52 +9,10 @@ const FileList = ({
shareId,
isLoading,
}: {
files: any[];
files?: any[];
shareId: string;
isLoading: boolean;
}) => {
const skeletonRows = [...Array(5)].map((c, i) => (
<tr key={i}>
<td>
<Skeleton height={30} width={30} />
</td>
<td>
<Skeleton height={14} />
</td>
<td>
<Skeleton height={14} />
</td>
<td>
<Skeleton height={25} width={25} />
</td>
</tr>
));
const rows = files.map((file) => (
<tr key={file.name}>
<td>{file.name}</td>
<td>{byteStringToHumanSizeString(file.size)}</td>
<td>
{file.uploadingState ? (
file.uploadingState != "finished" ? (
<Loader size={22} />
) : (
<TbCircleCheck color="green" size={22} />
)
) : (
<ActionIcon
size={25}
onClick={async () => {
await shareService.downloadFile(shareId, file.id);
}}
>
<TbDownload />
</ActionIcon>
)}
</td>
</tr>
));
return (
<Table>
<thead>
@@ -64,9 +22,53 @@ const FileList = ({
<th></th>
</tr>
</thead>
<tbody>{isLoading ? skeletonRows : rows}</tbody>
<tbody>
{isLoading
? skeletonRows
: files!.map((file) => (
<tr key={file.name}>
<td>{file.name}</td>
<td>{byteStringToHumanSizeString(file.size)}</td>
<td>
{file.uploadingState ? (
file.uploadingState != "finished" ? (
<Loader size={22} />
) : (
<TbCircleCheck color="green" size={22} />
)
) : (
<ActionIcon
size={25}
onClick={async () => {
await shareService.downloadFile(shareId, file.id);
}}
>
<TbDownload />
</ActionIcon>
)}
</td>
</tr>
))}
</tbody>
</Table>
);
};
const skeletonRows = [...Array(5)].map((c, i) => (
<tr key={i}>
<td>
<Skeleton height={30} width={30} />
</td>
<td>
<Skeleton height={14} />
</td>
<td>
<Skeleton height={14} />
</td>
<td>
<Skeleton height={25} width={25} />
</td>
</tr>
));
export default FileList;

25
frontend/src/components/upload/Dropzone.tsx
View File

@@ -1,14 +1,12 @@
import { Button, Center, createStyles, Group, Text } from "@mantine/core";
import { Dropzone as MantineDropzone } from "@mantine/dropzone";
import getConfig from "next/config";
import { Dispatch, ForwardedRef, SetStateAction, useRef } from "react";
import { TbCloudUpload, TbUpload } from "react-icons/tb";
import useConfig from "../../hooks/config.hook";
import { FileUpload } from "../../types/File.type";
import { byteStringToHumanSizeString } from "../../utils/math/byteStringToHumanSizeString.util";
import toast from "../../utils/toast.util";
const { publicRuntimeConfig } = getConfig();
const useStyles = createStyles((theme) => ({
wrapper: {
position: "relative",
@@ -40,27 +38,25 @@ const Dropzone = ({
isUploading: boolean;
setFiles: Dispatch<SetStateAction<FileUpload[]>>;
}) => {
const config = useConfig();
const { classes } = useStyles();
const openRef = useRef<() => void>();
return (
<div className={classes.wrapper}>
<MantineDropzone
maxSize={parseInt(publicRuntimeConfig.MAX_FILE_SIZE!)}
maxSize={parseInt(config.get("MAX_FILE_SIZE"))}
onReject={(e) => {
toast.error(e[0].errors[0].message);
}}
disabled={isUploading}
openRef={openRef as ForwardedRef<() => void>}
onDrop={(files) => {
if (files.length > 100) {
toast.error("You can't upload more than 100 files per share.");
} else {
const newFiles = files.map((file) => {
(file as FileUpload).uploadingProgress = 0;
return file as FileUpload;
});
setFiles(newFiles);
}
const newFiles = files.map((file) => {
(file as FileUpload).uploadingProgress = 0;
return file as FileUpload;
});
setFiles(newFiles);
}}
className={classes.dropzone}
radius="md"
@@ -75,8 +71,7 @@ const Dropzone = ({
<Text align="center" size="sm" mt="xs" color="dimmed">
Drag&apos;n&apos;drop files here to start your share. We can accept
only files that are less than{" "}
{byteStringToHumanSizeString(publicRuntimeConfig.MAX_FILE_SIZE)} in
size.
{byteStringToHumanSizeString(config.get("MAX_FILE_SIZE"))} in size.
</Text>
</div>
</MantineDropzone>

18
frontend/src/components/upload/modals/showCompletedUploadModal.tsx
View File

@@ -40,14 +40,16 @@ const Body = ({ share }: { share: Share }) => {
variant="filled"
value={link}
rightSection={
<ActionIcon
onClick={() => {
clipboard.copy(link);
toast.success("Your link was copied to the keyboard.");
}}
>
<TbCopy />
</ActionIcon>
window.isSecureContext && (
<ActionIcon
onClick={() => {
clipboard.copy(link);
toast.success("Your link was copied to the keyboard.");
}}
>
<TbCopy />
</ActionIcon>
)
}
/>
<Text

70
frontend/src/components/upload/modals/showCreateUploadModal.tsx
View File

@@ -12,37 +12,34 @@ import {
Select,
Stack,
Text,
Textarea,
TextInput,
Title,
} from "@mantine/core";
import { useForm, yupResolver } from "@mantine/form";
import { useModals } from "@mantine/modals";
import { ModalsContextProps } from "@mantine/modals/lib/context";
import getConfig from "next/config";
import { useState } from "react";
import { TbAlertCircle } from "react-icons/tb";
import * as yup from "yup";
import shareService from "../../../services/share.service";
import { ShareSecurity } from "../../../types/share.type";
import { CreateShare } from "../../../types/share.type";
import ExpirationPreview from "../ExpirationPreview";
const { publicRuntimeConfig } = getConfig();
const showCreateUploadModal = (
modals: ModalsContextProps,
isSignedIn: boolean,
uploadCallback: (
id: string,
expiration: string,
recipients: string[],
security: ShareSecurity
) => void
options: {
isUserSignedIn: boolean;
allowUnauthenticatedShares: boolean;
enableEmailRecepients: boolean;
},
uploadCallback: (createShare: CreateShare) => void
) => {
return modals.openModal({
title: <Title order={4}>Share</Title>,
children: (
<CreateUploadModalBody
isSignedIn={isSignedIn}
options={options}
uploadCallback={uploadCallback}
/>
),
@@ -51,21 +48,18 @@ const showCreateUploadModal = (
const CreateUploadModalBody = ({
uploadCallback,
isSignedIn,
options,
}: {
uploadCallback: (
id: string,
expiration: string,
recipients: string[],
security: ShareSecurity
) => void;
isSignedIn: boolean;
uploadCallback: (createShare: CreateShare) => void;
options: {
isUserSignedIn: boolean;
allowUnauthenticatedShares: boolean;
enableEmailRecepients: boolean;
};
}) => {
const modals = useModals();
const [showNotSignedInAlert, setShowNotSignedInAlert] = useState(
publicRuntimeConfig.ALLOW_UNAUTHENTICATED_SHARES == "true"
);
const [showNotSignedInAlert, setShowNotSignedInAlert] = useState(true);
const validationSchema = yup.object().shape({
link: yup
@@ -85,6 +79,7 @@ const CreateUploadModalBody = ({
recipients: [] as string[],
password: undefined,
maxViews: undefined,
description: undefined,
expiration_num: 1,
expiration_unit: "-days",
never_expires: false,
@@ -93,7 +88,7 @@ const CreateUploadModalBody = ({
});
return (
<Group>
{showNotSignedInAlert && !isSignedIn && (
{showNotSignedInAlert && !options.isUserSignedIn && (
<Alert
withCloseButton
onClose={() => setShowNotSignedInAlert(false)}
@@ -113,9 +108,15 @@ const CreateUploadModalBody = ({
const expiration = form.values.never_expires
? "never"
: form.values.expiration_num + form.values.expiration_unit;
uploadCallback(values.link, expiration, values.recipients, {
password: values.password,
maxViews: values.maxViews,
uploadCallback({
id: values.link,
expiration: expiration,
recipients: values.recipients,
description: values.description,
security: {
password: values.password,
maxViews: values.maxViews,
},
});
modals.closeAll();
}
@@ -225,7 +226,19 @@ const CreateUploadModalBody = ({
{ExpirationPreview({ form })}
</Text>
<Accordion>
{publicRuntimeConfig.EMAIL_RECIPIENTS_ENABLED == "true" && (
<Accordion.Item value="description" sx={{ borderBottom: "none" }}>
<Accordion.Control>Description</Accordion.Control>
<Accordion.Panel>
<Stack align="stretch">
<Textarea
variant="filled"
placeholder="Note for the recepients"
{...form.getInputProps("description")}
/>
</Stack>
</Accordion.Panel>
</Accordion.Item>
{options.enableEmailRecepients && (
<Accordion.Item value="recipients" sx={{ borderBottom: "none" }}>
<Accordion.Control>Email recipients</Accordion.Control>
<Accordion.Panel>
@@ -255,6 +268,7 @@ const CreateUploadModalBody = ({
</Accordion.Panel>
</Accordion.Item>
)}
<Accordion.Item value="security" sx={{ borderBottom: "none" }}>
<Accordion.Control>Security options</Accordion.Control>
<Accordion.Panel>

14
frontend/src/hooks/config.hook.ts Normal file
View File

@@ -0,0 +1,14 @@
import { createContext, useContext } from "react";
import configService from "../services/config.service";
import Config from "../types/config.type";
export const ConfigContext = createContext<Config[] | null>(null);
const useConfig = () => {
const configVariables = useContext(ConfigContext) as Config[];
return {
get: (key: string) => configService.get(key, configVariables),
};
};
export default useConfig;

30
frontend/src/hooks/usePreferences.ts Normal file
View File

@@ -0,0 +1,30 @@
const defaultPreferences = [
{
key: "colorScheme",
value: "system",
},
];
const get = (key: string) => {
if (typeof window !== "undefined") {
const preferences = JSON.parse(localStorage.getItem("preferences") ?? "{}");
return (
preferences[key] ??
defaultPreferences.find((p) => p.key == key)?.value ??
null
);
}
};
const set = (key: string, value: string) => {
if (typeof window !== "undefined") {
const preferences = JSON.parse(localStorage.getItem("preferences") ?? "{}");
preferences[key] = value;
localStorage.setItem("preferences", JSON.stringify(preferences));
}
};
const usePreferences = () => {
return { get, set };
};
export default usePreferences;

7
frontend/src/hooks/user.hook.ts
View File

@@ -1,7 +1,10 @@
import { createContext, useContext } from "react";
import { CurrentUser } from "../types/user.type";
import { UserHook } from "../types/user.type";
export const UserContext = createContext<CurrentUser | null>(null);
export const UserContext = createContext<UserHook>({
user: null,
setUser: () => {},
});
const useUser = () => {
return useContext(UserContext);

77
frontend/src/pages/_app.tsx
View File

@@ -1,5 +1,6 @@
import {
ColorScheme,
ColorSchemeProvider,
Container,
LoadingOverlay,
MantineProvider,
@@ -8,25 +9,33 @@ import { useColorScheme } from "@mantine/hooks";
import { ModalsProvider } from "@mantine/modals";
import { NotificationsProvider } from "@mantine/notifications";
import type { AppProps } from "next/app";
import { useRouter } from "next/router";
import { useEffect, useState } from "react";
import Header from "../components/navBar/NavBar";
import { ConfigContext } from "../hooks/config.hook";
import usePreferences from "../hooks/usePreferences";
import { UserContext } from "../hooks/user.hook";
import authService from "../services/auth.service";
import configService from "../services/config.service";
import userService from "../services/user.service";
import GlobalStyle from "../styles/global.style";
import globalStyle from "../styles/mantine.style";
import Config from "../types/config.type";
import { CurrentUser } from "../types/user.type";
import { GlobalLoadingContext } from "../utils/loading.util";
function App({ Component, pageProps }: AppProps) {
const systemTheme = useColorScheme();
const [colorScheme, setColorScheme] = useState<ColorScheme>();
const router = useRouter();
const preferences = usePreferences();
const [colorScheme, setColorScheme] = useState<ColorScheme>("light");
const [isLoading, setIsLoading] = useState(true);
const [user, setUser] = useState<CurrentUser | null>(null);
const [configVariables, setConfigVariables] = useState<Config[] | null>(null);
const getInitalData = async () => {
setIsLoading(true);
setConfigVariables(await configService.list());
await authService.refreshAccessToken();
setUser(await userService.getCurrentUser());
setIsLoading(false);
@@ -38,7 +47,21 @@ function App({ Component, pageProps }: AppProps) {
}, []);
useEffect(() => {
setColorScheme(systemTheme);
if (
configVariables &&
configVariables.filter((variable) => variable.key)[0].value == "false" &&
!["/auth/signUp", "/admin/setup"].includes(router.asPath)
) {
router.push(!user ? "/auth/signUp" : "/admin/setup");
}
}, [router.asPath]);
useEffect(() => {
setColorScheme(
preferences.get("colorScheme") == "system"
? systemTheme
: preferences.get("colorScheme")
);
}, [systemTheme]);
return (
@@ -47,31 +70,33 @@ function App({ Component, pageProps }: AppProps) {
withNormalizeCSS
theme={{ colorScheme, ...globalStyle }}
>
<GlobalStyle />
<NotificationsProvider>
<ModalsProvider>
<GlobalLoadingContext.Provider value={{ isLoading, setIsLoading }}>
{isLoading ? (
<LoadingOverlay visible overlayOpacity={1} />
) : (
<UserContext.Provider value={user}>
<LoadingOverlay visible={isLoading} overlayOpacity={1} />
<Header />
<Container>
<Component {...pageProps} />
</Container>
</UserContext.Provider>
)}
</GlobalLoadingContext.Provider>
</ModalsProvider>
</NotificationsProvider>
<ColorSchemeProvider
colorScheme={colorScheme}
toggleColorScheme={(value) => setColorScheme(value ?? "light")}
>
<GlobalStyle />
<NotificationsProvider>
<ModalsProvider>
<GlobalLoadingContext.Provider value={{ isLoading, setIsLoading }}>
{isLoading ? (
<LoadingOverlay visible overlayOpacity={1} />
) : (
<ConfigContext.Provider value={configVariables}>
<UserContext.Provider value={{ user, setUser }}>
<LoadingOverlay visible={isLoading} overlayOpacity={1} />
<Header />
<Container>
<Component {...pageProps} />
</Container>
</UserContext.Provider>
</ConfigContext.Provider>
)}
</GlobalLoadingContext.Provider>
</ModalsProvider>
</NotificationsProvider>
</ColorSchemeProvider>
</MantineProvider>
);
}
// Opts out of static site generation to use publicRuntimeConfig
App.getInitialProps = () => {
return {};
};
export default App;

276
frontend/src/pages/account/index.tsx Normal file
View File

@@ -0,0 +1,276 @@
import {
Button,
Center,
Container,
Group,
Paper,
PasswordInput,
Stack,
Tabs,
Text,
TextInput,
Title,
} from "@mantine/core";
import { useForm, yupResolver } from "@mantine/form";
import { useModals } from "@mantine/modals";
import { useRouter } from "next/router";
import { Tb2Fa } from "react-icons/tb";
import * as yup from "yup";
import showEnableTotpModal from "../../components/account/showEnableTotpModal";
import ThemeSwitcher from "../../components/account/ThemeSwitcher";
import useUser from "../../hooks/user.hook";
import authService from "../../services/auth.service";
import userService from "../../services/user.service";
import toast from "../../utils/toast.util";
const Account = () => {
const { user, setUser } = useUser();
const modals = useModals();
const router = useRouter();
const accountForm = useForm({
initialValues: {
username: user?.username,
email: user?.email,
},
validate: yupResolver(
yup.object().shape({
email: yup.string().email(),
username: yup.string().min(3),
})
),
});
const passwordForm = useForm({
initialValues: {
oldPassword: "",
password: "",
},
validate: yupResolver(
yup.object().shape({
oldPassword: yup.string().min(8),
password: yup.string().min(8),
})
),
});
const enableTotpForm = useForm({
initialValues: {
password: "",
},
validate: yupResolver(
yup.object().shape({
password: yup.string().min(8),
})
),
});
const disableTotpForm = useForm({
initialValues: {
password: "",
code: "",
},
validate: yupResolver(
yup.object().shape({
password: yup.string().min(8),
code: yup
.string()
.min(6)
.max(6)
.matches(/^[0-9]+$/, { message: "Code must be a number" }),
})
),
});
const refreshUser = async () => setUser(await userService.getCurrentUser());
if (!user) {
router.push("/");
return;
}
return (
<Container size="sm">
<Title order={3} mb="xs">
My account
</Title>
<Paper withBorder p="xl">
<Title order={5} mb="xs">
Account Info
</Title>
<form
onSubmit={accountForm.onSubmit((values) =>
userService
.updateCurrentUser({
username: values.username,
email: values.email,
})
.then(() => toast.success("User updated successfully"))
.catch(toast.axiosError)
)}
>
<Stack>
<TextInput
label="Username"
{...accountForm.getInputProps("username")}
/>
<TextInput label="Email" {...accountForm.getInputProps("email")} />
<Group position="right">
<Button type="submit">Save</Button>
</Group>
</Stack>
</form>
</Paper>
<Paper withBorder p="xl" mt="lg">
<Title order={5} mb="xs">
Password
</Title>
<form
onSubmit={passwordForm.onSubmit((values) =>
authService
.updatePassword(values.oldPassword, values.password)
.then(() => {
toast.success("Password updated successfully");
passwordForm.reset();
})
.catch(toast.axiosError)
)}
>
<Stack>
<PasswordInput
label="Old password"
{...passwordForm.getInputProps("oldPassword")}
/>
<PasswordInput
label="New password"
{...passwordForm.getInputProps("password")}
/>
<Group position="right">
<Button type="submit">Save</Button>
</Group>
</Stack>
</form>
</Paper>
<Paper withBorder p="xl" mt="lg">
<Title order={5} mb="xs">
Security
</Title>
<Tabs defaultValue="totp">
<Tabs.List>
<Tabs.Tab value="totp" icon={<Tb2Fa size={14} />}>
TOTP
</Tabs.Tab>
</Tabs.List>
<Tabs.Panel value="totp" pt="xs">
{user.totpVerified ? (
<>
<form
onSubmit={disableTotpForm.onSubmit((values) => {
authService
.disableTOTP(values.code, values.password)
.then(() => {
toast.success("Successfully disabled TOTP");
values.password = "";
values.code = "";
refreshUser();
})
.catch(toast.axiosError);
})}
>
<Stack>
<PasswordInput
description="Enter your current password to disable TOTP"
label="Password"
{...disableTotpForm.getInputProps("password")}
/>
<TextInput
variant="filled"
label="Code"
placeholder="******"
{...disableTotpForm.getInputProps("code")}
/>
<Group position="right">
<Button color="red" type="submit">
Disable
</Button>
</Group>
</Stack>
</form>
</>
) : (
<>
<form
onSubmit={enableTotpForm.onSubmit((values) => {
authService
.enableTOTP(values.password)
.then((result) => {
showEnableTotpModal(modals, refreshUser, {
qrCode: result.qrCode,
secret: result.totpSecret,
password: values.password,
});
values.password = "";
})
.catch(toast.axiosError);
})}
>
<Stack>
<PasswordInput
label="Password"
description="Enter your current password to start enabling TOTP"
{...enableTotpForm.getInputProps("password")}
/>
<Group position="right">
<Button type="submit">Start</Button>
</Group>
</Stack>
</form>
</>
)}
</Tabs.Panel>
</Tabs>
</Paper>
<Paper withBorder p="xl" mt="lg">
<Title order={5} mb="xs">
Color scheme
</Title>
<ThemeSwitcher />
</Paper>
<Center mt={80} mb="lg">
<Stack>
<Button
variant="light"
color="red"
onClick={() =>
modals.openConfirmModal({
title: "Account deletion",
children: (
<Text size="sm">
Do you really want to delete your account including all your
active shares?
</Text>
),
labels: { confirm: "Delete", cancel: "Cancel" },
confirmProps: { color: "red" },
onConfirm: async () => {
await userService.removeCurrentUser();
window.location.reload();
},
})
}
>
Delete Account
</Button>
</Stack>
</Center>
</Container>
);
};
export default Account;

19
frontend/src/pages/account/shares.tsx
View File

@@ -17,6 +17,7 @@ import Link from "next/link";
import { useRouter } from "next/router";
import { useEffect, useState } from "react";
import { TbLink, TbTrash } from "react-icons/tb";
import showShareLinkModal from "../../components/account/showShareLinkModal";
import Meta from "../../components/Meta";
import useUser from "../../hooks/user.hook";
import shareService from "../../services/share.service";
@@ -27,7 +28,7 @@ const MyShares = () => {
const modals = useModals();
const clipboard = useClipboard();
const router = useRouter();
const user = useUser();
const { user } = useUser();
const [shares, setShares] = useState<MyShare[]>();
@@ -83,12 +84,16 @@ const MyShares = () => {
variant="light"
size={25}
onClick={() => {
clipboard.copy(
`${window.location.origin}/share/${share.id}`
);
toast.success(
"Your link was copied to the keyboard."
);
if (window.isSecureContext) {
clipboard.copy(
`${window.location.origin}/share/${share.id}`
);
toast.success(
"Your link was copied to the keyboard."
);
} else {
showShareLinkModal(modals, share.id);
}
}}
>
<TbLink />

16
frontend/src/pages/admin/config.tsx Normal file
View File

@@ -0,0 +1,16 @@
import { Space, Title } from "@mantine/core";
import AdminConfigTable from "../../components/admin/configuration/AdminConfigTable";
const AdminConfig = () => {
return (
<>
<Title mb={30} order={3}>
Configuration
</Title>
<AdminConfigTable />
<Space h="xl" />
</>
);
};
export default AdminConfig;

100
frontend/src/pages/admin/index.tsx Normal file
View File

@@ -0,0 +1,100 @@
import {
Center,
Col,
createStyles,
Grid,
Paper,
Stack,
Text,
Title,
} from "@mantine/core";
import Link from "next/link";
import { useEffect, useState } from "react";
import { TbRefresh, TbSettings, TbUsers } from "react-icons/tb";
import configService from "../../services/config.service";
const useStyles = createStyles((theme) => ({
item: {
display: "flex",
flexDirection: "column",
alignItems: "center",
justifyContent: "center",
textAlign: "center",
height: 90,
"&:hover": {
boxShadow: `${theme.shadows.sm} !important`,
transform: "scale(1.01)",
},
},
}));
const Admin = () => {
const { classes, theme } = useStyles();
const [managementOptions, setManagementOptions] = useState([
{
title: "User management",
icon: TbUsers,
route: "/admin/users",
},
{
title: "Configuration",
icon: TbSettings,
route: "/admin/config",
},
]);
useEffect(() => {
configService.isNewReleaseAvailable().then((isNewReleaseAvailable) => {
if (isNewReleaseAvailable) {
setManagementOptions([
...managementOptions,
{
title: "Update",
icon: TbRefresh,
route:
"https://github.com/stonith404/pingvin-share/releases/tag/v0.5.0",
},
]);
}
});
}, []);
return (
<>
<Title mb={30} order={3}>
Administration
</Title>
<Stack justify="space-between" style={{ height: "calc(100vh - 180px)" }}>
<Paper withBorder p={40}>
<Grid>
{managementOptions.map((item) => {
return (
<Col xs={6} key={item.route}>
<Paper
withBorder
component={Link}
href={item.route}
key={item.title}
className={classes.item}
>
<item.icon color={theme.colors.victoria[8]} size={35} />
<Text mt={7}>{item.title}</Text>
</Paper>
</Col>
);
})}
</Grid>
</Paper>
<Center>
<Text size="xs" color="dimmed">
Version {process.env.VERSION}
</Text>
</Center>
</Stack>
</>
);
};
export default Admin;

36
frontend/src/pages/admin/setup.tsx Normal file
View File

@@ -0,0 +1,36 @@
import { Box, Stack, Text, Title } from "@mantine/core";
import { useRouter } from "next/router";
import AdminConfigTable from "../../components/admin/configuration/AdminConfigTable";
import Logo from "../../components/Logo";
import useConfig from "../../hooks/config.hook";
import useUser from "../../hooks/user.hook";
const Setup = () => {
const router = useRouter();
const config = useConfig();
const { user } = useUser();
if (!user) {
router.push("/auth/signUp");
return;
} else if (config.get("SETUP_FINISHED")) {
router.push("/");
return;
}
return (
<>
<Stack align="center">
<Logo height={80} width={80} />
<Title order={2}>Welcome to Pingvin Share</Title>
<Text>Let's customize Pingvin Share for you! </Text>
<Box style={{ width: "100%" }}>
<AdminConfigTable />
</Box>
</Stack>
</>
);
};
export default Setup;

73
frontend/src/pages/admin/users.tsx Normal file
View File

@@ -0,0 +1,73 @@
import { Button, Group, Space, Text, Title } from "@mantine/core";
import { useModals } from "@mantine/modals";
import { useEffect, useState } from "react";
import { TbPlus } from "react-icons/tb";
import ManageUserTable from "../../components/admin/ManageUserTable";
import showCreateUserModal from "../../components/admin/showCreateUserModal";
import userService from "../../services/user.service";
import User from "../../types/user.type";
import toast from "../../utils/toast.util";
const Users = () => {
const [users, setUsers] = useState<User[]>([]);
const [isLoading, setIsLoading] = useState(true);
const modals = useModals();
const getUsers = () => {
setIsLoading(true);
userService.list().then((users) => {
setUsers(users);
setIsLoading(false);
});
};
const deleteUser = (user: User) => {
modals.openConfirmModal({
title: `Delete ${user.username}?`,
children: (
<Text size="sm">
Do you really want to delete <b>{user.username}</b> and all his
shares?
</Text>
),
labels: { confirm: "Delete", cancel: "Cancel" },
confirmProps: { color: "red" },
onConfirm: async () => {
userService
.remove(user.id)
.then(() => setUsers(users.filter((v) => v.id != user.id)))
.catch(toast.axiosError);
},
});
};
useEffect(() => {
getUsers();
}, []);
return (
<>
<Group position="apart" align="baseline" mb={20}>
<Title mb={30} order={3}>
User management
</Title>
<Button
onClick={() => showCreateUserModal(modals, getUsers)}
leftIcon={<TbPlus size={20} />}
>
Create
</Button>
</Group>
<ManageUserTable
users={users}
getUsers={getUsers}
deleteUser={deleteUser}
isLoading={isLoading}
/>
<Space h="xl" />
</>
);
};
export default Users;

6
frontend/src/pages/auth/signIn.tsx
View File

@@ -1,10 +1,10 @@
import { useRouter } from "next/router";
import AuthForm from "../../components/auth/AuthForm";
import SignInForm from "../../components/auth/SignInForm";
import Meta from "../../components/Meta";
import useUser from "../../hooks/user.hook";
const SignIn = () => {
const user = useUser();
const { user } = useUser();
const router = useRouter();
if (user) {
router.replace("/");
@@ -12,7 +12,7 @@ const SignIn = () => {
return (
<>
<Meta title="Sign In" />
<AuthForm mode="signIn" />
<SignInForm />
</>
);
}

13
frontend/src/pages/auth/signUp.tsx
View File

@@ -1,23 +1,22 @@
import getConfig from "next/config";
import { useRouter } from "next/router";
import AuthForm from "../../components/auth/AuthForm";
import SignUpForm from "../../components/auth/SignUpForm";
import Meta from "../../components/Meta";
import useConfig from "../../hooks/config.hook";
import useUser from "../../hooks/user.hook";
const { publicRuntimeConfig } = getConfig();
const SignUp = () => {
const user = useUser();
const config = useConfig();
const { user } = useUser();
const router = useRouter();
if (user) {
router.replace("/");
} else if (publicRuntimeConfig.ALLOW_REGISTRATION == "false") {
} else if (!config.get("ALLOW_REGISTRATION")) {
router.replace("/auth/signIn");
} else {
return (
<>
<Meta title="Sign Up" />
<AuthForm mode="signUp" />
<SignUpForm />
</>
);
}

Some files were not shown because too many files have changed in this diff Show More