mirror of
https://github.com/HeyPuter/puter.git
synced 2026-05-03 08:00:32 +00:00
Daniel Salazar
d4d78ac7db
* fix: dynamodb health checks and client recreation (#2789) * wip: no nanoServices groundwork * feat: data clients in new shape * wip: auth and perms in new system * more wip * middlewaters mainly done * wip: fsv2 in new layout * old fs v2 migration * driver system * driver and old fs fixes * ai drivers wip * stream support * metering in ai chat driver * wip: new auth * rate limit and auth routes * captcha and anti csrf * fix: types * auth store * app logic * wip most other dricvers * fs * mostly kill all legacy stuff * fs finish * fix: redis usage * ai controller * driver cleanup * socket io in v2 * broadcast and crudq stuff * subdomains * notifcations and shares * fix bad syntaxes * auth wip Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * extensions * extension setup * more routes * sql migrations and default services * home router * tier 7 * everything else * everything else * remaining missing bits * server health * logs * cleanup * deps * cleanup 2 * more cleanup 2 * boot * fix launch * config fix * move file * fix: tsconfig things * fix: extension loading * launching * fix: drivers * fix: others * fix: icons * fix: file uploads * fs fixes * fix: fs api * fix: dev-center * config * add back telemetry * lint stuff * husky hooks * fix: fs oss * fix: config migration * config migration * migrate scripts + replicate * runner * fix: merge defafult config * fix: default region * fix: api domain * fix paths in readfile * fix fs entry default s3 * NS: Remove Referral && Entri Service * dep cleanups * fix: static assets * fix: kv and perms * fix: driver registrations * fix: home mapping * fix: rao * adding back 500 alarm * fix: build paths * fix: fs and kv shapes * fix: kv shape * more kv coercing and ai chat matching format as prior * fix: private app gates * private app caches * fix: whole bunch of legacy shape issues * update template jsonc * fix caching partial oidc and fs signed paths * more oidc fixes * fix: wip * fix: private apps * admin route fixes * fix: last few things hopefully * claude uploads * fix security for app only routes * fix kv system namespace * stuff * fix: app and kv and suggested apps * fix:open item * fix: FS operations * fix: default app icons * add back token-read and WSL support * metering fixes * fix: fsEntry * perm scanners and implicators * proper download endpoint * fix: download * fix anti csrft on v2 * fix file extensions, app icons * fold in v1 fixes from origin/main into v2 equivalents Re-applies the v1 fixes that landed on origin/main into their v2 counterparts since the v1 files were deleted on DS/wip during the v2 migration. v1 commits referenced below. - SQLBatcher: flush immediately when queue hits maxBatchSize instead of racing the timer (v1 12f48238). - RedisClient: drop maxRetriesPerRequest from 2 to 1 to shrink failure window (v1b6776ab4). - ChatCompletionDriver: default minimumCredits to 1 when unset/zero so zero-cost precheck doesn't auto-pass (v136bd6073). - OpenAiImageProvider: add gpt-image-2 support — open-ended size rules, token-based cost estimator, arbitrary-size normalizer, isGpt prefix broadened to gpt-image- (v1f14f1bf4). models.ts auto-merged via rename detection. - AppStore: bump row cache TTL from 5m to 24h (v16b3196ed). Not ported: v1 app-object Redis cache (bdfa12b5/b886dde3) — v2's #toClient recomputes filetype_associations/created_from_origin per read; adding a second cache layer is a larger change for a follow-up. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * remoe anti-csrf from auth routes that had not used them * more icon fixes * fix worker functionality * fix: app and subdomain es Co-authored-by: Copilot <copilot@github.com> * fix PUT-761 * fix: PUT-748 * fix: rename fsService * Add security back to WorkerDriver * Migrate worker from fsEntry to fs. Fix cache issue * remove ability to create symlinks * strict webdav acl * require auth for wisp * chore: service renames * Add metering back to puter peer api * fix: PUT-760 PUT-749 * fix: PUT-746 * fix: peer cost Co-authored-by: Copilot <copilot@github.com> * fix: 771 * change order of peer controller * fix: create appdata folder for app on get auth token * fix: align delete site and list sites * delete: putility * fix subdomains * Add support for tilde in subdomains, fix subdomain update * cleanup PeerController.ts and fix billing oversight (#2844) * fix: PUT-786 * fix: bugs * fix: issues with multiple subdomain queries, or permission checks * fix: harden response shapes to not contain uneeded fields * fix: move state to redis * fix: missing kv methods + better sec Co-authored-by: Copilot <copilot@github.com> * fix: subdomainStore limit * fix: missing path resolution Co-authored-by: Copilot <copilot@github.com> * fs fixes * fix: undef error * fix fs + cleanup * fix: npm audit fixes * heal path entries where missing Co-authored-by: Copilot <copilot@github.com> * fix: caching Co-authored-by: Copilot <copilot@github.com> * fix: cache inconsistencies Co-authored-by: Copilot <copilot@github.com> * fix: app driver metadata Co-authored-by: Copilot <copilot@github.com> * remove extraneous comma * fix: associated app icons * fix: bad tool call * Add validation to WorkerDriver#getFilePaths * misc fs and auth issues Co-authored-by: Copilot <copilot@github.com> * fix: oidc errors Co-authored-by: Copilot <copilot@github.com> * fix: PUT-797 * fix: legacy appdata_app Co-authored-by: Copilot <copilot@github.com> * fix: add alert logs Co-authored-by: Copilot <copilot@github.com> * fix: error handling * Disable sharecontroller * fix: remove private user identifier for ai * fix: private app fixes * Add backback signup_server * fix: completionId size Co-authored-by: Copilot <copilot@github.com> * fix: revalidate path for oidc * fix: revalidate path for oidc * fix: email validation Co-authored-by: Copilot <copilot@github.com> * fix: user create query * fix: middleware extensions Co-authored-by: Copilot <copilot@github.com> * use x-forwarded-for for req ip forwarded * fix: missing last_activity ts * feat: add cache broadcast to subdomains * fix: update config typing --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: ProgrammerIn-wonderland <3838shah@gmail.com> Co-authored-by: Copilot <copilot@github.com> Co-authored-by: Nariman Jelveh <nj@puter.com> Co-authored-by: velzie <velzie@velzie.rip>
179 lines
6.4 KiB
TypeScript
179 lines
6.4 KiB
TypeScript
import { Context } from '@heyputer/backend/src/core';
|
|
import { extension } from '@heyputer/backend/src/extensions';
|
|
import { getTaskbarItems } from '@heyputer/backend/src/util/taskbarItems.js';
|
|
import TimeAgo from 'javascript-time-ago';
|
|
import localeEn from 'javascript-time-ago/locale/en';
|
|
|
|
const stores = extension.import('store');
|
|
const services = extension.import('service');
|
|
const clients = extension.import('client');
|
|
|
|
const timeago = (() => {
|
|
TimeAgo.addDefaultLocale(localeEn);
|
|
return new TimeAgo('en-US');
|
|
})();
|
|
|
|
// Allowlist of `config.feature_flags` keys safe to surface via /whoami.
|
|
// Anything not listed here stays server-side, so internal flags
|
|
// (payment_bypass, staff_only_*, etc.) cannot leak by accident. Add a
|
|
// flag here when, and only when, the client actually needs to read it.
|
|
const CLIENT_VISIBLE_FEATURE_FLAGS: ReadonlySet<string> = new Set([
|
|
'create_shortcut',
|
|
'download_directory',
|
|
'prompt_user_when_navigation_away_from_puter',
|
|
]);
|
|
|
|
extension.get(
|
|
'/whoami',
|
|
{ subdomain: 'api', requireAuth: true },
|
|
async (req, res) => {
|
|
const actor = Context.get('actor');
|
|
if (!actor?.user?.id) {
|
|
res.status(401).json({ error: 'Authentication required' });
|
|
return;
|
|
}
|
|
|
|
const isUser = !actor.app;
|
|
const user = await stores.user.getById(actor.user.id);
|
|
if (!user) {
|
|
res.status(404).json({ error: 'User not found' });
|
|
return;
|
|
}
|
|
|
|
const oidcOnly = user.password === null;
|
|
const ALLOWED_ICON_SIZES = new Set([16, 32, 64, 128, 256, 512]);
|
|
const rawIconSize =
|
|
typeof req.query?.icon_size === 'string'
|
|
? Number(req.query.icon_size)
|
|
: undefined;
|
|
const iconSize =
|
|
rawIconSize !== undefined && ALLOWED_ICON_SIZES.has(rawIconSize)
|
|
? rawIconSize
|
|
: undefined;
|
|
const noIcons = !iconSize;
|
|
|
|
// Feature flags come from `config.feature_flags`. We only forward keys
|
|
// listed in CLIENT_VISIBLE_FEATURE_FLAGS so internal flags can't leak.
|
|
// Non-boolean values (e.g. `"true"` as a string) are coerced so the
|
|
// client never has to guess.
|
|
const rawFlags = extension.config.feature_flags ?? {};
|
|
const feature_flags: Record<string, boolean> = {};
|
|
for (const [k, v] of Object.entries(rawFlags)) {
|
|
if (CLIENT_VISIBLE_FEATURE_FLAGS.has(k)) {
|
|
feature_flags[k] = Boolean(v);
|
|
}
|
|
}
|
|
|
|
const details: Record<string, unknown> = {
|
|
username: user.username,
|
|
uuid: user.uuid,
|
|
email: user.email,
|
|
unconfirmed_email: user.email,
|
|
email_confirmed: user.email_confirmed || user.username === 'admin',
|
|
requires_email_confirmation: user.requires_email_confirmation,
|
|
desktop_bg_url: user.desktop_bg_url,
|
|
desktop_bg_color: user.desktop_bg_color,
|
|
desktop_bg_fit: user.desktop_bg_fit,
|
|
is_temp: user.password === null && user.email === null,
|
|
oidc_only: oidcOnly,
|
|
taskbar_items: isUser
|
|
? await getTaskbarItems(
|
|
user,
|
|
{
|
|
clients,
|
|
stores,
|
|
services,
|
|
apiBaseUrl: String(
|
|
extension.config.api_base_url ?? '',
|
|
),
|
|
},
|
|
{ iconSize, noIcons },
|
|
)
|
|
: undefined,
|
|
otp: !!user.otp_enabled,
|
|
feature_flags,
|
|
human_readable_age: user.timestamp
|
|
? timeago.format(new Date(user.timestamp as string))
|
|
: null,
|
|
};
|
|
|
|
// OIDC revalidate URL for password-less accounts
|
|
if (oidcOnly) {
|
|
try {
|
|
const providers = await services.oidc.getEnabledProviderIds();
|
|
const provider = providers?.[0];
|
|
if (provider) {
|
|
const callbackUrl =
|
|
services.oidc.getCallbackUrl?.('login') ?? '';
|
|
const origin = callbackUrl.replace(
|
|
/\/auth\/oidc\/callback\/login$/,
|
|
'',
|
|
);
|
|
details.oidc_revalidate_url = `${origin}/auth/oidc/${provider}/start?flow=revalidate&user_uuid=${encodeURIComponent(user.uuid)}`;
|
|
}
|
|
} catch {
|
|
// OIDC not configured
|
|
}
|
|
}
|
|
|
|
// Directories — only sent to user actors
|
|
if (isUser) {
|
|
const directories: Record<string, unknown> = {};
|
|
const nameToProp: Record<string, string> = {
|
|
desktop_uuid: `/${user.username}/Desktop`,
|
|
appdata_uuid: `/${user.username}/AppData`,
|
|
documents_uuid: `/${user.username}/Documents`,
|
|
pictures_uuid: `/${user.username}/Pictures`,
|
|
videos_uuid: `/${user.username}/Videos`,
|
|
trash_uuid: `/${user.username}/Trash`,
|
|
};
|
|
for (const k in nameToProp) {
|
|
directories[nameToProp[k]] = user[k];
|
|
}
|
|
details.directories = directories;
|
|
}
|
|
|
|
// Last activity
|
|
if (user.last_activity_ts) {
|
|
try {
|
|
details.last_activity_ts = Math.round(
|
|
new Date(user.last_activity_ts as string).getTime() / 1000,
|
|
);
|
|
} catch {
|
|
/* ignore parse error */
|
|
}
|
|
}
|
|
|
|
// Strip sensitive fields for app actors
|
|
if (!isUser) {
|
|
const canReadEmail = await services.permission
|
|
.check(actor, `user:${user.uuid}:email:read`)
|
|
.catch(() => false);
|
|
if (!canReadEmail) {
|
|
delete details.email;
|
|
delete details.unconfirmed_email;
|
|
}
|
|
delete details.desktop_bg_url;
|
|
delete details.desktop_bg_color;
|
|
delete details.desktop_bg_fit;
|
|
delete details.human_readable_age;
|
|
}
|
|
|
|
if (actor.app) {
|
|
details.app_name = actor.app.uid;
|
|
}
|
|
|
|
try {
|
|
await clients.event.emitAndWait(
|
|
'whoami.details',
|
|
{ user, details, isUser },
|
|
{},
|
|
);
|
|
} catch {
|
|
/* best-effort */
|
|
}
|
|
|
|
res.json(details);
|
|
},
|
|
);
|