move authorization code into new file

liberals/authorization.js

@@ -0,0 +1,38 @@
+const { globalConfig } = require("../index.js")
+
+async function checkAuthorization(documentToUse,keyToCheck) {
+    return await fetch(`http://${globalConfig.couchdb.host}/apiauthkeys/${documentToUse}`, {
+        headers: {
+            "Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}`
+        }
+    }).then(fetchRes => {
+
+        if (fetchRes.status === 404) { // If document doesnt exist fail gracefully
+
+            console.log("ERROR: Failed to check authorization: Requested document returned 404")
+            return false
+
+        } else if (fetchRes.status === 401) { // If couchdb is reporting unauthorized fail gracefully
+
+            console.log("ERROR: Failed to check authorization: Database authorization is incorrect")
+            return false
+
+        } else {
+            return fetchRes.json().then(dbRes => { // Get response json and check it
+
+                if (dbRes["content"][keyToCheck.split("_")[0]] === keyToCheck.split("_")[1]) {
+                    return true
+                } else {
+                    return false
+                }
+
+            })
+        }
+
+    }).catch(error => {
+        console.log("ERROR: Failed to check authorization: " + error)
+        return false
+    })
+}
+
+module.exports = {checkAuthorization}

routes/mailjet.js

@@ -1,22 +1,19 @@
-const { app, db, globalConfig } = require("../index.js") // Get globals from index
+const { app, globalConfig } = require("../index.js") // Get globals from index
+const { checkAuthorization } = require("../liberals/authorization.js")
 
 app.post("/sendemail", (rreq,rres) => {
 
-    fetch(`http://${globalConfig.couchdb.host}/apiauthkeys/${globalConfig.mailjet.authKeysDoc}`, {
-        headers: {
-            "Authorization": `Basic ${btoa(globalConfig.couchdb.authorization)}`
-        }
-    }).then(dbRes => dbRes.json()).then(dbRes => {
+    checkAuthorization(globalConfig.mailjet.authKeysDoc,rreq.get("Authorization")).then(authRes => {
+        if (authRes === false) { // If the supplied authorization is invalid or an error occured
 
-        if (dbRes.status == 404) { // If document containing mailjet auth keys does not exist
-            console.log(`ERROR: Could not find apiauthkeys/${globalConfig.mailjet.authKeysDoc}`)
-            rres.sendStatus(500) // Refuse request
-        } else {
-            if (dbRes["content"][rreq.get("Authorization").split("_")[0]] === rreq.get("Authorization").split("_")[1]) {
+            console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 401`) // Log the request
+            rres.sendStatus(401) // Return 401 Unauthorized
+
+        } else if (authRes === true) { // If the authorization was valid, continue function
 
             // 2024-05-11: Turbo bodge check to make sure request JSON is valid, probably wont work but whatever
             if (rreq.body == undefined || rreq.body.recipient == undefined) {
-                    console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 400 KEY:${rreq.get("Authorization").split("_")[1]}`)
+                console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 400 KEY:${rreq.get("Authorization").split("_")[0]}`)
                 rres.sendStatus(400)
             } else {
                 
@@ -56,13 +53,6 @@ app.post("/sendemail", (rreq,rres) => {
                     }
                 })
             }
-
-                
-
-            } else {
-                console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 401`) // log ip of unauthorized requests
-                rres.sendStatus(401) // received auth key was not in database
-            }
         }
     })