Commit Graph

387 Commits

Author SHA1 Message Date
Calvin Montgomery 4102d6eaf2 Refactor index.js logic into src/main 2017-08-13 22:16:42 -07:00
Calvin Montgomery ba8088b678 videojs: default quality to 480 instead of 1080 2017-08-13 21:48:50 -07:00
Calvin Montgomery d0c1e8cbd9 Change metric names to follow prometheus naming guide 2017-08-12 13:12:58 -07:00
Calvin Montgomery 04c9d48779 custom-media: implement queueing and playback changes 2017-08-08 20:35:17 -07:00
Calvin Montgomery 8b7cdfd4c3 soundcloud: fix getVolume to match setVolume 2017-08-07 21:08:04 -07:00
Calvin Montgomery 0b560f15a9 Add prometheus counter for changeMedia 2017-08-05 18:50:27 -07:00
Calvin Montgomery dac2e41488 Fix and enable efficient emotes by default 2017-08-05 12:22:58 -07:00
Calvin Montgomery cb6cfc8455 Instrument some more metrics with prometheus 2017-08-02 21:24:44 -07:00
Calvin Montgomery 6043647cb7 Skip full user auth for most page renders
Previously, the user's session cookie was being checked against the
database for all non-static requests.  However, this is not really
needed and wastes resources (and is slow).

For most page views (e.g. index, channel page), just parsing the value
of the cookie is sufficient:

  * The cookies are already HMAC signed, so tampering with them ought to
    be for all reasonable purposes, impossible.
  * Assuming the worst case, all a nefarious user could manage to do is
    change the text of the "Welcome, {user}" and cause a (non-functional)
    ACP link to appear clientside, both of which are already possible by
    using the Inspect Element tool.

For authenticated pages (currently, the ACP, and anything under
/account/), the full database check is still performed (for now).
2017-08-01 21:40:26 -07:00
Calvin Montgomery 7bd9934e58 Minor cleanup of no longer used things 2017-07-26 20:32:51 -07:00
Calvin Montgomery 5a78056c91 Some small refactoring 2017-07-24 22:08:26 -07:00
Calvin Montgomery e80613c7ec Fix rtmp again because chrome is picky about mime types 2017-07-23 17:55:25 -07:00
Calvin Montgomery 282ad986b6 Deprecate legacy vimeo-oauth lookup 2017-07-22 11:14:29 -07:00
Calvin Montgomery 52030506b5 deps: remove status-message-polyfill
This hasn't been necessary since node v0.10, and CyTube only supports
node v6.x+ by this point.
2017-07-22 10:45:36 -07:00
Calvin Montgomery 964feb7243 Add id field to announcements and hide previously closed announcements 2017-07-22 10:35:45 -07:00
Calvin Montgomery ff3ececc36 Copy utils from cytube-common and remove dep
The `cytube-common` module was created as part of a now-defunct
experiment and since then has just remained a crufty container for a few
utils.  Moved the utils to the main repo and removed the dependency.
2017-07-19 20:47:02 -07:00
Calvin Montgomery e780e7dadb Deprecate stats table in favor of prometheus integration 2017-07-17 21:58:58 -07:00
Calvin Montgomery c7bec6251e Begin prometheus integration
Add a dependency on `prom-client` and emit a basic latency metric for
testing purposes.  Add a new configuration file for enabling/disabling
prometheus exporter and configuring the listen address.
2017-07-16 22:35:33 -07:00
Calvin Montgomery dd770137e5 Fix error for rtmp player 2017-07-15 20:17:13 -07:00
Calvin Montgomery 7efa3d4704 deps: upgrade to socket.io 2.0 2017-07-15 14:56:36 -07:00
Calvin Montgomery d9813e6244 Remove legacy tab complete (no longer used) 2017-07-15 14:48:53 -07:00
Calvin Montgomery c152a19624 Ignore library cached metadata when queueing
The use of the channel library as a cache for metadata to avoid
re-requesting metadata for known media is an optimization that dates
back to 1.0.  However, it doesn't have any TTL, is prone to bugs, and is
of dubious value.

This commit ignores the results of the library check when queueing a new
video, opting to always re-request the metadata.  This fixes a few bugs:

  * Google Drive metadata being lost when storing in library
  * Streamable metadata being lost when storing in library
  * Videos in the channel library that are now unavailable on their
    source website being queueable and then failing to play (e.g. deleted
    YouTube videos).

In its place, a small fail-open check is left behind to emit metric
counters on how many queues would have been cache-hits, to provide
insight into whether a proper caching solution (i.e. one not tacked on
top of the library) would be worth pursuing or not.  This will be
removed eventually.
2017-07-15 14:41:37 -07:00
Calvin Montgomery b7ceee8ef4 Fix video sources being lost when playlist is saved 2017-07-15 14:12:32 -07:00
Calvin Montgomery 637bcad816 camo: include subdomains of whitelisted domains in whitelist 2017-07-08 20:46:42 -07:00
Calvin Montgomery 07179d6c83 Upgrade to jsli 2.0 2017-07-08 20:11:54 -07:00
Calvin Montgomery 486ce04a3e camo: support URL encoding option 2017-07-08 19:21:14 -07:00
Calvin Montgomery 860775a90b Remove html5hack (legacy google drive setting) 2017-07-02 22:30:19 -07:00
Calvin Montgomery 5500054b84 Add resolution switcher plugin for video.js
Allows switching resolutions via the video.js UI.  Also added support on
the player side for 540p, 1440p, and 2160p videos, although the metadata
extractors have not been updated to provide these sources yet.
2017-07-01 16:54:19 -07:00
Calvin Montgomery 76e0d1b7ec Use `proxy-addr` for parsing x-forwarded-for
Closes #683 by providing functionality to trust proxies other than
localhost.
2017-06-27 23:37:18 -07:00
Calvin Montgomery 9fc399c200 Upgrade babel preset for node 6, add async transform 2017-06-20 23:16:33 -07:00
Calvin Montgomery a96f7976d8 Change Tor exit list
Use the endpoint suggested in #688 to avoid unnecessarilly banning
relays.
2017-06-17 10:12:15 -07:00
Calvin Montgomery 6633e23aa3 Add characterization test for sanitize-html
At various times in the past, upgrades in the sanitize-html library that
changed behavior of HTML filtering have caused things like emotes to
break unexpectedly.  This commit adds a basic test to sanitize
non-alphanumeric characters found in channels' emote codes so that if
the library changes, the test will break and give a heads up that
something changed.
2017-06-17 09:47:22 -07:00
Calvin Montgomery 53cee986c6 Resend userlist if rank changes meta visibility
Fixes #681.  Technically, resending the entire userlist is not
necessary; it would be sufficient to resent setUserMeta, but there's not
currently a bulk frame for that so sending the userlist is probably more
efficient.
2017-06-17 09:47:22 -07:00
Calvin Montgomery 00a65a1584 Deprecate legacy global ban junk 2017-06-05 23:18:20 -07:00
Calvin Montgomery d0712d007e Work on refactoring global IP ban database calls 2017-05-31 22:46:15 -07:00
Calvin Montgomery 7fcf31dec6 Merge pull request #671 from calzoneman/knex
The knexening: part 1
2017-05-29 13:16:35 -07:00
Calvin Montgomery 2a694e73af The knexening: part 1 2017-05-28 22:39:27 -07:00
Calvin Montgomery 22a9acfc90 Support proxying chat images via camo
Camo: https://github.com/atmos/camo.  This has a couple advantages over
just allowing images to be dumped as-is:

  - Prevents mixed-content warnings by allowing the server to proxy HTTP
    images to an HTTPS camo instance
  - Protects users' privacy by not exposing their browser directly to
    the image host
  - Allows the camo proxy to intercept and reject bad image sources
    (URLs that are not actually images, gigapixel-sized images likely to
    DoS users' browsers, etc.)

Whitelisting specific domains is supported for cases where the source is
known to be trustworthy.
2017-05-28 19:38:43 -07:00
Calvin Montgomery f968521936 Remove google drive refresh logic
No longer relevant since the video links are retrieved by the
userscript.
2017-05-28 18:35:13 -07:00
Calvin Montgomery d23b5278b1 Rename Hitbox -> Smashcast 2017-05-20 16:50:00 -07:00
Calvin Montgomery 55b03d51d7 Fix setOptions for playlist_max_duration_per_user 2017-05-20 16:31:52 -07:00
Calvin Montgomery de309d675e Remove redundant signing logic from IP session cookie 2017-05-01 21:51:11 -07:00
Calvin Montgomery 6bfbbc0c01 Support hot-swapping HTTPS certificates 2017-04-30 17:20:19 -07:00
Calvin Montgomery a0af0ccab5 Remove dead/commented-out code 2017-04-29 17:08:43 -07:00
Calvin Montgomery 089ac75e9a Fix DB purge of expired password reset reqs
3 year old bug introduced when refactoring 2.x -> 3.0.
Never worked in the first place.
2017-04-29 17:05:45 -07:00
Calvin Montgomery 8e74b0c765 Tweak setting description for playlist_max_ruation_per_user 2017-04-29 16:50:56 -07:00
Calvin Montgomery fac94d46a6 Bugfix: stringify first parameter to Logger.xxx() 2017-04-27 21:06:16 -07:00
Calvin Montgomery 8d40c87dda Deprecate jwplayer and googleplus videos 2017-04-11 21:55:31 -07:00
Calvin Montgomery 8306d2d1b6 Refactor logging 2017-04-04 23:02:31 -07:00
Calvin Montgomery b1a328d2e0 Implement max total video time per user 2017-04-03 21:18:40 -07:00
Calvin Montgomery f42e3bf2b7 Fix #656 2017-04-03 20:31:21 -07:00
Calvin Montgomery 5bdf8b4aaf Fix #657 2017-03-26 11:13:10 -07:00
Calvin Montgomery 0ce6fbba20 Fix an issue with playlist item matching 2017-03-26 11:04:02 -07:00
Calvin Montgomery 7595faf11d Fix voteskip issue when there are no videos left 2017-03-21 20:04:06 -07:00
Calvin Montgomery 309cd40da2 Compare owner name case-insensitively when deleting channel 2017-03-21 19:47:31 -07:00
Calvin Montgomery 9dc82ad444 Enforce stricter validation on polls 2017-03-20 21:37:32 -07:00
Calvin Montgomery 41a538c655 Fix playlist visibility: wait for U_HAS_CHANNEL_RANK instead of just login 2017-03-18 18:53:49 -07:00
Calvin Montgomery a594b19745 Fix user join ban check for users with blank names (but clean IPs) 2017-03-15 23:44:03 -07:00
Calvin Montgomery f6500ff745 Fix emote regex due to sanitize-html changes 2017-03-14 21:36:44 -07:00
Calvin Montgomery 9239c2d465 Add channels.owner_last_seen column 2017-03-13 21:05:32 -07:00
Calvin Montgomery 8f266ccd44 Add channels.last_loaded column 2017-03-13 20:55:06 -07:00
Calvin Montgomery c721d67080 Add explicit confirmation that accounts are unrecoverable with no email 2017-03-11 17:22:31 -08:00
Calvin Montgomery f8183bea1b Add name_dedupe column instead of using LIKE kludge for similar-looking names 2017-03-11 17:09:50 -08:00
Calvin Montgomery d65cf1beef Change sanitize-html back to the upstream module 2017-03-03 23:51:47 -08:00
Calvin Montgomery a56f0d5b10 Adjust google drive userscript prompt 2017-03-03 23:39:38 -08:00
Calvin Montgomery aea456436e Fix race condition for siteadmin rank socket frames 2017-03-03 23:34:27 -08:00
Calvin Montgomery 70be35e3fa Experimental ustream fix 2017-03-02 18:47:47 -08:00
Calvin Montgomery 20326194f7 Add execEmotesEfficient behind feature flag
For #645.  Disabled by default, I'll selectively enable it to be sure it
works and then remove the old implementation.
2017-03-01 21:16:55 -08:00
Calvin Montgomery d4db459ff9 Fix #647 2017-03-01 20:46:01 -08:00
Calvin Montgomery 5487d15bdf Add config option for mysql pool size, optimize restart login flood case 2017-02-02 23:05:50 -08:00
Calvin Montgomery 2c57719318 Support changing the ratio of video:chat width 2017-01-23 21:47:21 -08:00
Calvin Montgomery b0ff4d5ef0 Make delete from channel library a configurable permission 2017-01-23 21:16:39 -08:00
Calvin Montgomery 27e168ba8b Integrate new tab completion methods
There is now an option to choose which tab completion method to use.
Also, emotes can be tab completed.
2017-01-10 22:26:46 -08:00
Calvin Montgomery e1ad7c63af Clarify custom embed error to remove the clause about switching to plain HTTP 2017-01-09 23:47:11 -08:00
Calvin Montgomery e2abb90d14 Add HTTPS check for ffmpeg and custom embeds 2017-01-05 20:58:07 -08:00
Calvin Montgomery 31880fa625 Fix an issue where one broken channel can prevent others from saving
Son of a bitch.
2016-12-28 23:24:08 -08:00
Calvin Montgomery f6c201f3ba Add a few safeguards around channel saving 2016-12-20 00:09:24 -08:00
Calvin Montgomery d21943ecc7 Whitelist m4a/aac for ffmpeg 2016-12-17 19:53:17 -08:00
Calvin Montgomery 453ed607ba [http deprecation] enforce HTTPS for externalcss URLs 2016-12-10 23:23:57 -08:00
Calvin Montgomery e8d39850c5 Fix null check for youtube livestream check 2016-11-30 09:24:28 -08:00
Calvin Montgomery a624f45493 Fix warning in node 7 2016-11-17 23:01:20 -08:00
Calvin Montgomery aa06884bd6 Ignore cached metadata for youtube livestreams 2016-11-17 23:00:06 -08:00
Calvin Montgomery 632ffdfa8f deps: upgrade yamljs
Old version of `yamljs` was bringing in deprecated dependencies causing
`npm install` warnings.  Newer version is still buggy and doesn't
fully support the YAML spec, but it seems to work at least as well as
the old version, as far as I can tell.
2016-11-02 22:55:14 -07:00
Calvin Montgomery 9302a271d0 Remove default contact config 2016-11-01 22:44:26 -07:00
Calvin Montgomery bfad626b2d Merge pull request #632 from calzoneman/partition-refactor
Refactor partitioning a bit
2016-10-25 20:21:34 -07:00
Calvin Montgomery afa18c4749 Fix Google Drive URL 2016-10-20 19:07:03 -07:00
Calvin Montgomery d2cce4f166 Work on auto reloading partition map from redis 2016-10-15 12:36:20 -07:00
Calvin Montgomery 3c11ac6cf5 Add jitter and retry logic to google drive userscript lookups 2016-10-08 10:33:18 -07:00
Calvin Montgomery d0d2002a5f Fix some drive userscript issues 2016-10-07 19:55:41 -07:00
Calvin Montgomery 7c3f2d0a8b only set channel rank for non-guest 2016-10-06 23:22:02 -07:00
Calvin Montgomery ad4ee4bd02 Fix profile/rank for bot logins 2016-10-06 23:01:42 -07:00
Calvin Montgomery 99760b6989 Purge the awful refreshAccount logic
User.prototype.refreshAccount was responsible for multiple race
condition bugs as well as inefficient duplication of DB queries in an
attempt to correct such race conditions.

It has now been replaced by a more reasonable model:

  * Global user account information and aliases are fetched in parallel
    on socket connection
  * Channel rank is fetched when the user tries to join a channel
2016-10-03 23:12:22 -07:00
Calvin Montgomery 35a8e2b52a Fix age old bug with /login redirecting to /register after registration 2016-10-01 21:31:04 -07:00
Calvin Montgomery c88c63a422 Merge getGlobalRank and getProfile into one query
Really the entire "Account" thing needs to be refactored/deleted and
replaced with separate global account and per-channel state, which I
plan to do, but this brings some minor benefit in the meantime
2016-09-26 22:36:17 -07:00
Calvin Montgomery e1120455b2 Cache channel ID for quicker loads/saves 2016-09-26 22:20:58 -07:00
Calvin Montgomery b4b23f748f Change Hitbox player to HTTPS (#627) 2016-09-19 20:45:21 -07:00
Calvin Montgomery 489c0933e8 Upgrade to babel 6 2016-09-18 22:08:43 -07:00
Calvin Montgomery 83987afd73 Add config for twitch client ID 2016-09-18 21:35:08 -07:00
Calvin Montgomery 7b4126c32f Add concurrency to channel saving on server shutdown 2016-08-31 21:46:54 -07:00
Calvin Montgomery 8b94c54d25 Fix bug causing channels to get stuck when DB is down 2016-08-31 21:32:42 -07:00
Calvin Montgomery 84fa7972e3 Skip minification for userscript 2016-08-30 21:20:42 -07:00
Calvin Montgomery 377512340a Bump package version 2016-08-24 19:49:26 -07:00
Calvin Montgomery 5a81ab7ce7 Add a prompt explaining the situation as well as documentation 2016-08-23 21:50:18 -07:00
Calvin Montgomery 4feee02e33 Add initial userscript 2016-08-15 21:00:56 -07:00
calzoneman ac94d6ba22 Merge branch '3.0' into streamable-1 2016-08-07 21:27:27 -07:00
calzoneman da99ea8288 Add node version check to index.js 2016-08-04 19:00:36 -07:00
Jose A. Rivera c0fc4c7a86 Fix URL in package.json
The dependency on status-message-polyfill appeared to be missing part of its URL, judging by the rest of the file. Changing this line allowed me to build and install on a self-hosted server.
2016-08-04 15:48:41 -05:00
calzoneman 88c42af139 Add streamable.com support (#585) 2016-08-02 22:35:00 -07:00
Xaekai aded7b1f38 Allow users to strip images from chat. 2016-07-14 23:37:29 -07:00
Xaekai b2b034d9df Make modflair setting persistent from button too. 2016-07-11 22:14:26 -07:00
Xaekai 5eebd88e13 Move ACP nav entry to templating
Closes #516
2016-07-10 23:23:46 -07:00
Xaekai aa6066dfd5 Reduce the number of places the default theme is hardcoded from 6 to 1. 2016-07-08 19:01:31 -07:00
Xaekai 0aa73a4b14 Add missing formatter entry for vid.me 2016-07-07 23:32:09 -07:00
Xaekai 5896a1c0eb Add timestamps to polls.
Closes #562
2016-07-07 22:56:06 -07:00
calzoneman edb5fb6f4e Sync announcements across partitions 2016-07-03 21:28:43 -07:00
calzoneman 312892e56b Short term additional fix for #583
The previous commits do not handle all of the edge cases of #583
appropriately.  This is a short term solution that will work, but is not
as efficient as it could be.  The whole refreshAccount function needs to
be reconsidered and replaced with a more sane way of handling atomic
updates to the user's account state.
2016-06-29 22:00:25 -07:00
calzoneman e9fdb1a7e5 Fix login race condition (#583) 2016-06-26 16:21:15 -07:00
calzoneman 6f56862307 Add vidme support (#568) 2016-06-25 17:09:48 -07:00
calzoneman 056b2a48ea Add throttling of usercount frames 2016-06-18 00:32:50 -07:00
calzoneman 77d84d5b76 Add redis client error listener 2016-06-13 23:09:27 -07:00
calzoneman b6bb0aa56d Add redis-based channel index 2016-06-09 23:42:30 -07:00
calzoneman 594a9e17da Spread channel saves across the save interval
Since all channels were saved sequentially, this would cause huge lag
spikes every time the channel save interval fired.  This change adds a
delay between each channel so that the additional load is spread evenly
across the save interval.
2016-05-25 18:56:20 -07:00
calzoneman ae3f4bbf0b Bump version number 2016-05-21 16:29:22 -07:00
calzoneman e7866cabc8 Update NEWS.md 2016-04-27 22:06:52 -07:00
calzoneman 3b4800d045 Add database queryTime metric 2016-04-27 21:55:25 -07:00
calzoneman 0ee7f05213 Make polls more efficient
Instead of emitting frames to each individual socket, group them into
socket.io rooms of people who can see hidden poll results and people who
can't, then just do 2 broadcasts.
2016-04-02 11:57:26 -07:00
calzoneman 20538e328f Replace legacy emitter with EventEmitter prototype 2016-04-02 11:23:34 -07:00
calzoneman 9debebd4b9 /clean: error when no argument given 2016-03-28 22:31:35 -07:00
calzoneman 7448429341 Fix #566
Refactored the ffprobe stream-selection logic to handle rejected files
better:

  * Streams tagged as a non-default disposition are not considered
  * If a file has any video stream, the audio stream will be ignored

This should prevent videos from being misreported as invalid audio
codecs, etc.
2016-03-21 23:28:21 -07:00
calzoneman e6234297a1 Merge 2016-02-09 20:13:58 -08:00
calzoneman b3c85e8534 Limit requestPlaylist to once per 60 seconds
If clients call it quickly in succession with large playlists, it can
cause node to get stuck stringifying socket.io frames and cause an out
of memory crash.
2016-02-06 19:40:50 -08:00
calzoneman dd73a8ee9a Automatically publish backend address to the pool 2016-01-20 23:11:55 -08:00
calzoneman eba787942c package: bump source-map-support 2016-01-09 11:59:23 -08:00
calzoneman d7da01a7d0 package: bump cytubefilters 2016-01-08 00:08:08 -08:00
calzoneman be0759069e package: bump cytubefilters 2016-01-07 22:15:21 -08:00
calzoneman f46891b6ed Defer to mediaquery for anonymous vimeo lookup 2016-01-07 17:38:05 -08:00
calzoneman eeaffe1f61 Update socket.io to version 1.4.0 2016-01-06 21:42:48 -08:00
calzoneman b536c15758 Initial hacks to get the split to work 2015-12-26 15:07:03 -08:00
calzoneman 80c35b4190 Remove unused code 2015-12-12 16:28:24 -08:00
calzoneman 13d4a49976 Move contact page to its own route handler 2015-10-27 22:04:21 -07:00
calzoneman 40e2a608f6 Initial sioconfig migration work 2015-10-19 22:32:00 -07:00
calzoneman b4b442c897 bgtask: run channel saves serially to prevent thrashing 2015-10-09 23:16:21 -07:00
calzoneman 7f62e14045 index: add explicit error message for missing lib/server.js 2015-10-06 21:25:27 -07:00
calzoneman 1d33c47bfe package: bump version and update NEWS.md 2015-10-04 23:11:41 -07:00
calzoneman 56a2a52bdd Fixes 2015-10-01 22:02:59 -07:00
calzoneman e91635b6f9 Implement migrator 2015-09-27 11:07:57 -07:00
calzoneman 20dc871303 Use create-error for better error creation 2015-09-24 23:36:05 -07:00
calzoneman 2b6e58ace9 Add safeguard postinstall script prompt 2015-09-23 19:27:04 -07:00
calzoneman 0109a87e55 package: build with babel for ES2015 support
* Rename lib/ -> src/
* Add `postinstall` npm target for compiling src files to lib
* Add `build-watch` npm target for development with babel --watch
* Add `lib/` to .gitignore
* Add `source-map-support` module for babel-generated sourcemaps
2015-09-23 19:27:04 -07:00
calzoneman 14bfaae487 Update dependencies 2015-09-23 19:15:28 -07:00