Home Explore Help
Sign In
mirrors
/
ntfy
mirror of https://github.com/binwiederhier/ntfy
1
0
Fork 0
Files Issues 0 Wiki
Tree: 0885951a67
Branches Tags
ntfy
/
web
/
src
/
app
/
AccountApi.js

AccountApi.js 12 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371 
  1. import {
    2. 

  2.     accountBillingPortalUrl,
    3. 

  3.     accountBillingSubscriptionUrl,
    4. 

  4.     accountPasswordUrl,
    5. 

  5.     accountReservationSingleUrl,
    6. 

  6.     accountReservationUrl,
    7. 

  7.     accountSettingsUrl,
    8. 

  8.     accountSubscriptionSingleUrl,
    9. 

  9.     accountSubscriptionUrl,
    10. 

  10.     accountTokenUrl,
    11. 

  11.     accountUrl,
    12. 

  12.     tiersUrl,
    13. 

  13.     withBasicAuth,
    14. 

  14.     withBearerAuth
    15. 

  15. } from "./utils";
    16. 

  16. import session from "./Session";
    17. 

  17. import subscriptionManager from "./SubscriptionManager";
    18. 

  18. import i18n from "i18next";
    19. 

  19. import prefs from "./Prefs";
    20. 

  20. import routes from "../components/routes";
    21. 

  21. import {fetchOrThrow, throwAppError, UnauthorizedError} from "./errors";
    22. 

  22. 

  23. const delayMillis = 45000; // 45 seconds
    24. 

  24. const intervalMillis = 900000; // 15 minutes
    25. 

  25. 

  26. class AccountApi {
    27. 

  27.     constructor() {
    28. 

  28.         this.timer = null;
    29. 

  29.         this.listener = null; // Fired when account is fetched from remote
    30. 

  30.     }
    31. 

  31. 

  32.     registerListener(listener) {
    33. 

  33.         this.listener = listener;
    34. 

  34.     }
    35. 

  35. 

  36.     resetListener() {
    37. 

  37.         this.listener = null;
    38. 

  38.     }
    39. 

  39. 

  40.     async login(user) {
    41. 

  41.         const url = accountTokenUrl(config.base_url);
    42. 

  42.         console.log(`[AccountApi] Checking auth for ${url}`);
    43. 

  43.         const response = await fetchOrThrow(url, {
    44. 

  44.             method: "POST",
    45. 

  45.             headers: withBasicAuth({}, user.username, user.password)
    46. 

  46.         });
    47. 

  47.         const json = await response.json(); // May throw SyntaxError
    48. 

  48.         if (!json.token) {
    49. 

  49.             throw new Error(`Unexpected server response: Cannot find token`);
    50. 

  50.         }
    51. 

  51.         return json.token;
    52. 

  52.     }
    53. 

  53. 

  54.     async logout() {
    55. 

  55.         const url = accountTokenUrl(config.base_url);
    56. 

  56.         console.log(`[AccountApi] Logging out from ${url} using token ${session.token()}`);
    57. 

  57.         await fetchOrThrow(url, {
    58. 

  58.             method: "DELETE",
    59. 

  59.             headers: withBearerAuth({}, session.token())
    60. 

  60.         });
    61. 

  61.     }
    62. 

  62. 

  63.     async create(username, password) {
    64. 

  64.         const url = accountUrl(config.base_url);
    65. 

  65.         const body = JSON.stringify({
    66. 

  66.             username: username,
    67. 

  67.             password: password
    68. 

  68.         });
    69. 

  69.         console.log(`[AccountApi] Creating user account ${url}`);
    70. 

  70.         await fetchOrThrow(url, {
    71. 

  71.             method: "POST",
    72. 

  72.             body: body
    73. 

  73.         });
    74. 

  74.     }
    75. 

  75. 

  76.     async get() {
    77. 

  77.         const url = accountUrl(config.base_url);
    78. 

  78.         console.log(`[AccountApi] Fetching user account ${url}`);
    79. 

  79.         const response = await fetchOrThrow(url, {
    80. 

  80.             headers: withBearerAuth({}, session.token())
    81. 

  81.         });
    82. 

  82.         const account = await response.json(); // May throw SyntaxError
    83. 

  83.         console.log(`[AccountApi] Account`, account);
    84. 

  84.         if (this.listener) {
    85. 

  85.             this.listener(account);
    86. 

  86.         }
    87. 

  87.         return account;
    88. 

  88.     }
    89. 

  89. 

  90.     async delete(password) {
    91. 

  91.         const url = accountUrl(config.base_url);
    92. 

  92.         console.log(`[AccountApi] Deleting user account ${url}`);
    93. 

  93.         await fetchOrThrow(url, {
    94. 

  94.             method: "DELETE",
    95. 

  95.             headers: withBearerAuth({}, session.token()),
    96. 

  96.             body: JSON.stringify({
    97. 

  97.                 password: password
    98. 

  98.             })
    99. 

  99.         });
    100. 

  100.     }
    101. 

  101. 

  102.     async changePassword(currentPassword, newPassword) {
    103. 

  103.         const url = accountPasswordUrl(config.base_url);
    104. 

  104.         console.log(`[AccountApi] Changing account password ${url}`);
    105. 

  105.         await fetchOrThrow(url, {
    106. 

  106.             method: "POST",
    107. 

  107.             headers: withBearerAuth({}, session.token()),
    108. 

  108.             body: JSON.stringify({
    109. 

  109.                 password: currentPassword,
    110. 

  110.                 new_password: newPassword
    111. 

  111.             })
    112. 

  112.         });
    113. 

  113.     }
    114. 

  114. 

  115.     async createToken(label, expires) {
    116. 

  116.         const url = accountTokenUrl(config.base_url);
    117. 

  117.         const body = {
    118. 

  118.             label: label,
    119. 

  119.             expires: (expires > 0) ? Math.floor(Date.now() / 1000) + expires : 0
    120. 

  120.         };
    121. 

  121.         console.log(`[AccountApi] Creating user access token ${url}`);
    122. 

  122.         await fetchOrThrow(url, {
    123. 

  123.             method: "POST",
    124. 

  124.             headers: withBearerAuth({}, session.token()),
    125. 

  125.             body: JSON.stringify(body)
    126. 

  126.         });
    127. 

  127.     }
    128. 

  128. 

  129.     async updateToken(token, label, expires) {
    130. 

  130.         const url = accountTokenUrl(config.base_url);
    131. 

  131.         const body = {
    132. 

  132.             token: token,
    133. 

  133.             label: label
    134. 

  134.         };
    135. 

  135.         if (expires > 0) {
    136. 

  136.             body.expires = Math.floor(Date.now() / 1000) + expires;
    137. 

  137.         }
    138. 

  138.         console.log(`[AccountApi] Creating user access token ${url}`);
    139. 

  139.         await fetchOrThrow(url, {
    140. 

  140.             method: "PATCH",
    141. 

  141.             headers: withBearerAuth({}, session.token()),
    142. 

  142.             body: JSON.stringify(body)
    143. 

  143.         });
    144. 

  144.     }
    145. 

  145. 

  146.     async extendToken() {
    147. 

  147.         const url = accountTokenUrl(config.base_url);
    148. 

  148.         console.log(`[AccountApi] Extending user access token ${url}`);
    149. 

  149.         await fetchOrThrow(url, {
    150. 

  150.             method: "PATCH",
    151. 

  151.             headers: withBearerAuth({}, session.token()),
    152. 

  152.             body: JSON.stringify({
    153. 

  153.                 token: session.token(),
    154. 

  154.                 expires: Math.floor(Date.now() / 1000) + 6220800 // FIXME
    155. 

  155.             })
    156. 

  156.         });
    157. 

  157.     }
    158. 

  158. 

  159.     async deleteToken(token) {
    160. 

  160.         const url = accountTokenUrl(config.base_url);
    161. 

  161.         console.log(`[AccountApi] Deleting user access token ${url}`);
    162. 

  162.         await fetchOrThrow(url, {
    163. 

  163.             method: "DELETE",
    164. 

  164.             headers: withBearerAuth({"X-Token": token}, session.token())
    165. 

  165.         });
    166. 

  166.     }
    167. 

  167. 

  168.     async updateSettings(payload) {
    169. 

  169.         const url = accountSettingsUrl(config.base_url);
    170. 

  170.         const body = JSON.stringify(payload);
    171. 

  171.         console.log(`[AccountApi] Updating user account ${url}: ${body}`);
    172. 

  172.         await fetchOrThrow(url, {
    173. 

  173.             method: "PATCH",
    174. 

  174.             headers: withBearerAuth({}, session.token()),
    175. 

  175.             body: body
    176. 

  176.         });
    177. 

  177.     }
    178. 

  178. 

  179.     async addSubscription(payload) {
    180. 

  180.         const url = accountSubscriptionUrl(config.base_url);
    181. 

  181.         const body = JSON.stringify(payload);
    182. 

  182.         console.log(`[AccountApi] Adding user subscription ${url}: ${body}`);
    183. 

  183.         const response = await fetchOrThrow(url, {
    184. 

  184.             method: "POST",
    185. 

  185.             headers: withBearerAuth({}, session.token()),
    186. 

  186.             body: body
    187. 

  187.         });
    188. 

  188.         const subscription = await response.json(); // May throw SyntaxError
    189. 

  189.         console.log(`[AccountApi] Subscription`, subscription);
    190. 

  190.         return subscription;
    191. 

  191.     }
    192. 

  192. 

  193.     async updateSubscription(remoteId, payload) {
    194. 

  194.         const url = accountSubscriptionSingleUrl(config.base_url, remoteId);
    195. 

  195.         const body = JSON.stringify(payload);
    196. 

  196.         console.log(`[AccountApi] Updating user subscription ${url}: ${body}`);
    197. 

  197.         const response = await fetchOrThrow(url, {
    198. 

  198.             method: "PATCH",
    199. 

  199.             headers: withBearerAuth({}, session.token()),
    200. 

  200.             body: body
    201. 

  201.         });
    202. 

  202.         const subscription = await response.json(); // May throw SyntaxError
    203. 

  203.         console.log(`[AccountApi] Subscription`, subscription);
    204. 

  204.         return subscription;
    205. 

  205.     }
    206. 

  206. 

  207.     async deleteSubscription(remoteId) {
    208. 

  208.         const url = accountSubscriptionSingleUrl(config.base_url, remoteId);
    209. 

  209.         console.log(`[AccountApi] Removing user subscription ${url}`);
    210. 

  210.         await fetchOrThrow(url, {
    211. 

  211.             method: "DELETE",
    212. 

  212.             headers: withBearerAuth({}, session.token())
    213. 

  213.         });
    214. 

  214.     }
    215. 

  215. 

  216.     async upsertReservation(topic, everyone) {
    217. 

  217.         const url = accountReservationUrl(config.base_url);
    218. 

  218.         console.log(`[AccountApi] Upserting user access to topic ${topic}, everyone=${everyone}`);
    219. 

  219.         await fetchOrThrow(url, {
    220. 

  220.             method: "POST",
    221. 

  221.             headers: withBearerAuth({}, session.token()),
    222. 

  222.             body: JSON.stringify({
    223. 

  223.                 topic: topic,
    224. 

  224.                 everyone: everyone
    225. 

  225.             })
    226. 

  226.         });
    227. 

  227.     }
    228. 

  228. 

  229.     async deleteReservation(topic, deleteMessages) {
    230. 

  230.         const url = accountReservationSingleUrl(config.base_url, topic);
    231. 

  231.         console.log(`[AccountApi] Removing topic reservation ${url}`);
    232. 

  232.         const headers = {
    233. 

  233.             "X-Delete-Messages": deleteMessages ? "true" : "false"
    234. 

  234.         }
    235. 

  235.         await fetchOrThrow(url, {
    236. 

  236.             method: "DELETE",
    237. 

  237.             headers: withBearerAuth(headers, session.token())
    238. 

  238.         });
    239. 

  239.     }
    240. 

  240. 

  241.     async billingTiers() {
    242. 

  242.         const url = tiersUrl(config.base_url);
    243. 

  243.         console.log(`[AccountApi] Fetching billing tiers`);
    244. 

  244.         const response = await fetchOrThrow(url); // No auth needed!
    245. 

  245.         return await response.json(); // May throw SyntaxError
    246. 

  246.     }
    247. 

  247. 

  248.     async createBillingSubscription(tier) {
    249. 

  249.         console.log(`[AccountApi] Creating billing subscription with ${tier}`);
    250. 

  250.         return await this.upsertBillingSubscription("POST", tier)
    251. 

  251.     }
    252. 

  252. 

  253.     async updateBillingSubscription(tier) {
    254. 

  254.         console.log(`[AccountApi] Updating billing subscription with ${tier}`);
    255. 

  255.         return await this.upsertBillingSubscription("PUT", tier)
    256. 

  256.     }
    257. 

  257. 

  258.     async upsertBillingSubscription(method, tier) {
    259. 

  259.         const url = accountBillingSubscriptionUrl(config.base_url);
    260. 

  260.         const response = await fetchOrThrow(url, {
    261. 

  261.             method: method,
    262. 

  262.             headers: withBearerAuth({}, session.token()),
    263. 

  263.             body: JSON.stringify({
    264. 

  264.                 tier: tier
    265. 

  265.             })
    266. 

  266.         });
    267. 

  267.         return await response.json(); // May throw SyntaxError
    268. 

  268.     }
    269. 

  269. 

  270.     async deleteBillingSubscription() {
    271. 

  271.         const url = accountBillingSubscriptionUrl(config.base_url);
    272. 

  272.         console.log(`[AccountApi] Cancelling billing subscription`);
    273. 

  273.         await fetchOrThrow(url, {
    274. 

  274.             method: "DELETE",
    275. 

  275.             headers: withBearerAuth({}, session.token())
    276. 

  276.         });
    277. 

  277.     }
    278. 

  278. 

  279.     async createBillingPortalSession() {
    280. 

  280.         const url = accountBillingPortalUrl(config.base_url);
    281. 

  281.         console.log(`[AccountApi] Creating billing portal session`);
    282. 

  282.         const response = await fetchOrThrow(url, {
    283. 

  283.             method: "POST",
    284. 

  284.             headers: withBearerAuth({}, session.token())
    285. 

  285.         });
    286. 

  286.         return await response.json(); // May throw SyntaxError
    287. 

  287.     }
    288. 

  288. 

  289.     async sync() {
    290. 

  290.         try {
    291. 

  291.             if (!session.token()) {
    292. 

  292.                 return null;
    293. 

  293.             }
    294. 

  294.             console.log(`[AccountApi] Syncing account`);
    295. 

  295.             const account = await this.get();
    296. 

  296.             if (account.language) {
    297. 

  297.                 await i18n.changeLanguage(account.language);
    298. 

  298.             }
    299. 

  299.             if (account.notification) {
    300. 

  300.                 if (account.notification.sound) {
    301. 

  301.                     await prefs.setSound(account.notification.sound);
    302. 

  302.                 }
    303. 

  303.                 if (account.notification.delete_after) {
    304. 

  304.                     await prefs.setDeleteAfter(account.notification.delete_after);
    305. 

  305.                 }
    306. 

  306.                 if (account.notification.min_priority) {
    307. 

  307.                     await prefs.setMinPriority(account.notification.min_priority);
    308. 

  308.                 }
    309. 

  309.             }
    310. 

  310.             if (account.subscriptions) {
    311. 

  311.                 await subscriptionManager.syncFromRemote(account.subscriptions, account.reservations);
    312. 

  312.             }
    313. 

  313.             return account;
    314. 

  314.         } catch (e) {
    315. 

  315.             console.log(`[AccountApi] Error fetching account`, e);
    316. 

  316.             if (e instanceof UnauthorizedError) {
    317. 

  317.                 session.resetAndRedirect(routes.login);
    318. 

  318.             }
    319. 

  319.         }
    320. 

  320.     }
    321. 

  321. 

  322.     startWorker() {
    323. 

  323.         if (this.timer !== null) {
    324. 

  324.             return;
    325. 

  325.         }
    326. 

  326.         console.log(`[AccountApi] Starting worker`);
    327. 

  327.         this.timer = setInterval(() => this.runWorker(), intervalMillis);
    328. 

  328.         setTimeout(() => this.runWorker(), delayMillis);
    329. 

  329.     }
    330. 

  330. 

  331.     async runWorker() {
    332. 

  332.         if (!session.token()) {
    333. 

  333.             return;
    334. 

  334.         }
    335. 

  335.         console.log(`[AccountApi] Extending user access token`);
    336. 

  336.         try {
    337. 

  337.             await this.extendToken();
    338. 

  338.         } catch (e) {
    339. 

  339.             console.log(`[AccountApi] Error extending user access token`, e);
    340. 

  340.         }
    341. 

  341.     }
    342. 

  342. }
    343. 

  343. 

  344. // Maps to user.Role in user/types.go
    345. 

  345. export const Role = {
    346. 

  346.     ADMIN: "admin",
    347. 

  347.     USER: "user"
    348. 

  348. };
    349. 

  349. 

  350. // Maps to server.visitorLimitBasis in server/visitor.go
    351. 

  351. export const LimitBasis = {
    352. 

  352.     IP: "ip",
    353. 

  353.     TIER: "tier"
    354. 

  354. };
    355. 

  355. 

  356. // Maps to stripe.SubscriptionStatus
    357. 

  357. export const SubscriptionStatus = {
    358. 

  358.     ACTIVE: "active",
    359. 

  359.     PAST_DUE: "past_due"
    360. 

  360. };
    361. 

  361. 

  362. // Maps to user.Permission in user/types.go
    363. 

  363. export const Permission = {
    364. 

  364.     READ_WRITE: "read-write",
    365. 

  365.     READ_ONLY: "read-only",
    366. 

  366.     WRITE_ONLY: "write-only",
    367. 

  367.     DENY_ALL: "deny-all"
    368. 

  368. };
    369. 

  369. 

  370. const accountApi = new AccountApi();
    371. 

  371. export default accountApi;
    372.