cobalt/src/cobalt.js

import "dotenv/config"

import express from "express";
import cors from "cors";
import * as fs from "fs";
import rateLimit from "express-rate-limit";

import { shortCommit } from "./modules/sub/currentCommit.js";
import { appName, genericUserAgent, version, internetExplorerRedirect } from "./modules/config.js";
import { getJSON } from "./modules/api.js";
import renderPage from "./modules/pageRender/page.js";
import { apiJSON, checkJSONPost, languageCode } from "./modules/sub/utils.js";
import { Bright, Cyan } from "./modules/sub/consoleText.js";
import stream from "./modules/stream/stream.js";
import loc from "./localization/manager.js";
import { buildFront } from "./modules/build.js";
import { changelogHistory } from "./modules/pageRender/onDemand.js";
import { encrypt } from "./modules/sub/crypto.js";

const commitHash = shortCommit();
const app = express();

app.disable('x-powered-by');

if (fs.existsSync('./.env') && process.env.selfURL && process.env.streamSalt && process.env.port) {
    const apiLimiter = rateLimit({
        windowMs: 1 * 60 * 1000,
        max: 12,
        standardHeaders: true,
        legacyHeaders: false,
        handler: (req, res, next, opt) => {
            res.status(429).json({ "status": "error", "text": loc(languageCode(req), 'ErrorRateLimit') });
        }
    });
    const apiLimiterStream = rateLimit({
        windowMs: 1 * 60 * 1000,
        max: 12,
        standardHeaders: true,
        legacyHeaders: false,
        handler: (req, res, next, opt) => {
            res.status(429).json({ "status": "error", "text": loc(languageCode(req), 'ErrorRateLimit') });
        }
    });

    await buildFront();
    app.use('/api/', apiLimiter);
    app.use('/api/stream', apiLimiterStream);
    app.use('/', express.static('./min'));
    app.use('/', express.static('./src/front'));

    app.use((req, res, next) => {
        try {
            decodeURIComponent(req.path)
        }
        catch (e) {
            return res.redirect(process.env.selfURL);
        }
        next();
    });
    app.use('/api/json', express.json({
        verify: (req, res, buf) => {
            try {
                JSON.parse(buf);
                if (buf.length > 720) throw new Error();
                if (req.header('Content-Type') != "application/json") res.status(500).json({ 'status': 'error', 'text': 'invalid content type header' })
                if (req.header('Accept') != "application/json") res.status(500).json({ 'status': 'error', 'text': 'invalid accept header' })
            } catch(e) {
                res.status(500).json({ 'status': 'error', 'text': 'invalid json body.' })
            }
        }
    }));
    app.post('/api/:type', cors({ origin: process.env.selfURL, optionsSuccessStatus: 200 }), async (req, res) => {
        try {
            let ip = encrypt(req.header('x-forwarded-for') ? req.header('x-forwarded-for') : req.ip.replace('::ffff:', ''), process.env.streamSalt);
            switch (req.params.type) {
                case 'json':
                    try {
                        let request = req.body;
                        let chck = checkJSONPost(request);
                        if (request.url && chck) {
                            chck["ip"] = ip;
                            let j = await getJSON(chck["url"], languageCode(req), chck)
                            res.status(j.status).json(j.body);
                        } else if (request.url && !chck) {
                            let j = apiJSON(3, { t: loc(languageCode(req), 'ErrorCouldntFetch') });
                            res.status(j.status).json(j.body);
                        } else {
                            let j = apiJSON(3, { t: loc(languageCode(req), 'ErrorNoLink') })
                            res.status(j.status).json(j.body);
                        }
                    } catch (e) {
                        res.status(500).json({ 'status': 'error', 'text': loc(languageCode(req), 'ErrorCantProcess') })
                    }
                    break;
                default:
                    let j = apiJSON(0, { t: "unknown response type" })
                    res.status(j.status).json(j.body);
                    break;
            }
        } catch (e) {
            res.status(500).json({ 'status': 'error', 'text': loc(languageCode(req), 'ErrorCantProcess') })
        }
    });
    app.get('/api/:type', cors({ origin: process.env.selfURL, optionsSuccessStatus: 200 }), async (req, res) => {
        try {
            let ip = encrypt(req.header('x-forwarded-for') ? req.header('x-forwarded-for') : req.ip.replace('::ffff:', ''), process.env.streamSalt);
            switch (req.params.type) {
                // **
                // json GET method will be deprecated by 4.5! make sure to move your shortcuts to POST method.
                // **
                case 'json':
                    try {
                        if (req.query.url && req.query.url.length < 150) {
                            let chck = checkJSONPost({});
                            chck["ip"] = ip;
                            let j = await getJSON(req.query.url.trim(), languageCode(req), chck)
                            res.status(j.status).json(j.body);
                        } else {
                            let j = apiJSON(3, { t: loc(languageCode(req), 'ErrorNoLink', process.env.selfURL) })
                            res.status(j.status).json(j.body);
                        }
                    } catch (e) {
                        res.status(500).json({ 'status': 'error', 'text': loc(languageCode(req), 'ErrorCantProcess') })
                    }
                    break;
                // **
                // ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ will be removed soon ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                // **
                case 'stream':
                    if (req.query.p) {
                        res.status(200).json({ "status": "continue" });
                    } else if (req.query.t && req.query.h && req.query.e) {
                        stream(res, ip, req.query.t, req.query.h, req.query.e);
                    } else {
                        let j = apiJSON(0, { t: "no stream id" })
                        res.status(j.status).json(j.body);
                    }
                    break;
                case 'onDemand':
                    if (req.query.blockId) {
                        let blockId = req.query.blockId.slice(0, 3)
                        let r, j;
                        switch(blockId) {
                            case "0":
                                r = changelogHistory();
                                j = r ? apiJSON(3, { t: r }) : apiJSON(0, { t: "couldn't render this block" })
                                break;
                            default:
                                j = apiJSON(0, { t: "couldn't find a block with this id" })
                                break;
                        }
                        res.status(j.status).json(j.body);
                    } else {
                        let j = apiJSON(0, { t: "no block id" })
                        res.status(j.status).json(j.body);
                    }
                    break;
                default:
                    let j = apiJSON(0, { t: "unknown response type" })
                    res.status(j.status).json(j.body);
                    break;
            }
        } catch (e) {
            res.status(500).json({ 'status': 'error', 'text': loc(languageCode(req), 'ErrorCantProcess') })
        }
    });
    app.get("/api", (req, res) => {
        res.redirect('/api/json')
    });
    app.get("/", (req, res) => {
        if (req.header("user-agent") && req.header("user-agent").includes("Trident")) {
            if (internetExplorerRedirect.newNT.includes(req.header("user-agent").split('NT ')[1].split(';')[0])) {
                res.redirect(internetExplorerRedirect.new)
            } else {
                res.redirect(internetExplorerRedirect.old)
            }
        } else {
            res.send(renderPage({
                "hash": commitHash,
                "type": "default",
                "lang": languageCode(req),
                "useragent": req.header('user-agent') ? req.header('user-agent') : genericUserAgent
            }))
        }
    });
    app.get("/favicon.ico", (req, res) => {
        res.redirect('/icons/favicon.ico');
    });
    app.get("/*", (req, res) => {
        res.redirect('/')
    });
    app.listen(process.env.port, () => {
        console.log(`\n${Bright(`${appName} (${version})`)}\n\nURL: ${Cyan(`${process.env.selfURL}`)}\nPort: ${process.env.port}\nCurrent commit: ${Bright(`${commitHash}`)}\nStart time: ${Bright(Math.floor(new Date().getTime()))}\n`)
    });
} else {
    console.log(`you can't run the server without generating a .env file. please run the setup script first: npm run setup`)
}
moved to new repo 2022-07-08 19:17:56 +01:00			`import "dotenv/config"`

			`import express from "express";`
added cors and title + description meta tags 2022-07-10 15:04:03 +01:00			`import cors from "cors";`
moved to new repo 2022-07-08 19:17:56 +01:00			`import * as fs from "fs";`
			`import rateLimit from "express-rate-limit";`

got rid of dash in file names 2022-07-17 12:21:51 +01:00			`import { shortCommit } from "./modules/sub/currentCommit.js";`
moved to new repo 2022-07-08 19:17:56 +01:00			`import { appName, genericUserAgent, version, internetExplorerRedirect } from "./modules/config.js";`
			`import { getJSON } from "./modules/api.js";`
3.0 probably the biggest update in history of cobalt 2022-08-12 14:36:19 +01:00			`import renderPage from "./modules/pageRender/page.js";`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`import { apiJSON, checkJSONPost, languageCode } from "./modules/sub/utils.js";`
got rid of dash in file names 2022-07-17 12:21:51 +01:00			`import { Bright, Cyan } from "./modules/sub/consoleText.js";`
moved to new repo 2022-07-08 19:17:56 +01:00			`import stream from "./modules/stream/stream.js";`
3.0 probably the biggest update in history of cobalt 2022-08-12 14:36:19 +01:00			`import loc from "./localization/manager.js";`
implemented esbuild and cleaned up stuff cobalt should now load even faster 2022-07-30 10:01:54 +01:00			`import { buildFront } from "./modules/build.js";`
vk fixes and new changelog system 2022-09-11 16:04:06 +01:00			`import { changelogHistory } from "./modules/pageRender/onDemand.js";`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`import { encrypt } from "./modules/sub/crypto.js";`
moved to new repo 2022-07-08 19:17:56 +01:00
beginning of 2.2 - added download popup to solve the issue with downloads on ios - merged big and small popups into one - made buttons in donation menu act like buttons - began to clean up localisation - added ability to embed repo url into localisation strings - moved ffmpeg args to config for more flexibility (and hopefully future changes) - removed error response in stream that could result in a crash - removed notice for ios users from about cause it's no longer relevant - made error popup look and act like the rest - a tiny bit of clean up - ill do better changelog tomorrow i think 2022-07-13 21:32:00 +01:00			`const commitHash = shortCommit();`
moved to new repo 2022-07-08 19:17:56 +01:00			`const app = express();`

added cors and title + description meta tags 2022-07-10 15:04:03 +01:00			`app.disable('x-powered-by');`

disabled tiktok and made it impossible to run the server unless all requirements are met 2022-09-20 08:54:44 +01:00			`if (fs.existsSync('./.env') && process.env.selfURL && process.env.streamSalt && process.env.port) {`
moved to new repo 2022-07-08 19:17:56 +01:00			`const apiLimiter = rateLimit({`
4.5 2022-12-06 19:21:07 +00:00			`windowMs: 1 * 60 * 1000,`
			`max: 12,`
moved to new repo 2022-07-08 19:17:56 +01:00			`standardHeaders: true,`
			`legacyHeaders: false,`
			`handler: (req, res, next, opt) => {`
remade localization system once again - new localization system: fast, dynamic, way more organized - localization strings are WAY more descriptive - it's now easier to add support for other languages (just one loc file instead of five) - localization now falls back to english if localized string isnt available - got rid of all static language selectors (probably) - slightly updated english and russian strings - miscellaneous settings items have been bundled together and moved to the bottom, cause they're used the least - bottom links should no longer touch the popup border on overflow - rearranged popup order in the rendered page - bumped version up to 2.2.5 if you see strings that are like this: !!EXAMPLE!! or withoutspace please file an issue on github 2022-07-24 11:54:05 +01:00			`res.status(429).json({ "status": "error", "text": loc(languageCode(req), 'ErrorRateLimit') });`
moved to new repo 2022-07-08 19:17:56 +01:00			`}`
4.5 2022-12-06 19:21:07 +00:00			`});`
moved to new repo 2022-07-08 19:17:56 +01:00			`const apiLimiterStream = rateLimit({`
4.5 2022-12-06 19:21:07 +00:00			`windowMs: 1 * 60 * 1000,`
			`max: 12,`
moved to new repo 2022-07-08 19:17:56 +01:00			`standardHeaders: true,`
			`legacyHeaders: false,`
			`handler: (req, res, next, opt) => {`
remade localization system once again - new localization system: fast, dynamic, way more organized - localization strings are WAY more descriptive - it's now easier to add support for other languages (just one loc file instead of five) - localization now falls back to english if localized string isnt available - got rid of all static language selectors (probably) - slightly updated english and russian strings - miscellaneous settings items have been bundled together and moved to the bottom, cause they're used the least - bottom links should no longer touch the popup border on overflow - rearranged popup order in the rendered page - bumped version up to 2.2.5 if you see strings that are like this: !!EXAMPLE!! or withoutspace please file an issue on github 2022-07-24 11:54:05 +01:00			`res.status(429).json({ "status": "error", "text": loc(languageCode(req), 'ErrorRateLimit') });`
moved to new repo 2022-07-08 19:17:56 +01:00			`}`
4.5 2022-12-06 19:21:07 +00:00			`});`
moved to new repo 2022-07-08 19:17:56 +01:00
implemented esbuild and cleaned up stuff cobalt should now load even faster 2022-07-30 10:01:54 +01:00			`await buildFront();`
moved to new repo 2022-07-08 19:17:56 +01:00			`app.use('/api/', apiLimiter);`
			`app.use('/api/stream', apiLimiterStream);`
implemented esbuild and cleaned up stuff cobalt should now load even faster 2022-07-30 10:01:54 +01:00			`app.use('/', express.static('./min'));`
			`app.use('/', express.static('./src/front'));`
moved to new repo 2022-07-08 19:17:56 +01:00
			`app.use((req, res, next) => {`
			`try {`
			`decodeURIComponent(req.path)`
			`}`
clean up 2022-08-16 08:14:19 +01:00			`catch (e) {`
			`return res.redirect(process.env.selfURL);`
moved to new repo 2022-07-08 19:17:56 +01:00			`}`
			`next();`
			`});`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`app.use('/api/json', express.json({`
			`verify: (req, res, buf) => {`
			`try {`
			`JSON.parse(buf);`
			`if (buf.length > 720) throw new Error();`
			`if (req.header('Content-Type') != "application/json") res.status(500).json({ 'status': 'error', 'text': 'invalid content type header' })`
			`if (req.header('Accept') != "application/json") res.status(500).json({ 'status': 'error', 'text': 'invalid accept header' })`
			`} catch(e) {`
			`res.status(500).json({ 'status': 'error', 'text': 'invalid json body.' })`
			`}`
			`}`
			`}));`
			`app.post('/api/:type', cors({ origin: process.env.selfURL, optionsSuccessStatus: 200 }), async (req, res) => {`
			`try {`
			`let ip = encrypt(req.header('x-forwarded-for') ? req.header('x-forwarded-for') : req.ip.replace('::ffff:', ''), process.env.streamSalt);`
			`switch (req.params.type) {`
			`case 'json':`
			`try {`
			`let request = req.body;`
			`let chck = checkJSONPost(request);`
			`if (request.url && chck) {`
			`chck["ip"] = ip;`
4.5 2022-12-06 19:21:07 +00:00			`let j = await getJSON(chck["url"], languageCode(req), chck)`
			`res.status(j.status).json(j.body);`
			`} else if (request.url && !chck) {`
			`let j = apiJSON(3, { t: loc(languageCode(req), 'ErrorCouldntFetch') });`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`res.status(j.status).json(j.body);`
			`} else {`
4.5 2022-12-06 19:21:07 +00:00			`let j = apiJSON(3, { t: loc(languageCode(req), 'ErrorNoLink') })`
			`res.status(j.status).json(j.body);`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`}`
			`} catch (e) {`
			`res.status(500).json({ 'status': 'error', 'text': loc(languageCode(req), 'ErrorCantProcess') })`
			`}`
			`break;`
			`default:`
			`let j = apiJSON(0, { t: "unknown response type" })`
			`res.status(j.status).json(j.body);`
			`break;`
			`}`
			`} catch (e) {`
			`res.status(500).json({ 'status': 'error', 'text': loc(languageCode(req), 'ErrorCantProcess') })`
			`}`
			`});`
added cors and title + description meta tags 2022-07-10 15:04:03 +01:00			`app.get('/api/:type', cors({ origin: process.env.selfURL, optionsSuccessStatus: 200 }), async (req, res) => {`
moved to new repo 2022-07-08 19:17:56 +01:00			`try {`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`let ip = encrypt(req.header('x-forwarded-for') ? req.header('x-forwarded-for') : req.ip.replace('::ffff:', ''), process.env.streamSalt);`
moved to new repo 2022-07-08 19:17:56 +01:00			`switch (req.params.type) {`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`// **`
			`// json GET method will be deprecated by 4.5! make sure to move your shortcuts to POST method.`
			`// **`
moved to new repo 2022-07-08 19:17:56 +01:00			`case 'json':`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`try {`
			`if (req.query.url && req.query.url.length < 150) {`
			`let chck = checkJSONPost({});`
			`chck["ip"] = ip;`
			`let j = await getJSON(req.query.url.trim(), languageCode(req), chck)`
fixed a silly mistake that broke soundcloud also added an error handler for this issue if it happens ever again 2022-09-04 05:14:25 +01:00			`res.status(j.status).json(j.body);`
			`} else {`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`let j = apiJSON(3, { t: loc(languageCode(req), 'ErrorNoLink', process.env.selfURL) })`
			`res.status(j.status).json(j.body);`
fixed a silly mistake that broke soundcloud also added an error handler for this issue if it happens ever again 2022-09-04 05:14:25 +01:00			`}`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`} catch (e) {`
			`res.status(500).json({ 'status': 'error', 'text': loc(languageCode(req), 'ErrorCantProcess') })`
moved to new repo 2022-07-08 19:17:56 +01:00			`}`
			`break;`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`// **`
			`// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ will be removed soon ^^^^^^^^^^^^^^^^^^^^^^^^^^^^`
			`// **`
moved to new repo 2022-07-08 19:17:56 +01:00			`case 'stream':`
			`if (req.query.p) {`
			`res.status(200).json({ "status": "continue" });`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`} else if (req.query.t && req.query.h && req.query.e) {`
prevent crash if youtube video is fucked up ill remake a youtube function to pick a good video instead of broken one later, i just dont want cobalt to hang if one youtube cdn is down i hate youtube so much 2022-08-14 18:09:06 +01:00			`stream(res, ip, req.query.t, req.query.h, req.query.e);`
moved to new repo 2022-07-08 19:17:56 +01:00			`} else {`
tiktok images and crowdin 2022-09-03 16:32:39 +01:00			`let j = apiJSON(0, { t: "no stream id" })`
moved to new repo 2022-07-08 19:17:56 +01:00			`res.status(j.status).json(j.body);`
			`}`
			`break;`
vk fixes and new changelog system 2022-09-11 16:04:06 +01:00			`case 'onDemand':`
			`if (req.query.blockId) {`
			`let blockId = req.query.blockId.slice(0, 3)`
			`let r, j;`
			`switch(blockId) {`
			`case "0":`
			`r = changelogHistory();`
			`j = r ? apiJSON(3, { t: r }) : apiJSON(0, { t: "couldn't render this block" })`
			`break;`
			`default:`
			`j = apiJSON(0, { t: "couldn't find a block with this id" })`
			`break;`
			`}`
			`res.status(j.status).json(j.body);`
			`} else {`
			`let j = apiJSON(0, { t: "no block id" })`
			`res.status(j.status).json(j.body);`
			`}`
			`break;`
moved to new repo 2022-07-08 19:17:56 +01:00			`default:`
vk fixes and new changelog system 2022-09-11 16:04:06 +01:00			`let j = apiJSON(0, { t: "unknown response type" })`
moved to new repo 2022-07-08 19:17:56 +01:00			`res.status(j.status).json(j.body);`
			`break;`
			`}`
			`} catch (e) {`
4.3: open api + post method for main endpoint 2022-11-12 16:40:11 +00:00			`res.status(500).json({ 'status': 'error', 'text': loc(languageCode(req), 'ErrorCantProcess') })`
moved to new repo 2022-07-08 19:17:56 +01:00			`}`
			`});`
fix small issues 2022-09-01 14:51:18 +01:00			`app.get("/api", (req, res) => {`
moved to new repo 2022-07-08 19:17:56 +01:00			`res.redirect('/api/json')`
			`});`
fix small issues 2022-09-01 14:51:18 +01:00			`app.get("/", (req, res) => {`
moved to new repo 2022-07-08 19:17:56 +01:00			`if (req.header("user-agent") && req.header("user-agent").includes("Trident")) {`
			`if (internetExplorerRedirect.newNT.includes(req.header("user-agent").split('NT ')[1].split(';')[0])) {`
			`res.redirect(internetExplorerRedirect.new)`
			`} else {`
			`res.redirect(internetExplorerRedirect.old)`
			`}`
			`} else {`
			`res.send(renderPage({`
			`"hash": commitHash,`
			`"type": "default",`
remade localization system once again - new localization system: fast, dynamic, way more organized - localization strings are WAY more descriptive - it's now easier to add support for other languages (just one loc file instead of five) - localization now falls back to english if localized string isnt available - got rid of all static language selectors (probably) - slightly updated english and russian strings - miscellaneous settings items have been bundled together and moved to the bottom, cause they're used the least - bottom links should no longer touch the popup border on overflow - rearranged popup order in the rendered page - bumped version up to 2.2.5 if you see strings that are like this: !!EXAMPLE!! or withoutspace please file an issue on github 2022-07-24 11:54:05 +01:00			`"lang": languageCode(req),`
moved to new repo 2022-07-08 19:17:56 +01:00			`"useragent": req.header('user-agent') ? req.header('user-agent') : genericUserAgent`
			`}))`
			`}`
			`});`
fix small issues 2022-09-01 14:51:18 +01:00			`app.get("/favicon.ico", (req, res) => {`
moved to new repo 2022-07-08 19:17:56 +01:00			`res.redirect('/icons/favicon.ico');`
			`});`
fix small issues 2022-09-01 14:51:18 +01:00			`app.get("/*", (req, res) => {`
moved to new repo 2022-07-08 19:17:56 +01:00			`res.redirect('/')`
			`});`
			`app.listen(process.env.port, () => {`
			console.log(`\n${Bright(`${appName} (${version})`)}\n\nURL: ${Cyan(`${process.env.selfURL}`)}\nPort: ${process.env.port}\nCurrent commit: ${Bright(`${commitHash}`)}\nStart time: ${Bright(Math.floor(new Date().getTime()))}\n`)
			`});`
			`} else {`
disabled tiktok and made it impossible to run the server unless all requirements are met 2022-09-20 08:54:44 +01:00			console.log(`you can't run the server without generating a .env file. please run the setup script first: npm run setup`)
basically new readme and more languages - indonesian localization by @LyfeV - rewrote readme - added new line at the end for files that were missing it 2022-08-01 16:48:37 +01:00			`}`