kmc7468/arkvault
1
0
Fork 0
mirror of https://github.com/kmc7468/arkvault.git synced 2026-02-04 16:16:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: kmc7468:174305ca1b05aad2b96377eb79192888ca2db77f
Branches Tags
kmc7468:dev kmc7468:demo kmc7468:main kmc7468:add-tanstack-query
kmc7468:v0.9.1 kmc7468:v0.9.0 kmc7468:v0.8.0 kmc7468:v0.7.0 kmc7468:v0.6.0 kmc7468:v0.5.1 kmc7468:v0.5.0 kmc7468:v0.4.0 kmc7468:v0.3.0 kmc7468:v0.2.0 kmc7468:v0.1.0
..
compare: kmc7468:v0.4.0
Branches Tags
kmc7468:demo kmc7468:main kmc7468:dev kmc7468:add-tanstack-query
kmc7468:v0.9.1 kmc7468:v0.9.0 kmc7468:v0.8.0 kmc7468:v0.7.0 kmc7468:v0.6.0 kmc7468:v0.5.1 kmc7468:v0.5.0 kmc7468:v0.4.0 kmc7468:v0.3.0 kmc7468:v0.2.0 kmc7468:v0.1.0

4 Commits
174305ca1b ... v0.4.0

Author SHA1 Message Date
static
361d966a59 Merge pull request #10 from kmc7468/dev 
v0.4.0
 2025-01-30 21:06:50 +09:00
static
aef43b8bfa Merge pull request #6 from kmc7468/dev 
v0.3.0
 2025-01-18 13:29:09 +09:00
static
7f128cccf6 Merge pull request #5 from kmc7468/dev 
v0.2.0
 2025-01-13 03:53:14 +09:00
static
a198e5f6dc Merge pull request #2 from kmc7468/dev 
v0.1.0
 2025-01-09 06:24:31 +09:00
165 changed files with 4012 additions and 5008 deletions
Expand all files Collapse all files

5
.dockerignore
View File

@@ -1,6 +1,5 @@
.git .git
node_modules node_modules
/Makefile
# Output # Output
.output .output
@@ -11,15 +10,13 @@ node_modules
/build /build
/data /data
/library /library
/thumbnails
# OS # OS
.DS_Store .DS_Store
Thumbs.db Thumbs.db
# Editors # VSCode
/.vscode /.vscode
/.idea
# Env # Env
.env .env

1
.env.example
View File

@@ -11,4 +11,3 @@ SESSION_EXPIRES=
USER_CLIENT_CHALLENGE_EXPIRES= USER_CLIENT_CHALLENGE_EXPIRES=
SESSION_UPGRADE_CHALLENGE_EXPIRES= SESSION_UPGRADE_CHALLENGE_EXPIRES=
LIBRARY_PATH= LIBRARY_PATH=
THUMBNAILS_PATH=

4
.gitignore vendored
View File

@@ -9,15 +9,13 @@ node_modules
/build /build
/data /data
/library /library
/thumbnails
# OS # OS
.DS_Store .DS_Store
Thumbs.db Thumbs.db
# Editors # VSCode
/.vscode /.vscode
/.idea
# Env # Env
.env .env

8
Dockerfile
View File

@@ -2,7 +2,11 @@
FROM node:22-alpine AS base FROM node:22-alpine AS base
WORKDIR /app WORKDIR /app
RUN npm install -g pnpm@10 RUN apk add --no-cache bash curl && \
curl -o /usr/local/bin/wait-for-it https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh && \
chmod +x /usr/local/bin/wait-for-it
RUN npm install -g pnpm@9
COPY pnpm-lock.yaml . COPY pnpm-lock.yaml .
# Build Stage # Build Stage
@@ -25,4 +29,4 @@ COPY --from=build /app/build ./build
EXPOSE 3000 EXPOSE 3000
ENV BODY_SIZE_LIMIT=Infinity ENV BODY_SIZE_LIMIT=Infinity
CMD ["node", "./build/index.js"] CMD ["bash", "-c", "wait-for-it ${DATABASE_HOST:-localhost}:${DATABASE_PORT:-5432} -- node ./build/index.js"]

4
docker-compose.dev.yaml
View File

@@ -1,7 +1,7 @@
services: services:
database: database:
image: postgres:17 image: postgres:17.2
restart: always restart: on-failure
volumes: volumes:
- database:/var/lib/postgresql/data - database:/var/lib/postgresql/data
environment: environment:

16
docker-compose.yaml
View File

@@ -1,14 +1,12 @@
services: services:
server: server:
build: . build: .
restart: unless-stopped restart: on-failure
depends_on: depends_on:
database: - database
condition: service_healthy
user: ${CONTAINER_UID:-0}:${CONTAINER_GID:-0} user: ${CONTAINER_UID:-0}:${CONTAINER_GID:-0}
volumes: volumes:
- ./data/library:/app/data/library - ./data/library:/app/data/library
- ./data/thumbnails:/app/data/thumbnails
environment: environment:
# ArkVault # ArkVault
- DATABASE_HOST=database - DATABASE_HOST=database
@@ -19,7 +17,6 @@ services:
- USER_CLIENT_CHALLENGE_EXPIRES - USER_CLIENT_CHALLENGE_EXPIRES
- SESSION_UPGRADE_CHALLENGE_EXPIRES - SESSION_UPGRADE_CHALLENGE_EXPIRES
- LIBRARY_PATH=/app/data/library - LIBRARY_PATH=/app/data/library
- THUMBNAILS_PATH=/app/data/thumbnails
# SvelteKit # SvelteKit
- ADDRESS_HEADER=${TRUST_PROXY:+X-Forwarded-For} - ADDRESS_HEADER=${TRUST_PROXY:+X-Forwarded-For}
- XFF_DEPTH=${TRUST_PROXY:-} - XFF_DEPTH=${TRUST_PROXY:-}
@@ -28,16 +25,11 @@ services:
- ${PORT:-80}:3000 - ${PORT:-80}:3000
database: database:
image: postgres:17-alpine image: postgres:17.2-alpine
restart: unless-stopped restart: on-failure
user: ${CONTAINER_UID:-0}:${CONTAINER_GID:-0} user: ${CONTAINER_UID:-0}:${CONTAINER_GID:-0}
volumes: volumes:
- ./data/database:/var/lib/postgresql/data - ./data/database:/var/lib/postgresql/data
environment: environment:
- POSTGRES_USER=arkvault - POSTGRES_USER=arkvault
- POSTGRES_PASSWORD=${DATABASE_PASSWORD:?} - POSTGRES_PASSWORD=${DATABASE_PASSWORD:?}
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER}"]
interval: 5s
timeout: 5s
retries: 5

24
eslint.config.js
View File

@@ -1,24 +1,21 @@
import { includeIgnoreFile } from "@eslint/compat";
import js from "@eslint/js";
import { defineConfig } from "eslint/config";
import prettier from "eslint-config-prettier"; import prettier from "eslint-config-prettier";
import js from "@eslint/js";
import { includeIgnoreFile } from "@eslint/compat";
import svelte from "eslint-plugin-svelte"; import svelte from "eslint-plugin-svelte";
import tailwind from "eslint-plugin-tailwindcss"; import tailwind from "eslint-plugin-tailwindcss";
import globals from "globals"; import globals from "globals";
import { fileURLToPath } from "node:url";
import ts from "typescript-eslint"; import ts from "typescript-eslint";
import { fileURLToPath } from "url";
import svelteConfig from "./svelte.config.js";
const gitignorePath = fileURLToPath(new URL("./.gitignore", import.meta.url)); const gitignorePath = fileURLToPath(new URL("./.gitignore", import.meta.url));
export default defineConfig( export default ts.config(
includeIgnoreFile(gitignorePath), includeIgnoreFile(gitignorePath),
js.configs.recommended, js.configs.recommended,
...ts.configs.recommended, ...ts.configs.recommended,
...svelte.configs.recommended, ...svelte.configs["flat/recommended"],
...tailwind.configs["flat/recommended"], ...tailwind.configs["flat/recommended"],
prettier, prettier,
...svelte.configs.prettier, ...svelte.configs["flat/prettier"],
{ {
languageOptions: { languageOptions: {
globals: { globals: {
@@ -26,18 +23,13 @@ export default defineConfig(
...globals.node, ...globals.node,
}, },
}, },
rules: {
"no-undef": "off",
},
}, },
{ {
files: ["**/*.svelte", "**/*.svelte.ts", "**/*.svelte.js"], files: ["**/*.svelte"],
languageOptions: { languageOptions: {
parserOptions: { parserOptions: {
projectService: true,
extraFileExtensions: [".svelte"],
parser: ts.parser, parser: ts.parser,
svelteConfig,
}, },
}, },
}, },

79
package.json
View File

@@ -1,7 +1,7 @@
{ {
"name": "arkvault", "name": "arkvault",
"private": true, "private": true,
"version": "0.6.0", "version": "0.4.0",
"type": "module", "type": "module",
"scripts": { "scripts": {
"dev": "vite dev", "dev": "vite dev",
@@ -16,57 +16,52 @@
"db:migrate": "kysely migrate" "db:migrate": "kysely migrate"
}, },
"devDependencies": { "devDependencies": {
"@eslint/compat": "^2.0.0", "@eslint/compat": "^1.2.4",
"@iconify-json/material-symbols": "^1.2.50", "@iconify-json/material-symbols": "^1.2.12",
"@sveltejs/adapter-node": "^5.4.0", "@sveltejs/adapter-node": "^5.2.11",
"@sveltejs/kit": "^2.49.2", "@sveltejs/kit": "^2.15.2",
"@sveltejs/vite-plugin-svelte": "^6.2.1", "@sveltejs/vite-plugin-svelte": "^4.0.4",
"@tanstack/svelte-virtual": "^3.13.13",
"@trpc/client": "^11.8.1",
"@types/file-saver": "^2.0.7", "@types/file-saver": "^2.0.7",
"@types/ms": "^0.7.34", "@types/ms": "^0.7.34",
"@types/node-schedule": "^2.1.8", "@types/node-schedule": "^2.1.7",
"@types/pg": "^8.16.0", "@types/pg": "^8.11.10",
"autoprefixer": "^10.4.23", "autoprefixer": "^10.4.20",
"axios": "^1.13.2", "axios": "^1.7.9",
"dexie": "^4.2.1", "dexie": "^4.0.10",
"eslint": "^9.39.2", "eslint": "^9.17.0",
"eslint-config-prettier": "^10.1.8", "eslint-config-prettier": "^9.1.0",
"eslint-plugin-svelte": "^3.13.1", "eslint-plugin-svelte": "^2.46.1",
"eslint-plugin-tailwindcss": "^3.18.2", "eslint-plugin-tailwindcss": "^3.17.5",
"exifreader": "^4.33.1", "exifreader": "^4.26.0",
"file-saver": "^2.0.5", "file-saver": "^2.0.5",
"globals": "^16.5.0", "globals": "^15.14.0",
"heic2any": "^0.0.4", "heic2any": "^0.0.4",
"kysely-ctl": "^0.19.0", "kysely-ctl": "^0.10.1",
"lru-cache": "^11.2.4", "mime": "^4.0.6",
"mime": "^4.1.0", "p-limit": "^6.2.0",
"p-limit": "^7.2.0", "prettier": "^3.4.2",
"prettier": "^3.7.4", "prettier-plugin-svelte": "^3.3.2",
"prettier-plugin-svelte": "^3.4.1", "prettier-plugin-tailwindcss": "^0.6.9",
"prettier-plugin-tailwindcss": "^0.7.2", "svelte": "^5.19.1",
"svelte": "^5.46.1", "svelte-check": "^4.1.3",
"svelte-check": "^4.3.5", "tailwindcss": "^3.4.17",
"tailwindcss": "^3.4.19", "typescript": "^5.7.3",
"typescript": "^5.9.3", "typescript-eslint": "^8.19.1",
"typescript-eslint": "^8.50.1", "unplugin-icons": "^0.22.0",
"unplugin-icons": "^22.5.0", "vite": "^5.4.11"
"vite": "^7.3.0"
}, },
"dependencies": { "dependencies": {
"@fastify/busboy": "^3.2.0", "@fastify/busboy": "^3.1.1",
"@trpc/server": "^11.8.1", "argon2": "^0.41.1",
"argon2": "^0.44.0", "kysely": "^0.27.5",
"kysely": "^0.28.9",
"ms": "^2.1.3", "ms": "^2.1.3",
"node-schedule": "^2.1.1", "node-schedule": "^2.1.1",
"pg": "^8.16.3", "pg": "^8.13.1",
"superjson": "^2.2.6", "uuid": "^11.0.4",
"uuid": "^13.0.0", "zod": "^3.24.1"
"zod": "^4.2.1"
}, },
"engines": { "engines": {
"node": "^22.0.0", "node": "^22.0.0",
"pnpm": "^10.0.0" "pnpm": "^9.0.0"
} }
} }

3235
pnpm-lock.yaml generated
View File

File diff suppressed because it is too large Load Diff

10
src/hooks.client.ts
View File

@@ -4,15 +4,6 @@ import { prepareFileCache } from "$lib/modules/file";
import { prepareOpfs } from "$lib/modules/opfs"; import { prepareOpfs } from "$lib/modules/opfs";
import { clientKeyStore, masterKeyStore, hmacSecretStore } from "$lib/stores"; import { clientKeyStore, masterKeyStore, hmacSecretStore } from "$lib/stores";
const requestPersistentStorage = async () => {
const isPersistent = await navigator.storage.persist();
if (isPersistent) {
console.log("[ArkVault] Persistent storage granted.");
} else {
console.warn("[ArkVault] Persistent storage not granted.");
}
};
const prepareClientKeyStore = async () => { const prepareClientKeyStore = async () => {
const [encryptKey, decryptKey, signKey, verifyKey] = await Promise.all([ const [encryptKey, decryptKey, signKey, verifyKey] = await Promise.all([
getClientKey("encrypt"), getClientKey("encrypt"),
@@ -41,7 +32,6 @@ const prepareHmacSecretStore = async () => {
export const init: ClientInit = async () => { export const init: ClientInit = async () => {
await Promise.all([ await Promise.all([
requestPersistentStorage(),
prepareFileCache(), prepareFileCache(),
prepareClientKeyStore(), prepareClientKeyStore(),
prepareMasterKeyStore(), prepareMasterKeyStore(),

46
src/lib/components/atoms/RowVirtualizer.svelte
View File

@@ -1,46 +0,0 @@
<script lang="ts">
import { createWindowVirtualizer } from "@tanstack/svelte-virtual";
import { untrack, type Snippet } from "svelte";
import type { ClassValue } from "svelte/elements";
interface Props {
class?: ClassValue;
count: number;
item: Snippet<[index: number]>;
itemHeight: (index: number) => number;
placeholder?: Snippet;
}
let { class: className, count, item, itemHeight, placeholder }: Props = $props();
const virtualizer = $derived(
createWindowVirtualizer({
count: untrack(() => count),
estimateSize: itemHeight,
}),
);
const measureItem = (node: HTMLElement) => {
$effect(() => $virtualizer.measureElement(node));
};
$effect(() => $virtualizer.setOptions({ count }));
</script>
<div class={["relative", className]}>
<div style:height="{$virtualizer.getTotalSize()}px">
{#each $virtualizer.getVirtualItems() as virtualItem (virtualItem.key)}
<div
class="absolute left-0 top-0 w-full"
style:transform="translateY({virtualItem.start}px)"
data-index={virtualItem.index}
use:measureItem
>
{@render item(virtualItem.index)}
</div>
{/each}
</div>
{#if placeholder && $virtualizer.getVirtualItems().length === 0}
{@render placeholder()}
{/if}
</div>

42
src/lib/components/atoms/buttons/FileThumbnailButton.svelte
View File

@@ -1,42 +0,0 @@
<script lang="ts">
import type { Writable } from "svelte/store";
import type { FileInfo } from "$lib/modules/filesystem";
import { requestFileThumbnailDownload } from "$lib/services/file";
interface Props {
info: Writable<FileInfo | null>;
onclick?: (file: FileInfo) => void;
}
let { info, onclick }: Props = $props();
let thumbnail: string | undefined = $state();
$effect(() => {
if ($info) {
requestFileThumbnailDownload($info.id, $info.dataKey)
.then((thumbnailUrl) => {
thumbnail = thumbnailUrl ?? undefined;
})
.catch(() => {
// TODO: Error Handling
thumbnail = undefined;
});
} else {
thumbnail = undefined;
}
});
</script>
{#if $info}
<button
onclick={() => onclick?.($info)}
class="aspect-square overflow-hidden rounded transition active:scale-95 active:brightness-90"
>
{#if thumbnail}
<img src={thumbnail} alt={$info.name} class="h-full w-full object-cover" />
{:else}
<div class="h-full w-full bg-gray-100"></div>
{/if}
</button>
{/if}

1
src/lib/components/atoms/buttons/index.ts
View File

@@ -1,6 +1,5 @@
export { default as ActionEntryButton } from "./ActionEntryButton.svelte"; export { default as ActionEntryButton } from "./ActionEntryButton.svelte";
export { default as Button } from "./Button.svelte"; export { default as Button } from "./Button.svelte";
export { default as EntryButton } from "./EntryButton.svelte"; export { default as EntryButton } from "./EntryButton.svelte";
export { default as FileThumbnailButton } from "./FileThumbnailButton.svelte";
export { default as FloatingButton } from "./FloatingButton.svelte"; export { default as FloatingButton } from "./FloatingButton.svelte";
export { default as TextButton } from "./TextButton.svelte"; export { default as TextButton } from "./TextButton.svelte";

12
src/lib/components/atoms/divs/FullscreenDiv.svelte
View File

@@ -1,15 +1,7 @@
<script lang="ts"> <script lang="ts">
import type { Snippet } from "svelte"; let { children } = $props();
import type { ClassValue } from "svelte/elements";
interface Props {
children: Snippet;
class?: ClassValue;
}
let { children, class: className }: Props = $props();
</script> </script>
<div class={["flex flex-grow flex-col justify-between px-4", className]}> <div class="flex flex-grow flex-col justify-between px-4">
{@render children()} {@render children()}
</div> </div>

1
src/lib/components/atoms/index.ts
View File

@@ -3,4 +3,3 @@ export * from "./buttons";
export * from "./divs"; export * from "./divs";
export * from "./inputs"; export * from "./inputs";
export { default as Modal } from "./Modal.svelte"; export { default as Modal } from "./Modal.svelte";
export { default as RowVirtualizer } from "./RowVirtualizer.svelte";

11
src/lib/components/molecules/ActionModal.svelte
View File

@@ -12,7 +12,6 @@
confirmText: string; confirmText: string;
isOpen: boolean; isOpen: boolean;
onbeforeclose?: () => void; onbeforeclose?: () => void;
oncancel?: () => void;
onConfirmClick: ConfirmHandler; onConfirmClick: ConfirmHandler;
title: string; title: string;
} }
@@ -23,7 +22,6 @@
confirmText, confirmText,
isOpen = $bindable(), isOpen = $bindable(),
onbeforeclose, onbeforeclose,
oncancel,
onConfirmClick, onConfirmClick,
title, title,
}: Props = $props(); }: Props = $props();
@@ -33,11 +31,6 @@
isOpen = false; isOpen = false;
}; };
const cancelAction = () => {
oncancel?.();
closeModal();
};
const confirmAction = async () => { const confirmAction = async () => {
if ((await onConfirmClick()) !== false) { if ((await onConfirmClick()) !== false) {
closeModal(); closeModal();
@@ -45,13 +38,13 @@
}; };
</script> </script>
<Modal bind:isOpen onclose={cancelAction} class="space-y-4"> <Modal bind:isOpen onclose={closeModal} class="space-y-4">
<div class="flex flex-col gap-y-2 break-keep"> <div class="flex flex-col gap-y-2 break-keep">
<p class="text-xl font-bold">{title}</p> <p class="text-xl font-bold">{title}</p>
{@render children()} {@render children()}
</div> </div>
<div class="flex gap-x-2"> <div class="flex gap-x-2">
<Button color="gray" onclick={cancelAction} class="flex-1">{cancelText}</Button> <Button color="gray" onclick={closeModal} class="flex-1">{cancelText}</Button>
<Button onclick={confirmAction} class="flex-1">{confirmText}</Button> <Button onclick={confirmAction} class="flex-1">{confirmText}</Button>
</div> </div>
</Modal> </Modal>

2
src/lib/components/molecules/Categories/Categories.svelte
View File

@@ -3,7 +3,7 @@
import type { SvelteHTMLElements } from "svelte/elements"; import type { SvelteHTMLElements } from "svelte/elements";
import { get, type Writable } from "svelte/store"; import { get, type Writable } from "svelte/store";
import type { CategoryInfo } from "$lib/modules/filesystem"; import type { CategoryInfo } from "$lib/modules/filesystem";
import { SortBy, sortEntries } from "$lib/utils"; import { SortBy, sortEntries } from "$lib/modules/util";
import Category from "./Category.svelte"; import Category from "./Category.svelte";
import type { SelectedCategory } from "./service"; import type { SelectedCategory } from "./service";

30
src/lib/components/molecules/labels/DirectoryEntryLabel.svelte
View File

@@ -3,7 +3,6 @@
import { IconLabel } from "$lib/components/molecules"; import { IconLabel } from "$lib/components/molecules";
import IconFolder from "~icons/material-symbols/folder"; import IconFolder from "~icons/material-symbols/folder";
import IconDriveFolderUpload from "~icons/material-symbols/drive-folder-upload";
import IconDraft from "~icons/material-symbols/draft"; import IconDraft from "~icons/material-symbols/draft";
interface Props { interface Props {
@@ -11,40 +10,19 @@
name: string; name: string;
subtext?: string; subtext?: string;
textClass?: ClassValue; textClass?: ClassValue;
thumbnail?: string; type: "directory" | "file";
type: "directory" | "parent-directory" | "file";
} }
let { let { class: className, name, subtext, textClass: textClassName, type }: Props = $props();
class: className,
name,
subtext,
textClass: textClassName,
thumbnail,
type,
}: Props = $props();
</script> </script>
{#snippet iconSnippet()}
<div class="flex h-10 w-10 items-center justify-center text-xl">
{#if thumbnail}
<img src={thumbnail} alt={name} loading="lazy" class="aspect-square rounded object-cover" />
{:else if type === "directory"}
<IconFolder />
{:else if type === "parent-directory"}
<IconDriveFolderUpload class="text-yellow-500" />
{:else}
<IconDraft class="text-blue-400" />
{/if}
</div>
{/snippet}
{#snippet subtextSnippet()} {#snippet subtextSnippet()}
{subtext} {subtext}
{/snippet} {/snippet}
<IconLabel <IconLabel
{iconSnippet} icon={type === "directory" ? IconFolder : IconDraft}
iconClass={type === "file" ? "text-blue-400" : undefined}
subtext={subtext ? subtextSnippet : undefined} subtext={subtext ? subtextSnippet : undefined}
class={className} class={className}
textClass={textClassName} textClass={textClassName}

10
src/lib/components/molecules/labels/IconLabel.svelte
View File

@@ -5,9 +5,8 @@
interface Props { interface Props {
children: Snippet; children: Snippet;
class?: ClassValue; class?: ClassValue;
icon?: Component<SvelteHTMLElements["svg"]>; icon: Component<SvelteHTMLElements["svg"]>;
iconClass?: ClassValue; iconClass?: ClassValue;
iconSnippet?: Snippet;
subtext?: Snippet; subtext?: Snippet;
textClass?: ClassValue; textClass?: ClassValue;
} }
@@ -17,22 +16,15 @@
class: className, class: className,
icon: Icon, icon: Icon,
iconClass: iconClassName, iconClass: iconClassName,
iconSnippet,
subtext, subtext,
textClass: textClassName, textClass: textClassName,
}: Props = $props(); }: Props = $props();
</script> </script>
<div class={["flex items-center gap-x-4", className]}> <div class={["flex items-center gap-x-4", className]}>
{#if iconSnippet}
<div class={["flex-shrink-0", iconClassName]}>
{@render iconSnippet()}
</div>
{:else if Icon}
<div class={["flex-shrink-0 text-lg", iconClassName]}> <div class={["flex-shrink-0 text-lg", iconClassName]}>
<Icon /> <Icon />
</div> </div>
{/if}
<div class="flex flex-grow flex-col overflow-x-hidden text-left"> <div class="flex flex-grow flex-col overflow-x-hidden text-left">
<p class={["truncate font-medium", textClassName]}> <p class={["truncate font-medium", textClassName]}>
{@render children()} {@render children()}

23
src/lib/components/organisms/Category/Category.svelte
View File

@@ -1,11 +1,11 @@
<script lang="ts"> <script lang="ts">
import { untrack } from "svelte"; import { untrack } from "svelte";
import { get, type Writable } from "svelte/store"; import { get, type Writable } from "svelte/store";
import { CheckBox, RowVirtualizer } from "$lib/components/atoms"; import { CheckBox } from "$lib/components/atoms";
import { SubCategories, type SelectedCategory } from "$lib/components/molecules"; import { SubCategories, type SelectedCategory } from "$lib/components/molecules";
import { getFileInfo, type FileInfo, type CategoryInfo } from "$lib/modules/filesystem"; import { getFileInfo, type FileInfo, type CategoryInfo } from "$lib/modules/filesystem";
import { SortBy, sortEntries } from "$lib/modules/util";
import { masterKeyStore } from "$lib/stores"; import { masterKeyStore } from "$lib/stores";
import { SortBy, sortEntries } from "$lib/utils";
import File from "./File.svelte"; import File from "./File.svelte";
import type { SelectedFile } from "./service"; import type { SelectedFile } from "./service";
@@ -89,26 +89,19 @@
<p class="font-medium">하위 카테고리의 파일</p> <p class="font-medium">하위 카테고리의 파일</p>
</CheckBox> </CheckBox>
</div> </div>
<div class="space-y-1">
{#key info} {#key info}
<RowVirtualizer {#each files as { info, isRecursive }}
count={files.length}
itemHeight={(index) => 56 + (index + 1 < files.length ? 4 : 0)}
>
{#snippet item(index)}
{@const { info, isRecursive } = files[index]!}
<div class={[index + 1 < files.length && "pb-1"]}>
<File <File
{info} {info}
onclick={onFileClick} onclick={onFileClick}
onRemoveClick={!isRecursive ? onFileRemoveClick : undefined} onRemoveClick={!isRecursive ? onFileRemoveClick : undefined}
/> />
</div> {:else}
{/snippet} <p class="text-gray-500 text-center">이 카테고리에 추가된 파일이 없어요.</p>
{#snippet placeholder()} {/each}
<p class="text-center text-gray-500">이 카테고리에 추가된 파일이 없어요.</p>
{/snippet}
</RowVirtualizer>
{/key} {/key}
</div> </div>
</div>
{/if} {/if}
</div> </div>

21
src/lib/components/organisms/Category/File.svelte
View File

@@ -3,7 +3,7 @@
import { ActionEntryButton } from "$lib/components/atoms"; import { ActionEntryButton } from "$lib/components/atoms";
import { DirectoryEntryLabel } from "$lib/components/molecules"; import { DirectoryEntryLabel } from "$lib/components/molecules";
import type { FileInfo } from "$lib/modules/filesystem"; import type { FileInfo } from "$lib/modules/filesystem";
import { requestFileThumbnailDownload, type SelectedFile } from "./service"; import type { SelectedFile } from "./service";
import IconClose from "~icons/material-symbols/close"; import IconClose from "~icons/material-symbols/close";
@@ -15,8 +15,6 @@
let { info, onclick, onRemoveClick }: Props = $props(); let { info, onclick, onRemoveClick }: Props = $props();
let thumbnail: string | undefined = $state();
const openFile = () => { const openFile = () => {
const { id, dataKey, dataKeyVersion, name } = $info as FileInfo; const { id, dataKey, dataKeyVersion, name } = $info as FileInfo;
if (!dataKey || !dataKeyVersion) return; // TODO: Error handling if (!dataKey || !dataKeyVersion) return; // TODO: Error handling
@@ -30,21 +28,6 @@
onRemoveClick!({ id, dataKey, dataKeyVersion, name }); onRemoveClick!({ id, dataKey, dataKeyVersion, name });
}; };
$effect(() => {
if ($info) {
requestFileThumbnailDownload($info.id, $info.dataKey)
.then((thumbnailUrl) => {
thumbnail = thumbnailUrl ?? undefined;
})
.catch(() => {
// TODO: Error Handling
thumbnail = undefined;
});
} else {
thumbnail = undefined;
}
});
</script> </script>
{#if $info} {#if $info}
@@ -54,6 +37,6 @@
actionButtonIcon={onRemoveClick && IconClose} actionButtonIcon={onRemoveClick && IconClose}
onActionButtonClick={removeFile} onActionButtonClick={removeFile}
> >
<DirectoryEntryLabel type="file" {thumbnail} name={$info.name} /> <DirectoryEntryLabel type="file" name={$info.name} />
</ActionEntryButton> </ActionEntryButton>
{/if} {/if}

2
src/lib/components/organisms/Category/service.ts
View File

@@ -1,5 +1,3 @@
export { requestFileThumbnailDownload } from "$lib/services/file";
export interface SelectedFile { export interface SelectedFile {
id: number; id: number;
dataKey: CryptoKey; dataKey: CryptoKey;

134
src/lib/components/organisms/Gallery.svelte
View File

@@ -1,134 +0,0 @@
<script lang="ts">
import { untrack } from "svelte";
import { get, type Writable } from "svelte/store";
import { FileThumbnailButton, RowVirtualizer } from "$lib/components/atoms";
import type { FileInfo } from "$lib/modules/filesystem";
import { formatDate, formatDateSortable, SortBy, sortEntries } from "$lib/utils";
interface Props {
files: Writable<FileInfo | null>[];
onFileClick?: (file: FileInfo) => void;
}
let { files, onFileClick }: Props = $props();
type FileEntry =
| { date?: undefined; contentType?: undefined; info: Writable<FileInfo | null> }
| { date: Date; contentType: string; info: Writable<FileInfo | null> };
type Row =
| { type: "header"; label: string }
| { type: "items"; items: FileEntry[]; isLast: boolean };
let filesWithDate: FileEntry[] = $state([]);
let rows: Row[] = $state([]);
$effect(() => {
filesWithDate = files.map((file) => {
const info = get(file);
if (info) {
return {
date: info.createdAt ?? info.lastModifiedAt,
contentType: info.contentType,
info: file,
};
} else {
return { info: file };
}
});
const buildRows = () => {
const map = new Map<string, FileEntry[]>();
for (const file of filesWithDate) {
if (
!file.date ||
!(file.contentType.startsWith("image/") || file.contentType.startsWith("video/"))
) {
continue;
}
const date = formatDateSortable(file.date);
const entries = map.get(date) ?? [];
entries.push(file);
map.set(date, entries);
}
const newRows: Row[] = [];
const sortedDates = Array.from(map.keys()).sort((a, b) => b.localeCompare(a));
for (const date of sortedDates) {
const entries = map.get(date)!;
sortEntries(entries, SortBy.DATE_DESC);
newRows.push({
type: "header",
label: formatDate(entries[0]!.date!),
});
for (let i = 0; i < entries.length; i += 4) {
newRows.push({
type: "items",
items: entries.slice(i, i + 4),
isLast: i + 4 >= entries.length,
});
}
}
rows = newRows;
};
return untrack(() => {
buildRows();
const unsubscribes = filesWithDate.map((file) =>
file.info.subscribe((value) => {
const newDate = value?.createdAt ?? value?.lastModifiedAt;
const newContentType = value?.contentType;
if (file.date?.getTime() === newDate?.getTime() && file.contentType === newContentType) {
return;
}
file.date = newDate;
file.contentType = newContentType;
buildRows();
}),
);
return () => unsubscribes.forEach((unsubscribe) => unsubscribe());
});
});
</script>
<RowVirtualizer
count={rows.length}
itemHeight={(index) =>
rows[index]!.type === "header"
? 32
: Math.ceil(rows[index]!.items.length / 4) * 181 +
(Math.ceil(rows[index]!.items.length / 4) - 1) * 4 +
16}
class="flex flex-grow flex-col"
>
{#snippet item(index)}
{@const row = rows[index]!}
{#if row.type === "header"}
<p class="pb-2 font-medium">{row.label}</p>
{:else}
<div class={["grid grid-cols-4 gap-x-1", row.isLast ? "pb-4" : "pb-1"]}>
{#each row.items as { info }}
<FileThumbnailButton {info} onclick={onFileClick} />
{/each}
</div>
{/if}
{/snippet}
{#snippet placeholder()}
<div class="flex h-full flex-grow items-center justify-center">
<p class="text-gray-500">
{#if files.length === 0}
업로드된 파일이 없어요.
{:else if filesWithDate.length === 0}
파일 목록을 불러오고 있어요.
{:else}
사진 또는 동영상이 없어요.
{/if}
</p>
</div>
{/snippet}
</RowVirtualizer>

1
src/lib/components/organisms/index.ts
View File

@@ -1,4 +1,3 @@
export * from "./Category"; export * from "./Category";
export { default as Category } from "./Category"; export { default as Category } from "./Category";
export { default as Gallery } from "./Gallery.svelte";
export * from "./modals"; export * from "./modals";

22
src/lib/components/organisms/modals/ForceLoginModal.svelte
View File

@@ -1,22 +0,0 @@
<script lang="ts">
import { ActionModal } from "$lib/components/molecules";
interface Props {
isOpen: boolean;
oncancel?: () => void;
onLoginClick: () => void;
}
let { isOpen = $bindable(), oncancel, onLoginClick }: Props = $props();
</script>
<ActionModal
bind:isOpen
title="다른 디바이스에 이미 로그인되어 있어요."
cancelText="아니요"
{oncancel}
confirmText="네"
onConfirmClick={onLoginClick}
>
<p>다른 디바이스에서는 로그아웃하고, 이 디바이스에서 로그인할까요?</p>
</ActionModal>

1
src/lib/components/organisms/modals/index.ts
View File

@@ -1,4 +1,3 @@
export { default as CategoryCreateModal } from "./CategoryCreateModal.svelte"; export { default as CategoryCreateModal } from "./CategoryCreateModal.svelte";
export { default as ForceLoginModal } from "./ForceLoginModal.svelte";
export { default as RenameModal } from "./RenameModal.svelte"; export { default as RenameModal } from "./RenameModal.svelte";
export { default as TextInputModal } from "./TextInputModal.svelte"; export { default as TextInputModal } from "./TextInputModal.svelte";

11
src/lib/hooks/callApi.ts Normal file
View File

@@ -0,0 +1,11 @@
export const callGetApi = async (input: RequestInfo, fetchInternal = fetch) => {
return await fetchInternal(input);
};
export const callPostApi = async <T>(input: RequestInfo, payload?: T, fetchInternal = fetch) => {
return await fetchInternal(input, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: payload ? JSON.stringify(payload) : undefined,
});
};

0
src/lib/utils/gotoStateful.ts → src/lib/hooks/gotoStateful.ts
View File

2
src/lib/hooks/index.ts Normal file
View File

@@ -0,0 +1,2 @@
export * from "./callApi";
export * from "./gotoStateful";

21
src/lib/indexedDB/filesystem.ts
View File

@@ -25,7 +25,6 @@ interface CategoryInfo {
parentId: CategoryId; parentId: CategoryId;
name: string; name: string;
files: { id: number; isRecursive: boolean }[]; files: { id: number; isRecursive: boolean }[];
isFileRecursive: boolean;
} }
const filesystem = new Dexie("filesystem") as Dexie & { const filesystem = new Dexie("filesystem") as Dexie & {
@@ -34,20 +33,10 @@ const filesystem = new Dexie("filesystem") as Dexie & {
category: EntityTable<CategoryInfo, "id">; category: EntityTable<CategoryInfo, "id">;
}; };
filesystem filesystem.version(2).stores({
.version(3)
.stores({
directory: "id, parentId", directory: "id, parentId",
file: "id, parentId", file: "id, parentId",
category: "id, parentId", category: "id, parentId",
})
.upgrade(async (trx) => {
await trx
.table("category")
.toCollection()
.modify((category) => {
category.isFileRecursive = false;
});
}); });
export const getDirectoryInfos = async (parentId: DirectoryId) => { export const getDirectoryInfos = async (parentId: DirectoryId) => {
@@ -66,10 +55,6 @@ export const deleteDirectoryInfo = async (id: number) => {
await filesystem.directory.delete(id); await filesystem.directory.delete(id);
}; };
export const getAllFileInfos = async () => {
return await filesystem.file.toArray();
};
export const getFileInfos = async (parentId: DirectoryId) => { export const getFileInfos = async (parentId: DirectoryId) => {
return await filesystem.file.where({ parentId }).toArray(); return await filesystem.file.where({ parentId }).toArray();
}; };
@@ -98,10 +83,6 @@ export const storeCategoryInfo = async (categoryInfo: CategoryInfo) => {
await filesystem.category.put(categoryInfo); await filesystem.category.put(categoryInfo);
}; };
export const updateCategoryInfo = async (id: number, changes: { isFileRecursive?: boolean }) => {
await filesystem.category.update(id, changes);
};
export const deleteCategoryInfo = async (id: number) => { export const deleteCategoryInfo = async (id: number) => {
await filesystem.category.delete(id); await filesystem.category.delete(id);
}; };

50
src/lib/modules/crypto/rsa.ts
View File

@@ -46,56 +46,6 @@ export const exportRSAKeyToBase64 = async (key: CryptoKey) => {
return encodeToBase64((await exportRSAKey(key)).key); return encodeToBase64((await exportRSAKey(key)).key);
}; };
export const importEncryptionKeyPairFromBase64 = async (
encryptKeyBase64: string,
decryptKeyBase64: string,
) => {
const algorithm: RsaHashedImportParams = {
name: "RSA-OAEP",
hash: "SHA-256",
};
const encryptKey = await window.crypto.subtle.importKey(
"spki",
decodeFromBase64(encryptKeyBase64),
algorithm,
true,
["encrypt", "wrapKey"],
);
const decryptKey = await window.crypto.subtle.importKey(
"pkcs8",
decodeFromBase64(decryptKeyBase64),
algorithm,
true,
["decrypt", "unwrapKey"],
);
return { encryptKey, decryptKey };
};
export const importSigningKeyPairFromBase64 = async (
signKeyBase64: string,
verifyKeyBase64: string,
) => {
const algorithm: RsaHashedImportParams = {
name: "RSA-PSS",
hash: "SHA-256",
};
const signKey = await window.crypto.subtle.importKey(
"pkcs8",
decodeFromBase64(signKeyBase64),
algorithm,
true,
["sign"],
);
const verifyKey = await window.crypto.subtle.importKey(
"spki",
decodeFromBase64(verifyKeyBase64),
algorithm,
true,
["verify"],
);
return { signKey, verifyKey };
};
export const makeRSAKeyNonextractable = async (key: CryptoKey) => { export const makeRSAKeyNonextractable = async (key: CryptoKey) => {
const { key: exportedKey, format } = await exportRSAKey(key); const { key: exportedKey, format } = await exportRSAKey(key);
return await window.crypto.subtle.importKey( return await window.crypto.subtle.importKey(

32
src/lib/modules/file/cache.ts
View File

@@ -1,15 +1,12 @@
import { LRUCache } from "lru-cache";
import { import {
getFileCacheIndex as getFileCacheIndexFromIndexedDB, getFileCacheIndex as getFileCacheIndexFromIndexedDB,
storeFileCacheIndex, storeFileCacheIndex,
deleteFileCacheIndex, deleteFileCacheIndex,
type FileCacheIndex, type FileCacheIndex,
} from "$lib/indexedDB"; } from "$lib/indexedDB";
import { readFile, writeFile, deleteFile, deleteDirectory } from "$lib/modules/opfs"; import { readFile, writeFile, deleteFile } from "$lib/modules/opfs";
import { getThumbnailUrl } from "$lib/modules/thumbnail";
const fileCacheIndex = new Map<number, FileCacheIndex>(); const fileCacheIndex = new Map<number, FileCacheIndex>();
const loadedThumbnails = new LRUCache<number, string>({ max: 100 });
export const prepareFileCache = async () => { export const prepareFileCache = async () => {
for (const cache of await getFileCacheIndexFromIndexedDB()) { for (const cache of await getFileCacheIndexFromIndexedDB()) {
@@ -51,30 +48,3 @@ export const deleteFileCache = async (fileId: number) => {
await deleteFile(`/cache/${fileId}`); await deleteFile(`/cache/${fileId}`);
await deleteFileCacheIndex(fileId); await deleteFileCacheIndex(fileId);
}; };
export const getFileThumbnailCache = async (fileId: number) => {
const thumbnail = loadedThumbnails.get(fileId);
if (thumbnail) return thumbnail;
const thumbnailBuffer = await readFile(`/thumbnail/file/${fileId}`);
if (!thumbnailBuffer) return null;
const thumbnailUrl = getThumbnailUrl(thumbnailBuffer);
loadedThumbnails.set(fileId, thumbnailUrl);
return thumbnailUrl;
};
export const storeFileThumbnailCache = async (fileId: number, thumbnailBuffer: ArrayBuffer) => {
await writeFile(`/thumbnail/file/${fileId}`, thumbnailBuffer);
loadedThumbnails.set(fileId, getThumbnailUrl(thumbnailBuffer));
};
export const deleteFileThumbnailCache = async (fileId: number) => {
loadedThumbnails.delete(fileId);
await deleteFile(`/thumbnail/file/${fileId}`);
};
export const deleteAllFileThumbnailCaches = async () => {
loadedThumbnails.clear();
await deleteDirectory("/thumbnail/file");
};

51
src/lib/modules/file/upload.ts
View File

@@ -11,9 +11,9 @@ import {
digestMessage, digestMessage,
signMessageHmac, signMessageHmac,
} from "$lib/modules/crypto"; } from "$lib/modules/crypto";
import { generateThumbnail } from "$lib/modules/thumbnail";
import type { import type {
FileThumbnailUploadRequest, DuplicateFileScanRequest,
DuplicateFileScanResponse,
FileUploadRequest, FileUploadRequest,
FileUploadResponse, FileUploadResponse,
} from "$lib/server/schemas"; } from "$lib/server/schemas";
@@ -23,17 +23,18 @@ import {
type HmacSecret, type HmacSecret,
type FileUploadStatus, type FileUploadStatus,
} from "$lib/stores"; } from "$lib/stores";
import { trpc } from "$trpc/client";
const requestDuplicateFileScan = limitFunction( const requestDuplicateFileScan = limitFunction(
async (file: File, hmacSecret: HmacSecret, onDuplicate: () => Promise<boolean>) => { async (file: File, hmacSecret: HmacSecret, onDuplicate: () => Promise<boolean>) => {
const fileBuffer = await file.arrayBuffer(); const fileBuffer = await file.arrayBuffer();
const fileSigned = encodeToBase64(await signMessageHmac(fileBuffer, hmacSecret.secret)); const fileSigned = encodeToBase64(await signMessageHmac(fileBuffer, hmacSecret.secret));
const files = await trpc().file.listByHash.query({ const res = await axios.post("/api/file/scanDuplicates", {
hskVersion: hmacSecret.version, hskVersion: hmacSecret.version,
contentHmac: fileSigned, contentHmac: fileSigned,
}); } satisfies DuplicateFileScanRequest);
const { files }: DuplicateFileScanResponse = res.data;
if (files.length === 0 || (await onDuplicate())) { if (files.length === 0 || (await onDuplicate())) {
return { fileBuffer, fileSigned }; return { fileBuffer, fileSigned };
} else { } else {
@@ -105,10 +106,6 @@ const encryptFile = limitFunction(
createdAt && (await encryptString(createdAt.getTime().toString(), dataKey)); createdAt && (await encryptString(createdAt.getTime().toString(), dataKey));
const lastModifiedAtEncrypted = await encryptString(file.lastModified.toString(), dataKey); const lastModifiedAtEncrypted = await encryptString(file.lastModified.toString(), dataKey);
const thumbnail = await generateThumbnail(fileBuffer, fileType);
const thumbnailBuffer = await thumbnail?.arrayBuffer();
const thumbnailEncrypted = thumbnailBuffer && (await encryptData(thumbnailBuffer, dataKey));
status.update((value) => { status.update((value) => {
value.status = "upload-pending"; value.status = "upload-pending";
return value; return value;
@@ -123,14 +120,13 @@ const encryptFile = limitFunction(
nameEncrypted, nameEncrypted,
createdAtEncrypted, createdAtEncrypted,
lastModifiedAtEncrypted, lastModifiedAtEncrypted,
thumbnail: thumbnailEncrypted && { plaintext: thumbnailBuffer, ...thumbnailEncrypted },
}; };
}, },
{ concurrency: 4 }, { concurrency: 4 },
); );
const requestFileUpload = limitFunction( const requestFileUpload = limitFunction(
async (status: Writable<FileUploadStatus>, form: FormData, thumbnailForm: FormData | null) => { async (status: Writable<FileUploadStatus>, form: FormData) => {
status.update((value) => { status.update((value) => {
value.status = "uploading"; value.status = "uploading";
return value; return value;
@@ -148,15 +144,6 @@ const requestFileUpload = limitFunction(
}); });
const { file }: FileUploadResponse = res.data; const { file }: FileUploadResponse = res.data;
if (thumbnailForm) {
try {
await axios.post(`/api/file/${file}/thumbnail/upload`, thumbnailForm);
} catch (e) {
// TODO
console.error(e);
}
}
status.update((value) => { status.update((value) => {
value.status = "uploaded"; value.status = "uploaded";
return value; return value;
@@ -173,9 +160,7 @@ export const uploadFile = async (
hmacSecret: HmacSecret, hmacSecret: HmacSecret,
masterKey: MasterKey, masterKey: MasterKey,
onDuplicate: () => Promise<boolean>, onDuplicate: () => Promise<boolean>,
): Promise< ): Promise<{ fileId: number; fileBuffer: ArrayBuffer } | undefined> => {
{ fileId: number; fileBuffer: ArrayBuffer; thumbnailBuffer?: ArrayBuffer } | undefined
> => {
const status = writable<FileUploadStatus>({ const status = writable<FileUploadStatus>({
name: file.name, name: file.name,
parentId, parentId,
@@ -213,7 +198,6 @@ export const uploadFile = async (
nameEncrypted, nameEncrypted,
createdAtEncrypted, createdAtEncrypted,
lastModifiedAtEncrypted, lastModifiedAtEncrypted,
thumbnail,
} = await encryptFile(status, file, fileBuffer, masterKey); } = await encryptFile(status, file, fileBuffer, masterKey);
const form = new FormData(); const form = new FormData();
@@ -234,26 +218,13 @@ export const uploadFile = async (
createdAtIv: createdAtEncrypted?.iv, createdAtIv: createdAtEncrypted?.iv,
lastModifiedAt: lastModifiedAtEncrypted.ciphertext, lastModifiedAt: lastModifiedAtEncrypted.ciphertext,
lastModifiedAtIv: lastModifiedAtEncrypted.iv, lastModifiedAtIv: lastModifiedAtEncrypted.iv,
} satisfies FileUploadRequest), } as FileUploadRequest),
); );
form.set("content", new Blob([fileEncrypted.ciphertext])); form.set("content", new Blob([fileEncrypted.ciphertext]));
form.set("checksum", fileEncryptedHash); form.set("checksum", fileEncryptedHash);
let thumbnailForm = null; const { fileId } = await requestFileUpload(status, form);
if (thumbnail) { return { fileId, fileBuffer };
thumbnailForm = new FormData();
thumbnailForm.set(
"metadata",
JSON.stringify({
dekVersion: dataKeyVersion.toISOString(),
contentIv: thumbnail.iv,
} satisfies FileThumbnailUploadRequest),
);
thumbnailForm.set("content", new Blob([thumbnail.ciphertext]));
}
const { fileId } = await requestFileUpload(status, form, thumbnailForm);
return { fileId, fileBuffer, thumbnailBuffer: thumbnail?.plaintext };
} catch (e) { } catch (e) {
status.update((value) => { status.update((value) => {
value.status = "error"; value.status = "error";

101
src/lib/modules/filesystem.ts
View File

@@ -1,5 +1,5 @@
import { TRPCClientError } from "@trpc/client";
import { get, writable, type Writable } from "svelte/store"; import { get, writable, type Writable } from "svelte/store";
import { callGetApi } from "$lib/hooks";
import { import {
getDirectoryInfos as getDirectoryInfosFromIndexedDB, getDirectoryInfos as getDirectoryInfosFromIndexedDB,
getDirectoryInfo as getDirectoryInfoFromIndexedDB, getDirectoryInfo as getDirectoryInfoFromIndexedDB,
@@ -12,18 +12,21 @@ import {
getCategoryInfos as getCategoryInfosFromIndexedDB, getCategoryInfos as getCategoryInfosFromIndexedDB,
getCategoryInfo as getCategoryInfoFromIndexedDB, getCategoryInfo as getCategoryInfoFromIndexedDB,
storeCategoryInfo, storeCategoryInfo,
updateCategoryInfo as updateCategoryInfoInIndexedDB,
deleteCategoryInfo, deleteCategoryInfo,
type DirectoryId, type DirectoryId,
type CategoryId, type CategoryId,
} from "$lib/indexedDB"; } from "$lib/indexedDB";
import { unwrapDataKey, decryptString } from "$lib/modules/crypto"; import { unwrapDataKey, decryptString } from "$lib/modules/crypto";
import { trpc } from "$trpc/client"; import type {
CategoryInfoResponse,
CategoryFileListResponse,
DirectoryInfoResponse,
FileInfoResponse,
} from "$lib/server/schemas";
export type DirectoryInfo = export type DirectoryInfo =
| { | {
id: "root"; id: "root";
parentId?: undefined;
dataKey?: undefined; dataKey?: undefined;
dataKeyVersion?: undefined; dataKeyVersion?: undefined;
name?: undefined; name?: undefined;
@@ -32,7 +35,6 @@ export type DirectoryInfo =
} }
| { | {
id: number; id: number;
parentId: DirectoryId;
dataKey?: CryptoKey; dataKey?: CryptoKey;
dataKeyVersion?: Date; dataKeyVersion?: Date;
name: string; name: string;
@@ -42,7 +44,6 @@ export type DirectoryInfo =
export interface FileInfo { export interface FileInfo {
id: number; id: number;
parentId: DirectoryId;
dataKey?: CryptoKey; dataKey?: CryptoKey;
dataKeyVersion?: Date; dataKeyVersion?: Date;
contentType: string; contentType: string;
@@ -61,7 +62,6 @@ export type CategoryInfo =
name?: undefined; name?: undefined;
subCategoryIds: number[]; subCategoryIds: number[];
files?: undefined; files?: undefined;
isFileRecursive?: undefined;
} }
| { | {
id: number; id: number;
@@ -70,7 +70,6 @@ export type CategoryInfo =
name: string; name: string;
subCategoryIds: number[]; subCategoryIds: number[];
files: { id: number; isRecursive: boolean }[]; files: { id: number; isRecursive: boolean }[];
isFileRecursive: boolean;
}; };
const directoryInfoStore = new Map<DirectoryId, Writable<DirectoryInfo | null>>(); const directoryInfoStore = new Map<DirectoryId, Writable<DirectoryInfo | null>>();
@@ -95,13 +94,7 @@ const fetchDirectoryInfoFromIndexedDB = async (
info.set({ id, subDirectoryIds, fileIds }); info.set({ id, subDirectoryIds, fileIds });
} else { } else {
if (!directory) return; if (!directory) return;
info.set({ info.set({ id, name: directory.name, subDirectoryIds, fileIds });
id,
parentId: directory.parentId,
name: directory.name,
subDirectoryIds,
fileIds,
});
} }
}; };
@@ -110,19 +103,20 @@ const fetchDirectoryInfoFromServer = async (
info: Writable<DirectoryInfo | null>, info: Writable<DirectoryInfo | null>,
masterKey: CryptoKey, masterKey: CryptoKey,
) => { ) => {
let data; const res = await callGetApi(`/api/directory/${id}`);
try { if (res.status === 404) {
data = await trpc().directory.get.query({ id });
} catch (e) {
if (e instanceof TRPCClientError && e.data?.code === "NOT_FOUND") {
info.set(null); info.set(null);
await deleteDirectoryInfo(id as number); await deleteDirectoryInfo(id as number);
return; return;
} } else if (!res.ok) {
throw new Error("Failed to fetch directory information"); throw new Error("Failed to fetch directory information");
} }
const { metadata, subDirectories: subDirectoryIds, files: fileIds } = data; const {
metadata,
subDirectories: subDirectoryIds,
files: fileIds,
}: DirectoryInfoResponse = await res.json();
if (id === "root") { if (id === "root") {
info.set({ id, subDirectoryIds, fileIds }); info.set({ id, subDirectoryIds, fileIds });
@@ -132,7 +126,6 @@ const fetchDirectoryInfoFromServer = async (
info.set({ info.set({
id, id,
parentId: metadata!.parent,
dataKey, dataKey,
dataKeyVersion: new Date(metadata!.dekVersion), dataKeyVersion: new Date(metadata!.dekVersion),
name, name,
@@ -183,17 +176,16 @@ const fetchFileInfoFromServer = async (
info: Writable<FileInfo | null>, info: Writable<FileInfo | null>,
masterKey: CryptoKey, masterKey: CryptoKey,
) => { ) => {
let metadata; const res = await callGetApi(`/api/file/${id}`);
try { if (res.status === 404) {
metadata = await trpc().file.get.query({ id });
} catch (e) {
if (e instanceof TRPCClientError && e.data?.code === "NOT_FOUND") {
info.set(null); info.set(null);
await deleteFileInfo(id); await deleteFileInfo(id);
return; return;
} } else if (!res.ok) {
throw new Error("Failed to fetch file information"); throw new Error("Failed to fetch file information");
} }
const metadata: FileInfoResponse = await res.json();
const { dataKey } = await unwrapDataKey(metadata.dek, masterKey); const { dataKey } = await unwrapDataKey(metadata.dek, masterKey);
const name = await decryptString(metadata.name, metadata.nameIv, dataKey); const name = await decryptString(metadata.name, metadata.nameIv, dataKey);
@@ -209,7 +201,6 @@ const fetchFileInfoFromServer = async (
info.set({ info.set({
id, id,
parentId: metadata.parent,
dataKey, dataKey,
dataKeyVersion: new Date(metadata.dekVersion), dataKeyVersion: new Date(metadata.dekVersion),
contentType: metadata.contentType, contentType: metadata.contentType,
@@ -264,13 +255,7 @@ const fetchCategoryInfoFromIndexedDB = async (
info.set({ id, subCategoryIds }); info.set({ id, subCategoryIds });
} else { } else {
if (!category) return; if (!category) return;
info.set({ info.set({ id, name: category.name, subCategoryIds, files: category.files });
id,
name: category.name,
subCategoryIds,
files: category.files,
isFileRecursive: category.isFileRecursive,
});
} }
}; };
@@ -279,19 +264,16 @@ const fetchCategoryInfoFromServer = async (
info: Writable<CategoryInfo | null>, info: Writable<CategoryInfo | null>,
masterKey: CryptoKey, masterKey: CryptoKey,
) => { ) => {
let data; let res = await callGetApi(`/api/category/${id}`);
try { if (res.status === 404) {
data = await trpc().category.get.query({ id });
} catch (e) {
if (e instanceof TRPCClientError && e.data?.code === "NOT_FOUND") {
info.set(null); info.set(null);
await deleteCategoryInfo(id as number); await deleteCategoryInfo(id as number);
return; return;
} } else if (!res.ok) {
throw new Error("Failed to fetch category information"); throw new Error("Failed to fetch category information");
} }
const { metadata, subCategories } = data; const { metadata, subCategories }: CategoryInfoResponse = await res.json();
if (id === "root") { if (id === "root") {
info.set({ id, subCategoryIds: subCategories }); info.set({ id, subCategoryIds: subCategories });
@@ -299,36 +281,27 @@ const fetchCategoryInfoFromServer = async (
const { dataKey } = await unwrapDataKey(metadata!.dek, masterKey); const { dataKey } = await unwrapDataKey(metadata!.dek, masterKey);
const name = await decryptString(metadata!.name, metadata!.nameIv, dataKey); const name = await decryptString(metadata!.name, metadata!.nameIv, dataKey);
let files; res = await callGetApi(`/api/category/${id}/file/list?recurse=true`);
try { if (!res.ok) {
files = await trpc().category.files.query({ id, recurse: true });
} catch {
throw new Error("Failed to fetch category files"); throw new Error("Failed to fetch category files");
} }
const { files }: CategoryFileListResponse = await res.json();
const filesMapped = files.map(({ file, isRecursive }) => ({ id: file, isRecursive })); const filesMapped = files.map(({ file, isRecursive }) => ({ id: file, isRecursive }));
let isFileRecursive: boolean | undefined = undefined;
info.update((value) => { info.set({
const newValue = {
isFileRecursive: false,
...value,
id, id,
dataKey, dataKey,
dataKeyVersion: new Date(metadata!.dekVersion), dataKeyVersion: new Date(metadata!.dekVersion),
name, name,
subCategoryIds: subCategories, subCategoryIds: subCategories,
files: filesMapped, files: filesMapped,
};
isFileRecursive = newValue.isFileRecursive;
return newValue;
}); });
await storeCategoryInfo({ await storeCategoryInfo({
id, id,
parentId: metadata!.parent, parentId: metadata!.parent,
name, name,
files: filesMapped, files: filesMapped,
isFileRecursive: isFileRecursive!,
}); });
} }
}; };
@@ -354,17 +327,3 @@ export const getCategoryInfo = (categoryId: CategoryId, masterKey: CryptoKey) =>
fetchCategoryInfo(categoryId, info, masterKey); // Intended fetchCategoryInfo(categoryId, info, masterKey); // Intended
return info; return info;
}; };
export const updateCategoryInfo = async (
categoryId: number,
changes: { isFileRecursive?: boolean },
) => {
await updateCategoryInfoInIndexedDB(categoryId, changes);
categoryInfoStore.get(categoryId)?.update((value) => {
if (!value) return value;
if (changes.isFileRecursive !== undefined) {
value.isFileRecursive = changes.isFileRecursive;
}
return value;
});
};

65
src/lib/modules/key.ts
View File

@@ -1,65 +0,0 @@
import { z } from "zod";
import { storeClientKey } from "$lib/indexedDB";
import type { ClientKeys } from "$lib/stores";
const serializedClientKeysSchema = z.intersection(
z.object({
generator: z.literal("ArkVault"),
exportedAt: z.iso.datetime(),
}),
z.object({
version: z.literal(1),
encryptKey: z.base64().nonempty(),
decryptKey: z.base64().nonempty(),
signKey: z.base64().nonempty(),
verifyKey: z.base64().nonempty(),
}),
);
type SerializedClientKeys = z.infer<typeof serializedClientKeysSchema>;
type DeserializedClientKeys = {
encryptKeyBase64: string;
decryptKeyBase64: string;
signKeyBase64: string;
verifyKeyBase64: string;
};
export const serializeClientKeys = ({
encryptKeyBase64,
decryptKeyBase64,
signKeyBase64,
verifyKeyBase64,
}: DeserializedClientKeys) => {
return JSON.stringify({
version: 1,
generator: "ArkVault",
exportedAt: new Date().toISOString(),
encryptKey: encryptKeyBase64,
decryptKey: decryptKeyBase64,
signKey: signKeyBase64,
verifyKey: verifyKeyBase64,
} satisfies SerializedClientKeys);
};
export const deserializeClientKeys = (serialized: string) => {
const zodRes = serializedClientKeysSchema.safeParse(JSON.parse(serialized));
if (zodRes.success) {
return {
encryptKeyBase64: zodRes.data.encryptKey,
decryptKeyBase64: zodRes.data.decryptKey,
signKeyBase64: zodRes.data.signKey,
verifyKeyBase64: zodRes.data.verifyKey,
} satisfies DeserializedClientKeys;
}
return undefined;
};
export const storeClientKeys = async (clientKeys: ClientKeys) => {
await Promise.all([
storeClientKey(clientKeys.encryptKey, "encrypt"),
storeClientKey(clientKeys.decryptKey, "decrypt"),
storeClientKey(clientKeys.signKey, "sign"),
storeClientKey(clientKeys.verifyKey, "verify"),
]);
};

36
src/lib/modules/opfs.ts
View File

@@ -59,39 +59,3 @@ export const deleteFile = async (path: string) => {
await parentHandle.removeEntry(filename); await parentHandle.removeEntry(filename);
}; };
const getDirectoryHandle = async (path: string) => {
if (!rootHandle) {
throw new Error("OPFS not prepared");
} else if (path[0] !== "/") {
throw new Error("Path must be absolute");
}
const parts = path.split("/");
if (parts.length <= 1) {
throw new Error("Invalid path");
}
try {
let directoryHandle = rootHandle;
let parentHandle;
for (const part of parts.slice(1)) {
if (!part) continue;
parentHandle = directoryHandle;
directoryHandle = await directoryHandle.getDirectoryHandle(part);
}
return { directoryHandle, parentHandle };
} catch (e) {
if (e instanceof DOMException && e.name === "NotFoundError") {
return {};
}
throw e;
}
};
export const deleteDirectory = async (path: string) => {
const { directoryHandle, parentHandle } = await getDirectoryHandle(path);
if (!parentHandle) return;
await parentHandle.removeEntry(directoryHandle.name, { recursive: true });
};

127
src/lib/modules/thumbnail.ts
View File

@@ -1,127 +0,0 @@
import { encodeToBase64 } from "$lib/modules/crypto";
const scaleSize = (width: number, height: number, targetSize: number) => {
if (width <= targetSize || height <= targetSize) {
return { width, height };
}
const scale = targetSize / Math.min(width, height);
return {
width: Math.round(width * scale),
height: Math.round(height * scale),
};
};
const capture = (
width: number,
height: number,
drawer: (context: CanvasRenderingContext2D, width: number, height: number) => void,
targetSize = 250,
) => {
return new Promise<Blob>((resolve, reject) => {
const canvas = document.createElement("canvas");
const { width: scaledWidth, height: scaledHeight } = scaleSize(width, height, targetSize);
canvas.width = scaledWidth;
canvas.height = scaledHeight;
const context = canvas.getContext("2d");
if (!context) {
return reject(new Error("Failed to generate thumbnail"));
}
drawer(context, scaledWidth, scaledHeight);
canvas.toBlob((blob) => {
if (blob && blob.type === "image/webp") {
resolve(blob);
} else {
reject(new Error("Failed to generate thumbnail"));
}
}, "image/webp");
});
};
const generateImageThumbnail = (imageUrl: string) => {
return new Promise<Blob>((resolve, reject) => {
const image = new Image();
image.onload = () => {
capture(image.width, image.height, (context, width, height) => {
context.drawImage(image, 0, 0, width, height);
})
.then(resolve)
.catch(reject);
};
image.onerror = reject;
image.src = imageUrl;
});
};
export const captureVideoThumbnail = (video: HTMLVideoElement) => {
return capture(video.videoWidth, video.videoHeight, (context, width, height) => {
context.drawImage(video, 0, 0, width, height);
});
};
const generateVideoThumbnail = (videoUrl: string, time = 0) => {
return new Promise<Blob>((resolve, reject) => {
const video = document.createElement("video");
video.onloadedmetadata = () => {
if (video.videoWidth === 0 || video.videoHeight === 0) {
return reject();
}
const callbackId = video.requestVideoFrameCallback(() => {
captureVideoThumbnail(video).then(resolve).catch(reject);
video.cancelVideoFrameCallback(callbackId);
});
video.currentTime = Math.min(time, video.duration);
};
video.onerror = reject;
video.muted = true;
video.playsInline = true;
video.src = videoUrl;
});
};
export const generateThumbnail = async (fileBuffer: ArrayBuffer, fileType: string) => {
let url;
try {
if (fileType.startsWith("image/")) {
const fileBlob = new Blob([fileBuffer], { type: fileType });
url = URL.createObjectURL(fileBlob);
try {
return await generateImageThumbnail(url);
} catch {
URL.revokeObjectURL(url);
url = undefined;
if (fileType === "image/heic") {
const { default: heic2any } = await import("heic2any");
url = URL.createObjectURL(
(await heic2any({ blob: fileBlob, toType: "image/png" })) as Blob,
);
return await generateImageThumbnail(url);
} else {
return null;
}
}
} else if (fileType.startsWith("video/")) {
url = URL.createObjectURL(new Blob([fileBuffer], { type: fileType }));
return await generateVideoThumbnail(url);
}
return null;
} catch {
return null;
} finally {
if (url) {
URL.revokeObjectURL(url);
}
}
};
export const getThumbnailUrl = (thumbnailBuffer: ArrayBuffer) => {
return `data:image/webp;base64,${encodeToBase64(thumbnailBuffer)}`;
};

36
src/lib/utils/format.ts → src/lib/modules/util.ts
View File

@@ -7,13 +7,6 @@ export const formatDate = (date: Date) => {
return `${year}. ${month}. ${day}.`; return `${year}. ${month}. ${day}.`;
}; };
export const formatDateSortable = (date: Date) => {
const year = date.getFullYear();
const month = pad2(date.getMonth() + 1);
const day = pad2(date.getDate());
return `${year}${month}${day}`;
};
export const formatDateTime = (date: Date) => { export const formatDateTime = (date: Date) => {
const dateFormatted = formatDate(date); const dateFormatted = formatDate(date);
const hours = date.getHours(); const hours = date.getHours();
@@ -39,3 +32,32 @@ export const truncateString = (str: string, maxLength = 20) => {
if (str.length <= maxLength) return str; if (str.length <= maxLength) return str;
return `${str.slice(0, maxLength)}...`; return `${str.slice(0, maxLength)}...`;
}; };
export enum SortBy {
NAME_ASC,
NAME_DESC,
}
type SortFunc = (a?: string, b?: string) => number;
const collator = new Intl.Collator(undefined, { numeric: true, sensitivity: "base" });
const sortByNameAsc: SortFunc = (a, b) => {
if (a && b) return collator.compare(a, b);
if (a) return -1;
if (b) return 1;
return 0;
};
const sortByNameDesc: SortFunc = (a, b) => -sortByNameAsc(a, b);
export const sortEntries = <T extends { name?: string }>(entries: T[], sortBy: SortBy) => {
let sortFunc: SortFunc;
if (sortBy === SortBy.NAME_ASC) {
sortFunc = sortByNameAsc;
} else {
sortFunc = sortByNameDesc;
}
entries.sort((a, b) => sortFunc(a.name, b.name));
};

34
src/lib/server/db/client.ts
View File

@@ -98,6 +98,22 @@ export const createUserClient = async (userId: number, clientId: number) => {
} }
}; };
export const getAllUserClients = async (userId: number) => {
const userClients = await db
.selectFrom("user_client")
.selectAll()
.where("user_id", "=", userId)
.execute();
return userClients.map(
({ user_id, client_id, state }) =>
({
userId: user_id,
clientId: client_id,
state,
}) satisfies UserClient,
);
};
export const getUserClient = async (userId: number, clientId: number) => { export const getUserClient = async (userId: number, clientId: number) => {
const userClient = await db const userClient = await db
.selectFrom("user_client") .selectFrom("user_client")
@@ -162,7 +178,7 @@ export const registerUserClientChallenge = async (
allowedIp: string, allowedIp: string,
expiresAt: Date, expiresAt: Date,
) => { ) => {
const { id } = await db await db
.insertInto("user_client_challenge") .insertInto("user_client_challenge")
.values({ .values({
user_id: userId, user_id: userId,
@@ -171,25 +187,19 @@ export const registerUserClientChallenge = async (
allowed_ip: allowedIp, allowed_ip: allowedIp,
expires_at: expiresAt, expires_at: expiresAt,
}) })
.returning("id") .execute();
.executeTakeFirstOrThrow();
return { id };
}; };
export const consumeUserClientChallenge = async ( export const consumeUserClientChallenge = async (userId: number, answer: string, ip: string) => {
challengeId: number,
userId: number,
ip: string,
) => {
const challenge = await db const challenge = await db
.deleteFrom("user_client_challenge") .deleteFrom("user_client_challenge")
.where("id", "=", challengeId)
.where("user_id", "=", userId) .where("user_id", "=", userId)
.where("answer", "=", answer)
.where("allowed_ip", "=", ip) .where("allowed_ip", "=", ip)
.where("expires_at", ">", new Date()) .where("expires_at", ">", new Date())
.returning(["client_id", "answer"]) .returning("client_id")
.executeTakeFirst(); .executeTakeFirst();
return challenge ? { clientId: challenge.client_id, answer: challenge.answer } : null; return challenge ? { clientId: challenge.client_id } : null;
}; };
export const cleanupExpiredUserClientChallenges = async () => { export const cleanupExpiredUserClientChallenges = async () => {

42
src/lib/server/db/file.ts
View File

@@ -163,24 +163,16 @@ export const unregisterDirectory = async (userId: number, directoryId: number) =
.setIsolationLevel("repeatable read") // TODO: Sufficient? .setIsolationLevel("repeatable read") // TODO: Sufficient?
.execute(async (trx) => { .execute(async (trx) => {
const unregisterFiles = async (parentId: number) => { const unregisterFiles = async (parentId: number) => {
const files = await trx return await trx
.selectFrom("file")
.leftJoin("thumbnail", "file.id", "thumbnail.file_id")
.select(["file.id", "file.path", "thumbnail.path as thumbnailPath"])
.where("file.parent_id", "=", parentId)
.where("file.user_id", "=", userId)
.forUpdate("file")
.execute();
await trx
.deleteFrom("file") .deleteFrom("file")
.where("parent_id", "=", parentId) .where("parent_id", "=", parentId)
.where("user_id", "=", userId) .where("user_id", "=", userId)
.returning(["id", "path"])
.execute(); .execute();
return files;
}; };
const unregisterDirectoryRecursively = async ( const unregisterDirectoryRecursively = async (
directoryId: number, directoryId: number,
): Promise<{ id: number; path: string; thumbnailPath: string | null }[]> => { ): Promise<{ id: number; path: string }[]> => {
const files = await unregisterFiles(directoryId); const files = await unregisterFiles(directoryId);
const subDirectories = await trx const subDirectories = await trx
.selectFrom("directory") .selectFrom("directory")
@@ -335,17 +327,11 @@ export const getAllFilesByCategory = async (
.where("user_id", "=", userId) .where("user_id", "=", userId)
.where("file_id", "is not", null) .where("file_id", "is not", null)
.$narrowType<{ file_id: NotNull }>() .$narrowType<{ file_id: NotNull }>()
.orderBy("file_id") .orderBy(["file_id", "depth"])
.orderBy("depth")
.execute(); .execute();
return files.map(({ file_id, depth }) => ({ id: file_id, isRecursive: depth > 0 })); return files.map(({ file_id, depth }) => ({ id: file_id, isRecursive: depth > 0 }));
}; };
export const getAllFileIds = async (userId: number) => {
const files = await db.selectFrom("file").select("id").where("user_id", "=", userId).execute();
return files.map(({ id }) => id);
};
export const getAllFileIdsByContentHmac = async ( export const getAllFileIdsByContentHmac = async (
userId: number, userId: number,
hskVersion: number, hskVersion: number,
@@ -358,7 +344,7 @@ export const getAllFileIdsByContentHmac = async (
.where("hmac_secret_key_version", "=", hskVersion) .where("hmac_secret_key_version", "=", hskVersion)
.where("content_hmac", "=", contentHmac) .where("content_hmac", "=", contentHmac)
.execute(); .execute();
return files.map(({ id }) => id); return files.map(({ id }) => ({ id }));
}; };
export const getFile = async (userId: number, fileId: number) => { export const getFile = async (userId: number, fileId: number) => {
@@ -430,22 +416,16 @@ export const setFileEncName = async (
}; };
export const unregisterFile = async (userId: number, fileId: number) => { export const unregisterFile = async (userId: number, fileId: number) => {
return await db.transaction().execute(async (trx) => { const file = await db
const file = await trx .deleteFrom("file")
.selectFrom("file") .where("id", "=", fileId)
.leftJoin("thumbnail", "file.id", "thumbnail.file_id") .where("user_id", "=", userId)
.select(["file.path", "thumbnail.path as thumbnailPath"]) .returning("path")
.where("file.id", "=", fileId)
.where("file.user_id", "=", userId)
.forUpdate("file")
.executeTakeFirst(); .executeTakeFirst();
if (!file) { if (!file) {
throw new IntegrityError("File not found"); throw new IntegrityError("File not found");
} }
return { path: file.path };
await trx.deleteFrom("file").where("id", "=", fileId).execute();
return file;
});
}; };
export const addFileToCategory = async (fileId: number, categoryId: number) => { export const addFileToCategory = async (fileId: number, categoryId: number) => {

10
src/lib/server/db/index.ts
View File

@@ -1,10 +0,0 @@
export * as CategoryRepo from "./category";
export * as ClientRepo from "./client";
export * as FileRepo from "./file";
export * as HskRepo from "./hsk";
export * as MediaRepo from "./media";
export * as MekRepo from "./mek";
export * as SessionRepo from "./session";
export * as UserRepo from "./user";
export * from "./error";

110
src/lib/server/db/media.ts
View File

@@ -1,110 +0,0 @@
import type { NotNull } from "kysely";
import { IntegrityError } from "./error";
import db from "./kysely";
interface Thumbnail {
id: number;
path: string;
updatedAt: Date;
encContentIv: string;
}
interface FileThumbnail extends Thumbnail {
fileId: number;
}
export const updateFileThumbnail = async (
userId: number,
fileId: number,
dekVersion: Date,
path: string,
encContentIv: string,
) => {
return await db.transaction().execute(async (trx) => {
const file = await trx
.selectFrom("file")
.select("data_encryption_key_version")
.where("id", "=", fileId)
.where("user_id", "=", userId)
.limit(1)
.forUpdate()
.executeTakeFirst();
if (!file) {
throw new IntegrityError("File not found");
} else if (file.data_encryption_key_version.getTime() !== dekVersion.getTime()) {
throw new IntegrityError("Invalid DEK version");
}
const thumbnail = await trx
.selectFrom("thumbnail")
.select("path as oldPath")
.where("file_id", "=", fileId)
.limit(1)
.forUpdate()
.executeTakeFirst();
const now = new Date();
await trx
.insertInto("thumbnail")
.values({
file_id: fileId,
path,
updated_at: now,
encrypted_content_iv: encContentIv,
})
.onConflict((oc) =>
oc.column("file_id").doUpdateSet({
path,
updated_at: now,
encrypted_content_iv: encContentIv,
}),
)
.execute();
return thumbnail?.oldPath ?? null;
});
};
export const getFileThumbnail = async (userId: number, fileId: number) => {
const thumbnail = await db
.selectFrom("thumbnail")
.innerJoin("file", "thumbnail.file_id", "file.id")
.selectAll("thumbnail")
.where("file.id", "=", fileId)
.where("file.user_id", "=", userId)
.$narrowType<{ file_id: NotNull }>()
.limit(1)
.executeTakeFirst();
return thumbnail
? ({
id: thumbnail.id,
fileId: thumbnail.file_id,
path: thumbnail.path,
encContentIv: thumbnail.encrypted_content_iv,
updatedAt: thumbnail.updated_at,
} satisfies FileThumbnail)
: null;
};
export const getMissingFileThumbnails = async (userId: number, limit: number = 100) => {
const files = await db
.selectFrom("file")
.select("id")
.where("user_id", "=", userId)
.where((eb) =>
eb.or([eb("content_type", "like", "image/%"), eb("content_type", "like", "video/%")]),
)
.where((eb) =>
eb.not(
eb.exists(
eb
.selectFrom("thumbnail")
.select("thumbnail.id")
.whereRef("thumbnail.file_id", "=", "file.id")
.limit(1),
),
),
)
.limit(limit)
.execute();
return files.map(({ id }) => id);
};

13
src/lib/server/db/mek.ts
View File

@@ -60,6 +60,19 @@ export const registerInitialMek = async (
}); });
}; };
export const getInitialMek = async (userId: number) => {
const mek = await db
.selectFrom("master_encryption_key")
.selectAll()
.where("user_id", "=", userId)
.where("version", "=", 1)
.limit(1)
.executeTakeFirst();
return mek
? ({ userId: mek.user_id, version: mek.version, state: mek.state } satisfies Mek)
: null;
};
export const getAllValidClientMeks = async (userId: number, clientId: number) => { export const getAllValidClientMeks = async (userId: number, clientId: number) => {
const clientMeks = await db const clientMeks = await db
.selectFrom("client_master_encryption_key") .selectFrom("client_master_encryption_key")

31
src/lib/server/db/migrations/1738409340-AddThumbnail.ts
View File

@@ -1,31 +0,0 @@
import { Kysely, sql } from "kysely";
// eslint-disable-next-line @typescript-eslint/no-explicit-any
export const up = async (db: Kysely<any>) => {
// media.ts
await db.schema
.createTable("thumbnail")
.addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
.addColumn("directory_id", "integer", (col) =>
col.references("directory.id").onDelete("cascade").unique(),
)
.addColumn("file_id", "integer", (col) =>
col.references("file.id").onDelete("cascade").unique(),
)
.addColumn("category_id", "integer", (col) =>
col.references("category.id").onDelete("cascade").unique(),
)
.addColumn("path", "text", (col) => col.unique().notNull())
.addColumn("updated_at", "timestamp(3)", (col) => col.notNull())
.addColumn("encrypted_content_iv", "text", (col) => col.notNull())
.addCheckConstraint(
"thumbnail_ck01",
sql`(file_id IS NOT NULL)::integer + (directory_id IS NOT NULL)::integer + (category_id IS NOT NULL)::integer = 1`,
)
.execute();
};
// eslint-disable-next-line @typescript-eslint/no-explicit-any
export const down = async (db: Kysely<any>) => {
await db.schema.dropTable("thumbnail").execute();
};

2
src/lib/server/db/migrations/index.ts
View File

@@ -1,9 +1,7 @@
import * as Initial1737357000 from "./1737357000-Initial"; import * as Initial1737357000 from "./1737357000-Initial";
import * as AddFileCategory1737422340 from "./1737422340-AddFileCategory"; import * as AddFileCategory1737422340 from "./1737422340-AddFileCategory";
import * as AddThumbnail1738409340 from "./1738409340-AddThumbnail";
export default { export default {
"1737357000-Initial": Initial1737357000, "1737357000-Initial": Initial1737357000,
"1737422340-AddFileCategory": AddFileCategory1737422340, "1737422340-AddFileCategory": AddFileCategory1737422340,
"1738409340-AddThumbnail": AddThumbnail1738409340,
}; };

1
src/lib/server/db/schema/index.ts
View File

@@ -2,7 +2,6 @@ export * from "./category";
export * from "./client"; export * from "./client";
export * from "./file"; export * from "./file";
export * from "./hsk"; export * from "./hsk";
export * from "./media";
export * from "./mek"; export * from "./mek";
export * from "./session"; export * from "./session";
export * from "./user"; export * from "./user";

17
src/lib/server/db/schema/media.ts
View File

@@ -1,17 +0,0 @@
import type { Generated } from "kysely";
interface ThumbnailTable {
id: Generated<number>;
directory_id: number | null;
file_id: number | null;
category_id: number | null;
path: string;
updated_at: Date;
encrypted_content_iv: string; // Base64
}
declare module "./index" {
interface Database {
thumbnail: ThumbnailTable;
}
}

49
src/lib/server/db/session.ts
View File

@@ -5,22 +5,31 @@ import db from "./kysely";
export const createSession = async ( export const createSession = async (
userId: number, userId: number,
clientId: number | null,
sessionId: string, sessionId: string,
ip: string | null, ip: string | null,
agent: string | null, agent: string | null,
) => { ) => {
try {
const now = new Date(); const now = new Date();
await db await db
.insertInto("session") .insertInto("session")
.values({ .values({
id: sessionId, id: sessionId,
user_id: userId, user_id: userId,
client_id: clientId,
created_at: now, created_at: now,
last_used_at: now, last_used_at: now,
last_used_by_ip: ip || null, last_used_by_ip: ip || null,
last_used_by_agent: agent || null, last_used_by_agent: agent || null,
}) })
.execute(); .execute();
} catch (e) {
if (e instanceof pg.DatabaseError && e.code === "23505") {
throw new IntegrityError("Session already exists");
}
throw e;
}
}; };
export const refreshSession = async ( export const refreshSession = async (
@@ -46,23 +55,8 @@ export const refreshSession = async (
return { userId: session.user_id, clientId: session.client_id }; return { userId: session.user_id, clientId: session.client_id };
}; };
export const upgradeSession = async ( export const upgradeSession = async (sessionId: string, clientId: number) => {
userId: number, const res = await db
sessionId: string,
clientId: number,
force: boolean,
) => {
try {
await db.transaction().execute(async (trx) => {
if (force) {
await trx
.deleteFrom("session")
.where("id", "!=", sessionId)
.where("user_id", "=", userId)
.where("client_id", "=", clientId)
.execute();
}
const res = await trx
.updateTable("session") .updateTable("session")
.set({ client_id: clientId }) .set({ client_id: clientId })
.where("id", "=", sessionId) .where("id", "=", sessionId)
@@ -71,13 +65,6 @@ export const upgradeSession = async (
if (res.numUpdatedRows === 0n) { if (res.numUpdatedRows === 0n) {
throw new IntegrityError("Session not found"); throw new IntegrityError("Session not found");
} }
});
} catch (e) {
if (e instanceof pg.DatabaseError && e.code === "23505") {
throw new IntegrityError("Session already exists");
}
throw e;
}
}; };
export const deleteSession = async (sessionId: string) => { export const deleteSession = async (sessionId: string) => {
@@ -107,7 +94,7 @@ export const registerSessionUpgradeChallenge = async (
expiresAt: Date, expiresAt: Date,
) => { ) => {
try { try {
const { id } = await db await db
.insertInto("session_upgrade_challenge") .insertInto("session_upgrade_challenge")
.values({ .values({
session_id: sessionId, session_id: sessionId,
@@ -116,9 +103,7 @@ export const registerSessionUpgradeChallenge = async (
allowed_ip: allowedIp, allowed_ip: allowedIp,
expires_at: expiresAt, expires_at: expiresAt,
}) })
.returning("id") .execute();
.executeTakeFirstOrThrow();
return { id };
} catch (e) { } catch (e) {
if (e instanceof pg.DatabaseError && e.code === "23505") { if (e instanceof pg.DatabaseError && e.code === "23505") {
throw new IntegrityError("Challenge already registered"); throw new IntegrityError("Challenge already registered");
@@ -128,19 +113,19 @@ export const registerSessionUpgradeChallenge = async (
}; };
export const consumeSessionUpgradeChallenge = async ( export const consumeSessionUpgradeChallenge = async (
challengeId: number,
sessionId: string, sessionId: string,
answer: string,
ip: string, ip: string,
) => { ) => {
const challenge = await db const challenge = await db
.deleteFrom("session_upgrade_challenge") .deleteFrom("session_upgrade_challenge")
.where("id", "=", challengeId)
.where("session_id", "=", sessionId) .where("session_id", "=", sessionId)
.where("answer", "=", answer)
.where("allowed_ip", "=", ip) .where("allowed_ip", "=", ip)
.where("expires_at", ">", new Date()) .where("expires_at", ">", new Date())
.returning(["client_id", "answer"]) .returning("client_id")
.executeTakeFirst(); .executeTakeFirst();
return challenge ? { clientId: challenge.client_id, answer: challenge.answer } : null; return challenge ? { clientId: challenge.client_id } : null;
}; };
export const cleanupExpiredSessionUpgradeChallenges = async () => { export const cleanupExpiredSessionUpgradeChallenges = async () => {

4
src/lib/server/db/user.ts
View File

@@ -27,6 +27,10 @@ export const getUserByEmail = async (email: string) => {
return user ? (user satisfies User) : null; return user ? (user satisfies User) : null;
}; };
export const setUserNickname = async (userId: number, nickname: string) => {
await db.updateTable("user").set({ nickname }).where("id", "=", userId).execute();
};
export const setUserPassword = async (userId: number, password: string) => { export const setUserPassword = async (userId: number, password: string) => {
await db.updateTable("user").set({ password }).where("id", "=", userId).execute(); await db.updateTable("user").set({ password }).where("id", "=", userId).execute();
}; };

1
src/lib/server/loadenv.ts
View File

@@ -25,5 +25,4 @@ export default {
sessionUpgradeExp: ms(env.SESSION_UPGRADE_CHALLENGE_EXPIRES || "5m"), sessionUpgradeExp: ms(env.SESSION_UPGRADE_CHALLENGE_EXPIRES || "5m"),
}, },
libraryPath: env.LIBRARY_PATH || "library", libraryPath: env.LIBRARY_PATH || "library",
thumbnailsPath: env.THUMBNAILS_PATH || "thumbnails",
}; };

11
src/lib/server/middlewares/authenticate.ts
View File

@@ -1,7 +1,12 @@
import { error, redirect, type Handle } from "@sveltejs/kit"; import { error, redirect, type Handle } from "@sveltejs/kit";
import { cookieOptions, authenticate, AuthenticationError } from "$lib/server/modules/auth"; import { authenticate, AuthenticationError } from "$lib/server/modules/auth";
export const authenticateMiddleware: Handle = async ({ event, resolve }) => { export const authenticateMiddleware: Handle = async ({ event, resolve }) => {
const { pathname, search } = event.url;
if (pathname === "/api/auth/login") {
return await resolve(event);
}
try { try {
const sessionIdSigned = event.cookies.get("sessionId"); const sessionIdSigned = event.cookies.get("sessionId");
if (!sessionIdSigned) { if (!sessionIdSigned) {
@@ -10,11 +15,9 @@ export const authenticateMiddleware: Handle = async ({ event, resolve }) => {
const { ip, userAgent } = event.locals; const { ip, userAgent } = event.locals;
event.locals.session = await authenticate(sessionIdSigned, ip, userAgent); event.locals.session = await authenticate(sessionIdSigned, ip, userAgent);
event.cookies.set("sessionId", sessionIdSigned, cookieOptions);
} catch (e) { } catch (e) {
if (e instanceof AuthenticationError) { if (e instanceof AuthenticationError) {
const { pathname, search } = event.url; if (pathname === "/auth/login") {
if (pathname === "/auth/login" || pathname.startsWith("/api/trpc")) {
return await resolve(event); return await resolve(event);
} else if (pathname.startsWith("/api")) { } else if (pathname.startsWith("/api")) {
error(e.status, e.message); error(e.status, e.message);

114
src/lib/server/modules/auth.ts
View File

@@ -1,25 +1,20 @@
import { error } from "@sveltejs/kit"; import { error } from "@sveltejs/kit";
import { ClientRepo, SessionRepo, IntegrityError } from "$lib/server/db"; import { getUserClient } from "$lib/server/db/client";
import { IntegrityError } from "$lib/server/db/error";
import { createSession, refreshSession } from "$lib/server/db/session";
import env from "$lib/server/loadenv"; import env from "$lib/server/loadenv";
import { verifySessionId } from "$lib/server/modules/crypto"; import { issueSessionId, verifySessionId } from "$lib/server/modules/crypto";
export interface Session { interface Session {
sessionId: string; sessionId: string;
userId: number; userId: number;
clientId?: number; clientId?: number;
} }
export interface ClientSession extends Session { interface ClientSession extends Session {
clientId: number; clientId: number;
} }
export type SessionPermission =
| "any"
| "notClient"
| "anyClient"
| "pendingClient"
| "activeClient";
export class AuthenticationError extends Error { export class AuthenticationError extends Error {
constructor( constructor(
public status: 400 | 401, public status: 400 | 401,
@@ -30,22 +25,11 @@ export class AuthenticationError extends Error {
} }
} }
export class AuthorizationError extends Error { export const startSession = async (userId: number, ip: string, userAgent: string) => {
constructor( const { sessionId, sessionIdSigned } = await issueSessionId(32, env.session.secret);
public status: 403 | 500, await createSession(userId, null, sessionId, ip, userAgent);
message: string, return sessionIdSigned;
) { };
super(message);
this.name = "AuthorizationError";
}
}
export const cookieOptions = {
path: "/",
maxAge: env.session.exp / 1000,
secure: true,
sameSite: "strict",
} as const;
export const authenticate = async (sessionIdSigned: string, ip: string, userAgent: string) => { export const authenticate = async (sessionIdSigned: string, ip: string, userAgent: string) => {
const sessionId = verifySessionId(sessionIdSigned, env.session.secret); const sessionId = verifySessionId(sessionIdSigned, env.session.secret);
@@ -54,7 +38,7 @@ export const authenticate = async (sessionIdSigned: string, ip: string, userAgen
} }
try { try {
const { userId, clientId } = await SessionRepo.refreshSession(sessionId, ip, userAgent); const { userId, clientId } = await refreshSession(sessionId, ip, userAgent);
return { return {
id: sessionId, id: sessionId,
userId, userId,
@@ -68,12 +52,34 @@ export const authenticate = async (sessionIdSigned: string, ip: string, userAgen
} }
}; };
export const authorizeInternal = async ( export async function authorize(locals: App.Locals, requiredPermission: "any"): Promise<Session>;
export async function authorize(
locals: App.Locals, locals: App.Locals,
requiredPermission: SessionPermission, requiredPermission: "notClient",
): Promise<Session> => { ): Promise<Session>;
export async function authorize(
locals: App.Locals,
requiredPermission: "anyClient",
): Promise<ClientSession>;
export async function authorize(
locals: App.Locals,
requiredPermission: "pendingClient",
): Promise<ClientSession>;
export async function authorize(
locals: App.Locals,
requiredPermission: "activeClient",
): Promise<ClientSession>;
export async function authorize(
locals: App.Locals,
requiredPermission: "any" | "notClient" | "anyClient" | "pendingClient" | "activeClient",
): Promise<Session> {
if (!locals.session) { if (!locals.session) {
throw new AuthorizationError(500, "Unauthenticated"); error(500, "Unauthenticated");
} }
const { id: sessionId, userId, clientId } = locals.session; const { id: sessionId, userId, clientId } = locals.session;
@@ -83,63 +89,39 @@ export const authorizeInternal = async (
break; break;
case "notClient": case "notClient":
if (clientId) { if (clientId) {
throw new AuthorizationError(403, "Forbidden"); error(403, "Forbidden");
} }
break; break;
case "anyClient": case "anyClient":
if (!clientId) { if (!clientId) {
throw new AuthorizationError(403, "Forbidden"); error(403, "Forbidden");
} }
break; break;
case "pendingClient": { case "pendingClient": {
if (!clientId) { if (!clientId) {
throw new AuthorizationError(403, "Forbidden"); error(403, "Forbidden");
} }
const userClient = await ClientRepo.getUserClient(userId, clientId); const userClient = await getUserClient(userId, clientId);
if (!userClient) { if (!userClient) {
throw new AuthorizationError(500, "Invalid session id"); error(500, "Invalid session id");
} else if (userClient.state !== "pending") { } else if (userClient.state !== "pending") {
throw new AuthorizationError(403, "Forbidden"); error(403, "Forbidden");
} }
break; break;
} }
case "activeClient": { case "activeClient": {
if (!clientId) { if (!clientId) {
throw new AuthorizationError(403, "Forbidden"); error(403, "Forbidden");
} }
const userClient = await ClientRepo.getUserClient(userId, clientId); const userClient = await getUserClient(userId, clientId);
if (!userClient) { if (!userClient) {
throw new AuthorizationError(500, "Invalid session id"); error(500, "Invalid session id");
} else if (userClient.state !== "active") { } else if (userClient.state !== "active") {
throw new AuthorizationError(403, "Forbidden"); error(403, "Forbidden");
} }
break; break;
} }
} }
return { sessionId, userId, clientId }; return { sessionId, userId, clientId };
};
export async function authorize(
locals: App.Locals,
requiredPermission: "any" | "notClient",
): Promise<Session>;
export async function authorize(
locals: App.Locals,
requiredPermission: "anyClient" | "pendingClient" | "activeClient",
): Promise<ClientSession>;
export async function authorize(
locals: App.Locals,
requiredPermission: SessionPermission,
): Promise<Session> {
try {
return await authorizeInternal(locals, requiredPermission);
} catch (e) {
if (e instanceof AuthorizationError) {
error(e.status, e.message);
}
throw e;
}
} }

7
src/lib/server/modules/filesystem.ts
View File

@@ -1,7 +0,0 @@
import { unlink } from "fs/promises";
export const safeUnlink = async (path: string | null | undefined) => {
if (path) {
await unlink(path).catch(console.error);
}
};

25
src/lib/server/modules/mek.ts Normal file
View File

@@ -0,0 +1,25 @@
import { error } from "@sveltejs/kit";
import { getUserClientWithDetails } from "$lib/server/db/client";
import { getInitialMek } from "$lib/server/db/mek";
import { verifySignature } from "$lib/server/modules/crypto";
export const isInitialMekNeeded = async (userId: number) => {
const initialMek = await getInitialMek(userId);
return !initialMek;
};
export const verifyClientEncMekSig = async (
userId: number,
clientId: number,
version: number,
encMek: string,
encMekSig: string,
) => {
const userClient = await getUserClientWithDetails(userId, clientId);
if (!userClient) {
error(500, "Invalid session id");
}
const data = JSON.stringify({ version, key: encMek });
return verifySignature(Buffer.from(data), encMekSig, userClient.sigPubKey);
};

30
src/lib/server/schemas/auth.ts Normal file
View File

@@ -0,0 +1,30 @@
import { z } from "zod";
export const passwordChangeRequest = z.object({
oldPassword: z.string().trim().nonempty(),
newPassword: z.string().trim().nonempty(),
});
export type PasswordChangeRequest = z.infer<typeof passwordChangeRequest>;
export const loginRequest = z.object({
email: z.string().email(),
password: z.string().trim().nonempty(),
});
export type LoginRequest = z.infer<typeof loginRequest>;
export const sessionUpgradeRequest = z.object({
encPubKey: z.string().base64().nonempty(),
sigPubKey: z.string().base64().nonempty(),
});
export type SessionUpgradeRequest = z.infer<typeof sessionUpgradeRequest>;
export const sessionUpgradeResponse = z.object({
challenge: z.string().base64().nonempty(),
});
export type SessionUpgradeResponse = z.infer<typeof sessionUpgradeResponse>;
export const sessionUpgradeVerifyRequest = z.object({
answer: z.string().base64().nonempty(),
answerSig: z.string().base64().nonempty(),
});
export type SessionUpgradeVerifyRequest = z.infer<typeof sessionUpgradeVerifyRequest>;

54
src/lib/server/schemas/category.ts
View File

@@ -1,3 +1,55 @@
import { z } from "zod"; import { z } from "zod";
export const categoryIdSchema = z.union([z.literal("root"), z.int().positive()]); export const categoryIdSchema = z.union([z.literal("root"), z.number().int().positive()]);
export const categoryInfoResponse = z.object({
metadata: z
.object({
parent: categoryIdSchema,
mekVersion: z.number().int().positive(),
dek: z.string().base64().nonempty(),
dekVersion: z.string().datetime(),
name: z.string().base64().nonempty(),
nameIv: z.string().base64().nonempty(),
})
.optional(),
subCategories: z.number().int().positive().array(),
});
export type CategoryInfoResponse = z.infer<typeof categoryInfoResponse>;
export const categoryFileAddRequest = z.object({
file: z.number().int().positive(),
});
export type CategoryFileAddRequest = z.infer<typeof categoryFileAddRequest>;
export const categoryFileListResponse = z.object({
files: z.array(
z.object({
file: z.number().int().positive(),
isRecursive: z.boolean(),
}),
),
});
export type CategoryFileListResponse = z.infer<typeof categoryFileListResponse>;
export const categoryFileRemoveRequest = z.object({
file: z.number().int().positive(),
});
export type CategoryFileRemoveRequest = z.infer<typeof categoryFileRemoveRequest>;
export const categoryRenameRequest = z.object({
dekVersion: z.string().datetime(),
name: z.string().base64().nonempty(),
nameIv: z.string().base64().nonempty(),
});
export type CategoryRenameRequest = z.infer<typeof categoryRenameRequest>;
export const categoryCreateRequest = z.object({
parent: categoryIdSchema,
mekVersion: z.number().int().positive(),
dek: z.string().base64().nonempty(),
dekVersion: z.string().datetime(),
name: z.string().base64().nonempty(),
nameIv: z.string().base64().nonempty(),
});
export type CategoryCreateRequest = z.infer<typeof categoryCreateRequest>;

35
src/lib/server/schemas/client.ts Normal file
View File

@@ -0,0 +1,35 @@
import { z } from "zod";
export const clientListResponse = z.object({
clients: z.array(
z.object({
id: z.number().int().positive(),
state: z.enum(["pending", "active"]),
}),
),
});
export type ClientListResponse = z.infer<typeof clientListResponse>;
export const clientRegisterRequest = z.object({
encPubKey: z.string().base64().nonempty(),
sigPubKey: z.string().base64().nonempty(),
});
export type ClientRegisterRequest = z.infer<typeof clientRegisterRequest>;
export const clientRegisterResponse = z.object({
challenge: z.string().base64().nonempty(),
});
export type ClientRegisterResponse = z.infer<typeof clientRegisterResponse>;
export const clientRegisterVerifyRequest = z.object({
answer: z.string().base64().nonempty(),
answerSig: z.string().base64().nonempty(),
});
export type ClientRegisterVerifyRequest = z.infer<typeof clientRegisterVerifyRequest>;
export const clientStatusResponse = z.object({
id: z.number().int().positive(),
state: z.enum(["pending", "active"]),
isInitialMekNeeded: z.boolean(),
});
export type ClientStatusResponse = z.infer<typeof clientStatusResponse>;

40
src/lib/server/schemas/directory.ts
View File

@@ -1,3 +1,41 @@
import { z } from "zod"; import { z } from "zod";
export const directoryIdSchema = z.union([z.literal("root"), z.int().positive()]); export const directoryIdSchema = z.union([z.literal("root"), z.number().int().positive()]);
export const directoryInfoResponse = z.object({
metadata: z
.object({
parent: directoryIdSchema,
mekVersion: z.number().int().positive(),
dek: z.string().base64().nonempty(),
dekVersion: z.string().datetime(),
name: z.string().base64().nonempty(),
nameIv: z.string().base64().nonempty(),
})
.optional(),
subDirectories: z.number().int().positive().array(),
files: z.number().int().positive().array(),
});
export type DirectoryInfoResponse = z.infer<typeof directoryInfoResponse>;
export const directoryDeleteResponse = z.object({
deletedFiles: z.number().int().positive().array(),
});
export type DirectoryDeleteResponse = z.infer<typeof directoryDeleteResponse>;
export const directoryRenameRequest = z.object({
dekVersion: z.string().datetime(),
name: z.string().base64().nonempty(),
nameIv: z.string().base64().nonempty(),
});
export type DirectoryRenameRequest = z.infer<typeof directoryRenameRequest>;
export const directoryCreateRequest = z.object({
parent: directoryIdSchema,
mekVersion: z.number().int().positive(),
dek: z.string().base64().nonempty(),
dekVersion: z.string().datetime(),
name: z.string().base64().nonempty(),
nameIv: z.string().base64().nonempty(),
});
export type DirectoryCreateRequest = z.infer<typeof directoryCreateRequest>;

77
src/lib/server/schemas/file.ts
View File

@@ -2,35 +2,68 @@ import mime from "mime";
import { z } from "zod"; import { z } from "zod";
import { directoryIdSchema } from "./directory"; import { directoryIdSchema } from "./directory";
export const fileThumbnailUploadRequest = z.object({ export const fileInfoResponse = z.object({
dekVersion: z.iso.datetime(),
contentIv: z.base64().nonempty(),
});
export type FileThumbnailUploadRequest = z.input<typeof fileThumbnailUploadRequest>;
export const fileUploadRequest = z.object({
parent: directoryIdSchema, parent: directoryIdSchema,
mekVersion: z.int().positive(), mekVersion: z.number().int().positive(),
dek: z.base64().nonempty(), dek: z.string().base64().nonempty(),
dekVersion: z.iso.datetime(), dekVersion: z.string().datetime(),
hskVersion: z.int().positive(),
contentHmac: z.base64().nonempty(),
contentType: z contentType: z
.string() .string()
.trim() .trim()
.nonempty() .nonempty()
.refine((value) => mime.getExtension(value) !== null), // MIME type .refine((value) => mime.getExtension(value) !== null), // MIME type
contentIv: z.base64().nonempty(), contentIv: z.string().base64().nonempty(),
name: z.base64().nonempty(), name: z.string().base64().nonempty(),
nameIv: z.base64().nonempty(), nameIv: z.string().base64().nonempty(),
createdAt: z.base64().nonempty().optional(), createdAt: z.string().base64().nonempty().optional(),
createdAtIv: z.base64().nonempty().optional(), createdAtIv: z.string().base64().nonempty().optional(),
lastModifiedAt: z.base64().nonempty(), lastModifiedAt: z.string().base64().nonempty(),
lastModifiedAtIv: z.base64().nonempty(), lastModifiedAtIv: z.string().base64().nonempty(),
categories: z.number().int().positive().array(),
}); });
export type FileUploadRequest = z.input<typeof fileUploadRequest>; export type FileInfoResponse = z.infer<typeof fileInfoResponse>;
export const fileRenameRequest = z.object({
dekVersion: z.string().datetime(),
name: z.string().base64().nonempty(),
nameIv: z.string().base64().nonempty(),
});
export type FileRenameRequest = z.infer<typeof fileRenameRequest>;
export const duplicateFileScanRequest = z.object({
hskVersion: z.number().int().positive(),
contentHmac: z.string().base64().nonempty(),
});
export type DuplicateFileScanRequest = z.infer<typeof duplicateFileScanRequest>;
export const duplicateFileScanResponse = z.object({
files: z.number().int().positive().array(),
});
export type DuplicateFileScanResponse = z.infer<typeof duplicateFileScanResponse>;
export const fileUploadRequest = z.object({
parent: directoryIdSchema,
mekVersion: z.number().int().positive(),
dek: z.string().base64().nonempty(),
dekVersion: z.string().datetime(),
hskVersion: z.number().int().positive(),
contentHmac: z.string().base64().nonempty(),
contentType: z
.string()
.trim()
.nonempty()
.refine((value) => mime.getExtension(value) !== null), // MIME type
contentIv: z.string().base64().nonempty(),
name: z.string().base64().nonempty(),
nameIv: z.string().base64().nonempty(),
createdAt: z.string().base64().nonempty().optional(),
createdAtIv: z.string().base64().nonempty().optional(),
lastModifiedAt: z.string().base64().nonempty(),
lastModifiedAtIv: z.string().base64().nonempty(),
});
export type FileUploadRequest = z.infer<typeof fileUploadRequest>;
export const fileUploadResponse = z.object({ export const fileUploadResponse = z.object({
file: z.int().positive(), file: z.number().int().positive(),
}); });
export type FileUploadResponse = z.output<typeof fileUploadResponse>; export type FileUploadResponse = z.infer<typeof fileUploadResponse>;

19
src/lib/server/schemas/hsk.ts Normal file
View File

@@ -0,0 +1,19 @@
import { z } from "zod";
export const hmacSecretListResponse = z.object({
hsks: z.array(
z.object({
version: z.number().int().positive(),
state: z.enum(["active"]),
mekVersion: z.number().int().positive(),
hsk: z.string().base64().nonempty(),
}),
),
});
export type HmacSecretListResponse = z.infer<typeof hmacSecretListResponse>;
export const initialHmacSecretRegisterRequest = z.object({
mekVersion: z.number().int().positive(),
hsk: z.string().base64().nonempty(),
});
export type InitialHmacSecretRegisterRequest = z.infer<typeof initialHmacSecretRegisterRequest>;

5
src/lib/server/schemas/index.ts
View File

@@ -1,3 +1,8 @@
export * from "./auth";
export * from "./category"; export * from "./category";
export * from "./client";
export * from "./directory"; export * from "./directory";
export * from "./file"; export * from "./file";
export * from "./hsk";
export * from "./mek";
export * from "./user";

19
src/lib/server/schemas/mek.ts Normal file
View File

@@ -0,0 +1,19 @@
import { z } from "zod";
export const masterKeyListResponse = z.object({
meks: z.array(
z.object({
version: z.number().int().positive(),
state: z.enum(["active", "retired"]),
mek: z.string().base64().nonempty(),
mekSig: z.string().base64().nonempty(),
}),
),
});
export type MasterKeyListResponse = z.infer<typeof masterKeyListResponse>;
export const initialMasterKeyRegisterRequest = z.object({
mek: z.string().base64().nonempty(),
mekSig: z.string().base64().nonempty(),
});
export type InitialMasterKeyRegisterRequest = z.infer<typeof initialMasterKeyRegisterRequest>;

12
src/lib/server/schemas/user.ts Normal file
View File

@@ -0,0 +1,12 @@
import { z } from "zod";
export const userInfoResponse = z.object({
email: z.string().email(),
nickname: z.string().nonempty(),
});
export type UserInfoResponse = z.infer<typeof userInfoResponse>;
export const nicknameChangeRequest = z.object({
newNickname: z.string().trim().min(2).max(8),
});
export type NicknameChangeRequest = z.infer<typeof nicknameChangeRequest>;

121
src/lib/server/services/auth.ts Normal file
View File

@@ -0,0 +1,121 @@
import { error } from "@sveltejs/kit";
import argon2 from "argon2";
import { getClient, getClientByPubKeys, getUserClient } from "$lib/server/db/client";
import { IntegrityError } from "$lib/server/db/error";
import {
upgradeSession,
deleteSession,
deleteAllOtherSessions,
registerSessionUpgradeChallenge,
consumeSessionUpgradeChallenge,
} from "$lib/server/db/session";
import { getUser, getUserByEmail, setUserPassword } from "$lib/server/db/user";
import env from "$lib/server/loadenv";
import { startSession } from "$lib/server/modules/auth";
import { verifySignature, generateChallenge } from "$lib/server/modules/crypto";
const hashPassword = async (password: string) => {
return await argon2.hash(password);
};
const verifyPassword = async (hash: string, password: string) => {
return await argon2.verify(hash, password);
};
export const changePassword = async (
userId: number,
sessionId: string,
oldPassword: string,
newPassword: string,
) => {
if (oldPassword === newPassword) {
error(400, "Same passwords");
} else if (newPassword.length < 8) {
error(400, "Too short password");
}
const user = await getUser(userId);
if (!user) {
error(500, "Invalid session id");
} else if (!(await verifyPassword(user.password, oldPassword))) {
error(403, "Invalid password");
}
await setUserPassword(userId, await hashPassword(newPassword));
await deleteAllOtherSessions(userId, sessionId);
};
export const login = async (email: string, password: string, ip: string, userAgent: string) => {
const user = await getUserByEmail(email);
if (!user || !(await verifyPassword(user.password, password))) {
error(401, "Invalid email or password");
}
try {
return { sessionIdSigned: await startSession(user.id, ip, userAgent) };
} catch (e) {
if (e instanceof IntegrityError && e.message === "Session already exists") {
error(403, "Already logged in");
}
throw e;
}
};
export const logout = async (sessionId: string) => {
await deleteSession(sessionId);
};
export const createSessionUpgradeChallenge = async (
sessionId: string,
userId: number,
ip: string,
encPubKey: string,
sigPubKey: string,
) => {
const client = await getClientByPubKeys(encPubKey, sigPubKey);
const userClient = client ? await getUserClient(userId, client.id) : undefined;
if (!client) {
error(401, "Invalid public key(s)");
} else if (!userClient || userClient.state === "challenging") {
error(403, "Unregistered client");
}
const { answer, challenge } = await generateChallenge(32, encPubKey);
await registerSessionUpgradeChallenge(
sessionId,
client.id,
answer.toString("base64"),
ip,
new Date(Date.now() + env.challenge.sessionUpgradeExp),
);
return { challenge: challenge.toString("base64") };
};
export const verifySessionUpgradeChallenge = async (
sessionId: string,
ip: string,
answer: string,
answerSig: string,
) => {
const challenge = await consumeSessionUpgradeChallenge(sessionId, answer, ip);
if (!challenge) {
error(403, "Invalid challenge answer");
}
const client = await getClient(challenge.clientId);
if (!client) {
error(500, "Invalid challenge answer");
} else if (!verifySignature(Buffer.from(answer, "base64"), answerSig, client.sigPubKey)) {
error(403, "Invalid challenge answer signature");
}
try {
await upgradeSession(sessionId, client.id);
} catch (e) {
if (e instanceof IntegrityError && e.message === "Session not found") {
error(500, "Invalid challenge answer");
}
throw e;
}
};

133
src/lib/server/services/category.ts Normal file
View File

@@ -0,0 +1,133 @@
import { error } from "@sveltejs/kit";
import {
registerCategory,
getAllCategoriesByParent,
getCategory,
setCategoryEncName,
unregisterCategory,
type CategoryId,
type NewCategory,
} from "$lib/server/db/category";
import { IntegrityError } from "$lib/server/db/error";
import {
getAllFilesByCategory,
getFile,
addFileToCategory,
removeFileFromCategory,
} from "$lib/server/db/file";
import type { Ciphertext } from "$lib/server/db/schema";
export const getCategoryInformation = async (userId: number, categoryId: CategoryId) => {
const category = categoryId !== "root" ? await getCategory(userId, categoryId) : undefined;
if (category === null) {
error(404, "Invalid category id");
}
const categories = await getAllCategoriesByParent(userId, categoryId);
return {
metadata: category && {
parentId: category.parentId ?? ("root" as const),
mekVersion: category.mekVersion,
encDek: category.encDek,
dekVersion: category.dekVersion,
encName: category.encName,
},
categories: categories.map(({ id }) => id),
};
};
export const deleteCategory = async (userId: number, categoryId: number) => {
try {
await unregisterCategory(userId, categoryId);
} catch (e) {
if (e instanceof IntegrityError && e.message === "Category not found") {
error(404, "Invalid category id");
}
throw e;
}
};
export const addCategoryFile = async (userId: number, categoryId: number, fileId: number) => {
const category = await getCategory(userId, categoryId);
const file = await getFile(userId, fileId);
if (!category) {
error(404, "Invalid category id");
} else if (!file) {
error(404, "Invalid file id");
}
try {
await addFileToCategory(fileId, categoryId);
} catch (e) {
if (e instanceof IntegrityError && e.message === "File already added to category") {
error(400, "File already added");
}
throw e;
}
};
export const getCategoryFiles = async (userId: number, categoryId: number, recurse: boolean) => {
const category = await getCategory(userId, categoryId);
if (!category) {
error(404, "Invalid category id");
}
const files = await getAllFilesByCategory(userId, categoryId, recurse);
return { files };
};
export const removeCategoryFile = async (userId: number, categoryId: number, fileId: number) => {
const category = await getCategory(userId, categoryId);
const file = await getFile(userId, fileId);
if (!category) {
error(404, "Invalid category id");
} else if (!file) {
error(404, "Invalid file id");
}
try {
await removeFileFromCategory(fileId, categoryId);
} catch (e) {
if (e instanceof IntegrityError && e.message === "File not found in category") {
error(400, "File not added");
}
throw e;
}
};
export const renameCategory = async (
userId: number,
categoryId: number,
dekVersion: Date,
newEncName: Ciphertext,
) => {
try {
await setCategoryEncName(userId, categoryId, dekVersion, newEncName);
} catch (e) {
if (e instanceof IntegrityError) {
if (e.message === "Category not found") {
error(404, "Invalid category id");
} else if (e.message === "Invalid DEK version") {
error(400, "Invalid DEK version");
}
}
throw e;
}
};
export const createCategory = async (params: NewCategory) => {
const oneMinuteAgo = new Date(Date.now() - 60 * 1000);
const oneMinuteLater = new Date(Date.now() + 60 * 1000);
if (params.dekVersion <= oneMinuteAgo || params.dekVersion >= oneMinuteLater) {
error(400, "Invalid DEK version");
}
try {
await registerCategory(params);
} catch (e) {
if (e instanceof IntegrityError && e.message === "Inactive MEK version") {
error(400, "Inactive MEK version");
}
throw e;
}
};

108
src/lib/server/services/client.ts Normal file
View File

@@ -0,0 +1,108 @@
import { error } from "@sveltejs/kit";
import {
createClient,
getClient,
getClientByPubKeys,
createUserClient,
getAllUserClients,
getUserClient,
setUserClientStateToPending,
registerUserClientChallenge,
consumeUserClientChallenge,
} from "$lib/server/db/client";
import { IntegrityError } from "$lib/server/db/error";
import { verifyPubKey, verifySignature, generateChallenge } from "$lib/server/modules/crypto";
import { isInitialMekNeeded } from "$lib/server/modules/mek";
import env from "$lib/server/loadenv";
export const getUserClientList = async (userId: number) => {
const userClients = await getAllUserClients(userId);
return {
userClients: userClients.map(({ clientId, state }) => ({
id: clientId,
state: state as "pending" | "active",
})),
};
};
const expiresAt = () => new Date(Date.now() + env.challenge.userClientExp);
const createUserClientChallenge = async (
ip: string,
userId: number,
clientId: number,
encPubKey: string,
) => {
const { answer, challenge } = await generateChallenge(32, encPubKey);
await registerUserClientChallenge(userId, clientId, answer.toString("base64"), ip, expiresAt());
return challenge.toString("base64");
};
export const registerUserClient = async (
userId: number,
ip: string,
encPubKey: string,
sigPubKey: string,
) => {
const client = await getClientByPubKeys(encPubKey, sigPubKey);
if (client) {
try {
await createUserClient(userId, client.id);
return { challenge: await createUserClientChallenge(ip, userId, client.id, encPubKey) };
} catch (e) {
if (e instanceof IntegrityError && e.message === "User client already exists") {
error(409, "Client already registered");
}
throw e;
}
} else {
if (encPubKey === sigPubKey) {
error(400, "Same public keys");
} else if (!verifyPubKey(encPubKey) || !verifyPubKey(sigPubKey)) {
error(400, "Invalid public key(s)");
}
try {
const { id: clientId } = await createClient(encPubKey, sigPubKey, userId);
return { challenge: await createUserClientChallenge(ip, userId, clientId, encPubKey) };
} catch (e) {
if (e instanceof IntegrityError && e.message === "Public key(s) already registered") {
error(409, "Public key(s) already used");
}
throw e;
}
}
};
export const verifyUserClient = async (
userId: number,
ip: string,
answer: string,
answerSig: string,
) => {
const challenge = await consumeUserClientChallenge(userId, answer, ip);
if (!challenge) {
error(403, "Invalid challenge answer");
}
const client = await getClient(challenge.clientId);
if (!client) {
error(500, "Invalid challenge answer");
} else if (!verifySignature(Buffer.from(answer, "base64"), answerSig, client.sigPubKey)) {
error(403, "Invalid challenge answer signature");
}
await setUserClientStateToPending(userId, client.id);
};
export const getUserClientStatus = async (userId: number, clientId: number) => {
const userClient = await getUserClient(userId, clientId);
if (!userClient) {
error(500, "Invalid session id");
}
return {
state: userClient.state as "pending" | "active",
isInitialMekNeeded: await isInitialMekNeeded(userId),
};
};

89
src/lib/server/services/directory.ts Normal file
View File

@@ -0,0 +1,89 @@
import { error } from "@sveltejs/kit";
import { unlink } from "fs/promises";
import { IntegrityError } from "$lib/server/db/error";
import {
registerDirectory,
getAllDirectoriesByParent,
getDirectory,
setDirectoryEncName,
unregisterDirectory,
getAllFilesByParent,
type DirectoryId,
type NewDirectory,
} from "$lib/server/db/file";
import type { Ciphertext } from "$lib/server/db/schema";
export const getDirectoryInformation = async (userId: number, directoryId: DirectoryId) => {
const directory = directoryId !== "root" ? await getDirectory(userId, directoryId) : undefined;
if (directory === null) {
error(404, "Invalid directory id");
}
const directories = await getAllDirectoriesByParent(userId, directoryId);
const files = await getAllFilesByParent(userId, directoryId);
return {
metadata: directory && {
parentId: directory.parentId ?? ("root" as const),
mekVersion: directory.mekVersion,
encDek: directory.encDek,
dekVersion: directory.dekVersion,
encName: directory.encName,
},
directories: directories.map(({ id }) => id),
files: files.map(({ id }) => id),
};
};
export const deleteDirectory = async (userId: number, directoryId: number) => {
try {
const files = await unregisterDirectory(userId, directoryId);
return {
files: files.map(({ id, path }) => {
unlink(path); // Intended
return id;
}),
};
} catch (e) {
if (e instanceof IntegrityError && e.message === "Directory not found") {
error(404, "Invalid directory id");
}
throw e;
}
};
export const renameDirectory = async (
userId: number,
directoryId: number,
dekVersion: Date,
newEncName: Ciphertext,
) => {
try {
await setDirectoryEncName(userId, directoryId, dekVersion, newEncName);
} catch (e) {
if (e instanceof IntegrityError) {
if (e.message === "Directory not found") {
error(404, "Invalid directory id");
} else if (e.message === "Invalid DEK version") {
error(400, "Invalid DEK version");
}
}
throw e;
}
};
export const createDirectory = async (params: NewDirectory) => {
const oneMinuteAgo = new Date(Date.now() - 60 * 1000);
const oneMinuteLater = new Date(Date.now() + 60 * 1000);
if (params.dekVersion <= oneMinuteAgo || params.dekVersion >= oneMinuteLater) {
error(400, "Invalid DEK version");
}
try {
await registerDirectory(params);
} catch (e) {
if (e instanceof IntegrityError && e.message === "Inactive MEK version") {
error(400, "Invalid MEK version");
}
throw e;
}
};

105
src/lib/server/services/file.ts
View File

@@ -1,17 +1,59 @@
import { error } from "@sveltejs/kit"; import { error } from "@sveltejs/kit";
import { createHash } from "crypto"; import { createHash } from "crypto";
import { createReadStream, createWriteStream } from "fs"; import { createReadStream, createWriteStream } from "fs";
import { mkdir, stat } from "fs/promises"; import { mkdir, stat, unlink } from "fs/promises";
import { dirname } from "path"; import { dirname } from "path";
import { Readable } from "stream"; import { Readable } from "stream";
import { pipeline } from "stream/promises"; import { pipeline } from "stream/promises";
import { v4 as uuidv4 } from "uuid"; import { v4 as uuidv4 } from "uuid";
import { FileRepo, MediaRepo, IntegrityError } from "$lib/server/db"; import { IntegrityError } from "$lib/server/db/error";
import {
registerFile,
getAllFileIdsByContentHmac,
getFile,
setFileEncName,
unregisterFile,
getAllFileCategories,
type NewFile,
} from "$lib/server/db/file";
import type { Ciphertext } from "$lib/server/db/schema";
import env from "$lib/server/loadenv"; import env from "$lib/server/loadenv";
import { safeUnlink } from "$lib/server/modules/filesystem";
export const getFileInformation = async (userId: number, fileId: number) => {
const file = await getFile(userId, fileId);
if (!file) {
error(404, "Invalid file id");
}
const categories = await getAllFileCategories(fileId);
return {
parentId: file.parentId ?? ("root" as const),
mekVersion: file.mekVersion,
encDek: file.encDek,
dekVersion: file.dekVersion,
contentType: file.contentType,
encContentIv: file.encContentIv,
encName: file.encName,
encCreatedAt: file.encCreatedAt,
encLastModifiedAt: file.encLastModifiedAt,
categories: categories.map(({ id }) => id),
};
};
export const deleteFile = async (userId: number, fileId: number) => {
try {
const { path } = await unregisterFile(userId, fileId);
unlink(path); // Intended
} catch (e) {
if (e instanceof IntegrityError && e.message === "File not found") {
error(404, "Invalid file id");
}
throw e;
}
};
export const getFileStream = async (userId: number, fileId: number) => { export const getFileStream = async (userId: number, fileId: number) => {
const file = await FileRepo.getFile(userId, fileId); const file = await getFile(userId, fileId);
if (!file) { if (!file) {
error(404, "Invalid file id"); error(404, "Invalid file id");
} }
@@ -23,56 +65,41 @@ export const getFileStream = async (userId: number, fileId: number) => {
}; };
}; };
export const getFileThumbnailStream = async (userId: number, fileId: number) => { export const renameFile = async (
const thumbnail = await MediaRepo.getFileThumbnail(userId, fileId);
if (!thumbnail) {
error(404, "File or its thumbnail not found");
}
const { size } = await stat(thumbnail.path);
return {
encContentStream: Readable.toWeb(createReadStream(thumbnail.path)),
encContentSize: size,
};
};
export const uploadFileThumbnail = async (
userId: number, userId: number,
fileId: number, fileId: number,
dekVersion: Date, dekVersion: Date,
encContentIv: string, newEncName: Ciphertext,
encContentStream: Readable,
) => { ) => {
const path = `${env.thumbnailsPath}/${userId}/${uuidv4()}`;
await mkdir(dirname(path), { recursive: true });
try { try {
await pipeline(encContentStream, createWriteStream(path, { flags: "wx", mode: 0o600 })); await setFileEncName(userId, fileId, dekVersion, newEncName);
const oldPath = await MediaRepo.updateFileThumbnail(
userId,
fileId,
dekVersion,
path,
encContentIv,
);
safeUnlink(oldPath); // Intended
} catch (e) { } catch (e) {
await safeUnlink(path);
if (e instanceof IntegrityError) { if (e instanceof IntegrityError) {
if (e.message === "File not found") { if (e.message === "File not found") {
error(404, "File not found"); error(404, "Invalid file id");
} else if (e.message === "Invalid DEK version") { } else if (e.message === "Invalid DEK version") {
error(400, "Mismatched DEK version"); error(400, "Invalid DEK version");
} }
} }
throw e; throw e;
} }
}; };
export const scanDuplicateFiles = async (
userId: number,
hskVersion: number,
contentHmac: string,
) => {
const fileIds = await getAllFileIdsByContentHmac(userId, hskVersion, contentHmac);
return { files: fileIds.map(({ id }) => id) };
};
const safeUnlink = async (path: string) => {
await unlink(path).catch(console.error);
};
export const uploadFile = async ( export const uploadFile = async (
params: Omit<FileRepo.NewFile, "path" | "encContentHash">, params: Omit<NewFile, "path" | "encContentHash">,
encContentStream: Readable, encContentStream: Readable,
encContentHash: Promise<string>, encContentHash: Promise<string>,
) => { ) => {
@@ -104,7 +131,7 @@ export const uploadFile = async (
throw new Error("Invalid checksum"); throw new Error("Invalid checksum");
} }
const { id: fileId } = await FileRepo.registerFile({ const { id: fileId } = await registerFile({
...params, ...params,
path, path,
encContentHash: hash, encContentHash: hash,

31
src/lib/server/services/hsk.ts Normal file
View File

@@ -0,0 +1,31 @@
import { error } from "@sveltejs/kit";
import { IntegrityError } from "$lib/server/db/error";
import { registerInitialHsk, getAllValidHsks } from "$lib/server/db/hsk";
export const getHskList = async (userId: number) => {
const hsks = await getAllValidHsks(userId);
return {
encHsks: hsks.map(({ version, state, mekVersion, encHsk }) => ({
version,
state,
mekVersion,
encHsk,
})),
};
};
export const registerInitialActiveHsk = async (
userId: number,
createdBy: number,
mekVersion: number,
encHsk: string,
) => {
try {
await registerInitialHsk(userId, createdBy, mekVersion, encHsk);
} catch (e) {
if (e instanceof IntegrityError && e.message === "HSK already registered") {
error(409, "Initial HSK already registered");
}
throw e;
}
};

38
src/lib/server/services/mek.ts Normal file
View File

@@ -0,0 +1,38 @@
import { error } from "@sveltejs/kit";
import { setUserClientStateToActive } from "$lib/server/db/client";
import { IntegrityError } from "$lib/server/db/error";
import { registerInitialMek, getAllValidClientMeks } from "$lib/server/db/mek";
import { verifyClientEncMekSig } from "$lib/server/modules/mek";
export const getClientMekList = async (userId: number, clientId: number) => {
const clientMeks = await getAllValidClientMeks(userId, clientId);
return {
encMeks: clientMeks.map(({ version, state, encMek, encMekSig }) => ({
version,
state,
encMek,
encMekSig,
})),
};
};
export const registerInitialActiveMek = async (
userId: number,
createdBy: number,
encMek: string,
encMekSig: string,
) => {
if (!(await verifyClientEncMekSig(userId, createdBy, 1, encMek, encMekSig))) {
error(400, "Invalid signature");
}
try {
await registerInitialMek(userId, createdBy, encMek, encMekSig);
await setUserClientStateToActive(userId, createdBy);
} catch (e) {
if (e instanceof IntegrityError && e.message === "MEK already registered") {
error(409, "Initial MEK already registered");
}
throw e;
}
};

15
src/lib/server/services/user.ts Normal file
View File

@@ -0,0 +1,15 @@
import { error } from "@sveltejs/kit";
import { getUser, setUserNickname } from "$lib/server/db/user";
export const getUserInformation = async (userId: number) => {
const user = await getUser(userId);
if (!user) {
error(500, "Invalid session id");
}
return { email: user.email, nickname: user.nickname };
};
export const changeNickname = async (userId: number, nickname: string) => {
await setUserNickname(userId, nickname);
};

49
src/lib/services/auth.ts
View File

@@ -1,51 +1,30 @@
import { TRPCClientError } from "@trpc/client"; import { callPostApi } from "$lib/hooks";
import { encodeToBase64, decryptChallenge, signMessageRSA } from "$lib/modules/crypto"; import { encodeToBase64, decryptChallenge, signMessageRSA } from "$lib/modules/crypto";
import { trpc } from "$trpc/client"; import type {
SessionUpgradeRequest,
SessionUpgradeResponse,
SessionUpgradeVerifyRequest,
} from "$lib/server/schemas";
export const requestSessionUpgrade = async ( export const requestSessionUpgrade = async (
encryptKeyBase64: string, encryptKeyBase64: string,
decryptKey: CryptoKey, decryptKey: CryptoKey,
verifyKeyBase64: string, verifyKeyBase64: string,
signKey: CryptoKey, signKey: CryptoKey,
force = false,
) => { ) => {
let id, challenge; let res = await callPostApi<SessionUpgradeRequest>("/api/auth/upgradeSession", {
try {
({ id, challenge } = await trpc().auth.upgrade.mutate({
encPubKey: encryptKeyBase64, encPubKey: encryptKeyBase64,
sigPubKey: verifyKeyBase64, sigPubKey: verifyKeyBase64,
})); });
} catch (e) { if (!res.ok) return false;
if (e instanceof TRPCClientError && e.data?.code === "FORBIDDEN") {
return [false, "Unregistered client"] as const; const { challenge }: SessionUpgradeResponse = await res.json();
}
return [false] as const;
}
const answer = await decryptChallenge(challenge, decryptKey); const answer = await decryptChallenge(challenge, decryptKey);
const answerSig = await signMessageRSA(answer, signKey); const answerSig = await signMessageRSA(answer, signKey);
try { res = await callPostApi<SessionUpgradeVerifyRequest>("/api/auth/upgradeSession/verify", {
await trpc().auth.verifyUpgrade.mutate({ answer: encodeToBase64(answer),
id,
answerSig: encodeToBase64(answerSig), answerSig: encodeToBase64(answerSig),
force,
}); });
} catch (e) { return res.ok;
if (e instanceof TRPCClientError && e.data?.code === "CONFLICT") {
return [false, "Already logged in"] as const;
}
return [false] as const;
}
return [true] as const;
};
export const requestLogout = async () => {
try {
await trpc().auth.logout.mutate();
return true;
} catch {
// TODO: Error Handling
return false;
}
}; };

26
src/lib/services/category.ts
View File

@@ -1,6 +1,7 @@
import { callPostApi } from "$lib/hooks";
import { generateDataKey, wrapDataKey, encryptString } from "$lib/modules/crypto"; import { generateDataKey, wrapDataKey, encryptString } from "$lib/modules/crypto";
import type { CategoryCreateRequest, CategoryFileRemoveRequest } from "$lib/server/schemas";
import type { MasterKey } from "$lib/stores"; import type { MasterKey } from "$lib/stores";
import { trpc } from "$trpc/client";
export const requestCategoryCreation = async ( export const requestCategoryCreation = async (
name: string, name: string,
@@ -10,28 +11,21 @@ export const requestCategoryCreation = async (
const { dataKey, dataKeyVersion } = await generateDataKey(); const { dataKey, dataKeyVersion } = await generateDataKey();
const nameEncrypted = await encryptString(name, dataKey); const nameEncrypted = await encryptString(name, dataKey);
try { const res = await callPostApi<CategoryCreateRequest>("/api/category/create", {
await trpc().category.create.mutate({
parent: parentId, parent: parentId,
mekVersion: masterKey.version, mekVersion: masterKey.version,
dek: await wrapDataKey(dataKey, masterKey.key), dek: await wrapDataKey(dataKey, masterKey.key),
dekVersion: dataKeyVersion, dekVersion: dataKeyVersion.toISOString(),
name: nameEncrypted.ciphertext, name: nameEncrypted.ciphertext,
nameIv: nameEncrypted.iv, nameIv: nameEncrypted.iv,
}); });
return true; return res.ok;
} catch {
// TODO: Error Handling
return false;
}
}; };
export const requestFileRemovalFromCategory = async (fileId: number, categoryId: number) => { export const requestFileRemovalFromCategory = async (fileId: number, categoryId: number) => {
try { const res = await callPostApi<CategoryFileRemoveRequest>(
await trpc().category.removeFile.mutate({ id: categoryId, file: fileId }); `/api/category/${categoryId}/file/remove`,
return true; { file: fileId },
} catch { );
// TODO: Error Handling return res.ok;
return false;
}
}; };

87
src/lib/services/file.ts
View File

@@ -1,87 +0,0 @@
import { getAllFileInfos } from "$lib/indexedDB/filesystem";
import { decryptData } from "$lib/modules/crypto";
import {
getFileCache,
storeFileCache,
deleteFileCache,
getFileThumbnailCache,
storeFileThumbnailCache,
deleteFileThumbnailCache,
downloadFile,
} from "$lib/modules/file";
import { getThumbnailUrl } from "$lib/modules/thumbnail";
import type { FileThumbnailUploadRequest } from "$lib/server/schemas";
import { trpc } from "$trpc/client";
export const requestFileDownload = async (
fileId: number,
fileEncryptedIv: string,
dataKey: CryptoKey,
) => {
const cache = await getFileCache(fileId);
if (cache) return cache;
const fileBuffer = await downloadFile(fileId, fileEncryptedIv, dataKey);
storeFileCache(fileId, fileBuffer); // Intended
return fileBuffer;
};
export const requestFileThumbnailUpload = async (
fileId: number,
dataKeyVersion: Date,
thumbnailEncrypted: { ciphertext: ArrayBuffer; iv: string },
) => {
const form = new FormData();
form.set(
"metadata",
JSON.stringify({
dekVersion: dataKeyVersion.toISOString(),
contentIv: thumbnailEncrypted.iv,
} satisfies FileThumbnailUploadRequest),
);
form.set("content", new Blob([thumbnailEncrypted.ciphertext]));
return await fetch(`/api/file/${fileId}/thumbnail/upload`, { method: "POST", body: form });
};
export const requestFileThumbnailDownload = async (fileId: number, dataKey?: CryptoKey) => {
const cache = await getFileThumbnailCache(fileId);
if (cache || !dataKey) return cache;
let thumbnailInfo;
try {
thumbnailInfo = await trpc().file.thumbnail.query({ id: fileId });
} catch {
// TODO: Error Handling
return null;
}
const { contentIv: thumbnailEncryptedIv } = thumbnailInfo;
const res = await fetch(`/api/file/${fileId}/thumbnail/download`);
if (!res.ok) return null;
const thumbnailEncrypted = await res.arrayBuffer();
const thumbnailBuffer = await decryptData(thumbnailEncrypted, thumbnailEncryptedIv, dataKey);
storeFileThumbnailCache(fileId, thumbnailBuffer); // Intended
return getThumbnailUrl(thumbnailBuffer);
};
export const requestDeletedFilesCleanup = async () => {
let liveFiles;
try {
liveFiles = await trpc().file.list.query();
} catch {
// TODO: Error Handling
return;
}
const liveFilesSet = new Set(liveFiles);
const maybeCachedFiles = await getAllFileInfos();
await Promise.all(
maybeCachedFiles
.filter(({ id }) => !liveFilesSet.has(id))
.flatMap(({ id }) => [deleteFileCache(id), deleteFileThumbnailCache(id)]),
);
};

103
src/lib/services/key.ts
View File

@@ -1,17 +1,19 @@
import { TRPCClientError } from "@trpc/client"; import { callGetApi, callPostApi } from "$lib/hooks";
import { storeMasterKeys } from "$lib/indexedDB"; import { storeMasterKeys } from "$lib/indexedDB";
import { import {
encodeToBase64, encodeToBase64,
exportRSAKeyToBase64,
decryptChallenge, decryptChallenge,
signMessageRSA, signMessageRSA,
unwrapMasterKey, unwrapMasterKey,
signMasterKeyWrapped,
verifyMasterKeyWrapped, verifyMasterKeyWrapped,
} from "$lib/modules/crypto"; } from "$lib/modules/crypto";
import { requestSessionUpgrade } from "$lib/services/auth"; import type {
import { masterKeyStore, type ClientKeys } from "$lib/stores"; ClientRegisterRequest,
import { trpc } from "$trpc/client"; ClientRegisterResponse,
ClientRegisterVerifyRequest,
MasterKeyListResponse,
} from "$lib/server/schemas";
import { masterKeyStore } from "$lib/stores";
export const requestClientRegistration = async ( export const requestClientRegistration = async (
encryptKeyBase64: string, encryptKeyBase64: string,
@@ -19,62 +21,28 @@ export const requestClientRegistration = async (
verifyKeyBase64: string, verifyKeyBase64: string,
signKey: CryptoKey, signKey: CryptoKey,
) => { ) => {
try { let res = await callPostApi<ClientRegisterRequest>("/api/client/register", {
const { id, challenge } = await trpc().client.register.mutate({
encPubKey: encryptKeyBase64, encPubKey: encryptKeyBase64,
sigPubKey: verifyKeyBase64, sigPubKey: verifyKeyBase64,
}); });
if (!res.ok) return false;
const { challenge }: ClientRegisterResponse = await res.json();
const answer = await decryptChallenge(challenge, decryptKey); const answer = await decryptChallenge(challenge, decryptKey);
const answerSig = await signMessageRSA(answer, signKey); const answerSig = await signMessageRSA(answer, signKey);
await trpc().client.verify.mutate({
id, res = await callPostApi<ClientRegisterVerifyRequest>("/api/client/register/verify", {
answer: encodeToBase64(answer),
answerSig: encodeToBase64(answerSig), answerSig: encodeToBase64(answerSig),
}); });
return true; return res.ok;
} catch {
// TODO: Error Handling
return false;
}
};
export const requestClientRegistrationAndSessionUpgrade = async (
{ encryptKey, decryptKey, signKey, verifyKey }: ClientKeys,
force: boolean,
) => {
const encryptKeyBase64 = await exportRSAKeyToBase64(encryptKey);
const verifyKeyBase64 = await exportRSAKeyToBase64(verifyKey);
const [res, error] = await requestSessionUpgrade(
encryptKeyBase64,
decryptKey,
verifyKeyBase64,
signKey,
force,
);
if (error === undefined) return [res] as const;
if (
error === "Unregistered client" &&
!(await requestClientRegistration(encryptKeyBase64, decryptKey, verifyKeyBase64, signKey))
) {
return [false] as const;
} else if (error === "Already logged in") {
return [false, force ? undefined : error] as const;
}
return [
(await requestSessionUpgrade(encryptKeyBase64, decryptKey, verifyKeyBase64, signKey))[0],
] as const;
}; };
export const requestMasterKeyDownload = async (decryptKey: CryptoKey, verifyKey: CryptoKey) => { export const requestMasterKeyDownload = async (decryptKey: CryptoKey, verifyKey: CryptoKey) => {
let masterKeysWrapped; const res = await callGetApi("/api/mek/list");
try { if (!res.ok) return false;
masterKeysWrapped = await trpc().mek.list.query();
} catch {
// TODO: Error Handling
return false;
}
const { meks: masterKeysWrapped }: MasterKeyListResponse = await res.json();
const masterKeys = await Promise.all( const masterKeys = await Promise.all(
masterKeysWrapped.map( masterKeysWrapped.map(
async ({ version, state, mek: masterKeyWrapped, mekSig: masterKeyWrappedSig }) => { async ({ version, state, mek: masterKeyWrapped, mekSig: masterKeyWrappedSig }) => {
@@ -100,36 +68,3 @@ export const requestMasterKeyDownload = async (decryptKey: CryptoKey, verifyKey:
return true; return true;
}; };
export const requestInitialMasterKeyAndHmacSecretRegistration = async (
masterKeyWrapped: string,
hmacSecretWrapped: string,
signKey: CryptoKey,
) => {
try {
await trpc().mek.registerInitial.mutate({
mek: masterKeyWrapped,
mekSig: await signMasterKeyWrapped(masterKeyWrapped, 1, signKey),
});
} catch (e) {
if (
e instanceof TRPCClientError &&
(e.data?.code === "FORBIDDEN" || e.data?.code === "CONFLICT")
) {
return true;
}
// TODO: Error Handling
return false;
}
try {
await trpc().hsk.registerInitial.mutate({
mekVersion: 1,
hsk: hmacSecretWrapped,
});
return true;
} catch {
// TODO: Error Handling
return false;
}
};

3
src/lib/utils/index.ts
View File

@@ -1,3 +0,0 @@
export * from "./format";
export * from "./gotoStateful";
export * from "./sort";

57
src/lib/utils/sort.ts
View File

@@ -1,57 +0,0 @@
interface SortEntry {
name?: string;
date?: Date;
}
export enum SortBy {
NAME_ASC,
NAME_DESC,
DATE_ASC,
DATE_DESC,
}
type SortFunc = (a: SortEntry, b: SortEntry) => number;
const collator = new Intl.Collator(undefined, { numeric: true, sensitivity: "base" });
const sortByNameAsc: SortFunc = ({ name: a }, { name: b }) => {
if (a && b) return collator.compare(a, b);
if (a) return -1;
if (b) return 1;
return 0;
};
const sortByNameDesc: SortFunc = (a, b) => -sortByNameAsc(a, b);
const sortByDateAsc: SortFunc = ({ date: a }, { date: b }) => {
if (a && b) return a.getTime() - b.getTime();
if (a) return -1;
if (b) return 1;
return 0;
};
const sortByDateDesc: SortFunc = (a, b) => -sortByDateAsc(a, b);
export const sortEntries = <T extends SortEntry>(entries: T[], sortBy: SortBy) => {
let sortFunc: SortFunc;
switch (sortBy) {
case SortBy.NAME_ASC:
sortFunc = sortByNameAsc;
break;
case SortBy.NAME_DESC:
sortFunc = sortByNameDesc;
break;
case SortBy.DATE_ASC:
sortFunc = sortByDateAsc;
break;
case SortBy.DATE_DESC:
sortFunc = sortByDateDesc;
break;
default:
const exhaustive: never = sortBy;
sortFunc = exhaustive;
}
entries.sort(sortFunc);
};

7
src/routes/(fullscreen)/auth/changePassword/+page.svelte
View File

@@ -6,14 +6,8 @@
let oldPassword = $state(""); let oldPassword = $state("");
let newPassword = $state(""); let newPassword = $state("");
let confirmPassword = $state("");
const changePassword = async () => { const changePassword = async () => {
if (newPassword !== confirmPassword) {
// TODO: Alert
return;
}
if (await requestPasswordChange(oldPassword, newPassword)) { if (await requestPasswordChange(oldPassword, newPassword)) {
await goto("/menu"); await goto("/menu");
} }
@@ -36,7 +30,6 @@
<TextInput bind:value={oldPassword} placeholder="기존 비밀번호" type="password" /> <TextInput bind:value={oldPassword} placeholder="기존 비밀번호" type="password" />
<TextInput bind:value={newPassword} placeholder="새 비밀번호" type="password" /> <TextInput bind:value={newPassword} placeholder="새 비밀번호" type="password" />
<TextInput bind:value={confirmPassword} placeholder="새 비밀번호 확인" type="password" />
</TitledDiv> </TitledDiv>
<BottomDiv> <BottomDiv>
<Button onclick={changePassword} class="w-full">비밀번호 바꾸기</Button> <Button onclick={changePassword} class="w-full">비밀번호 바꾸기</Button>

15
src/routes/(fullscreen)/auth/changePassword/service.ts
View File

@@ -1,11 +1,10 @@
import { trpc } from "$trpc/client"; import { callPostApi } from "$lib/hooks";
import type { PasswordChangeRequest } from "$lib/server/schemas";
export const requestPasswordChange = async (oldPassword: string, newPassword: string) => { export const requestPasswordChange = async (oldPassword: string, newPassword: string) => {
try { const res = await callPostApi<PasswordChangeRequest>("/api/auth/changePassword", {
await trpc().auth.changePassword.mutate({ oldPassword, newPassword }); oldPassword,
return true; newPassword,
} catch { });
// TODO: Error Handling return res.ok;
return false;
}
}; };

61
src/routes/(fullscreen)/auth/login/+page.svelte
View File

@@ -2,57 +2,18 @@
import { goto } from "$app/navigation"; import { goto } from "$app/navigation";
import { BottomDiv, Button, FullscreenDiv, TextButton, TextInput } from "$lib/components/atoms"; import { BottomDiv, Button, FullscreenDiv, TextButton, TextInput } from "$lib/components/atoms";
import { TitledDiv } from "$lib/components/molecules"; import { TitledDiv } from "$lib/components/molecules";
import { ForceLoginModal } from "$lib/components/organisms";
import { clientKeyStore, masterKeyStore } from "$lib/stores"; import { clientKeyStore, masterKeyStore } from "$lib/stores";
import { import { requestLogin, requestSessionUpgrade, requestMasterKeyDownload } from "./service";
requestLogin,
requestClientRegistrationAndSessionUpgrade,
requestMasterKeyDownload,
requestDeletedFilesCleanup,
requestLogout,
} from "./service";
let { data } = $props(); let { data } = $props();
let email = $state(""); let email = $state("");
let password = $state(""); let password = $state("");
let isForceLoginModalOpen = $state(false);
const redirect = async (url: string) => { const redirect = async (url: string) => {
return await goto(`${url}?redirect=${encodeURIComponent(data.redirectPath)}`); return await goto(`${url}?redirect=${encodeURIComponent(data.redirectPath)}`);
}; };
const upgradeSession = async (force: boolean) => {
try {
const [upgradeRes, upgradeError] = await requestClientRegistrationAndSessionUpgrade(
$clientKeyStore!,
force,
);
if (!force && upgradeError === "Already logged in") {
isForceLoginModalOpen = true;
return;
} else if (!upgradeRes) {
throw new Error("Failed to upgrade session");
}
// TODO: Multi-user support
if (
$masterKeyStore ||
(await requestMasterKeyDownload($clientKeyStore!.decryptKey, $clientKeyStore!.verifyKey))
) {
await requestDeletedFilesCleanup();
await goto(data.redirectPath);
} else {
await redirect("/client/pending");
}
} catch (e) {
// TODO
throw e;
}
};
const login = async () => { const login = async () => {
// TODO: Validation // TODO: Validation
@@ -61,7 +22,19 @@
if (!$clientKeyStore) return await redirect("/key/generate"); if (!$clientKeyStore) return await redirect("/key/generate");
await upgradeSession(false); if (!(await requestSessionUpgrade($clientKeyStore)))
throw new Error("Failed to upgrade session");
// TODO: Multi-user support
if (
$masterKeyStore ||
(await requestMasterKeyDownload($clientKeyStore.decryptKey, $clientKeyStore.verifyKey))
) {
await goto(data.redirectPath);
} else {
await redirect("/client/pending");
}
} catch (e) { } catch (e) {
// TODO: Alert // TODO: Alert
throw e; throw e;
@@ -90,9 +63,3 @@
<TextButton>계정이 없어요</TextButton> <TextButton>계정이 없어요</TextButton>
</BottomDiv> </BottomDiv>
</FullscreenDiv> </FullscreenDiv>
<ForceLoginModal
bind:isOpen={isForceLoginModalOpen}
oncancel={requestLogout}
onLoginClick={() => upgradeSession(true)}
/>

41
src/routes/(fullscreen)/auth/login/service.ts
View File

@@ -1,18 +1,37 @@
import { trpc } from "$trpc/client"; import { callPostApi } from "$lib/hooks";
import { exportRSAKeyToBase64 } from "$lib/modules/crypto";
import type { LoginRequest } from "$lib/server/schemas";
import { requestSessionUpgrade as requestSessionUpgradeInternal } from "$lib/services/auth";
import { requestClientRegistration } from "$lib/services/key";
import type { ClientKeys } from "$lib/stores";
export { requestLogout } from "$lib/services/auth"; export { requestMasterKeyDownload } from "$lib/services/key";
export { requestDeletedFilesCleanup } from "$lib/services/file";
export {
requestClientRegistrationAndSessionUpgrade,
requestMasterKeyDownload,
} from "$lib/services/key";
export const requestLogin = async (email: string, password: string) => { export const requestLogin = async (email: string, password: string) => {
try { const res = await callPostApi<LoginRequest>("/api/auth/login", { email, password });
await trpc().auth.login.mutate({ email, password }); return res.ok;
};
export const requestSessionUpgrade = async ({
encryptKey,
decryptKey,
signKey,
verifyKey,
}: ClientKeys) => {
const encryptKeyBase64 = await exportRSAKeyToBase64(encryptKey);
const verifyKeyBase64 = await exportRSAKeyToBase64(verifyKey);
if (await requestSessionUpgradeInternal(encryptKeyBase64, decryptKey, verifyKeyBase64, signKey)) {
return true; return true;
} catch { }
// TODO: Error Handling
if (await requestClientRegistration(encryptKeyBase64, decryptKey, verifyKeyBase64, signKey)) {
return await requestSessionUpgradeInternal(
encryptKeyBase64,
decryptKey,
verifyKeyBase64,
signKey,
);
} else {
return false; return false;
} }
}; };

62
src/routes/(fullscreen)/file/[id]/+page.svelte
View File

@@ -3,7 +3,6 @@
import { untrack } from "svelte"; import { untrack } from "svelte";
import { get, type Writable } from "svelte/store"; import { get, type Writable } from "svelte/store";
import { goto } from "$app/navigation"; import { goto } from "$app/navigation";
import { page } from "$app/state";
import { FullscreenDiv } from "$lib/components/atoms"; import { FullscreenDiv } from "$lib/components/atoms";
import { Categories, IconEntryButton, TopBar } from "$lib/components/molecules"; import { Categories, IconEntryButton, TopBar } from "$lib/components/molecules";
import { import {
@@ -12,20 +11,15 @@
type FileInfo, type FileInfo,
type CategoryInfo, type CategoryInfo,
} from "$lib/modules/filesystem"; } from "$lib/modules/filesystem";
import { captureVideoThumbnail } from "$lib/modules/thumbnail";
import { fileDownloadStatusStore, isFileDownloading, masterKeyStore } from "$lib/stores"; import { fileDownloadStatusStore, isFileDownloading, masterKeyStore } from "$lib/stores";
import AddToCategoryBottomSheet from "./AddToCategoryBottomSheet.svelte"; import AddToCategoryBottomSheet from "./AddToCategoryBottomSheet.svelte";
import DownloadStatus from "./DownloadStatus.svelte"; import DownloadStatus from "./DownloadStatus.svelte";
import { import {
requestFileRemovalFromCategory, requestFileRemovalFromCategory,
requestFileDownload, requestFileDownload,
requestThumbnailUpload,
requestFileAdditionToCategory, requestFileAdditionToCategory,
} from "./service"; } from "./service";
import TopBarMenu from "./TopBarMenu.svelte";
import IconMoreVert from "~icons/material-symbols/more-vert";
import IconCamera from "~icons/material-symbols/camera";
import IconClose from "~icons/material-symbols/close"; import IconClose from "~icons/material-symbols/close";
import IconAddCircle from "~icons/material-symbols/add-circle"; import IconAddCircle from "~icons/material-symbols/add-circle";
@@ -34,7 +28,6 @@
let info: Writable<FileInfo | null> | undefined = $state(); let info: Writable<FileInfo | null> | undefined = $state();
let categories: Writable<CategoryInfo | null>[] = $state([]); let categories: Writable<CategoryInfo | null>[] = $state([]);
let isMenuOpen = $state(false);
let isAddToCategoryBottomSheetOpen = $state(false); let isAddToCategoryBottomSheetOpen = $state(false);
let downloadStatus = $derived( let downloadStatus = $derived(
@@ -46,31 +39,20 @@
let isDownloadRequested = $state(false); let isDownloadRequested = $state(false);
let viewerType: "image" | "video" | undefined = $state(); let viewerType: "image" | "video" | undefined = $state();
let fileBlob: Blob | undefined = $state();
let fileBlobUrl: string | undefined = $state(); let fileBlobUrl: string | undefined = $state();
let videoElement: HTMLVideoElement | undefined = $state();
const updateViewer = async (buffer: ArrayBuffer, contentType: string) => { const updateViewer = async (buffer: ArrayBuffer, contentType: string) => {
fileBlob = new Blob([buffer], { type: contentType }); const fileBlob = new Blob([buffer], { type: contentType });
fileBlobUrl = URL.createObjectURL(fileBlob); if (contentType === "image/heic") {
return fileBlob;
};
const convertHeicToJpeg = async () => {
if (fileBlob?.type !== "image/heic") return;
URL.revokeObjectURL(fileBlobUrl!);
fileBlobUrl = undefined;
const { default: heic2any } = await import("heic2any"); const { default: heic2any } = await import("heic2any");
fileBlobUrl = URL.createObjectURL( fileBlobUrl = URL.createObjectURL(
(await heic2any({ blob: fileBlob, toType: "image/jpeg" })) as Blob, (await heic2any({ blob: fileBlob, toType: "image/jpeg" })) as Blob,
); );
}; } else if (viewerType) {
fileBlobUrl = URL.createObjectURL(fileBlob);
}
const updateThumbnail = async (dataKey: CryptoKey, dataKeyVersion: Date) => { return fileBlob;
const thumbnail = await captureVideoThumbnail(videoElement!);
await requestThumbnailUpload(data.id, thumbnail, dataKey, dataKeyVersion);
}; };
const addToCategory = async (categoryId: number) => { const addToCategory = async (categoryId: number) => {
@@ -133,24 +115,7 @@
<title>파일</title> <title>파일</title>
</svelte:head> </svelte:head>
<TopBar title={$info?.name}> <TopBar title={$info?.name} />
<!-- svelte-ignore a11y_no_static_element_interactions -->
<!-- svelte-ignore a11y_click_events_have_key_events -->
<div onclick={(e) => e.stopPropagation()}>
<button
onclick={() => (isMenuOpen = !isMenuOpen)}
class="w-[2.3rem] flex-shrink-0 rounded-full p-1 active:bg-black active:bg-opacity-[0.04]"
>
<IconMoreVert class="text-2xl" />
</button>
<TopBarMenu
bind:isOpen={isMenuOpen}
directoryId={page.url.searchParams.get("from") === "category" ? $info?.parentId : undefined}
{fileBlob}
filename={$info?.name}
/>
</div>
</TopBar>
<FullscreenDiv> <FullscreenDiv>
<div class="space-y-4 pb-4"> <div class="space-y-4 pb-4">
<DownloadStatus status={downloadStatus} /> <DownloadStatus status={downloadStatus} />
@@ -162,23 +127,14 @@
{#if viewerType === "image"} {#if viewerType === "image"}
{#if fileBlobUrl} {#if fileBlobUrl}
<img src={fileBlobUrl} alt={$info.name} onerror={convertHeicToJpeg} /> <img src={fileBlobUrl} alt={$info.name} />
{:else} {:else}
{@render viewerLoading("이미지를 불러오고 있어요.")} {@render viewerLoading("이미지를 불러오고 있어요.")}
{/if} {/if}
{:else if viewerType === "video"} {:else if viewerType === "video"}
{#if fileBlobUrl} {#if fileBlobUrl}
<div class="flex flex-col space-y-2">
<!-- svelte-ignore a11y_media_has_caption --> <!-- svelte-ignore a11y_media_has_caption -->
<video bind:this={videoElement} src={fileBlobUrl} controls muted></video> <video src={fileBlobUrl} controls></video>
<IconEntryButton
icon={IconCamera}
onclick={() => updateThumbnail($info.dataKey!, $info.dataKeyVersion!)}
class="w-full"
>
이 장면을 썸네일로 설정하기
</IconEntryButton>
</div>
{:else} {:else}
{@render viewerLoading("비디오를 불러오고 있어요.")} {@render viewerLoading("비디오를 불러오고 있어요.")}
{/if} {/if}

2
src/routes/(fullscreen)/file/[id]/DownloadStatus.svelte
View File

@@ -1,7 +1,7 @@
<script lang="ts"> <script lang="ts">
import type { Writable } from "svelte/store"; import type { Writable } from "svelte/store";
import { formatNetworkSpeed } from "$lib/modules/util";
import { isFileDownloading, type FileDownloadStatus } from "$lib/stores"; import { isFileDownloading, type FileDownloadStatus } from "$lib/stores";
import { formatNetworkSpeed } from "$lib/utils";
interface Props { interface Props {
status?: Writable<FileDownloadStatus>; status?: Writable<FileDownloadStatus>;

59
src/routes/(fullscreen)/file/[id]/TopBarMenu.svelte
View File

@@ -1,59 +0,0 @@
<script lang="ts">
import FileSaver from "file-saver";
import type { Component } from "svelte";
import type { SvelteHTMLElements } from "svelte/elements";
import { fly } from "svelte/transition";
import { goto } from "$app/navigation";
import IconFolderOpen from "~icons/material-symbols/folder-open";
import IconCloudDownload from "~icons/material-symbols/cloud-download";
interface Props {
directoryId?: "root" | number;
fileBlob?: Blob;
filename?: string;
isOpen: boolean;
}
let { directoryId, fileBlob, filename, isOpen = $bindable() }: Props = $props();
</script>
<svelte:window onclick={() => (isOpen = false)} />
{#if isOpen && (directoryId || fileBlob)}
<div
class="absolute right-2 top-full z-20 space-y-1 rounded-lg bg-white px-1 py-2 shadow-2xl"
transition:fly={{ y: -8, duration: 200 }}
>
<p class="px-3 pt-2 text-sm font-semibold text-gray-600">더보기</p>
<div class="flex flex-col">
{#snippet menuButton(
Icon: Component<SvelteHTMLElements["svg"]>,
text: string,
onclick: () => void,
)}
<button {onclick} class="rounded-xl active:bg-gray-100">
<div
class="flex items-center gap-x-3 px-3 py-2 text-lg text-gray-700 transition active:scale-95"
>
<Icon />
<p class="font-medium">{text}</p>
</div>
</button>
{/snippet}
{#if directoryId}
{@render menuButton(IconFolderOpen, "폴더에서 보기", () =>
goto(
directoryId === "root" ? "/directory?from=file" : `/directory/${directoryId}?from=file`,
),
)}
{/if}
{#if fileBlob}
{@render menuButton(IconCloudDownload, "다운로드", () => {
FileSaver.saveAs(fileBlob, filename);
})}
{/if}
</div>
</div>
{/if}

35
src/routes/(fullscreen)/file/[id]/service.ts
View File

@@ -1,32 +1,25 @@
import { encryptData } from "$lib/modules/crypto"; import { callPostApi } from "$lib/hooks";
import { storeFileThumbnailCache } from "$lib/modules/file"; import { getFileCache, storeFileCache, downloadFile } from "$lib/modules/file";
import { requestFileThumbnailUpload } from "$lib/services/file"; import type { CategoryFileAddRequest } from "$lib/server/schemas";
import { trpc } from "$trpc/client";
export { requestCategoryCreation, requestFileRemovalFromCategory } from "$lib/services/category"; export { requestCategoryCreation, requestFileRemovalFromCategory } from "$lib/services/category";
export { requestFileDownload } from "$lib/services/file";
export const requestThumbnailUpload = async ( export const requestFileDownload = async (
fileId: number, fileId: number,
thumbnail: Blob, fileEncryptedIv: string,
dataKey: CryptoKey, dataKey: CryptoKey,
dataKeyVersion: Date,
) => { ) => {
const thumbnailBuffer = await thumbnail.arrayBuffer(); const cache = await getFileCache(fileId);
const thumbnailEncrypted = await encryptData(thumbnailBuffer, dataKey); if (cache) return cache;
const res = await requestFileThumbnailUpload(fileId, dataKeyVersion, thumbnailEncrypted);
if (!res.ok) return false;
storeFileThumbnailCache(fileId, thumbnailBuffer); // Intended const fileBuffer = await downloadFile(fileId, fileEncryptedIv, dataKey);
return true; storeFileCache(fileId, fileBuffer); // Intended
return fileBuffer;
}; };
export const requestFileAdditionToCategory = async (fileId: number, categoryId: number) => { export const requestFileAdditionToCategory = async (fileId: number, categoryId: number) => {
try { const res = await callPostApi<CategoryFileAddRequest>(`/api/category/${categoryId}/file/add`, {
await trpc().category.addFile.mutate({ id: categoryId, file: fileId }); file: fileId,
return true; });
} catch { return res.ok;
// TODO: Error Handling
return false;
}
}; };

2
src/routes/(fullscreen)/file/downloads/File.svelte
View File

@@ -1,8 +1,8 @@
<script lang="ts"> <script lang="ts">
import { get, type Writable } from "svelte/store"; import { get, type Writable } from "svelte/store";
import { getFileInfo, type FileInfo } from "$lib/modules/filesystem"; import { getFileInfo, type FileInfo } from "$lib/modules/filesystem";
import { formatNetworkSpeed } from "$lib/modules/util";
import { masterKeyStore, type FileDownloadStatus } from "$lib/stores"; import { masterKeyStore, type FileDownloadStatus } from "$lib/stores";
import { formatNetworkSpeed } from "$lib/utils";
import IconCloud from "~icons/material-symbols/cloud"; import IconCloud from "~icons/material-symbols/cloud";
import IconCloudDownload from "~icons/material-symbols/cloud-download"; import IconCloudDownload from "~icons/material-symbols/cloud-download";

2
src/routes/(fullscreen)/file/uploads/File.svelte
View File

@@ -1,7 +1,7 @@
<script lang="ts"> <script lang="ts">
import type { Writable } from "svelte/store"; import type { Writable } from "svelte/store";
import { formatNetworkSpeed } from "$lib/modules/util";
import type { FileUploadStatus } from "$lib/stores"; import type { FileUploadStatus } from "$lib/stores";
import { formatNetworkSpeed } from "$lib/utils";
import IconPending from "~icons/material-symbols/pending"; import IconPending from "~icons/material-symbols/pending";
import IconLockClock from "~icons/material-symbols/lock-clock"; import IconLockClock from "~icons/material-symbols/lock-clock";

26
src/routes/(fullscreen)/gallery/+page.svelte
View File

@@ -1,26 +0,0 @@
<script lang="ts">
import type { Writable } from "svelte/store";
import { goto } from "$app/navigation";
import { FullscreenDiv } from "$lib/components/atoms";
import { TopBar } from "$lib/components/molecules";
import { Gallery } from "$lib/components/organisms";
import { getFileInfo, type FileInfo } from "$lib/modules/filesystem";
import { masterKeyStore } from "$lib/stores";
let { data } = $props();
let files: Writable<FileInfo | null>[] = $state([]);
$effect(() => {
files = data.files.map((file) => getFileInfo(file, $masterKeyStore?.get(1)?.key!));
});
</script>
<svelte:head>
<title>사진 및 동영상</title>
</svelte:head>
<TopBar title="사진 및 동영상" />
<FullscreenDiv>
<Gallery {files} onFileClick={({ id }) => goto(`/file/${id}`)} />
</FullscreenDiv>

7
src/routes/(fullscreen)/gallery/+page.ts
View File

@@ -1,7 +0,0 @@
import { trpc } from "$trpc/client";
import type { PageLoad } from "./$types";
export const load: PageLoad = async ({ fetch }) => {
const files = await trpc(fetch).file.list.query();
return { files };
};

20
src/routes/(fullscreen)/key/export/+page.svelte
View File

@@ -3,12 +3,13 @@
import { goto } from "$app/navigation"; import { goto } from "$app/navigation";
import { BottomDiv, Button, FullscreenDiv, TextButton } from "$lib/components/atoms"; import { BottomDiv, Button, FullscreenDiv, TextButton } from "$lib/components/atoms";
import { TitledDiv } from "$lib/components/molecules"; import { TitledDiv } from "$lib/components/molecules";
import { serializeClientKeys, storeClientKeys } from "$lib/modules/key";
import { clientKeyStore } from "$lib/stores"; import { clientKeyStore } from "$lib/stores";
import BeforeContinueBottomSheet from "./BeforeContinueBottomSheet.svelte"; import BeforeContinueBottomSheet from "./BeforeContinueBottomSheet.svelte";
import BeforeContinueModal from "./BeforeContinueModal.svelte"; import BeforeContinueModal from "./BeforeContinueModal.svelte";
import { import {
serializeClientKeys,
requestClientRegistration, requestClientRegistration,
storeClientKeys,
requestSessionUpgrade, requestSessionUpgrade,
requestInitialMasterKeyAndHmacSecretRegistration, requestInitialMasterKeyAndHmacSecretRegistration,
} from "./service"; } from "./service";
@@ -21,8 +22,15 @@
let isBeforeContinueBottomSheetOpen = $state(false); let isBeforeContinueBottomSheetOpen = $state(false);
const exportClientKeys = () => { const exportClientKeys = () => {
const clientKeysSerialized = serializeClientKeys(data); const clientKeysSerialized = serializeClientKeys(
const clientKeysBlob = new Blob([clientKeysSerialized], { type: "application/json" }); data.encryptKeyBase64,
data.decryptKeyBase64,
data.signKeyBase64,
data.verifyKeyBase64,
);
const clientKeysBlob = new Blob([JSON.stringify(clientKeysSerialized)], {
type: "application/json",
});
FileSaver.saveAs(clientKeysBlob, "arkvault-clientkey.json"); FileSaver.saveAs(clientKeysBlob, "arkvault-clientkey.json");
if (!isBeforeContinueBottomSheetOpen) { if (!isBeforeContinueBottomSheetOpen) {
@@ -51,14 +59,12 @@
await storeClientKeys($clientKeyStore); await storeClientKeys($clientKeyStore);
if ( if (
!( !(await requestSessionUpgrade(
await requestSessionUpgrade(
data.encryptKeyBase64, data.encryptKeyBase64,
$clientKeyStore.decryptKey, $clientKeyStore.decryptKey,
data.verifyKeyBase64, data.verifyKeyBase64,
$clientKeyStore.signKey, $clientKeyStore.signKey,
) ))
)[0]
) )
throw new Error("Failed to upgrade session"); throw new Error("Failed to upgrade session");

2
src/routes/(fullscreen)/key/export/+page.ts
View File

@@ -1,5 +1,5 @@
import { error } from "@sveltejs/kit"; import { error } from "@sveltejs/kit";
import { keyExportState } from "$lib/utils"; import { keyExportState } from "$lib/hooks/gotoStateful";
import type { PageLoad } from "./$types"; import type { PageLoad } from "./$types";
export const load: PageLoad = async () => { export const load: PageLoad = async () => {

71
src/routes/(fullscreen)/key/export/service.ts
View File

@@ -1,5 +1,68 @@
import { callPostApi } from "$lib/hooks";
import { storeClientKey } from "$lib/indexedDB";
import { signMasterKeyWrapped } from "$lib/modules/crypto";
import type {
InitialMasterKeyRegisterRequest,
InitialHmacSecretRegisterRequest,
} from "$lib/server/schemas";
import type { ClientKeys } from "$lib/stores";
export { requestSessionUpgrade } from "$lib/services/auth"; export { requestSessionUpgrade } from "$lib/services/auth";
export { export { requestClientRegistration } from "$lib/services/key";
requestClientRegistration,
requestInitialMasterKeyAndHmacSecretRegistration, type SerializedKeyPairs = {
} from "$lib/services/key"; generator: "ArkVault";
exportedAt: Date;
} & {
version: 1;
encryptKey: string;
decryptKey: string;
signKey: string;
verifyKey: string;
};
export const serializeClientKeys = (
encryptKeyBase64: string,
decryptKeyBase64: string,
signKeyBase64: string,
verifyKeyBase64: string,
) => {
return {
version: 1,
generator: "ArkVault",
exportedAt: new Date(),
encryptKey: encryptKeyBase64,
decryptKey: decryptKeyBase64,
signKey: signKeyBase64,
verifyKey: verifyKeyBase64,
} satisfies SerializedKeyPairs;
};
export const storeClientKeys = async (clientKeys: ClientKeys) => {
await Promise.all([
storeClientKey(clientKeys.encryptKey, "encrypt"),
storeClientKey(clientKeys.decryptKey, "decrypt"),
storeClientKey(clientKeys.signKey, "sign"),
storeClientKey(clientKeys.verifyKey, "verify"),
]);
};
export const requestInitialMasterKeyAndHmacSecretRegistration = async (
masterKeyWrapped: string,
hmacSecretWrapped: string,
signKey: CryptoKey,
) => {
let res = await callPostApi<InitialMasterKeyRegisterRequest>("/api/mek/register/initial", {
mek: masterKeyWrapped,
mekSig: await signMasterKeyWrapped(masterKeyWrapped, 1, signKey),
});
if (!res.ok) {
return res.status === 409;
}
res = await callPostApi<InitialHmacSecretRegisterRequest>("/api/hsk/register/initial", {
mekVersion: 1,
hsk: hmacSecretWrapped,
});
return res.ok;
};

72
src/routes/(fullscreen)/key/generate/+page.svelte
View File

@@ -3,29 +3,19 @@
import { goto } from "$app/navigation"; import { goto } from "$app/navigation";
import { BottomDiv, Button, FullscreenDiv, TextButton } from "$lib/components/atoms"; import { BottomDiv, Button, FullscreenDiv, TextButton } from "$lib/components/atoms";
import { TitledDiv } from "$lib/components/molecules"; import { TitledDiv } from "$lib/components/molecules";
import { ForceLoginModal } from "$lib/components/organisms"; import { gotoStateful } from "$lib/hooks";
import { storeClientKeys } from "$lib/modules/key";
import { clientKeyStore } from "$lib/stores"; import { clientKeyStore } from "$lib/stores";
import { gotoStateful } from "$lib/utils";
import Order from "./Order.svelte"; import Order from "./Order.svelte";
import { import {
generateClientKeys, generateClientKeys,
generateInitialMasterKey, generateInitialMasterKey,
generateInitialHmacSecret, generateInitialHmacSecret,
importClientKeys,
requestClientRegistrationAndSessionUpgrade,
requestInitialMasterKeyAndHmacSecretRegistration,
requestDeletedFilesCleanup,
} from "./service"; } from "./service";
import IconKey from "~icons/material-symbols/key"; import IconKey from "~icons/material-symbols/key";
let { data } = $props(); let { data } = $props();
let fileInput: HTMLInputElement | undefined = $state();
let isForceLoginModalOpen = $state(false);
// TODO: Update // TODO: Update
const orders = [ const orders = [
{ {
@@ -61,54 +51,6 @@
}); });
}; };
const upgradeSession = async (force: boolean) => {
const [upgradeRes, upgradeError] = await requestClientRegistrationAndSessionUpgrade(
$clientKeyStore!,
force,
);
if (!force && upgradeError === "Already logged in") {
isForceLoginModalOpen = true;
return;
} else if (!upgradeRes) {
// TODO: Error Handling
return;
}
const { masterKey, masterKeyWrapped } = await generateInitialMasterKey(
$clientKeyStore!.encryptKey,
);
const { hmacSecretWrapped } = await generateInitialHmacSecret(masterKey);
await storeClientKeys($clientKeyStore!);
if (
!(await requestInitialMasterKeyAndHmacSecretRegistration(
masterKeyWrapped,
hmacSecretWrapped,
$clientKeyStore!.signKey,
))
) {
// TODO: Error Handling
return;
}
await requestDeletedFilesCleanup();
await goto("/client/pending?redirect=" + encodeURIComponent(data.redirectPath));
};
const importKeys = async () => {
const file = fileInput?.files?.[0];
if (!file) return;
if (await importClientKeys(await file.text())) {
await upgradeSession(false);
} else {
// TODO: Error Handling
}
fileInput!.value = "";
};
onMount(async () => { onMount(async () => {
if ($clientKeyStore) { if ($clientKeyStore) {
await goto(data.redirectPath, { replaceState: true }); await goto(data.redirectPath, { replaceState: true });
@@ -120,14 +62,6 @@
<title>암호 키 생성하기</title> <title>암호 키 생성하기</title>
</svelte:head> </svelte:head>
<input
bind:this={fileInput}
onchange={importKeys}
type="file"
accept="application/json"
class="hidden"
/>
<FullscreenDiv> <FullscreenDiv>
<TitledDiv childrenClass="space-y-4"> <TitledDiv childrenClass="space-y-4">
{#snippet title()} {#snippet title()}
@@ -149,8 +83,6 @@
</TitledDiv> </TitledDiv>
<BottomDiv class="flex flex-col items-center gap-y-2"> <BottomDiv class="flex flex-col items-center gap-y-2">
<Button onclick={generateKeys} class="w-full">새 암호 키 생성하기</Button> <Button onclick={generateKeys} class="w-full">새 암호 키 생성하기</Button>
<TextButton onclick={() => fileInput?.click()}>키를 갖고 있어요</TextButton> <TextButton>키를 갖고 있어요</TextButton>
</BottomDiv> </BottomDiv>
</FullscreenDiv> </FullscreenDiv>
<ForceLoginModal bind:isOpen={isForceLoginModalOpen} onLoginClick={() => upgradeSession(true)} />

32
src/routes/(fullscreen)/key/generate/service.ts
View File

@@ -2,8 +2,6 @@ import {
generateEncryptionKeyPair, generateEncryptionKeyPair,
generateSigningKeyPair, generateSigningKeyPair,
exportRSAKeyToBase64, exportRSAKeyToBase64,
importEncryptionKeyPairFromBase64,
importSigningKeyPairFromBase64,
makeRSAKeyNonextractable, makeRSAKeyNonextractable,
wrapMasterKey, wrapMasterKey,
generateMasterKey, generateMasterKey,
@@ -11,16 +9,8 @@ import {
wrapHmacSecret, wrapHmacSecret,
generateHmacSecret, generateHmacSecret,
} from "$lib/modules/crypto"; } from "$lib/modules/crypto";
import { deserializeClientKeys } from "$lib/modules/key";
import { clientKeyStore } from "$lib/stores"; import { clientKeyStore } from "$lib/stores";
export { requestLogout } from "$lib/services/auth";
export { requestDeletedFilesCleanup } from "$lib/services/file";
export {
requestClientRegistrationAndSessionUpgrade,
requestInitialMasterKeyAndHmacSecretRegistration,
} from "$lib/services/key";
export const generateClientKeys = async () => { export const generateClientKeys = async () => {
const { encryptKey, decryptKey } = await generateEncryptionKeyPair(); const { encryptKey, decryptKey } = await generateEncryptionKeyPair();
const { signKey, verifyKey } = await generateSigningKeyPair(); const { signKey, verifyKey } = await generateSigningKeyPair();
@@ -55,25 +45,3 @@ export const generateInitialHmacSecret = async (masterKey: CryptoKey) => {
hmacSecretWrapped: await wrapHmacSecret(hmacSecret, masterKey), hmacSecretWrapped: await wrapHmacSecret(hmacSecret, masterKey),
}; };
}; };
export const importClientKeys = async (clientKeysSerialized: string) => {
const clientKeys = deserializeClientKeys(clientKeysSerialized);
if (!clientKeys) return false;
const { encryptKey, decryptKey } = await importEncryptionKeyPairFromBase64(
clientKeys.encryptKeyBase64,
clientKeys.decryptKeyBase64,
);
const { signKey, verifyKey } = await importSigningKeyPairFromBase64(
clientKeys.signKeyBase64,
clientKeys.verifyKeyBase64,
);
clientKeyStore.set({
encryptKey,
decryptKey: await makeRSAKeyNonextractable(decryptKey),
signKey: await makeRSAKeyNonextractable(signKey),
verifyKey,
});
return true;
};

5
src/routes/(fullscreen)/settings/cache/+page.svelte vendored
View File

@@ -4,11 +4,12 @@
import { FullscreenDiv } from "$lib/components/atoms"; import { FullscreenDiv } from "$lib/components/atoms";
import { TopBar } from "$lib/components/molecules"; import { TopBar } from "$lib/components/molecules";
import type { FileCacheIndex } from "$lib/indexedDB"; import type { FileCacheIndex } from "$lib/indexedDB";
import { getFileCacheIndex, deleteFileCache as doDeleteFileCache } from "$lib/modules/file"; import { getFileCacheIndex } from "$lib/modules/file";
import { getFileInfo, type FileInfo } from "$lib/modules/filesystem"; import { getFileInfo, type FileInfo } from "$lib/modules/filesystem";
import { formatFileSize } from "$lib/modules/util";
import { masterKeyStore } from "$lib/stores"; import { masterKeyStore } from "$lib/stores";
import { formatFileSize } from "$lib/utils";
import File from "./File.svelte"; import File from "./File.svelte";
import { deleteFileCache as doDeleteFileCache } from "./service";
interface FileCache { interface FileCache {
index: FileCacheIndex; index: FileCacheIndex;

2
src/routes/(fullscreen)/settings/cache/File.svelte vendored
View File

@@ -2,7 +2,7 @@
import type { Writable } from "svelte/store"; import type { Writable } from "svelte/store";
import type { FileCacheIndex } from "$lib/indexedDB"; import type { FileCacheIndex } from "$lib/indexedDB";
import type { FileInfo } from "$lib/modules/filesystem"; import type { FileInfo } from "$lib/modules/filesystem";
import { formatDate, formatFileSize } from "$lib/utils"; import { formatDate, formatFileSize } from "$lib/modules/util";
import IconDraft from "~icons/material-symbols/draft"; import IconDraft from "~icons/material-symbols/draft";
import IconScanDelete from "~icons/material-symbols/scan-delete"; import IconScanDelete from "~icons/material-symbols/scan-delete";

5
src/routes/(fullscreen)/settings/cache/service.ts vendored Normal file
View File

@@ -0,0 +1,5 @@
import { deleteFileCache as doDeleteFileCache } from "$lib/modules/file";
export const deleteFileCache = async (fileId: number) => {
await doDeleteFileCache(fileId);
};

77
src/routes/(fullscreen)/settings/thumbnail/+page.svelte
View File

@@ -1,77 +0,0 @@
<script lang="ts">
import { onMount } from "svelte";
import { get } from "svelte/store";
import { goto } from "$app/navigation";
import { BottomDiv, Button, FullscreenDiv } from "$lib/components/atoms";
import { IconEntryButton, TopBar } from "$lib/components/molecules";
import { deleteAllFileThumbnailCaches } from "$lib/modules/file";
import { getFileInfo } from "$lib/modules/filesystem";
import { masterKeyStore } from "$lib/stores";
import File from "./File.svelte";
import {
persistentStates,
getGenerationStatus,
requestThumbnailGeneration,
} from "./service.svelte";
import IconDelete from "~icons/material-symbols/delete";
let { data } = $props();
const generateAllThumbnails = () => {
persistentStates.files.forEach(({ info }) => {
const fileInfo = get(info);
if (fileInfo) {
requestThumbnailGeneration(fileInfo);
}
});
};
onMount(() => {
persistentStates.files = data.files.map((fileId) => ({
id: fileId,
info: getFileInfo(fileId, $masterKeyStore?.get(1)?.key!),
status: getGenerationStatus(fileId),
}));
});
</script>
<svelte:head>
<title>썸네일 설정</title>
</svelte:head>
<TopBar title="썸네일" />
<FullscreenDiv class="bg-gray-100 !px-0">
<div class="flex flex-grow flex-col space-y-4">
<div class="bg-white p-4 !pt-0">
<IconEntryButton icon={IconDelete} onclick={deleteAllFileThumbnailCaches} class="w-full">
저장된 썸네일 모두 삭제하기
</IconEntryButton>
</div>
{#if persistentStates.files.length > 0}
<div class="flex-grow space-y-2 bg-white p-4">
<p class="text-lg font-bold text-gray-800">썸네일이 누락된 파일</p>
<div class="space-y-4">
<p class="break-keep text-gray-800">
{persistentStates.files.length}개 파일의 썸네일이 존재하지 않아요.
</p>
<div class="space-y-2">
{#each persistentStates.files as { info, status }}
<File
{info}
generationStatus={status}
onclick={({ id }) => goto(`/file/${id}`)}
onGenerateThumbnailClick={requestThumbnailGeneration}
/>
{/each}
</div>
</div>
</div>
{/if}
</div>
{#if persistentStates.files.length > 0}
<BottomDiv class="px-4">
<Button onclick={generateAllThumbnails} class="w-full">모두 썸네일 생성하기</Button>
</BottomDiv>
{/if}
</FullscreenDiv>

7
src/routes/(fullscreen)/settings/thumbnail/+page.ts
View File

@@ -1,7 +0,0 @@
import { trpc } from "$trpc/client";
import type { PageLoad } from "./$types";
export const load: PageLoad = async ({ fetch }) => {
const files = await trpc(fetch).file.listWithoutThumbnail.query();
return { files };
};

46
src/routes/(fullscreen)/settings/thumbnail/File.svelte
View File

@@ -1,46 +0,0 @@
<script module lang="ts">
const subtexts = {
queued: "대기 중",
"generation-pending": "준비 중",
generating: "생성하는 중",
"upload-pending": "업로드를 기다리는 중",
uploading: "업로드하는 중",
error: "실패",
} as const;
</script>
<script lang="ts">
import type { Writable } from "svelte/store";
import { ActionEntryButton } from "$lib/components/atoms";
import { DirectoryEntryLabel } from "$lib/components/molecules";
import type { FileInfo } from "$lib/modules/filesystem";
import { formatDateTime } from "$lib/utils";
import type { GenerationStatus } from "./service.svelte";
import IconCamera from "~icons/material-symbols/camera";
interface Props {
info: Writable<FileInfo | null>;
onclick: (selectedFile: FileInfo) => void;
onGenerateThumbnailClick: (selectedFile: FileInfo) => void;
generationStatus?: Writable<GenerationStatus>;
}
let { info, onclick, onGenerateThumbnailClick, generationStatus }: Props = $props();
</script>
{#if $info}
<ActionEntryButton
class="h-14"
onclick={() => onclick($info)}
actionButtonIcon={!$generationStatus || $generationStatus === "error" ? IconCamera : undefined}
onActionButtonClick={() => onGenerateThumbnailClick($info)}
actionButtonClass="text-gray-800"
>
{@const subtext =
$generationStatus && $generationStatus !== "uploaded"
? subtexts[$generationStatus]
: formatDateTime($info.createdAt ?? $info.lastModifiedAt)}
<DirectoryEntryLabel type="file" name={$info.name} {subtext} />
</ActionEntryButton>
{/if}

Some files were not shown because too many files have changed in this diff Show More