| 
									
										
										
										
											2020-04-26 14:26:57 +02:00
										 |  |  | "use strict"; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-18 21:35:17 +03:00
										 |  |  | import utils from "../services/utils.js"; | 
					
						
							| 
									
										
										
										
											2024-07-18 21:37:45 +03:00
										 |  |  | import multer from "multer"; | 
					
						
							| 
									
										
										
										
											2024-07-18 21:35:17 +03:00
										 |  |  | import log from "../services/log.js"; | 
					
						
							| 
									
										
										
										
											2024-07-18 21:37:45 +03:00
										 |  |  | import express from "express"; | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  | const router = express.Router(); | 
					
						
							| 
									
										
										
										
											2024-07-18 21:35:17 +03:00
										 |  |  | import auth from "../services/auth.js"; | 
					
						
							|  |  |  | import cls from "../services/cls.js"; | 
					
						
							|  |  |  | import sql from "../services/sql.js"; | 
					
						
							|  |  |  | import entityChangesService from "../services/entity_changes.js"; | 
					
						
							| 
									
										
										
										
											2024-07-18 21:37:45 +03:00
										 |  |  | import csurf from "csurf"; | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | import { createPartialContentHandler } from "express-partial-content"; | 
					
						
							| 
									
										
										
										
											2024-07-18 21:37:45 +03:00
										 |  |  | import rateLimit from "express-rate-limit"; | 
					
						
							| 
									
										
										
										
											2024-07-18 21:35:17 +03:00
										 |  |  | import AbstractBeccaEntity from "../becca/entities/abstract_becca_entity.js"; | 
					
						
							|  |  |  | import NotFoundError from "../errors/not_found_error.js"; | 
					
						
							|  |  |  | import ValidationError from "../errors/validation_error.js"; | 
					
						
							| 
									
										
										
										
											2017-11-03 23:00:35 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  | // page routes
 | 
					
						
							| 
									
										
										
										
											2024-07-18 21:35:17 +03:00
										 |  |  | import setupRoute from "./setup.js"; | 
					
						
							|  |  |  | import loginRoute from "./login.js"; | 
					
						
							|  |  |  | import indexRoute from "./index.js"; | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-11-03 23:00:35 -04:00
										 |  |  | // API routes
 | 
					
						
							| 
									
										
										
										
											2024-07-18 21:35:17 +03:00
										 |  |  | import treeApiRoute from "./api/tree.js"; | 
					
						
							|  |  |  | import notesApiRoute from "./api/notes.js"; | 
					
						
							|  |  |  | import branchesApiRoute from "./api/branches.js"; | 
					
						
							|  |  |  | import attachmentsApiRoute from "./api/attachments.js"; | 
					
						
							|  |  |  | import autocompleteApiRoute from "./api/autocomplete.js"; | 
					
						
							|  |  |  | import cloningApiRoute from "./api/cloning.js"; | 
					
						
							|  |  |  | import revisionsApiRoute from "./api/revisions.js"; | 
					
						
							|  |  |  | import recentChangesApiRoute from "./api/recent_changes.js"; | 
					
						
							|  |  |  | import optionsApiRoute from "./api/options.js"; | 
					
						
							|  |  |  | import passwordApiRoute from "./api/password.js"; | 
					
						
							|  |  |  | import syncApiRoute from "./api/sync.js"; | 
					
						
							|  |  |  | import loginApiRoute from "./api/login.js"; | 
					
						
							|  |  |  | import recentNotesRoute from "./api/recent_notes.js"; | 
					
						
							|  |  |  | import appInfoRoute from "./api/app_info.js"; | 
					
						
							|  |  |  | import exportRoute from "./api/export.js"; | 
					
						
							|  |  |  | import importRoute from "./api/import.js"; | 
					
						
							|  |  |  | import setupApiRoute from "./api/setup.js"; | 
					
						
							|  |  |  | import sqlRoute from "./api/sql.js"; | 
					
						
							|  |  |  | import databaseRoute from "./api/database.js"; | 
					
						
							|  |  |  | import imageRoute from "./api/image.js"; | 
					
						
							|  |  |  | import attributesRoute from "./api/attributes.js"; | 
					
						
							|  |  |  | import scriptRoute from "./api/script.js"; | 
					
						
							|  |  |  | import senderRoute from "./api/sender.js"; | 
					
						
							|  |  |  | import filesRoute from "./api/files.js"; | 
					
						
							|  |  |  | import searchRoute from "./api/search.js"; | 
					
						
							|  |  |  | import bulkActionRoute from "./api/bulk_action.js"; | 
					
						
							|  |  |  | import specialNotesRoute from "./api/special_notes.js"; | 
					
						
							|  |  |  | import noteMapRoute from "./api/note_map.js"; | 
					
						
							|  |  |  | import clipperRoute from "./api/clipper.js"; | 
					
						
							|  |  |  | import similarNotesRoute from "./api/similar_notes.js"; | 
					
						
							|  |  |  | import keysRoute from "./api/keys.js"; | 
					
						
							|  |  |  | import backendLogRoute from "./api/backend_log.js"; | 
					
						
							|  |  |  | import statsRoute from "./api/stats.js"; | 
					
						
							|  |  |  | import fontsRoute from "./api/fonts.js"; | 
					
						
							|  |  |  | import etapiTokensApiRoutes from "./api/etapi_tokens.js"; | 
					
						
							|  |  |  | import relationMapApiRoute from "./api/relation-map.js"; | 
					
						
							|  |  |  | import otherRoute from "./api/other.js"; | 
					
						
							|  |  |  | import shareRoutes from "../share/routes.js"; | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-18 21:35:17 +03:00
										 |  |  | import etapiAuthRoutes from "../etapi/auth.js"; | 
					
						
							|  |  |  | import etapiAppInfoRoutes from "../etapi/app_info.js"; | 
					
						
							|  |  |  | import etapiAttachmentRoutes from "../etapi/attachments.js"; | 
					
						
							|  |  |  | import etapiAttributeRoutes from "../etapi/attributes.js"; | 
					
						
							|  |  |  | import etapiBranchRoutes from "../etapi/branches.js"; | 
					
						
							|  |  |  | import etapiNoteRoutes from "../etapi/notes.js"; | 
					
						
							|  |  |  | import etapiSpecialNoteRoutes from "../etapi/special_notes.js"; | 
					
						
							|  |  |  | import etapiSpecRoute from "../etapi/spec.js"; | 
					
						
							|  |  |  | import etapiBackupRoute from "../etapi/backup.js"; | 
					
						
							| 
									
										
										
										
											2024-07-24 20:23:05 +03:00
										 |  |  | import { AppRequest, AppRequestHandler } from './route-interface.js'; | 
					
						
							| 
									
										
										
										
											2017-11-03 23:00:35 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-03-24 23:03:30 +01:00
										 |  |  | const csrfMiddleware = csurf({ | 
					
						
							| 
									
										
										
										
											2024-04-17 23:00:02 +03:00
										 |  |  |     cookie: { | 
					
						
							|  |  |  |         path: ""       // empty, so cookie is valid only for the current path
 | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | }); | 
					
						
							| 
									
										
										
										
											2018-03-30 12:57:22 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-09-03 15:11:03 +02:00
										 |  |  | const MAX_ALLOWED_FILE_SIZE_MB = 250; | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  | const GET = 'get', PST = 'post', PUT = 'put', PATCH = 'patch', DEL = 'delete'; | 
					
						
							| 
									
										
										
										
											2022-11-17 22:54:45 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | type ApiResultHandler = (req: express.Request, res: express.Response, result: unknown) => number; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // TODO: Deduplicate with etapi_utils.ts afterwards.
 | 
					
						
							|  |  |  | type HttpMethod = "all" | "get" | "post" | "put" | "delete" | "patch" | "options" | "head"; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  | const uploadMiddleware = createUploadMiddleware(); | 
					
						
							| 
									
										
										
										
											2022-09-03 15:11:03 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | const uploadMiddlewareWithErrorHandling = function (req: express.Request, res: express.Response, next: express.NextFunction) { | 
					
						
							| 
									
										
										
										
											2022-09-03 15:11:03 +02:00
										 |  |  |     uploadMiddleware(req, res, function (err) { | 
					
						
							|  |  |  |         if (err?.code === 'LIMIT_FILE_SIZE') { | 
					
						
							|  |  |  |             res.setHeader("Content-Type", "text/plain") | 
					
						
							|  |  |  |                 .status(400) | 
					
						
							|  |  |  |                 .send(`Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         else { | 
					
						
							|  |  |  |             next(); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |     }); | 
					
						
							|  |  |  | }; | 
					
						
							| 
									
										
										
										
											2018-03-30 12:57:22 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | function register(app: express.Application) { | 
					
						
							| 
									
										
										
										
											2019-03-24 22:41:53 +01:00
										 |  |  |     route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index); | 
					
						
							| 
									
										
										
										
											2021-12-29 23:19:05 +01:00
										 |  |  |     route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage); | 
					
						
							| 
									
										
										
										
											2022-01-12 19:32:23 +01:00
										 |  |  |     route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage); | 
					
						
							| 
									
										
										
										
											2021-06-11 21:00:06 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-18 21:56:20 +03:00
										 |  |  |     const loginRateLimiter = rateLimit({ | 
					
						
							| 
									
										
										
										
											2021-06-11 21:00:06 +02:00
										 |  |  |         windowMs: 15 * 60 * 1000, // 15 minutes
 | 
					
						
							| 
									
										
										
										
											2022-11-19 18:45:26 +01:00
										 |  |  |         max: 10, // limit each IP to 10 requests per windowMs
 | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |         skipSuccessfulRequests: true // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
 | 
					
						
							| 
									
										
										
										
											2021-06-11 21:00:06 +02:00
										 |  |  |     }); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     route(PST, '/login', [loginRateLimiter], loginRoute.login); | 
					
						
							|  |  |  |     route(PST, '/logout', [csrfMiddleware, auth.checkAuth], loginRoute.logout); | 
					
						
							|  |  |  |     route(PST, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword); | 
					
						
							| 
									
										
										
										
											2019-12-24 14:42:03 +01:00
										 |  |  |     route(GET, '/setup', [], setupRoute.setupPage); | 
					
						
							| 
									
										
										
										
											2017-11-03 23:00:35 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-30 12:57:22 -04:00
										 |  |  |     apiRoute(GET, '/api/tree', treeApiRoute.getTree); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/tree/load', treeApiRoute.load); | 
					
						
							| 
									
										
										
										
											2018-04-18 00:26:42 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-30 12:57:22 -04:00
										 |  |  |     apiRoute(GET, '/api/notes/:noteId', notesApiRoute.getNote); | 
					
						
							| 
									
										
										
										
											2023-05-05 16:37:39 +02:00
										 |  |  |     apiRoute(GET, '/api/notes/:noteId/blob', notesApiRoute.getNoteBlob); | 
					
						
							| 
									
										
										
										
											2023-05-05 22:21:51 +02:00
										 |  |  |     apiRoute(GET, '/api/notes/:noteId/metadata', notesApiRoute.getNoteMetadata); | 
					
						
							| 
									
										
										
										
											2023-01-24 09:19:49 +01:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/data', notesApiRoute.updateNoteData); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(DEL, '/api/notes/:noteId', notesApiRoute.deleteNote); | 
					
						
							| 
									
										
										
										
											2020-01-03 13:14:43 +01:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/undelete', notesApiRoute.undeleteNote); | 
					
						
							| 
									
										
										
										
											2023-06-04 23:01:40 +02:00
										 |  |  |     apiRoute(PST, '/api/notes/:noteId/revision', notesApiRoute.forceSaveRevision); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/notes/:parentNoteId/children', notesApiRoute.createNote); | 
					
						
							| 
									
										
										
										
											2021-02-28 23:40:15 +01:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/sort-children', notesApiRoute.sortChildNotes); | 
					
						
							| 
									
										
										
										
											2020-02-26 16:37:17 +01:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/protect/:isProtected', notesApiRoute.protectNote); | 
					
						
							| 
									
										
										
										
											2021-12-08 22:36:09 +01:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/type', notesApiRoute.setNoteTypeMime); | 
					
						
							| 
									
										
										
										
											2022-06-13 22:38:59 +02:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/title', notesApiRoute.changeTitle); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/notes/:noteId/duplicate/:parentNoteId', notesApiRoute.duplicateSubtree); | 
					
						
							| 
									
										
										
										
											2021-12-27 23:39:46 +01:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/clone-to-branch/:parentBranchId', cloningApiRoute.cloneNoteToBranch); | 
					
						
							| 
									
										
										
										
											2022-12-04 13:16:05 +01:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present', cloningApiRoute.toggleNoteInParent); | 
					
						
							| 
									
										
										
										
											2023-04-15 00:06:13 +02:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/clone-to-note/:parentNoteId', cloningApiRoute.cloneNoteToParentNote); | 
					
						
							| 
									
										
										
										
											2018-03-30 13:20:36 -04:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/clone-after/:afterBranchId', cloningApiRoute.cloneNoteAfter); | 
					
						
							| 
									
										
										
										
											2022-09-03 15:11:03 +02:00
										 |  |  |     route(PUT, '/api/notes/:noteId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], | 
					
						
							| 
									
										
										
										
											2019-11-09 11:58:52 +01:00
										 |  |  |         filesRoute.updateFile, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2021-04-24 20:27:42 +02:00
										 |  |  |     route(GET, '/api/notes/:noteId/open', [auth.checkApiAuthOrElectron], filesRoute.openFile); | 
					
						
							|  |  |  |     route(GET, '/api/notes/:noteId/open-partial', [auth.checkApiAuthOrElectron], | 
					
						
							| 
									
										
										
										
											2021-04-17 22:35:47 +02:00
										 |  |  |         createPartialContentHandler(filesRoute.fileContentProvider, { | 
					
						
							|  |  |  |             debug: (string, extra) => { console.log(string, extra); } | 
					
						
							|  |  |  |         })); | 
					
						
							| 
									
										
										
										
											2018-04-01 20:50:58 -04:00
										 |  |  |     route(GET, '/api/notes/:noteId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadFile); | 
					
						
							| 
									
										
										
										
											2019-01-27 22:34:41 +01:00
										 |  |  |     // this "hacky" path is used for easier referencing of CSS resources
 | 
					
						
							|  |  |  |     route(GET, '/api/notes/download/:noteId', [auth.checkApiAuthOrElectron], filesRoute.downloadFile); | 
					
						
							| 
									
										
										
										
											2023-05-03 10:23:20 +02:00
										 |  |  |     apiRoute(PST, '/api/notes/:noteId/save-to-tmp-dir', filesRoute.saveNoteToTmpDir); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/notes/:noteId/upload-modified-file', filesRoute.uploadModifiedFileToNote); | 
					
						
							| 
									
										
										
										
											2023-05-02 22:46:39 +02:00
										 |  |  |     apiRoute(PST, '/api/notes/:noteId/convert-to-attachment', notesApiRoute.convertNoteToAttachment); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |     apiRoute(PUT, '/api/branches/:branchId/move-to/:parentBranchId', branchesApiRoute.moveBranchToParent); | 
					
						
							|  |  |  |     apiRoute(PUT, '/api/branches/:branchId/move-before/:beforeBranchId', branchesApiRoute.moveBranchBeforeNote); | 
					
						
							|  |  |  |     apiRoute(PUT, '/api/branches/:branchId/move-after/:afterBranchId', branchesApiRoute.moveBranchAfterNote); | 
					
						
							|  |  |  |     apiRoute(PUT, '/api/branches/:branchId/expanded/:expanded', branchesApiRoute.setExpanded); | 
					
						
							|  |  |  |     apiRoute(PUT, '/api/branches/:branchId/expanded-subtree/:expanded', branchesApiRoute.setExpandedForSubtree); | 
					
						
							|  |  |  |     apiRoute(DEL, '/api/branches/:branchId', branchesApiRoute.deleteBranch); | 
					
						
							|  |  |  |     apiRoute(PUT, '/api/branches/:branchId/set-prefix', branchesApiRoute.setPrefix); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     apiRoute(GET, '/api/notes/:noteId/attachments', attachmentsApiRoute.getAttachments); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/notes/:noteId/attachments', attachmentsApiRoute.saveAttachment); | 
					
						
							| 
									
										
										
										
											2023-06-06 12:31:38 +02:00
										 |  |  |     route(PST, '/api/notes/:noteId/attachments/upload', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], attachmentsApiRoute.uploadAttachment, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(GET, '/api/attachments/:attachmentId', attachmentsApiRoute.getAttachment); | 
					
						
							| 
									
										
										
										
											2023-05-29 00:19:54 +02:00
										 |  |  |     apiRoute(GET, '/api/attachments/:attachmentId/all', attachmentsApiRoute.getAllAttachments); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/attachments/:attachmentId/convert-to-note', attachmentsApiRoute.convertAttachmentToNote); | 
					
						
							|  |  |  |     apiRoute(DEL, '/api/attachments/:attachmentId', attachmentsApiRoute.deleteAttachment); | 
					
						
							| 
									
										
										
										
											2023-06-14 00:28:59 +02:00
										 |  |  |     apiRoute(PUT, '/api/attachments/:attachmentId/rename', attachmentsApiRoute.renameAttachment); | 
					
						
							| 
									
										
										
										
											2023-05-05 16:37:39 +02:00
										 |  |  |     apiRoute(GET, '/api/attachments/:attachmentId/blob', attachmentsApiRoute.getAttachmentBlob); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     route(GET, '/api/attachments/:attachmentId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnAttachedImage); | 
					
						
							| 
									
										
										
										
											2023-05-03 10:23:20 +02:00
										 |  |  |     route(GET, '/api/attachments/:attachmentId/open', [auth.checkApiAuthOrElectron], filesRoute.openAttachment); | 
					
						
							|  |  |  |     route(GET, '/api/attachments/:attachmentId/open-partial', [auth.checkApiAuthOrElectron], | 
					
						
							|  |  |  |         createPartialContentHandler(filesRoute.attachmentContentProvider, { | 
					
						
							|  |  |  |             debug: (string, extra) => { console.log(string, extra); } | 
					
						
							|  |  |  |         })); | 
					
						
							|  |  |  |     route(GET, '/api/attachments/:attachmentId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment); | 
					
						
							|  |  |  |     // this "hacky" path is used for easier referencing of CSS resources
 | 
					
						
							|  |  |  |     route(GET, '/api/attachments/download/:attachmentId', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/attachments/:attachmentId/save-to-tmp-dir', filesRoute.saveAttachmentToTmpDir); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/attachments/:attachmentId/upload-modified-file', filesRoute.uploadModifiedFileToAttachment); | 
					
						
							| 
									
										
										
										
											2023-05-03 22:49:24 +02:00
										 |  |  |     route(PUT, '/api/attachments/:attachmentId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], | 
					
						
							|  |  |  |         filesRoute.updateAttachment, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-06-04 23:01:40 +02:00
										 |  |  |     apiRoute(GET, '/api/notes/:noteId/revisions', revisionsApiRoute.getRevisions); | 
					
						
							|  |  |  |     apiRoute(DEL, '/api/notes/:noteId/revisions', revisionsApiRoute.eraseAllRevisions); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/revisions/:revisionId', revisionsApiRoute.getRevision); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/revisions/:revisionId/blob', revisionsApiRoute.getRevisionBlob); | 
					
						
							|  |  |  |     apiRoute(DEL, '/api/revisions/:revisionId', revisionsApiRoute.eraseRevision); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/revisions/:revisionId/restore', revisionsApiRoute.restoreRevision); | 
					
						
							| 
									
										
										
										
											2023-10-02 15:24:40 +02:00
										 |  |  |     route(GET, '/api/revisions/:revisionId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromRevision); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-06-04 23:01:40 +02:00
										 |  |  |     route(GET, '/api/revisions/:revisionId/download', [auth.checkApiAuthOrElectron], revisionsApiRoute.downloadRevision); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     route(GET, '/api/branches/:branchId/export/:type/:format/:version/:taskId', [auth.checkApiAuthOrElectron], exportRoute.exportBranch); | 
					
						
							| 
									
										
										
										
											2023-05-08 00:02:08 +02:00
										 |  |  |     route(PST, '/api/notes/:parentNoteId/notes-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importNotesToBranch, apiResultHandler); | 
					
						
							|  |  |  |     route(PST, '/api/notes/:parentNoteId/attachments-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importAttachmentsToNote, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2018-04-01 20:33:10 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-08-06 08:59:26 +02:00
										 |  |  |     apiRoute(GET, '/api/notes/:noteId/attributes', attributesRoute.getEffectiveNoteAttributes); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/notes/:noteId/attributes', attributesRoute.addNoteAttribute); | 
					
						
							| 
									
										
										
										
											2018-08-02 22:48:21 +02:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/attributes', attributesRoute.updateNoteAttributes); | 
					
						
							| 
									
										
										
										
											2018-08-06 14:43:42 +02:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/attribute', attributesRoute.updateNoteAttribute); | 
					
						
							| 
									
										
										
										
											2020-10-24 23:50:32 +02:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/set-attribute', attributesRoute.setNoteAttribute); | 
					
						
							| 
									
										
										
										
											2018-10-29 22:38:51 +01:00
										 |  |  |     apiRoute(PUT, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.createRelation); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(DEL, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.deleteRelation); | 
					
						
							|  |  |  |     apiRoute(DEL, '/api/notes/:noteId/attributes/:attributeId', attributesRoute.deleteNoteAttribute); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/attribute-names', attributesRoute.getAttributeNames); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/attribute-values/:attributeName', attributesRoute.getValuesForAttribute); | 
					
						
							| 
									
										
										
										
											2019-04-14 12:18:52 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-09-03 15:11:03 +02:00
										 |  |  |     // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
 | 
					
						
							| 
									
										
										
										
											2023-10-02 15:24:40 +02:00
										 |  |  |     route(GET, '/api/images/:noteId/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromNote); | 
					
						
							| 
									
										
										
										
											2022-09-03 15:11:03 +02:00
										 |  |  |     route(PUT, '/api/images/:noteId', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], imageRoute.updateImage, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2018-04-01 20:50:58 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-04-01 20:33:10 -04:00
										 |  |  |     apiRoute(GET, '/api/options', optionsApiRoute.getOptions); | 
					
						
							| 
									
										
										
										
											2019-02-17 20:59:52 +01:00
										 |  |  |     // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
 | 
					
						
							| 
									
										
										
										
											2018-12-13 23:28:48 +01:00
										 |  |  |     apiRoute(PUT, '/api/options/:name/:value*', optionsApiRoute.updateOption); | 
					
						
							| 
									
										
										
										
											2018-07-22 22:21:16 +02:00
										 |  |  |     apiRoute(PUT, '/api/options', optionsApiRoute.updateOptions); | 
					
						
							| 
									
										
										
										
											2019-01-27 21:18:11 +01:00
										 |  |  |     apiRoute(GET, '/api/options/user-themes', optionsApiRoute.getUserThemes); | 
					
						
							| 
									
										
										
										
											2018-03-30 13:56:46 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/password/change', passwordApiRoute.changePassword); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/password/reset', passwordApiRoute.resetPassword); | 
					
						
							| 
									
										
										
										
											2018-03-30 13:56:46 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/sync/test', syncApiRoute.testSync); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/sync/now', syncApiRoute.syncNow); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/sync/fill-entity-changes', syncApiRoute.fillEntityChanges); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/sync/force-full-sync', syncApiRoute.forceFullSync); | 
					
						
							| 
									
										
										
										
											2019-06-02 13:47:59 +02:00
										 |  |  |     route(GET, '/api/sync/check', [auth.checkApiAuth], syncApiRoute.checkSync, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2019-03-27 21:04:25 +01:00
										 |  |  |     route(GET, '/api/sync/changed', [auth.checkApiAuth], syncApiRoute.getChanged, apiResultHandler); | 
					
						
							|  |  |  |     route(PUT, '/api/sync/update', [auth.checkApiAuth], syncApiRoute.update, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     route(PST, '/api/sync/finished', [auth.checkApiAuth], syncApiRoute.syncFinished, apiResultHandler); | 
					
						
							|  |  |  |     route(PST, '/api/sync/check-entity-changes', [auth.checkApiAuth], syncApiRoute.checkEntityChanges, apiResultHandler); | 
					
						
							|  |  |  |     route(PST, '/api/sync/queue-sector/:entityName/:sector', [auth.checkApiAuth], syncApiRoute.queueSector, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2018-07-23 21:15:32 +02:00
										 |  |  |     route(GET, '/api/sync/stats', [], syncApiRoute.getStats, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2018-03-30 14:27:41 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/recent-notes', recentNotesRoute.addRecentNote); | 
					
						
							| 
									
										
										
										
											2018-03-30 15:34:07 -04:00
										 |  |  |     apiRoute(GET, '/api/app-info', appInfoRoute.getAppInfo); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-19 14:15:31 +02:00
										 |  |  |     // docker health check
 | 
					
						
							| 
									
										
										
										
											2024-04-03 23:05:06 +03:00
										 |  |  |     route(GET, '/api/health-check', [], () => ({ "status": "ok" }), apiResultHandler); | 
					
						
							| 
									
										
										
										
											2022-06-19 14:15:31 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-06-30 11:18:34 +02:00
										 |  |  |     // group of the services below are meant to be executed from the outside
 | 
					
						
							| 
									
										
										
										
											2018-09-10 20:05:10 +02:00
										 |  |  |     route(GET, '/api/setup/status', [], setupApiRoute.getStatus, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     route(PST, '/api/setup/new-document', [auth.checkAppNotInitialized], setupApiRoute.setupNewDocument, apiResultHandler, false); | 
					
						
							|  |  |  |     route(PST, '/api/setup/sync-from-server', [auth.checkAppNotInitialized], setupApiRoute.setupSyncFromServer, apiResultHandler, false); | 
					
						
							| 
									
										
										
										
											2021-02-11 23:08:37 +01:00
										 |  |  |     route(GET, '/api/setup/sync-seed', [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     route(PST, '/api/setup/sync-seed', [auth.checkAppNotInitialized], setupApiRoute.saveSyncSeed, apiResultHandler, false); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     apiRoute(GET, '/api/autocomplete', autocompleteApiRoute.getAutocomplete); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/quick-search/:searchString', searchRoute.quickSearch); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/search-note/:noteId', searchRoute.searchFromNote); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/search-and-execute-note/:noteId', searchRoute.searchAndExecute); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/search-related', searchRoute.getRelatedNotes); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/search/:searchString', searchRoute.search); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/search-templates', searchRoute.searchTemplates); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     apiRoute(PST, '/api/bulk-action/execute', bulkActionRoute.execute); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/bulk-action/affected-notes', bulkActionRoute.getAffectedNoteCount); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     route(PST, '/api/login/sync', [], loginApiRoute.loginSync, apiResultHandler); | 
					
						
							|  |  |  |     // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
 | 
					
						
							|  |  |  |     apiRoute(PST, '/api/login/protected', loginApiRoute.loginToProtectedSession); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/login/protected/touch', loginApiRoute.touchProtectedSession); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/logout/protected', loginApiRoute.logoutFromProtectedSession); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     route(PST, '/api/login/token', [loginRateLimiter], loginApiRoute.token, apiResultHandler); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     apiRoute(GET, '/api/etapi-tokens', etapiTokensApiRoutes.getTokens); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/etapi-tokens', etapiTokensApiRoutes.createToken); | 
					
						
							|  |  |  |     apiRoute(PATCH, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.patchToken); | 
					
						
							|  |  |  |     apiRoute(DEL, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.deleteToken); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     // in case of local electron, local calls are allowed unauthenticated, for server they need auth
 | 
					
						
							|  |  |  |     const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken]; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     route(GET, '/api/clipper/handshake', clipperMiddleware, clipperRoute.handshake, apiResultHandler); | 
					
						
							|  |  |  |     route(PST, '/api/clipper/clippings', clipperMiddleware, clipperRoute.addClipping, apiResultHandler); | 
					
						
							|  |  |  |     route(PST, '/api/clipper/notes', clipperMiddleware, clipperRoute.createNote, apiResultHandler); | 
					
						
							|  |  |  |     route(PST, '/api/clipper/open/:noteId', clipperMiddleware, clipperRoute.openNote, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2023-06-21 13:09:49 +02:00
										 |  |  |     route(GET, '/api/clipper/notes-by-url/:noteUrl', clipperMiddleware, clipperRoute.findNotesByUrl, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |     apiRoute(GET, '/api/special-notes/inbox/:date', specialNotesRoute.getInboxNote); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/special-notes/days/:date', specialNotesRoute.getDayNote); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/special-notes/weeks/:date', specialNotesRoute.getWeekNote); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/special-notes/months/:month', specialNotesRoute.getMonthNote); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/special-notes/years/:year', specialNotesRoute.getYearNote); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/special-notes/notes-for-month/:month', specialNotesRoute.getDayNotesForMonth); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/special-notes/sql-console', specialNotesRoute.createSqlConsole); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/special-notes/save-sql-console', specialNotesRoute.saveSqlConsole); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/special-notes/search-note', specialNotesRoute.createSearchNote); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/special-notes/save-search-note', specialNotesRoute.saveSearchNote); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/special-notes/launchers/:noteId/reset', specialNotesRoute.resetLauncher); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/special-notes/launchers/:parentNoteId/:launcherType', specialNotesRoute.createLauncher); | 
					
						
							|  |  |  |     apiRoute(PUT, '/api/special-notes/api-script-launcher', specialNotesRoute.createOrUpdateScriptLauncherFromApi); | 
					
						
							| 
									
										
										
										
											2018-03-30 17:07:41 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-02-10 10:38:18 +01:00
										 |  |  |     apiRoute(GET, '/api/sql/schema', sqlRoute.getSchema); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/sql/execute/:noteId', sqlRoute.execute); | 
					
						
							|  |  |  |     route(PST, '/api/database/anonymize/:type', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.anonymize, apiResultHandler, false); | 
					
						
							| 
									
										
										
										
											2023-10-18 23:16:47 +02:00
										 |  |  |     apiRoute(GET, '/api/database/anonymized-databases', databaseRoute.getExistingAnonymizedDatabases); | 
					
						
							| 
									
										
										
										
											2018-03-30 17:07:41 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-29 21:55:08 +02:00
										 |  |  |     // backup requires execution outside of transaction
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     route(PST, '/api/database/backup-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.backupDatabase, apiResultHandler, false); | 
					
						
							| 
									
										
										
										
											2023-10-18 23:16:47 +02:00
										 |  |  |     apiRoute(GET, '/api/database/backups', databaseRoute.getExistingBackups); | 
					
						
							| 
									
										
										
										
											2020-05-29 21:55:08 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-08-14 18:03:36 +02:00
										 |  |  |     // VACUUM requires execution outside of transaction
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     route(PST, '/api/database/vacuum-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.vacuumDatabase, apiResultHandler, false); | 
					
						
							| 
									
										
										
										
											2018-03-30 17:07:41 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     route(PST, '/api/database/find-and-fix-consistency-issues', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.findAndFixConsistencyIssues, apiResultHandler, false); | 
					
						
							| 
									
										
										
										
											2019-12-10 22:03:00 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-02-01 21:22:43 +01:00
										 |  |  |     apiRoute(GET, '/api/database/check-integrity', databaseRoute.checkIntegrity); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-10-29 00:51:23 +02:00
										 |  |  |     route(PST, '/api/script/exec', [auth.checkApiAuth, csrfMiddleware], scriptRoute.exec, apiResultHandler, false); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/script/run/:noteId', scriptRoute.run); | 
					
						
							| 
									
										
										
										
											2018-03-30 17:29:13 -04:00
										 |  |  |     apiRoute(GET, '/api/script/startup', scriptRoute.getStartupBundles); | 
					
						
							| 
									
										
										
										
											2020-03-16 21:16:09 +01:00
										 |  |  |     apiRoute(GET, '/api/script/widgets', scriptRoute.getWidgetBundles); | 
					
						
							| 
									
										
										
										
											2023-08-30 23:18:16 +02:00
										 |  |  |     apiRoute(PST, '/api/script/bundle/:noteId', scriptRoute.getBundle); | 
					
						
							| 
									
										
										
										
											2018-07-29 18:39:10 +02:00
										 |  |  |     apiRoute(GET, '/api/script/relation/:noteId/:relationName', scriptRoute.getRelationBundles); | 
					
						
							| 
									
										
										
										
											2018-03-30 17:29:13 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-03-24 22:41:53 +01:00
										 |  |  |     // no CSRF since this is called from android app
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     route(PST, '/api/sender/login', [loginRateLimiter], loginApiRoute.token, apiResultHandler); | 
					
						
							|  |  |  |     route(PST, '/api/sender/image', [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling], senderRoute.uploadImage, apiResultHandler); | 
					
						
							|  |  |  |     route(PST, '/api/sender/note', [auth.checkEtapiToken], senderRoute.saveNote, apiResultHandler); | 
					
						
							| 
									
										
										
										
											2019-11-19 20:53:04 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |     apiRoute(GET, '/api/keyboard-actions', keysRoute.getKeyboardActions); | 
					
						
							| 
									
										
										
										
											2019-11-24 18:32:18 +01:00
										 |  |  |     apiRoute(GET, '/api/keyboard-shortcuts-for-notes', keysRoute.getShortcutsForNotes); | 
					
						
							| 
									
										
										
										
											2019-09-01 08:58:13 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/relation-map', relationMapApiRoute.getRelationMap); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/notes/erase-deleted-notes-now', notesApiRoute.eraseDeletedNotesNow); | 
					
						
							| 
									
										
										
										
											2023-04-24 21:22:34 +02:00
										 |  |  |     apiRoute(PST, '/api/notes/erase-unused-attachments-now', notesApiRoute.eraseUnusedAttachmentsNow); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(GET, '/api/similar-notes/:noteId', similarNotesRoute.getSimilarNotes); | 
					
						
							| 
									
										
										
										
											2019-12-05 21:25:36 +01:00
										 |  |  |     apiRoute(GET, '/api/backend-log', backendLogRoute.getBackendLog); | 
					
						
							| 
									
										
										
										
											2021-01-20 22:17:40 +01:00
										 |  |  |     apiRoute(GET, '/api/stats/note-size/:noteId', statsRoute.getNoteSize); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/stats/subtree-size/:noteId', statsRoute.getSubtreeSize); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/delete-notes-preview', notesApiRoute.getDeleteNotesPreview); | 
					
						
							| 
									
										
										
										
											2021-09-27 21:01:56 +02:00
										 |  |  |     route(GET, '/api/fonts', [auth.checkApiAuthOrElectron], fontsRoute.getFontCss); | 
					
						
							| 
									
										
										
										
											2023-03-29 22:40:50 +02:00
										 |  |  |     apiRoute(GET, '/api/other/icon-usage', otherRoute.getIconUsage); | 
					
						
							| 
									
										
										
										
											2023-07-15 10:31:50 +02:00
										 |  |  |     apiRoute(PST, '/api/other/render-markdown', otherRoute.renderMarkdown); | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(GET, '/api/recent-changes/:ancestorNoteId', recentChangesApiRoute.getRecentChanges); | 
					
						
							| 
									
										
										
										
											2023-06-04 23:01:40 +02:00
										 |  |  |     apiRoute(GET, '/api/edited-notes/:date', revisionsApiRoute.getEditedNotesOnDate); | 
					
						
							| 
									
										
										
										
											2021-09-27 21:01:56 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-04-14 16:49:06 +02:00
										 |  |  |     apiRoute(PST, '/api/note-map/:noteId/tree', noteMapRoute.getTreeMap); | 
					
						
							|  |  |  |     apiRoute(PST, '/api/note-map/:noteId/link', noteMapRoute.getLinkMap); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/note-map/:noteId/backlink-count', noteMapRoute.getBacklinkCount); | 
					
						
							|  |  |  |     apiRoute(GET, '/api/note-map/:noteId/backlinks', noteMapRoute.getBacklinks); | 
					
						
							| 
									
										
										
										
											2022-01-10 17:09:20 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-10-17 14:44:59 +02:00
										 |  |  |     shareRoutes.register(router); | 
					
						
							| 
									
										
										
										
											2022-02-01 21:22:43 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-08-22 11:50:58 +02:00
										 |  |  |     etapiAuthRoutes.register(router, [loginRateLimiter]); | 
					
						
							| 
									
										
										
										
											2022-03-07 22:57:48 +01:00
										 |  |  |     etapiAppInfoRoutes.register(router); | 
					
						
							| 
									
										
										
										
											2023-06-05 09:23:42 +02:00
										 |  |  |     etapiAttachmentRoutes.register(router); | 
					
						
							| 
									
										
										
										
											2022-01-07 19:33:59 +01:00
										 |  |  |     etapiAttributeRoutes.register(router); | 
					
						
							|  |  |  |     etapiBranchRoutes.register(router); | 
					
						
							|  |  |  |     etapiNoteRoutes.register(router); | 
					
						
							|  |  |  |     etapiSpecialNoteRoutes.register(router); | 
					
						
							| 
									
										
										
										
											2022-01-07 23:06:04 +01:00
										 |  |  |     etapiSpecRoute.register(router); | 
					
						
							| 
									
										
										
										
											2023-06-12 23:09:29 +02:00
										 |  |  |     etapiBackupRoute.register(router); | 
					
						
							| 
									
										
										
										
											2021-10-17 14:44:59 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-30 19:31:22 -04:00
										 |  |  |     app.use('', router); | 
					
						
							| 
									
										
										
										
											2017-11-03 23:00:35 -04:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  | /** Handling common patterns. If entity is not caught, serialization to JSON will fail */ | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | function convertEntitiesToPojo(result: unknown) { | 
					
						
							| 
									
										
										
										
											2023-01-03 13:52:37 +01:00
										 |  |  |     if (result instanceof AbstractBeccaEntity) { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |         result = result.getPojo(); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |     else if (Array.isArray(result)) { | 
					
						
							|  |  |  |         for (const idx in result) { | 
					
						
							| 
									
										
										
										
											2023-01-03 13:52:37 +01:00
										 |  |  |             if (result[idx] instanceof AbstractBeccaEntity) { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |                 result[idx] = result[idx].getPojo(); | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  |     else if (result && typeof result === "object") { | 
					
						
							|  |  |  |         if ("note" in result && result.note instanceof AbstractBeccaEntity) { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |             result.note = result.note.getPojo(); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  |         if ("branch" in result && result.branch instanceof AbstractBeccaEntity) { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |             result.branch = result.branch.getPojo(); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  |     if (result && typeof result === "object" && "executionResult" in result) { // from runOnBackend()
 | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |         result.executionResult = convertEntitiesToPojo(result.executionResult); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     return result; | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | function apiResultHandler(req: express.Request, res: express.Response, result: unknown) { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |     res.setHeader('trilium-max-entity-change-id', entityChangesService.getMaxEntityChangeId()); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     result = convertEntitiesToPojo(result); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-06-30 11:18:34 +02:00
										 |  |  |     // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
 | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |     if (Array.isArray(result) && result.length > 0 && Number.isInteger(result[0])) { | 
					
						
							|  |  |  |         const [statusCode, response] = result; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) { | 
					
						
							|  |  |  |             log.info(`${req.method} ${req.originalUrl} returned ${statusCode} with response ${JSON.stringify(response)}`); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return send(res, statusCode, response); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |     else if (result === undefined) { | 
					
						
							|  |  |  |         return send(res, 204, ""); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |     else { | 
					
						
							|  |  |  |         return send(res, 200, result); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | function send(res: express.Response, statusCode: number, response: unknown) { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |     if (typeof response === 'string') { | 
					
						
							|  |  |  |         if (statusCode >= 400) { | 
					
						
							|  |  |  |             res.setHeader("Content-Type", "text/plain"); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         res.status(statusCode).send(response); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return response.length; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |     else { | 
					
						
							|  |  |  |         const json = JSON.stringify(response); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         res.setHeader("Content-Type", "application/json"); | 
					
						
							|  |  |  |         res.status(statusCode).send(json); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return json.length; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | function apiRoute(method: HttpMethod, path: string, routeHandler: express.Handler) { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |     route(method, path, [auth.checkApiAuth, csrfMiddleware], routeHandler, apiResultHandler); | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | function route(method: HttpMethod, path: string, middleware: (express.Handler | AppRequestHandler)[], routeHandler: AppRequestHandler, resultHandler: ApiResultHandler | null = null, transactional = true) { | 
					
						
							|  |  |  |     router[method](path, ...(middleware as express.Handler[]), (req: express.Request, res: express.Response, next: express.NextFunction) => { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |         const start = Date.now(); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         try { | 
					
						
							|  |  |  |             cls.namespace.bindEmitter(req); | 
					
						
							|  |  |  |             cls.namespace.bindEmitter(res); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |             const result = cls.init(() => { | 
					
						
							|  |  |  |                 cls.set('componentId', req.headers['trilium-component-id']); | 
					
						
							|  |  |  |                 cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']); | 
					
						
							|  |  |  |                 cls.set('hoistedNoteId', req.headers['trilium-hoisted-note-id'] || 'root'); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  |                 const cb = () => routeHandler(req as AppRequest, res, next); | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |                 return transactional ? sql.transactional(cb) : cb(); | 
					
						
							|  |  |  |             }); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |             if (!resultHandler) { | 
					
						
							|  |  |  |                 return; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-10-29 00:51:23 +02:00
										 |  |  |             if (result?.then) { // promise
 | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |                 result | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  |                     .then((promiseResult: unknown) => handleResponse(resultHandler, req, res, promiseResult, start)) | 
					
						
							|  |  |  |                     .catch((e: any) => handleException(e, method, path, res)); | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |             } else { | 
					
						
							|  |  |  |                 handleResponse(resultHandler, req, res, result, start) | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         catch (e) { | 
					
						
							|  |  |  |             handleException(e, method, path, res); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |     }); | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | function handleResponse(resultHandler: ApiResultHandler, req: express.Request, res: express.Response, result: unknown, start: number) { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |     const responseLength = resultHandler(req, res, result); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     log.request(req, res, Date.now() - start, responseLength); | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  | function handleException(e: any, method: HttpMethod, path: string, res: express.Response) { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |     log.error(`${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     if (e instanceof ValidationError) { | 
					
						
							|  |  |  |         res.status(400) | 
					
						
							|  |  |  |             .json({ | 
					
						
							|  |  |  |                 message: e.message | 
					
						
							|  |  |  |             }); | 
					
						
							|  |  |  |     } else if (e instanceof NotFoundError) { | 
					
						
							|  |  |  |         res.status(404) | 
					
						
							|  |  |  |             .json({ | 
					
						
							|  |  |  |                 message: e.message | 
					
						
							|  |  |  |             }); | 
					
						
							|  |  |  |     } else { | 
					
						
							|  |  |  |         res.status(500) | 
					
						
							| 
									
										
										
										
											2022-12-22 14:57:00 +01:00
										 |  |  |             .json({ | 
					
						
							|  |  |  |                 message: e.message | 
					
						
							|  |  |  |             }); | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |     } | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | function createUploadMiddleware() { | 
					
						
							| 
									
										
										
										
											2024-04-11 23:00:24 +03:00
										 |  |  |     const multerOptions: multer.Options = { | 
					
						
							|  |  |  |         fileFilter: (req: express.Request, file, cb) => { | 
					
						
							| 
									
										
										
										
											2022-12-18 16:12:29 +01:00
										 |  |  |             // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
 | 
					
						
							|  |  |  |             // See https://github.com/expressjs/multer/pull/1102.
 | 
					
						
							|  |  |  |             file.originalname = Buffer.from(file.originalname, "latin1").toString("utf-8"); | 
					
						
							|  |  |  |             cb(null, true); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |     }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) { | 
					
						
							|  |  |  |         multerOptions.limits = { | 
					
						
							|  |  |  |             fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024 | 
					
						
							|  |  |  |         }; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     return multer(multerOptions).single('upload'); | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-18 21:42:44 +03:00
										 |  |  | export default { | 
					
						
							| 
									
										
										
										
											2017-11-03 23:00:35 -04:00
										 |  |  |     register | 
					
						
							| 
									
										
										
										
											2020-05-29 21:55:08 +02:00
										 |  |  | }; |