enstrayed/enstrayedapi
1
0
Fork 0
Code Issues Pull Requests Projects Wiki Activity

move authorization code into new file

Browse Source
This commit is contained in:
Enstrayed
2024-06-12 20:21:14 -07:00
parent c615d9c3f9
commit e5ab498161
2 changed files with 84 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
liberals/authorization.js Normal file
View File

@@ -0,0 +1,38 @@
const { globalConfig } = require("../index.js")
async function checkAuthorization(documentToUse,keyToCheck) {
return await fetch(`http://${globalConfig.couchdb.host}/apiauthkeys/${documentToUse}`, {
headers: {
"Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}`
}
}).then(fetchRes => {
if (fetchRes.status === 404) { // If document doesnt exist fail gracefully
console.log("ERROR: Failed to check authorization: Requested document returned 404")
return false
} else if (fetchRes.status === 401) { // If couchdb is reporting unauthorized fail gracefully
console.log("ERROR: Failed to check authorization: Database authorization is incorrect")
return false
} else {
return fetchRes.json().then(dbRes => { // Get response json and check it
if (dbRes["content"][keyToCheck.split("_")[0]] === keyToCheck.split("_")[1]) {
return true
} else {
return false
}
})
}
}).catch(error => {
console.log("ERROR: Failed to check authorization: " + error)
return false
})
}
module.exports = {checkAuthorization}

102
routes/mailjet.js
View File

@@ -1,67 +1,57 @@
const { app, db, globalConfig } = require("../index.js") // Get globals from index const { app, globalConfig } = require("../index.js") // Get globals from index
const { checkAuthorization } = require("../liberals/authorization.js")
app.post("/sendemail", (rreq,rres) => { app.post("/sendemail", (rreq,rres) => {
fetch(`http://${globalConfig.couchdb.host}/apiauthkeys/${globalConfig.mailjet.authKeysDoc}`, { checkAuthorization(globalConfig.mailjet.authKeysDoc,rreq.get("Authorization")).then(authRes => {
headers: { if (authRes === false) { // If the supplied authorization is invalid or an error occured
"Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}`
}
}).then(dbRes => dbRes.json()).then(dbRes => {
if (dbRes.status == 404) { // If document containing mailjet auth keys does not exist console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 401`) // Log the request
console.log(`ERROR: Could not find apiauthkeys/${globalConfig.mailjet.authKeysDoc}`) rres.sendStatus(401) // Return 401 Unauthorized
rres.sendStatus(500) // Refuse request
} else {
if (dbRes["content"][rreq.get("Authorization").split("_")[0]] === rreq.get("Authorization").split("_")[1]) {
// 2024-05-11: Turbo bodge check to make sure request JSON is valid, probably wont work but whatever } else if (authRes === true) { // If the authorization was valid, continue function
if (rreq.body == undefined || rreq.body.recipient == undefined) {
console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 400 KEY:${rreq.get("Authorization").split("_")[1]}`) // 2024-05-11: Turbo bodge check to make sure request JSON is valid, probably wont work but whatever
rres.sendStatus(400) if (rreq.body == undefined || rreq.body.recipient == undefined) {
} else { console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 400 KEY:${rreq.get("Authorization").split("_")[0]}`)
rres.sendStatus(400)
let message = { } else {
"Messages": [
{ let message = {
"From": { "Messages": [
"Email": globalConfig.mailjet.senderAddress, {
"Name": globalConfig.mailjet.senderName, "From": {
}, "Email": globalConfig.mailjet.senderAddress,
"To": [ "Name": globalConfig.mailjet.senderName,
{ },
"Email": rreq.body.recipient, "To": [
} {
], "Email": rreq.body.recipient,
}
"Subject": rreq.body.subject || "Request did not include a subject.", ],
"TextPart": rreq.body.message || "Request did not include a message.",
} "Subject": rreq.body.subject || "Request did not include a subject.",
] "TextPart": rreq.body.message || "Request did not include a message.",
}
fetch("https://api.mailjet.com/v3.1/send", {
method: "POST",
headers: {
"Authorization": `Basic ${btoa(globalConfig.mailjet.apiKey)}`,
"Content-Type": "application/json"
},
body: JSON.stringify(message)
}).then(fetchRes => {
if (fetchRes.status == 200) {
console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 200 KEY:${rreq.get("Authorization").split("_")[1]}`)
rres.sendStatus(200)
} else {
console.log(`Mailjet Fetch returned result other than OK: ${fetchRes.status} ${fetchRes.statusText}`)
rres.sendStatus(500)
} }
}) ]
} }
fetch("https://api.mailjet.com/v3.1/send", {
method: "POST",
} else { headers: {
console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 401`) // log ip of unauthorized requests "Authorization": `Basic ${btoa(globalConfig.mailjet.apiKey)}`,
rres.sendStatus(401) // received auth key was not in database "Content-Type": "application/json"
},
body: JSON.stringify(message)
}).then(fetchRes => {
if (fetchRes.status == 200) {
console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 200 KEY:${rreq.get("Authorization").split("_")[1]}`)
rres.sendStatus(200)
} else {
console.log(`Mailjet Fetch returned result other than OK: ${fetchRes.status} ${fetchRes.statusText}`)
rres.sendStatus(500)
}
})
} }
} }
}) })