From e5ab498161be94ae7f3f08be07e09c95ecc0377a Mon Sep 17 00:00:00 2001 From: Enstrayed <48845980+Enstrayed@users.noreply.github.com> Date: Wed, 12 Jun 2024 20:21:14 -0700 Subject: [PATCH] move authorization code into new file --- liberals/authorization.js | 38 ++++++++++++++ routes/mailjet.js | 102 +++++++++++++++++--------------------- 2 files changed, 84 insertions(+), 56 deletions(-) create mode 100644 liberals/authorization.js diff --git a/liberals/authorization.js b/liberals/authorization.js new file mode 100644 index 0000000..4ca6348 --- /dev/null +++ b/liberals/authorization.js @@ -0,0 +1,38 @@ +const { globalConfig } = require("../index.js") + +async function checkAuthorization(documentToUse,keyToCheck) { + return await fetch(`http://${globalConfig.couchdb.host}/apiauthkeys/${documentToUse}`, { + headers: { + "Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}` + } + }).then(fetchRes => { + + if (fetchRes.status === 404) { // If document doesnt exist fail gracefully + + console.log("ERROR: Failed to check authorization: Requested document returned 404") + return false + + } else if (fetchRes.status === 401) { // If couchdb is reporting unauthorized fail gracefully + + console.log("ERROR: Failed to check authorization: Database authorization is incorrect") + return false + + } else { + return fetchRes.json().then(dbRes => { // Get response json and check it + + if (dbRes["content"][keyToCheck.split("_")[0]] === keyToCheck.split("_")[1]) { + return true + } else { + return false + } + + }) + } + + }).catch(error => { + console.log("ERROR: Failed to check authorization: " + error) + return false + }) +} + +module.exports = {checkAuthorization} \ No newline at end of file diff --git a/routes/mailjet.js b/routes/mailjet.js index e53f3f1..1ef3cc1 100644 --- a/routes/mailjet.js +++ b/routes/mailjet.js @@ -1,67 +1,57 @@ -const { app, db, globalConfig } = require("../index.js") // Get globals from index +const { app, globalConfig } = require("../index.js") // Get globals from index +const { checkAuthorization } = require("../liberals/authorization.js") app.post("/sendemail", (rreq,rres) => { - fetch(`http://${globalConfig.couchdb.host}/apiauthkeys/${globalConfig.mailjet.authKeysDoc}`, { - headers: { - "Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}` - } - }).then(dbRes => dbRes.json()).then(dbRes => { + checkAuthorization(globalConfig.mailjet.authKeysDoc,rreq.get("Authorization")).then(authRes => { + if (authRes === false) { // If the supplied authorization is invalid or an error occured - if (dbRes.status == 404) { // If document containing mailjet auth keys does not exist - console.log(`ERROR: Could not find apiauthkeys/${globalConfig.mailjet.authKeysDoc}`) - rres.sendStatus(500) // Refuse request - } else { - if (dbRes["content"][rreq.get("Authorization").split("_")[0]] === rreq.get("Authorization").split("_")[1]) { + console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 401`) // Log the request + rres.sendStatus(401) // Return 401 Unauthorized - // 2024-05-11: Turbo bodge check to make sure request JSON is valid, probably wont work but whatever - if (rreq.body == undefined || rreq.body.recipient == undefined) { - console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 400 KEY:${rreq.get("Authorization").split("_")[1]}`) - rres.sendStatus(400) - } else { - - let message = { - "Messages": [ - { - "From": { - "Email": globalConfig.mailjet.senderAddress, - "Name": globalConfig.mailjet.senderName, - }, - "To": [ - { - "Email": rreq.body.recipient, - } - ], - - "Subject": rreq.body.subject || "Request did not include a subject.", - "TextPart": rreq.body.message || "Request did not include a message.", - } - ] - } - - fetch("https://api.mailjet.com/v3.1/send", { - method: "POST", - headers: { - "Authorization": `Basic ${btoa(globalConfig.mailjet.apiKey)}`, - "Content-Type": "application/json" - }, - body: JSON.stringify(message) - }).then(fetchRes => { - if (fetchRes.status == 200) { - console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 200 KEY:${rreq.get("Authorization").split("_")[1]}`) - rres.sendStatus(200) - } else { - console.log(`Mailjet Fetch returned result other than OK: ${fetchRes.status} ${fetchRes.statusText}`) - rres.sendStatus(500) + } else if (authRes === true) { // If the authorization was valid, continue function + + // 2024-05-11: Turbo bodge check to make sure request JSON is valid, probably wont work but whatever + if (rreq.body == undefined || rreq.body.recipient == undefined) { + console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 400 KEY:${rreq.get("Authorization").split("_")[0]}`) + rres.sendStatus(400) + } else { + + let message = { + "Messages": [ + { + "From": { + "Email": globalConfig.mailjet.senderAddress, + "Name": globalConfig.mailjet.senderName, + }, + "To": [ + { + "Email": rreq.body.recipient, + } + ], + + "Subject": rreq.body.subject || "Request did not include a subject.", + "TextPart": rreq.body.message || "Request did not include a message.", } - }) + ] } - - - } else { - console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 401`) // log ip of unauthorized requests - rres.sendStatus(401) // received auth key was not in database + fetch("https://api.mailjet.com/v3.1/send", { + method: "POST", + headers: { + "Authorization": `Basic ${btoa(globalConfig.mailjet.apiKey)}`, + "Content-Type": "application/json" + }, + body: JSON.stringify(message) + }).then(fetchRes => { + if (fetchRes.status == 200) { + console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 200 KEY:${rreq.get("Authorization").split("_")[1]}`) + rres.sendStatus(200) + } else { + console.log(`Mailjet Fetch returned result other than OK: ${fetchRes.status} ${fetchRes.statusText}`) + rres.sendStatus(500) + } + }) } } })