68 lines
1.8 KiB
JavaScript
68 lines
1.8 KiB
JavaScript
import { access, readFile, writeFile } from "node:fs/promises";
|
|
|
|
const candidates = [
|
|
"node_modules/@indiekit/indiekit/lib/indieauth.js",
|
|
];
|
|
|
|
const oldDevModeCode = `if (devMode) {
|
|
request.session.access_token = process.env.NODE_ENV;
|
|
request.session.scope = "create update delete media";
|
|
} else if (!process.env.PASSWORD_SECRET) {`;
|
|
|
|
const newDevModeCode = `if (devMode && process.env.INDIEKIT_ALLOW_DEV_AUTH === "1") {
|
|
request.session.access_token = process.env.NODE_ENV;
|
|
request.session.scope = "create update delete media";
|
|
} else if (!process.env.PASSWORD_SECRET) {`;
|
|
|
|
const oldRedirectRegex =
|
|
"const validRedirect = redirect.match(/^\\/[\\w&/=?]*$/);";
|
|
const newRedirectRegex =
|
|
"const validRedirect = redirect.match(/^\\/[\\w&/=?%.-]*$/);";
|
|
|
|
async function exists(path) {
|
|
try {
|
|
await access(path);
|
|
return true;
|
|
} catch {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
let checked = 0;
|
|
let patched = 0;
|
|
|
|
for (const filePath of candidates) {
|
|
if (!(await exists(filePath))) {
|
|
continue;
|
|
}
|
|
|
|
checked += 1;
|
|
|
|
const source = await readFile(filePath, "utf8");
|
|
let updated = source;
|
|
|
|
if (!updated.includes(newDevModeCode) && updated.includes(oldDevModeCode)) {
|
|
updated = updated.replace(oldDevModeCode, newDevModeCode);
|
|
}
|
|
|
|
if (
|
|
!updated.includes(newRedirectRegex) &&
|
|
updated.includes(oldRedirectRegex)
|
|
) {
|
|
updated = updated.replace(oldRedirectRegex, newRedirectRegex);
|
|
}
|
|
|
|
if (updated !== source) {
|
|
await writeFile(filePath, updated, "utf8");
|
|
patched += 1;
|
|
}
|
|
}
|
|
|
|
if (checked === 0) {
|
|
console.log("[postinstall] No indieauth middleware files found");
|
|
} else if (patched === 0) {
|
|
console.log("[postinstall] indieauth auth-guard patches already applied");
|
|
} else {
|
|
console.log(`[postinstall] Patched indieauth auth guards/redirect validation in ${patched} file(s)`);
|
|
}
|