Added chat bootstrapping

Author: changesbyjames

apps/ui/src/router.tsx

@@ -16,6 +16,7 @@ import { SignIn } from './pages/authentication/SignIn';
 import { SignOut } from './pages/authentication/SignOut';
 import { SignOutRedirect } from './pages/authentication/SignOutRedirect';
 import { useSnapshot } from './services/api/snapshot';
+import { useAPI } from './services/query/hooks';
 
 const auth: RouteObject = {
   path: 'auth',
@@ -357,13 +358,29 @@ const Thumbnail: FC<{ url: string; selected: boolean; onClick: () => void; keep:
   );
 };
 
+const Status: FC = () => {
+  const api = useAPI();
+  const response = useSuspenseQuery({
+    queryKey: ['status'],
+    queryFn: () => {
+      return api.chat.status.query();
+    }
+  });
+
+  return <div>{JSON.stringify(response.data)}</div>;
+};
+
 export const router = createBrowserRouter([
   {
     element: <Authenticated />,
     children: [
       {
         element: <Main />,
         children: [
+          {
+            path: '/status',
+            element: <Status />
+          },
           {
             path: '/snapshots/:id',
             element: <Home />

docker-compose.yml

@@ -27,8 +27,8 @@ services:
     # https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode
     # network_mode: "host"
     volumes:
-      - dragonflydata:/data
+      - dragonflydata2:/data
 
 volumes:
-  dragonflydata:
+  dragonflydata2:
   pgfdata:

infrastructure/pulumi/Pulumi.prod.yaml

@@ -8,3 +8,4 @@ config:
     secure: AAABAG0Qc+H+3ZiC/BAz9AsJRBt8X4J1IJ+CwlpQMoqGGxehsbBxq6vAPwaY+FuEk1y005zygnwBljatENg=
   crittercapture:twitch-username: pollinatorcam
   crittercapture:ui-url: https://www.crittercapture.club
+  crittercapture:api-url: https://api.crittercapture.club

infrastructure/pulumi/index.ts

@@ -184,7 +184,7 @@ export = async () => {
     ...website,
     env: {
       variables: {
-        apiBaseUrl: api.defaultUrl,
+        apiBaseUrl: config.get('api-url') ?? api.defaultUrl,
         appInsightsConnectionString: appInsights.connectionString
       },
       flags: {}

services/api/src/api/chat.ts

@@ -0,0 +1,8 @@
+import { status } from '../services/chat/index.js';
+import { moderatorProcedure, router } from '../trpc/trpc.js';
+
+export default router({
+  status: moderatorProcedure.query(async ({ ctx }) => {
+    return status;
+  })
+});

services/api/src/api/index.ts

@@ -1,10 +1,12 @@
 import { router } from '../trpc/trpc.js';
+import chat from './chat.js';
 import feed from './feed.js';
 import me from './me.js';
 import snapshot from './snapshot.js';
 
 export default router({
   me,
   feed,
-  snapshot
+  snapshot,
+  chat
 });

services/api/src/index.ts

@@ -9,6 +9,7 @@ import { start } from './services/chat/index.js';
 import { createContext } from './trpc/context.js';
 
 import authRouter from './services/auth/router.js';
+import adminRouter from './services/chat/auth/router.js';
 // Export type router type signature,
 // NOT the router itself.
 export type AppRouter = typeof router;
@@ -23,7 +24,7 @@ import { createEnvironment, withEnvironment } from './utils/env/env.js';
       const server = fastify(options);
       await server.register(cors);
       await server.register(authRouter);
-
+      await server.register(adminRouter);
       await server.register(fastifyTRPCPlugin, {
         trpcOptions: {
           router,

services/api/src/services/chat/auth/auth.ts services/api/src/services/auth/auth.ts

@@ -1,6 +1,6 @@
 import { exchangeCode } from '@twurple/auth';
 import z from 'zod';
-import { useEnvironment } from '../../../utils/env/env.js';
+import { useEnvironment } from '../../utils/env/env.js';
 
 const scopes = ['chat:read', 'chat:edit', 'user:read:chat', 'user:write:chat'];
 export const createSignInRequest = (path: string, state: string) => {
@@ -26,32 +26,6 @@ export const exchangeCodeForToken = async (code: string) => {
   return token;
 };
 
-const TwitchAccessToken = z.object({
-  accessToken: z.string(),
-  refreshToken: z.string().nullable(),
-  expiresIn: z.number().nullable(),
-  scope: z.array(z.string()),
-  obtainmentTimestamp: z.number()
-});
-
-export const saveToken = async (token: z.infer<typeof TwitchAccessToken>) => {
-  const env = useEnvironment();
-  await env.redis.set('twitch:token', JSON.stringify(token));
-};
-
-export const restoreToken = async () => {
-  const env = useEnvironment();
-  const token = await env.redis.get('twitch:token');
-  if (!token) return;
-
-  const parsed = TwitchAccessToken.safeParse(JSON.parse(token));
-  if (!parsed.success) {
-    console.warn(`Invalid token in redis: ${token}`);
-    return;
-  }
-  return parsed.data;
-};
-
 const TwitchValidationResponse = z.object({
   user_id: z.string()
 });

services/api/src/services/auth/router.ts

@@ -3,7 +3,7 @@ import { TimeSpan } from 'oslo';
 import { createJWT } from 'oslo/jwt';
 import { z } from 'zod';
 import { useEnvironment } from '../../utils/env/env.js';
-import { createSignInRequest, exchangeCodeForToken, getUserInformation, validateToken } from '../chat/auth/auth.js';
+import { createSignInRequest, exchangeCodeForToken, getUserInformation, validateToken } from './auth.js';
 
 const TwitchRedirectResponse = z.object({
   code: z.string(),

services/api/src/services/chat/auth/router.ts

@@ -1,27 +1,39 @@
 import { FastifyInstance } from 'fastify';
 import { z } from 'zod';
-import { createSignInRequest, exchangeCodeForToken, restoreToken, saveToken } from './auth.js';
+import { useEnvironment } from '../../../utils/env/env.js';
+import { createSignInRequest, exchangeCodeForToken, getUserInformation, validateToken } from '../../auth/auth.js';
+import { start, status } from '../index.js';
+import { saveToken } from './token.js';
 
 const TwitchRedirectResponse = z.object({
   code: z.string(),
   scope: z.string()
 });
 
 export default async function register(router: FastifyInstance) {
-  router.get('/auth/signin', async (request, reply) => {
-    const url = createSignInRequest('/auth/redirect', crypto.randomUUID());
+  router.get('/admin/signin', async (request, reply) => {
+    const url = createSignInRequest('/admin/redirect', crypto.randomUUID());
     return reply.redirect(url);
   });
 
-  router.get('/auth/redirect', async (request, reply) => {
+  router.get('/admin/redirect', async (request, reply) => {
+    const env = useEnvironment();
     const query = TwitchRedirectResponse.parse(request.query);
     const token = await exchangeCodeForToken(query.code);
+    if (!(await validateToken(token.accessToken))) {
+      throw new Error('Invalid token');
+    }
+
+    const user = await getUserInformation(token.accessToken);
+    if (user.login !== env.variables.TWITCH_USERNAME) {
+      throw new Error('Invalid user');
+    }
+
     await saveToken(token);
-    return reply.send(`Thank you for signing in!`);
-  });
 
-  router.get('/auth/status', async (request, reply) => {
-    const token = await restoreToken();
-    return reply.send(token);
+    if (status.status === 'offline:not_authenticated') {
+      await start();
+    }
+    return reply.send(`Thank you for signing in!`);
   });
 }

services/api/src/services/chat/auth/token.ts

@@ -0,0 +1,28 @@
+import { z } from 'zod';
+import { useEnvironment } from '../../../utils/env/env.js';
+
+const TwitchAccessToken = z.object({
+  accessToken: z.string(),
+  refreshToken: z.string().nullable(),
+  expiresIn: z.number().nullable(),
+  scope: z.array(z.string()),
+  obtainmentTimestamp: z.number()
+});
+
+export const saveToken = async (token: z.infer<typeof TwitchAccessToken>) => {
+  const env = useEnvironment();
+  await env.redis.set('twitch:token', JSON.stringify(token));
+};
+
+export const restoreToken = async () => {
+  const env = useEnvironment();
+  const token = await env.redis.get('twitch:token');
+  if (!token) return;
+
+  const parsed = TwitchAccessToken.safeParse(JSON.parse(token));
+  if (!parsed.success) {
+    console.warn(`Invalid token in redis: ${token}`);
+    return;
+  }
+  return parsed.data;
+};

services/api/src/services/chat/index.ts

@@ -2,13 +2,41 @@ import { RefreshingAuthProvider } from '@twurple/auth';
 import { ChatClient } from '@twurple/chat';
 import { useEnvironment } from '../../utils/env/env.js';
 import { createSnapshotRequest } from '../snapshot/index.js';
-import { restoreToken, saveToken } from './auth/auth.js';
+import { restoreToken, saveToken } from './auth/token.js';
+interface Status {
+  status: 'pending' | 'offline:not_authenticated' | 'offline' | 'online';
+  channels: string[];
+  commands: string[];
+}
+
+const handler: Record<string, (chat: ChatClient, channel: string, user: string, message: string) => Promise<void>> = {
+  capture: async (chat: ChatClient, channel: string, user: string, message: string) => {
+    const env = useEnvironment();
+    const [_, duration, rewind] = message.split(' ');
+    if (isNaN(Number(duration)) || isNaN(Number(rewind))) {
+      chat.say(channel, `@${user} Invalid duration or rewind. Please use !capture <duration> <rewind>`);
+      return;
+    }
+    const request = await createSnapshotRequest('twitch', user, Number(duration), Number(rewind));
+    chat.say(channel, `@${user} Critter captured! ${env.variables.UI_URL}/snapshots/${request.id}`);
+  }
+};
+
+export const status: Status = {
+  status: 'pending',
+  channels: ['strangecyan', 'alveusgg'],
+  commands: Object.keys(handler)
+};
 
 export const start = async () => {
   const env = useEnvironment();
 
   const token = await restoreToken();
-  if (!token) throw new Error('No token found, cannot start chat. Please sign in.');
+  if (!token) {
+    status.status = 'offline:not_authenticated';
+    return;
+  }
+
   const auth = new RefreshingAuthProvider({
     clientId: env.variables.TWITCH_CLIENT_ID,
     clientSecret: env.variables.TWITCH_CLIENT_SECRET
@@ -17,20 +45,20 @@ export const start = async () => {
   auth.onRefresh((_, token) => saveToken(token));
   await auth.addUserForToken(token, ['chat']);
 
-  const chat = new ChatClient({ authProvider: auth, channels: ['strangecyan', 'alveusgg'] });
+  const chat = new ChatClient({ authProvider: auth, channels: status.channels });
+  chat.onConnect(() => (status.status = 'online'));
+
+  chat.onDisconnect(() => (status.status = 'offline'));
+
   chat.connect();
 
   chat.onMessage(async (channel, user, message) => {
     if (!message.startsWith('!')) return;
 
-    if (message.startsWith('!polcapture')) {
-      const [_, duration, rewind] = message.split(' ');
-      if (isNaN(Number(duration)) || isNaN(Number(rewind))) {
-        chat.say(channel, `@${user} Invalid duration or rewind. Please use !polcapture <duration> <rewind>`);
-        return;
+    for (const command of status.commands) {
+      if (message.startsWith(`!${command}`)) {
+        await handler[command](chat, channel, user, message);
       }
-      const request = await createSnapshotRequest('twitch', user, Number(duration), Number(rewind));
-      chat.say(channel, `@${user} Critter captured! ${env.variables.UI_URL}/snapshots/${request.id}`);
     }
   });
 };

services/api/src/trpc/trpc.ts

@@ -1,8 +1,8 @@
 import { initTRPC } from '@trpc/server';
 import { eq } from 'drizzle-orm';
 import { validateJWT } from 'oslo/jwt';
-import { feeds } from '../db/schema/index.js';
-import { withUser } from '../utils/env/env.js';
+import { feeds, roles } from '../db/schema/index.js';
+import { useUser, withUser } from '../utils/env/env.js';
 import { createContext } from './context.js';
 
 const t = initTRPC.context<typeof createContext>().create();
@@ -25,6 +25,31 @@ export const procedure = t.procedure.use(async ({ ctx, next }) => {
   return withUser({ id: decoded.subject }, next);
 });
 
+export const moderatorProcedure = procedure.use(async ({ ctx, next }) => {
+  const user = useUser();
+  const [role] = await ctx.db.select().from(roles).where(eq(roles.username, user.id));
+  if (role?.role !== 'mod' && role?.role !== 'admin') {
+    throw new Error('Unauthorized');
+  }
+  return next();
+});
+
+export const adminProcedure = procedure.use(async ({ ctx, next }) => {
+  const user = useUser();
+  const [role] = await ctx.db.select().from(roles).where(eq(roles.username, user.id));
+  if (role?.role !== 'admin') {
+    throw new Error('Unauthorized');
+  }
+  return next();
+});
+
+export const editorProcedure = procedure.use(async ({ ctx, next }) => {
+  const user = useUser();
+  const [role] = await ctx.db.select().from(roles).where(eq(roles.username, user.id));
+  if (!role?.role) throw new Error('Unauthorized');
+  return next();
+});
+
 export const integrationProcedure = t.procedure.use(async ({ ctx, next }) => {
   const headers = ctx.req.headers;
   const authorization = headers.authorization;

services/api/src/utils/env/config.ts

@@ -5,12 +5,17 @@ import { initialise } from '../../db/db.js';
 export const config = z.object({
   TWITCH_CLIENT_ID: z.string(),
   TWITCH_CLIENT_SECRET: z.string(),
+  TWITCH_USERNAME: z.string(),
+
+  NODE_ENV: z.enum(['development', 'production']).default('development'),
+  HOST: z.string(),
+  PORT: z.coerce.number(),
+
   REDIS_HOST: z.string(),
   REDIS_PORT: z.string(),
   REDIS_PASSWORD: z.string().optional(),
   REDIS_SSL: z.coerce.boolean().default(false),
-  HOST: z.string(),
-  PORT: z.coerce.number(),
+
   POSTGRES_HOST: z.string(),
   POSTGRES_USER: z.string(),
   POSTGRES_PASSWORD: z.string(),
@@ -19,8 +24,7 @@ export const config = z.object({
 
   UI_URL: z.string(),
 
-  JWT_SECRET: z.string().transform(value => Buffer.from(value, 'hex')),
-  NODE_ENV: z.enum(['development', 'production']).default('development')
+  JWT_SECRET: z.string().transform(value => Buffer.from(value, 'hex'))
 });
 
 export const services = async (variables: z.infer<typeof config>) => {