2.5.7

Bump find-my-way from 3.0.4 to 3.0.5

.eslintrc.js

@@ -29,6 +29,7 @@ module.exports = {
     'linebreak-style': ['error', 'unix'],
     quotes: ['error', 'single'],
     semi: ['error', 'always'],
-    'comma-dangle': ['error', 'never']
+    'comma-dangle': ['error', 'never'],
+    'nonblock-statement-body-position': ['error', 'beside']
   }
 };

.github/workflows/codeql-analysis.yml

@@ -1,68 +0,0 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-# ******** NOTE ********
-
-name: "CodeQL"
-
-on:
-  push:
-    branches: [ next ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ next ]
-  schedule:
-    - cron: '25 2 * * 4'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'javascript' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
-        # Learn more...
-        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1

.github/workflows/node.js.yml

@@ -23,5 +23,6 @@ jobs:
         uses: actions/setup-node@v1
         with:
           node-version: ${{ matrix.node-version }}
-      - run: npm ci
-      - run: npm run build --if-present
+      - run: npm i -g yarn
+      - run: yarn
+      - run: yarn build

README.md

@@ -1,17 +1,15 @@
 <p align="center"><img src="https://raw.githubusercontent.com/ZiplineProject/zipline/next/public/zipline_small.png"/></p>
 
-![Version](https://img.shields.io/github/package-json/v/dicedtomatoreal/zipline)
-![LICENCE](https://img.shields.io/github/license/dicedtomatoreal/zipline)
+![Version](https://img.shields.io/github/package-json/v/diced/zipline)
+![LICENCE](https://img.shields.io/github/license/diced/zipline)
 [![Discord](https://img.shields.io/discord/729771078196527176)](https://discord.gg/AtTSecwqeV)
-![Stars](https://img.shields.io/github/stars/dicedtomatoreal/zipline)
-![GitHub repo size](https://img.shields.io/github/repo-size/dicedtomatoreal/zipline)
-![GitHub last commit (branch)](https://img.shields.io/github/last-commit/dicedtomatoreal/zipline/next)
+![Stars](https://img.shields.io/github/stars/diced/zipline)
+![GitHub repo size](https://img.shields.io/github/repo-size/diced/zipline)
+![GitHub last commit (branch)](https://img.shields.io/github/last-commit/diced/zipline/next)
 <br>
-![David](https://img.shields.io/david/dicedtomatoreal/zipline)
-![David](https://img.shields.io/david/dev/dicedtomatoreal/zipline)
-![GitHub package.json dependency version (prod)](https://img.shields.io/github/package-json/dependency-version/dicedtomatoreal/zipline/react)
-![GitHub package.json dependency version (prod)](https://img.shields.io/github/package-json/dependency-version/dicedtomatoreal/zipline/next)
-![GitHub package.json dependency version (prod)](https://img.shields.io/github/package-json/dependency-version/dicedtomatoreal/zipline/fastify)
+![David](https://img.shields.io/david/diced/zipline)
+![David](https://img.shields.io/david/dev/diced/zipline)
+![GitHub package.json dependency version (prod)](https://img.shields.io/github/package-json/dependency-version/diced/zipline/react)
 
 # Zipline
 The best and only **React + Next.js** ShareX / File Uploader you would ever want.
@@ -21,7 +19,7 @@ Wondering how Zipline compares to other popular uploaders? We have done some ben
 
 | Uploader | Average ms (3 batches/1.5k files) |
 |-|-|
-| **[Zipline](https://github.com/dicedtomatoreal/zipline)** | **61 ms** |
+| **[Zipline](https://github.com/diced/zipline)** | **61 ms** |
 | [ShareX-Upload-Server](https://github.com/TannerReynolds/ShareX-Upload-Server) | 86 ms |
 
 *Note: there were 3 batches of 1.5k requests, the average ms of each was averaged again*<br>
@@ -32,7 +30,9 @@ Wondering how Zipline compares to other popular uploaders? We have done some ben
 - Fast (API)
 - Built with Next.js & React
 - Support for **multible database types** (*literally the only one that supports multiple dbs*, mongo soon)
+- Token protected uploading
+- MFA with Authy/Google Authenticator
+- Easy setup instructions on [docs](https://zipline.diced.wtf/docs)
 
 # Installing
 [See how to install here](https://zipline.diced.wtf/docs/)
-

package.json

@@ -1,6 +1,6 @@
 {
   "name": "zipline-next",
-  "version": "2.2.2",
+  "version": "2.5.7",
   "private": true,
   "dependencies": {
     "@dicedtomato/colors": "^1.0.3",
@@ -23,22 +23,24 @@
     "fastify-typeorm-plugin": "^2.1.2",
     "figlet": "^1.5.0",
     "inquirer": "^7.3.3",
-    "ioredis": "^4.19.2",
     "material-ui-dropzone": "^3.5.0",
     "next": "^9.5.4",
     "pg": "^8.4.1",
+    "qrcode": "^1.4.4",
     "react": "^16.13.1",
     "react-dom": "^16.13.1",
     "react-helmet": "^6.1.0",
     "react-redux": "^7.2.1",
     "redux": "^4.0.5",
     "redux-persist": "^6.0.0",
+    "speakeasy": "^2.0.0",
     "toml-patch": "^0.2.3",
     "typeorm": "^0.2.28"
   },
   "scripts": {
     "format": "prettier --write .",
     "lint": "eslint .",
+    "lint:fix": "eslint . --fix",
     "dev": "ts-node src",
     "dev:verbose": "VERBOSE=true ts-node src",
     "build": "next build && tsc -p .",
@@ -48,9 +50,9 @@
   "devDependencies": {
     "@types/bcrypt": "^3.0.0",
     "@types/crypto-js": "^3.1.47",
-    "@types/ioredis": "^4.17.7",
     "@types/mongodb": "^3.5.27",
     "@types/node": "^14.11.2",
+    "@types/qrcode": "^1.3.5",
     "@types/react": "^16.9.49",
     "@types/react-redux": "^7.1.9",
     "@types/semver": "^7.3.4",
@@ -60,6 +62,7 @@
     "eslint-plugin-react": "^7.21.3",
     "mongodb": "^3.6.2",
     "prettier": "2.1.2",
+    "release": "^6.3.0",
     "ts-node": "^9.0.0",
     "typescript": "^4.0.3"
   }

release.js

@@ -0,0 +1,3 @@
+module.exports = async (markdown) => {
+  return markdown;
+};

setup.js

@@ -4,14 +4,14 @@ const { stringify } = require('toml-patch');
 const { writeFileSync } = require('fs');
 const { join } = require('path');
 
-const createDockerCompose = (port) => {
+const createDockerCompose = (port, dir) => {
   return `version: "3"
 services:
   zipline:
     ports:
       - "${port}:${port}"
     volumes:
-      - "${join(process.cwd(), 'uploads')}:/opt/zipline/uploads"
+      - "${join(process.cwd(), dir)}:${join('/opt/zipline', dir)}"
     build: .
     tty: true`;
 };
@@ -25,7 +25,14 @@ const base = {
       'https://github.githubassets.com/images/modules/open_graph/github-mark.png',
     color: '#128377'
   },
-  core: { secret: 'my-secret', port: 3000 },
+  core: {
+    secret: 'my-secret',
+    port: 3000,
+    host: '127.0.0.1',
+    theme: 'dark',
+    secure: false,
+    mfa: false
+  },
   uploader: {
     directory: './uploads',
     route: '/u',
@@ -33,7 +40,7 @@ const base = {
     original: false,
     blacklisted: []
   },
-  urls: { route: '/s', length: 4, vanity: false }
+  urls: { route: '/go', length: 4, vanity: true }
 };
 
 (async () => {
@@ -48,35 +55,33 @@ const base = {
         { name: 'mysql' },
         { name: 'mariadb' },
         { name: 'mssql' },
-        { name: 'sqlite' },
-        { name: 'sqlite3' },
-        { name: 'mongodb', extra: 'No support yet' }
+        { name: 'sqlite3' }
       ]
     },
     {
       type: 'input',
       name: 'host',
-      message: 'Database Host'
+      message: 'Database Host (leave blank if sqlite3)'
     },
     {
       type: 'number',
       name: 'port',
-      message: 'Database Port'
+      message: 'Database Port (leave blank if sqlite3)'
     },
     {
       type: 'input',
       name: 'database',
-      message: 'Database Name'
+      message: 'Database Name (db path if sqlite3)'
     },
     {
       type: 'input',
       name: 'username',
-      message: 'Database User'
+      message: 'Database User (leave blank if sqlite3)'
     },
     {
       type: 'password',
       name: 'password',
-      message: 'Database Password'
+      message: 'Database Password (leave blank if sqlite3)'
     }
   ]);
 
@@ -92,6 +97,20 @@ const base = {
       type: 'number',
       name: 'port',
       message: 'Serve on Port'
+    },
+    {
+      type: 'list',
+      name: 'theme',
+      message: 'Theme',
+      choices: [
+        { name: 'Dark Theme (recomended)' },
+        { name: 'Light Theme (warning for eyes)' }
+      ]
+    },
+    {
+      type: 'confirm',
+      name: 'mfa',
+      message: 'Enable MFA with Authy/Google Authenticator'
     }
   ]);
 
@@ -106,7 +125,7 @@ const base = {
     {
       type: 'confirm',
       name: 'original',
-      message: 'Keep Original?'
+      message: 'Keep Original File names?'
     }
   ]);
 
@@ -138,10 +157,14 @@ const base = {
     urls: { ...base.urls, ...urls }
   };
 
-  writeFileSync('Zipline.toml', stringify(config));
-
   if (docker.useDocker) {
+    config.core.host = '0.0.0.0';
     console.log('Generating docker-compose.yml...');
-    writeFileSync('docker-compose.yml', createDockerCompose(config.core.port));
+    writeFileSync('docker-compose.yml', createDockerCompose(config.core.port, config.uploader.directory));
+    console.log(
+      'Head to https://zipline.diced.wtf/docs/docker to learn how to run with docker.'
+    );
   }
+
+  writeFileSync('Zipline.toml', stringify(config));
 })();

src/components/Login.tsx

@@ -6,6 +6,10 @@ import Button from '@material-ui/core/Button';
 import Card from '@material-ui/core/Card';
 import CardContent from '@material-ui/core/CardContent';
 import CardActions from '@material-ui/core/CardActions';
+import Dialog from '@material-ui/core/Dialog';
+import DialogActions from '@material-ui/core/DialogActions';
+import DialogContent from '@material-ui/core/DialogContent';
+import DialogTitle from '@material-ui/core/DialogTitle';
 import Snackbar from '@material-ui/core/Snackbar';
 import Alert from '@material-ui/lab/Alert';
 import makeStyles from '@material-ui/core/styles/makeStyles';
@@ -26,8 +30,11 @@ export default function Login() {
   const classes = useStyles();
   const router = useRouter();
   const dispatch = useDispatch();
+  const [error, setError] = useState(false);
   const [username, setUsername] = useState('');
   const [password, setPassword] = useState('');
+  const [authOpen, setAuthOpen] = useState(false);
+  const [token, setToken] = useState('');
   const [open, setOpen] = useState(false);
 
   const handleClose = (event, reason) => {
@@ -37,17 +44,48 @@ export default function Login() {
 
   const handleLogin = async () => {
     const d = await (
-      await fetch('/api/user/login', {
+      await fetch('/api/user/verify-login', {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({ username, password })
       })
     ).json();
     if (!d.error) {
-      dispatch({ type: UPDATE_USER, payload: d });
+      if (d.mfa) {
+        setAuthOpen(true);
+      } else {
+        const payload = await (
+          await fetch('/api/user/login', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ username, password })
+          })
+        ).json();
+        if (!payload.error) {
+          dispatch({ type: UPDATE_USER, payload });
+          dispatch({ type: LOGIN });
+          router.push('/dash');
+        }
+      }
+    } else setOpen(true);
+  };
+
+  const tryChecking = async () => {
+    const verified = await (
+      await fetch(`/api/mfa/verify?token=${token}`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ username, password })
+      })
+    ).json();
+    if (!verified.passed) setError(true);
+    else {
+      setError(false);
+      setAuthOpen(false);
+      dispatch({ type: UPDATE_USER, payload: verified.user });
       dispatch({ type: LOGIN });
       router.push('/dash');
-    } else setOpen(true);
+    }
   };
 
   return (
@@ -65,30 +103,63 @@ export default function Login() {
           Could not login!
         </Alert>
       </Snackbar>
-      <Card>
-        <CardContent>
-          <Typography variant='h4'>Login</Typography>
+      <Dialog
+        open={authOpen}
+        onClose={() => setAuthOpen(false)}
+        aria-labelledby='enable-mfa'
+        aria-describedby='mfa-desc'
+      >
+        <DialogTitle id='enable-mfa'>2FA</DialogTitle>
+        <DialogContent>
           <TextField
-            label='Username'
+            label='Code'
+            helperText={error ? 'Incorrect code' : ''}
+            value={token}
             className={classes.field}
-            onChange={e => setUsername(e.target.value)}
+            onChange={e => setToken(e.target.value)}
+            error={error}
           />
-          <TextField
-            label='Password'
-            type='password'
-            className={classes.field}
-            onChange={e => setPassword(e.target.value)}
-          />
-        </CardContent>
-        <CardActions>
-          <Button
-            color='primary'
-            className={classes.field}
-            onClick={handleLogin}
-          >
-            Login
+        </DialogContent>
+        <DialogActions>
+          <Button color='primary' autoFocus onClick={tryChecking}>
+            Check
           </Button>
-        </CardActions>
+        </DialogActions>
+      </Dialog>
+      <Card>
+        <form>
+          <CardContent>
+            <Typography variant='h4'>Login</Typography>
+            <TextField
+              label='Username'
+              InputLabelProps={{
+                htmlFor: 'username'
+              }}
+              id='username'
+              className={classes.field}
+              onChange={e => setUsername(e.target.value)}
+            />
+            <TextField
+              label='Password'
+              type='password'
+              InputLabelProps={{
+                htmlFor: 'password'
+              }}
+              id='password'
+              className={classes.field}
+              onChange={e => setPassword(e.target.value)}
+            />
+          </CardContent>
+          <CardActions>
+            <Button
+              color='primary'
+              className={classes.field}
+              onClick={handleLogin}
+            >
+              Login
+            </Button>
+          </CardActions>
+        </form>
       </Card>
     </React.Fragment>
   );

src/components/ManageUser.tsx

@@ -3,14 +3,21 @@ import Typography from '@material-ui/core/Typography';
 import Card from '@material-ui/core/Card';
 import CardContent from '@material-ui/core/CardContent';
 import CardActions from '@material-ui/core/CardActions';
+import Dialog from '@material-ui/core/Dialog';
+import DialogActions from '@material-ui/core/DialogActions';
+import DialogContent from '@material-ui/core/DialogContent';
+import DialogContentText from '@material-ui/core/DialogContentText';
+import DialogTitle from '@material-ui/core/DialogTitle';
 import Button from '@material-ui/core/Button';
 import TextField from '@material-ui/core/TextField';
 import Snackbar from '@material-ui/core/Snackbar';
+import Grid from '@material-ui/core/Grid';
 import Alert from '@material-ui/lab/Alert';
 import { makeStyles } from '@material-ui/core';
 import { UPDATE_USER } from '../reducer';
 import { store } from '../store';
 import { useDispatch } from 'react-redux';
+import { Config } from '../lib/Config';
 
 const useStyles = makeStyles({
   margin: {
@@ -27,27 +34,76 @@ const useStyles = makeStyles({
   }
 });
 
-export default function ManageUser() {
+export default function ManageUser({ config }: { config: Config }) {
   const classes = useStyles();
   const dispatch = useDispatch();
   const state = store.getState();
   const [alertOpen, setAlertOpen] = useState(false);
+  const [mfaDialogOpen, setMfaDialogOpen] = useState(false);
+  const [qrcode, setQRCode] = useState(null);
   const [username, setUsername] = useState(state.user.username);
   const [password, setPassword] = useState('');
+  const [mfaToken, setMfaToken] = useState('');
+  const [email, setEmail] = useState('');
+  const [error, setError] = useState(false);
 
   const handleUpdateUser = async () => {
     const d = await (
       await fetch('/api/user', {
         method: 'PATCH',
         headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({ username, password })
+        body: JSON.stringify({
+          username,
+          password: password.trim() === '' ? null : password,
+          email
+        })
       })
     ).json();
+
     if (!d.error) {
       dispatch({ type: UPDATE_USER, payload: d });
       setAlertOpen(true);
     }
   };
+
+  const disableMFA = async () => {
+    await fetch('/api/mfa/disable');
+    const d = await (await fetch('/api/user')).json();
+
+    if (!d.error) {
+      dispatch({ type: UPDATE_USER, payload: d });
+      setAlertOpen(true);
+    }
+  };
+  const enableMFA = async () => {
+    setMfaDialogOpen(true);
+    const { dataURL } = await (await fetch('/api/mfa/qrcode')).json();
+    setQRCode(dataURL);
+  };
+  const tryEnablingMfa = async () => {
+    const verified = await (
+      await fetch(`/api/mfa/verify?token=${mfaToken}`)
+    ).json();
+    if (!verified) setError(true);
+    else {
+      setError(false);
+      setMfaDialogOpen(false);
+      setAlertOpen(true);
+      const d = await (await fetch('/api/user')).json();
+
+      if (!d.error) {
+        dispatch({ type: UPDATE_USER, payload: d });
+        setAlertOpen(true);
+      }
+    }
+  };
+
+  const disableMfaAndClose = async () => {
+    const d = await (await fetch('/api/mfa/disable')).json();
+
+    if (!d.error) setMfaDialogOpen(false);
+  };
+
   return (
     <React.Fragment>
       <Snackbar
@@ -63,6 +119,44 @@ export default function ManageUser() {
           Updated <b>{state.user.username}</b>
         </Alert>
       </Snackbar>
+      <Dialog
+        open={mfaDialogOpen}
+        onClose={disableMfaAndClose}
+        aria-labelledby='enable-mfa'
+        aria-describedby='mfa-desc'
+      >
+        <DialogTitle id='enable-mfa'>Enable 2FA</DialogTitle>
+        <DialogContent>
+          <DialogContentText id='mfa-desc'>
+            When enabling 2FA/MFA you can use <b>Authy</b> or{' '}
+            <b>Google Authenticator</b> to authenticate before logging into
+            Zipline.
+          </DialogContentText>
+          <Grid container spacing={2}>
+            <Grid item xs={6}>
+              <img src={qrcode} />
+            </Grid>
+            <Grid item xs={6}>
+              <TextField
+                label='Code'
+                helperText='After scanning the QRCode, enter the authentication code here'
+                value={mfaToken}
+                className={classes.field}
+                onChange={e => setMfaToken(e.target.value)}
+                error={error}
+              />
+            </Grid>
+          </Grid>
+        </DialogContent>
+        <DialogActions>
+          <Button color='primary' autoFocus onClick={disableMfaAndClose}>
+            Disable
+          </Button>
+          <Button color='primary' autoFocus onClick={tryEnablingMfa}>
+            Enable
+          </Button>
+        </DialogActions>
+      </Dialog>
       <Card>
         <CardContent>
           <Typography color='textSecondary' variant='h4' gutterBottom>
@@ -82,6 +176,14 @@ export default function ManageUser() {
             className={classes.field}
             onChange={e => setPassword(e.target.value)}
           />
+          <TextField
+            label='Email'
+            type='email'
+            helperText='Used for a Gravatar Avatar'
+            value={email}
+            className={classes.field}
+            onChange={e => setEmail(e.target.value)}
+          />
         </CardContent>
         <CardActions>
           <Button
@@ -91,6 +193,15 @@ export default function ManageUser() {
           >
             Update
           </Button>
+          {config.core.mfa ? (
+            <Button
+              className={classes.button}
+              color='primary'
+              onClick={state.user.secretMfaKey ? disableMFA : enableMFA}
+            >
+              {state.user.secretMfaKey ? 'Disable MFA' : 'Enable MFA'}
+            </Button>
+          ) : null}
         </CardActions>
       </Card>
     </React.Fragment>

src/components/UI.tsx

@@ -5,6 +5,7 @@ import Box from '@material-ui/core/Box';
 import Menu from '@material-ui/core/Menu';
 import MenuItem from '@material-ui/core/MenuItem';
 import Drawer from '@material-ui/core/Drawer';
+import Avatar from '@material-ui/core/Avatar';
 import Hidden from '@material-ui/core/Hidden';
 import List from '@material-ui/core/List';
 import ListItem from '@material-ui/core/ListItem';
@@ -39,6 +40,7 @@ import { makeStyles, useTheme, withStyles } from '@material-ui/core/styles';
 import { useRouter } from 'next/router';
 import { useDispatch } from 'react-redux';
 import { store } from '../store';
+import { MD5 } from 'crypto-js';
 
 const drawerWidth = 240;
 
@@ -101,6 +103,7 @@ export default function UI({ children }) {
   const state = store.getState();
   const router = useRouter();
   const dispatch = useDispatch();
+  const [emailHash, setEmailHash] = useState('');
   const [mobileOpen, setMobileOpen] = useState(false);
   const [admin, setAdmin] = useState(false);
   const [anchorEl, setAnchorEl] = useState(null);
@@ -119,6 +122,8 @@ export default function UI({ children }) {
         router.push('/user/login');
       } else setAdmin(d.administrator);
     })();
+
+    setEmailHash(MD5(state.user.email).toString());
   }, []);
 
   const handleCopyTokenThenClose = async () => {
@@ -174,16 +179,31 @@ export default function UI({ children }) {
           </IconButton>
           <Typography variant='h6'>Zipline</Typography>
           <Box className={classes.rightButton}>
-            <IconButton
-              aria-label='account of current user'
-              aria-controls='menu-appbar'
-              aria-haspopup='true'
-              onClick={event => setAnchorEl(event.currentTarget)}
-              color='inherit'
-              className={classes.rightButton}
-            >
-              <AccountCircleIcon className={classes.rightButton} />
-            </IconButton>
+            {state.user.email ? (
+              <Button
+                aria-label='account of current user'
+                aria-controls='menu-appbar'
+                aria-haspopup='true'
+                onClick={event => setAnchorEl(event.currentTarget)}
+                color='inherit'
+                className={classes.rightButton}
+              >
+                <Avatar src={`https://www.gravatar.com/avatar/${emailHash}.jpg`}>
+                  {state.user.username[0].toUpperCase()}
+                </Avatar>
+              </Button>
+            ) : (
+              <IconButton
+                aria-label='account of current user'
+                aria-controls='menu-appbar'
+                aria-haspopup='true'
+                onClick={event => setAnchorEl(event.currentTarget)}
+                color='inherit'
+                className={classes.rightButton}
+              >
+                <AccountCircleIcon className={classes.rightButton} />
+              </IconButton>
+            )}
           </Box>
 
           <Menu

src/components/UIPlaceholder.tsx

@@ -1,175 +1,21 @@
 import React from 'react';
-import AppBar from '@material-ui/core/AppBar';
-import Drawer from '@material-ui/core/Drawer';
-import Hidden from '@material-ui/core/Hidden';
-import IconButton from '@material-ui/core/IconButton';
-import List from '@material-ui/core/List';
-import ListItem from '@material-ui/core/ListItem';
-import Toolbar from '@material-ui/core/Toolbar';
-import Typography from '@material-ui/core/Typography';
+import Backdrop from '@material-ui/core/Backdrop';
 import CircularProgress from '@material-ui/core/CircularProgress';
-import Grid from '@material-ui/core/Grid';
-import MenuIcon from '@material-ui/icons/Menu';
-import Skeleton from '@material-ui/lab/Skeleton';
-import { makeStyles, useTheme } from '@material-ui/core/styles';
+import { makeStyles } from '@material-ui/core';
 
 const useStyles = makeStyles(theme => ({
-  root: {
-    display: 'flex'
-  },
-  drawer: {
-    [theme.breakpoints.up('sm')]: {
-      width: 240,
-      flexShrink: 0
-    }
-  },
-  appBar: {
-    [theme.breakpoints.up('sm')]: {
-      width: 'calc(100%)',
-      marginLeft: 240
-    }
-  },
-  menuButton: {
-    marginRight: theme.spacing(2),
-    [theme.breakpoints.up('sm')]: {
-      display: 'none'
-    }
-  },
-  rightButton: {
-    marginLeft: 'auto'
-  },
-  // necessary for content to be below app bar
-  toolbar: theme.mixins.toolbar,
-  drawerPaper: {
-    width: 240
-  },
-  content: {
-    flexGrow: 1,
-    padding: theme.spacing(3)
-  },
-  fullWidth: {
-    width: '100%'
+  backdrop: {
+    zIndex: theme.zIndex.drawer + 1,
+    color: '#000'
   }
 }));
 
 export default function UIPlaceholder() {
   const classes = useStyles();
-  const theme = useTheme();
-  const [mobileOpen, setMobileOpen] = React.useState(false);
-
-  const handleDrawerToggle = () => {
-    setMobileOpen(!mobileOpen);
-  };
-
-  const drawer = (
-    <div>
-      <Toolbar>
-        <AppBar position='fixed' className={classes.appBar} elevation={0}>
-          <Toolbar>
-            <IconButton
-              color='inherit'
-              aria-label='open drawer'
-              edge='start'
-              onClick={handleDrawerToggle}
-              className={classes.menuButton}
-            >
-              <MenuIcon />
-            </IconButton>
-            <Typography variant='h6' noWrap>
-              Zipline
-            </Typography>
-            <div className={classes.rightButton}>
-              <Skeleton animation='wave' className={classes.fullWidth} />
-            </div>
-          </Toolbar>
-        </AppBar>
-      </Toolbar>
-
-      <List>
-        <ListItem button key='Home'>
-          <Skeleton animation='wave' className={classes.fullWidth} />
-        </ListItem>
-        <ListItem button key='Statistics'>
-          <Skeleton animation='wave' className={classes.fullWidth} />
-        </ListItem>
-        <ListItem button key='Images'>
-          <Skeleton animation='wave' className={classes.fullWidth} />
-        </ListItem>
-        <ListItem button key='URLs'>
-          <Skeleton animation='wave' className={classes.fullWidth} />
-        </ListItem>
-      </List>
-    </div>
-  );
-
-  const container =
-    typeof window !== 'undefined' ? () => window.document.body : undefined;
 
   return (
-    <div className={classes.root}>
-      <AppBar position='fixed' className={classes.appBar} elevation={0}>
-        <Toolbar>
-          <IconButton
-            color='inherit'
-            aria-label='open drawer'
-            edge='start'
-            onClick={handleDrawerToggle}
-            className={classes.menuButton}
-          >
-            <MenuIcon />
-          </IconButton>
-          <Typography variant='h6' noWrap>
-            Zipline
-          </Typography>
-        </Toolbar>
-      </AppBar>
-      <nav className={classes.drawer} aria-label='mailbox folders'>
-        <Hidden smUp implementation='css'>
-          <Drawer
-            container={container}
-            variant='temporary'
-            anchor={theme.direction === 'rtl' ? 'right' : 'left'}
-            open={mobileOpen}
-            onClose={handleDrawerToggle}
-            classes={{
-              paper: classes.drawerPaper
-            }}
-            ModalProps={{
-              keepMounted: true // Better open performance on mobile.
-            }}
-          >
-            {drawer}
-          </Drawer>
-        </Hidden>
-        <Hidden xsDown implementation='css'>
-          <Drawer
-            classes={{
-              paper: classes.drawerPaper
-            }}
-            variant='permanent'
-            open
-            PaperProps={{ style: { border: 'none' } }}
-          >
-            {drawer}
-          </Drawer>
-        </Hidden>
-      </nav>
-
-      <main className={classes.content}>
-        <div className={classes.toolbar} />
-        <Grid
-          container
-          spacing={0}
-          direction='column'
-          alignItems='center'
-          justify='center'
-          style={{ minHeight: '80vh' }}
-        >
-          <Grid item xs={3}>
-            <CircularProgress size={100} />
-          </Grid>
-        </Grid>
-      </main>
-    </div>
+    <Backdrop className={classes.backdrop} open={true}>
+      <CircularProgress color='inherit' />
+    </Backdrop>
   );
 }

src/components/ZiplineTheming.tsx

@@ -5,7 +5,6 @@ import dark from '../lib/themes/dark';
 import light from '../lib/themes/light';
 
 export default function ZiplineTheming({ Component, pageProps, theme }) {
-  console.log(theme);
   return (
     <ThemeProvider theme={theme == 'light' ? light : dark}>
       <CssBaseline />

src/index.ts

@@ -11,36 +11,30 @@ import { bootstrap } from 'fastify-decorators';
 import { Console } from './lib/logger';
 import { AddressInfo } from 'net';
 import { magenta, bold, green, reset, blue, red } from '@dicedtomato/colors';
-import Redis from 'ioredis';
 import { Configuration } from './lib/Config';
-import { UserController } from './controllers/UserController';
-import { RootController } from './controllers/RootController';
+import { UserController } from './lib/controllers/UserController';
+import { RootController } from './lib/controllers/RootController';
 import { join } from 'path';
-import { ImagesController } from './controllers/ImagesController';
-import { URLSController } from './controllers/URLSController';
+import { ImagesController } from './lib/controllers/ImagesController';
+import { URLSController } from './lib/controllers/URLSController';
 import { checkVersion } from './lib/Util';
-import { readFileSync } from 'fs';
-import { Image } from './entities/Image';
-import { User } from './entities/User';
-import { Zipline } from './entities/Zipline';
-import { URL } from './entities/URL';
+import { existsSync, readFileSync } from 'fs';
+import { Image } from './lib/entities/Image';
+import { User } from './lib/entities/User';
+import { Zipline } from './lib/entities/Zipline';
+import { URL } from './lib/entities/URL';
+import { MultiFactorController } from './lib/controllers/MultiFactorController';
 const dev = process.env.NODE_ENV !== 'production';
 
-(async () => { if (await checkVersion()) Console.logger('Zipline').info('running an outdated version of zipline, please update soon!'); })();
-
-console.log(`
-${magenta(text('Zipline'))}
-
-Version : ${blue(process.env.npm_package_version || readFileSync(join(process.cwd(), 'package.json'), 'utf8'))}
-GitHub  : ${blue('https://github.com/ZiplineProject/zipline')}
-Issues  : ${blue('https://github.com/ZiplineProject/zipline/issues')}
-Docs    : ${blue('https://zipline.diced.wtf/')}
-Mode    : ${bold(dev ? red('dev') : green('production'))}
-Verbose : ${bold(process.env.VERBOSE ? red('yes') : green('no'))}
-`);
+(async () => {
+  if (await checkVersion()) Console.logger('Zipline').info(
+    'running an outdated version of zipline, please update soon!'
+  );
+})();
 
 Console.logger(Configuration).verbose('searching for config...');
 const config = Configuration.readConfig();
+
 if (!config) {
   Console.logger(Configuration).error(
     `could not find a Zipline.toml file in ${process.cwd()}`
@@ -48,6 +42,28 @@ if (!config) {
   process.exit(0);
 }
 
+if (!config.core || !config.database) {
+  Console.logger('Zipline').error(
+    'configuration seems to be invalid, did you generate a config? https://zipline.diced.wtf/docs/auto'
+  );
+  process.exit(0);
+}
+
+if (config.core.log) console.log(`
+${magenta(text('Zipline'))}
+
+Version : ${blue(
+    process.env.npm_package_version ||
+    JSON.parse(readFileSync(join(process.cwd(), 'package.json'), 'utf8'))
+      .version
+  )}
+GitHub  : ${blue('https://github.com/ZiplineProject/zipline')}
+Issues  : ${blue('https://github.com/ZiplineProject/zipline/issues')}
+Docs    : ${blue('https://zipline.diced.wtf/')}
+Mode    : ${bold(dev ? red('dev') : green('production'))}
+Verbose : ${bold(process.env.VERBOSE ? red('yes') : green('no'))}
+`);
+
 const dir = config.uploader.directory ? config.uploader.directory : 'uploads';
 const path = dir.charAt(0) == '/' ? dir : join(process.cwd(), dir);
 
@@ -68,11 +84,10 @@ server.register(fastifyRateLimit, {
   global: false
 });
 
-if (dev)
-  server.get('/_next/*', async (req, reply) => {
-    await handle(req.raw, reply.raw);
-    return (reply.sent = true);
-  });
+if (dev) server.get('/_next/*', async (req, reply) => {
+  await handle(req.raw, reply.raw);
+  return (reply.sent = true);
+});
 
 server.all('/*', async (req, reply) => {
   await handle(req.raw, reply.raw);
@@ -110,6 +125,33 @@ server.get(`${config.urls.route}/:id`, async function (
   return reply.redirect(urlId.url);
 });
 
+server.get(`${config.uploader.rich_content_route || '/a'}/:id`, async function (
+  req: FastifyRequest<{ Params: { id: string } }>,
+  reply: FastifyReply
+) {
+  if (!existsSync(join(config.uploader.directory, req.params.id))) {
+    await app.render404(req.raw, reply.raw);
+    return (reply.sent = true);
+  }
+
+  return reply.type('text/html').send(`
+  <html>
+  <head>
+      <meta property="theme-color" content="${config.meta.color}">
+      <meta property="og:title" content="${req.params.id}">
+      <meta property="og:url" content="${config.uploader.route}/${req.params.id}">
+      <meta property="og:image" content="${config.uploader.route}/${req.params.id}">
+      <meta property="twitter:card" content="summary_large_image">
+  </head>
+  <body>
+    <div style="text-align:center;vertical-align:middle;">
+      <img src="${config.uploader.route}/${req.params.id}" >
+    </div>
+  </body>
+  </html>
+  `);
+});
+
 server.register(fastifyMultipart);
 
 server.register(fastifyTypeorm, {
@@ -124,7 +166,8 @@ server.register(bootstrap, {
     UserController,
     RootController,
     ImagesController,
-    URLSController
+    URLSController,
+    MultiFactorController
   ]
 });
 
@@ -145,22 +188,26 @@ server.register(fastifyStatic, {
 
 server.register(fastifyFavicon);
 
-server.listen({
-  port: config.core.port,
-  host: config.core.host
-}, err => {
-  if (err) throw err;
-  const info = server.server.address() as AddressInfo;
+server.listen(
+  {
+    port: config.core.port,
+    host: config.core.host
+  },
+  err => {
+    if (err) throw err;
+    const info = server.server.address() as AddressInfo;
 
-  Console.logger('Server').info(
-    `server listening on ${bold(
-      `${green(info.address)}${reset(':')}${bold(green(info.port.toString()))}`
-    )}`
-  );
-});
+    Console.logger('Server').info(
+      `server listening on ${bold(
+        `${green(info.address)}${reset(':')}${bold(
+          green(info.port.toString())
+        )}`
+      )}`
+    );
+  }
+);
 
 server.addHook('preHandler', async (req, reply) => {
-
   if (
     config.core.blacklisted_ips &&
     config.core.blacklisted_ips.includes(req.ip)
@@ -168,4 +215,15 @@ server.addHook('preHandler', async (req, reply) => {
     await app.render404(req.raw, reply.raw);
     return (reply.sent = true);
   }
-});
+});
+
+server.addHook('onResponse', (req, res, done) => {
+  if (!req.url.startsWith('/_next') && config.core.log) {
+    const status =
+      res.statusCode !== 200
+        ? bold(red(res.statusCode.toString()))
+        : bold(green(res.statusCode.toString()));
+    Console.logger('server').info(`${status} ${req.url} was accessed`);
+  }
+  done();
+});

src/lib/Config.ts

@@ -2,7 +2,7 @@ import { readFileSync } from 'fs';
 import { resolve } from 'path';
 import { parse } from 'toml-patch';
 import { ConnectionOptions } from 'typeorm';
-import { WebhookHelper, WebhookType } from './Webhooks';
+import { Webhooks, WebhookType } from './Webhooks';
 
 export interface Config {
   database: ConnectionOptions;
@@ -23,6 +23,7 @@ export interface ConfigMeta {
 export interface ConfigUploader {
   directory: string;
   route: string;
+  rich_content_route?: string;
   length: number;
   blacklisted: string[];
   original: boolean;
@@ -47,6 +48,8 @@ export interface ConfigCore {
   blacklisted_ips?: string[];
   ratelimiter?: ConfigCoreRateLimiter;
   theme?: 'dark' | 'light';
+  mfa?: boolean;
+  log?: boolean;
 }
 
 export interface ConfigWebhooks {
@@ -76,8 +79,7 @@ export class Configuration {
     try {
       const data = readFileSync(resolve(process.cwd(), 'Zipline.toml'), 'utf8');
       const parsed = parse(data);
-      if (parsed.webhooks)
-        parsed.webhooks.events = WebhookHelper.convert(parsed.webhooks.events);
+      if (parsed.webhooks) parsed.webhooks.events = Webhooks.convert(parsed.webhooks.events);
       return parsed;
     } catch (e) {
       return null;

src/lib/Util.ts

@@ -3,9 +3,10 @@ import { compareSync, hashSync } from 'bcrypt';
 import { Configuration } from './Config';
 import { Connection } from 'typeorm';
 import { compare } from 'semver';
-import { Zipline } from '../entities/Zipline';
+import { Zipline } from './entities/Zipline';
 import { readFileSync } from 'fs';
 import { join } from 'path';
+import { FastifyReply } from 'fastify';
 
 const config = Configuration.readConfig();
 
@@ -14,8 +15,7 @@ export function createRandomId(
   charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
 ) {
   let result = '';
-  for (let i = 0; i < length; i++)
-    result += charset.charAt(Math.floor(Math.random() * charset.length));
+  for (let i = 0; i < length; i++) result += charset.charAt(Math.floor(Math.random() * charset.length));
   return result;
 }
 
@@ -58,4 +58,11 @@ export async function checkVersion(): Promise<boolean> {
   const compared = compare(currentVersion, latestVersion);
 
   return compared == 0 || compared == 1 ? false : true;
+}
+
+export async function sendError(reply: FastifyReply, error: string) {
+  return reply.code(400).send({
+    code: 400,
+    error
+  });
 }

src/lib/WebUtil.ts

@@ -0,0 +1,5 @@
+export function createURL(href: string, route: string, file: string): string {
+  const t = new URL(href);
+  t.pathname = `${route}/${file}`;
+  return t.toString();
+}

src/lib/Webhooks.ts

@@ -1,6 +1,6 @@
-import { Image } from '../entities/Image';
-import { URL } from '../entities/URL';
-import { User } from '../entities/User';
+import { Image } from './entities/Image';
+import { URL } from './entities/URL';
+import { User } from './entities/User';
 import { Config, Configuration, ConfigWebhooks } from './Config';
 import { Console } from './logger';
 
@@ -46,7 +46,7 @@ export type WebhookSendText =
   | 'user_delete'
   | 'user_edit';
 
-export class WebhookHelper {
+export class Webhooks {
   public static convert(strings: WebhookSendText[]) {
     return strings.map(x => WebhookType[x.toUpperCase()]);
   }
@@ -81,11 +81,11 @@ export class WebhookHelper {
         },
         body: JSON.stringify({
           username: config.webhooks.username,
-          content: WebhookHelper.parseContent(content, data)
+          content: Webhooks.parseContent(content, data)
         })
       });
     } catch (e) {
-      Console.logger(WebhookHelper).error(e);
+      Console.logger(Webhooks).error(e);
     }
   }
 }

src/lib/api/APIErrors.ts

@@ -1,7 +0,0 @@
-export class MissingBodyData extends Error {}
-export class LoginError extends Error {}
-export class NotAdministratorError extends Error {}
-export class UserExistsError extends Error {}
-export class UserNotFoundError extends Error {}
-export class UserCredentialsError extends Error {}
-export class AuthError extends Error {}

src/lib/controllers/ImagesController.ts

@@ -10,11 +10,10 @@ import {
 } from 'fastify-decorators';
 import { Repository } from 'typeorm';
 import { Image } from '../entities/Image';
-import { LoginError } from '../lib/api/APIErrors';
-import { Configuration, ConfigWebhooks } from '../lib/Config';
-import { Console } from '../lib/logger';
-import { readBaseCookie } from '../lib/Util';
-import { WebhookHelper, WebhookType } from '../lib/Webhooks';
+import { Configuration, ConfigWebhooks } from '../Config';
+import { Console } from '../logger';
+import { readBaseCookie, sendError } from '../Util';
+import { Webhooks, WebhookType } from '../Webhooks';
 
 const config = Configuration.readConfig();
 
@@ -24,11 +23,11 @@ export class ImagesController {
   private instance!: FastifyInstance;
 
   private images: Repository<Image> = this.instance.orm.getRepository(Image);
-  private webhooks: ConfigWebhooks = WebhookHelper.conf(config);
+  private webhooks: ConfigWebhooks = Webhooks.conf(config);
 
   @GET('/')
   async allImages(req: FastifyRequest, reply: FastifyReply) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
 
     const images = await this.images.find({
       where: {
@@ -44,7 +43,7 @@ export class ImagesController {
     req: FastifyRequest<{ Params: { id: string } }>,
     reply: FastifyReply
   ) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
 
     const image = await this.images.findOne({
       where: {
@@ -53,24 +52,30 @@ export class ImagesController {
       }
     });
 
-    if (!image) throw new Error('No image');
+    if (!image) return sendError(reply, 'No image');
 
     this.images.delete({
       id: req.params.id
     });
 
-    const dir = config.uploader.directory ? config.uploader.directory : 'uploads';
-    const path = join(dir.charAt(0) == '/' ? dir : join(process.cwd(), dir), image.file);
+    const dir = config.uploader.directory
+      ? config.uploader.directory
+      : 'uploads';
+    const path = join(
+      dir.charAt(0) == '/' ? dir : join(process.cwd(), dir),
+      image.file
+    );
 
     try {
       unlinkSync(path);
 
       Console.logger(Image).info(`image ${image.id} was deleted`);
-      if (this.webhooks.events.includes(WebhookType.DELETE_IMAGE))
-        WebhookHelper.sendWebhook(this.webhooks.upload.content, {
-          image,
-          host: `${config.core.secure ? 'https' : 'http'}://${req.hostname}${config.uploader.route}/`
-        });
+      if (this.webhooks.events.includes(WebhookType.DELETE_IMAGE)) Webhooks.sendWebhook(this.webhooks.upload.content, {
+        image,
+        host: `${config.core.secure ? 'https' : 'http'}://${req.hostname}${
+          config.uploader.route
+        }/`
+      });
 
       return reply.send(image);
     } catch (e) {
@@ -81,7 +86,7 @@ export class ImagesController {
 
   @GET('/recent')
   async recentImages(req: FastifyRequest, reply: FastifyReply) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
 
     const images = await this.images.find({
       where: {
@@ -94,7 +99,7 @@ export class ImagesController {
 
   @GET('/chunk')
   async pages(req: FastifyRequest, reply: FastifyReply) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
 
     const images = await this.images.find({
       where: {

src/lib/controllers/MultiFactorController.ts

@@ -0,0 +1,130 @@
+import { FastifyReply, FastifyRequest, FastifyInstance } from 'fastify';
+import {
+  Controller,
+  GET,
+  FastifyInstanceToken,
+  Inject,
+  POST
+} from 'fastify-decorators';
+import { Repository } from 'typeorm';
+import { User } from '../entities/User';
+import { totp, generateSecret, otpauthURL } from 'speakeasy';
+import { toDataURL } from 'qrcode';
+import {
+  checkPassword,
+  createBaseCookie,
+  readBaseCookie,
+  sendError
+} from '../Util';
+import { Console } from '../logger';
+import { WebhookType, Webhooks } from '../Webhooks';
+import { Configuration, ConfigWebhooks } from '../Config';
+
+const config = Configuration.readConfig();
+
+@Controller('/api/mfa')
+export class MultiFactorController {
+  @Inject(FastifyInstanceToken)
+  private instance!: FastifyInstance;
+
+  private users: Repository<User> = this.instance.orm.getRepository(User);
+  private logger: Console = Console.logger(User);
+  private webhooks: ConfigWebhooks = Webhooks.conf(config);
+
+  @GET('/qrcode')
+  async qrcode(req: FastifyRequest, reply: FastifyReply) {
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
+    let user = await this.users.findOne({
+      where: {
+        id: readBaseCookie(req.cookies.zipline)
+      }
+    });
+
+    if (!user.secretMfaKey) {
+      const secret = generateSecret({
+        issuer: 'Zipline',
+        length: 128,
+        name: user.username
+      });
+      user.secretMfaKey = secret.base32;
+      user = await this.users.save(user);
+    }
+
+    const dataURL = await toDataURL(
+      otpauthURL({
+        secret: user.secretMfaKey,
+        label: user.email || 'none',
+        issuer: 'Zipline',
+        encoding: 'base32'
+      })
+    );
+
+    return reply.send({
+      dataURL
+    });
+  }
+
+  @GET('/disable')
+  async disable(req: FastifyRequest, reply: FastifyReply) {
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
+    const user = await this.users.findOne({
+      where: {
+        id: readBaseCookie(req.cookies.zipline)
+      }
+    });
+
+    user.secretMfaKey = null;
+
+    this.users.save(user);
+
+    this.logger.info(`disabled mfa ${user.username} (${user.id})`);
+    reply.send({ disabled: true });
+  }
+
+  @POST('/verify')
+  async verify(
+    req: FastifyRequest<{
+      Querystring: { token: string };
+      Body: { username: string; password: string };
+    }>,
+    reply: FastifyReply
+  ) {
+    if (req.cookies.zipline) return sendError(reply, 'Already logged in.');
+    if (!req.body.username) return sendError(reply, 'Missing username.');
+    if (!req.body.password) return sendError(reply, 'Missing uassword.');
+
+    const user = await this.users.findOne({
+      where: {
+        username: req.body.username
+      }
+    });
+
+    if (!user) return sendError(reply, `User "${req.body.username}" was not found.`);
+    if (!checkPassword(req.body.password, user.password)) {
+      this.logger.error(
+        `${user.username} (${user.id}) tried to login but failed with mfa`
+      );
+      return sendError(reply, 'Wrong credentials!');
+    }
+    delete user.password;
+
+    const passed = totp.verify({
+      encoding: 'base32',
+      token: req.query.token,
+      secret: user.secretMfaKey
+    });
+
+    this.logger.verbose(`set cookie for ${user.username} (${user.id})`);
+    reply.setCookie('zipline', createBaseCookie(user.id), {
+      path: '/',
+      maxAge: 1036800000
+    });
+
+    this.logger.info(`${user.username} (${user.id}) logged in with mfa`);
+    if (this.webhooks.events.includes(WebhookType.LOGIN)) Webhooks.sendWebhook(this.webhooks.login.content, {
+      user
+    });
+
+    return reply.send({ user, passed });
+  }
+}

src/lib/controllers/RootController.ts

@@ -14,16 +14,28 @@ import { pipeline } from 'stream';
 import { promisify } from 'util';
 import { Image } from '../entities/Image';
 import { User } from '../entities/User';
-import { AuthError } from '../lib/api/APIErrors';
-import { Configuration, ConfigWebhooks } from '../lib/Config';
-import { createRandomId, getFirst } from '../lib/Util';
-import { Console } from '../lib/logger';
-import { WebhookHelper, WebhookType } from '../lib/Webhooks';
+import { Configuration, ConfigWebhooks } from '../Config';
+import { createRandomId, getFirst, sendError } from '../Util';
+import { Console } from '../logger';
+import { Webhooks, WebhookType } from '../Webhooks';
 const pump = promisify(pipeline);
 
 const config = Configuration.readConfig();
+if (!config.core || !config.database) {
+  Console.logger('Zipline').error(
+    'configuration seems to be invalid, did you generate a config? https://zipline.diced.wtf/docs/auto'
+  );
+  process.exit(0);
+}
 const rateLimiterConfig = config.core.ratelimiter
-  ? { config: { rateLimit: { max: config.core.ratelimiter.requests, timeWindow: config.core.ratelimiter.retry_after } } }
+  ? {
+    config: {
+      rateLimit: {
+        max: config.core.ratelimiter.requests,
+        timeWindow: config.core.ratelimiter.retry_after
+      }
+    }
+  }
   : {};
 
 @Controller('/api')
@@ -33,7 +45,7 @@ export class RootController {
 
   private users: Repository<User> = this.instance.orm.getRepository(User);
   private images: Repository<Image> = this.instance.orm.getRepository(Image);
-  private webhooks: ConfigWebhooks = WebhookHelper.conf(config);
+  private webhooks: ConfigWebhooks = Webhooks.conf(config);
   private logger: Console = Console.logger(Image);
 
   @GET('/first')
@@ -49,7 +61,7 @@ export class RootController {
 
   @GET('/users')
   async allUsers(req: FastifyRequest, reply: FastifyReply) {
-    if (!req.cookies.zipline) throw new Error('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
     const users = await this.users.find();
     const final = [];
 
@@ -64,7 +76,7 @@ export class RootController {
 
   @GET('/statistics')
   async stats(req: FastifyRequest, reply: FastifyReply) {
-    if (!req.cookies.zipline) throw new Error('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
 
     const images = await this.images.find();
     const users = await this.users.find();
@@ -97,26 +109,23 @@ export class RootController {
 
   @POST('/upload', rateLimiterConfig)
   async loginStatus(req: FastifyRequest, reply: FastifyReply) {
-    if (!req.headers.authorization)
-      return new AuthError('No authorization header!');
+    if (!req.headers.authorization) return sendError(reply, 'No authorization header!');
 
     const user = await this.users.findOne({
       where: {
         token: req.headers.authorization
       }
     });
-    if (!user) return new AuthError('Incorrect token!');
+    if (!user) return sendError(reply, 'Incorrect token!');
 
     // eslint-disable-next-line @typescript-eslint/ban-ts-comment
     //@ts-ignore stupid multipart types smh
     const data: Multipart = await req.file();
 
-    if (!existsSync(config.uploader.directory))
-      mkdirSync(config.uploader.directory);
+    if (!existsSync(config.uploader.directory)) mkdirSync(config.uploader.directory);
 
-    const ext = data.filename.split('.')[1];
-    if (config.uploader.blacklisted.includes(ext))
-      throw new Error('Blacklisted file extension!');
+    const ext = data.mimetype === 'application/octet-stream' ? 'bin' : data.filename.split('.')[1];
+    if (config.uploader.blacklisted.includes(ext)) return sendError(reply, 'Blacklisted file extension!');
 
     const fileName = config.uploader.original
       ? data.filename.split('.')[0]
@@ -135,14 +144,17 @@ export class RootController {
       `image ${fileName}.${ext} was uploaded by ${user.username} (${user.id})`
     );
 
-    if (this.webhooks.events.includes(WebhookType.UPLOAD))
-      WebhookHelper.sendWebhook(this.webhooks.upload.content, {
-        image,
-        host: `${config.core.secure ? 'https' : 'http'}://${req.hostname}${config.uploader.route}/`
-      });
+    const host = `${config.core.secure ? 'https' : 'http'}://${req.hostname}${
+      config.uploader.rich_content_route
+        ? config.uploader.rich_content_route
+        : config.uploader.route
+    }/${fileName}.${ext}`;
 
-    reply.send(
-      `${config.core.secure ? 'https' : 'http'}://${req.hostname}${config.uploader.route}/${fileName}.${ext}`
-    );
+    if (this.webhooks.events.includes(WebhookType.UPLOAD)) Webhooks.sendWebhook(this.webhooks.upload.content, {
+      image,
+      host
+    });
+
+    reply.send(host);
   }
 }

src/lib/controllers/URLSController.ts

@@ -10,11 +10,10 @@ import {
 import { Repository } from 'typeorm';
 import { URL } from '../entities/URL';
 import { User } from '../entities/User';
-import { LoginError } from '../lib/api/APIErrors';
-import { Configuration, ConfigWebhooks } from '../lib/Config';
-import { Console } from '../lib/logger';
-import { createRandomId, readBaseCookie } from '../lib/Util';
-import { WebhookType, WebhookHelper } from '../lib/Webhooks';
+import { Configuration, ConfigWebhooks } from '../Config';
+import { Console } from '../logger';
+import { createRandomId, readBaseCookie, sendError } from '../Util';
+import { WebhookType, Webhooks } from '../Webhooks';
 
 const config = Configuration.readConfig();
 
@@ -26,11 +25,11 @@ export class URLSController {
   private urls: Repository<URL> = this.instance.orm.getRepository(URL);
   private users: Repository<User> = this.instance.orm.getRepository(User);
   private logger: Console = Console.logger(URL);
-  private webhooks: ConfigWebhooks = WebhookHelper.conf(config);
+  private webhooks: ConfigWebhooks = Webhooks.conf(config);
 
   @GET('/')
   async allURLS(req: FastifyRequest, reply: FastifyReply) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
 
     const all = await this.urls.find({
       where: {
@@ -46,7 +45,7 @@ export class URLSController {
     req: FastifyRequest<{ Params: { id: string } }>,
     reply: FastifyReply
   ) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
 
     const url = await this.urls.findOne({
       where: {
@@ -55,7 +54,7 @@ export class URLSController {
       }
     });
 
-    if (!url) throw new Error('No url');
+    if (!url) return sendError(reply, 'No url');
 
     this.logger.verbose(`attempting to delete url ${url.id}`);
     this.urls.delete({
@@ -63,11 +62,12 @@ export class URLSController {
     });
 
     this.logger.info(`url ${url.id} was deleted`);
-    if (this.webhooks.events.includes(WebhookType.DELETE_URL))
-      WebhookHelper.sendWebhook(this.webhooks.delete_url.content, {
-        url,
-        host: `${config.core.secure ? 'https' : 'http'}://${req.hostname}${config.urls.route}/`
-      });
+    if (this.webhooks.events.includes(WebhookType.DELETE_URL)) Webhooks.sendWebhook(this.webhooks.delete_url.content, {
+      url,
+      host: `${config.core.secure ? 'https' : 'http'}://${req.hostname}${
+        config.urls.route
+      }/`
+    });
 
     return reply.send(url);
   }
@@ -77,7 +77,7 @@ export class URLSController {
     req: FastifyRequest<{ Body: { vanity: string; url: string } }>,
     reply: FastifyReply
   ) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
 
     if (config.urls.vanity && req.body.vanity) {
       const existingVanity = await this.urls.findOne({
@@ -85,7 +85,7 @@ export class URLSController {
           vanity: req.body.vanity
         }
       });
-      if (existingVanity) throw new Error('There is an existing vanity!');
+      if (existingVanity) return sendError(reply, 'There is an existing vanity!');
     }
 
     const user = await this.users.findOne({
@@ -94,7 +94,7 @@ export class URLSController {
       }
     });
 
-    if (!user) throw new LoginError('No user');
+    if (!user) return sendError(reply, 'No user');
 
     const id = createRandomId(config.urls.length);
 
@@ -104,11 +104,12 @@ export class URLSController {
     );
 
     this.logger.info(`saved url ${url.id}`);
-    if (this.webhooks.events.includes(WebhookType.SHORTEN))
-      WebhookHelper.sendWebhook(this.webhooks.shorten.content, {
-        url,
-        host: `${config.core.secure ? 'https' : 'http'}://${req.hostname}${config.urls.route}/`
-      });
+    if (this.webhooks.events.includes(WebhookType.SHORTEN)) Webhooks.sendWebhook(this.webhooks.shorten.content, {
+      url,
+      host: `${config.core.secure ? 'https' : 'http'}://${req.hostname}${
+        config.urls.route
+      }/`
+    });
 
     return reply.send(url);
   }

src/lib/controllers/UserController.ts

@@ -10,24 +10,20 @@ import {
 } from 'fastify-decorators';
 import { Repository } from 'typeorm';
 import { User } from '../entities/User';
+import { Image } from '../entities/Image';
 import { Zipline } from '../entities/Zipline';
-import {
-  UserNotFoundError,
-  MissingBodyData,
-  LoginError,
-  UserExistsError
-} from '../lib/api/APIErrors';
-import { Configuration, ConfigWebhooks } from '../lib/Config';
-import { Console } from '../lib/logger';
+import { Configuration, ConfigWebhooks } from '../Config';
+import { Console } from '../logger';
 import {
   checkPassword,
   createBaseCookie,
   createToken,
   encryptPassword,
   getFirst,
-  readBaseCookie
-} from '../lib/Util';
-import { WebhookType, WebhookHelper } from '../lib/Webhooks';
+  readBaseCookie,
+  sendError
+} from '../Util';
+import { WebhookType, Webhooks } from '../Webhooks';
 
 const config = Configuration.readConfig();
 
@@ -37,8 +33,9 @@ export class UserController {
   private instance!: FastifyInstance;
 
   private users: Repository<User> = this.instance.orm.getRepository(User);
+  private images: Repository<Image> = this.instance.orm.getRepository(Image);
   private logger: Console = Console.logger(User);
-  private webhooks: ConfigWebhooks = WebhookHelper.conf(config);
+  private webhooks: ConfigWebhooks = Webhooks.conf(config);
 
   @GET('/login-status')
   async loginStatus(req: FastifyRequest, reply: FastifyReply) {
@@ -49,24 +46,50 @@ export class UserController {
 
   @GET('/')
   async currentUser(req: FastifyRequest, reply: FastifyReply) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
     const user = await this.users.findOne({
       where: {
         id: readBaseCookie(req.cookies.zipline)
       }
     });
     // eslint-disable-next-line quotes
-    if (!user) throw new UserExistsError("User doesn't exist");
+    if (!user) return sendError(reply, "User doesn't exist");
     delete user.password;
     return reply.send(user);
   }
 
+  @GET('/stats')
+  async stats(req: FastifyRequest, reply: FastifyReply) {
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
+    const user = await this.users.findOne({
+      where: {
+        id: readBaseCookie(req.cookies.zipline)
+      }
+    });
+
+    const images = await this.images.find({
+      where: {
+        user: user.id
+      }
+    });
+
+    const totalViews = images.map(x => x.views).reduce((a, b) => Number(a) + Number(b), 0);
+
+    return reply.send({
+      totalViews,
+      images: images.length,
+      averageViews: totalViews / images.length
+    });
+  }
+
   @PATCH('/')
   async editUser(
-    req: FastifyRequest<{ Body: { username: string; password: string } }>,
+    req: FastifyRequest<{
+      Body: { username: string; password: string; email: string };
+    }>,
     reply: FastifyReply
   ) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
 
     const user = await this.users.findOne({
       where: {
@@ -74,31 +97,31 @@ export class UserController {
       }
     });
     // eslint-disable-next-line quotes
-    if (!user) throw new UserExistsError("User doesn't exist");
+    if (!user) return sendError(reply, "User doesn't exist");
 
     this.logger.verbose(`attempting to save ${user.username} (${user.id})`);
     user.username = req.body.username;
-    user.password = encryptPassword(req.body.password);
+    if (req.body.password) user.password = encryptPassword(req.body.password);
+    if (req.body.email) user.email = req.body.email;
     await this.users.save(user);
 
     this.logger.info(`saved ${user.username} (${user.id})`);
-    if (this.webhooks.events.includes(WebhookType.USER_EDIT))
-      WebhookHelper.sendWebhook(this.webhooks.user_edit.content, {
-        user
-      });
+    if (this.webhooks.events.includes(WebhookType.USER_EDIT)) Webhooks.sendWebhook(this.webhooks.user_edit.content, {
+      user
+    });
 
     delete user.password;
     return reply.send(user);
   }
 
-  @POST('/login')
-  async login(
+  @POST('/verify-login')
+  async verify(
     req: FastifyRequest<{ Body: { username: string; password: string } }>,
     reply: FastifyReply
   ) {
-    if (req.cookies.zipline) throw new LoginError('Already logged in.');
-    if (!req.body.username) throw new MissingBodyData('Missing username.');
-    if (!req.body.password) throw new MissingBodyData('Missing uassword.');
+    if (req.cookies.zipline) return sendError(reply, 'Already logged in.');
+    if (!req.body.username) return sendError(reply, 'Missing username.');
+    if (!req.body.password) return sendError(reply, 'Missing uassword.');
 
     const user = await this.users.findOne({
       where: {
@@ -106,13 +129,40 @@ export class UserController {
       }
     });
 
-    if (!user)
-      throw new UserNotFoundError(`User "${req.body.username}" was not found.`);
+    if (!user) return sendError(reply, `User "${req.body.username}" was not found.`);
+    if (!checkPassword(req.body.password, user.password)) {
+      this.logger.error(
+        `${user.username} (${user.id}) tried to verify their credentials but failed`
+      );
+      return sendError(reply, 'Wrong credentials!');
+    }
+
+    reply.send({
+      mfa: !!user.secretMfaKey
+    });
+  }
+
+  @POST('/login')
+  async login(
+    req: FastifyRequest<{ Body: { username: string; password: string } }>,
+    reply: FastifyReply
+  ) {
+    if (req.cookies.zipline) return sendError(reply, 'Already logged in.');
+    if (!req.body.username) return sendError(reply, 'Missing username.');
+    if (!req.body.password) return sendError(reply, 'Missing uassword.');
+
+    const user = await this.users.findOne({
+      where: {
+        username: req.body.username
+      }
+    });
+
+    if (!user) return sendError(reply, `User "${req.body.username}" was not found.`);
     if (!checkPassword(req.body.password, user.password)) {
       this.logger.error(
         `${user.username} (${user.id}) tried to login but failed`
       );
-      throw new LoginError('Wrong credentials!');
+      return sendError(reply, 'Wrong credentials!');
     }
     delete user.password;
 
@@ -123,17 +173,16 @@ export class UserController {
     });
 
     this.logger.info(`${user.username} (${user.id}) logged in`);
-    if (this.webhooks.events.includes(WebhookType.LOGIN))
-      WebhookHelper.sendWebhook(this.webhooks.login.content, {
-        user
-      });
+    if (this.webhooks.events.includes(WebhookType.LOGIN)) Webhooks.sendWebhook(this.webhooks.login.content, {
+      user
+    });
 
     return reply.send(user);
   }
 
   @POST('/logout')
   async logout(req: FastifyRequest, reply: FastifyReply) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
     try {
       reply.clearCookie('zipline', { path: '/' });
       return reply.send({ clearStore: true });
@@ -144,7 +193,7 @@ export class UserController {
 
   @POST('/reset-token')
   async resetToken(req: FastifyRequest, reply: FastifyReply) {
-    if (!req.cookies.zipline) throw new LoginError('Not logged in.');
+    if (!req.cookies.zipline) return sendError(reply, 'Not logged in.');
 
     const user = await this.users.findOne({
       where: {
@@ -152,7 +201,7 @@ export class UserController {
       }
     });
 
-    if (!user) throw new UserNotFoundError('User was not found.');
+    if (!user) return sendError(reply, 'User was not found.');
 
     this.logger.verbose(
       `attempting to reset token ${user.username} (${user.id})`
@@ -161,10 +210,9 @@ export class UserController {
     await this.users.save(user);
 
     this.logger.info(`reset token ${user.username} (${user.id})`);
-    if (this.webhooks.events.includes(WebhookType.TOKEN_RESET))
-      WebhookHelper.sendWebhook(this.webhooks.token_reset.content, {
-        user
-      });
+    if (this.webhooks.events.includes(WebhookType.TOKEN_RESET)) Webhooks.sendWebhook(this.webhooks.token_reset.content, {
+      user
+    });
 
     return reply.send({ updated: true });
   }
@@ -176,13 +224,13 @@ export class UserController {
     }>,
     reply: FastifyReply
   ) {
-    if (!req.body.username) throw new MissingBodyData('Missing username.');
-    if (!req.body.password) throw new MissingBodyData('Missing uassword.');
+    if (!req.body.username) return sendError(reply, 'Missing username.');
+    if (!req.body.password) return sendError(reply, 'Missing uassword.');
 
     const existing = await this.users.findOne({
       where: { username: req.body.username }
     });
-    if (existing) throw new UserExistsError('User exists already');
+    if (existing) return sendError(reply, 'User exists already');
 
     try {
       this.logger.verbose(`attempting to create ${req.body.username}`);
@@ -195,26 +243,24 @@ export class UserController {
         )
       );
       this.logger.info(`created user ${user.username} (${user.id})`);
-      if (this.webhooks.events.includes(WebhookType.CREATE_USER))
-        WebhookHelper.sendWebhook(this.webhooks.create_user.content, {
-          user
-        });
+      if (this.webhooks.events.includes(WebhookType.CREATE_USER)) Webhooks.sendWebhook(this.webhooks.create_user.content, {
+        user
+      });
 
       const firstSetup = await getFirst(this.instance.orm);
-      if (firstSetup)
-        await this.instance.orm.getRepository(Zipline).update(
-          {
-            id: 'zipline'
-          },
-          {
-            first: false
-          }
-        );
+      if (firstSetup) await this.instance.orm.getRepository(Zipline).update(
+        {
+          id: 'zipline'
+        },
+        {
+          first: false
+        }
+      );
 
       delete user.password;
       return reply.send(user);
     } catch (e) {
-      throw new Error(`Could not create user: ${e.message}`);
+      return sendError(reply, `Could not create user: ${e.message}`);
     }
   }
 
@@ -230,7 +276,7 @@ export class UserController {
     const existing = await this.users.findOne({
       where: { id: req.params.id }
     });
-    if (!existing) throw new UserExistsError('User doesnt exist');
+    if (!existing) return sendError(reply, 'User doesnt exist');
 
     try {
       this.logger.verbose(
@@ -239,17 +285,15 @@ export class UserController {
       await this.users.remove(existing);
 
       this.logger.info(`deleted ${existing.username} (${existing.id})`);
-      if (this.webhooks.events.includes(WebhookType.USER_DELETE))
-        WebhookHelper.sendWebhook(this.webhooks.user_delete.content, {
-          user: existing
-        });
+      if (this.webhooks.events.includes(WebhookType.USER_DELETE)) Webhooks.sendWebhook(this.webhooks.user_delete.content, {
+        user: existing
+      });
 
       return reply.send({ ok: true });
     } catch (e) {
-      throw new Error(`Could not delete user: ${e.message}`);
+      return sendError(reply, `Could not delete user: ${e.message}`);
     }
   }
-
   // @Hook('preValidation')
   // public async preValidation(req: FastifyRequest, reply: FastifyReply) {
   //   // const adminRoutes = ['/api/user/create'];

src/lib/entities/User.ts

@@ -11,12 +11,18 @@ export class User {
   @Column('text')
   public password: string;
 
+  @Column('text', { default: null }) /* used for gravatar avatar! */
+  public email: string;
+
   @Column('boolean', { default: false })
   public administrator: boolean;
 
   @Column('text')
   public token: string;
 
+  @Column('simple-json', { default: null })
+  public secretMfaKey: string;
+
   public constructor(
     username: string,
     password: string,
@@ -25,7 +31,9 @@ export class User {
   ) {
     this.username = username;
     this.password = password;
+    this.email = null;
     this.administrator = administrator;
     this.token = token;
+    this.secretMfaKey = null;
   }
 }

src/pages/404.tsx

@@ -0,0 +1,56 @@
+import React, { useEffect } from 'react';
+import Head from 'next/head';
+import Typography from '@material-ui/core/Typography';
+import CssBaseline from '@material-ui/core/CssBaseline';
+import Grid from '@material-ui/core/Grid';
+import { ThemeProvider } from '@material-ui/core/styles';
+import dark from '../lib/themes/dark';
+
+export default function NotFound() {
+  useEffect(() => {
+    const jssStyles = document.querySelector('#jss-server-side');
+    if (jssStyles) jssStyles.parentElement.removeChild(jssStyles);
+  }, []);
+
+  const faces = ['◉_◉', 'ರ_ರ'];
+
+  return (
+    <React.Fragment>
+      <Head>
+        <title>Not Found</title>
+        <meta
+          name='viewport'
+          content='minimum-scale=1, initial-scale=1, width=device-width'
+        />
+        <link
+          rel='icon'
+          type='image/png'
+          href='https://twemoji.maxcdn.com/v/13.0.1/72x72/1f621.png'
+        />
+      </Head>
+
+      <ThemeProvider theme={dark}>
+        <CssBaseline />
+        <Grid
+          container
+          spacing={0}
+          direction='column'
+          alignItems='center'
+          justify='center'
+          style={{ minHeight: '100vh' }}
+        >
+          <Grid item xs={6}>
+            <Typography variant='h2'>
+              <b>{faces[Math.floor(Math.random() * faces.length)]}</b>
+            </Typography>
+          </Grid>
+          <Grid item xs={6}>
+            <Typography variant='h4'>
+              <b>Looks like you&apos;ve hit a dead end...</b>
+            </Typography>
+          </Grid>
+        </Grid>
+      </ThemeProvider>
+    </React.Fragment>
+  );
+}

src/pages/_app.tsx

@@ -5,9 +5,9 @@ import { Provider } from 'react-redux';
 import { PersistGate } from 'redux-persist/integration/react';
 import { store, persistor } from '../store';
 import ZiplineTheming from '../components/ZiplineTheming';
+import UIPlaceholder from '../components/UIPlaceholder';
 
-
-function MyApp({ Component, pageProps }) {
+function App({ Component, pageProps }) {
   const [theme, setTheme] = useState<'dark' | 'light'>('dark');
   useEffect(() => {
     const jssStyles = document.querySelector('#jss-server-side');
@@ -19,7 +19,6 @@ function MyApp({ Component, pageProps }) {
     })();
   }, []);
   return (
-
     <React.Fragment>
       <Head>
         <title>Zipline</title>
@@ -30,17 +29,21 @@ function MyApp({ Component, pageProps }) {
       </Head>
 
       <Provider store={store}>
-        <PersistGate loading={<div>Loading...</div>} persistor={persistor}>
-          <ZiplineTheming Component={Component} pageProps={pageProps} theme={theme} />
+        <PersistGate loading={<UIPlaceholder />} persistor={persistor}>
+          <ZiplineTheming
+            Component={Component}
+            pageProps={pageProps}
+            theme={theme}
+          />
         </PersistGate>
       </Provider>
     </React.Fragment>
   );
 }
 
-MyApp.propTypes = {
+App.propTypes = {
   Component: PropTypes.elementType.isRequired,
   pageProps: PropTypes.object.isRequired
 };
 
-export default MyApp;
+export default App;

src/pages/dash.tsx

@@ -12,6 +12,7 @@ import UI from '../components/UI';
 import UIPlaceholder from '../components/UIPlaceholder';
 import { makeStyles } from '@material-ui/core';
 import { store } from '../store';
+import { createURL } from '../lib/WebUtil';
 import { Configuration } from '../lib/Config';
 
 const useStyles = makeStyles(theme => ({
@@ -33,8 +34,8 @@ export default function Dashboard({ config }) {
   const router = useRouter();
   const state = store.getState();
   const [loading, setLoading] = React.useState(true);
+  const [stats, setStats] = React.useState<{totalViews:number, averageViews:number, images: number}>(null);
   const [recentImages, setRecentImages] = React.useState([]);
-  const [images, setImages] = React.useState([]);
 
   if (typeof window === 'undefined') return <UIPlaceholder />;
   if (!state.loggedIn) router.push('/user/login');
@@ -44,9 +45,9 @@ export default function Dashboard({ config }) {
         const recentImages = await (await fetch('/api/images/recent')).json();
         if (!recentImages.error) setRecentImages(recentImages);
 
-        const allImages = await (await fetch('/api/images')).json();
-        if (!allImages.error) {
-          setImages(allImages);
+        const stats = await (await fetch('/api/user/stats')).json();
+        if (!stats.error) {
+          setStats(stats);
           setLoading(false);
         }
       })();
@@ -59,17 +60,15 @@ export default function Dashboard({ config }) {
         </Backdrop>
         {!loading ? (
           <Paper elevation={3} className={classes.padding}>
-            <Typography variant='h5'>
-              Welcome back, {state.user.username}
+            <Typography variant='h4'>
+              Welcome back, {state.user.username} 
             </Typography>
             <Typography color='textSecondary'>
-              You have <b>{images.length}</b> images
+              You have <b>{stats.images}</b> images, with <b>{stats.totalViews}</b> ({Math.round(stats.averageViews)}) collectively.
             </Typography>
             <Typography variant='h5'>Recent Images</Typography>
             <Grid container spacing={2}>
               {recentImages.map(d => {
-                const t = new URL(window.location.href);
-                t.pathname = `${config ? config.uploader.route : '/u'}/${d.file}`;
                 return (
                   <Grid item key={d.id} xs={12} sm={4}>
                     <Card>
@@ -77,7 +76,7 @@ export default function Dashboard({ config }) {
                         <CardMedia
                           component='img'
                           height='140'
-                          image={t.toString()}
+                          image={createURL(window.location.href, config ? config.uploader.route : '/u', d.file)}
                         />
                       </CardActionArea>
                     </Card>

src/pages/dash/images.tsx

@@ -16,8 +16,9 @@ import UI from '../../components/UI';
 import UIPlaceholder from '../../components/UIPlaceholder';
 import { makeStyles } from '@material-ui/core';
 import { store } from '../../store';
-import { Image } from '../../entities/Image';
+import { Image } from '../../lib/entities/Image';
 import { Configuration } from '../../lib/Config';
+import { createURL } from '../../lib/WebUtil';
 
 const useStyles = makeStyles(theme => ({
   margin: {
@@ -109,29 +110,25 @@ export default function Images({ config }) {
             {showPagination ? (
               <>
                 <Grid container spacing={2}>
-                  {images.map(d => {
-                    const t = new URL(window.location.href);
-                    t.pathname = `${config ? config.uploader.route : '/u'}/${d.file}`;
-                    return (
-                      <Grid
-                        item
-                        xs={12}
-                        sm={6}
-                        key={d.id}
-                        onClick={e => setImageOpenPopover(e, d)}
-                      >
-                        <Card>
-                          <CardActionArea>
-                            <CardMedia
-                              component='img'
-                              height='140'
-                              image={t.toString()}
-                            />
-                          </CardActionArea>
-                        </Card>
-                      </Grid>
-                    );
-                  })}
+                  {images.map(d => ((
+                    <Grid
+                      item
+                      xs={12}
+                      sm={4}
+                      key={d.id}
+                      onClick={e => setImageOpenPopover(e, d)}
+                    >
+                      <Card>
+                        <CardActionArea>
+                          <CardMedia
+                            component='img'
+                            height='140'
+                            image={createURL(window.location.href, config ? config.uploader.route : '/u', d.file)}
+                          />
+                        </CardActionArea>
+                      </Card>
+                    </Grid>
+                  )))}
                 </Grid>
                 <Pagination count={chunks.length} onChange={changePage} />
               </>

src/pages/dash/upload.tsx

@@ -1,3 +1,6 @@
+/* eslint-disable @typescript-eslint/ban-ts-comment */
+// @ts-nocheck
+
 import React from 'react';
 import { useRouter } from 'next/router';
 import Typography from '@material-ui/core/Typography';
@@ -32,6 +35,8 @@ export default function Upload() {
   const state = store.getState();
   const [files, setFiles] = React.useState<File[]>([]);
   const [alertOpen, setAlertOpen] = React.useState<boolean>(false);
+  const [alertSev, setAlertSev] = React.useState('success');
+  const [alertMsg, setAlertMsg] = React.useState('Uploaded Image!');
 
   const handleFileUpload = async () => {
     const file = files[0];
@@ -46,41 +51,57 @@ export default function Upload() {
       body
     });
 
-    if (res.ok) setAlertOpen(true);
+    if (res.ok) {
+      setAlertOpen(true);
+      setAlertMsg('Uploaded Image!');
+      setAlertSev('success');
+    } else {
+      const d = await res.json();
+      setAlertOpen(true);
+      setAlertMsg(`Couldn't upload: ${d.error}`);
+      setAlertSev('error');
+    }
   };
 
+  const snack = (
+    <Snackbar
+      anchorOrigin={{
+        vertical: 'top',
+        horizontal: 'center'
+      }}
+      open={alertOpen}
+      autoHideDuration={6000}
+      onClose={() => setAlertOpen(false)}
+    >
+      <Alert severity={alertSev} variant='filled'>
+        {alertMsg}
+      </Alert>
+    </Snackbar>
+  );
+
   if (typeof window === 'undefined') return <UIPlaceholder />;
   if (!state.loggedIn) router.push('/user/login');
   else {
     return (
       <UI>
-        <Snackbar
-          anchorOrigin={{
-            vertical: 'top',
-            horizontal: 'center'
-          }}
-          open={alertOpen}
-          autoHideDuration={6000}
-          onClose={() => setAlertOpen(false)}
-        >
-          <Alert severity='success' variant='filled'>
-            Uploaded image!
-          </Alert>
-        </Snackbar>
-        <Paper elevation={3} className={classes.padding}>
-          <Typography variant='h5'>
-            Upload
-          </Typography>
-          <Box m={1}>
-            <DropzoneArea
-              acceptedFiles={['image/*']}
-              dropzoneText={'Drag an image or click to upload an image.'}
-              onChange={f => setFiles(f)}
-              maxFileSize={1073741824} // 1gb in byte
-            />
-          </Box>
-          <Button onClick={handleFileUpload}>Submit</Button>
-        </Paper>
+        <>
+          {snack}
+          <Paper elevation={3} className={classes.padding}>
+            <Typography variant='h5'>
+              Upload
+            </Typography>
+            <Box m={1}>
+              <DropzoneArea
+                acceptedFiles={['image/*']}
+                dropzoneText={'Drag an image or click to upload an image.'}
+                onChange={f => setFiles(f)}
+                filesLimit={1}
+                maxFileSize={1073741824} // 1gb in byte
+              />
+            </Box>
+            <Button onClick={handleFileUpload}>Upload</Button>
+          </Paper>
+        </>
       </UI>
     );
   }

src/pages/dash/urls.tsx

@@ -1,4 +1,5 @@
 import React, { useEffect, useState } from 'react';
+import Link from 'next/link';
 import Typography from '@material-ui/core/Typography';
 import Backdrop from '@material-ui/core/Backdrop';
 import CircularProgress from '@material-ui/core/CircularProgress';
@@ -23,9 +24,11 @@ import AddIcon from '@material-ui/icons/Add';
 import copy from 'copy-to-clipboard';
 import UI from '../../components/UI';
 import UIPlaceholder from '../../components/UIPlaceholder';
+import OpenInNewIcon from '@material-ui/icons/OpenInNew';
 import { makeStyles } from '@material-ui/core';
-import { URL as URLEntity } from '../../entities/URL';
+import { URL as URLEntity } from '../../lib/entities/URL';
 import { Configuration } from '../../lib/Config';
+import { createURL } from '../../lib/WebUtil';
 
 const useStyles = makeStyles(theme => ({
   margin: {
@@ -157,41 +160,46 @@ export default function Urls({ config }) {
             <Typography variant='h5'>
               URLs
               <IconButton
-                aria-label='Create User'
+                aria-label='Create URL'
                 onClick={() => setCreateOpen(true)}
               >
                 <AddIcon />
               </IconButton>
             </Typography>
             <Grid container spacing={2}>
-              {urls.length > 0 ? urls.map(u => {
-                const url = new URL(window.location.href);
-                url.pathname = `${config ? config.urls.route : '/go'}/${u.id}`;
-                return (
-                  <Grid item xs={12} sm={4} key={u.id}>
-                    <Card elevation={3}>
-                      <CardHeader
-                        action={
-                          <div>
-                            <IconButton aria-label='Copy URL'>
-                              <FileCopyIcon
-                                onClick={() => copy(url.toString())}
-                              />
-                            </IconButton>
-                            <IconButton
-                              aria-label='Delete Forever'
-                              onClick={() => deleteUrl(u)}
-                            >
-                              <DeleteForeverIcon />
-                            </IconButton>
-                          </div>
-                        }
-                        title={u.vanity ? u.vanity : u.id}
-                      />
-                    </Card>
-                  </Grid>
-                );
-              }) : (
+              {urls.length > 0 ? urls.map(u => ((
+                <Grid item xs={12} sm={4} key={u.id}>
+                  <Card elevation={3}>
+                    <CardHeader
+                      action={
+                        <div>
+                          <IconButton aria-label='Copy URL'>
+                            <FileCopyIcon
+                              onClick={() => copy(createURL(window.location.href, config ? config.urls.route : '/go', u.vanity || u.id))}
+                            />
+                          </IconButton>
+                          <Link href={u.url}>
+                            <a target='_blank'>
+                              <IconButton
+                                aria-label='Open URL in new Tab'
+                              >
+                                <OpenInNewIcon />
+                              </IconButton>
+                            </a>
+                          </Link>
+                          <IconButton
+                            aria-label='Delete Forever'
+                            onClick={() => deleteUrl(u)}
+                          >
+                            <DeleteForeverIcon />
+                          </IconButton>
+                        </div>
+                      }
+                      title={u.vanity ? u.vanity : u.id}
+                    />
+                  </Card>
+                </Grid>
+              ))) : (
                 <Grid
                   container
                   spacing={0}

src/pages/dash/users.tsx

@@ -219,7 +219,7 @@ export default function Users() {
                       }
                       title={`${u.username} (${u.id})`}
                       subheader={`${u.administrator ? 'Administrator' : 'User'
-                        }`}
+                      }`}
                     />
                   </Card>
                 </Grid>

src/pages/user/manage.tsx

@@ -4,8 +4,9 @@ import UI from '../../components/UI';
 import UIPlaceholder from '../../components/UIPlaceholder';
 import ManageUser from '../../components/ManageUser';
 import { store } from '../../store';
+import { Configuration } from '../../lib/Config';
 
-export default function Manage() {
+export default function Manage({ config }) {
   const router = useRouter();
   const state = store.getState();
 
@@ -13,9 +14,14 @@ export default function Manage() {
   else {
     return (
       <UI>
-        <ManageUser />
+        <ManageUser config={config} />
       </UI>
     );
   }
   return <UIPlaceholder />;
 }
+
+export async function getStaticProps() {
+  const config = Configuration.readConfig();
+  return { props: { config } };
+}

src/reducer.ts

@@ -1,5 +1,5 @@
 /* eslint-disable indent */
-import { User } from './entities/User';
+import { User } from './lib/entities/User';
 
 export const LOGIN = 'LOGIN';
 export const LOGOUT = 'LOGOUT';