audiobookshelf/server/Server.js

491 lines
18 KiB
JavaScript
Raw Normal View History

2021-08-18 00:01:11 +02:00
const Path = require('path')
const Sequelize = require('sequelize')
2021-08-18 00:01:11 +02:00
const express = require('express')
const http = require('http')
const util = require('util')
2022-07-06 02:53:01 +02:00
const fs = require('./libs/fsExtra')
2022-07-07 02:10:25 +02:00
const fileUpload = require('./libs/expressFileupload')
2024-05-05 23:39:38 +02:00
const cookieParser = require('cookie-parser')
const axios = require('axios')
2021-08-18 00:01:11 +02:00
const { version } = require('../package.json')
// Utils
const fileUtils = require('./utils/fileUtils')
const Logger = require('./Logger')
2021-08-18 00:01:11 +02:00
const Auth = require('./Auth')
const Watcher = require('./Watcher')
2023-07-05 01:14:44 +02:00
const Database = require('./Database')
const SocketAuthority = require('./SocketAuthority')
const ApiRouter = require('./routers/ApiRouter')
const HlsRouter = require('./routers/HlsRouter')
const PublicRouter = require('./routers/PublicRouter')
const LogManager = require('./managers/LogManager')
const EmailManager = require('./managers/EmailManager')
const AbMergeManager = require('./managers/AbMergeManager')
const CacheManager = require('./managers/CacheManager')
2023-07-08 21:40:49 +02:00
const BackupManager = require('./managers/BackupManager')
const PlaybackSessionManager = require('./managers/PlaybackSessionManager')
const PodcastManager = require('./managers/PodcastManager')
const AudioMetadataMangaer = require('./managers/AudioMetadataManager')
const RssFeedManager = require('./managers/RssFeedManager')
const CronManager = require('./managers/CronManager')
const ApiCacheManager = require('./managers/ApiCacheManager')
2023-12-05 20:19:17 +01:00
const BinaryManager = require('./managers/BinaryManager')
const ShareManager = require('./managers/ShareManager')
const LibraryScanner = require('./scanner/LibraryScanner')
//Import the main Passport and Express-Session library
const passport = require('passport')
const expressSession = require('express-session')
const MemoryStore = require('./libs/memorystore')
2021-08-18 00:01:11 +02:00
class Server {
2024-03-11 17:11:13 +01:00
constructor(SOURCE, PORT, HOST, CONFIG_PATH, METADATA_PATH, ROUTER_BASE_PATH) {
2021-08-18 00:01:11 +02:00
this.Port = PORT
this.Host = HOST
global.Source = SOURCE
global.isWin = process.platform === 'win32'
global.ConfigPath = fileUtils.filePathToPOSIX(Path.normalize(CONFIG_PATH))
global.MetadataPath = fileUtils.filePathToPOSIX(Path.normalize(METADATA_PATH))
global.RouterBasePath = ROUTER_BASE_PATH
Implement X-Accel Redirect This patch implements [X-Accel](https://www.nginx.com/resources/wiki/start/topics/examples/x-accel/) redirect headers as an optional way for offloading static file delivery from Express to Nginx, which is far better optimized for static file delivery. This provides a really easy to configure way for getting a huge performance boost over delivering all files through Audiobookshelf. How it works ------------ The way this works is basically that Audiobookshelf gets an HTTP request for delivering a static file (let's say an audiobook). It will first check the user is authorized and then convert the API path to a local file path. Now, instead of reading and delivering the file, Audiobookshelf will return just the HTTP header with an additional `X-Accel-Redirect` pointing to the file location on the file syste. This header is picked up by Nginx which will then deliver the file. Configuration ------------- The configuration for this is very simple. You need to run Nginx as reverse proxy and it must have access to your Audiobookshelf data folder. You then configure Audiobookshelf to use X-Accel by setting `USE_X_ACCEL=/protected`. The path is the internal redirect path used by Nginx. In the Nginx configuration you then configure this location and map it to the storage area to serve like this: ``` location /protected/ { internal; alias /; } ``` That's all. Impact ------ I just did a very simple performance test, downloading a 1170620819 bytes large audiobook file from another machine on the same network like this, using `time -p` to measure how log the process took: ```sh URL='https://url to audiobook…' for i in `seq 1 50` do echo "$i" curl -s -o /dev/null "${URL}" done ``` This sequential test with 50 iterations and without x-accel resulted in: ``` real 413.42 user 197.11 sys 82.04 ``` That is an average download speed of about 1080 MBit/s. With X-Accel enabled, serving the files through Nginx, the same test yielded the following results: ``` real 200.37 user 86.95 sys 29.79 ``` That is an average download speed of about 2229 MBit/s, more than doubling the previous speed. I have also run the same test with 4 parallel processes and 25 downloads each. Without x-accel, that test resulted in: ``` real 364.89 user 273.09 sys 112.75 ``` That is an average speed of about 2448 MBit/s. With X-Accel enabled, the parallel test also shows a significant speedup: ``` real 167.19 user 195.62 sys 78.61 ``` That is an average speed of about 5342 MBit/s. While doing that, I also peaked at the system load which was a bit lower when using X-Accel. Even though the system was delivering far more data. But I just looked at the `load1` values and did not build a proper test for that. That means, I cant provide any definitive data. Supported Media --------------- The current implementation works for audio files and book covers. There are other media files which would benefit from this mechanism like feed covers or author pictures. But that's something for a future developer ;-)
2022-11-25 23:41:35 +01:00
global.XAccel = process.env.USE_X_ACCEL
2024-05-19 21:40:46 +02:00
global.AllowCors = process.env.ALLOW_CORS === '1'
if (process.env.EXP_PROXY_SUPPORT === '1') {
2025-01-01 19:48:58 +01:00
// https://github.com/advplyr/audiobookshelf/pull/3754
Logger.info(`[Server] Experimental Proxy Support Enabled, SSRF Request Filter was Disabled`)
global.DisableSsrfRequestFilter = () => true
2025-01-01 19:48:58 +01:00
axios.defaults.maxRedirects = 0
axios.interceptors.response.use(
2025-01-01 19:48:58 +01:00
(response) => response,
(error) => {
if ([301, 302].includes(error.response?.status)) {
return axios({
...error.config,
2025-01-01 19:48:58 +01:00
url: error.response.headers.location
})
}
2025-01-01 19:48:58 +01:00
return Promise.reject(error)
}
2025-01-01 19:48:58 +01:00
)
} else if (process.env.DISABLE_SSRF_REQUEST_FILTER === '1') {
Logger.info(`[Server] SSRF Request Filter Disabled`)
global.DisableSsrfRequestFilter = () => true
} else if (process.env.SSRF_REQUEST_FILTER_WHITELIST?.length) {
const whitelistedUrls = process.env.SSRF_REQUEST_FILTER_WHITELIST.split(',').map((url) => url.trim())
if (whitelistedUrls.length) {
Logger.info(`[Server] SSRF Request Filter Whitelisting: ${whitelistedUrls.join(',')}`)
global.DisableSsrfRequestFilter = (url) => whitelistedUrls.includes(new URL(url).hostname)
}
}
if (process.env.PODCAST_DOWNLOAD_TIMEOUT) {
global.PodcastDownloadTimeout = process.env.PODCAST_DOWNLOAD_TIMEOUT
} else {
global.PodcastDownloadTimeout = 30000
}
if (!fs.pathExistsSync(global.ConfigPath)) {
fs.mkdirSync(global.ConfigPath)
}
if (!fs.pathExistsSync(global.MetadataPath)) {
fs.mkdirSync(global.MetadataPath)
}
2021-08-18 00:01:11 +02:00
2023-07-05 01:14:44 +02:00
this.auth = new Auth()
// Managers
2023-07-05 01:14:44 +02:00
this.emailManager = new EmailManager()
this.backupManager = new BackupManager()
2023-10-20 23:39:32 +02:00
this.abMergeManager = new AbMergeManager()
2023-07-05 01:14:44 +02:00
this.playbackSessionManager = new PlaybackSessionManager()
2024-11-07 23:32:05 +01:00
this.podcastManager = new PodcastManager()
2023-10-20 23:39:32 +02:00
this.audioMetadataManager = new AudioMetadataMangaer()
this.cronManager = new CronManager(this.podcastManager, this.playbackSessionManager)
this.apiCacheManager = new ApiCacheManager()
2023-12-05 20:19:17 +01:00
this.binaryManager = new BinaryManager()
// Routers
this.apiRouter = new ApiRouter(this)
2023-07-05 01:14:44 +02:00
this.hlsRouter = new HlsRouter(this.auth, this.playbackSessionManager)
this.publicRouter = new PublicRouter(this.playbackSessionManager)
Logger.logManager = new LogManager()
2021-08-18 00:01:11 +02:00
this.server = null
}
/**
* Middleware to check if the current request is authenticated
*
* @param {import('express').Request} req
* @param {import('express').Response} res
* @param {import('express').NextFunction} next
*/
authMiddleware(req, res, next) {
// ask passportjs if the current request is authenticated
this.auth.isAuthenticated(req, res, next)
}
cancelLibraryScan(libraryId) {
LibraryScanner.setCancelLibraryScan(libraryId)
}
/**
* Initialize database, backups, logs, rss feeds, cron jobs & watcher
* Cleanup stale/invalid data
*/
2021-08-18 00:01:11 +02:00
async init() {
Logger.info('[Server] Init v' + version)
Logger.info('[Server] Node.js Version:', process.version)
Logger.info('[Server] Platform:', process.platform)
Logger.info('[Server] Arch:', process.arch)
await this.playbackSessionManager.removeOrphanStreams()
2021-09-23 03:40:35 +02:00
/**
* Docker container ffmpeg/ffprobe binaries are included in the image.
* Docker is currently using ffmpeg/ffprobe v6.1 instead of v5.1 so skipping the check
* TODO: Support binary check for all sources
*/
if (global.Source !== 'docker') {
await this.binaryManager.init()
}
2023-07-05 01:14:44 +02:00
await Database.init(false)
await Logger.logManager.init()
2022-07-19 00:19:16 +02:00
// Create token secret if does not exist (Added v2.1.0)
2023-07-05 01:14:44 +02:00
if (!Database.serverSettings.tokenSecret) {
2022-07-19 00:19:16 +02:00
await this.auth.initTokenSecret()
}
await this.cleanUserData() // Remove invalid user item progress
2023-09-07 00:48:50 +02:00
await CacheManager.ensureCachePaths()
2022-06-18 20:11:15 +02:00
await ShareManager.init()
2023-07-08 21:40:49 +02:00
await this.backupManager.init()
await RssFeedManager.init()
2024-08-23 23:59:51 +02:00
const libraries = await Database.libraryModel.getAllWithFolders()
await this.cronManager.init(libraries)
this.apiCacheManager.init()
2023-07-05 01:14:44 +02:00
if (Database.serverSettings.scannerDisableWatcher) {
Logger.info(`[Server] Watcher is disabled`)
2024-11-07 23:32:05 +01:00
Watcher.disabled = true
} else {
2024-11-07 23:32:05 +01:00
Watcher.initWatcher(libraries)
Watcher.on('scanFilesChanged', (pendingFileUpdates, pendingTask) => {
LibraryScanner.scanFilesChanged(pendingFileUpdates, pendingTask)
})
}
2021-08-18 00:01:11 +02:00
}
/**
* Listen for SIGINT and uncaught exceptions
*/
initProcessEventListeners() {
let sigintAlreadyReceived = false
process.on('SIGINT', async () => {
if (!sigintAlreadyReceived) {
sigintAlreadyReceived = true
Logger.info('SIGINT (Ctrl+C) received. Shutting down...')
await this.stop()
Logger.info('Server stopped. Exiting.')
} else {
Logger.info('SIGINT (Ctrl+C) received again. Exiting immediately.')
}
process.exit(0)
})
/**
* @see https://nodejs.org/api/process.html#event-uncaughtexceptionmonitor
*/
process.on('uncaughtExceptionMonitor', async (error, origin) => {
await Logger.fatal(`[Server] Uncaught exception origin: ${origin}, error:`, util.format('%O', error))
})
/**
* @see https://nodejs.org/api/process.html#event-unhandledrejection
*/
process.on('unhandledRejection', async (reason, promise) => {
await Logger.fatal('[Server] Unhandled rejection:', reason, '\npromise:', util.format('%O', promise))
process.exit(1)
})
}
2021-08-18 00:01:11 +02:00
async start() {
Logger.info('=== Starting Server ===')
this.initProcessEventListeners()
2021-08-18 00:01:11 +02:00
await this.init()
const app = express()
app.use((req, res, next) => {
if (!global.ServerSettings.allowIframe) {
// Prevent clickjacking by disallowing iframes
res.setHeader('Content-Security-Policy', "frame-ancestors 'self'")
}
/**
* @temporary
* This is necessary for the ebook & cover API endpoint in the mobile apps
* The mobile app ereader is using fetch api in Capacitor that is currently difficult to switch to native requests
* so we have to allow cors for specific origins to the /api/items/:id/ebook endpoint
* The cover image is fetched with XMLHttpRequest in the mobile apps to load into a canvas and extract colors
* @see https://ionicframework.com/docs/troubleshooting/cors
*
* Running in development allows cors to allow testing the mobile apps in the browser
* or env variable ALLOW_CORS = '1'
*/
if (Logger.isDev || req.path.match(/\/api\/items\/([a-z0-9-]{36})\/(ebook|cover)(\/[0-9]+)?/)) {
const allowedOrigins = ['capacitor://localhost', 'http://localhost']
2024-05-19 21:40:46 +02:00
if (global.AllowCors || Logger.isDev || allowedOrigins.some((o) => o === req.get('origin'))) {
res.header('Access-Control-Allow-Origin', req.get('origin'))
2024-05-05 23:39:38 +02:00
res.header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, DELETE, OPTIONS')
res.header('Access-Control-Allow-Headers', '*')
res.header('Access-Control-Allow-Credentials', true)
if (req.method === 'OPTIONS') {
return res.sendStatus(200)
}
}
}
next()
})
// parse cookies in requests
app.use(cookieParser())
// enable express-session
2024-05-05 23:39:38 +02:00
app.use(
expressSession({
secret: global.ServerSettings.tokenSecret,
resave: false,
saveUninitialized: false,
cookie: {
// also send the cookie if were are not on https (not every use has https)
secure: false
},
store: new MemoryStore(86400000, 86400000, 1000)
2024-05-05 23:39:38 +02:00
})
)
// init passport.js
app.use(passport.initialize())
// register passport in express-session
2024-11-02 14:17:11 +01:00
app.use(this.auth.ifAuthNeeded(passport.session()))
// config passport.js
await this.auth.initPassportJs()
const router = express.Router()
// if RouterBasePath is set, modify all requests to include the base path
2024-12-08 08:23:39 +01:00
app.use((req, res, next) => {
const urlStartsWithRouterBasePath = req.url.startsWith(global.RouterBasePath)
const host = req.get('host')
const protocol = req.secure || req.get('x-forwarded-proto') === 'https' ? 'https' : 'http'
const prefix = urlStartsWithRouterBasePath ? global.RouterBasePath : ''
req.originalHostPrefix = `${protocol}://${host}${prefix}`
if (!urlStartsWithRouterBasePath) {
req.url = `${global.RouterBasePath}${req.url}`
}
next()
})
app.use(global.RouterBasePath, router)
app.disable('x-powered-by')
2021-08-18 00:01:11 +02:00
this.server = http.createServer(app)
2024-05-05 23:39:38 +02:00
router.use(
fileUpload({
defCharset: 'utf8',
defParamCharset: 'utf8',
useTempFiles: true,
tempFileDir: Path.join(global.MetadataPath, 'tmp')
})
)
router.use(express.urlencoded({ extended: true, limit: '5mb' }))
router.use(express.json({ limit: '5mb' }))
2021-08-18 00:01:11 +02:00
2024-11-02 14:17:11 +01:00
router.use('/api', this.auth.ifAuthNeeded(this.authMiddleware.bind(this)), this.apiRouter.router)
router.use('/hls', this.authMiddleware.bind(this), this.hlsRouter.router)
router.use('/public', this.publicRouter.router)
2021-08-18 00:01:11 +02:00
// Static path to generated nuxt
const distPath = Path.join(global.appRoot, '/client/dist')
router.use(express.static(distPath))
// Static folder
router.use(express.static(Path.join(global.appRoot, 'static')))
2021-08-18 00:01:11 +02:00
// RSS Feed temp route
router.get('/feed/:slug', (req, res) => {
Logger.info(`[Server] Requesting rss feed ${req.params.slug}`)
RssFeedManager.getFeed(req, res)
})
router.get('/feed/:slug/cover*', (req, res) => {
RssFeedManager.getFeedCover(req, res)
})
router.get('/feed/:slug/item/:episodeId/*', (req, res) => {
Logger.debug(`[Server] Requesting rss feed episode ${req.params.slug}/${req.params.episodeId}`)
RssFeedManager.getFeedItem(req, res)
})
// Auth routes
await this.auth.initAuthRoutes(router)
// Client dynamic routes
2024-11-02 14:17:11 +01:00
const dynamicRoutes = [
'/item/:id',
'/author/:id',
'/audiobook/:id/chapters',
'/audiobook/:id/edit',
'/audiobook/:id/manage',
'/library/:library',
'/library/:library/search',
'/library/:library/bookshelf/:id?',
'/library/:library/authors',
2023-11-28 23:39:52 +01:00
'/library/:library/narrators',
'/library/:library/stats',
'/library/:library/series/:id?',
2022-09-17 22:23:33 +02:00
'/library/:library/podcast/search',
'/library/:library/podcast/latest',
'/library/:library/podcast/download-queue',
'/config/users/:id',
'/config/users/:id/sessions',
'/config/item-metadata-utils/:id',
2022-11-27 21:23:28 +01:00
'/collection/:id',
'/playlist/:id',
'/share/:slug'
]
2024-11-02 14:17:11 +01:00
dynamicRoutes.forEach((route) => router.get(route, (req, res) => res.sendFile(Path.join(distPath, 'index.html'))))
router.post('/init', (req, res) => {
2023-07-05 01:14:44 +02:00
if (Database.hasRootUser) {
Logger.error(`[Server] attempt to init server when server already has a root user`)
return res.sendStatus(500)
}
this.initializeServer(req, res)
})
router.get('/status', (req, res) => {
// status check for client to see if server has been initialized
// server has been initialized if a root user exists
const payload = {
app: 'audiobookshelf',
serverVersion: version,
2023-07-05 01:14:44 +02:00
isInit: Database.hasRootUser,
language: Database.serverSettings.language,
authMethods: Database.serverSettings.authActiveAuthMethods,
authFormData: Database.serverSettings.authFormData
}
if (!payload.isInit) {
payload.ConfigPath = global.ConfigPath
payload.MetadataPath = global.MetadataPath
}
res.json(payload)
})
router.get('/ping', (req, res) => {
2022-07-30 15:37:35 +02:00
Logger.info('Received ping')
2021-08-18 00:01:11 +02:00
res.json({ success: true })
})
router.get('/healthcheck', (req, res) => res.sendStatus(200))
2021-08-18 00:01:11 +02:00
this.server.listen(this.Port, this.Host, () => {
if (this.Host) Logger.info(`Listening on http://${this.Host}:${this.Port}`)
else Logger.info(`Listening on port :${this.Port}`)
2021-08-18 00:01:11 +02:00
})
// Start listening for socket connections
SocketAuthority.initialize(this)
2021-08-18 00:01:11 +02:00
}
async initializeServer(req, res) {
Logger.info(`[Server] Initializing new server`)
const newRoot = req.body.newRoot
const rootUsername = newRoot.username || 'root'
const rootPash = newRoot.password ? await this.auth.hashPass(newRoot.password) : ''
if (!rootPash) Logger.warn(`[Server] Creating root user with no password`)
await Database.createRootUser(rootUsername, rootPash, this.auth)
res.sendStatus(200)
}
/**
* Remove user media progress for items that no longer exist & remove seriesHideFrom that no longer exist
*/
async cleanUserData() {
// Get all media progress without an associated media item
2023-08-20 20:34:03 +02:00
const mediaProgressToRemove = await Database.mediaProgressModel.findAll({
where: {
'$podcastEpisode.id$': null,
'$book.id$': null
},
attributes: ['id'],
include: [
{
2023-08-20 20:34:03 +02:00
model: Database.bookModel,
attributes: ['id']
},
{
2023-08-20 20:34:03 +02:00
model: Database.podcastEpisodeModel,
attributes: ['id']
}
]
})
if (mediaProgressToRemove.length) {
// Remove media progress
2023-08-20 20:34:03 +02:00
const mediaProgressRemoved = await Database.mediaProgressModel.destroy({
where: {
id: {
2024-05-05 23:39:38 +02:00
[Sequelize.Op.in]: mediaProgressToRemove.map((mp) => mp.id)
2023-07-05 01:14:44 +02:00
}
}
})
if (mediaProgressRemoved) {
Logger.info(`[Server] Removed ${mediaProgressRemoved} media progress for media items that no longer exist in db`)
}
}
2023-07-05 01:14:44 +02:00
// Remove series from hide from continue listening that no longer exist
try {
const users = await Database.sequelize.query(`SELECT u.id, u.username, u.extraData, json_group_array(value) AS seriesIdsToRemove FROM users u, json_each(u.extraData->"seriesHideFromContinueListening") LEFT JOIN series se ON se.id = value WHERE se.id IS NULL GROUP BY u.id;`, {
model: Database.userModel,
type: Sequelize.QueryTypes.SELECT
})
for (const user of users) {
const extraData = JSON.parse(user.extraData)
const existingSeriesIds = extraData.seriesHideFromContinueListening
const seriesIdsToRemove = JSON.parse(user.dataValues.seriesIdsToRemove)
Logger.info(`[Server] Found ${seriesIdsToRemove.length} non-existent series in seriesHideFromContinueListening for user "${user.username}" - Removing (${seriesIdsToRemove.join(',')})`)
const newExtraData = {
...extraData,
seriesHideFromContinueListening: existingSeriesIds.filter((s) => !seriesIdsToRemove.includes(s))
}
await user.update({ extraData: newExtraData })
}
} catch (error) {
Logger.error(`[Server] Failed to cleanup users seriesHideFromContinueListening`, error)
}
}
2023-12-28 23:32:21 +01:00
/**
* Gracefully stop server
* Stops watcher and socket server
*/
2021-08-18 00:01:11 +02:00
async stop() {
Logger.info('=== Stopping Server ===')
2024-11-07 23:32:05 +01:00
Watcher.close()
Logger.info('[Server] Watcher Closed')
await SocketAuthority.close()
Logger.info('[Server] Closing HTTP Server')
await new Promise((resolve) => this.server.close(resolve))
Logger.info('[Server] HTTP Server Closed')
2021-08-18 00:01:11 +02:00
}
}
module.exports = Server