Merge 8a9195a into a11b226

Author: corrideat

backend/routes.js

@@ -746,7 +746,7 @@ route.GET('/kv/{contractID}/{key}', {
     return notFoundNoCache(h)
   }
 
-  return h.response(result).etag(createCID(result, multicodes.RAW))
+  return h.response(result).etag(createCID(result, multicodes.RAW)).type('application/json')
 })
 
 // SPA routes
@@ -781,9 +781,13 @@ route.GET('/assets/{subpath*}', {
       .etag(basename)
       .header('Cache-Control', 'public,max-age=31536000,immutable')
   }
-  // Files like `main.js` or `main.css` should be revalidated before use. Se we use the default headers.
+  // Files like `main.js` or `main.css` should be revalidated before use.
+  // We set a short 'stale-while-revalidate' value instead of 'no-cache' to
+  // signal to the app that it's fine to use old versions when offline or over
+  // unreliable connections.
   // This should also be suitable for serving unversioned fonts and images.
   return h.file(subpath)
+    .header('Cache-Control', 'public,max-age=604800,stale-while-revalidate=86400')
 })
 
 route.GET(staticServeConfig.routePath, {}, {
@@ -851,7 +855,13 @@ route.GET('/zkpp/{name}/auth_hash', {
   try {
     const challenge = await getChallenge(req.params['name'], req.query['b'])
 
-    return challenge || notFoundNoCache(h)
+    if (!challenge) {
+      return Boom.notFound()
+    }
+
+    return h.response(challenge)
+      .header('Cache-Control', 'no-store')
+      .header('Content-Type', 'text/plain')
   } catch (e) {
     e.ip = req.headers['x-real-ip'] || req.info.remoteAddress
     console.error(e, 'Error at GET /zkpp/{name}/auth_hash: ' + e.message)
@@ -875,7 +885,9 @@ route.GET('/zkpp/{name}/contract_hash', {
     const salt = await getContractSalt(req.params['name'], req.query['r'], req.query['s'], req.query['sig'], req.query['hc'])
 
     if (salt) {
-      return salt
+      return h.response(salt)
+        .header('Cache-Control', 'no-store')
+        .header('Content-Type', 'text/plain')
     }
   } catch (e) {
     e.ip = req.headers['x-real-ip'] || req.info.remoteAddress
@@ -901,7 +913,8 @@ route.POST('/zkpp/{name}/updatePasswordHash', {
     const result = await updateContractSalt(req.params['name'], req.payload['r'], req.payload['s'], req.payload['sig'], req.payload['hc'], req.payload['Ea'])
 
     if (result) {
-      return result
+      return h.response(result)
+        .header('Content-type', 'text/plain')
     }
   } catch (e) {
     e.ip = req.headers['x-real-ip'] || req.info.remoteAddress

frontend/controller/actions/group.js

@@ -403,7 +403,7 @@ export default (sbp('sbp/selectors/register', {
             removeEventHandler()
             removeLogoutHandler()
             // The event handler recursively calls this same selector
-            // A different path should be taken, since te event handler
+            // A different path should be taken, since the event handler
             // should be called after the key request has been answered
             // and processed
             sbp('gi.actions/group/join', params).catch((e) => {

frontend/controller/app/identity.js

@@ -419,7 +419,12 @@ export default (sbp('sbp/selectors/register', {
             })
           } else {
             try {
-              await sbp('chelonia/contract/sync', identityContractID)
+              if (navigator.onLine !== false) {
+                await Promise.race([
+                  sbp('chelonia/contract/sync', identityContractID),
+                  new Promise((resolve) => { setTimeout(resolve, 5000) })
+                ])
+              }
             } catch (e) {
               // Since we're throwing or returning, the `await` below will not
               // be used. In either case, login won't complete after this point,

frontend/controller/serviceworkers/cache.js

@@ -0,0 +1,146 @@
+const CACHE_VERSION = process.env.GI_VERSION
+const CURRENT_CACHES = {
+  assets: `assets-cache_v${CACHE_VERSION}`
+}
+
+if (
+  typeof Cache === 'function' &&
+  typeof CacheStorage === 'function' &&
+  typeof caches === 'object' &&
+  (caches instanceof CacheStorage)
+) {
+  const locationUrl = new URL(self.location)
+  const routerBase = locationUrl.searchParams.get('routerBase') ?? '/app'
+
+  self.addEventListener('install', (event) => {
+    event.waitUntil(
+      caches
+        .open(CURRENT_CACHES.assets)
+        .then((cache) =>
+          cache.addAll([
+            '/assets/pwa-manifest.webmanifest',
+            '/assets/images/group-income-icon-transparent.png',
+            '/assets/images/pwa-icons/group-income-icon-maskable_192x192.png',
+            '/assets/css/main.css',
+            '/assets/js/main.js',
+            `${routerBase}/`
+          ]).catch(e => {
+            console.error('Error adding initial entries to cache', e)
+          })
+        )
+    )
+  }, false)
+
+  // Taken from the MDN example:
+  // <https://developer.mozilla.org/en-US/docs/Web/API/Cache>
+  self.addEventListener('activate', (event) => {
+    const expectedCacheNamesSet = new Set(Object.values(CURRENT_CACHES))
+
+    event.waitUntil(
+      caches.keys().then((cacheNames) =>
+        Promise.allSettled(
+          cacheNames.map((cacheName) => {
+            if (!expectedCacheNamesSet.has(cacheName)) {
+              // If this cache name isn't present in the set of
+              // "expected" cache names, then delete it.
+              console.log('Deleting out of date cache:', cacheName)
+              return caches.delete(cacheName)
+            }
+
+            return undefined
+          })
+        )
+      )
+    )
+  }, false)
+
+  self.addEventListener('fetch', function (event) {
+    console.debug(`[sw] fetch : ${event.request.method} - ${event.request.url}`)
+
+    if (!['GET', 'HEAD', 'OPTIONS'].includes(event.request.method)) {
+      return
+    }
+
+    // Needed mostly for Cypress
+    let cacheKey = event.request
+    try {
+      const url = new URL(event.request.url)
+
+      if (url.origin !== self.location.origin) {
+        return
+      }
+
+      if (
+        ['/eventsAfter/', '/name/', '/latestHEADinfo/', '/file/', '/kv/', '/zkpp/'].some(prefix => url.pathname.startsWith(prefix)) ||
+        url.pathname === '/time'
+      ) {
+        return
+      }
+
+      // If the route starts with `${routerBase}/` or `/`, redirect to
+      // `${routerBase}/`, since the HTML content is presumed to be the same.
+      // This is _crucial_ for the offline PWA to work, since currently the app
+      // uses different paths.
+      if (
+        url.pathname === '/' ||
+        (url.pathname.startsWith(`${routerBase}/`) && url.pathname !== `${routerBase}/`)
+      ) {
+        if (window.Cypress) {
+          // Apparently, Cypress doesn't like redirects, so we rewrite the
+          // cache key instead
+          cacheKey = new Request(`${routerBase}/`)
+        } else {
+          event.respondWith(Response.redirect(`${routerBase}/`, 302))
+          return
+        }
+      }
+    } catch (e) {
+      return
+    }
+
+    event.respondWith(
+      caches.match(event.request, { ignoreSearch: true, ignoreVary: true })
+        .then((cachedResponse) => {
+          // If a cached response exists, return it. Not only does this
+          // improve performance, but it also makes the app work 'offline'
+          // (`navigator.onLine` is unreliable; can be `true` even when
+          // offline). The downside of this approach is that we may return
+          // stale assets when the app is updated. Fortunately, so long as the
+          // version is updated (GI_VERSION), existing cache entries will be
+          // deleted. This will happen with SW updates, so, ideally, we won't
+          // serve stale resources for too long.
+          if (cachedResponse) {
+            return cachedResponse
+          }
+
+          // We use the original `event.request` for the network fetch
+          // instead of the possibly re-written `request` (used as a cache
+          // key) because the re-written request makes tests fail.
+          return caches.open(CURRENT_CACHES.assets).then((cache) => {
+            return fetch(event.request).then((response) => {
+              if (
+              // Save successful reponses
+                response.status >= 200 &&
+                response.status < 400 &&
+                response.status !== 206 && // Partial response
+                response.status !== 304 && // Not modified
+                // Which don't have a 'no-store' directive
+                !response.headers.get('cache-control')?.split(',').some(x => x.trim() === 'no-store')
+              ) {
+                event.waitUntil(cache.put(cacheKey, response.clone()).catch(e => {
+                  console.error('Error adding request to cache')
+                }))
+              } else if (response.status < 500) {
+              // For 5xx responses (server errors, we don't delete the cache
+              // entry. This is so that, in the event of a 5xx error,
+              // the offline app still works.)
+                event.waitUntil(cache.delete(cacheKey))
+              }
+
+              return response
+            })
+          })
+        })
+    )
+  }, false)
+}

frontend/controller/serviceworkers/sw-primary.js

@@ -33,6 +33,7 @@ import {
   NOTIFICATION_STATUS_LOADED, OFFLINE, ONLINE, RECONNECTING,
   RECONNECTION_FAILED, SERIOUS_ERROR, SWITCH_GROUP
 } from '../../utils/events.js'
+import './cache.js'
 import './push.js'
 import './sw-namespace.js'
 
@@ -338,10 +339,6 @@ self.addEventListener('activate', function (event) {
   event.waitUntil(self.clients.claim())
 })
 
-self.addEventListener('fetch', function (event) {
-  console.debug(`[sw] fetch : ${event.request.method} - ${event.request.url}`)
-})
-
 // TODO: this doesn't persist data across browser restarts, so try to use
 // the cache instead, or just localstorage. Investigate whether the service worker
 // has the ability to access and clear the localstorage periodically.