enstrayed/enstrayedapi
1
0
Fork 0
Code Issues Pull Requests Projects Wiki Activity

move authorization code into new file

Browse Source
This commit is contained in:
Enstrayed
2024-06-12 20:21:14 -07:00
parent c615d9c3f9
commit e5ab498161
2 changed files with 84 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
liberals/authorization.js Normal file
View File

@@ -0,0 +1,38 @@
const { globalConfig } = require("../index.js")
async function checkAuthorization(documentToUse,keyToCheck) {
return await fetch(`http://${globalConfig.couchdb.host}/apiauthkeys/${documentToUse}`, {
headers: {
"Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}`
}
}).then(fetchRes => {
if (fetchRes.status === 404) { // If document doesnt exist fail gracefully
console.log("ERROR: Failed to check authorization: Requested document returned 404")
return false
} else if (fetchRes.status === 401) { // If couchdb is reporting unauthorized fail gracefully
console.log("ERROR: Failed to check authorization: Database authorization is incorrect")
return false
} else {
return fetchRes.json().then(dbRes => { // Get response json and check it
if (dbRes["content"][keyToCheck.split("_")[0]] === keyToCheck.split("_")[1]) {
return true
} else {
return false
}
})
}
}).catch(error => {
console.log("ERROR: Failed to check authorization: " + error)
return false
})
}
module.exports = {checkAuthorization}

96
routes/mailjet.js
View File

@@ -1,67 +1,57 @@
const { app, db, globalConfig } = require("../index.js") // Get globals from index const { app, globalConfig } = require("../index.js") // Get globals from index
const { checkAuthorization } = require("../liberals/authorization.js")
app.post("/sendemail", (rreq,rres) => { app.post("/sendemail", (rreq,rres) => {
fetch(`http://${globalConfig.couchdb.host}/apiauthkeys/${globalConfig.mailjet.authKeysDoc}`, { checkAuthorization(globalConfig.mailjet.authKeysDoc,rreq.get("Authorization")).then(authRes => {
headers: { if (authRes === false) { // If the supplied authorization is invalid or an error occured
"Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}`
}
}).then(dbRes => dbRes.json()).then(dbRes => {
if (dbRes.status == 404) { // If document containing mailjet auth keys does not exist console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 401`) // Log the request
console.log(`ERROR: Could not find apiauthkeys/${globalConfig.mailjet.authKeysDoc}`) rres.sendStatus(401) // Return 401 Unauthorized
rres.sendStatus(500) // Refuse request
} else {
if (dbRes["content"][rreq.get("Authorization").split("_")[0]] === rreq.get("Authorization").split("_")[1]) {
// 2024-05-11: Turbo bodge check to make sure request JSON is valid, probably wont work but whatever } else if (authRes === true) { // If the authorization was valid, continue function
if (rreq.body == undefined || rreq.body.recipient == undefined) {
console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 400 KEY:${rreq.get("Authorization").split("_")[1]}`)
rres.sendStatus(400)
} else {
let message = { // 2024-05-11: Turbo bodge check to make sure request JSON is valid, probably wont work but whatever
"Messages": [ if (rreq.body == undefined || rreq.body.recipient == undefined) {
{ console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 400 KEY:${rreq.get("Authorization").split("_")[0]}`)
"From": { rres.sendStatus(400)
"Email": globalConfig.mailjet.senderAddress, } else {
"Name": globalConfig.mailjet.senderName,
},
"To": [
{
"Email": rreq.body.recipient,
}
],
"Subject": rreq.body.subject || "Request did not include a subject.", let message = {
"TextPart": rreq.body.message || "Request did not include a message.", "Messages": [
} {
] "From": {
} "Email": globalConfig.mailjet.senderAddress,
"Name": globalConfig.mailjet.senderName,
},
"To": [
{
"Email": rreq.body.recipient,
}
],
fetch("https://api.mailjet.com/v3.1/send", { "Subject": rreq.body.subject || "Request did not include a subject.",
method: "POST", "TextPart": rreq.body.message || "Request did not include a message.",
headers: {
"Authorization": `Basic ${btoa(globalConfig.mailjet.apiKey)}`,
"Content-Type": "application/json"
},
body: JSON.stringify(message)
}).then(fetchRes => {
if (fetchRes.status == 200) {
console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 200 KEY:${rreq.get("Authorization").split("_")[1]}`)
rres.sendStatus(200)
} else {
console.log(`Mailjet Fetch returned result other than OK: ${fetchRes.status} ${fetchRes.statusText}`)
rres.sendStatus(500)
} }
}) ]
} }
fetch("https://api.mailjet.com/v3.1/send", {
method: "POST",
} else { headers: {
console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 401`) // log ip of unauthorized requests "Authorization": `Basic ${btoa(globalConfig.mailjet.apiKey)}`,
rres.sendStatus(401) // received auth key was not in database "Content-Type": "application/json"
},
body: JSON.stringify(message)
}).then(fetchRes => {
if (fetchRes.status == 200) {
console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 200 KEY:${rreq.get("Authorization").split("_")[1]}`)
rres.sendStatus(200)
} else {
console.log(`Mailjet Fetch returned result other than OK: ${fetchRes.status} ${fetchRes.statusText}`)
rres.sendStatus(500)
}
})
} }
} }
}) })