2023-05-24 21:36:01 +02:00
|
|
|
package server
|
|
|
|
|
|
|
|
import (
|
|
|
|
"database/sql"
|
2023-06-17 03:59:07 +02:00
|
|
|
"errors"
|
2023-11-12 18:35:19 +01:00
|
|
|
"git.zio.sh/astra/ntfy/v2/util"
|
2023-06-17 03:59:07 +02:00
|
|
|
"net/netip"
|
2023-06-02 14:45:05 +02:00
|
|
|
"time"
|
2023-05-24 21:36:01 +02:00
|
|
|
|
|
|
|
_ "github.com/mattn/go-sqlite3" // SQLite driver
|
|
|
|
)
|
|
|
|
|
2023-06-10 05:17:48 +02:00
|
|
|
const (
|
2023-06-17 20:44:55 +02:00
|
|
|
subscriptionIDPrefix = "wps_"
|
|
|
|
subscriptionIDLength = 10
|
|
|
|
subscriptionEndpointLimitPerSubscriberIP = 10
|
2023-06-17 03:59:07 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
errWebPushNoRows = errors.New("no rows found")
|
|
|
|
errWebPushTooManySubscriptions = errors.New("too many subscriptions")
|
2023-06-17 20:44:55 +02:00
|
|
|
errWebPushUserIDCannotBeEmpty = errors.New("user ID cannot be empty")
|
2023-06-10 05:17:48 +02:00
|
|
|
)
|
|
|
|
|
2023-05-24 21:36:01 +02:00
|
|
|
const (
|
|
|
|
createWebPushSubscriptionsTableQuery = `
|
|
|
|
BEGIN;
|
2023-06-10 05:17:48 +02:00
|
|
|
CREATE TABLE IF NOT EXISTS subscription (
|
|
|
|
id TEXT PRIMARY KEY,
|
2023-05-24 21:36:01 +02:00
|
|
|
endpoint TEXT NOT NULL,
|
|
|
|
key_auth TEXT NOT NULL,
|
|
|
|
key_p256dh TEXT NOT NULL,
|
2023-06-17 03:59:07 +02:00
|
|
|
user_id TEXT NOT NULL,
|
|
|
|
subscriber_ip TEXT NOT NULL,
|
2023-06-10 05:17:48 +02:00
|
|
|
updated_at INT NOT NULL,
|
|
|
|
warned_at INT NOT NULL DEFAULT 0
|
2023-05-24 21:36:01 +02:00
|
|
|
);
|
2023-06-10 05:17:48 +02:00
|
|
|
CREATE UNIQUE INDEX IF NOT EXISTS idx_endpoint ON subscription (endpoint);
|
2023-06-17 03:59:07 +02:00
|
|
|
CREATE INDEX IF NOT EXISTS idx_subscriber_ip ON subscription (subscriber_ip);
|
2023-06-10 05:17:48 +02:00
|
|
|
CREATE TABLE IF NOT EXISTS subscription_topic (
|
|
|
|
subscription_id TEXT NOT NULL,
|
|
|
|
topic TEXT NOT NULL,
|
|
|
|
PRIMARY KEY (subscription_id, topic),
|
|
|
|
FOREIGN KEY (subscription_id) REFERENCES subscription (id) ON DELETE CASCADE
|
|
|
|
);
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_topic ON subscription_topic (topic);
|
2023-06-09 03:45:52 +02:00
|
|
|
CREATE TABLE IF NOT EXISTS schemaVersion (
|
|
|
|
id INT PRIMARY KEY,
|
|
|
|
version INT NOT NULL
|
2023-06-10 05:17:48 +02:00
|
|
|
);
|
2023-05-24 21:36:01 +02:00
|
|
|
COMMIT;
|
|
|
|
`
|
2023-06-10 05:17:48 +02:00
|
|
|
builtinStartupQueries = `
|
|
|
|
PRAGMA foreign_keys = ON;
|
2023-05-24 21:36:01 +02:00
|
|
|
`
|
|
|
|
|
2023-06-17 03:59:07 +02:00
|
|
|
selectWebPushSubscriptionIDByEndpoint = `SELECT id FROM subscription WHERE endpoint = ?`
|
|
|
|
selectWebPushSubscriptionCountBySubscriberIP = `SELECT COUNT(*) FROM subscription WHERE subscriber_ip = ?`
|
|
|
|
selectWebPushSubscriptionsForTopicQuery = `
|
2023-06-10 05:17:48 +02:00
|
|
|
SELECT id, endpoint, key_auth, key_p256dh, user_id
|
|
|
|
FROM subscription_topic st
|
|
|
|
JOIN subscription s ON s.id = st.subscription_id
|
|
|
|
WHERE st.topic = ?
|
2023-06-17 20:44:55 +02:00
|
|
|
ORDER BY endpoint
|
2023-06-10 05:17:48 +02:00
|
|
|
`
|
2023-06-18 03:51:04 +02:00
|
|
|
selectWebPushSubscriptionsExpiringSoonQuery = `
|
|
|
|
SELECT id, endpoint, key_auth, key_p256dh, user_id
|
|
|
|
FROM subscription
|
|
|
|
WHERE warned_at = 0 AND updated_at <= ?
|
|
|
|
`
|
|
|
|
insertWebPushSubscriptionQuery = `
|
2023-06-17 03:59:07 +02:00
|
|
|
INSERT INTO subscription (id, endpoint, key_auth, key_p256dh, user_id, subscriber_ip, updated_at, warned_at)
|
|
|
|
VALUES (?, ?, ?, ?, ?, ?, ?, ?)
|
2023-06-10 05:17:48 +02:00
|
|
|
ON CONFLICT (endpoint)
|
2023-06-17 03:59:07 +02:00
|
|
|
DO UPDATE SET key_auth = excluded.key_auth, key_p256dh = excluded.key_p256dh, user_id = excluded.user_id, subscriber_ip = excluded.subscriber_ip, updated_at = excluded.updated_at, warned_at = excluded.warned_at
|
2023-06-10 05:17:48 +02:00
|
|
|
`
|
|
|
|
updateWebPushSubscriptionWarningSentQuery = `UPDATE subscription SET warned_at = ? WHERE id = ?`
|
|
|
|
deleteWebPushSubscriptionByEndpointQuery = `DELETE FROM subscription WHERE endpoint = ?`
|
|
|
|
deleteWebPushSubscriptionByUserIDQuery = `DELETE FROM subscription WHERE user_id = ?`
|
|
|
|
deleteWebPushSubscriptionByAgeQuery = `DELETE FROM subscription WHERE updated_at <= ?` // Full table scan!
|
2023-06-02 14:45:05 +02:00
|
|
|
|
2023-06-10 05:17:48 +02:00
|
|
|
insertWebPushSubscriptionTopicQuery = `INSERT INTO subscription_topic (subscription_id, topic) VALUES (?, ?)`
|
|
|
|
deleteWebPushSubscriptionTopicAllQuery = `DELETE FROM subscription_topic WHERE subscription_id = ?`
|
2023-06-09 03:45:52 +02:00
|
|
|
)
|
2023-05-24 21:36:01 +02:00
|
|
|
|
2023-06-09 03:45:52 +02:00
|
|
|
// Schema management queries
|
|
|
|
const (
|
|
|
|
currentWebPushSchemaVersion = 1
|
|
|
|
insertWebPushSchemaVersion = `INSERT INTO schemaVersion VALUES (1, ?)`
|
|
|
|
selectWebPushSchemaVersionQuery = `SELECT version FROM schemaVersion WHERE id = 1`
|
2023-05-24 21:36:01 +02:00
|
|
|
)
|
|
|
|
|
2023-05-30 19:50:24 +02:00
|
|
|
type webPushStore struct {
|
2023-05-24 21:36:01 +02:00
|
|
|
db *sql.DB
|
|
|
|
}
|
|
|
|
|
2023-06-18 20:20:22 +02:00
|
|
|
func newWebPushStore(filename, startupQueries string) (*webPushStore, error) {
|
2023-05-24 21:36:01 +02:00
|
|
|
db, err := sql.Open("sqlite3", filename)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2023-06-09 03:45:52 +02:00
|
|
|
if err := setupWebPushDB(db); err != nil {
|
2023-05-24 21:36:01 +02:00
|
|
|
return nil, err
|
|
|
|
}
|
2023-06-18 20:20:22 +02:00
|
|
|
if err := runWebPushStartupQueries(db, startupQueries); err != nil {
|
2023-06-10 05:17:48 +02:00
|
|
|
return nil, err
|
|
|
|
}
|
2023-05-30 19:50:24 +02:00
|
|
|
return &webPushStore{
|
2023-05-24 21:36:01 +02:00
|
|
|
db: db,
|
2023-05-30 19:50:24 +02:00
|
|
|
}, nil
|
2023-05-24 21:36:01 +02:00
|
|
|
}
|
|
|
|
|
2023-06-09 03:45:52 +02:00
|
|
|
func setupWebPushDB(db *sql.DB) error {
|
|
|
|
// If 'schemaVersion' table does not exist, this must be a new database
|
|
|
|
rows, err := db.Query(selectWebPushSchemaVersionQuery)
|
2023-05-24 21:36:01 +02:00
|
|
|
if err != nil {
|
2023-06-09 03:45:52 +02:00
|
|
|
return setupNewWebPushDB(db)
|
2023-05-24 21:36:01 +02:00
|
|
|
}
|
2023-06-08 18:20:12 +02:00
|
|
|
return rows.Close()
|
2023-05-24 21:36:01 +02:00
|
|
|
}
|
|
|
|
|
2023-06-09 03:45:52 +02:00
|
|
|
func setupNewWebPushDB(db *sql.DB) error {
|
2023-05-24 21:36:01 +02:00
|
|
|
if _, err := db.Exec(createWebPushSubscriptionsTableQuery); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-06-09 03:45:52 +02:00
|
|
|
if _, err := db.Exec(insertWebPushSchemaVersion, currentWebPushSchemaVersion); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-05-24 21:36:01 +02:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-06-18 20:20:22 +02:00
|
|
|
func runWebPushStartupQueries(db *sql.DB, startupQueries string) error {
|
|
|
|
if _, err := db.Exec(startupQueries); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if _, err := db.Exec(builtinStartupQueries); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
2023-06-10 05:17:48 +02:00
|
|
|
}
|
|
|
|
|
2023-06-09 05:09:38 +02:00
|
|
|
// UpsertSubscription adds or updates Web Push subscriptions for the given topics and user ID. It always first deletes all
|
2023-06-09 03:45:52 +02:00
|
|
|
// existing entries for a given endpoint.
|
2023-06-17 03:59:07 +02:00
|
|
|
func (c *webPushStore) UpsertSubscription(endpoint string, auth, p256dh, userID string, subscriberIP netip.Addr, topics []string) error {
|
2023-06-02 13:22:54 +02:00
|
|
|
tx, err := c.db.Begin()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
defer tx.Rollback()
|
2023-06-17 03:59:07 +02:00
|
|
|
// Read number of subscriptions for subscriber IP address
|
|
|
|
rowsCount, err := tx.Query(selectWebPushSubscriptionCountBySubscriberIP, subscriberIP.String())
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
defer rowsCount.Close()
|
|
|
|
var subscriptionCount int
|
|
|
|
if !rowsCount.Next() {
|
|
|
|
return errWebPushNoRows
|
|
|
|
}
|
|
|
|
if err := rowsCount.Scan(&subscriptionCount); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if err := rowsCount.Close(); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-06-10 05:17:48 +02:00
|
|
|
// Read existing subscription ID for endpoint (or create new ID)
|
|
|
|
rows, err := tx.Query(selectWebPushSubscriptionIDByEndpoint, endpoint)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
defer rows.Close()
|
|
|
|
var subscriptionID string
|
|
|
|
if rows.Next() {
|
|
|
|
if err := rows.Scan(&subscriptionID); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
} else {
|
2023-06-17 20:44:55 +02:00
|
|
|
if subscriptionCount >= subscriptionEndpointLimitPerSubscriberIP {
|
2023-06-17 03:59:07 +02:00
|
|
|
return errWebPushTooManySubscriptions
|
|
|
|
}
|
2023-06-10 05:17:48 +02:00
|
|
|
subscriptionID = util.RandomStringPrefix(subscriptionIDPrefix, subscriptionIDLength)
|
|
|
|
}
|
|
|
|
if err := rows.Close(); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
// Insert or update subscription
|
|
|
|
updatedAt, warnedAt := time.Now().Unix(), 0
|
2023-06-17 03:59:07 +02:00
|
|
|
if _, err = tx.Exec(insertWebPushSubscriptionQuery, subscriptionID, endpoint, auth, p256dh, userID, subscriberIP.String(), updatedAt, warnedAt); err != nil {
|
2023-06-10 05:17:48 +02:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
// Replace all subscription topics
|
|
|
|
if _, err := tx.Exec(deleteWebPushSubscriptionTopicAllQuery, subscriptionID); err != nil {
|
2023-06-02 13:22:54 +02:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
for _, topic := range topics {
|
2023-06-10 05:17:48 +02:00
|
|
|
if _, err = tx.Exec(insertWebPushSubscriptionTopicQuery, subscriptionID, topic); err != nil {
|
2023-06-02 13:22:54 +02:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return tx.Commit()
|
2023-05-24 21:36:01 +02:00
|
|
|
}
|
|
|
|
|
2023-06-17 03:59:07 +02:00
|
|
|
// SubscriptionsForTopic returns all subscriptions for the given topic
|
2023-06-09 05:09:38 +02:00
|
|
|
func (c *webPushStore) SubscriptionsForTopic(topic string) ([]*webPushSubscription, error) {
|
2023-05-24 21:36:01 +02:00
|
|
|
rows, err := c.db.Query(selectWebPushSubscriptionsForTopicQuery, topic)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
defer rows.Close()
|
2023-06-10 05:17:48 +02:00
|
|
|
return c.subscriptionsFromRows(rows)
|
2023-05-24 21:36:01 +02:00
|
|
|
}
|
|
|
|
|
2023-06-17 03:59:07 +02:00
|
|
|
// SubscriptionsExpiring returns all subscriptions that have not been updated for a given time period
|
2023-06-10 05:17:48 +02:00
|
|
|
func (c *webPushStore) SubscriptionsExpiring(warnAfter time.Duration) ([]*webPushSubscription, error) {
|
|
|
|
rows, err := c.db.Query(selectWebPushSubscriptionsExpiringSoonQuery, time.Now().Add(-warnAfter).Unix())
|
2023-06-02 14:45:05 +02:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2023-06-10 05:17:48 +02:00
|
|
|
defer rows.Close()
|
|
|
|
return c.subscriptionsFromRows(rows)
|
|
|
|
}
|
2023-06-02 14:45:05 +02:00
|
|
|
|
2023-06-17 03:59:07 +02:00
|
|
|
// MarkExpiryWarningSent marks the given subscriptions as having received a warning about expiring soon
|
2023-06-10 05:17:48 +02:00
|
|
|
func (c *webPushStore) MarkExpiryWarningSent(subscriptions []*webPushSubscription) error {
|
|
|
|
tx, err := c.db.Begin()
|
2023-06-02 14:45:05 +02:00
|
|
|
if err != nil {
|
2023-06-10 05:17:48 +02:00
|
|
|
return err
|
2023-06-02 14:45:05 +02:00
|
|
|
}
|
2023-06-10 05:17:48 +02:00
|
|
|
defer tx.Rollback()
|
|
|
|
for _, subscription := range subscriptions {
|
|
|
|
if _, err := tx.Exec(updateWebPushSubscriptionWarningSentQuery, time.Now().Unix(), subscription.ID); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-06-02 14:45:05 +02:00
|
|
|
}
|
2023-06-10 05:17:48 +02:00
|
|
|
return tx.Commit()
|
|
|
|
}
|
2023-06-02 14:45:05 +02:00
|
|
|
|
2023-06-10 05:17:48 +02:00
|
|
|
func (c *webPushStore) subscriptionsFromRows(rows *sql.Rows) ([]*webPushSubscription, error) {
|
2023-06-09 05:09:38 +02:00
|
|
|
subscriptions := make([]*webPushSubscription, 0)
|
2023-06-02 14:45:05 +02:00
|
|
|
for rows.Next() {
|
2023-06-10 05:17:48 +02:00
|
|
|
var id, endpoint, auth, p256dh, userID string
|
|
|
|
if err := rows.Scan(&id, &endpoint, &auth, &p256dh, &userID); err != nil {
|
2023-06-02 14:45:05 +02:00
|
|
|
return nil, err
|
|
|
|
}
|
2023-06-09 05:09:38 +02:00
|
|
|
subscriptions = append(subscriptions, &webPushSubscription{
|
2023-06-10 05:17:48 +02:00
|
|
|
ID: id,
|
2023-06-09 05:09:38 +02:00
|
|
|
Endpoint: endpoint,
|
|
|
|
Auth: auth,
|
|
|
|
P256dh: p256dh,
|
|
|
|
UserID: userID,
|
|
|
|
})
|
2023-06-02 14:45:05 +02:00
|
|
|
}
|
2023-06-09 05:09:38 +02:00
|
|
|
return subscriptions, nil
|
2023-06-02 14:45:05 +02:00
|
|
|
}
|
|
|
|
|
2023-06-17 03:59:07 +02:00
|
|
|
// RemoveSubscriptionsByEndpoint removes the subscription for the given endpoint
|
2023-06-09 05:09:38 +02:00
|
|
|
func (c *webPushStore) RemoveSubscriptionsByEndpoint(endpoint string) error {
|
|
|
|
_, err := c.db.Exec(deleteWebPushSubscriptionByEndpointQuery, endpoint)
|
2023-05-24 21:36:01 +02:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2023-06-17 03:59:07 +02:00
|
|
|
// RemoveSubscriptionsByUserID removes all subscriptions for the given user ID
|
2023-06-09 05:09:38 +02:00
|
|
|
func (c *webPushStore) RemoveSubscriptionsByUserID(userID string) error {
|
2023-06-17 20:44:55 +02:00
|
|
|
if userID == "" {
|
|
|
|
return errWebPushUserIDCannotBeEmpty
|
|
|
|
}
|
2023-06-09 05:09:38 +02:00
|
|
|
_, err := c.db.Exec(deleteWebPushSubscriptionByUserIDQuery, userID)
|
2023-05-24 21:36:01 +02:00
|
|
|
return err
|
|
|
|
}
|
2023-06-02 14:45:05 +02:00
|
|
|
|
2023-06-17 03:59:07 +02:00
|
|
|
// RemoveExpiredSubscriptions removes all subscriptions that have not been updated for a given time period
|
2023-06-10 05:17:48 +02:00
|
|
|
func (c *webPushStore) RemoveExpiredSubscriptions(expireAfter time.Duration) error {
|
|
|
|
_, err := c.db.Exec(deleteWebPushSubscriptionByAgeQuery, time.Now().Add(-expireAfter).Unix())
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2023-06-17 03:59:07 +02:00
|
|
|
// Close closes the underlying database connection
|
2023-05-30 19:50:24 +02:00
|
|
|
func (c *webPushStore) Close() error {
|
2023-05-24 21:36:01 +02:00
|
|
|
return c.db.Close()
|
|
|
|
}
|