enstrayed/enstrayedapi
1
0
Fork 0
Code Issues Pull Requests Projects Wiki Activity

working changes

Browse Source
This commit is contained in:
Enstrayed
2024-04-09 15:02:16 -07:00
parent 98de002e14
commit 3b96e07d13
8 changed files with 317 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

198
routes/etyd.js
View File

@@ -1,108 +1,108 @@
const { app, db, globalConfig } = require("../index.js") // Get globals from index
function makeRandomHex() {
const characters = "1234567890abcdef"
let counter = 0
let result = ""
while (counter < globalConfig.etyd.randomHexLength) {
result += characters.charAt(Math.floor(Math.random() * characters.length))
counter += 1
}
return result
}
// 2024-04-05: Unused because trying to put randomization server side just made no sense
// function makeRandomHex() {
// const characters = "1234567890abcdef"
// let counter = 0
// let result = ""
// while (counter < globalConfig.etyd.randomHexLength) {
// result += characters.charAt(Math.floor(Math.random() * characters.length))
// counter += 1
// }
// return result
// }
app.options("/etydwrite", (rreq,rres) => {
rres.set("Access-Control-Allow-Headers","Authorization")
rres.set("Access-Control-Allow-Origin","*")
rres.sendStatus(204)
})
// 2024-04-05: Defining OPTIONS for browser prefetch is no longer necessary as CORS is not going to be used
// app.options("/etydwrite", (rreq,rres) => {
// rres.set("Access-Control-Allow-Headers","Authorization")
// rres.set("Access-Control-Allow-Origin","*")
// rres.sendStatus(204)
// })
app.post("/etydwrite", (rreq,rres) => {
db.get(globalConfig.etyd.authKeyInDb).then(dbres => {
if (dbres == null) { // If authkey key doesnt exist in redis then error out
console.log("ERROR: Configured key containing etyd authkeys is null")
rres.sendStatus(500)
} else { // if it does exist
let validKeys = dbres.split(",") // split the string into an array
if (validKeys.includes(rreq.get("Authorization"))) { // check if authorization header key exists in that array
console.log(rreq.body)
switch(rreq.body.action) {
case "set": // Write to db
if (rreq.body.random == true) {
let workingTarget = makeRandomHex() // Make a random URL
db.get(`/${workingTarget}`).then(dbres => { // Check if it exists
if (dbres != null) { // If it does
let workingTarget = makeRandomHex() // Make a new one
db.get(`/${workingTarget}`).then(dbres => { // Check if *that* exists
if (dbres != null) { // If it does
// Then everything is dumb and pointless so just give up
console.log(`${rreq.get("cf-connecting-ip")} POST /etydwrite ACTION set returned 409 (Two attempts to find an open key failed)`)
rres.sendStatus(409)
} else { // if it doesnt then set the stupid key I hate this code so much why did I do this serverside this is so dumb
console.log(`${rreq.get("cf-connecting-ip")} POST /etydwrite ACTION set returned 200 KEY:${rreq.get("Authorization")} TARGET: ${workingTarget}`)
db.set(`/${workingTarget}`,rreq.body.value)
rres.send(`https://etyd.cc/${workingTarget}`)
}
})
} else {
console.log(`${rreq.get("cf-connecting-ip")} POST /etydwrite ACTION set returned 200 KEY:${rreq.get("Authorization")} TARGET: ${workingTarget}`)
db.set(`/${workingTarget}`,rreq.body.value)
rres.send(`https://etyd.cc/${workingTarget}`)
}
})
} else {
db.get(rreq.body.target).then(dbres => { // check if key already exists
if (dbres != null) { // if it does then send 409 conflict
console.log(`${rreq.get("cf-connecting-ip")} POST /etydwrite ACTION set returned 409 KEY:${rreq.get("Authorization")}`)
rres.sendStatus(409)
} else {
db.set(`/${rreq.body.target}`,rreq.body.value)
rres.send(`https://etyd.cc/${rreq.body.target}`)
}
})
}
break;
case "delete":
let workingTarget = rreq.body.target.replace("https://etyd.cc/","") // Sanitize input
if (workingTarget.startsWith("/")) {
workingTarget = workingTarget.slice(1)
}
db.get(`/${workingTarget}`).then(dbres => {
if (dbres == null) { //if key doesnt exist then log and return 400
console.log(`${rreq.get("cf-connecting-ip")} POST /etydwrite ACTION delete returned 404 KEY:${rreq.get("Authorization")} TARGET: ${workingTarget}`)
rres.sendStatus(404)
} else {
console.log(`${rreq.get("cf-connecting-ip")} POST /etydwrite ACTION delete returned 200 KEY:${rreq.get("Authorization")} TARGET: ${workingTarget}`)
db.del(`/${workingTarget}`)
rres.sendStatus(200)
}
})
break;
default:
console.log(`${rreq.get("cf-connecting-ip")} POST /etydwrite ACTION default returned 400 KEY:${rreq.get("Authorization")}`)
rres.sendStatus(400) // request json didnt include a valid action
break;
}
} else { // if it doesnt then its a unauthorized request
console.log(`${rreq.get("cf-connecting-ip")} POST /etydwrite returned 401`)
rres.sendStatus(401)
}
app.get("/etyd*", (rreq,rres) => {
fetch(`http://${globalConfig.couchdb.host}/etyd${rreq.path.replace("/etyd","")}`, {
headers: {
"Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}`
}
}).then(dbRes => {
if (dbRes.status == 404) {
rres.sendStatus(404)
} else {
dbRes.json().then(dbRes => {
rres.redirect(dbRes.content.url)
})
}
}).catch(fetchError => {
rres.sendStatus(500)
console.log(`${rres.get("cf-connecting-ip")} GET ${rreq.path} returned 500: ${fetchError}`)
})
})
app.delete("/etyd*", (rreq,rres) => {
fetch(`http://${globalConfig.couchdb.host}/apiauthkeys/${globalConfig.etyd.authKeysDoc}`, {
headers: {
"Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}`
}
}).then(dbRes => dbRes.json()).then(dbRes => {
if (dbRes.status == 404) { // If document containing cider auth keys does not exist
console.log(`ERROR: Could not find apiauthkeys/${globalConfig.etyd.authKeysDoc}`)
rres.sendStatus(500) // Refuse request
} else {
if (rreq.get("Authorization") == null) { // If authorization header is not supplied
rres.sendStatus(400) // then return bad request (would return 500 otherwise)
} else {
if (dbRes["content"][rreq.get("Authorization").split("_")[0]] === rreq.get("Authorization").split("_")[1]) {
fetch(`http://${globalConfig.couchdb.host}/etyd${rreq.path.replace("/etyd", "")}`, {
headers: {
"Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}`
}
}).then(dbRes => {
if (dbRes.status == 404) {
rres.sendStatus(404)
} else {
dbRes.json().then(dbRes => {
fetch(`http://${globalConfig.couchdb.host}/etyd${rreq.path.replace("/etyd", "")}`, {
method: "DELETE",
headers: {
"Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}`,
"If-Match": dbRes["_rev"]
}
}).then(fetchRes => {
if (fetchRes.status == 200) {
console.log(`${rres.get("cf-connecting-ip")} DELETE ${rreq.path} returned 200 KEY: ${rreq.get("Authorization")}`)
rres.sendStatus(200)
}
}).catch(fetchError => {
rres.sendStatus(500)
console.log(`${rres.get("cf-connecting-ip")} DELETE ${rreq.path} returned 500: ${fetchError}`)
})
})
}
}).catch(fetchError => {
rres.sendStatus(500)
console.log(`${rres.get("cf-connecting-ip")} DELETE ${rreq.path} returned 500: ${fetchError}`)
})
} else {
console.log(`${rreq.get("cf-connecting-ip")} DELETE ${rreq.path} returned 401`) // log ip of unauthorized requests
rres.sendStatus(401) // received auth key was not in database
}
}
}
}).catch(fetchError => {
rres.sendStatus(500)
console.log(`${rres.get("cf-connecting-ip")} DELETE ${rreq.path} returned 500: ${fetchError}`)
})
})
module.exports = {app} // export routes to be imported by index for execution