Fix random Nuxt internal server errors (#551)

* Fix random Nuxt internal server errors * Fix ratelimit key being exposed * Add GDPR clarification
2022-06-25 16:46:10 -07:00 · 2022-06-25 16:46:10 -07:00 · 168ec9092a
commit 168ec9092a
parent ffc8f133c9
19 changed files with 4426 additions and 4405 deletions
--- a/layouts/default.vue
+++ b/layouts/default.vue
@ -377,12 +377,12 @@ export default {
    ])
    if (
      (this.$auth.user && this.$auth.user.role === 'moderator') ||
-      this.$auth.user.role === 'admin'
+      (this.$auth.user && this.$auth.user.role === 'admin')
    ) {
      const [projects, reports] = (
        await Promise.all([
-          this.$axios.get(`moderation/projects`, this.$auth.headers),
-          this.$axios.get(`report`, this.$auth.headers),
+          this.$axios.get(`moderation/projects`, this.$defaultHeaders()),
+          this.$axios.get(`report`, this.$defaultHeaders()),
        ])
      ).map((it) => it.data)

@ -458,8 +458,8 @@ export default {
    async getModerationCount() {
      const [projects, reports] = (
        await Promise.all([
-          this.$axios.get(`moderation/projects`, this.$auth.headers),
-          this.$axios.get(`report`, this.$auth.headers),
+          this.$axios.get(`moderation/projects`, this.$defaultHeaders()),
+          this.$axios.get(`report`, this.$defaultHeaders()),
        ])
      ).map((it) => it.data)

--- a/middleware/auth.js
+++ b/middleware/auth.js
@ -37,7 +37,9 @@ export default async function (context) {

  if (!context.$auth.user) {
    return context.redirect(
-      `${context.$axios.defaults.baseURL}auth/init?url=${process.env.domain}${context.route.fullPath}`
+      `${
+        process.env.BROWSER_BASE_URL || 'https://staging-api.modrinth.com/v2/'
+      }auth/init?url=${process.env.domain}${context.route.fullPath}`
    )
  }
 }
--- a/package-lock.json
+++ b/package-lock.json
--- a/pages/_type/_id.vue
+++ b/pages/_type/_id.vue
@ -625,22 +625,22 @@ export default {

      const [project, members, dependencies, versions, featuredVersions] = (
        await Promise.all([
-          data.$axios.get(`project/${data.params.id}`, data.$auth.headers),
+          data.$axios.get(`project/${data.params.id}`, data.$defaultHeaders()),
          data.$axios.get(
            `project/${data.params.id}/members`,
-            data.$auth.headers
+            data.$defaultHeaders()
          ),
          data.$axios.get(
            `project/${data.params.id}/dependencies`,
-            data.$auth.headers
+            data.$defaultHeaders()
          ),
          data.$axios.get(
            `project/${data.params.id}/version`,
-            data.$auth.headers
+            data.$defaultHeaders()
          ),
          data.$axios.get(
            `project/${data.params.id}/version?featured=true`,
-            data.$auth.headers
+            data.$defaultHeaders()
          ),
        ])
      ).map((it) => it.data)
@ -764,7 +764,7 @@ export default {
            moderation_message: null,
            moderation_message_body: null,
          },
-          this.$auth.headers
+          this.$defaultHeaders()
        )

        this.project.moderator_message = null
@ -791,7 +791,7 @@ export default {
            {
              status: 'processing',
            },
-            this.$auth.headers
+            this.$defaultHeaders()
          )

          this.project.status = 'processing'
--- a/pages/_type/_id/edit.vue
+++ b/pages/_type/_id/edit.vue
@ -658,7 +658,7 @@ export default {
        await this.$axios.patch(
          `project/${this.newProject.id}`,
          data,
-          this.$auth.headers
+          this.$defaultHeaders()
        )

        if (this.iconChanged) {
@ -667,7 +667,7 @@ export default {
              this.icon.type.split('/')[this.icon.type.split('/').length - 1]
            }`,
            this.icon,
-            this.$auth.headers
+            this.$defaultHeaders()
          )
        }

--- a/pages/_type/_id/gallery.vue
+++ b/pages/_type/_id/gallery.vue
@ -348,7 +348,7 @@ export default {
          if (item.title) url += `&title=${item.title}`
          if (item.description) url += `&description=${item.description}`

-          await this.$axios.post(url, item.icon, this.$auth.headers)
+          await this.$axios.post(url, item.icon, this.$defaultHeaders())
        }

        for (const index of this.editGalleryIndexes) {
@ -363,20 +363,20 @@ export default {
          if (item.title) url += `&title=${item.title}`
          if (item.description) url += `&description=${item.description}`

-          await this.$axios.patch(url, {}, this.$auth.headers)
+          await this.$axios.patch(url, {}, this.$defaultHeaders())
        }

        for (const url of this.deleteGalleryUrls) {
          await this.$axios.delete(
            `project/${this.project.id}/gallery?url=${encodeURIComponent(url)}`,
-            this.$auth.headers
+            this.$defaultHeaders()
          )
        }

        const project = (
          await this.$axios.get(
            `project/${this.project.id}`,
-            this.$auth.headers
+            this.$defaultHeaders()
          )
        ).data
        this.$emit('update:project', project)
--- a/pages/_type/_id/settings.vue
+++ b/pages/_type/_id/settings.vue
@ -330,7 +330,7 @@ export default {
        await this.$axios.post(
          `team/${this.project.team}/members`,
          data,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        await this.updateMembers()
      } catch (err) {
@ -350,7 +350,7 @@ export default {
      try {
        await this.$axios.delete(
          `team/${this.project.team}/members/${this.allTeamMembers[index].user.id}`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        await this.updateMembers()
      } catch (err) {
@ -376,7 +376,7 @@ export default {
        await this.$axios.patch(
          `team/${this.project.team}/members/${this.allTeamMembers[index].user.id}`,
          data,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        await this.updateMembers()
      } catch (err) {
@ -399,7 +399,7 @@ export default {
          {
            user_id: this.allTeamMembers[index].user.id,
          },
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        await this.updateMembers()
      } catch (err) {
@ -422,7 +422,10 @@ export default {
      }
    },
    async deleteProject() {
-      await this.$axios.delete(`project/${this.project.id}`, this.$auth.headers)
+      await this.$axios.delete(
+        `project/${this.project.id}`,
+        this.$defaultHeaders()
+      )
      await this.$store.dispatch('user/fetchProjects')
      await this.$router.push(`/user/${this.$auth.user.username}`)
      this.$notify({
@ -436,7 +439,7 @@ export default {
      this.allTeamMembers = (
        await this.$axios.get(
          `team/${this.project.team}/members`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
      ).data.map((it) => ({
        avatar_url: it.user.avatar_url,
--- a/pages/_type/_id/version.vue
+++ b/pages/_type/_id/version.vue
@ -828,7 +828,10 @@ export default {
        }

        for (const hash of this.deleteFiles) {
-          await this.$axios.delete(`version_file/${hash}`, this.$auth.headers)
+          await this.$axios.delete(
+            `version_file/${hash}`,
+            this.$defaultHeaders()
+          )
        }

        this.version.primary_file = ['sha1', this.primaryFile.hashes.sha1]
@ -838,15 +841,18 @@ export default {
        await this.$axios.patch(
          `version/${this.version.id}`,
          copyVersion,
-          this.$auth.headers
+          this.$defaultHeaders()
        )

        const [version, featuredVersions] = (
          await Promise.all([
-            this.$axios.get(`version/${this.version.id}`, this.$auth.headers),
+            this.$axios.get(
+              `version/${this.version.id}`,
+              this.$defaultHeaders()
+            ),
            this.$axios.get(
              `project/${this.version.project_id}/version?featured=true`,
-              this.$auth.headers
+              this.$defaultHeaders()
            ),
          ])
        ).map((it) => it.data)
@ -946,7 +952,10 @@ export default {
    async deleteVersion() {
      this.$nuxt.$loading.start()

-      await this.$axios.delete(`version/${this.version.id}`, this.$auth.headers)
+      await this.$axios.delete(
+        `version/${this.version.id}`,
+        this.$defaultHeaders()
+      )

      await this.$router.replace(
        `/${this.project.project_type}/${this.project.id}`
--- a/pages/create/report.vue
+++ b/pages/create/report.vue
@ -157,7 +157,7 @@ export default {
          body: this.body,
        }

-        await this.$axios.post('report', data, this.$auth.headers)
+        await this.$axios.post('report', data, this.$defaultHeaders())

        switch (this.itemType) {
          case 'version': {
--- a/pages/legal/privacy.vue
+++ b/pages/legal/privacy.vue
@ -16,7 +16,7 @@
      </p>

      <h2>General Data Protection Regulation (GDPR)</h2>
-      <p>We are a Data Controller of your information.</p>
+      <p>We (Modrinth) are a Data Controller of your information.</p>

      <p>
        Rinth, Inc. legal basis for collecting and using the personal
@ -54,7 +54,7 @@
      <ul>
        <li>
          The right to access, update or to delete the information we have on
-          you.
+          you. (please email admin@modrinth.com for data requests)
        </li>
        <li>The right of rectification.</li>
        <li>The right to object.</li>
@ -94,19 +94,6 @@
        >.
      </p>

-      <h2>Google DoubleClick DART Cookie</h2>
-
-      <p>
-        Google is a third-party vendor on our site. It also uses cookies, known
-        as DART cookies, to serve ads to our site visitors based upon their
-        visit to www.website.com and other sites on the internet. However,
-        visitors may choose to decline the use of DART cookies by visiting the
-        Google ad and content network Privacy Policy at the following URL –
-        <a href="https://policies.google.com/technologies/ads"
-          >https://policies.google.com/technologies/ads</a
-        >
-      </p>
-
      <h2>Privacy Policies</h2>

      <P
--- a/pages/moderation.vue
+++ b/pages/moderation.vue
@ -195,8 +195,8 @@ export default {
  async asyncData(data) {
    const [projects, reports] = (
      await Promise.all([
-        data.$axios.get(`moderation/projects`, data.$auth.headers),
-        data.$axios.get(`report`, data.$auth.headers),
+        data.$axios.get(`moderation/projects`, data.$defaultHeaders()),
+        data.$axios.get(`report`, data.$defaultHeaders()),
      ])
    ).map((it) => it.data)

@ -253,7 +253,7 @@ export default {
              : null,
            status: this.currentProject.newStatus,
          },
-          this.$auth.headers
+          this.$defaultHeaders()
        )

        this.projects.splice(
@ -278,7 +278,7 @@ export default {
      try {
        await this.$axios.delete(
          `report/${this.reports[index].id}`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )

        this.reports.splice(index, 1)
--- a/pages/notifications.vue
+++ b/pages/notifications.vue
@ -127,7 +127,7 @@ export default {

        await this.$axios.delete(
          `notifications?ids=${JSON.stringify(ids)}`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )

        ids.forEach((x) => this.$store.dispatch('user/deleteNotification', x))
@ -145,7 +145,7 @@ export default {
      try {
        await this.$axios.delete(
          `notification/${notification.id}`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )

        await this.$store.dispatch('user/deleteNotification', notification.id)
--- a/pages/search.vue
+++ b/pages/search.vue
@ -570,7 +570,7 @@ export default {
          }
        }

-        const res = await this.$axios.get(url)
+        const res = await this.$axios.get(url, this.$defaultHeaders())
        this.results = res.data.hits

        const pageAmount = Math.ceil(res.data.total_hits / res.data.limit)
--- a/pages/settings/index.vue
+++ b/pages/settings/index.vue
@ -220,7 +220,7 @@ export default {
              this.icon.type.split('/')[this.icon.type.split('/').length - 1]
            }`,
            this.icon,
-            this.$auth.headers
+            this.$defaultHeaders()
          )
        }

@ -235,7 +235,7 @@ export default {
        await this.$axios.patch(
          `user/${this.$auth.user.id}`,
          data,
-          this.$auth.headers
+          this.$defaultHeaders()
        )

        await this.$store.dispatch('auth/fetchUser', {
--- a/pages/settings/security.vue
+++ b/pages/settings/security.vue
@ -90,7 +90,7 @@ export default {
      try {
        await this.$axios.delete(
          `user/${this.$auth.user.id}`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
      } catch (err) {
        this.$notify({
--- a/pages/user/_id.vue
+++ b/pages/user/_id.vue
@ -164,10 +164,10 @@ export default {
    try {
      const [user, projects] = (
        await Promise.all([
-          data.$axios.get(`user/${data.params.id}`, data.$auth.headers),
+          data.$axios.get(`user/${data.params.id}`, data.$defaultHeaders()),
          data.$axios.get(
            `user/${data.params.id}/projects`,
-            data.$auth.headers
+            data.$defaultHeaders()
          ),
        ])
      ).map((it) => it.data)
--- a/plugins/shorthands.js
+++ b/plugins/shorthands.js
@ -2,6 +2,19 @@ export default ({ store }, inject) => {
  inject('user', store.state.user)
  inject('tag', store.state.tag)
  inject('auth', store.state.auth)
+  inject('defaultHeaders', () => {
+    const obj = { headers: {} }
+
+    if (process.server && process.env.RATE_LIMIT_IGNORE_KEY) {
+      obj.headers['x-ratelimit-key'] = process.env.RATE_LIMIT_IGNORE_KEY
+    }
+
+    if (store.state.auth.user) {
+      obj.headers.Authorization = store.state.auth.token
+    }
+
+    return obj
+  })
  inject('formatNumber', formatNumber)
  inject('formatVersion', (versionArray) => {
    const allVersions = store.state.tag.gameVersions.slice().reverse()
--- a/store/auth.js
+++ b/store/auth.js
@ -17,12 +17,15 @@ export const mutations = {
 }

 export const actions = {
-  async fetchUser({ commit }, { token }) {
+  async fetchUser({ commit, state }, { token }) {
    try {
      const user = (
        await this.$axios.get(`user`, {
          headers: {
            Authorization: token,
+            'x-ratelimit-key': process.server
+              ? process.env.RATE_LIMIT_IGNORE_KEY
+              : '',
          },
        })
      ).data
--- a/store/tag.js
+++ b/store/tag.js
@ -26,13 +26,21 @@ export const mutations = {

 export const actions = {
  async fetchAllTags({ commit }) {
+    const headers = {
+      headers: {
+        'x-ratelimit-key': process.server
+          ? process.env.RATE_LIMIT_IGNORE_KEY
+          : '',
+      },
+    }
+
    const [categories, loaders, gameVersions, licenses, donationPlatforms] = (
      await Promise.all([
-        this.$axios.get(`tag/category`),
-        this.$axios.get(`tag/loader`),
-        this.$axios.get(`tag/game_version`),
-        this.$axios.get(`tag/license`),
-        this.$axios.get(`tag/donation_platform`),
+        this.$axios.get(`tag/category`, headers),
+        this.$axios.get(`tag/loader`, headers),
+        this.$axios.get(`tag/game_version`, headers),
+        this.$axios.get(`tag/license`, headers),
+        this.$axios.get(`tag/donation_platform`, headers),
      ])
    ).map((it) => it.data)