enstrayed/enstrayedapi
1
0
Fork 0
Code Issues Pull Requests Projects Wiki Activity

working changes

Browse Source
This commit is contained in:
Enstrayed
2025-04-17 22:41:08 -07:00
parent 8a2bd6ecc3
commit 4c0f140e9e
4 changed files with 128 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
liberals/auth.js
View File

@@ -18,4 +18,17 @@ async function checkToken(token,scope) {
}) })
} }
/**
* New function to check if a token exists in the sessions table (authentication) and if it has the desired scope (authorization)
* @param {string} token Token as received by client
* @param {string} scope Desired scope for action
* @typedef {Object} Object containing the result and the username of the token owner
* @property {boolean} result Boolean result of if the check passed
* @property {string} owner Username of the token owner
*/
async function checkTokenNew(token,scope) {
}
export {checkToken} export {checkToken}

15
routes/debug.js Normal file
View File

@@ -0,0 +1,15 @@
import { app, globalConfig } from "../index.js" // Get globals from index
import { checkToken } from "../liberals/auth.js"
import { logRequest } from "../liberals/logging.js"
app.get("/api/debugtokencheck", (rreq,rres) => {
checkToken(rreq.get("Authorization"),"etyd").then(authRes => {
if (authRes) {
rres.sendStatus(200)
} else {
rres.sendStatus(401)
}
})
})
export { app }

197
routes/etyd.js
View File

@@ -1,130 +1,123 @@
import { app, globalConfig } from "../index.js" // Get globals from index import { app, db, globalConfig } from "../index.js" // Get globals from index
import { checkToken } from "../liberals/auth.js" import { checkToken } from "../liberals/auth.js"
import { logRequest } from "../liberals/logging.js" import { logRequest } from "../liberals/logging.js"
app.get("/api/etyd*", (rreq,rres) => { app.get("/api/etyd*", (rreq,rres) => {
fetch(`${process.env.API_DBHOST}/etyd${rreq.path.replace("/api/etyd","")}`,{ let userRequest = rreq.path.replace("/api/etyd/","")
headers: { "Authorization": `Basic ${btoa(process.env.API_DBCRED)}`} db`select content from etyd where url = ${userRequest}`.then(response => {
}).then(dbRes => { if (response.length == 0) {
if (dbRes.status == 404) { rres.status(404).send(`etyd.cc: URL "${userRequest}" was not found`)
rres.sendStatus(404)
} else { } else {
dbRes.json().then(dbRes => { rres.redirect(response[0].content)
try {
rres.redirect(dbRes.content.url) // Node will crash if the Database entry is malformed
} catch (responseError) {
logRequest(rres,rreq,500,responseError)
rres.sendStatus(500)
}
})
} }
}).catch(fetchError => { }).catch(dbError => {
logRequest(rres,rreq,500,fetchError) logRequest(rres,rreq,500,dbError)
rres.sendStatus(500) rres.status(500).send(`etyd.cc: An internal error occured`)
}) })
}) })
// app.delete("/api/etyd*", (rreq,rres) => { app.delete("/api/etyd*", (rreq,rres) => {
// if (rreq.get("Authorization") === undefined) { if (rreq.get("Authorization") === undefined) {
// rres.sendStatus(400) rres.sendStatus(400)
// } else { } else {
// checkToken(rreq.get("Authorization"),"etyd").then(authRes => { checkToken(rreq.get("Authorization"),"etyd").then(authRes => {
// if (authRes === false) { if (authRes === false) {
// rres.sendStatus(401) rres.sendStatus(401)
// } else if (authRes === true) { // Authorization successful } else if (authRes === true) { // Authorization successful
// fetch(`${process.env.API_DBHOST}/etyd${rreq.path.replace("/api/etyd", "")}`,{ fetch(`${process.env.API_DBHOST}/etyd${rreq.path.replace("/api/etyd", "")}`,{
// headers: { "Authorization": `Basic ${btoa(process.env.API_DBCRED)}`} headers: { "Authorization": `Basic ${btoa(process.env.API_DBCRED)}`}
// }).then(dbRes => { }).then(dbRes => {
// if (dbRes.status == 404) { if (dbRes.status == 404) {
// rres.sendStatus(404) // Entry does not exist rres.sendStatus(404) // Entry does not exist
// } else { } else {
// dbRes.json().then(dbRes => { dbRes.json().then(dbRes => {
// fetch(`${process.env.API_DBHOST}/etyd${rreq.path.replace("/api/etyd", ""),{ fetch(`${process.env.API_DBHOST}/etyd${rreq.path.replace("/api/etyd", "")}`,{
// headers: { "Authorization": `Basic ${btoa(process.env.API_DBCRED)}`} headers: { "Authorization": `Basic ${btoa(process.env.API_DBCRED)}`},
// }}`, { method: "DELETE",
// method: "DELETE", headers: {
// headers: { "If-Match": dbRes["_rev"] // Using the If-Match header is easiest for deleting entries in couchdb
// "If-Match": dbRes["_rev"] // Using the If-Match header is easiest for deleting entries in couchdb }
// } }).then(fetchRes => {
// }).then(fetchRes => {
// if (fetchRes.status == 200) {
// // console.log(`${rres.get("cf-connecting-ip")} DELETE ${rreq.path} returned 200 KEY: ${rreq.get("Authorization")}`)
// logRequest(rres,rreq,200)
// rres.sendStatus(200)
// }
// }).catch(fetchError => {
// // console.log(`${rres.get("cf-connecting-ip")} DELETE ${rreq.path} returned 500: ${fetchError}`)
// logRequest(rres,rreq,500,fetchError)
// rres.sendStatus(500)
// })
// }) if (fetchRes.status == 200) {
// } // console.log(`${rres.get("cf-connecting-ip")} DELETE ${rreq.path} returned 200 KEY: ${rreq.get("Authorization")}`)
logRequest(rres,rreq,200)
rres.sendStatus(200)
} else {
rres.send(`Received status ${fetchRes.status}`)
}
}).catch(fetchError => {
// console.log(`${rres.get("cf-connecting-ip")} DELETE ${rreq.path} returned 500: ${fetchError}`)
logRequest(rres,rreq,500,fetchError)
rres.sendStatus(500)
})
// }).catch(fetchError => { })
// logRequest(rres,rreq,500,fetchError) }
// rres.sendStatus(500)
// })
// } }).catch(fetchError => {
// }) logRequest(rres,rreq,500,fetchError)
// } rres.sendStatus(500)
})
// }) }
})
}
// app.post("/api/etyd*", (rreq,rres) => { })
// if (rreq.get("Authorization") === undefined) { app.post("/api/etyd*", (rreq,rres) => {
// rres.sendStatus(400)
// } else {
// checkToken(rreq.get("Authorization"),"etyd").then(authRes => {
// if (authRes === false) {
// rres.sendStatus(401)
// } else if (authRes === true) { // Authorization successful
// if (rreq.body["url"] == undefined) { if (rreq.get("Authorization") === undefined) {
// rres.sendStatus(400) rres.sendStatus(400)
// } else { } else {
// fetch(`${process.env.API_DBHOST}/etyd${rreq.path.replace("/api/etyd", ""),{ checkToken(rreq.get("Authorization"),"etyd").then(authRes => {
// headers: { "Authorization": `Basic ${btoa(process.env.API_DBCRED)}`} if (authRes === false) {
// }}`, { rres.sendStatus(401)
// method: "PUT", } else if (authRes === true) { // Authorization successful
// body: JSON.stringify({
// "content": {
// "url": rreq.body["url"]
// }
// })
// }).then(dbRes => {
// switch(dbRes.status) { if (rreq.body["url"] == undefined) {
// case 409: rres.sendStatus(400)
// rres.sendStatus(409) } else {
// break; fetch(`${process.env.API_DBHOST}/etyd${rreq.path.replace("/api/etyd", "")}`,{
headers: { "Authorization": `Basic ${btoa(process.env.API_DBCRED)}`},
method: "PUT",
body: JSON.stringify({
"content": {
"url": rreq.body["url"]
}
})
}).then(dbRes => {
// case 201: switch(dbRes.status) {
// rres.status(200).send(rreq.path.replace("/api/etyd", "")) case 409:
// break; rres.sendStatus(409)
break;
// default: case 201:
// logRequest(rres,rreq,500,`CouchDB PUT did not return expected code: ${dbRes.status} ${dbRes.statusText}`) rres.status(200).send(rreq.path.replace("/api/etyd", ""))
// rres.sendStatus(500) break;
// break;
// }
// }).catch(fetchError => { default:
// logRequest(rres,rreq,500,fetchError) logRequest(rres,rreq,500,`CouchDB PUT did not return expected code: ${dbRes.status} ${dbRes.statusText}`)
// rres.sendStatus(500) rres.sendStatus(500)
// }) break;
// } }
// } }).catch(fetchError => {
// }) logRequest(rres,rreq,500,fetchError)
// } rres.sendStatus(500)
})
}
// }) }
})
}
})
export {app} // export routes to be imported by index for execution export {app} // export routes to be imported by index for execution

5
todo.md Normal file
View File

@@ -0,0 +1,5 @@
- [ ] GET /api/whoami - Returns owner of token and what scopes it has
- [ ] GET /api/login - OIDC login redirect to ECLS
- [ ] GET /api/callback - Creates new token that is intended to be local to browser; e.g. can be used in turn to make longer lasting more specific tokens
- [ ] POST /api/token - Allows owner to create a new token with customized scopes, comments & expiration date
- [ ] DELETE /api/token - Invalidate a token