Tools/Notes
1
0
Fork 0
mirror of https://github.com/TriliumNext/Notes.git synced 2025-08-10 10:22:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/develop' into tab-scroll

Browse Source
This commit is contained in:
Elian Doran 2025-04-15 21:23:14 +03:00
commit 8f3af176a0
No known key found for this signature in database
9 changed files with 81 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/Release Notes/!!!meta.json
View File

@ -61,7 +61,7 @@
"hD3V4hiu2VW4",
"VN3xnce1vLkX"
],
"title": "v0.92.8-beta",
"title": "v0.93.0",
"notePosition": 10,
"prefix": null,
"isExpanded": false,
@ -69,7 +69,7 @@
"mime": "text/html",
"attributes": [],
"format": "markdown",
"dataFileName": "v0.92.8-beta.md",
"dataFileName": "v0.93.0.md",
"attachments": []
},
{

4
docs/Release Notes/Release Notes/v0.92.8-beta.md → docs/Release Notes/Release Notes/v0.93.0.md
View File

@ -1,4 +1,4 @@
# v0.92.8-beta
# v0.93.0
## 💡 Key highlights
* …
@ -14,6 +14,7 @@
* [Note background is gray in 0.92.7 (light theme)](https://github.com/TriliumNext/Notes/issues/1689)
* [config.Session.cookieMaxAge is ignored](https://github.com/TriliumNext/Notes/issues/1709) by @pano9000
* [Return correct HTTP status code on failed login attempts instead of 200](https://github.com/TriliumNext/Notes/issues/1707) by @pano9000
* [Calendar stops displaying notes after adding a Day Note](https://github.com/TriliumNext/Notes/issues/1705)
## ✨ Improvements
@ -32,6 +33,7 @@
* [Center Search results under quick search bar](https://github.com/TriliumNext/Notes/issues/1679)
* Native ARM builds for Windows are now back.
* Basic Touch Bar support for macOS.
* [Support Bearer Token](https://github.com/TriliumNext/Notes/issues/1701)
## 🌍 Internationalization

46
docs/User Guide/!!!meta.json
View File

@ -9636,6 +9636,13 @@
"isInheritable": false,
"position": 10
},
{
"type": "relation",
"name": "internalLink",
"value": "habiZ3HU8Kw8",
"isInheritable": false,
"position": 20
},
{
"type": "relation",
"name": "internalLink",
@ -9649,13 +9656,6 @@
"value": "default-note-title",
"isInheritable": false,
"position": 30
},
{
"type": "relation",
"name": "internalLink",
"value": "habiZ3HU8Kw8",
"isInheritable": false,
"position": 20
}
],
"format": "markdown",
@ -10014,6 +10014,13 @@
"isInheritable": false,
"position": 40
},
{
"type": "relation",
"name": "internalLink",
"value": "habiZ3HU8Kw8",
"isInheritable": false,
"position": 50
},
{
"type": "relation",
"name": "internalLink",
@ -10027,13 +10034,6 @@
"value": "bx bx-list-plus",
"isInheritable": false,
"position": 10
},
{
"type": "relation",
"name": "internalLink",
"value": "habiZ3HU8Kw8",
"isInheritable": false,
"position": 50
}
],
"format": "markdown",
@ -11066,32 +11066,32 @@
"mime": "text/markdown",
"attributes": [
{
"type": "label",
"name": "shareAlias",
"value": "script-api",
"type": "relation",
"name": "internalLink",
"value": "CdNpE2pqjmI6",
"isInheritable": false,
"position": 10
},
{
"type": "relation",
"name": "internalLink",
"value": "CdNpE2pqjmI6",
"value": "Q2z6av6JZVWm",
"isInheritable": false,
"position": 20
},
{
"type": "relation",
"name": "internalLink",
"value": "Q2z6av6JZVWm",
"value": "MEtfsqa5VwNi",
"isInheritable": false,
"position": 30
},
{
"type": "relation",
"name": "internalLink",
"value": "MEtfsqa5VwNi",
"type": "label",
"name": "shareAlias",
"value": "script-api",
"isInheritable": false,
"position": 40
"position": 10
}
],
"format": "markdown",

14
docs/User Guide/User Guide/Advanced Usage/ETAPI (REST API).md
View File

@ -9,16 +9,26 @@ As an alternative to calling the API directly, there are client libraries to sim
* [trilium-py](https://github.com/Nriver/trilium-py), you can use Python to communicate with Trilium.
## Obtaining a token
All operations with the REST API have to be authenticated using a token. You can get this token either from Options -> ETAPI or programmatically using the `/auth/login` REST call (see the [spec](https://github.com/TriliumNext/Notes/blob/master/src/etapi/etapi.openapi.yaml)).
## Authentication
All operations have to be authenticated using a token. You can get this token either from Options -> ETAPI or programmatically using the `/auth/login` REST call (see the [spec](https://github.com/TriliumNext/Notes/blob/master/src/etapi/etapi.openapi.yaml)):
### Via the `Authorization` header
```
GET https://myserver.com/etapi/app-info
Authorization: ETAPITOKEN
```
Alternatively, since 0.56 you can also use basic auth format:
where `ETAPITOKEN` is the token obtained in the previous step.
For compatibility with various tools, it's also possible to specify the value of the `Authorization` header in the format `Bearer ETAPITOKEN` (since 0.93.0).
### Basic authentication
Since v0.56 you can also use basic auth format:
```
GET https://myserver.com/etapi/app-info

15
src/public/app/doc_notes/en/User Guide/User Guide/Advanced Usage/ETAPI (REST API).html generated
View File

@ -8,12 +8,19 @@
<li><a href="https://github.com/Nriver/trilium-py">trilium-py</a>, you can
use Python to communicate with Trilium.</li>
</ul>
<h2>Obtaining a token</h2>
<p>All operations with the REST API have to be authenticated using a token.
You can get this token either from Options -&gt; ETAPI or programmatically
using the <code>/auth/login</code> REST call (see the <a href="https://github.com/TriliumNext/Notes/blob/master/src/etapi/etapi.openapi.yaml">spec</a>).</p>
<h2>Authentication</h2>
<p>All operations have to be authenticated using a token. You can get this
token either from Options -&gt; ETAPI or programmatically using the <code>/auth/login</code> REST
call (see the <a href="https://github.com/TriliumNext/Notes/blob/master/src/etapi/etapi.openapi.yaml">spec</a>):</p><pre><code class="language-text-x-trilium-auto">GET https://myserver.com/etapi/app-info
<h3>Via the <code>Authorization</code> header</h3><pre><code class="language-text-x-trilium-auto">GET https://myserver.com/etapi/app-info
Authorization: ETAPITOKEN</code></pre>
<p>Alternatively, since 0.56 you can also use basic auth format:</p><pre><code class="language-text-x-trilium-auto">GET https://myserver.com/etapi/app-info
<p>where <code>ETAPITOKEN</code> is the token obtained in the previous step.</p>
<p>For compatibility with various tools, it's also possible to specify the
value of the <code>Authorization</code> header in the format <code>Bearer ETAPITOKEN</code> (since
0.93.0).</p>
<h3>Basic authentication</h3>
<p>Since v0.56 you can also use basic auth format:</p><pre><code class="language-text-x-trilium-auto">GET https://myserver.com/etapi/app-info
Authorization: Basic BATOKEN</code></pre>
<ul>
<li>Where <code>BATOKEN = BASE64(username + ':' + password)</code> - this is

4
src/public/app/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation/1. Installing the server/Using Docker.html generated
View File

@ -36,8 +36,8 @@
<h3>Running the Docker Container</h3>
<h4>Local Access Only</h4>
<p>Run the container to make it accessible only from the localhost. This
setup is suitable for testing or when using a prox ay server like Nginx
or Apache.</p><pre><code class="language-text-x-trilium-auto">sudo docker run -t -i -p 127.0.0.1:8080:8080 -v ~/trilium-data:/home/node/trilium-data triliumnext/notes:[VERSION]</code></pre>
setup is suitable for testing or when using a proxy server like Nginx or
Apache.</p><pre><code class="language-text-x-trilium-auto">sudo docker run -t -i -p 127.0.0.1:8080:8080 -v ~/trilium-data:/home/node/trilium-data triliumnext/notes:[VERSION]</code></pre>
<ol>
<li>Verify the container is running using <code>docker ps</code>.</li>
<li>Access Trilium via a web browser at <code>127.0.0.1:8080</code>.</li>

9
src/public/app/doc_notes/en/User Guide/User Guide/Scripting/Script API.html generated
View File

@ -1,11 +1,10 @@
<p>For <a href="#root/pOsGYCXsbNQG/_help_CdNpE2pqjmI6">script code notes</a>,
Trilium offers an API that gives them access to various features of the
application.</p>
<p>For <a href="#root/_help_CdNpE2pqjmI6">script code notes</a>, Trilium offers
an API that gives them access to various features of the application.</p>
<p>There are two APIs:</p>
<ul>
<li>One for the front-end scripts:&nbsp;<a class="reference-link" href="#root/pOsGYCXsbNQG/CdNpE2pqjmI6/GLks18SNjxmC/_help_Q2z6av6JZVWm">Frontend API</a>
<li>One for the front-end scripts:&nbsp;<a class="reference-link" href="#root/_help_Q2z6av6JZVWm">Frontend API</a>
</li>
<li>One for the back-end scripts:&nbsp;<a class="reference-link" href="#root/pOsGYCXsbNQG/CdNpE2pqjmI6/GLks18SNjxmC/_help_MEtfsqa5VwNi">Backend API</a>
<li>One for the back-end scripts:&nbsp;<a class="reference-link" href="#root/_help_MEtfsqa5VwNi">Backend API</a>
</li>
</ul>
<p>In both cases, the API resides in a global variable, <code>api</code>,

5
src/services/etapi_tokens.ts
View File

@ -48,6 +48,11 @@ function parseAuthToken(auth: string | undefined) {
auth = basicAuthChunks[1];
}
if (auth.startsWith("Bearer ")) {
// allow also bearer auth format
auth = auth.substring(7);
}
const chunks = auth.split("_");
if (chunks.length === 1) {

26
src/services/sql.ts
View File

@ -112,12 +112,21 @@ function upsert<T extends {}>(tableName: string, primaryKey: string, rec: T) {
execute(query, rec);
}
function stmt(sql: string) {
if (!(sql in statementCache)) {
statementCache[sql] = dbConnection.prepare(sql);
/**
* For the given SQL query, returns a prepared statement. For the same query (string comparison), the same statement is returned.
*
* @param sql the SQL query for which to return a prepared statement.
* @param isRaw indicates whether `.raw()` is going to be called on the prepared statement in order to return the raw rows (e.g. via {@link getRawRows()}). The reason is that the raw state is preserved in the saved statement and would break non-raw calls for the same query.
* @returns the corresponding {@link Statement}.
*/
function stmt(sql: string, isRaw?: boolean) {
const key = (isRaw ? "raw/" + sql : sql);
if (!(key in statementCache)) {
statementCache[key] = dbConnection.prepare(sql);
}
return statementCache[sql];
return statementCache[key];
}
function getRow<T>(query: string, params: Params = []): T {
@ -172,7 +181,7 @@ function getRows<T>(query: string, params: Params = []): T[] {
}
function getRawRows<T extends {} | unknown[]>(query: string, params: Params = []): T[] {
return (wrap(query, (s) => s.raw().all(params)) as T[]) || [];
return (wrap(query, (s) => s.raw().all(params), true) as T[]) || [];
}
function iterateRows<T>(query: string, params: Params = []): IterableIterator<T> {
@ -234,7 +243,10 @@ function executeScript(query: string): DatabaseType {
return dbConnection.exec(query);
}
function wrap(query: string, func: (statement: Statement) => unknown): unknown {
/**
* @param isRaw indicates whether `.raw()` is going to be called on the prepared statement in order to return the raw rows (e.g. via {@link getRawRows()}). The reason is that the raw state is preserved in the saved statement and would break non-raw calls for the same query.
*/
function wrap(query: string, func: (statement: Statement) => unknown, isRaw?: boolean): unknown {
const startTimestamp = Date.now();
let result;
@ -243,7 +255,7 @@ function wrap(query: string, func: (statement: Statement) => unknown): unknown {
}
try {
result = func(stmt(query));
result = func(stmt(query, isRaw));
} catch (e: any) {
if (e.message.includes("The database connection is not open")) {
// this often happens on killing the app which puts these alerts in front of user