Fix random Nuxt internal server errors (#551)

* Fix random Nuxt internal server errors * Fix ratelimit key being exposed * Add GDPR clarification
2022-06-25 16:46:10 -07:00 · 2022-06-25 16:46:10 -07:00 · 168ec9092a
commit 168ec9092a
parent ffc8f133c9
19 changed files with 4426 additions and 4405 deletions
--- a/layouts/default.vue
+++ b/layouts/default.vue
@ -377,12 +377,12 @@ export default {
    ])
    if (
      (this.$auth.user && this.$auth.user.role === 'moderator') ||
-      this.$auth.user.role === 'admin'
+      (this.$auth.user && this.$auth.user.role === 'admin')
    ) {
      const [projects, reports] = (
        await Promise.all([
-          this.$axios.get(`moderation/projects`, this.$auth.headers),
+          this.$axios.get(`moderation/projects`, this.$defaultHeaders()),
-          this.$axios.get(`report`, this.$auth.headers),
+          this.$axios.get(`report`, this.$defaultHeaders()),
        ])
      ).map((it) => it.data)
@ -458,8 +458,8 @@ export default {
    async getModerationCount() {
      const [projects, reports] = (
        await Promise.all([
-          this.$axios.get(`moderation/projects`, this.$auth.headers),
+          this.$axios.get(`moderation/projects`, this.$defaultHeaders()),
-          this.$axios.get(`report`, this.$auth.headers),
+          this.$axios.get(`report`, this.$defaultHeaders()),
        ])
      ).map((it) => it.data)
--- a/middleware/auth.js
+++ b/middleware/auth.js
@ -37,7 +37,9 @@ export default async function (context) {
  if (!context.$auth.user) {
    return context.redirect(
-      `${context.$axios.defaults.baseURL}auth/init?url=${process.env.domain}${context.route.fullPath}`
+      `${
        process.env.BROWSER_BASE_URL || 'https://staging-api.modrinth.com/v2/'
      }auth/init?url=${process.env.domain}${context.route.fullPath}`
    )
  }
 }
--- a/package-lock.json
+++ b/package-lock.json
--- a/pages/_type/_id.vue
+++ b/pages/_type/_id.vue
@ -625,22 +625,22 @@ export default {
      const [project, members, dependencies, versions, featuredVersions] = (
        await Promise.all([
-          data.$axios.get(`project/${data.params.id}`, data.$auth.headers),
+          data.$axios.get(`project/${data.params.id}`, data.$defaultHeaders()),
          data.$axios.get(
            `project/${data.params.id}/members`,
-            data.$auth.headers
+            data.$defaultHeaders()
          ),
          data.$axios.get(
            `project/${data.params.id}/dependencies`,
-            data.$auth.headers
+            data.$defaultHeaders()
          ),
          data.$axios.get(
            `project/${data.params.id}/version`,
-            data.$auth.headers
+            data.$defaultHeaders()
          ),
          data.$axios.get(
            `project/${data.params.id}/version?featured=true`,
-            data.$auth.headers
+            data.$defaultHeaders()
          ),
        ])
      ).map((it) => it.data)
@ -764,7 +764,7 @@ export default {
            moderation_message: null,
            moderation_message_body: null,
          },
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        this.project.moderator_message = null
@ -791,7 +791,7 @@ export default {
            {
              status: 'processing',
            },
-            this.$auth.headers
+            this.$defaultHeaders()
          )
          this.project.status = 'processing'
--- a/pages/_type/_id/edit.vue
+++ b/pages/_type/_id/edit.vue
@ -658,7 +658,7 @@ export default {
        await this.$axios.patch(
          `project/${this.newProject.id}`,
          data,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        if (this.iconChanged) {
@ -667,7 +667,7 @@ export default {
              this.icon.type.split('/')[this.icon.type.split('/').length - 1]
            }`,
            this.icon,
-            this.$auth.headers
+            this.$defaultHeaders()
          )
        }
--- a/pages/_type/_id/gallery.vue
+++ b/pages/_type/_id/gallery.vue
@ -348,7 +348,7 @@ export default {
          if (item.title) url += `&title=${item.title}`
          if (item.description) url += `&description=${item.description}`
-          await this.$axios.post(url, item.icon, this.$auth.headers)
+          await this.$axios.post(url, item.icon, this.$defaultHeaders())
        }
        for (const index of this.editGalleryIndexes) {
@ -363,20 +363,20 @@ export default {
          if (item.title) url += `&title=${item.title}`
          if (item.description) url += `&description=${item.description}`
-          await this.$axios.patch(url, {}, this.$auth.headers)
+          await this.$axios.patch(url, {}, this.$defaultHeaders())
        }
        for (const url of this.deleteGalleryUrls) {
          await this.$axios.delete(
            `project/${this.project.id}/gallery?url=${encodeURIComponent(url)}`,
-            this.$auth.headers
+            this.$defaultHeaders()
          )
        }
        const project = (
          await this.$axios.get(
            `project/${this.project.id}`,
-            this.$auth.headers
+            this.$defaultHeaders()
          )
        ).data
        this.$emit('update:project', project)
--- a/pages/_type/_id/settings.vue
+++ b/pages/_type/_id/settings.vue
@ -330,7 +330,7 @@ export default {
        await this.$axios.post(
          `team/${this.project.team}/members`,
          data,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        await this.updateMembers()
      } catch (err) {
@ -350,7 +350,7 @@ export default {
      try {
        await this.$axios.delete(
          `team/${this.project.team}/members/${this.allTeamMembers[index].user.id}`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        await this.updateMembers()
      } catch (err) {
@ -376,7 +376,7 @@ export default {
        await this.$axios.patch(
          `team/${this.project.team}/members/${this.allTeamMembers[index].user.id}`,
          data,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        await this.updateMembers()
      } catch (err) {
@ -399,7 +399,7 @@ export default {
          {
            user_id: this.allTeamMembers[index].user.id,
          },
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        await this.updateMembers()
      } catch (err) {
@ -422,7 +422,10 @@ export default {
      }
    },
    async deleteProject() {
-      await this.$axios.delete(`project/${this.project.id}`, this.$auth.headers)
+      await this.$axios.delete(
        `project/${this.project.id}`,
        this.$defaultHeaders()
      )
      await this.$store.dispatch('user/fetchProjects')
      await this.$router.push(`/user/${this.$auth.user.username}`)
      this.$notify({
@ -436,7 +439,7 @@ export default {
      this.allTeamMembers = (
        await this.$axios.get(
          `team/${this.project.team}/members`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
      ).data.map((it) => ({
        avatar_url: it.user.avatar_url,
--- a/pages/_type/_id/version.vue
+++ b/pages/_type/_id/version.vue
@ -828,7 +828,10 @@ export default {
        }
        for (const hash of this.deleteFiles) {
-          await this.$axios.delete(`version_file/${hash}`, this.$auth.headers)
+          await this.$axios.delete(
            `version_file/${hash}`,
            this.$defaultHeaders()
          )
        }
        this.version.primary_file = ['sha1', this.primaryFile.hashes.sha1]
@ -838,15 +841,18 @@ export default {
        await this.$axios.patch(
          `version/${this.version.id}`,
          copyVersion,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        const [version, featuredVersions] = (
          await Promise.all([
-            this.$axios.get(`version/${this.version.id}`, this.$auth.headers),
+            this.$axios.get(
              `version/${this.version.id}`,
              this.$defaultHeaders()
            ),
            this.$axios.get(
              `project/${this.version.project_id}/version?featured=true`,
-              this.$auth.headers
+              this.$defaultHeaders()
            ),
          ])
        ).map((it) => it.data)
@ -946,7 +952,10 @@ export default {
    async deleteVersion() {
      this.$nuxt.$loading.start()
-      await this.$axios.delete(`version/${this.version.id}`, this.$auth.headers)
+      await this.$axios.delete(
        `version/${this.version.id}`,
        this.$defaultHeaders()
      )
      await this.$router.replace(
        `/${this.project.project_type}/${this.project.id}`
--- a/pages/create/report.vue
+++ b/pages/create/report.vue
@ -157,7 +157,7 @@ export default {
          body: this.body,
        }
-        await this.$axios.post('report', data, this.$auth.headers)
+        await this.$axios.post('report', data, this.$defaultHeaders())
        switch (this.itemType) {
          case 'version': {
--- a/pages/legal/privacy.vue
+++ b/pages/legal/privacy.vue
@ -16,7 +16,7 @@
      </p>
      <h2>General Data Protection Regulation (GDPR)</h2>
-      <p>We are a Data Controller of your information.</p>
+      <p>We (Modrinth) are a Data Controller of your information.</p>
      <p>
        Rinth, Inc. legal basis for collecting and using the personal
@ -54,7 +54,7 @@
      <ul>
        <li>
          The right to access, update or to delete the information we have on
-          you.
+          you. (please email admin@modrinth.com for data requests)
        </li>
        <li>The right of rectification.</li>
        <li>The right to object.</li>
@ -94,19 +94,6 @@
        >.
      </p>
      <h2>Google DoubleClick DART Cookie</h2>
      <p>
        Google is a third-party vendor on our site. It also uses cookies, known
        as DART cookies, to serve ads to our site visitors based upon their
        visit to www.website.com and other sites on the internet. However,
        visitors may choose to decline the use of DART cookies by visiting the
        Google ad and content network Privacy Policy at the following URL –
        <a href="https://policies.google.com/technologies/ads"
          >https://policies.google.com/technologies/ads</a
        >
      </p>
      <h2>Privacy Policies</h2>
      <P
--- a/pages/moderation.vue
+++ b/pages/moderation.vue
@ -195,8 +195,8 @@ export default {
  async asyncData(data) {
    const [projects, reports] = (
      await Promise.all([
-        data.$axios.get(`moderation/projects`, data.$auth.headers),
+        data.$axios.get(`moderation/projects`, data.$defaultHeaders()),
-        data.$axios.get(`report`, data.$auth.headers),
+        data.$axios.get(`report`, data.$defaultHeaders()),
      ])
    ).map((it) => it.data)
@ -253,7 +253,7 @@ export default {
              : null,
            status: this.currentProject.newStatus,
          },
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        this.projects.splice(
@ -278,7 +278,7 @@ export default {
      try {
        await this.$axios.delete(
          `report/${this.reports[index].id}`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        this.reports.splice(index, 1)
--- a/pages/notifications.vue
+++ b/pages/notifications.vue
@ -127,7 +127,7 @@ export default {
        await this.$axios.delete(
          `notifications?ids=${JSON.stringify(ids)}`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        ids.forEach((x) => this.$store.dispatch('user/deleteNotification', x))
@ -145,7 +145,7 @@ export default {
      try {
        await this.$axios.delete(
          `notification/${notification.id}`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        await this.$store.dispatch('user/deleteNotification', notification.id)
--- a/pages/search.vue
+++ b/pages/search.vue
@ -570,7 +570,7 @@ export default {
          }
        }
-        const res = await this.$axios.get(url)
+        const res = await this.$axios.get(url, this.$defaultHeaders())
        this.results = res.data.hits
        const pageAmount = Math.ceil(res.data.total_hits / res.data.limit)
--- a/pages/settings/index.vue
+++ b/pages/settings/index.vue
@ -220,7 +220,7 @@ export default {
              this.icon.type.split('/')[this.icon.type.split('/').length - 1]
            }`,
            this.icon,
-            this.$auth.headers
+            this.$defaultHeaders()
          )
        }
@ -235,7 +235,7 @@ export default {
        await this.$axios.patch(
          `user/${this.$auth.user.id}`,
          data,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
        await this.$store.dispatch('auth/fetchUser', {
--- a/pages/settings/security.vue
+++ b/pages/settings/security.vue
@ -90,7 +90,7 @@ export default {
      try {
        await this.$axios.delete(
          `user/${this.$auth.user.id}`,
-          this.$auth.headers
+          this.$defaultHeaders()
        )
      } catch (err) {
        this.$notify({
--- a/pages/user/_id.vue
+++ b/pages/user/_id.vue
@ -164,10 +164,10 @@ export default {
    try {
      const [user, projects] = (
        await Promise.all([
-          data.$axios.get(`user/${data.params.id}`, data.$auth.headers),
+          data.$axios.get(`user/${data.params.id}`, data.$defaultHeaders()),
          data.$axios.get(
            `user/${data.params.id}/projects`,
-            data.$auth.headers
+            data.$defaultHeaders()
          ),
        ])
      ).map((it) => it.data)
--- a/plugins/shorthands.js
+++ b/plugins/shorthands.js
@ -2,6 +2,19 @@ export default ({ store }, inject) => {
  inject('user', store.state.user)
  inject('tag', store.state.tag)
  inject('auth', store.state.auth)
  inject('defaultHeaders', () => {
    const obj = { headers: {} }
    if (process.server && process.env.RATE_LIMIT_IGNORE_KEY) {
      obj.headers['x-ratelimit-key'] = process.env.RATE_LIMIT_IGNORE_KEY
    }
    if (store.state.auth.user) {
      obj.headers.Authorization = store.state.auth.token
    }
    return obj
  })
  inject('formatNumber', formatNumber)
  inject('formatVersion', (versionArray) => {
    const allVersions = store.state.tag.gameVersions.slice().reverse()
--- a/store/auth.js
+++ b/store/auth.js
@ -17,12 +17,15 @@ export const mutations = {
 }
 export const actions = {
-  async fetchUser({ commit }, { token }) {
+  async fetchUser({ commit, state }, { token }) {
    try {
      const user = (
        await this.$axios.get(`user`, {
          headers: {
            Authorization: token,
            'x-ratelimit-key': process.server
              ? process.env.RATE_LIMIT_IGNORE_KEY
              : '',
          },
        })
      ).data
--- a/store/tag.js
+++ b/store/tag.js
@ -26,13 +26,21 @@ export const mutations = {
 export const actions = {
  async fetchAllTags({ commit }) {
    const headers = {
      headers: {
        'x-ratelimit-key': process.server
          ? process.env.RATE_LIMIT_IGNORE_KEY
          : '',
      },
    }
    const [categories, loaders, gameVersions, licenses, donationPlatforms] = (
      await Promise.all([
-        this.$axios.get(`tag/category`),
+        this.$axios.get(`tag/category`, headers),
-        this.$axios.get(`tag/loader`),
+        this.$axios.get(`tag/loader`, headers),
-        this.$axios.get(`tag/game_version`),
+        this.$axios.get(`tag/game_version`, headers),
-        this.$axios.get(`tag/license`),
+        this.$axios.get(`tag/license`, headers),
-        this.$axios.get(`tag/donation_platform`),
+        this.$axios.get(`tag/donation_platform`, headers),
      ])
    ).map((it) => it.data)