diff --git a/.prettierignore b/.prettierignore
index 51116757..9531c159 100644
--- a/.prettierignore
+++ b/.prettierignore
@@ -2,4 +2,5 @@ assets
dist
node_modules
.github
-.vscode
\ No newline at end of file
+.vscode
+hashes.json
diff --git a/flake.nix b/flake.nix
index 00a18f64..cc624004 100644
--- a/flake.nix
+++ b/flake.nix
@@ -13,11 +13,21 @@
inherit system;
};
hashesFile = builtins.fromJSON (builtins.readFile ./hashes.json);
+ lib = pkgs.lib;
in rec {
packages.default = pkgs.buildNpmPackage {
pname = "spacebar-server-ts";
- src = ./.;
name = "spacebar-server-ts";
+
+ meta = with lib; {
+ description = "Spacebar server, a FOSS reimplementation of the Discord backend.";
+ homepage = "https://github.com/spacebarchat/server";
+ license = licenses.agpl3Plus;
+ platforms = platforms.all;
+ mainProgram = "start-bundle";
+ };
+
+ src = ./.;
nativeBuildInputs = with pkgs; [ python3 ];
npmDepsHash = hashesFile.npmDepsHash;
makeCacheWritable = true;
diff --git a/hashes.json b/hashes.json
index 52864e4b..e5996816 100644
--- a/hashes.json
+++ b/hashes.json
@@ -1,3 +1,3 @@
{
- "npmDepsHash": "sha256-kdS1SwcBu6Dor92iO1ickLgz0T5UL16nyA49xXGajf4="
+ "npmDepsHash": "sha256-qcHlktC4qrhOJ6AwKbccPkr0cVrAtPhGK+xD/eV+scU="
}
diff --git a/nix-update.sh b/nix-update.sh
index a7186962..05d6d3d7 100755
--- a/nix-update.sh
+++ b/nix-update.sh
@@ -1,10 +1,10 @@
#!/usr/bin/env nix-shell
#!nix-shell -i "bash -x" -p bash prefetch-npm-deps jq git nix-output-monitor
-nix flake update
+nix flake update --extra-experimental-features 'nix-command flakes'
DEPS_HASH=`prefetch-npm-deps package-lock.json`
TMPFILE=$(mktemp)
jq '.npmDepsHash = "'$DEPS_HASH'"' hashes.json > $TMPFILE
mv -- "$TMPFILE" hashes.json
-nom build .# || exit $?
-git add hashes.json flake.lock flake.nix
\ No newline at end of file
+nom build .# --extra-experimental-features 'nix-command flakes' || exit $?
+git add hashes.json flake.lock flake.nix
diff --git a/package-lock.json b/package-lock.json
index 793aebe4..055d2a1a 100644
Binary files a/package-lock.json and b/package-lock.json differ
diff --git a/package.json b/package.json
index 0b6907e9..e95d6253 100644
--- a/package.json
+++ b/package.json
@@ -117,6 +117,7 @@
},
"optionalDependencies": {
"erlpack": "^0.1.4",
+ "jimp": "^0.22.12",
"mysql": "^2.18.1",
"nodemailer-mailgun-transport": "^2.1.5",
"nodemailer-mailjet-transport": "github:n0script22/nodemailer-mailjet-transport",
diff --git a/src/api/Server.ts b/src/api/Server.ts
index 40d2b6dc..bea75d7e 100644
--- a/src/api/Server.ts
+++ b/src/api/Server.ts
@@ -34,7 +34,7 @@ import "missing-native-js-functions";
import morgan from "morgan";
import path from "path";
import { red } from "picocolors";
-import { Authentication, CORS } from "./middlewares/";
+import { Authentication, CORS, ImageProxy } from "./middlewares/";
import { BodyParser } from "./middlewares/BodyParser";
import { ErrorHandler } from "./middlewares/ErrorHandler";
import { initRateLimits } from "./middlewares/RateLimit";
@@ -137,6 +137,8 @@ export class SpacebarServer extends Server {
app.use("/api/v9", api);
app.use("/api", api); // allow unversioned requests
+ app.use("/imageproxy/:hash/:size/:url", ImageProxy);
+
app.get("/", (req, res) =>
res.sendFile(path.join(PUBLIC_ASSETS_FOLDER, "index.html")),
);
diff --git a/src/api/middlewares/ImageProxy.ts b/src/api/middlewares/ImageProxy.ts
new file mode 100644
index 00000000..537c5da1
--- /dev/null
+++ b/src/api/middlewares/ImageProxy.ts
@@ -0,0 +1,180 @@
+/*
+ Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
+ Copyright (C) 2023 Spacebar and Spacebar Contributors
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see .
+*/
+
+import { Config, JimpType } from "@spacebar/util";
+import { Request, Response } from "express";
+import { yellow } from "picocolors";
+import crypto from "crypto";
+import fetch from "node-fetch";
+
+let sharp: undefined | false | { default: typeof import("sharp") } = undefined;
+
+let Jimp: JimpType | undefined = undefined;
+try {
+ Jimp = require("jimp") as JimpType;
+} catch {
+ // empty
+}
+
+let sentImageProxyWarning = false;
+
+const sharpSupported = new Set([
+ "image/jpeg",
+ "image/png",
+ "image/bmp",
+ "image/tiff",
+ "image/gif",
+ "image/webp",
+ "image/avif",
+ "image/svg+xml",
+]);
+const jimpSupported = new Set([
+ "image/jpeg",
+ "image/png",
+ "image/bmp",
+ "image/tiff",
+ "image/gif",
+]);
+const resizeSupported = new Set([...sharpSupported, ...jimpSupported]);
+
+export async function ImageProxy(req: Request, res: Response) {
+ const path = req.originalUrl.split("/").slice(2);
+
+ // src/api/util/utility/EmbedHandlers.ts getProxyUrl
+ const hash = crypto
+ .createHmac("sha1", Config.get().security.requestSignature)
+ .update(path.slice(1).join("/"))
+ .digest("base64")
+ .replace(/\+/g, "-")
+ .replace(/\//g, "_");
+
+ try {
+ if (!crypto.timingSafeEqual(Buffer.from(hash), Buffer.from(path[0])))
+ throw new Error("Invalid signature");
+ } catch {
+ console.log("Invalid signature, expected " + hash + " got " + path[0]);
+ res.status(403).send("Invalid signature");
+ return;
+ }
+
+ const abort = new AbortController();
+ setTimeout(() => abort.abort(), 5000);
+
+ const request = await fetch(path.slice(2).join("/"), {
+ headers: {
+ "User-Agent": "SpacebarImageProxy/1.0.0 (https://spacebar.chat)",
+ },
+ signal: abort.signal,
+ }).catch((e) => {
+ if (e.name === "AbortError") res.status(504).send("Request timed out");
+ else res.status(500).send("Unable to proxy origin: " + e.message);
+ });
+ if (!request) return;
+
+ if (request.status !== 200) {
+ res.status(request.status).send(
+ "Origin failed to respond: " +
+ request.status +
+ " " +
+ request.statusText,
+ );
+ return;
+ }
+
+ if (
+ !request.headers.get("Content-Type") ||
+ !request.headers.get("Content-Length")
+ ) {
+ res.status(500).send(
+ "Origin did not provide a Content-Type or Content-Length header",
+ );
+ return;
+ }
+
+ // @ts-expect-error TS doesn't believe that the header cannot be null (it's checked for falsiness above)
+ if (parseInt(request.headers.get("Content-Length")) > 1024 * 1024 * 10) {
+ res.status(500).send(
+ "Origin provided a Content-Length header that is too large",
+ );
+ return;
+ }
+
+ // @ts-expect-error TS doesn't believe that the header cannot be null (it's checked for falsiness above)
+ let contentType: string = request.headers.get("Content-Type");
+
+ const arrayBuffer = await request.arrayBuffer();
+ let resultBuffer = Buffer.from(arrayBuffer);
+
+ if (
+ !sentImageProxyWarning &&
+ resizeSupported.has(contentType) &&
+ /^\d+x\d+$/.test(path[1])
+ ) {
+ if (sharp !== false) {
+ try {
+ sharp = await import("sharp");
+ } catch {
+ sharp = false;
+ }
+ }
+
+ if (sharp === false && !Jimp) {
+ try {
+ // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+ // @ts-ignore Typings don't fit
+ Jimp = await import("jimp");
+ } catch {
+ sentImageProxyWarning = true;
+ console.log(
+ `[ImageProxy] ${yellow(
+ 'Neither "sharp" or "jimp" NPM packages are installed, image resizing will be disabled',
+ )}`,
+ );
+ }
+ }
+
+ const [width, height] = path[1].split("x").map((x) => parseInt(x));
+
+ const buffer = Buffer.from(arrayBuffer);
+ if (sharp && sharpSupported.has(contentType)) {
+ resultBuffer = await sharp
+ .default(buffer)
+ // Sharp doesn't support "scaleToFit"
+ .resize(width)
+ .toBuffer();
+ } else if (Jimp && jimpSupported.has(contentType)) {
+ resultBuffer = await Jimp.read(buffer).then((image) => {
+ contentType = image.getMIME();
+ return (
+ image
+ .scaleToFit(width, height)
+ // @ts-expect-error Jimp is defined at this point
+ .getBufferAsync(Jimp.AUTO)
+ );
+ });
+ }
+ }
+
+ res.header("Content-Type", contentType);
+ res.setHeader(
+ "Cache-Control",
+ "public, max-age=" + Config.get().cdn.proxyCacheHeaderSeconds,
+ );
+
+ res.send(resultBuffer);
+}
diff --git a/src/api/middlewares/index.ts b/src/api/middlewares/index.ts
index 6384e1aa..9fd617f6 100644
--- a/src/api/middlewares/index.ts
+++ b/src/api/middlewares/index.ts
@@ -21,3 +21,4 @@ export * from "./BodyParser";
export * from "./CORS";
export * from "./ErrorHandler";
export * from "./RateLimit";
+export * from "./ImageProxy";
diff --git a/src/util/config/types/CdnConfiguration.ts b/src/util/config/types/CdnConfiguration.ts
index 03319081..842cb87c 100644
--- a/src/util/config/types/CdnConfiguration.ts
+++ b/src/util/config/types/CdnConfiguration.ts
@@ -1,17 +1,17 @@
/*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors
-
+
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
@@ -25,4 +25,6 @@ export class CdnConfiguration extends EndpointConfiguration {
endpointPublic: string | null = null;
endpointPrivate: string | null = null;
+
+ proxyCacheHeaderSeconds: number = 60 * 60 * 24;
}
diff --git a/src/util/entities/UserSettings.ts b/src/util/entities/UserSettings.ts
index d3efe79b..6f09c9b3 100644
--- a/src/util/entities/UserSettings.ts
+++ b/src/util/entities/UserSettings.ts
@@ -1,17 +1,17 @@
/*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors
-
+
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
-
+
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
diff --git a/src/util/imports/Jimp.ts b/src/util/imports/Jimp.ts
new file mode 100644
index 00000000..c1389e03
--- /dev/null
+++ b/src/util/imports/Jimp.ts
@@ -0,0 +1,23 @@
+/*
+ Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
+ Copyright (C) 2023 Spacebar and Spacebar Contributors
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see .
+*/
+
+/* eslint-disable @typescript-eslint/no-explicit-any */
+
+export type JimpType = {
+ read: (data: Buffer) => Promise;
+};
diff --git a/src/util/imports/index.ts b/src/util/imports/index.ts
index 08b870bc..4bc5a6c5 100644
--- a/src/util/imports/index.ts
+++ b/src/util/imports/index.ts
@@ -18,3 +18,4 @@
export * from "./OrmUtils";
export * from "./Erlpack";
+export * from "./Jimp";