디렉터리 페이지에 상위 디렉터리로 이동 버튼 추가

tRPC 도입

Dockerfile

@@ -2,11 +2,7 @@
 FROM node:22-alpine AS base
 WORKDIR /app
 
-RUN apk add --no-cache bash curl && \
-    curl -o /usr/local/bin/wait-for-it https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh && \
-    chmod +x /usr/local/bin/wait-for-it
-
-RUN npm install -g pnpm@9
+RUN npm install -g pnpm@10
 COPY pnpm-lock.yaml .
 
 # Build Stage
@@ -29,4 +25,4 @@ COPY --from=build /app/build ./build
 
 EXPOSE 3000
 ENV BODY_SIZE_LIMIT=Infinity
-CMD ["bash", "-c", "wait-for-it ${DATABASE_HOST:-localhost}:${DATABASE_PORT:-5432} -- node ./build/index.js"]
+CMD ["node", "./build/index.js"]

docker-compose.yaml

@@ -3,7 +3,8 @@ services:
     build: .
     restart: unless-stopped
     depends_on:
-      - database
+      database:
+        condition: service_healthy
     user: ${CONTAINER_UID:-0}:${CONTAINER_GID:-0}
     volumes:
       - ./data/library:/app/data/library
@@ -35,3 +36,8 @@ services:
     environment:
       - POSTGRES_USER=arkvault
       - POSTGRES_PASSWORD=${DATABASE_PASSWORD:?}
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER}"]
+      interval: 5s
+      timeout: 5s
+      retries: 5

eslint.config.js

@@ -1,21 +1,24 @@
-import prettier from "eslint-config-prettier";
-import js from "@eslint/js";
 import { includeIgnoreFile } from "@eslint/compat";
+import js from "@eslint/js";
+import { defineConfig } from "eslint/config";
+import prettier from "eslint-config-prettier";
 import svelte from "eslint-plugin-svelte";
 import tailwind from "eslint-plugin-tailwindcss";
 import globals from "globals";
-import { fileURLToPath } from "node:url";
 import ts from "typescript-eslint";
+import { fileURLToPath } from "url";
+import svelteConfig from "./svelte.config.js";
+
 const gitignorePath = fileURLToPath(new URL("./.gitignore", import.meta.url));
 
-export default ts.config(
+export default defineConfig(
   includeIgnoreFile(gitignorePath),
   js.configs.recommended,
   ...ts.configs.recommended,
-  ...svelte.configs["flat/recommended"],
+  ...svelte.configs.recommended,
   ...tailwind.configs["flat/recommended"],
   prettier,
-  ...svelte.configs["flat/prettier"],
+  ...svelte.configs.prettier,
   {
     languageOptions: {
       globals: {
@@ -23,13 +26,18 @@ export default ts.config(
         ...globals.node,
       },
     },
+    rules: {
+      "no-undef": "off",
+    },
   },
   {
-    files: ["**/*.svelte"],
-
+    files: ["**/*.svelte", "**/*.svelte.ts", "**/*.svelte.js"],
     languageOptions: {
       parserOptions: {
+        projectService: true,
+        extraFileExtensions: [".svelte"],
         parser: ts.parser,
+        svelteConfig,
       },
     },
   },

package.json

@@ -1,7 +1,7 @@
 {
   "name": "arkvault",
   "private": true,
-  "version": "0.5.1",
+  "version": "0.6.0",
   "type": "module",
   "scripts": {
     "dev": "vite dev",
@@ -16,53 +16,57 @@
     "db:migrate": "kysely migrate"
   },
   "devDependencies": {
-    "@eslint/compat": "^1.3.1",
-    "@iconify-json/material-symbols": "^1.2.29",
-    "@sveltejs/adapter-node": "^5.2.13",
-    "@sveltejs/kit": "^2.22.5",
-    "@sveltejs/vite-plugin-svelte": "^4.0.4",
+    "@eslint/compat": "^2.0.0",
+    "@iconify-json/material-symbols": "^1.2.50",
+    "@sveltejs/adapter-node": "^5.4.0",
+    "@sveltejs/kit": "^2.49.2",
+    "@sveltejs/vite-plugin-svelte": "^6.2.1",
+    "@tanstack/svelte-virtual": "^3.13.13",
+    "@trpc/client": "^11.8.1",
     "@types/file-saver": "^2.0.7",
     "@types/ms": "^0.7.34",
     "@types/node-schedule": "^2.1.8",
-    "@types/pg": "^8.15.4",
-    "autoprefixer": "^10.4.21",
-    "axios": "^1.10.0",
-    "dexie": "^4.0.11",
-    "eslint": "^9.30.1",
-    "eslint-config-prettier": "^10.1.5",
-    "eslint-plugin-svelte": "^3.10.1",
-    "eslint-plugin-tailwindcss": "^3.18.0",
-    "exifreader": "^4.31.1",
+    "@types/pg": "^8.16.0",
+    "autoprefixer": "^10.4.23",
+    "axios": "^1.13.2",
+    "dexie": "^4.2.1",
+    "eslint": "^9.39.2",
+    "eslint-config-prettier": "^10.1.8",
+    "eslint-plugin-svelte": "^3.13.1",
+    "eslint-plugin-tailwindcss": "^3.18.2",
+    "exifreader": "^4.33.1",
     "file-saver": "^2.0.5",
-    "globals": "^16.3.0",
+    "globals": "^16.5.0",
     "heic2any": "^0.0.4",
-    "kysely-ctl": "^0.13.1",
-    "lru-cache": "^11.1.0",
-    "mime": "^4.0.7",
-    "p-limit": "^6.2.0",
-    "prettier": "^3.6.2",
-    "prettier-plugin-svelte": "^3.4.0",
-    "prettier-plugin-tailwindcss": "^0.6.14",
-    "svelte": "^5.35.6",
-    "svelte-check": "^4.2.2",
-    "tailwindcss": "^3.4.17",
-    "typescript": "^5.8.3",
-    "typescript-eslint": "^8.36.0",
-    "unplugin-icons": "^22.1.0",
-    "vite": "^5.4.19"
+    "kysely-ctl": "^0.19.0",
+    "lru-cache": "^11.2.4",
+    "mime": "^4.1.0",
+    "p-limit": "^7.2.0",
+    "prettier": "^3.7.4",
+    "prettier-plugin-svelte": "^3.4.1",
+    "prettier-plugin-tailwindcss": "^0.7.2",
+    "svelte": "^5.46.1",
+    "svelte-check": "^4.3.5",
+    "tailwindcss": "^3.4.19",
+    "typescript": "^5.9.3",
+    "typescript-eslint": "^8.50.1",
+    "unplugin-icons": "^22.5.0",
+    "vite": "^7.3.0"
   },
   "dependencies": {
-    "@fastify/busboy": "^3.1.1",
-    "argon2": "^0.43.0",
-    "kysely": "^0.28.2",
+    "@fastify/busboy": "^3.2.0",
+    "@trpc/server": "^11.8.1",
+    "argon2": "^0.44.0",
+    "kysely": "^0.28.9",
     "ms": "^2.1.3",
     "node-schedule": "^2.1.1",
     "pg": "^8.16.3",
-    "uuid": "^11.1.0",
-    "zod": "^3.25.76"
+    "superjson": "^2.2.6",
+    "uuid": "^13.0.0",
+    "zod": "^4.2.1"
   },
   "engines": {
     "node": "^22.0.0",
-    "pnpm": "^9.0.0"
+    "pnpm": "^10.0.0"
   }
 }

src/lib/components/molecules/Categories/Categories.svelte

@@ -3,7 +3,7 @@
   import type { SvelteHTMLElements } from "svelte/elements";
   import { get, type Writable } from "svelte/store";
   import type { CategoryInfo } from "$lib/modules/filesystem";
-  import { SortBy, sortEntries } from "$lib/modules/util";
+  import { SortBy, sortEntries } from "$lib/utils";
   import Category from "./Category.svelte";
   import type { SelectedCategory } from "./service";
 

src/lib/components/molecules/FileThumbnailButton.svelte

@@ -0,0 +1,42 @@
+<script lang="ts">
+  import type { Writable } from "svelte/store";
+  import type { FileInfo } from "$lib/modules/filesystem";
+  import { requestFileThumbnailDownload } from "$lib/services/file";
+
+  interface Props {
+    info: Writable<FileInfo | null>;
+    onclick?: (file: FileInfo) => void;
+  }
+
+  let { info, onclick }: Props = $props();
+
+  let thumbnail: string | undefined = $state();
+
+  $effect(() => {
+    if ($info) {
+      requestFileThumbnailDownload($info.id, $info.dataKey)
+        .then((thumbnailUrl) => {
+          thumbnail = thumbnailUrl ?? undefined;
+        })
+        .catch(() => {
+          // TODO: Error Handling
+          thumbnail = undefined;
+        });
+    } else {
+      thumbnail = undefined;
+    }
+  });
+</script>
+
+{#if $info}
+  <button
+    onclick={() => onclick?.($info)}
+    class="relative aspect-square w-full overflow-hidden rounded transition active:scale-95 active:brightness-90"
+  >
+    {#if thumbnail}
+      <img src={thumbnail} alt={$info.name} class="h-full w-full object-cover" />
+    {:else}
+      <div class="h-full w-full bg-gray-100"></div>
+    {/if}
+  </button>
+{/if}

src/lib/components/molecules/index.ts

@@ -2,6 +2,7 @@ export * from "./ActionModal.svelte";
 export { default as ActionModal } from "./ActionModal.svelte";
 export * from "./Categories";
 export { default as Categories } from "./Categories";
+export { default as FileThumbnailButton } from "./FileThumbnailButton.svelte";
 export { default as IconEntryButton } from "./IconEntryButton.svelte";
 export * from "./labels";
 export { default as SubCategories } from "./SubCategories.svelte";

src/lib/components/molecules/labels/DirectoryEntryLabel.svelte

@@ -3,6 +3,7 @@
   import { IconLabel } from "$lib/components/molecules";
 
   import IconFolder from "~icons/material-symbols/folder";
+  import IconDriveFolderUpload from "~icons/material-symbols/drive-folder-upload";
   import IconDraft from "~icons/material-symbols/draft";
 
   interface Props {
@@ -11,7 +12,7 @@
     subtext?: string;
     textClass?: ClassValue;
     thumbnail?: string;
-    type: "directory" | "file";
+    type: "directory" | "parent-directory" | "file";
   }
 
   let {
@@ -30,6 +31,8 @@
       <img src={thumbnail} alt={name} loading="lazy" class="aspect-square rounded object-cover" />
     {:else if type === "directory"}
       <IconFolder />
+    {:else if type === "parent-directory"}
+      <IconDriveFolderUpload class="text-yellow-500" />
     {:else}
       <IconDraft class="text-blue-400" />
     {/if}

src/lib/components/organisms/Category/Category.svelte

@@ -4,8 +4,8 @@
   import { CheckBox } from "$lib/components/atoms";
   import { SubCategories, type SelectedCategory } from "$lib/components/molecules";
   import { getFileInfo, type FileInfo, type CategoryInfo } from "$lib/modules/filesystem";
-  import { SortBy, sortEntries } from "$lib/modules/util";
   import { masterKeyStore } from "$lib/stores";
+  import { SortBy, sortEntries } from "$lib/utils";
   import File from "./File.svelte";
   import type { SelectedFile } from "./service";
 

src/lib/components/organisms/Category/File.svelte

@@ -32,7 +32,7 @@
   };
 
   $effect(() => {
-    if ($info?.dataKey) {
+    if ($info) {
       requestFileThumbnailDownload($info.id, $info.dataKey)
         .then((thumbnailUrl) => {
           thumbnail = thumbnailUrl ?? undefined;

src/lib/components/organisms/Gallery.svelte

@@ -0,0 +1,148 @@
+<script lang="ts">
+  import { createWindowVirtualizer } from "@tanstack/svelte-virtual";
+  import { untrack } from "svelte";
+  import { get, type Writable } from "svelte/store";
+  import { FileThumbnailButton } from "$lib/components/molecules";
+  import type { FileInfo } from "$lib/modules/filesystem";
+  import { formatDate, formatDateSortable, SortBy, sortEntries } from "$lib/utils";
+
+  interface Props {
+    files: Writable<FileInfo | null>[];
+    onFileClick?: (file: FileInfo) => void;
+  }
+
+  let { files, onFileClick }: Props = $props();
+
+  type FileEntry =
+    | { date?: undefined; contentType?: undefined; info: Writable<FileInfo | null> }
+    | { date: Date; contentType: string; info: Writable<FileInfo | null> };
+  type Row =
+    | { type: "header"; key: string; label: string }
+    | { type: "items"; key: string; items: FileEntry[] };
+
+  let filesWithDate: FileEntry[] = $state([]);
+  let rows: Row[] = $state([]);
+  let listElement: HTMLDivElement | undefined = $state();
+
+  const virtualizer = createWindowVirtualizer({
+    count: 0,
+    getItemKey: (index) => rows[index]!.key,
+    estimateSize: () => 1000, // TODO
+  });
+
+  const measureRow = (node: HTMLElement) => {
+    $virtualizer.measureElement(node);
+    return {
+      update: () => $virtualizer.measureElement(node),
+    };
+  };
+
+  $effect(() => {
+    filesWithDate = files.map((file) => {
+      const info = get(file);
+      if (info) {
+        return {
+          date: info.createdAt ?? info.lastModifiedAt,
+          contentType: info.contentType,
+          info: file,
+        };
+      } else {
+        return { info: file };
+      }
+    });
+
+    const buildRows = () => {
+      const map = new Map<string, FileEntry[]>();
+
+      for (const file of filesWithDate) {
+        if (
+          !file.date ||
+          !(file.contentType.startsWith("image/") || file.contentType.startsWith("video/"))
+        ) {
+          continue;
+        }
+
+        const date = formatDateSortable(file.date);
+        const entries = map.get(date) ?? [];
+        entries.push(file);
+        map.set(date, entries);
+      }
+
+      const newRows: Row[] = [];
+      const sortedDates = Array.from(map.keys()).sort((a, b) => b.localeCompare(a));
+      for (const date of sortedDates) {
+        const entries = map.get(date)!;
+        sortEntries(entries, SortBy.DATE_DESC);
+
+        newRows.push({
+          type: "header",
+          key: `header-${date}`,
+          label: formatDate(entries[0]!.date!),
+        });
+        newRows.push({
+          type: "items",
+          key: `items-${date}`,
+          items: entries,
+        });
+      }
+
+      rows = newRows;
+      $virtualizer.setOptions({ count: rows.length });
+    };
+    return untrack(() => {
+      buildRows();
+
+      const unsubscribes = filesWithDate.map((file) =>
+        file.info.subscribe((value) => {
+          const newDate = value?.createdAt ?? value?.lastModifiedAt;
+          const newContentType = value?.contentType;
+          if (file.date?.getTime() === newDate?.getTime() && file.contentType === newContentType) {
+            return;
+          }
+
+          file.date = newDate;
+          file.contentType = newContentType;
+          buildRows();
+        }),
+      );
+      return () => unsubscribes.forEach((unsubscribe) => unsubscribe());
+    });
+  });
+</script>
+
+<div bind:this={listElement} class="relative flex flex-grow flex-col">
+  <div style="height: {$virtualizer.getTotalSize()}px;">
+    {#each $virtualizer.getVirtualItems() as virtualRow (virtualRow.key)}
+      {@const row = rows[virtualRow.index]!}
+      <div
+        use:measureRow
+        data-index={virtualRow.index}
+        class="absolute left-0 top-0 w-full"
+        style="transform: translateY({virtualRow.start}px);"
+      >
+        {#if row.type === "header"}
+          <p class="pb-2 font-medium">{row.label}</p>
+        {:else}
+          <div class="grid grid-cols-4 gap-1 pb-4">
+            {#each row.items as { info }}
+              <FileThumbnailButton {info} onclick={onFileClick} />
+            {/each}
+          </div>
+        {/if}
+      </div>
+    {/each}
+  </div>
+  {#if $virtualizer.getVirtualItems().length === 0}
+    <div class="flex h-full flex-grow items-center justify-center">
+      <p class="text-gray-500">
+        {#if files.length === 0}
+          업로드된 파일이 없어요.
+        {:else if filesWithDate.length === 0}
+          파일 목록을 불러오고 있어요.
+        {:else}
+          사진 또는 동영상이 없어요.
+        {/if}
+      </p>
+    </div>
+  {/if}
+</div>

src/lib/components/organisms/index.ts

@@ -1,3 +1,4 @@
 export * from "./Category";
 export { default as Category } from "./Category";
+export { default as Gallery } from "./Gallery.svelte";
 export * from "./modals";

src/lib/hooks/callApi.ts

@@ -1,11 +0,0 @@
-export const callGetApi = async (input: RequestInfo, fetchInternal = fetch) => {
-  return await fetchInternal(input);
-};
-
-export const callPostApi = async <T>(input: RequestInfo, payload?: T, fetchInternal = fetch) => {
-  return await fetchInternal(input, {
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    body: payload ? JSON.stringify(payload) : undefined,
-  });
-};

src/lib/hooks/index.ts

@@ -1,2 +0,0 @@
-export * from "./callApi";
-export * from "./gotoStateful";

src/lib/modules/file/upload.ts

@@ -13,8 +13,6 @@ import {
 } from "$lib/modules/crypto";
 import { generateThumbnail } from "$lib/modules/thumbnail";
 import type {
-  DuplicateFileScanRequest,
-  DuplicateFileScanResponse,
   FileThumbnailUploadRequest,
   FileUploadRequest,
   FileUploadResponse,
@@ -25,18 +23,17 @@ import {
   type HmacSecret,
   type FileUploadStatus,
 } from "$lib/stores";
+import { trpc } from "$trpc/client";
 
 const requestDuplicateFileScan = limitFunction(
   async (file: File, hmacSecret: HmacSecret, onDuplicate: () => Promise<boolean>) => {
     const fileBuffer = await file.arrayBuffer();
     const fileSigned = encodeToBase64(await signMessageHmac(fileBuffer, hmacSecret.secret));
 
-    const res = await axios.post("/api/file/scanDuplicates", {
+    const files = await trpc().file.listByHash.query({
       hskVersion: hmacSecret.version,
       contentHmac: fileSigned,
-    } satisfies DuplicateFileScanRequest);
-    const { files }: DuplicateFileScanResponse = res.data;
-
+    });
     if (files.length === 0 || (await onDuplicate())) {
       return { fileBuffer, fileSigned };
     } else {

src/lib/modules/filesystem.ts

@@ -1,5 +1,5 @@
+import { TRPCClientError } from "@trpc/client";
 import { get, writable, type Writable } from "svelte/store";
-import { callGetApi } from "$lib/hooks";
 import {
   getDirectoryInfos as getDirectoryInfosFromIndexedDB,
   getDirectoryInfo as getDirectoryInfoFromIndexedDB,
@@ -18,16 +18,12 @@ import {
   type CategoryId,
 } from "$lib/indexedDB";
 import { unwrapDataKey, decryptString } from "$lib/modules/crypto";
-import type {
-  CategoryInfoResponse,
-  CategoryFileListResponse,
-  DirectoryInfoResponse,
-  FileInfoResponse,
-} from "$lib/server/schemas";
+import { trpc } from "$trpc/client";
 
 export type DirectoryInfo =
   | {
       id: "root";
+      parentId?: undefined;
       dataKey?: undefined;
       dataKeyVersion?: undefined;
       name?: undefined;
@@ -36,6 +32,7 @@ export type DirectoryInfo =
     }
   | {
       id: number;
+      parentId: DirectoryId;
       dataKey?: CryptoKey;
       dataKeyVersion?: Date;
       name: string;
@@ -45,6 +42,7 @@ export type DirectoryInfo =
 
 export interface FileInfo {
   id: number;
+  parentId: DirectoryId;
   dataKey?: CryptoKey;
   dataKeyVersion?: Date;
   contentType: string;
@@ -97,7 +95,13 @@ const fetchDirectoryInfoFromIndexedDB = async (
     info.set({ id, subDirectoryIds, fileIds });
   } else {
     if (!directory) return;
-    info.set({ id, name: directory.name, subDirectoryIds, fileIds });
+    info.set({
+      id,
+      parentId: directory.parentId,
+      name: directory.name,
+      subDirectoryIds,
+      fileIds,
+    });
   }
 };
 
@@ -106,20 +110,19 @@ const fetchDirectoryInfoFromServer = async (
   info: Writable<DirectoryInfo | null>,
   masterKey: CryptoKey,
 ) => {
-  const res = await callGetApi(`/api/directory/${id}`);
-  if (res.status === 404) {
+  let data;
+  try {
+    data = await trpc().directory.get.query({ id });
+  } catch (e) {
+    if (e instanceof TRPCClientError && e.data?.code === "NOT_FOUND") {
       info.set(null);
       await deleteDirectoryInfo(id as number);
       return;
-  } else if (!res.ok) {
+    }
     throw new Error("Failed to fetch directory information");
   }
 
-  const {
-    metadata,
-    subDirectories: subDirectoryIds,
-    files: fileIds,
-  }: DirectoryInfoResponse = await res.json();
+  const { metadata, subDirectories: subDirectoryIds, files: fileIds } = data;
 
   if (id === "root") {
     info.set({ id, subDirectoryIds, fileIds });
@@ -129,6 +132,7 @@ const fetchDirectoryInfoFromServer = async (
 
     info.set({
       id,
+      parentId: metadata!.parent,
       dataKey,
       dataKeyVersion: new Date(metadata!.dekVersion),
       name,
@@ -179,16 +183,17 @@ const fetchFileInfoFromServer = async (
   info: Writable<FileInfo | null>,
   masterKey: CryptoKey,
 ) => {
-  const res = await callGetApi(`/api/file/${id}`);
-  if (res.status === 404) {
+  let metadata;
+  try {
+    metadata = await trpc().file.get.query({ id });
+  } catch (e) {
+    if (e instanceof TRPCClientError && e.data?.code === "NOT_FOUND") {
       info.set(null);
       await deleteFileInfo(id);
       return;
-  } else if (!res.ok) {
+    }
     throw new Error("Failed to fetch file information");
   }
-
-  const metadata: FileInfoResponse = await res.json();
   const { dataKey } = await unwrapDataKey(metadata.dek, masterKey);
 
   const name = await decryptString(metadata.name, metadata.nameIv, dataKey);
@@ -204,6 +209,7 @@ const fetchFileInfoFromServer = async (
 
   info.set({
     id,
+    parentId: metadata.parent,
     dataKey,
     dataKeyVersion: new Date(metadata.dekVersion),
     contentType: metadata.contentType,
@@ -273,16 +279,19 @@ const fetchCategoryInfoFromServer = async (
   info: Writable<CategoryInfo | null>,
   masterKey: CryptoKey,
 ) => {
-  let res = await callGetApi(`/api/category/${id}`);
-  if (res.status === 404) {
+  let data;
+  try {
+    data = await trpc().category.get.query({ id });
+  } catch (e) {
+    if (e instanceof TRPCClientError && e.data?.code === "NOT_FOUND") {
       info.set(null);
       await deleteCategoryInfo(id as number);
       return;
-  } else if (!res.ok) {
+    }
     throw new Error("Failed to fetch category information");
   }
 
-  const { metadata, subCategories }: CategoryInfoResponse = await res.json();
+  const { metadata, subCategories } = data;
 
   if (id === "root") {
     info.set({ id, subCategoryIds: subCategories });
@@ -290,12 +299,13 @@ const fetchCategoryInfoFromServer = async (
     const { dataKey } = await unwrapDataKey(metadata!.dek, masterKey);
     const name = await decryptString(metadata!.name, metadata!.nameIv, dataKey);
 
-    res = await callGetApi(`/api/category/${id}/file/list?recurse=true`);
-    if (!res.ok) {
+    let files;
+    try {
+      files = await trpc().category.files.query({ id, recurse: true });
+    } catch {
       throw new Error("Failed to fetch category files");
     }
 
-    const { files }: CategoryFileListResponse = await res.json();
     const filesMapped = files.map(({ file, isRecursive }) => ({ id: file, isRecursive }));
     let isFileRecursive: boolean | undefined = undefined;
 

src/lib/modules/key.ts

@@ -5,14 +5,14 @@ import type { ClientKeys } from "$lib/stores";
 const serializedClientKeysSchema = z.intersection(
   z.object({
     generator: z.literal("ArkVault"),
-    exportedAt: z.string().datetime(),
+    exportedAt: z.iso.datetime(),
   }),
   z.object({
     version: z.literal(1),
-    encryptKey: z.string().base64().nonempty(),
-    decryptKey: z.string().base64().nonempty(),
-    signKey: z.string().base64().nonempty(),
-    verifyKey: z.string().base64().nonempty(),
+    encryptKey: z.base64().nonempty(),
+    decryptKey: z.base64().nonempty(),
+    signKey: z.base64().nonempty(),
+    verifyKey: z.base64().nonempty(),
   }),
 );
 

src/lib/modules/thumbnail.ts

@@ -67,10 +67,15 @@ const generateVideoThumbnail = (videoUrl: string, time = 0) => {
   return new Promise<Blob>((resolve, reject) => {
     const video = document.createElement("video");
     video.onloadedmetadata = () => {
-      video.currentTime = Math.min(time, video.duration);
-      video.requestVideoFrameCallback(() => {
+      if (video.videoWidth === 0 || video.videoHeight === 0) {
+        return reject();
+      }
+
+      const callbackId = video.requestVideoFrameCallback(() => {
         captureVideoThumbnail(video).then(resolve).catch(reject);
+        video.cancelVideoFrameCallback(callbackId);
       });
+      video.currentTime = Math.min(time, video.duration);
     };
     video.onerror = reject;
 

src/lib/server/db/client.ts

@@ -98,22 +98,6 @@ export const createUserClient = async (userId: number, clientId: number) => {
   }
 };
 
-export const getAllUserClients = async (userId: number) => {
-  const userClients = await db
-    .selectFrom("user_client")
-    .selectAll()
-    .where("user_id", "=", userId)
-    .execute();
-  return userClients.map(
-    ({ user_id, client_id, state }) =>
-      ({
-        userId: user_id,
-        clientId: client_id,
-        state,
-      }) satisfies UserClient,
-  );
-};
-
 export const getUserClient = async (userId: number, clientId: number) => {
   const userClient = await db
     .selectFrom("user_client")

src/lib/server/db/index.ts

@@ -0,0 +1,10 @@
+export * as CategoryRepo from "./category";
+export * as ClientRepo from "./client";
+export * as FileRepo from "./file";
+export * as HskRepo from "./hsk";
+export * as MediaRepo from "./media";
+export * as MekRepo from "./mek";
+export * as SessionRepo from "./session";
+export * as UserRepo from "./user";
+
+export * from "./error";

src/lib/server/db/mek.ts

@@ -60,19 +60,6 @@ export const registerInitialMek = async (
   });
 };
 
-export const getInitialMek = async (userId: number) => {
-  const mek = await db
-    .selectFrom("master_encryption_key")
-    .selectAll()
-    .where("user_id", "=", userId)
-    .where("version", "=", 1)
-    .limit(1)
-    .executeTakeFirst();
-  return mek
-    ? ({ userId: mek.user_id, version: mek.version, state: mek.state } satisfies Mek)
-    : null;
-};
-
 export const getAllValidClientMeks = async (userId: number, clientId: number) => {
   const clientMeks = await db
     .selectFrom("client_master_encryption_key")

src/lib/server/db/user.ts

@@ -27,10 +27,6 @@ export const getUserByEmail = async (email: string) => {
   return user ? (user satisfies User) : null;
 };
 
-export const setUserNickname = async (userId: number, nickname: string) => {
-  await db.updateTable("user").set({ nickname }).where("id", "=", userId).execute();
-};
-
 export const setUserPassword = async (userId: number, password: string) => {
   await db.updateTable("user").set({ password }).where("id", "=", userId).execute();
 };

src/lib/server/middlewares/authenticate.ts

@@ -1,13 +1,7 @@
 import { error, redirect, type Handle } from "@sveltejs/kit";
-import env from "$lib/server/loadenv";
-import { authenticate, AuthenticationError } from "$lib/server/modules/auth";
+import { cookieOptions, authenticate, AuthenticationError } from "$lib/server/modules/auth";
 
 export const authenticateMiddleware: Handle = async ({ event, resolve }) => {
-  const { pathname, search } = event.url;
-  if (pathname === "/api/auth/login") {
-    return await resolve(event);
-  }
-
   try {
     const sessionIdSigned = event.cookies.get("sessionId");
     if (!sessionIdSigned) {
@@ -16,15 +10,11 @@ export const authenticateMiddleware: Handle = async ({ event, resolve }) => {
 
     const { ip, userAgent } = event.locals;
     event.locals.session = await authenticate(sessionIdSigned, ip, userAgent);
-    event.cookies.set("sessionId", sessionIdSigned, {
-      path: "/",
-      maxAge: env.session.exp / 1000,
-      secure: true,
-      sameSite: "strict",
-    });
+    event.cookies.set("sessionId", sessionIdSigned, cookieOptions);
   } catch (e) {
     if (e instanceof AuthenticationError) {
-      if (pathname === "/auth/login") {
+      const { pathname, search } = event.url;
+      if (pathname === "/auth/login" || pathname.startsWith("/api/trpc")) {
         return await resolve(event);
       } else if (pathname.startsWith("/api")) {
         error(e.status, e.message);

src/lib/server/modules/auth.ts

@@ -1,20 +1,25 @@
 import { error } from "@sveltejs/kit";
-import { getUserClient } from "$lib/server/db/client";
-import { IntegrityError } from "$lib/server/db/error";
-import { createSession, refreshSession } from "$lib/server/db/session";
+import { ClientRepo, SessionRepo, IntegrityError } from "$lib/server/db";
 import env from "$lib/server/loadenv";
-import { issueSessionId, verifySessionId } from "$lib/server/modules/crypto";
+import { verifySessionId } from "$lib/server/modules/crypto";
 
-interface Session {
+export interface Session {
   sessionId: string;
   userId: number;
   clientId?: number;
 }
 
-interface ClientSession extends Session {
+export interface ClientSession extends Session {
   clientId: number;
 }
 
+export type SessionPermission =
+  | "any"
+  | "notClient"
+  | "anyClient"
+  | "pendingClient"
+  | "activeClient";
+
 export class AuthenticationError extends Error {
   constructor(
     public status: 400 | 401,
@@ -25,11 +30,22 @@ export class AuthenticationError extends Error {
   }
 }
 
-export const startSession = async (userId: number, ip: string, userAgent: string) => {
-  const { sessionId, sessionIdSigned } = await issueSessionId(32, env.session.secret);
-  await createSession(userId, sessionId, ip, userAgent);
-  return sessionIdSigned;
-};
+export class AuthorizationError extends Error {
+  constructor(
+    public status: 403 | 500,
+    message: string,
+  ) {
+    super(message);
+    this.name = "AuthorizationError";
+  }
+}
+
+export const cookieOptions = {
+  path: "/",
+  maxAge: env.session.exp / 1000,
+  secure: true,
+  sameSite: "strict",
+} as const;
 
 export const authenticate = async (sessionIdSigned: string, ip: string, userAgent: string) => {
   const sessionId = verifySessionId(sessionIdSigned, env.session.secret);
@@ -38,7 +54,7 @@ export const authenticate = async (sessionIdSigned: string, ip: string, userAgen
   }
 
   try {
-    const { userId, clientId } = await refreshSession(sessionId, ip, userAgent);
+    const { userId, clientId } = await SessionRepo.refreshSession(sessionId, ip, userAgent);
     return {
       id: sessionId,
       userId,
@@ -52,34 +68,12 @@ export const authenticate = async (sessionIdSigned: string, ip: string, userAgen
   }
 };
 
-export async function authorize(locals: App.Locals, requiredPermission: "any"): Promise<Session>;
-
-export async function authorize(
+export const authorizeInternal = async (
   locals: App.Locals,
-  requiredPermission: "notClient",
-): Promise<Session>;
-
-export async function authorize(
-  locals: App.Locals,
-  requiredPermission: "anyClient",
-): Promise<ClientSession>;
-
-export async function authorize(
-  locals: App.Locals,
-  requiredPermission: "pendingClient",
-): Promise<ClientSession>;
-
-export async function authorize(
-  locals: App.Locals,
-  requiredPermission: "activeClient",
-): Promise<ClientSession>;
-
-export async function authorize(
-  locals: App.Locals,
-  requiredPermission: "any" | "notClient" | "anyClient" | "pendingClient" | "activeClient",
-): Promise<Session> {
+  requiredPermission: SessionPermission,
+): Promise<Session> => {
   if (!locals.session) {
-    error(500, "Unauthenticated");
+    throw new AuthorizationError(500, "Unauthenticated");
   }
 
   const { id: sessionId, userId, clientId } = locals.session;
@@ -89,39 +83,63 @@ export async function authorize(
       break;
     case "notClient":
       if (clientId) {
-        error(403, "Forbidden");
+        throw new AuthorizationError(403, "Forbidden");
       }
       break;
     case "anyClient":
       if (!clientId) {
-        error(403, "Forbidden");
+        throw new AuthorizationError(403, "Forbidden");
       }
       break;
     case "pendingClient": {
       if (!clientId) {
-        error(403, "Forbidden");
+        throw new AuthorizationError(403, "Forbidden");
       }
-      const userClient = await getUserClient(userId, clientId);
+      const userClient = await ClientRepo.getUserClient(userId, clientId);
       if (!userClient) {
-        error(500, "Invalid session id");
+        throw new AuthorizationError(500, "Invalid session id");
       } else if (userClient.state !== "pending") {
-        error(403, "Forbidden");
+        throw new AuthorizationError(403, "Forbidden");
       }
       break;
     }
     case "activeClient": {
       if (!clientId) {
-        error(403, "Forbidden");
+        throw new AuthorizationError(403, "Forbidden");
       }
-      const userClient = await getUserClient(userId, clientId);
+      const userClient = await ClientRepo.getUserClient(userId, clientId);
       if (!userClient) {
-        error(500, "Invalid session id");
+        throw new AuthorizationError(500, "Invalid session id");
       } else if (userClient.state !== "active") {
-        error(403, "Forbidden");
+        throw new AuthorizationError(403, "Forbidden");
       }
       break;
     }
   }
 
   return { sessionId, userId, clientId };
+};
+
+export async function authorize(
+  locals: App.Locals,
+  requiredPermission: "any" | "notClient",
+): Promise<Session>;
+
+export async function authorize(
+  locals: App.Locals,
+  requiredPermission: "anyClient" | "pendingClient" | "activeClient",
+): Promise<ClientSession>;
+
+export async function authorize(
+  locals: App.Locals,
+  requiredPermission: SessionPermission,
+): Promise<Session> {
+  try {
+    return await authorizeInternal(locals, requiredPermission);
+  } catch (e) {
+    if (e instanceof AuthorizationError) {
+      error(e.status, e.message);
+    }
+    throw e;
+  }
 }

src/lib/server/modules/filesystem.ts

@@ -0,0 +1,7 @@
+import { unlink } from "fs/promises";
+
+export const safeUnlink = async (path: string | null | undefined) => {
+  if (path) {
+    await unlink(path).catch(console.error);
+  }
+};

src/lib/server/modules/mek.ts

@@ -1,25 +0,0 @@
-import { error } from "@sveltejs/kit";
-import { getUserClientWithDetails } from "$lib/server/db/client";
-import { getInitialMek } from "$lib/server/db/mek";
-import { verifySignature } from "$lib/server/modules/crypto";
-
-export const isInitialMekNeeded = async (userId: number) => {
-  const initialMek = await getInitialMek(userId);
-  return !initialMek;
-};
-
-export const verifyClientEncMekSig = async (
-  userId: number,
-  clientId: number,
-  version: number,
-  encMek: string,
-  encMekSig: string,
-) => {
-  const userClient = await getUserClientWithDetails(userId, clientId);
-  if (!userClient) {
-    error(500, "Invalid session id");
-  }
-
-  const data = JSON.stringify({ version, key: encMek });
-  return verifySignature(Buffer.from(data), encMekSig, userClient.sigPubKey);
-};

src/lib/server/schemas/auth.ts

@@ -1,32 +0,0 @@
-import { z } from "zod";
-
-export const passwordChangeRequest = z.object({
-  oldPassword: z.string().trim().nonempty(),
-  newPassword: z.string().trim().nonempty(),
-});
-export type PasswordChangeRequest = z.input<typeof passwordChangeRequest>;
-
-export const loginRequest = z.object({
-  email: z.string().email(),
-  password: z.string().trim().nonempty(),
-});
-export type LoginRequest = z.input<typeof loginRequest>;
-
-export const sessionUpgradeRequest = z.object({
-  encPubKey: z.string().base64().nonempty(),
-  sigPubKey: z.string().base64().nonempty(),
-});
-export type SessionUpgradeRequest = z.input<typeof sessionUpgradeRequest>;
-
-export const sessionUpgradeResponse = z.object({
-  id: z.number().int().positive(),
-  challenge: z.string().base64().nonempty(),
-});
-export type SessionUpgradeResponse = z.output<typeof sessionUpgradeResponse>;
-
-export const sessionUpgradeVerifyRequest = z.object({
-  id: z.number().int().positive(),
-  answerSig: z.string().base64().nonempty(),
-  force: z.boolean().default(false),
-});
-export type SessionUpgradeVerifyRequest = z.input<typeof sessionUpgradeVerifyRequest>;

src/lib/server/schemas/category.ts

@@ -1,55 +1,3 @@
 import { z } from "zod";
 
-export const categoryIdSchema = z.union([z.literal("root"), z.number().int().positive()]);
-
-export const categoryInfoResponse = z.object({
-  metadata: z
-    .object({
-      parent: categoryIdSchema,
-      mekVersion: z.number().int().positive(),
-      dek: z.string().base64().nonempty(),
-      dekVersion: z.string().datetime(),
-      name: z.string().base64().nonempty(),
-      nameIv: z.string().base64().nonempty(),
-    })
-    .optional(),
-  subCategories: z.number().int().positive().array(),
-});
-export type CategoryInfoResponse = z.output<typeof categoryInfoResponse>;
-
-export const categoryFileAddRequest = z.object({
-  file: z.number().int().positive(),
-});
-export type CategoryFileAddRequest = z.input<typeof categoryFileAddRequest>;
-
-export const categoryFileListResponse = z.object({
-  files: z.array(
-    z.object({
-      file: z.number().int().positive(),
-      isRecursive: z.boolean(),
-    }),
-  ),
-});
-export type CategoryFileListResponse = z.output<typeof categoryFileListResponse>;
-
-export const categoryFileRemoveRequest = z.object({
-  file: z.number().int().positive(),
-});
-export type CategoryFileRemoveRequest = z.input<typeof categoryFileRemoveRequest>;
-
-export const categoryRenameRequest = z.object({
-  dekVersion: z.string().datetime(),
-  name: z.string().base64().nonempty(),
-  nameIv: z.string().base64().nonempty(),
-});
-export type CategoryRenameRequest = z.input<typeof categoryRenameRequest>;
-
-export const categoryCreateRequest = z.object({
-  parent: categoryIdSchema,
-  mekVersion: z.number().int().positive(),
-  dek: z.string().base64().nonempty(),
-  dekVersion: z.string().datetime(),
-  name: z.string().base64().nonempty(),
-  nameIv: z.string().base64().nonempty(),
-});
-export type CategoryCreateRequest = z.input<typeof categoryCreateRequest>;
+export const categoryIdSchema = z.union([z.literal("root"), z.int().positive()]);

src/lib/server/schemas/client.ts

@@ -1,36 +0,0 @@
-import { z } from "zod";
-
-export const clientListResponse = z.object({
-  clients: z.array(
-    z.object({
-      id: z.number().int().positive(),
-      state: z.enum(["pending", "active"]),
-    }),
-  ),
-});
-export type ClientListResponse = z.output<typeof clientListResponse>;
-
-export const clientRegisterRequest = z.object({
-  encPubKey: z.string().base64().nonempty(),
-  sigPubKey: z.string().base64().nonempty(),
-});
-export type ClientRegisterRequest = z.input<typeof clientRegisterRequest>;
-
-export const clientRegisterResponse = z.object({
-  id: z.number().int().positive(),
-  challenge: z.string().base64().nonempty(),
-});
-export type ClientRegisterResponse = z.output<typeof clientRegisterResponse>;
-
-export const clientRegisterVerifyRequest = z.object({
-  id: z.number().int().positive(),
-  answerSig: z.string().base64().nonempty(),
-});
-export type ClientRegisterVerifyRequest = z.input<typeof clientRegisterVerifyRequest>;
-
-export const clientStatusResponse = z.object({
-  id: z.number().int().positive(),
-  state: z.enum(["pending", "active"]),
-  isInitialMekNeeded: z.boolean(),
-});
-export type ClientStatusResponse = z.output<typeof clientStatusResponse>;

src/lib/server/schemas/directory.ts

@@ -1,41 +1,3 @@
 import { z } from "zod";
 
-export const directoryIdSchema = z.union([z.literal("root"), z.number().int().positive()]);
-
-export const directoryInfoResponse = z.object({
-  metadata: z
-    .object({
-      parent: directoryIdSchema,
-      mekVersion: z.number().int().positive(),
-      dek: z.string().base64().nonempty(),
-      dekVersion: z.string().datetime(),
-      name: z.string().base64().nonempty(),
-      nameIv: z.string().base64().nonempty(),
-    })
-    .optional(),
-  subDirectories: z.number().int().positive().array(),
-  files: z.number().int().positive().array(),
-});
-export type DirectoryInfoResponse = z.output<typeof directoryInfoResponse>;
-
-export const directoryDeleteResponse = z.object({
-  deletedFiles: z.number().int().positive().array(),
-});
-export type DirectoryDeleteResponse = z.output<typeof directoryDeleteResponse>;
-
-export const directoryRenameRequest = z.object({
-  dekVersion: z.string().datetime(),
-  name: z.string().base64().nonempty(),
-  nameIv: z.string().base64().nonempty(),
-});
-export type DirectoryRenameRequest = z.input<typeof directoryRenameRequest>;
-
-export const directoryCreateRequest = z.object({
-  parent: directoryIdSchema,
-  mekVersion: z.number().int().positive(),
-  dek: z.string().base64().nonempty(),
-  dekVersion: z.string().datetime(),
-  name: z.string().base64().nonempty(),
-  nameIv: z.string().base64().nonempty(),
-});
-export type DirectoryCreateRequest = z.input<typeof directoryCreateRequest>;
+export const directoryIdSchema = z.union([z.literal("root"), z.int().positive()]);

src/lib/server/schemas/file.ts

@@ -2,90 +2,35 @@ import mime from "mime";
 import { z } from "zod";
 import { directoryIdSchema } from "./directory";
 
-export const fileInfoResponse = z.object({
-  parent: directoryIdSchema,
-  mekVersion: z.number().int().positive(),
-  dek: z.string().base64().nonempty(),
-  dekVersion: z.string().datetime(),
-  contentType: z
-    .string()
-    .trim()
-    .nonempty()
-    .refine((value) => mime.getExtension(value) !== null), // MIME type
-  contentIv: z.string().base64().nonempty(),
-  name: z.string().base64().nonempty(),
-  nameIv: z.string().base64().nonempty(),
-  createdAt: z.string().base64().nonempty().optional(),
-  createdAtIv: z.string().base64().nonempty().optional(),
-  lastModifiedAt: z.string().base64().nonempty(),
-  lastModifiedAtIv: z.string().base64().nonempty(),
-  categories: z.number().int().positive().array(),
-});
-export type FileInfoResponse = z.output<typeof fileInfoResponse>;
-
-export const fileRenameRequest = z.object({
-  dekVersion: z.string().datetime(),
-  name: z.string().base64().nonempty(),
-  nameIv: z.string().base64().nonempty(),
-});
-export type FileRenameRequest = z.input<typeof fileRenameRequest>;
-
-export const fileThumbnailInfoResponse = z.object({
-  updatedAt: z.string().datetime(),
-  contentIv: z.string().base64().nonempty(),
-});
-export type FileThumbnailInfoResponse = z.output<typeof fileThumbnailInfoResponse>;
-
 export const fileThumbnailUploadRequest = z.object({
-  dekVersion: z.string().datetime(),
-  contentIv: z.string().base64().nonempty(),
+  dekVersion: z.iso.datetime(),
+  contentIv: z.base64().nonempty(),
 });
 export type FileThumbnailUploadRequest = z.input<typeof fileThumbnailUploadRequest>;
 
-export const fileListResponse = z.object({
-  files: z.number().int().positive().array(),
-});
-export type FileListResponse = z.output<typeof fileListResponse>;
-
-export const duplicateFileScanRequest = z.object({
-  hskVersion: z.number().int().positive(),
-  contentHmac: z.string().base64().nonempty(),
-});
-export type DuplicateFileScanRequest = z.input<typeof duplicateFileScanRequest>;
-
-export const duplicateFileScanResponse = z.object({
-  files: z.number().int().positive().array(),
-});
-export type DuplicateFileScanResponse = z.output<typeof duplicateFileScanResponse>;
-
-export const missingThumbnailFileScanResponse = z.object({
-  files: z.number().int().positive().array(),
-});
-export type MissingThumbnailFileScanResponse = z.output<typeof missingThumbnailFileScanResponse>;
-
 export const fileUploadRequest = z.object({
   parent: directoryIdSchema,
-  mekVersion: z.number().int().positive(),
-  dek: z.string().base64().nonempty(),
-  dekVersion: z.string().datetime(),
-  hskVersion: z.number().int().positive(),
-  contentHmac: z.string().base64().nonempty(),
+  mekVersion: z.int().positive(),
+  dek: z.base64().nonempty(),
+  dekVersion: z.iso.datetime(),
+  hskVersion: z.int().positive(),
+  contentHmac: z.base64().nonempty(),
   contentType: z
     .string()
     .trim()
     .nonempty()
     .refine((value) => mime.getExtension(value) !== null), // MIME type
-  contentIv: z.string().base64().nonempty(),
-  name: z.string().base64().nonempty(),
-  nameIv: z.string().base64().nonempty(),
-  createdAt: z.string().base64().nonempty().optional(),
-  createdAtIv: z.string().base64().nonempty().optional(),
-  lastModifiedAt: z.string().base64().nonempty(),
-  lastModifiedAtIv: z.string().base64().nonempty(),
+  contentIv: z.base64().nonempty(),
+  name: z.base64().nonempty(),
+  nameIv: z.base64().nonempty(),
+  createdAt: z.base64().nonempty().optional(),
+  createdAtIv: z.base64().nonempty().optional(),
+  lastModifiedAt: z.base64().nonempty(),
+  lastModifiedAtIv: z.base64().nonempty(),
 });
 export type FileUploadRequest = z.input<typeof fileUploadRequest>;
 
 export const fileUploadResponse = z.object({
-  file: z.number().int().positive(),
+  file: z.int().positive(),
 });
 export type FileUploadResponse = z.output<typeof fileUploadResponse>;

src/lib/server/schemas/hsk.ts

@@ -1,19 +0,0 @@
-import { z } from "zod";
-
-export const hmacSecretListResponse = z.object({
-  hsks: z.array(
-    z.object({
-      version: z.number().int().positive(),
-      state: z.enum(["active"]),
-      mekVersion: z.number().int().positive(),
-      hsk: z.string().base64().nonempty(),
-    }),
-  ),
-});
-export type HmacSecretListResponse = z.output<typeof hmacSecretListResponse>;
-
-export const initialHmacSecretRegisterRequest = z.object({
-  mekVersion: z.number().int().positive(),
-  hsk: z.string().base64().nonempty(),
-});
-export type InitialHmacSecretRegisterRequest = z.input<typeof initialHmacSecretRegisterRequest>;

src/lib/server/schemas/index.ts

@@ -1,8 +1,3 @@
-export * from "./auth";
 export * from "./category";
-export * from "./client";
 export * from "./directory";
 export * from "./file";
-export * from "./hsk";
-export * from "./mek";
-export * from "./user";

src/lib/server/schemas/mek.ts

@@ -1,19 +0,0 @@
-import { z } from "zod";
-
-export const masterKeyListResponse = z.object({
-  meks: z.array(
-    z.object({
-      version: z.number().int().positive(),
-      state: z.enum(["active", "retired"]),
-      mek: z.string().base64().nonempty(),
-      mekSig: z.string().base64().nonempty(),
-    }),
-  ),
-});
-export type MasterKeyListResponse = z.output<typeof masterKeyListResponse>;
-
-export const initialMasterKeyRegisterRequest = z.object({
-  mek: z.string().base64().nonempty(),
-  mekSig: z.string().base64().nonempty(),
-});
-export type InitialMasterKeyRegisterRequest = z.input<typeof initialMasterKeyRegisterRequest>;

src/lib/server/schemas/user.ts

@@ -1,12 +0,0 @@
-import { z } from "zod";
-
-export const userInfoResponse = z.object({
-  email: z.string().email(),
-  nickname: z.string().nonempty(),
-});
-export type UserInfoResponse = z.output<typeof userInfoResponse>;
-
-export const nicknameChangeRequest = z.object({
-  newNickname: z.string().trim().min(2).max(8),
-});
-export type NicknameChangeRequest = z.input<typeof nicknameChangeRequest>;

src/lib/server/services/auth.ts

@@ -1,122 +0,0 @@
-import { error } from "@sveltejs/kit";
-import argon2 from "argon2";
-import { getClient, getClientByPubKeys, getUserClient } from "$lib/server/db/client";
-import { IntegrityError } from "$lib/server/db/error";
-import {
-  upgradeSession,
-  deleteSession,
-  deleteAllOtherSessions,
-  registerSessionUpgradeChallenge,
-  consumeSessionUpgradeChallenge,
-} from "$lib/server/db/session";
-import { getUser, getUserByEmail, setUserPassword } from "$lib/server/db/user";
-import env from "$lib/server/loadenv";
-import { startSession } from "$lib/server/modules/auth";
-import { verifySignature, generateChallenge } from "$lib/server/modules/crypto";
-
-const hashPassword = async (password: string) => {
-  return await argon2.hash(password);
-};
-
-const verifyPassword = async (hash: string, password: string) => {
-  return await argon2.verify(hash, password);
-};
-
-export const changePassword = async (
-  userId: number,
-  sessionId: string,
-  oldPassword: string,
-  newPassword: string,
-) => {
-  if (oldPassword === newPassword) {
-    error(400, "Same passwords");
-  } else if (newPassword.length < 8) {
-    error(400, "Too short password");
-  }
-
-  const user = await getUser(userId);
-  if (!user) {
-    error(500, "Invalid session id");
-  } else if (!(await verifyPassword(user.password, oldPassword))) {
-    error(403, "Invalid password");
-  }
-
-  await setUserPassword(userId, await hashPassword(newPassword));
-  await deleteAllOtherSessions(userId, sessionId);
-};
-
-export const login = async (email: string, password: string, ip: string, userAgent: string) => {
-  const user = await getUserByEmail(email);
-  if (!user || !(await verifyPassword(user.password, password))) {
-    error(401, "Invalid email or password");
-  }
-
-  return { sessionIdSigned: await startSession(user.id, ip, userAgent) };
-};
-
-export const logout = async (sessionId: string) => {
-  await deleteSession(sessionId);
-};
-
-export const createSessionUpgradeChallenge = async (
-  sessionId: string,
-  userId: number,
-  ip: string,
-  encPubKey: string,
-  sigPubKey: string,
-) => {
-  const client = await getClientByPubKeys(encPubKey, sigPubKey);
-  const userClient = client ? await getUserClient(userId, client.id) : undefined;
-  if (!client) {
-    error(401, "Invalid public key(s)");
-  } else if (!userClient || userClient.state === "challenging") {
-    error(403, "Unregistered client");
-  }
-
-  const { answer, challenge } = await generateChallenge(32, encPubKey);
-  const { id } = await registerSessionUpgradeChallenge(
-    sessionId,
-    client.id,
-    answer.toString("base64"),
-    ip,
-    new Date(Date.now() + env.challenge.sessionUpgradeExp),
-  );
-
-  return { id, challenge: challenge.toString("base64") };
-};
-
-export const verifySessionUpgradeChallenge = async (
-  sessionId: string,
-  userId: number,
-  ip: string,
-  challengeId: number,
-  answerSig: string,
-  force: boolean,
-) => {
-  const challenge = await consumeSessionUpgradeChallenge(challengeId, sessionId, ip);
-  if (!challenge) {
-    error(403, "Invalid challenge answer");
-  }
-
-  const client = await getClient(challenge.clientId);
-  if (!client) {
-    error(500, "Invalid challenge answer");
-  } else if (
-    !verifySignature(Buffer.from(challenge.answer, "base64"), answerSig, client.sigPubKey)
-  ) {
-    error(403, "Invalid challenge answer signature");
-  }
-
-  try {
-    await upgradeSession(userId, sessionId, client.id, force);
-  } catch (e) {
-    if (e instanceof IntegrityError) {
-      if (e.message === "Session not found") {
-        error(500, "Invalid challenge answer");
-      } else if (!force && e.message === "Session already exists") {
-        error(409, "Already logged in");
-      }
-    }
-    throw e;
-  }
-};

src/lib/server/services/category.ts

@@ -1,133 +0,0 @@
-import { error } from "@sveltejs/kit";
-import {
-  registerCategory,
-  getAllCategoriesByParent,
-  getCategory,
-  setCategoryEncName,
-  unregisterCategory,
-  type CategoryId,
-  type NewCategory,
-} from "$lib/server/db/category";
-import { IntegrityError } from "$lib/server/db/error";
-import {
-  getAllFilesByCategory,
-  getFile,
-  addFileToCategory,
-  removeFileFromCategory,
-} from "$lib/server/db/file";
-import type { Ciphertext } from "$lib/server/db/schema";
-
-export const getCategoryInformation = async (userId: number, categoryId: CategoryId) => {
-  const category = categoryId !== "root" ? await getCategory(userId, categoryId) : undefined;
-  if (category === null) {
-    error(404, "Invalid category id");
-  }
-
-  const categories = await getAllCategoriesByParent(userId, categoryId);
-  return {
-    metadata: category && {
-      parentId: category.parentId ?? ("root" as const),
-      mekVersion: category.mekVersion,
-      encDek: category.encDek,
-      dekVersion: category.dekVersion,
-      encName: category.encName,
-    },
-    categories: categories.map(({ id }) => id),
-  };
-};
-
-export const deleteCategory = async (userId: number, categoryId: number) => {
-  try {
-    await unregisterCategory(userId, categoryId);
-  } catch (e) {
-    if (e instanceof IntegrityError && e.message === "Category not found") {
-      error(404, "Invalid category id");
-    }
-    throw e;
-  }
-};
-
-export const addCategoryFile = async (userId: number, categoryId: number, fileId: number) => {
-  const category = await getCategory(userId, categoryId);
-  const file = await getFile(userId, fileId);
-  if (!category) {
-    error(404, "Invalid category id");
-  } else if (!file) {
-    error(404, "Invalid file id");
-  }
-
-  try {
-    await addFileToCategory(fileId, categoryId);
-  } catch (e) {
-    if (e instanceof IntegrityError && e.message === "File already added to category") {
-      error(400, "File already added");
-    }
-    throw e;
-  }
-};
-
-export const getCategoryFiles = async (userId: number, categoryId: number, recurse: boolean) => {
-  const category = await getCategory(userId, categoryId);
-  if (!category) {
-    error(404, "Invalid category id");
-  }
-
-  const files = await getAllFilesByCategory(userId, categoryId, recurse);
-  return { files };
-};
-
-export const removeCategoryFile = async (userId: number, categoryId: number, fileId: number) => {
-  const category = await getCategory(userId, categoryId);
-  const file = await getFile(userId, fileId);
-  if (!category) {
-    error(404, "Invalid category id");
-  } else if (!file) {
-    error(404, "Invalid file id");
-  }
-
-  try {
-    await removeFileFromCategory(fileId, categoryId);
-  } catch (e) {
-    if (e instanceof IntegrityError && e.message === "File not found in category") {
-      error(400, "File not added");
-    }
-    throw e;
-  }
-};
-
-export const renameCategory = async (
-  userId: number,
-  categoryId: number,
-  dekVersion: Date,
-  newEncName: Ciphertext,
-) => {
-  try {
-    await setCategoryEncName(userId, categoryId, dekVersion, newEncName);
-  } catch (e) {
-    if (e instanceof IntegrityError) {
-      if (e.message === "Category not found") {
-        error(404, "Invalid category id");
-      } else if (e.message === "Invalid DEK version") {
-        error(400, "Invalid DEK version");
-      }
-    }
-    throw e;
-  }
-};
-
-export const createCategory = async (params: NewCategory) => {
-  const oneMinuteAgo = new Date(Date.now() - 60 * 1000);
-  const oneMinuteLater = new Date(Date.now() + 60 * 1000);
-  if (params.dekVersion <= oneMinuteAgo || params.dekVersion >= oneMinuteLater) {
-    error(400, "Invalid DEK version");
-  }
-
-  try {
-    await registerCategory(params);
-  } catch (e) {
-    if (e instanceof IntegrityError && e.message === "Inactive MEK version") {
-      error(400, "Inactive MEK version");
-    }
-    throw e;
-  }
-};

src/lib/server/services/client.ts

@@ -1,116 +0,0 @@
-import { error } from "@sveltejs/kit";
-import {
-  createClient,
-  getClient,
-  getClientByPubKeys,
-  createUserClient,
-  getAllUserClients,
-  getUserClient,
-  setUserClientStateToPending,
-  registerUserClientChallenge,
-  consumeUserClientChallenge,
-} from "$lib/server/db/client";
-import { IntegrityError } from "$lib/server/db/error";
-import { verifyPubKey, verifySignature, generateChallenge } from "$lib/server/modules/crypto";
-import { isInitialMekNeeded } from "$lib/server/modules/mek";
-import env from "$lib/server/loadenv";
-
-export const getUserClientList = async (userId: number) => {
-  const userClients = await getAllUserClients(userId);
-  return {
-    userClients: userClients.map(({ clientId, state }) => ({
-      id: clientId,
-      state: state as "pending" | "active",
-    })),
-  };
-};
-
-const expiresAt = () => new Date(Date.now() + env.challenge.userClientExp);
-
-const createUserClientChallenge = async (
-  ip: string,
-  userId: number,
-  clientId: number,
-  encPubKey: string,
-) => {
-  const { answer, challenge } = await generateChallenge(32, encPubKey);
-  const { id } = await registerUserClientChallenge(
-    userId,
-    clientId,
-    answer.toString("base64"),
-    ip,
-    expiresAt(),
-  );
-  return { id, challenge: challenge.toString("base64") };
-};
-
-export const registerUserClient = async (
-  userId: number,
-  ip: string,
-  encPubKey: string,
-  sigPubKey: string,
-) => {
-  const client = await getClientByPubKeys(encPubKey, sigPubKey);
-  if (client) {
-    try {
-      await createUserClient(userId, client.id);
-      return await createUserClientChallenge(ip, userId, client.id, encPubKey);
-    } catch (e) {
-      if (e instanceof IntegrityError && e.message === "User client already exists") {
-        error(409, "Client already registered");
-      }
-      throw e;
-    }
-  } else {
-    if (encPubKey === sigPubKey) {
-      error(400, "Same public keys");
-    } else if (!verifyPubKey(encPubKey) || !verifyPubKey(sigPubKey)) {
-      error(400, "Invalid public key(s)");
-    }
-
-    try {
-      const { id: clientId } = await createClient(encPubKey, sigPubKey, userId);
-      return await createUserClientChallenge(ip, userId, clientId, encPubKey);
-    } catch (e) {
-      if (e instanceof IntegrityError && e.message === "Public key(s) already registered") {
-        error(409, "Public key(s) already used");
-      }
-      throw e;
-    }
-  }
-};
-
-export const verifyUserClient = async (
-  userId: number,
-  ip: string,
-  challengeId: number,
-  answerSig: string,
-) => {
-  const challenge = await consumeUserClientChallenge(challengeId, userId, ip);
-  if (!challenge) {
-    error(403, "Invalid challenge answer");
-  }
-
-  const client = await getClient(challenge.clientId);
-  if (!client) {
-    error(500, "Invalid challenge answer");
-  } else if (
-    !verifySignature(Buffer.from(challenge.answer, "base64"), answerSig, client.sigPubKey)
-  ) {
-    error(403, "Invalid challenge answer signature");
-  }
-
-  await setUserClientStateToPending(userId, client.id);
-};
-
-export const getUserClientStatus = async (userId: number, clientId: number) => {
-  const userClient = await getUserClient(userId, clientId);
-  if (!userClient) {
-    error(500, "Invalid session id");
-  }
-
-  return {
-    state: userClient.state as "pending" | "active",
-    isInitialMekNeeded: await isInitialMekNeeded(userId),
-  };
-};

src/lib/server/services/directory.ts

@@ -1,96 +0,0 @@
-import { error } from "@sveltejs/kit";
-import { unlink } from "fs/promises";
-import { IntegrityError } from "$lib/server/db/error";
-import {
-  registerDirectory,
-  getAllDirectoriesByParent,
-  getDirectory,
-  setDirectoryEncName,
-  unregisterDirectory,
-  getAllFilesByParent,
-  type DirectoryId,
-  type NewDirectory,
-} from "$lib/server/db/file";
-import type { Ciphertext } from "$lib/server/db/schema";
-
-export const getDirectoryInformation = async (userId: number, directoryId: DirectoryId) => {
-  const directory = directoryId !== "root" ? await getDirectory(userId, directoryId) : undefined;
-  if (directory === null) {
-    error(404, "Invalid directory id");
-  }
-
-  const directories = await getAllDirectoriesByParent(userId, directoryId);
-  const files = await getAllFilesByParent(userId, directoryId);
-  return {
-    metadata: directory && {
-      parentId: directory.parentId ?? ("root" as const),
-      mekVersion: directory.mekVersion,
-      encDek: directory.encDek,
-      dekVersion: directory.dekVersion,
-      encName: directory.encName,
-    },
-    directories: directories.map(({ id }) => id),
-    files: files.map(({ id }) => id),
-  };
-};
-
-const safeUnlink = async (path: string | null) => {
-  if (path) {
-    await unlink(path).catch(console.error);
-  }
-};
-
-export const deleteDirectory = async (userId: number, directoryId: number) => {
-  try {
-    const files = await unregisterDirectory(userId, directoryId);
-    return {
-      files: files.map(({ id, path, thumbnailPath }) => {
-        safeUnlink(path); // Intended
-        safeUnlink(thumbnailPath); // Intended
-        return id;
-      }),
-    };
-  } catch (e) {
-    if (e instanceof IntegrityError && e.message === "Directory not found") {
-      error(404, "Invalid directory id");
-    }
-    throw e;
-  }
-};
-
-export const renameDirectory = async (
-  userId: number,
-  directoryId: number,
-  dekVersion: Date,
-  newEncName: Ciphertext,
-) => {
-  try {
-    await setDirectoryEncName(userId, directoryId, dekVersion, newEncName);
-  } catch (e) {
-    if (e instanceof IntegrityError) {
-      if (e.message === "Directory not found") {
-        error(404, "Invalid directory id");
-      } else if (e.message === "Invalid DEK version") {
-        error(400, "Invalid DEK version");
-      }
-    }
-    throw e;
-  }
-};
-
-export const createDirectory = async (params: NewDirectory) => {
-  const oneMinuteAgo = new Date(Date.now() - 60 * 1000);
-  const oneMinuteLater = new Date(Date.now() + 60 * 1000);
-  if (params.dekVersion <= oneMinuteAgo || params.dekVersion >= oneMinuteLater) {
-    error(400, "Invalid DEK version");
-  }
-
-  try {
-    await registerDirectory(params);
-  } catch (e) {
-    if (e instanceof IntegrityError && e.message === "Inactive MEK version") {
-      error(400, "Invalid MEK version");
-    }
-    throw e;
-  }
-};

src/lib/server/services/file.ts

@@ -1,72 +1,17 @@
 import { error } from "@sveltejs/kit";
 import { createHash } from "crypto";
 import { createReadStream, createWriteStream } from "fs";
-import { mkdir, stat, unlink } from "fs/promises";
+import { mkdir, stat } from "fs/promises";
 import { dirname } from "path";
 import { Readable } from "stream";
 import { pipeline } from "stream/promises";
 import { v4 as uuidv4 } from "uuid";
-import { IntegrityError } from "$lib/server/db/error";
-import {
-  registerFile,
-  getAllFileIds,
-  getAllFileIdsByContentHmac,
-  getFile,
-  setFileEncName,
-  unregisterFile,
-  getAllFileCategories,
-  type NewFile,
-} from "$lib/server/db/file";
-import {
-  updateFileThumbnail,
-  getFileThumbnail,
-  getMissingFileThumbnails,
-} from "$lib/server/db/media";
-import type { Ciphertext } from "$lib/server/db/schema";
+import { FileRepo, MediaRepo, IntegrityError } from "$lib/server/db";
 import env from "$lib/server/loadenv";
-
-export const getFileInformation = async (userId: number, fileId: number) => {
-  const file = await getFile(userId, fileId);
-  if (!file) {
-    error(404, "Invalid file id");
-  }
-
-  const categories = await getAllFileCategories(fileId);
-  return {
-    parentId: file.parentId ?? ("root" as const),
-    mekVersion: file.mekVersion,
-    encDek: file.encDek,
-    dekVersion: file.dekVersion,
-    contentType: file.contentType,
-    encContentIv: file.encContentIv,
-    encName: file.encName,
-    encCreatedAt: file.encCreatedAt,
-    encLastModifiedAt: file.encLastModifiedAt,
-    categories: categories.map(({ id }) => id),
-  };
-};
-
-const safeUnlink = async (path: string | null) => {
-  if (path) {
-    await unlink(path).catch(console.error);
-  }
-};
-
-export const deleteFile = async (userId: number, fileId: number) => {
-  try {
-    const { path, thumbnailPath } = await unregisterFile(userId, fileId);
-    safeUnlink(path); // Intended
-    safeUnlink(thumbnailPath); // Intended
-  } catch (e) {
-    if (e instanceof IntegrityError && e.message === "File not found") {
-      error(404, "Invalid file id");
-    }
-    throw e;
-  }
-};
+import { safeUnlink } from "$lib/server/modules/filesystem";
 
 export const getFileStream = async (userId: number, fileId: number) => {
-  const file = await getFile(userId, fileId);
+  const file = await FileRepo.getFile(userId, fileId);
   if (!file) {
     error(404, "Invalid file id");
   }
@@ -78,37 +23,8 @@ export const getFileStream = async (userId: number, fileId: number) => {
   };
 };
 
-export const renameFile = async (
-  userId: number,
-  fileId: number,
-  dekVersion: Date,
-  newEncName: Ciphertext,
-) => {
-  try {
-    await setFileEncName(userId, fileId, dekVersion, newEncName);
-  } catch (e) {
-    if (e instanceof IntegrityError) {
-      if (e.message === "File not found") {
-        error(404, "Invalid file id");
-      } else if (e.message === "Invalid DEK version") {
-        error(400, "Invalid DEK version");
-      }
-    }
-    throw e;
-  }
-};
-
-export const getFileThumbnailInformation = async (userId: number, fileId: number) => {
-  const thumbnail = await getFileThumbnail(userId, fileId);
-  if (!thumbnail) {
-    error(404, "File or its thumbnail not found");
-  }
-
-  return { updatedAt: thumbnail.updatedAt, encContentIv: thumbnail.encContentIv };
-};
-
 export const getFileThumbnailStream = async (userId: number, fileId: number) => {
-  const thumbnail = await getFileThumbnail(userId, fileId);
+  const thumbnail = await MediaRepo.getFileThumbnail(userId, fileId);
   if (!thumbnail) {
     error(404, "File or its thumbnail not found");
   }
@@ -133,7 +49,13 @@ export const uploadFileThumbnail = async (
   try {
     await pipeline(encContentStream, createWriteStream(path, { flags: "wx", mode: 0o600 }));
 
-    const oldPath = await updateFileThumbnail(userId, fileId, dekVersion, path, encContentIv);
+    const oldPath = await MediaRepo.updateFileThumbnail(
+      userId,
+      fileId,
+      dekVersion,
+      path,
+      encContentIv,
+    );
     safeUnlink(oldPath); // Intended
   } catch (e) {
     await safeUnlink(path);
@@ -149,27 +71,8 @@ export const uploadFileThumbnail = async (
   }
 };
 
-export const getFileList = async (userId: number) => {
-  const fileIds = await getAllFileIds(userId);
-  return { files: fileIds };
-};
-
-export const scanDuplicateFiles = async (
-  userId: number,
-  hskVersion: number,
-  contentHmac: string,
-) => {
-  const fileIds = await getAllFileIdsByContentHmac(userId, hskVersion, contentHmac);
-  return { files: fileIds };
-};
-
-export const scanMissingFileThumbnails = async (userId: number) => {
-  const fileIds = await getMissingFileThumbnails(userId);
-  return { files: fileIds };
-};
-
 export const uploadFile = async (
-  params: Omit<NewFile, "path" | "encContentHash">,
+  params: Omit<FileRepo.NewFile, "path" | "encContentHash">,
   encContentStream: Readable,
   encContentHash: Promise<string>,
 ) => {
@@ -201,7 +104,7 @@ export const uploadFile = async (
       throw new Error("Invalid checksum");
     }
 
-    const { id: fileId } = await registerFile({
+    const { id: fileId } = await FileRepo.registerFile({
       ...params,
       path,
       encContentHash: hash,

src/lib/server/services/hsk.ts

@@ -1,31 +0,0 @@
-import { error } from "@sveltejs/kit";
-import { IntegrityError } from "$lib/server/db/error";
-import { registerInitialHsk, getAllValidHsks } from "$lib/server/db/hsk";
-
-export const getHskList = async (userId: number) => {
-  const hsks = await getAllValidHsks(userId);
-  return {
-    encHsks: hsks.map(({ version, state, mekVersion, encHsk }) => ({
-      version,
-      state,
-      mekVersion,
-      encHsk,
-    })),
-  };
-};
-
-export const registerInitialActiveHsk = async (
-  userId: number,
-  createdBy: number,
-  mekVersion: number,
-  encHsk: string,
-) => {
-  try {
-    await registerInitialHsk(userId, createdBy, mekVersion, encHsk);
-  } catch (e) {
-    if (e instanceof IntegrityError && e.message === "HSK already registered") {
-      error(409, "Initial HSK already registered");
-    }
-    throw e;
-  }
-};

src/lib/server/services/mek.ts

@@ -1,38 +0,0 @@
-import { error } from "@sveltejs/kit";
-import { setUserClientStateToActive } from "$lib/server/db/client";
-import { IntegrityError } from "$lib/server/db/error";
-import { registerInitialMek, getAllValidClientMeks } from "$lib/server/db/mek";
-import { verifyClientEncMekSig } from "$lib/server/modules/mek";
-
-export const getClientMekList = async (userId: number, clientId: number) => {
-  const clientMeks = await getAllValidClientMeks(userId, clientId);
-  return {
-    encMeks: clientMeks.map(({ version, state, encMek, encMekSig }) => ({
-      version,
-      state,
-      encMek,
-      encMekSig,
-    })),
-  };
-};
-
-export const registerInitialActiveMek = async (
-  userId: number,
-  createdBy: number,
-  encMek: string,
-  encMekSig: string,
-) => {
-  if (!(await verifyClientEncMekSig(userId, createdBy, 1, encMek, encMekSig))) {
-    error(400, "Invalid signature");
-  }
-
-  try {
-    await registerInitialMek(userId, createdBy, encMek, encMekSig);
-    await setUserClientStateToActive(userId, createdBy);
-  } catch (e) {
-    if (e instanceof IntegrityError && e.message === "MEK already registered") {
-      error(409, "Initial MEK already registered");
-    }
-    throw e;
-  }
-};

src/lib/server/services/user.ts

@@ -1,15 +0,0 @@
-import { error } from "@sveltejs/kit";
-import { getUser, setUserNickname } from "$lib/server/db/user";
-
-export const getUserInformation = async (userId: number) => {
-  const user = await getUser(userId);
-  if (!user) {
-    error(500, "Invalid session id");
-  }
-
-  return { email: user.email, nickname: user.nickname };
-};
-
-export const changeNickname = async (userId: number, nickname: string) => {
-  await setUserNickname(userId, nickname);
-};

src/lib/services/auth.ts

@@ -1,10 +1,6 @@
-import { callPostApi } from "$lib/hooks";
+import { TRPCClientError } from "@trpc/client";
 import { encodeToBase64, decryptChallenge, signMessageRSA } from "$lib/modules/crypto";
-import type {
-  SessionUpgradeRequest,
-  SessionUpgradeResponse,
-  SessionUpgradeVerifyRequest,
-} from "$lib/server/schemas";
+import { trpc } from "$trpc/client";
 
 export const requestSessionUpgrade = async (
   encryptKeyBase64: string,
@@ -13,27 +9,43 @@ export const requestSessionUpgrade = async (
   signKey: CryptoKey,
   force = false,
 ) => {
-  let res = await callPostApi<SessionUpgradeRequest>("/api/auth/upgradeSession", {
+  let id, challenge;
+  try {
+    ({ id, challenge } = await trpc().auth.upgrade.mutate({
       encPubKey: encryptKeyBase64,
       sigPubKey: verifyKeyBase64,
-  });
-  if (res.status === 403) return [false, "Unregistered client"] as const;
-  else if (!res.ok) return [false] as const;
-
-  const { id, challenge }: SessionUpgradeResponse = await res.json();
+    }));
+  } catch (e) {
+    if (e instanceof TRPCClientError && e.data?.code === "FORBIDDEN") {
+      return [false, "Unregistered client"] as const;
+    }
+    return [false] as const;
+  }
   const answer = await decryptChallenge(challenge, decryptKey);
   const answerSig = await signMessageRSA(answer, signKey);
 
-  res = await callPostApi<SessionUpgradeVerifyRequest>("/api/auth/upgradeSession/verify", {
+  try {
+    await trpc().auth.verifyUpgrade.mutate({
       id,
       answerSig: encodeToBase64(answerSig),
       force,
     });
-  if (res.status === 409) return [false, "Already logged in"] as const;
-  else return [res.ok] as const;
+  } catch (e) {
+    if (e instanceof TRPCClientError && e.data?.code === "CONFLICT") {
+      return [false, "Already logged in"] as const;
+    }
+    return [false] as const;
+  }
+
+  return [true] as const;
 };
 
 export const requestLogout = async () => {
-  const res = await callPostApi("/api/auth/logout");
-  return res.ok;
+  try {
+    await trpc().auth.logout.mutate();
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };

src/lib/services/category.ts

@@ -1,7 +1,6 @@
-import { callPostApi } from "$lib/hooks";
 import { generateDataKey, wrapDataKey, encryptString } from "$lib/modules/crypto";
-import type { CategoryCreateRequest, CategoryFileRemoveRequest } from "$lib/server/schemas";
 import type { MasterKey } from "$lib/stores";
+import { trpc } from "$trpc/client";
 
 export const requestCategoryCreation = async (
   name: string,
@@ -11,21 +10,28 @@ export const requestCategoryCreation = async (
   const { dataKey, dataKeyVersion } = await generateDataKey();
   const nameEncrypted = await encryptString(name, dataKey);
 
-  const res = await callPostApi<CategoryCreateRequest>("/api/category/create", {
+  try {
+    await trpc().category.create.mutate({
       parent: parentId,
       mekVersion: masterKey.version,
       dek: await wrapDataKey(dataKey, masterKey.key),
-    dekVersion: dataKeyVersion.toISOString(),
+      dekVersion: dataKeyVersion,
       name: nameEncrypted.ciphertext,
       nameIv: nameEncrypted.iv,
     });
-  return res.ok;
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };
 
 export const requestFileRemovalFromCategory = async (fileId: number, categoryId: number) => {
-  const res = await callPostApi<CategoryFileRemoveRequest>(
-    `/api/category/${categoryId}/file/remove`,
-    { file: fileId },
-  );
-  return res.ok;
+  try {
+    await trpc().category.removeFile.mutate({ id: categoryId, file: fileId });
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };

src/lib/services/file.ts

@@ -1,4 +1,3 @@
-import { callGetApi } from "$lib/hooks";
 import { getAllFileInfos } from "$lib/indexedDB/filesystem";
 import { decryptData } from "$lib/modules/crypto";
 import {
@@ -11,11 +10,8 @@ import {
   downloadFile,
 } from "$lib/modules/file";
 import { getThumbnailUrl } from "$lib/modules/thumbnail";
-import type {
-  FileThumbnailInfoResponse,
-  FileThumbnailUploadRequest,
-  FileListResponse,
-} from "$lib/server/schemas";
+import type { FileThumbnailUploadRequest } from "$lib/server/schemas";
+import { trpc } from "$trpc/client";
 
 export const requestFileDownload = async (
   fileId: number,
@@ -48,16 +44,20 @@ export const requestFileThumbnailUpload = async (
   return await fetch(`/api/file/${fileId}/thumbnail/upload`, { method: "POST", body: form });
 };
 
-export const requestFileThumbnailDownload = async (fileId: number, dataKey: CryptoKey) => {
+export const requestFileThumbnailDownload = async (fileId: number, dataKey?: CryptoKey) => {
   const cache = await getFileThumbnailCache(fileId);
-  if (cache) return cache;
+  if (cache || !dataKey) return cache;
 
-  let res = await callGetApi(`/api/file/${fileId}/thumbnail`);
-  if (!res.ok) return null;
+  let thumbnailInfo;
+  try {
+    thumbnailInfo = await trpc().file.thumbnail.query({ id: fileId });
+  } catch {
+    // TODO: Error Handling
+    return null;
+  }
+  const { contentIv: thumbnailEncryptedIv } = thumbnailInfo;
 
-  const { contentIv: thumbnailEncryptedIv }: FileThumbnailInfoResponse = await res.json();
-
-  res = await callGetApi(`/api/file/${fileId}/thumbnail/download`);
+  const res = await fetch(`/api/file/${fileId}/thumbnail/download`);
   if (!res.ok) return null;
 
   const thumbnailEncrypted = await res.arrayBuffer();
@@ -68,10 +68,14 @@ export const requestFileThumbnailDownload = async (fileId: number, dataKey: Cryp
 };
 
 export const requestDeletedFilesCleanup = async () => {
-  const res = await callGetApi("/api/file/list");
-  if (!res.ok) return;
+  let liveFiles;
+  try {
+    liveFiles = await trpc().file.list.query();
+  } catch {
+    // TODO: Error Handling
+    return;
+  }
 
-  const { files: liveFiles }: FileListResponse = await res.json();
   const liveFilesSet = new Set(liveFiles);
   const maybeCachedFiles = await getAllFileInfos();
 

src/lib/services/key.ts

@@ -1,4 +1,4 @@
-import { callGetApi, callPostApi } from "$lib/hooks";
+import { TRPCClientError } from "@trpc/client";
 import { storeMasterKeys } from "$lib/indexedDB";
 import {
   encodeToBase64,
@@ -9,16 +9,9 @@ import {
   signMasterKeyWrapped,
   verifyMasterKeyWrapped,
 } from "$lib/modules/crypto";
-import type {
-  ClientRegisterRequest,
-  ClientRegisterResponse,
-  ClientRegisterVerifyRequest,
-  InitialHmacSecretRegisterRequest,
-  MasterKeyListResponse,
-  InitialMasterKeyRegisterRequest,
-} from "$lib/server/schemas";
 import { requestSessionUpgrade } from "$lib/services/auth";
 import { masterKeyStore, type ClientKeys } from "$lib/stores";
+import { trpc } from "$trpc/client";
 
 export const requestClientRegistration = async (
   encryptKeyBase64: string,
@@ -26,21 +19,22 @@ export const requestClientRegistration = async (
   verifyKeyBase64: string,
   signKey: CryptoKey,
 ) => {
-  let res = await callPostApi<ClientRegisterRequest>("/api/client/register", {
+  try {
+    const { id, challenge } = await trpc().client.register.mutate({
       encPubKey: encryptKeyBase64,
       sigPubKey: verifyKeyBase64,
     });
-  if (!res.ok) return false;
-
-  const { id, challenge }: ClientRegisterResponse = await res.json();
     const answer = await decryptChallenge(challenge, decryptKey);
     const answerSig = await signMessageRSA(answer, signKey);
-
-  res = await callPostApi<ClientRegisterVerifyRequest>("/api/client/register/verify", {
+    await trpc().client.verify.mutate({
       id,
       answerSig: encodeToBase64(answerSig),
     });
-  return res.ok;
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };
 
 export const requestClientRegistrationAndSessionUpgrade = async (
@@ -73,10 +67,14 @@ export const requestClientRegistrationAndSessionUpgrade = async (
 };
 
 export const requestMasterKeyDownload = async (decryptKey: CryptoKey, verifyKey: CryptoKey) => {
-  const res = await callGetApi("/api/mek/list");
-  if (!res.ok) return false;
+  let masterKeysWrapped;
+  try {
+    masterKeysWrapped = await trpc().mek.list.query();
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 
-  const { meks: masterKeysWrapped }: MasterKeyListResponse = await res.json();
   const masterKeys = await Promise.all(
     masterKeysWrapped.map(
       async ({ version, state, mek: masterKeyWrapped, mekSig: masterKeyWrappedSig }) => {
@@ -108,17 +106,30 @@ export const requestInitialMasterKeyAndHmacSecretRegistration = async (
   hmacSecretWrapped: string,
   signKey: CryptoKey,
 ) => {
-  let res = await callPostApi<InitialMasterKeyRegisterRequest>("/api/mek/register/initial", {
+  try {
+    await trpc().mek.registerInitial.mutate({
       mek: masterKeyWrapped,
       mekSig: await signMasterKeyWrapped(masterKeyWrapped, 1, signKey),
     });
-  if (!res.ok) {
-    return res.status === 403 || res.status === 409;
+  } catch (e) {
+    if (
+      e instanceof TRPCClientError &&
+      (e.data?.code === "FORBIDDEN" || e.data?.code === "CONFLICT")
+    ) {
+      return true;
+    }
+    // TODO: Error Handling
+    return false;
   }
 
-  res = await callPostApi<InitialHmacSecretRegisterRequest>("/api/hsk/register/initial", {
+  try {
+    await trpc().hsk.registerInitial.mutate({
       mekVersion: 1,
       hsk: hmacSecretWrapped,
     });
-  return res.ok;
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };

src/lib/utils/format.ts

@@ -7,6 +7,13 @@ export const formatDate = (date: Date) => {
   return `${year}. ${month}. ${day}.`;
 };
 
+export const formatDateSortable = (date: Date) => {
+  const year = date.getFullYear();
+  const month = pad2(date.getMonth() + 1);
+  const day = pad2(date.getDate());
+  return `${year}${month}${day}`;
+};
+
 export const formatDateTime = (date: Date) => {
   const dateFormatted = formatDate(date);
   const hours = date.getHours();
@@ -32,32 +39,3 @@ export const truncateString = (str: string, maxLength = 20) => {
   if (str.length <= maxLength) return str;
   return `${str.slice(0, maxLength)}...`;
 };
-
-export enum SortBy {
-  NAME_ASC,
-  NAME_DESC,
-}
-
-type SortFunc = (a?: string, b?: string) => number;
-
-const collator = new Intl.Collator(undefined, { numeric: true, sensitivity: "base" });
-
-const sortByNameAsc: SortFunc = (a, b) => {
-  if (a && b) return collator.compare(a, b);
-  if (a) return -1;
-  if (b) return 1;
-  return 0;
-};
-
-const sortByNameDesc: SortFunc = (a, b) => -sortByNameAsc(a, b);
-
-export const sortEntries = <T extends { name?: string }>(entries: T[], sortBy: SortBy) => {
-  let sortFunc: SortFunc;
-  if (sortBy === SortBy.NAME_ASC) {
-    sortFunc = sortByNameAsc;
-  } else {
-    sortFunc = sortByNameDesc;
-  }
-
-  entries.sort((a, b) => sortFunc(a.name, b.name));
-};

src/lib/utils/index.ts

@@ -0,0 +1,3 @@
+export * from "./format";
+export * from "./gotoStateful";
+export * from "./sort";

src/lib/utils/sort.ts

@@ -0,0 +1,57 @@
+interface SortEntry {
+  name?: string;
+  date?: Date;
+}
+
+export enum SortBy {
+  NAME_ASC,
+  NAME_DESC,
+  DATE_ASC,
+  DATE_DESC,
+}
+
+type SortFunc = (a: SortEntry, b: SortEntry) => number;
+
+const collator = new Intl.Collator(undefined, { numeric: true, sensitivity: "base" });
+
+const sortByNameAsc: SortFunc = ({ name: a }, { name: b }) => {
+  if (a && b) return collator.compare(a, b);
+  if (a) return -1;
+  if (b) return 1;
+  return 0;
+};
+
+const sortByNameDesc: SortFunc = (a, b) => -sortByNameAsc(a, b);
+
+const sortByDateAsc: SortFunc = ({ date: a }, { date: b }) => {
+  if (a && b) return a.getTime() - b.getTime();
+  if (a) return -1;
+  if (b) return 1;
+  return 0;
+};
+
+const sortByDateDesc: SortFunc = (a, b) => -sortByDateAsc(a, b);
+
+export const sortEntries = <T extends SortEntry>(entries: T[], sortBy: SortBy) => {
+  let sortFunc: SortFunc;
+
+  switch (sortBy) {
+    case SortBy.NAME_ASC:
+      sortFunc = sortByNameAsc;
+      break;
+    case SortBy.NAME_DESC:
+      sortFunc = sortByNameDesc;
+      break;
+    case SortBy.DATE_ASC:
+      sortFunc = sortByDateAsc;
+      break;
+    case SortBy.DATE_DESC:
+      sortFunc = sortByDateDesc;
+      break;
+    default:
+      const exhaustive: never = sortBy;
+      sortFunc = exhaustive;
+  }
+
+  entries.sort(sortFunc);
+};

src/routes/(fullscreen)/auth/changePassword/service.ts

@@ -1,10 +1,11 @@
-import { callPostApi } from "$lib/hooks";
-import type { PasswordChangeRequest } from "$lib/server/schemas";
+import { trpc } from "$trpc/client";
 
 export const requestPasswordChange = async (oldPassword: string, newPassword: string) => {
-  const res = await callPostApi<PasswordChangeRequest>("/api/auth/changePassword", {
-    oldPassword,
-    newPassword,
-  });
-  return res.ok;
+  try {
+    await trpc().auth.changePassword.mutate({ oldPassword, newPassword });
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };

src/routes/(fullscreen)/auth/login/service.ts

@@ -1,5 +1,4 @@
-import { callPostApi } from "$lib/hooks";
-import type { LoginRequest } from "$lib/server/schemas";
+import { trpc } from "$trpc/client";
 
 export { requestLogout } from "$lib/services/auth";
 export { requestDeletedFilesCleanup } from "$lib/services/file";
@@ -9,6 +8,11 @@ export {
 } from "$lib/services/key";
 
 export const requestLogin = async (email: string, password: string) => {
-  const res = await callPostApi<LoginRequest>("/api/auth/login", { email, password });
-  return res.ok;
+  try {
+    await trpc().auth.login.mutate({ email, password });
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };

src/routes/(fullscreen)/file/[id]/+page.svelte

@@ -3,6 +3,7 @@
   import { untrack } from "svelte";
   import { get, type Writable } from "svelte/store";
   import { goto } from "$app/navigation";
+  import { page } from "$app/state";
   import { FullscreenDiv } from "$lib/components/atoms";
   import { Categories, IconEntryButton, TopBar } from "$lib/components/molecules";
   import {
@@ -21,7 +22,9 @@
     requestThumbnailUpload,
     requestFileAdditionToCategory,
   } from "./service";
+  import TopBarMenu from "./TopBarMenu.svelte";
 
+  import IconMoreVert from "~icons/material-symbols/more-vert";
   import IconCamera from "~icons/material-symbols/camera";
   import IconClose from "~icons/material-symbols/close";
   import IconAddCircle from "~icons/material-symbols/add-circle";
@@ -31,6 +34,7 @@
   let info: Writable<FileInfo | null> | undefined = $state();
   let categories: Writable<CategoryInfo | null>[] = $state([]);
 
+  let isMenuOpen = $state(false);
   let isAddToCategoryBottomSheetOpen = $state(false);
 
   let downloadStatus = $derived(
@@ -42,30 +46,26 @@
 
   let isDownloadRequested = $state(false);
   let viewerType: "image" | "video" | undefined = $state();
+  let fileBlob: Blob | undefined = $state();
   let fileBlobUrl: string | undefined = $state();
-  let heicBlob: Blob | undefined = $state();
   let videoElement: HTMLVideoElement | undefined = $state();
 
   const updateViewer = async (buffer: ArrayBuffer, contentType: string) => {
-    const fileBlob = new Blob([buffer], { type: contentType });
-    if (viewerType) {
+    fileBlob = new Blob([buffer], { type: contentType });
     fileBlobUrl = URL.createObjectURL(fileBlob);
-      heicBlob = contentType === "image/heic" ? fileBlob : undefined;
-    }
     return fileBlob;
   };
 
   const convertHeicToJpeg = async () => {
-    if (!heicBlob) return;
+    if (fileBlob?.type !== "image/heic") return;
 
     URL.revokeObjectURL(fileBlobUrl!);
     fileBlobUrl = undefined;
 
     const { default: heic2any } = await import("heic2any");
     fileBlobUrl = URL.createObjectURL(
-      (await heic2any({ blob: heicBlob, toType: "image/jpeg" })) as Blob,
+      (await heic2any({ blob: fileBlob, toType: "image/jpeg" })) as Blob,
     );
-    heicBlob = undefined;
   };
 
   const updateThumbnail = async (dataKey: CryptoKey, dataKeyVersion: Date) => {
@@ -133,7 +133,24 @@
   <title>파일</title>
 </svelte:head>
 
-<TopBar title={$info?.name} />
+<TopBar title={$info?.name}>
+  <!-- svelte-ignore a11y_no_static_element_interactions -->
+  <!-- svelte-ignore a11y_click_events_have_key_events -->
+  <div onclick={(e) => e.stopPropagation()}>
+    <button
+      onclick={() => (isMenuOpen = !isMenuOpen)}
+      class="w-[2.3rem] flex-shrink-0 rounded-full p-1 active:bg-black active:bg-opacity-[0.04]"
+    >
+      <IconMoreVert class="text-2xl" />
+    </button>
+    <TopBarMenu
+      bind:isOpen={isMenuOpen}
+      directoryId={page.url.searchParams.get("from") === "category" ? $info?.parentId : undefined}
+      {fileBlob}
+      filename={$info?.name}
+    />
+  </div>
+</TopBar>
 <FullscreenDiv>
   <div class="space-y-4 pb-4">
     <DownloadStatus status={downloadStatus} />

src/routes/(fullscreen)/file/[id]/DownloadStatus.svelte

@@ -1,7 +1,7 @@
 <script lang="ts">
   import type { Writable } from "svelte/store";
-  import { formatNetworkSpeed } from "$lib/modules/util";
   import { isFileDownloading, type FileDownloadStatus } from "$lib/stores";
+  import { formatNetworkSpeed } from "$lib/utils";
 
   interface Props {
     status?: Writable<FileDownloadStatus>;

src/routes/(fullscreen)/file/[id]/TopBarMenu.svelte

@@ -0,0 +1,59 @@
+<script lang="ts">
+  import FileSaver from "file-saver";
+  import type { Component } from "svelte";
+  import type { SvelteHTMLElements } from "svelte/elements";
+  import { fly } from "svelte/transition";
+  import { goto } from "$app/navigation";
+
+  import IconFolderOpen from "~icons/material-symbols/folder-open";
+  import IconCloudDownload from "~icons/material-symbols/cloud-download";
+
+  interface Props {
+    directoryId?: "root" | number;
+    fileBlob?: Blob;
+    filename?: string;
+    isOpen: boolean;
+  }
+
+  let { directoryId, fileBlob, filename, isOpen = $bindable() }: Props = $props();
+</script>
+
+<svelte:window onclick={() => (isOpen = false)} />
+
+{#if isOpen && (directoryId || fileBlob)}
+  <div
+    class="absolute right-2 top-full z-20 space-y-1 rounded-lg bg-white px-1 py-2 shadow-2xl"
+    transition:fly={{ y: -8, duration: 200 }}
+  >
+    <p class="px-3 pt-2 text-sm font-semibold text-gray-600">더보기</p>
+    <div class="flex flex-col">
+      {#snippet menuButton(
+        Icon: Component<SvelteHTMLElements["svg"]>,
+        text: string,
+        onclick: () => void,
+      )}
+        <button {onclick} class="rounded-xl active:bg-gray-100">
+          <div
+            class="flex items-center gap-x-3 px-3 py-2 text-lg text-gray-700 transition active:scale-95"
+          >
+            <Icon />
+            <p class="font-medium">{text}</p>
+          </div>
+        </button>
+      {/snippet}
+
+      {#if directoryId}
+        {@render menuButton(IconFolderOpen, "폴더에서 보기", () =>
+          goto(
+            directoryId === "root" ? "/directory?from=file" : `/directory/${directoryId}?from=file`,
+          ),
+        )}
+      {/if}
+      {#if fileBlob}
+        {@render menuButton(IconCloudDownload, "다운로드", () => {
+          FileSaver.saveAs(fileBlob, filename);
+        })}
+      {/if}
+    </div>
+  </div>
+{/if}

src/routes/(fullscreen)/file/[id]/service.ts

@@ -1,8 +1,7 @@
-import { callPostApi } from "$lib/hooks";
 import { encryptData } from "$lib/modules/crypto";
 import { storeFileThumbnailCache } from "$lib/modules/file";
-import type { CategoryFileAddRequest } from "$lib/server/schemas";
 import { requestFileThumbnailUpload } from "$lib/services/file";
+import { trpc } from "$trpc/client";
 
 export { requestCategoryCreation, requestFileRemovalFromCategory } from "$lib/services/category";
 export { requestFileDownload } from "$lib/services/file";
@@ -23,8 +22,11 @@ export const requestThumbnailUpload = async (
 };
 
 export const requestFileAdditionToCategory = async (fileId: number, categoryId: number) => {
-  const res = await callPostApi<CategoryFileAddRequest>(`/api/category/${categoryId}/file/add`, {
-    file: fileId,
-  });
-  return res.ok;
+  try {
+    await trpc().category.addFile.mutate({ id: categoryId, file: fileId });
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };

src/routes/(fullscreen)/file/downloads/File.svelte

@@ -1,8 +1,8 @@
 <script lang="ts">
   import { get, type Writable } from "svelte/store";
   import { getFileInfo, type FileInfo } from "$lib/modules/filesystem";
-  import { formatNetworkSpeed } from "$lib/modules/util";
   import { masterKeyStore, type FileDownloadStatus } from "$lib/stores";
+  import { formatNetworkSpeed } from "$lib/utils";
 
   import IconCloud from "~icons/material-symbols/cloud";
   import IconCloudDownload from "~icons/material-symbols/cloud-download";

src/routes/(fullscreen)/file/uploads/File.svelte

@@ -1,7 +1,7 @@
 <script lang="ts">
   import type { Writable } from "svelte/store";
-  import { formatNetworkSpeed } from "$lib/modules/util";
   import type { FileUploadStatus } from "$lib/stores";
+  import { formatNetworkSpeed } from "$lib/utils";
 
   import IconPending from "~icons/material-symbols/pending";
   import IconLockClock from "~icons/material-symbols/lock-clock";

src/routes/(fullscreen)/gallery/+page.svelte

@@ -0,0 +1,26 @@
+<script lang="ts">
+  import type { Writable } from "svelte/store";
+  import { goto } from "$app/navigation";
+  import { FullscreenDiv } from "$lib/components/atoms";
+  import { TopBar } from "$lib/components/molecules";
+  import { Gallery } from "$lib/components/organisms";
+  import { getFileInfo, type FileInfo } from "$lib/modules/filesystem";
+  import { masterKeyStore } from "$lib/stores";
+
+  let { data } = $props();
+
+  let files: Writable<FileInfo | null>[] = $state([]);
+
+  $effect(() => {
+    files = data.files.map((file) => getFileInfo(file, $masterKeyStore?.get(1)?.key!));
+  });
+</script>
+
+<svelte:head>
+  <title>사진 및 동영상</title>
+</svelte:head>
+
+<TopBar title="사진 및 동영상" />
+<FullscreenDiv>
+  <Gallery {files} onFileClick={({ id }) => goto(`/file/${id}`)} />
+</FullscreenDiv>

src/routes/(fullscreen)/gallery/+page.ts

@@ -0,0 +1,7 @@
+import { trpc } from "$trpc/client";
+import type { PageLoad } from "./$types";
+
+export const load: PageLoad = async ({ fetch }) => {
+  const files = await trpc(fetch).file.list.query();
+  return { files };
+};

src/routes/(fullscreen)/key/export/+page.ts

@@ -1,5 +1,5 @@
 import { error } from "@sveltejs/kit";
-import { keyExportState } from "$lib/hooks/gotoStateful";
+import { keyExportState } from "$lib/utils/gotoStateful";
 import type { PageLoad } from "./$types";
 
 export const load: PageLoad = async () => {

src/routes/(fullscreen)/key/generate/+page.svelte

@@ -4,9 +4,9 @@
   import { BottomDiv, Button, FullscreenDiv, TextButton } from "$lib/components/atoms";
   import { TitledDiv } from "$lib/components/molecules";
   import { ForceLoginModal } from "$lib/components/organisms";
-  import { gotoStateful } from "$lib/hooks";
   import { storeClientKeys } from "$lib/modules/key";
   import { clientKeyStore } from "$lib/stores";
+  import { gotoStateful } from "$lib/utils";
   import Order from "./Order.svelte";
   import {
     generateClientKeys,

src/routes/(fullscreen)/settings/cache/+page.svelte

@@ -6,8 +6,8 @@
   import type { FileCacheIndex } from "$lib/indexedDB";
   import { getFileCacheIndex, deleteFileCache as doDeleteFileCache } from "$lib/modules/file";
   import { getFileInfo, type FileInfo } from "$lib/modules/filesystem";
-  import { formatFileSize } from "$lib/modules/util";
   import { masterKeyStore } from "$lib/stores";
+  import { formatFileSize } from "$lib/utils";
   import File from "./File.svelte";
 
   interface FileCache {

src/routes/(fullscreen)/settings/cache/File.svelte

@@ -2,7 +2,7 @@
   import type { Writable } from "svelte/store";
   import type { FileCacheIndex } from "$lib/indexedDB";
   import type { FileInfo } from "$lib/modules/filesystem";
-  import { formatDate, formatFileSize } from "$lib/modules/util";
+  import { formatDate, formatFileSize } from "$lib/utils";
 
   import IconDraft from "~icons/material-symbols/draft";
   import IconScanDelete from "~icons/material-symbols/scan-delete";

src/routes/(fullscreen)/settings/thumbnail/+page.ts

@@ -1,14 +1,7 @@
-import { error } from "@sveltejs/kit";
-import { callPostApi } from "$lib/hooks";
-import type { MissingThumbnailFileScanResponse } from "$lib/server/schemas";
+import { trpc } from "$trpc/client";
 import type { PageLoad } from "./$types";
 
 export const load: PageLoad = async ({ fetch }) => {
-  const res = await callPostApi("/api/file/scanMissingThumbnails", undefined, fetch);
-  if (!res.ok) {
-    error(500, "Internal server error");
-  }
-
-  const { files }: MissingThumbnailFileScanResponse = await res.json();
+  const files = await trpc(fetch).file.listWithoutThumbnail.query();
   return { files };
 };

src/routes/(fullscreen)/settings/thumbnail/File.svelte

@@ -14,7 +14,7 @@
   import { ActionEntryButton } from "$lib/components/atoms";
   import { DirectoryEntryLabel } from "$lib/components/molecules";
   import type { FileInfo } from "$lib/modules/filesystem";
-  import { formatDateTime } from "$lib/modules/util";
+  import { formatDateTime } from "$lib/utils";
   import type { GenerationStatus } from "./service.svelte";
 
   import IconCamera from "~icons/material-symbols/camera";

src/routes/(main)/BottomBar.svelte

@@ -22,7 +22,7 @@
   <AdaptiveDiv class="flex justify-evenly px-4 py-2">
     {#each pages as { path, label, icon: Icon }}
       <button
-        onclick={() => goto(path)}
+        onclick={() => goto(path, { replaceState: true })}
         class={[
           "w-16 active:rounded-xl active:bg-gray-100",
           !page.url.pathname.startsWith(path) && "text-gray-600",

src/routes/(main)/category/[[id]]/+page.svelte

@@ -58,7 +58,7 @@
     <Category
       bind:isFileRecursive
       info={$info}
-      onFileClick={({ id }) => goto(`/file/${id}`)}
+      onFileClick={({ id }) => goto(`/file/${id}?from=category`)}
       onFileRemoveClick={async ({ id }) => {
         await requestFileRemovalFromCategory(id, data.id as number);
         info = getCategoryInfo(data.id, $masterKeyStore?.get(1)?.key!); // TODO: FIXME

src/routes/(main)/category/[[id]]/CategoryDeleteModal.svelte

@@ -1,6 +1,6 @@
 <script lang="ts">
   import { ActionModal } from "$lib/components/molecules";
-  import { truncateString } from "$lib/modules/util";
+  import { truncateString } from "$lib/utils";
   import { useContext } from "./service.svelte";
 
   interface Props {

src/routes/(main)/category/[[id]]/service.svelte.ts

@@ -1,8 +1,7 @@
 import { getContext, setContext } from "svelte";
-import { callPostApi } from "$lib/hooks";
 import { encryptString } from "$lib/modules/crypto";
 import type { SelectedCategory } from "$lib/components/molecules";
-import type { CategoryRenameRequest } from "$lib/server/schemas";
+import { trpc } from "$trpc/client";
 
 export { requestCategoryCreation, requestFileRemovalFromCategory } from "$lib/services/category";
 
@@ -20,15 +19,26 @@ export const useContext = () => {
 export const requestCategoryRename = async (category: SelectedCategory, newName: string) => {
   const newNameEncrypted = await encryptString(newName, category.dataKey);
 
-  const res = await callPostApi<CategoryRenameRequest>(`/api/category/${category.id}/rename`, {
-    dekVersion: category.dataKeyVersion.toISOString(),
+  try {
+    await trpc().category.rename.mutate({
+      id: category.id,
+      dekVersion: category.dataKeyVersion,
       name: newNameEncrypted.ciphertext,
       nameIv: newNameEncrypted.iv,
     });
-  return res.ok;
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };
 
 export const requestCategoryDeletion = async (category: SelectedCategory) => {
-  const res = await callPostApi(`/api/category/${category.id}/delete`);
-  return res.ok;
+  try {
+    await trpc().category.delete.mutate({ id: category.id });
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };

src/routes/(main)/directory/[[id]]/+page.svelte

@@ -2,6 +2,7 @@
   import { onMount } from "svelte";
   import type { Writable } from "svelte/store";
   import { goto } from "$app/navigation";
+  import { page } from "$app/state";
   import { FloatingButton } from "$lib/components/atoms";
   import { TopBar } from "$lib/components/molecules";
   import { getDirectoryInfo, type DirectoryInfo } from "$lib/modules/filesystem";
@@ -42,6 +43,9 @@
   let isEntryRenameModalOpen = $state(false);
   let isEntryDeleteModalOpen = $state(false);
 
+  let isFromFilePage = $derived(page.url.searchParams.get("from") === "file");
+  let showTopBar = $derived(data.id !== "root" || isFromFilePage);
+
   const uploadFile = () => {
     const files = fileInput?.files;
     if (!files || files.length === 0) return;
@@ -86,11 +90,11 @@
 <input bind:this={fileInput} onchange={uploadFile} type="file" multiple class="hidden" />
 
 <div class="flex h-full flex-col">
-  {#if data.id !== "root"}
+  {#if showTopBar}
     <TopBar title={$info?.name} class="flex-shrink-0" />
   {/if}
   {#if $info}
-    <div class={["flex flex-grow flex-col px-4 pb-4", data.id === "root" && "pt-4"]}>
+    <div class={["flex flex-grow flex-col px-4 pb-4", !showTopBar && "pt-4"]}>
       <div class="flex gap-x-2">
         <UploadStatusCard onclick={() => goto("/file/uploads")} />
         <DownloadStatusCard onclick={() => goto("/file/downloads")} />
@@ -103,6 +107,13 @@
             context.selectedEntry = entry;
             isEntryMenuBottomSheetOpen = true;
           }}
+          showParentEntry={isFromFilePage && $info.parentId !== undefined}
+          onParentClick={() =>
+            goto(
+              $info.parentId === "root"
+                ? "/directory?from=file"
+                : `/directory/${$info.parentId}?from=file`,
+            )}
         />
       {/key}
     </div>

src/routes/(main)/directory/[[id]]/DirectoryEntries/DirectoryEntries.svelte

@@ -1,19 +1,21 @@
 <script lang="ts">
   import { untrack } from "svelte";
   import { get, type Writable } from "svelte/store";
+  import { ActionEntryButton } from "$lib/components/atoms";
+  import { DirectoryEntryLabel } from "$lib/components/molecules";
   import {
     getDirectoryInfo,
     getFileInfo,
     type DirectoryInfo,
     type FileInfo,
   } from "$lib/modules/filesystem";
-  import { SortBy, sortEntries } from "$lib/modules/util";
   import {
     fileUploadStatusStore,
     isFileUploading,
     masterKeyStore,
     type FileUploadStatus,
   } from "$lib/stores";
+  import { SortBy, sortEntries } from "$lib/utils";
   import File from "./File.svelte";
   import SubDirectory from "./SubDirectory.svelte";
   import UploadingFile from "./UploadingFile.svelte";
@@ -23,10 +25,19 @@
     info: DirectoryInfo;
     onEntryClick: (entry: SelectedEntry) => void;
     onEntryMenuClick: (entry: SelectedEntry) => void;
+    onParentClick?: () => void;
+    showParentEntry?: boolean;
     sortBy?: SortBy;
   }
 
-  let { info, onEntryClick, onEntryMenuClick, sortBy = SortBy.NAME_ASC }: Props = $props();
+  let {
+    info,
+    onEntryClick,
+    onEntryMenuClick,
+    onParentClick,
+    showParentEntry = false,
+    sortBy = SortBy.NAME_ASC,
+  }: Props = $props();
 
   interface DirectoryEntry {
     name?: string;
@@ -106,8 +117,13 @@
   });
 </script>
 
-{#if subDirectories.length + files.length > 0}
+{#if subDirectories.length + files.length > 0 || showParentEntry}
   <div class="space-y-1 pb-[4.5rem]">
+    {#if showParentEntry}
+      <ActionEntryButton class="h-14" onclick={onParentClick}>
+        <DirectoryEntryLabel type="parent-directory" name=".." />
+      </ActionEntryButton>
+    {/if}
     {#each subDirectories as { info }}
       <SubDirectory {info} onclick={onEntryClick} onOpenMenuClick={onEntryMenuClick} />
     {/each}

src/routes/(main)/directory/[[id]]/DirectoryEntries/File.svelte

@@ -3,7 +3,7 @@
   import { ActionEntryButton } from "$lib/components/atoms";
   import { DirectoryEntryLabel } from "$lib/components/molecules";
   import type { FileInfo } from "$lib/modules/filesystem";
-  import { formatDateTime } from "$lib/modules/util";
+  import { formatDateTime } from "$lib/utils";
   import { requestFileThumbnailDownload } from "./service";
   import type { SelectedEntry } from "../service.svelte";
 
@@ -34,7 +34,7 @@
   };
 
   $effect(() => {
-    if ($info?.dataKey) {
+    if ($info) {
       requestFileThumbnailDownload($info.id, $info.dataKey)
         .then((thumbnailUrl) => {
           thumbnail = thumbnailUrl ?? undefined;

src/routes/(main)/directory/[[id]]/DirectoryEntries/UploadingFile.svelte

@@ -1,7 +1,7 @@
 <script lang="ts">
   import type { Writable } from "svelte/store";
-  import { formatNetworkSpeed } from "$lib/modules/util";
   import { isFileUploading, type FileUploadStatus } from "$lib/stores";
+  import { formatNetworkSpeed } from "$lib/utils";
 
   import IconDraft from "~icons/material-symbols/draft";
 

src/routes/(main)/directory/[[id]]/DuplicateFileModal.svelte

@@ -1,6 +1,6 @@
 <script lang="ts">
   import { ActionModal } from "$lib/components/molecules";
-  import { truncateString } from "$lib/modules/util";
+  import { truncateString } from "$lib/utils";
 
   interface Props {
     file: File | undefined;

src/routes/(main)/directory/[[id]]/EntryDeleteModal.svelte

@@ -1,6 +1,6 @@
 <script lang="ts">
   import { ActionModal } from "$lib/components/molecules";
-  import { truncateString } from "$lib/modules/util";
+  import { truncateString } from "$lib/utils";
   import { useContext } from "./service.svelte";
 
   interface Props {

src/routes/(main)/directory/[[id]]/service.svelte.ts

@@ -1,5 +1,4 @@
 import { getContext, setContext } from "svelte";
-import { callGetApi, callPostApi } from "$lib/hooks";
 import { storeHmacSecrets } from "$lib/indexedDB";
 import { generateDataKey, wrapDataKey, unwrapHmacSecret, encryptString } from "$lib/modules/crypto";
 import {
@@ -9,14 +8,8 @@ import {
   deleteFileThumbnailCache,
   uploadFile,
 } from "$lib/modules/file";
-import type {
-  DirectoryRenameRequest,
-  DirectoryCreateRequest,
-  FileRenameRequest,
-  HmacSecretListResponse,
-  DirectoryDeleteResponse,
-} from "$lib/server/schemas";
 import { hmacSecretStore, type MasterKey, type HmacSecret } from "$lib/stores";
+import { trpc } from "$trpc/client";
 
 export interface SelectedEntry {
   type: "directory" | "file";
@@ -40,10 +33,14 @@ export const useContext = () => {
 export const requestHmacSecretDownload = async (masterKey: CryptoKey) => {
   // TODO: MEK rotation
 
-  const res = await callGetApi("/api/hsk/list");
-  if (!res.ok) return false;
+  let hmacSecretsWrapped;
+  try {
+    hmacSecretsWrapped = await trpc().hsk.list.query();
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 
-  const { hsks: hmacSecretsWrapped }: HmacSecretListResponse = await res.json();
   const hmacSecrets = await Promise.all(
     hmacSecretsWrapped.map(async ({ version, state, hsk: hmacSecretWrapped }) => {
       const { hmacSecret } = await unwrapHmacSecret(hmacSecretWrapped, masterKey);
@@ -65,15 +62,20 @@ export const requestDirectoryCreation = async (
   const { dataKey, dataKeyVersion } = await generateDataKey();
   const nameEncrypted = await encryptString(name, dataKey);
 
-  const res = await callPostApi<DirectoryCreateRequest>("/api/directory/create", {
+  try {
+    await trpc().directory.create.mutate({
       parent: parentId,
       mekVersion: masterKey.version,
       dek: await wrapDataKey(dataKey, masterKey.key),
-    dekVersion: dataKeyVersion.toISOString(),
+      dekVersion: dataKeyVersion,
       name: nameEncrypted.ciphertext,
       nameIv: nameEncrypted.iv,
     });
-  return res.ok;
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };
 
 export const requestFileUpload = async (
@@ -97,35 +99,46 @@ export const requestFileUpload = async (
 export const requestEntryRename = async (entry: SelectedEntry, newName: string) => {
   const newNameEncrypted = await encryptString(newName, entry.dataKey);
 
-  let res;
+  try {
     if (entry.type === "directory") {
-    res = await callPostApi<DirectoryRenameRequest>(`/api/directory/${entry.id}/rename`, {
-      dekVersion: entry.dataKeyVersion.toISOString(),
+      await trpc().directory.rename.mutate({
+        id: entry.id,
+        dekVersion: entry.dataKeyVersion,
         name: newNameEncrypted.ciphertext,
         nameIv: newNameEncrypted.iv,
       });
     } else {
-    res = await callPostApi<FileRenameRequest>(`/api/file/${entry.id}/rename`, {
-      dekVersion: entry.dataKeyVersion.toISOString(),
+      await trpc().file.rename.mutate({
+        id: entry.id,
+        dekVersion: entry.dataKeyVersion,
         name: newNameEncrypted.ciphertext,
         nameIv: newNameEncrypted.iv,
       });
     }
-  return res.ok;
+    return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
+  }
 };
 
 export const requestEntryDeletion = async (entry: SelectedEntry) => {
-  const res = await callPostApi(`/api/${entry.type}/${entry.id}/delete`);
-  if (!res.ok) return false;
-
+  try {
     if (entry.type === "directory") {
-    const { deletedFiles }: DirectoryDeleteResponse = await res.json();
+      const { deletedFiles } = await trpc().directory.delete.mutate({ id: entry.id });
       await Promise.all(
-      deletedFiles.flatMap((fileId) => [deleteFileCache(fileId), deleteFileThumbnailCache(fileId)]),
+        deletedFiles.flatMap((fileId) => [
+          deleteFileCache(fileId),
+          deleteFileThumbnailCache(fileId),
+        ]),
       );
-    return true;
     } else {
+      await trpc().file.delete.mutate({ id: entry.id });
       await Promise.all([deleteFileCache(entry.id), deleteFileThumbnailCache(entry.id)]);
+    }
     return true;
+  } catch {
+    // TODO: Error Handling
+    return false;
   }
 };

src/routes/(main)/home/+page.svelte

@@ -1,3 +1,35 @@
-<div class="flex h-full items-center justify-center p-4">
-  <p class="text-gray-500">아직 개발 중이에요.</p>
+<script lang="ts">
+  import type { Writable } from "svelte/store";
+  import { goto } from "$app/navigation";
+  import { EntryButton } from "$lib/components/atoms";
+  import { FileThumbnailButton } from "$lib/components/molecules";
+  import { getFileInfo, type FileInfo } from "$lib/modules/filesystem";
+  import { masterKeyStore } from "$lib/stores";
+  import { requestFreshMediaFilesRetrieval } from "./service";
+
+  let mediaFiles: Writable<FileInfo | null>[] = $state([]);
+
+  $effect(() => {
+    requestFreshMediaFilesRetrieval().then((files) => {
+      mediaFiles = files.map(({ id }) => getFileInfo(id, $masterKeyStore?.get(1)?.key!));
+    });
+  });
+</script>
+
+<svelte:head>
+  <title>홈</title>
+</svelte:head>
+
+<div class="min-h-full space-y-4 bg-gray-100 px-4 pb-[5.5em] pt-4">
+  <p class="px-2 text-2xl font-bold text-gray-800">ArkVault</p>
+  <div class="space-y-2 rounded-xl bg-white px-2 pb-4 pt-2">
+    <EntryButton onclick={() => goto("/gallery")} class="w-full">
+      <p class="text-left font-semibold">사진 및 동영상</p>
+    </EntryButton>
+    <div class="grid grid-cols-4 gap-2 px-2">
+      {#each mediaFiles as file}
+        <FileThumbnailButton info={file} onclick={({ id }) => goto(`/file/${id}`)} />
+      {/each}
+    </div>
+  </div>
 </div>

src/routes/(main)/home/service.ts

@@ -0,0 +1,14 @@
+import { getAllFileInfos } from "$lib/indexedDB";
+
+export const requestFreshMediaFilesRetrieval = async (limit = 8) => {
+  const files = await getAllFileInfos();
+  files.sort(
+    (a, b) =>
+      (b.createdAt ?? b.lastModifiedAt).getTime() - (a.createdAt ?? a.lastModifiedAt).getTime(),
+  );
+  return files
+    .filter(
+      ({ contentType }) => contentType.startsWith("image/") || contentType.startsWith("video/"),
+    )
+    .slice(0, limit);
+};

src/routes/(main)/menu/+page.ts

@@ -1,14 +1,7 @@
-import { error } from "@sveltejs/kit";
-import { callGetApi } from "$lib/hooks";
-import type { UserInfoResponse } from "$lib/server/schemas";
+import { trpc } from "$trpc/client";
 import type { PageLoad } from "./$types";
 
 export const load: PageLoad = async ({ fetch }) => {
-  const res = await callGetApi("/api/user", fetch);
-  if (!res.ok) {
-    error(500, "Internal server error");
-  }
-
-  const { nickname }: UserInfoResponse = await res.json();
+  const { nickname } = await trpc(fetch).user.get.query();
   return { nickname };
 };

src/routes/api/auth/changePassword/+server.ts

@@ -1,16 +0,0 @@
-import { error, text } from "@sveltejs/kit";
-import { authorize } from "$lib/server/modules/auth";
-import { passwordChangeRequest } from "$lib/server/schemas";
-import { changePassword } from "$lib/server/services/auth";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, request }) => {
-  const { sessionId, userId } = await authorize(locals, "any");
-
-  const zodRes = passwordChangeRequest.safeParse(await request.json());
-  if (!zodRes.success) error(400, "Invalid request body");
-  const { oldPassword, newPassword } = zodRes.data;
-
-  await changePassword(userId, sessionId, oldPassword, newPassword);
-  return text("Password changed", { headers: { "Content-Type": "text/plain" } });
-};

src/routes/api/auth/login/+server.ts

@@ -1,21 +0,0 @@
-import { error, text } from "@sveltejs/kit";
-import env from "$lib/server/loadenv";
-import { loginRequest } from "$lib/server/schemas";
-import { login } from "$lib/server/services/auth";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, request, cookies }) => {
-  const zodRes = loginRequest.safeParse(await request.json());
-  if (!zodRes.success) error(400, "Invalid request body");
-  const { email, password } = zodRes.data;
-
-  const { sessionIdSigned } = await login(email, password, locals.ip, locals.userAgent);
-  cookies.set("sessionId", sessionIdSigned, {
-    path: "/",
-    maxAge: env.session.exp / 1000,
-    secure: true,
-    sameSite: "strict",
-  });
-
-  return text("Logged in", { headers: { "Content-Type": "text/plain" } });
-};

src/routes/api/auth/logout/+server.ts

@@ -1,13 +0,0 @@
-import { text } from "@sveltejs/kit";
-import { authorize } from "$lib/server/modules/auth";
-import { logout } from "$lib/server/services/auth";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, cookies }) => {
-  const { sessionId } = await authorize(locals, "any");
-
-  await logout(sessionId);
-  cookies.delete("sessionId", { path: "/" });
-
-  return text("Logged out", { headers: { "Content-Type": "text/plain" } });
-};

src/routes/api/auth/upgradeSession/+server.ts

@@ -1,26 +0,0 @@
-import { error, json } from "@sveltejs/kit";
-import { authorize } from "$lib/server/modules/auth";
-import {
-  sessionUpgradeRequest,
-  sessionUpgradeResponse,
-  type SessionUpgradeResponse,
-} from "$lib/server/schemas";
-import { createSessionUpgradeChallenge } from "$lib/server/services/auth";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, request }) => {
-  const { sessionId, userId } = await authorize(locals, "notClient");
-
-  const zodRes = sessionUpgradeRequest.safeParse(await request.json());
-  if (!zodRes.success) error(400, "Invalid request body");
-  const { encPubKey, sigPubKey } = zodRes.data;
-
-  const { id, challenge } = await createSessionUpgradeChallenge(
-    sessionId,
-    userId,
-    locals.ip,
-    encPubKey,
-    sigPubKey,
-  );
-  return json(sessionUpgradeResponse.parse({ id, challenge } satisfies SessionUpgradeResponse));
-};

src/routes/api/auth/upgradeSession/verify/+server.ts

@@ -1,16 +0,0 @@
-import { error, text } from "@sveltejs/kit";
-import { authorize } from "$lib/server/modules/auth";
-import { sessionUpgradeVerifyRequest } from "$lib/server/schemas";
-import { verifySessionUpgradeChallenge } from "$lib/server/services/auth";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, request }) => {
-  const { sessionId, userId } = await authorize(locals, "notClient");
-
-  const zodRes = sessionUpgradeVerifyRequest.safeParse(await request.json());
-  if (!zodRes.success) error(400, "Invalid request body");
-  const { id, answerSig, force } = zodRes.data;
-
-  await verifySessionUpgradeChallenge(sessionId, userId, locals.ip, id, answerSig, force);
-  return text("Session upgraded", { headers: { "Content-Type": "text/plain" } });
-};

src/routes/api/category/[id]/+server.ts

@@ -1,33 +0,0 @@
-import { error, json } from "@sveltejs/kit";
-import { z } from "zod";
-import { authorize } from "$lib/server/modules/auth";
-import { categoryInfoResponse, type CategoryInfoResponse } from "$lib/server/schemas";
-import { getCategoryInformation } from "$lib/server/services/category";
-import type { RequestHandler } from "./$types";
-
-export const GET: RequestHandler = async ({ locals, params }) => {
-  const { userId } = await authorize(locals, "activeClient");
-
-  const zodRes = z
-    .object({
-      id: z.union([z.enum(["root"]), z.coerce.number().int().positive()]),
-    })
-    .safeParse(params);
-  if (!zodRes.success) error(400, "Invalid path parameters");
-  const { id } = zodRes.data;
-
-  const { metadata, categories } = await getCategoryInformation(userId, id);
-  return json(
-    categoryInfoResponse.parse({
-      metadata: metadata && {
-        parent: metadata.parentId,
-        mekVersion: metadata.mekVersion,
-        dek: metadata.encDek,
-        dekVersion: metadata.dekVersion.toISOString(),
-        name: metadata.encName.ciphertext,
-        nameIv: metadata.encName.iv,
-      },
-      subCategories: categories,
-    } satisfies CategoryInfoResponse),
-  );
-};

src/routes/api/category/[id]/delete/+server.ts

@@ -1,20 +0,0 @@
-import { error, text } from "@sveltejs/kit";
-import { z } from "zod";
-import { authorize } from "$lib/server/modules/auth";
-import { deleteCategory } from "$lib/server/services/category";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, params }) => {
-  const { userId } = await authorize(locals, "activeClient");
-
-  const zodRes = z
-    .object({
-      id: z.coerce.number().int().positive(),
-    })
-    .safeParse(params);
-  if (!zodRes.success) error(400, "Invalid path parameters");
-  const { id } = zodRes.data;
-
-  await deleteCategory(userId, id);
-  return text("Category deleted", { headers: { "Content-Type": "text/plain" } });
-};

src/routes/api/category/[id]/file/add/+server.ts

@@ -1,25 +0,0 @@
-import { error, text } from "@sveltejs/kit";
-import { z } from "zod";
-import { authorize } from "$lib/server/modules/auth";
-import { categoryFileAddRequest } from "$lib/server/schemas";
-import { addCategoryFile } from "$lib/server/services/category";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, params, request }) => {
-  const { userId } = await authorize(locals, "activeClient");
-
-  const paramsZodRes = z
-    .object({
-      id: z.coerce.number().int().positive(),
-    })
-    .safeParse(params);
-  if (!paramsZodRes.success) error(400, "Invalid path parameters");
-  const { id } = paramsZodRes.data;
-
-  const bodyZodRes = categoryFileAddRequest.safeParse(await request.json());
-  if (!bodyZodRes.success) error(400, "Invalid request body");
-  const { file } = bodyZodRes.data;
-
-  await addCategoryFile(userId, id, file);
-  return text("File added", { headers: { "Content-Type": "text/plain" } });
-};

src/routes/api/category/[id]/file/list/+server.ts

@@ -1,36 +0,0 @@
-import { error, json } from "@sveltejs/kit";
-import { z } from "zod";
-import { authorize } from "$lib/server/modules/auth";
-import { categoryFileListResponse, type CategoryFileListResponse } from "$lib/server/schemas";
-import { getCategoryFiles } from "$lib/server/services/category";
-import type { RequestHandler } from "./$types";
-
-export const GET: RequestHandler = async ({ locals, url, params }) => {
-  const { userId } = await authorize(locals, "activeClient");
-
-  const paramsZodRes = z
-    .object({
-      id: z.coerce.number().int().positive(),
-    })
-    .safeParse(params);
-  if (!paramsZodRes.success) error(400, "Invalid path parameters");
-  const { id } = paramsZodRes.data;
-
-  const queryZodRes = z
-    .object({
-      recurse: z
-        .enum(["true", "false"])
-        .transform((value) => value === "true")
-        .nullable(),
-    })
-    .safeParse({ recurse: url.searchParams.get("recurse") });
-  if (!queryZodRes.success) error(400, "Invalid query parameters");
-  const { recurse } = queryZodRes.data;
-
-  const { files } = await getCategoryFiles(userId, id, recurse ?? false);
-  return json(
-    categoryFileListResponse.parse({
-      files: files.map(({ id, isRecursive }) => ({ file: id, isRecursive })),
-    } satisfies CategoryFileListResponse),
-  );
-};

src/routes/api/category/[id]/file/remove/+server.ts

@@ -1,25 +0,0 @@
-import { error, text } from "@sveltejs/kit";
-import { z } from "zod";
-import { authorize } from "$lib/server/modules/auth";
-import { categoryFileRemoveRequest } from "$lib/server/schemas";
-import { removeCategoryFile } from "$lib/server/services/category";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, params, request }) => {
-  const { userId } = await authorize(locals, "activeClient");
-
-  const paramsZodRes = z
-    .object({
-      id: z.coerce.number().int().positive(),
-    })
-    .safeParse(params);
-  if (!paramsZodRes.success) error(400, "Invalid path parameters");
-  const { id } = paramsZodRes.data;
-
-  const bodyZodRes = categoryFileRemoveRequest.safeParse(await request.json());
-  if (!bodyZodRes.success) error(400, "Invalid request body");
-  const { file } = bodyZodRes.data;
-
-  await removeCategoryFile(userId, id, file);
-  return text("File removed", { headers: { "Content-Type": "text/plain" } });
-};

src/routes/api/category/[id]/rename/+server.ts

@@ -1,25 +0,0 @@
-import { error, text } from "@sveltejs/kit";
-import { z } from "zod";
-import { authorize } from "$lib/server/modules/auth";
-import { categoryRenameRequest } from "$lib/server/schemas";
-import { renameCategory } from "$lib/server/services/category";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, params, request }) => {
-  const { userId } = await authorize(locals, "activeClient");
-
-  const paramsZodRes = z
-    .object({
-      id: z.coerce.number().int().positive(),
-    })
-    .safeParse(params);
-  if (!paramsZodRes.success) error(400, "Invalid path parameters");
-  const { id } = paramsZodRes.data;
-
-  const bodyZodRes = categoryRenameRequest.safeParse(await request.json());
-  if (!bodyZodRes.success) error(400, "Invalid request body");
-  const { dekVersion, name, nameIv } = bodyZodRes.data;
-
-  await renameCategory(userId, id, new Date(dekVersion), { ciphertext: name, iv: nameIv });
-  return text("Category renamed", { headers: { "Content-Type": "text/plain" } });
-};

src/routes/api/category/create/+server.ts

@@ -1,23 +0,0 @@
-import { error, text } from "@sveltejs/kit";
-import { authorize } from "$lib/server/modules/auth";
-import { categoryCreateRequest } from "$lib/server/schemas";
-import { createCategory } from "$lib/server/services/category";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, request }) => {
-  const { userId } = await authorize(locals, "activeClient");
-
-  const zodRes = categoryCreateRequest.safeParse(await request.json());
-  if (!zodRes.success) error(400, "Invalid request body");
-  const { parent, mekVersion, dek, dekVersion, name, nameIv } = zodRes.data;
-
-  await createCategory({
-    userId,
-    parentId: parent,
-    mekVersion,
-    encDek: dek,
-    dekVersion: new Date(dekVersion),
-    encName: { ciphertext: name, iv: nameIv },
-  });
-  return text("Category created", { headers: { "Content-Type": "text/plain" } });
-};

src/routes/api/client/list/+server.ts

@@ -1,11 +0,0 @@
-import { json } from "@sveltejs/kit";
-import { authorize } from "$lib/server/modules/auth";
-import { clientListResponse, type ClientListResponse } from "$lib/server/schemas";
-import { getUserClientList } from "$lib/server/services/client";
-import type { RequestHandler } from "./$types";
-
-export const GET: RequestHandler = async ({ locals }) => {
-  const { userId } = await authorize(locals, "anyClient");
-  const { userClients } = await getUserClientList(userId);
-  return json(clientListResponse.parse({ clients: userClients } satisfies ClientListResponse));
-};

src/routes/api/client/register/+server.ts

@@ -1,20 +0,0 @@
-import { error, json } from "@sveltejs/kit";
-import { authorize } from "$lib/server/modules/auth";
-import {
-  clientRegisterRequest,
-  clientRegisterResponse,
-  type ClientRegisterResponse,
-} from "$lib/server/schemas";
-import { registerUserClient } from "$lib/server/services/client";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, request }) => {
-  const { userId } = await authorize(locals, "notClient");
-
-  const zodRes = clientRegisterRequest.safeParse(await request.json());
-  if (!zodRes.success) error(400, "Invalid request body");
-  const { encPubKey, sigPubKey } = zodRes.data;
-
-  const { id, challenge } = await registerUserClient(userId, locals.ip, encPubKey, sigPubKey);
-  return json(clientRegisterResponse.parse({ id, challenge } satisfies ClientRegisterResponse));
-};

src/routes/api/client/register/verify/+server.ts

@@ -1,16 +0,0 @@
-import { error, text } from "@sveltejs/kit";
-import { authorize } from "$lib/server/modules/auth";
-import { clientRegisterVerifyRequest } from "$lib/server/schemas";
-import { verifyUserClient } from "$lib/server/services/client";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, request }) => {
-  const { userId } = await authorize(locals, "notClient");
-
-  const zodRes = clientRegisterVerifyRequest.safeParse(await request.json());
-  if (!zodRes.success) error(400, "Invalid request body");
-  const { id, answerSig } = zodRes.data;
-
-  await verifyUserClient(userId, locals.ip, id, answerSig);
-  return text("Client verified", { headers: { "Content-Type": "text/plain" } });
-};

src/routes/api/client/status/+server.ts

@@ -1,17 +0,0 @@
-import { json } from "@sveltejs/kit";
-import { authorize } from "$lib/server/modules/auth";
-import { clientStatusResponse, type ClientStatusResponse } from "$lib/server/schemas";
-import { getUserClientStatus } from "$lib/server/services/client";
-import type { RequestHandler } from "./$types";
-
-export const GET: RequestHandler = async ({ locals }) => {
-  const { userId, clientId } = await authorize(locals, "anyClient");
-  const { state, isInitialMekNeeded } = await getUserClientStatus(userId, clientId);
-  return json(
-    clientStatusResponse.parse({
-      id: clientId,
-      state,
-      isInitialMekNeeded,
-    } satisfies ClientStatusResponse),
-  );
-};

src/routes/api/directory/[id]/+server.ts

@@ -1,34 +0,0 @@
-import { error, json } from "@sveltejs/kit";
-import { z } from "zod";
-import { authorize } from "$lib/server/modules/auth";
-import { directoryInfoResponse, type DirectoryInfoResponse } from "$lib/server/schemas";
-import { getDirectoryInformation } from "$lib/server/services/directory";
-import type { RequestHandler } from "./$types";
-
-export const GET: RequestHandler = async ({ locals, params }) => {
-  const { userId } = await authorize(locals, "activeClient");
-
-  const zodRes = z
-    .object({
-      id: z.union([z.enum(["root"]), z.coerce.number().int().positive()]),
-    })
-    .safeParse(params);
-  if (!zodRes.success) error(400, "Invalid path parameters");
-  const { id } = zodRes.data;
-
-  const { metadata, directories, files } = await getDirectoryInformation(userId, id);
-  return json(
-    directoryInfoResponse.parse({
-      metadata: metadata && {
-        parent: metadata.parentId,
-        mekVersion: metadata.mekVersion,
-        dek: metadata.encDek,
-        dekVersion: metadata.dekVersion.toISOString(),
-        name: metadata.encName.ciphertext,
-        nameIv: metadata.encName.iv,
-      },
-      subDirectories: directories,
-      files,
-    } satisfies DirectoryInfoResponse),
-  );
-};

src/routes/api/directory/[id]/delete/+server.ts

@@ -1,23 +0,0 @@
-import { error, json } from "@sveltejs/kit";
-import { z } from "zod";
-import { authorize } from "$lib/server/modules/auth";
-import { directoryDeleteResponse, type DirectoryDeleteResponse } from "$lib/server/schemas";
-import { deleteDirectory } from "$lib/server/services/directory";
-import type { RequestHandler } from "./$types";
-
-export const POST: RequestHandler = async ({ locals, params }) => {
-  const { userId } = await authorize(locals, "activeClient");
-
-  const zodRes = z
-    .object({
-      id: z.coerce.number().int().positive(),
-    })
-    .safeParse(params);
-  if (!zodRes.success) error(400, "Invalid path parameters");
-  const { id } = zodRes.data;
-
-  const { files } = await deleteDirectory(userId, id);
-  return json(
-    directoryDeleteResponse.parse({ deletedFiles: files } satisfies DirectoryDeleteResponse),
-  );
-};