(feature)(profile) cards backup - MR fixes

2025-09-23 12:43:48 -04:00 · 2023-10-08 23:32:54 +02:00 · 2023-10-08 23:32:54 +02:00 · 2ffa8f36e5
commit 2ffa8f36e5
parent 84269657d3
2 changed files with 15 additions and 16 deletions
--- a/server/routes/profile.js
+++ b/server/routes/profile.js
@ -910,21 +910,20 @@ router.get('/profile/export', handleErrorAsync(async (req, res) => {
        profiles,
    });

-    const payload = {
+    const payload = JSON.stringify({
+        version: 1,
        profiles,
        images,
-    }
+    });

    const signature = crypto.sign(payload);

-    res.setHeader('Content-disposition', `attachment; filename=pronounspage-${req.user.username}-${+new Date}.json.gz`);
+    res.setHeader('Content-disposition', `attachment; filename=pronounspage-${req.user.username}-${+new Date}.sjson.gz`);
    res.setHeader('Content-type', 'application/gzip');
    res.end(
        zlib.gzipSync(
-            JSON.stringify({
-                ...payload,
-                signature,
-            })
+            payload + '\n' +
+            signature
        )
    );
 }));
@ -938,16 +937,16 @@ router.post('/profile/import', multer({limits: {fileSize: 10 * 1024 * 1024}}).an
        return res.status(401).json({error: 'One file expected'});
    }

-    const payload = JSON.parse(zlib.gunzipSync(req.files[0].buffer));
-    const signature = payload.signature;
-    delete payload.signature;
+    const [payload, signature] = zlib.gunzipSync(req.files[0].buffer).toString('utf-8').split('\n');

    if (!crypto.validate(payload, signature)) {
        return res.status(400).json({error: 'profile.backup.error.signature'});
    }

+    const {version, profiles, images} = JSON.parse(payload);
+
    const s3 = new S3(awsConfig);
-    for (let [id, sizes] of Object.entries(payload.images)) {
+    for (let [id, sizes] of Object.entries(images)) {
        for (let [size, content] of Object.entries(sizes)) {
            try {
                const data = await s3.headObject({
@ -965,7 +964,7 @@ router.post('/profile/import', multer({limits: {fileSize: 10 * 1024 * 1024}}).an
        }
    }

-    for (let [locale, profile] of Object.entries(payload.profiles)) {
+    for (let [locale, profile] of Object.entries(profiles)) {
        await saveProfile(req, locale, profile);
    }

--- a/src/crypto.js
+++ b/src/crypto.js
@ -3,19 +3,19 @@ import fs from 'fs'

 class Crypto {
    constructor(privateKey, publicKey) {
-        this.privateKey = fs.readFileSync(privateKey);
-        this.publicKey = fs.readFileSync(publicKey);
+        this.privateKey = crypto.createPrivateKey(fs.readFileSync(privateKey));
+        this.publicKey = crypto.createPublicKey(fs.readFileSync(publicKey));
    }

    sign(payload) {
        const sign = crypto.createSign('SHA256');
-        sign.update(JSON.stringify(payload));
+        sign.update(payload);
        return sign.sign(this.privateKey, 'hex');
    }

    validate(payload, signature) {
        const verify = crypto.createVerify('SHA256');
-        verify.update(JSON.stringify(payload));
+        verify.update(payload);
        return verify.verify(this.publicKey, signature, 'hex');
    }
 }