update index & auth to use postgres
This commit is contained in:
Enstrayed
22
index.js
22
index.js
@@ -1,28 +1,26 @@
|
||||
import * as fs from 'fs'
|
||||
import { execSync } from 'child_process'
|
||||
import postgres from 'postgres'
|
||||
import express, { json } from 'express'
|
||||
const app = express()
|
||||
|
||||
if (!process.env.API_DBHOST || !process.env.API_DBCRED) {
|
||||
console.log("FATAL: API_DBHOST and API_DBCRED must be set")
|
||||
if (!process.env.DATABASE_URI) {
|
||||
console.log("FATAL: DATABASE_URI must be set")
|
||||
process.exit(1)
|
||||
}
|
||||
|
||||
const globalConfig = await fetch(`${process.env.API_DBHOST}/config/${process.env.API_DBCRED.split(":")[0]}`,{
|
||||
headers: { "Authorization": `Basic ${btoa(process.env.API_DBCRED)}`}
|
||||
}).then(response => {
|
||||
if (response.status !== 200) {
|
||||
console.log(`FATAL: Failed to download configuration: ${response.status} ${response.statusText}`)
|
||||
process.exit(1)
|
||||
} else {
|
||||
return response.json()
|
||||
}
|
||||
const db = postgres(process.env.DATABASE_URI)
|
||||
|
||||
const globalConfig = await db`select content from config where id = ${process.env.CONFIG_OVERRIDE ?? 'production'}`.then(response => {return response[0]["content"]}).catch(error => {
|
||||
console.log(`FATAL: Error occured in downloading configuration: ${error}`)
|
||||
process.exit(1)
|
||||
})
|
||||
|
||||
const globalVersion = execSync(`git show --oneline -s`).toString().split(" ")[0]
|
||||
// Returns ISO 8601 Date & 24hr time for UTC-7/PDT
|
||||
const startTime = new Date(new Date().getTime() - 25200000).toISOString().slice(0,19).replace('T',' ')
|
||||
|
||||
export { app, fs, globalConfig, globalVersion }
|
||||
export { app, fs, db, globalConfig, globalVersion }
|
||||
|
||||
app.use(json()) // Allows receiving JSON bodies
|
||||
// see important note: https://expressjs.com/en/api.html#express.json
|
||||
|
||||
@@ -1,31 +1,20 @@
|
||||
import { globalConfig } from "../index.js"
|
||||
import { globalConfig, db } from "../index.js"
|
||||
|
||||
/**
|
||||
* Checks if a token exists in the sessions file (authentication) and if it has the correct permissions (authorization)
|
||||
* (DEPRECATED) Checks if a token exists in the sessions file (authentication) and if it has the correct permissions (authorization)
|
||||
* @param {string} token Token as received by client
|
||||
* @param {string} scope Scope the token will need to have in order to succeed
|
||||
* @returns True for successful authentication and authorization, false if either fail
|
||||
* @returns {boolean} True for successful authentication and authorization, false if either fail
|
||||
*/
|
||||
async function checkToken(token,scope) {
|
||||
return await fetch(`${process.env.API_DBHOST}/auth/sessions`, {
|
||||
headers: { "Authorization": `Basic ${btoa(process.env.API_DBCRED)}`}
|
||||
}).then(fetchRes => {
|
||||
|
||||
return fetchRes.json().then(dbRes => {
|
||||
|
||||
if (dbRes.sessions[token] == undefined) { // If the token is not on the sessions list then reject
|
||||
return false
|
||||
} else if (dbRes.sessions[token].scopes.includes(scope)) { // If the token is on the seesions list and includes the scope then accept
|
||||
return true
|
||||
} else { // Otherwise reject
|
||||
return false
|
||||
}
|
||||
|
||||
})
|
||||
|
||||
}).catch(error => {
|
||||
console.log(`ERROR: auth.js: Fetch failed: ${error}`)
|
||||
return false
|
||||
return await db`select s.token, s.scopes, s.expires, u.username from sessions s join users u on s.owner = u.id where s.token = ${token}`.then(response => {
|
||||
if (response.length === 0) {
|
||||
return false
|
||||
} else if (response[0]?.scopes.split(",").includes(scope)) {
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
|
||||
40
package-lock.json
generated
40
package-lock.json
generated
@@ -11,7 +11,8 @@
|
||||
"dependencies": {
|
||||
"express": "^4.18.2",
|
||||
"marked": "^14.1.3",
|
||||
"nodemailer": "^6.9.15"
|
||||
"nodemailer": "^6.9.15",
|
||||
"postgres": "^3.4.5"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/bun": "^1.0.12",
|
||||
@@ -259,9 +260,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/express": {
|
||||
"version": "4.21.1",
|
||||
"resolved": "https://registry.npmjs.org/express/-/express-4.21.1.tgz",
|
||||
"integrity": "sha512-YSFlK1Ee0/GC8QaO91tHcDxJiE/X4FbpAyQWkxAvG6AXCuR65YzK8ua6D9hvi/TzUfZMpc+BwuM1IPw8fmQBiQ==",
|
||||
"version": "4.21.2",
|
||||
"resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz",
|
||||
"integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"accepts": "~1.3.8",
|
||||
@@ -283,7 +284,7 @@
|
||||
"methods": "~1.1.2",
|
||||
"on-finished": "2.4.1",
|
||||
"parseurl": "~1.3.3",
|
||||
"path-to-regexp": "0.1.10",
|
||||
"path-to-regexp": "0.1.12",
|
||||
"proxy-addr": "~2.0.7",
|
||||
"qs": "6.13.0",
|
||||
"range-parser": "~1.2.1",
|
||||
@@ -298,6 +299,10 @@
|
||||
},
|
||||
"engines": {
|
||||
"node": ">= 0.10.0"
|
||||
},
|
||||
"funding": {
|
||||
"type": "opencollective",
|
||||
"url": "https://opencollective.com/express"
|
||||
}
|
||||
},
|
||||
"node_modules/finalhandler": {
|
||||
@@ -466,9 +471,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/marked": {
|
||||
"version": "14.1.3",
|
||||
"resolved": "https://registry.npmjs.org/marked/-/marked-14.1.3.tgz",
|
||||
"integrity": "sha512-ZibJqTULGlt9g5k4VMARAktMAjXoVnnr+Y3aCqW1oDftcV4BA3UmrBifzXoZyenHRk75csiPu9iwsTj4VNBT0g==",
|
||||
"version": "14.1.4",
|
||||
"resolved": "https://registry.npmjs.org/marked/-/marked-14.1.4.tgz",
|
||||
"integrity": "sha512-vkVZ8ONmUdPnjCKc5uTRvmkRbx4EAi2OkTOXmfTDhZz3OFqMNBM1oTTWwTr4HY4uAEojhzPf+Fy8F1DWa3Sndg==",
|
||||
"license": "MIT",
|
||||
"bin": {
|
||||
"marked": "bin/marked.js"
|
||||
@@ -591,11 +596,24 @@
|
||||
}
|
||||
},
|
||||
"node_modules/path-to-regexp": {
|
||||
"version": "0.1.10",
|
||||
"resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.10.tgz",
|
||||
"integrity": "sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w==",
|
||||
"version": "0.1.12",
|
||||
"resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz",
|
||||
"integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==",
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/postgres": {
|
||||
"version": "3.4.5",
|
||||
"resolved": "https://registry.npmjs.org/postgres/-/postgres-3.4.5.tgz",
|
||||
"integrity": "sha512-cDWgoah1Gez9rN3H4165peY9qfpEo+SA61oQv65O3cRUE1pOEoJWwddwcqKE8XZYjbblOJlYDlLV4h67HrEVDg==",
|
||||
"license": "Unlicense",
|
||||
"engines": {
|
||||
"node": ">=12"
|
||||
},
|
||||
"funding": {
|
||||
"type": "individual",
|
||||
"url": "https://github.com/sponsors/porsager"
|
||||
}
|
||||
},
|
||||
"node_modules/proxy-addr": {
|
||||
"version": "2.0.7",
|
||||
"resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz",
|
||||
|
||||
@@ -2,7 +2,8 @@
|
||||
"dependencies": {
|
||||
"express": "^4.18.2",
|
||||
"marked": "^14.1.3",
|
||||
"nodemailer": "^6.9.15"
|
||||
"nodemailer": "^6.9.15",
|
||||
"postgres": "^3.4.5"
|
||||
},
|
||||
"name": "enstrayedapi",
|
||||
"version": "1.0.0",
|
||||
|
||||
Reference in New Issue
Block a user