From 8552d5fd40b61f94cd955630d482db9ddbb38bc4 Mon Sep 17 00:00:00 2001 From: "Ng Wing Tat, David" Date: Fri, 22 Apr 2022 17:09:55 +0800 Subject: [PATCH 1/4] =?UTF-8?q?=F0=9F=9A=B8=20Return=20URL=20for=20avatar?= =?UTF-8?q?=20update?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/routes/users/registerLogin.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/routes/users/registerLogin.js b/src/routes/users/registerLogin.js index 5826f48c7..3af5644ed 100644 --- a/src/routes/users/registerLogin.js +++ b/src/routes/users/registerLogin.js @@ -347,7 +347,7 @@ router.post( } await dbRef.doc(user).update({ avatar: avatarUrl }); - res.sendStatus(200); + res.json({ avatar: avatarUrl }); const oldUserObj = await dbRef.doc(user).get(); const { From dff440d8f748842d7204f4590363f44f35c2ea10 Mon Sep 17 00:00:00 2001 From: "Ng Wing Tat, David" Date: Thu, 28 Apr 2022 00:56:30 +0800 Subject: [PATCH 2/4] =?UTF-8?q?=F0=9F=9A=B8=20Prepend=20hash=20to=20avatar?= =?UTF-8?q?=20URL=20for=20caching=20fix?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/util/fileupload.js | 4 ++-- test/stub/util/fileupload.js | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/util/fileupload.js b/src/util/fileupload.js index 8449f92a5..c9205aa1f 100644 --- a/src/util/fileupload.js +++ b/src/util/fileupload.js @@ -47,8 +47,8 @@ export async function handleAvatarUploadAndGetURL(user, file, avatarSHA256) { throw new ValidationError(`unsupported file format! ${(type || {}).ext || JSON.stringify(type)}`); } + const hash256 = sha256(file.buffer); if (avatarSHA256) { - const hash256 = sha256(file.buffer); if (hash256 !== avatarSHA256) throw new ValidationError('avatar sha not match'); } @@ -58,7 +58,7 @@ export async function handleAvatarUploadAndGetURL(user, file, avatarSHA256) { filename: `likecoin_store_user_${user}_${IS_TESTNET ? 'test' : 'main'}`, mimetype: file.mimetype, }); - return avatarUrl; + return `${avatarUrl}&${hash256.substring(0, 7)}`; } export async function handleAvatarLinkAndGetURL(user, url) { diff --git a/test/stub/util/fileupload.js b/test/stub/util/fileupload.js index 537b1fa95..e30c6cb22 100644 --- a/test/stub/util/fileupload.js +++ b/test/stub/util/fileupload.js @@ -21,8 +21,8 @@ export async function handleAvatarUploadAndGetURL(user, file, avatarSHA256) { throw new ValidationError(`unsupported file format! ${(type || {}).ext || JSON.stringify(type)}`); } + const hash256 = sha256(file.buffer); if (avatarSHA256) { - const hash256 = sha256(file.buffer); if (hash256 !== avatarSHA256) throw new ValidationError('avatar sha not match'); } @@ -32,7 +32,7 @@ export async function handleAvatarUploadAndGetURL(user, file, avatarSHA256) { filename: `likecoin_store_user_${user}_${IS_TESTNET ? 'test' : 'main'}`, mimetype: file.mimetype, }); - return avatarUrl; + return `${avatarUrl}&${hash256.substring(0, 7)}`; } export async function handleAvatarLinkAndGetURL(user, url) { From 9320935fb95eb8853e98362aaa25a09875e8ea4f Mon Sep 17 00:00:00 2001 From: "Ng Wing Tat, David" Date: Thu, 28 Apr 2022 11:56:16 +0800 Subject: [PATCH 3/4] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20Update=20@likecoin/sec?= =?UTF-8?q?retd-js=20to=20avoid=20breaking=20change?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- package-lock.json | 95 ++++++++++++++++++++++++----------------------- package.json | 2 +- 2 files changed, 49 insertions(+), 48 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1c92f2137..29e2d94cd 100644 --- a/package-lock.json +++ b/package-lock.json @@ -940,11 +940,11 @@ } }, "@babel/runtime-corejs3": { - "version": "7.15.4", - "resolved": "https://registry.npmjs.org/@babel/runtime-corejs3/-/runtime-corejs3-7.15.4.tgz", - "integrity": "sha512-lWcAqKeB624/twtTc3w6w/2o9RqJPaNBhPGK6DKLSiwuVWC7WFkypWyNg+CpZoyJH0jVzv1uMtXZ/5/lQOLtCg==", + "version": "7.17.9", + "resolved": "https://registry.npmjs.org/@babel/runtime-corejs3/-/runtime-corejs3-7.17.9.tgz", + "integrity": "sha512-WxYHHUWF2uZ7Hp1K+D1xQgbgkGUfA+5UPOegEXGt2Y5SMog/rYCVaifLZDbw8UkNXozEqqrZTy6bglL7xTaCOw==", "requires": { - "core-js-pure": "^3.16.0", + "core-js-pure": "^3.20.2", "regenerator-runtime": "^0.13.4" }, "dependencies": { @@ -1926,19 +1926,41 @@ "resolved": "https://registry.npmjs.org/@likecoin/likecoin-email-templates/-/likecoin-email-templates-1.2.2.tgz", "integrity": "sha512-/RudNCKL9NlqOJi6v4idf0Xv40X9MvVVDpo7DaKBH02MaaiGkjojlHNg07xFkQXZtE+/4am0OmBBiL/ge9ZcZQ==" }, + "@likecoin/noise-js": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@likecoin/noise-js/-/noise-js-0.1.0.tgz", + "integrity": "sha512-M1urRpN+QRK5ErNarIjitclKXPnAuE3HW0alUMc/BiYQKKqu4tV8pWpU7Fy9Nff802xxY5L6DGy7WpgszPSJTA==", + "requires": { + "clone": "^2.1.2", + "nanoassert": "^1.1.0", + "tweetnacl": "^1.0.1" + }, + "dependencies": { + "clone": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz", + "integrity": "sha1-G39Ln1kfHo+DZwQBYANFoCiHQ18=" + }, + "tweetnacl": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-1.0.3.tgz", + "integrity": "sha512-6rt+RN7aOi1nGMyC4Xa5DdYiukl2UWCbcJft7YhxReBGQD7OAM8Pbxw6YMo4r2diNEA8FEmu32YOn9rhaiE5yw==" + } + } + }, "@likecoin/secretd-js": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/@likecoin/secretd-js/-/secretd-js-0.2.0.tgz", - "integrity": "sha512-vn9/TfDyKgZdi4OC8V/j5yLx0ZdLaCgeE4gXTqtCVxs4q4JApD545jN81cBlPlac65Pbl/SBeBLmY5F8ymc6cQ==", + "version": "0.4.3", + "resolved": "https://registry.npmjs.org/@likecoin/secretd-js/-/secretd-js-0.4.3.tgz", + "integrity": "sha512-QbndSjd92L3ZRQaHVE/2T7g7+I5MTlx69241m5qyaEaEIi0H5FXVgRO/sBLDbdKcHJMQ/Q351sWmai75ihIyoQ==", "requires": { "@babel/runtime-corejs3": "^7.9.2", + "@likecoin/noise-js": "^0.1.0", "axios": "^0.19.0", "bech32": "^1.1.3", "bignumber.js": "^9.0.0", "cbor": "^5.0.1", "fast-json-stable-stringify": "^2.0.0", - "lodash": "^4.17.15", - "noise-js": "git+https://gitlab.com/blocksq/noise-js.git" + "lodash": "^4.17.15" }, "dependencies": { "axios": { @@ -1950,9 +1972,9 @@ } }, "bignumber.js": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-9.0.1.tgz", - "integrity": "sha512-IdZR9mh6ahOBv/hYGiXyVuyCetmGJhtYkqLBpTStdhEGjegpPlUawydyaF3pbIOFynJTpllEs+NP+CS9jKFLjA==" + "version": "9.0.2", + "resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-9.0.2.tgz", + "integrity": "sha512-GAcQvbpsM0pUb0zw1EI0KhQEZ+lRwR5fYaAp3vPOYuP7aDvGy6cVN6XHLauvF8SOga2y0dcLcjt3iQDTSEliyw==" }, "lodash": { "version": "4.17.21", @@ -4078,18 +4100,18 @@ "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" }, "cbor": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/cbor/-/cbor-5.0.1.tgz", - "integrity": "sha512-l4ghwqioCyuAaD3LvY4ONwv8NMuERz62xjbMHGdWBqERJPygVmoFER1b4+VS6iW0rXwoVGuKZPPPTofwWOg3YQ==", + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/cbor/-/cbor-5.2.0.tgz", + "integrity": "sha512-5IMhi9e1QU76ppa5/ajP1BmMWZ2FHkhAhjeVKQ/EFCgYSEaeVaoGtL7cxJskf9oCCk+XjzaIdc3IuU/dbA/o2A==", "requires": { - "bignumber.js": "^9.0.0", - "nofilter": "^1.0.3" + "bignumber.js": "^9.0.1", + "nofilter": "^1.0.4" }, "dependencies": { "bignumber.js": { - "version": "9.0.0", - "resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-9.0.0.tgz", - "integrity": "sha512-t/OYhhJ2SD+YGBQcjY8GzzDHEk9f3nerxjtfa6tlMXfe7frs/WozhvCNoGvpM0P3bNf3Gq5ZRMlGr5f3r4/N8A==" + "version": "9.0.2", + "resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-9.0.2.tgz", + "integrity": "sha512-GAcQvbpsM0pUb0zw1EI0KhQEZ+lRwR5fYaAp3vPOYuP7aDvGy6cVN6XHLauvF8SOga2y0dcLcjt3iQDTSEliyw==" } } }, @@ -4648,9 +4670,9 @@ "dev": true }, "core-js-pure": { - "version": "3.18.2", - "resolved": "https://registry.npmjs.org/core-js-pure/-/core-js-pure-3.18.2.tgz", - "integrity": "sha512-4hMMLUlZhKJKOWbbGD1/VDUxGPEhEoN/T01k7bx271WiBKCvCfkgPzy0IeRS4PB50p6/N1q/SZL4B/TRsTE5bA==" + "version": "3.22.2", + "resolved": "https://registry.npmjs.org/core-js-pure/-/core-js-pure-3.22.2.tgz", + "integrity": "sha512-Lb+/XT4WC4PaCWWtZpNPaXmjiNDUe5CJuUtbkMrIM1kb1T/jJoAIp+bkVP/r5lHzMr+ZAAF8XHp7+my6Ol0ysQ==" }, "core-util-is": { "version": "1.0.2", @@ -10390,30 +10412,9 @@ } }, "nofilter": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/nofilter/-/nofilter-1.0.3.tgz", - "integrity": "sha512-FlUlqwRK6reQCaFLAhMcF+6VkVG2caYjKQY3YsRDTl4/SEch595Qb3oLjJRDr8dkHAAOVj2pOx3VknfnSgkE5g==" - }, - "noise-js": { - "version": "git+https://gitlab.com/blocksq/noise-js.git#f2d9e64514aa12c122e9825b41fdb96ef6647ed4", - "from": "git+https://gitlab.com/blocksq/noise-js.git", - "requires": { - "clone": "^2.1.2", - "nanoassert": "^1.1.0", - "tweetnacl": "^1.0.1" - }, - "dependencies": { - "clone": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz", - "integrity": "sha1-G39Ln1kfHo+DZwQBYANFoCiHQ18=" - }, - "tweetnacl": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-1.0.3.tgz", - "integrity": "sha512-6rt+RN7aOi1nGMyC4Xa5DdYiukl2UWCbcJft7YhxReBGQD7OAM8Pbxw6YMo4r2diNEA8FEmu32YOn9rhaiE5yw==" - } - } + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/nofilter/-/nofilter-1.0.4.tgz", + "integrity": "sha512-N8lidFp+fCz+TD51+haYdbDGrcBWwuHX40F5+z0qkUjMJ5Tp+rdSuAkMJ9N9eoolDlEVTf6u5icM+cNKkKW2mA==" }, "nopt": { "version": "3.0.6", diff --git a/package.json b/package.json index 5624b91ed..034806eec 100644 --- a/package.json +++ b/package.json @@ -47,7 +47,7 @@ "@google-cloud/pubsub": "^1.2.0", "@likecoin/iscn-js": "0.0.7", "@likecoin/likecoin-email-templates": "^1.2.2", - "@likecoin/secretd-js": "^0.2.0", + "@likecoin/secretd-js": "^0.4.3", "@sendgrid/mail": "^6.5.5", "agentkeepalive": "^4.1.3", "arweave": "^1.10.17", From 9491c5fb88d811bbb6785093ed45a10bcc207a3b Mon Sep 17 00:00:00 2001 From: "Ng Wing Tat, David" Date: Thu, 28 Apr 2022 16:50:50 +0800 Subject: [PATCH 4/4] =?UTF-8?q?=E2=9A=A1=EF=B8=8F=20Use=20md5=20for=20avat?= =?UTF-8?q?ar=20version=20hash?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/util/fileupload.js | 7 +++++-- test/stub/util/fileupload.js | 7 +++++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/util/fileupload.js b/src/util/fileupload.js index c9205aa1f..d00af292e 100644 --- a/src/util/fileupload.js +++ b/src/util/fileupload.js @@ -11,6 +11,8 @@ import { ValidationError } from './ValidationError'; const sharp = require('sharp'); const fileType = require('file-type'); const sha256 = require('js-sha256'); +// eslint-disable-next-line import/no-extraneous-dependencies +const md5 = require('md5-hex'); export function uploadFileAndGetLink(file, { filename, mimetype }) { const isStream = file && typeof file.pipe === 'function'; @@ -47,8 +49,8 @@ export async function handleAvatarUploadAndGetURL(user, file, avatarSHA256) { throw new ValidationError(`unsupported file format! ${(type || {}).ext || JSON.stringify(type)}`); } - const hash256 = sha256(file.buffer); if (avatarSHA256) { + const hash256 = sha256(file.buffer); if (hash256 !== avatarSHA256) throw new ValidationError('avatar sha not match'); } @@ -58,7 +60,8 @@ export async function handleAvatarUploadAndGetURL(user, file, avatarSHA256) { filename: `likecoin_store_user_${user}_${IS_TESTNET ? 'test' : 'main'}`, mimetype: file.mimetype, }); - return `${avatarUrl}&${hash256.substring(0, 7)}`; + const versionHash = md5(file.buffer).substring(0, 7); + return `${avatarUrl}&${versionHash}`; } export async function handleAvatarLinkAndGetURL(user, url) { diff --git a/test/stub/util/fileupload.js b/test/stub/util/fileupload.js index e30c6cb22..a97fa6801 100644 --- a/test/stub/util/fileupload.js +++ b/test/stub/util/fileupload.js @@ -10,6 +10,8 @@ import { ValidationError } from './ValidationError'; const sharp = require('sharp'); const fileType = require('file-type'); const sha256 = require('js-sha256'); +// eslint-disable-next-line import/no-extraneous-dependencies +const md5 = require('md5-hex'); export function uploadFileAndGetLink() { return 'fakeAvatarUrl'; @@ -21,8 +23,8 @@ export async function handleAvatarUploadAndGetURL(user, file, avatarSHA256) { throw new ValidationError(`unsupported file format! ${(type || {}).ext || JSON.stringify(type)}`); } - const hash256 = sha256(file.buffer); if (avatarSHA256) { + const hash256 = sha256(file.buffer); if (hash256 !== avatarSHA256) throw new ValidationError('avatar sha not match'); } @@ -32,7 +34,8 @@ export async function handleAvatarUploadAndGetURL(user, file, avatarSHA256) { filename: `likecoin_store_user_${user}_${IS_TESTNET ? 'test' : 'main'}`, mimetype: file.mimetype, }); - return `${avatarUrl}&${hash256.substring(0, 7)}`; + const versionHash = md5(file.buffer).substring(0, 7); + return `${avatarUrl}&${versionHash}`; } export async function handleAvatarLinkAndGetURL(user, url) {