diff options
| author | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2021-08-13 12:59:59 +0200 |
|---|---|---|
| committer | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2021-08-13 12:59:59 +0200 |
| commit | 3715807cf7bc1745dc76c735bf7f4006faff350e (patch) | |
| tree | 3d2b38a2c0889a6e5019c06ad150711237dff48f /api/src/middlewares | |
| parent | :sparkles: server bundle (diff) | |
| download | server-3715807cf7bc1745dc76c735bf7f4006faff350e.tar.xz | |
rename @fosscord/server-util to -> @fosscord/util
Diffstat (limited to 'api/src/middlewares')
| -rw-r--r-- | api/src/middlewares/Authentication.ts | 21 | ||||
| -rw-r--r-- | api/src/middlewares/ErrorHandler.ts | 2 | ||||
| -rw-r--r-- | api/src/middlewares/RateLimit.ts | 21 | ||||
| -rw-r--r-- | api/src/middlewares/TestClient.ts | 2 |
4 files changed, 24 insertions, 22 deletions
diff --git a/api/src/middlewares/Authentication.ts b/api/src/middlewares/Authentication.ts index 01b7ef57..00cd9ea7 100644 --- a/api/src/middlewares/Authentication.ts +++ b/api/src/middlewares/Authentication.ts @@ -1,15 +1,15 @@ import { NextFunction, Request, Response } from "express"; import { HTTPError } from "lambert-server"; -import { checkToken, Config } from "@fosscord/server-util"; +import { checkToken, Config } from "@fosscord/util"; export const NO_AUTHORIZATION_ROUTES = [ - /^\/api(\/v\d+)?\/auth\/login/, - /^\/api(\/v\d+)?\/auth\/register/, - /^\/api(\/v\d+)?\/webhooks\//, - /^\/api(\/v\d+)?\/ping/, - /^\/api(\/v\d+)?\/gateway/, - /^\/api(\/v\d+)?\/experiments/, - /^\/api(\/v\d+)?\/guilds\/\d+\/widget\.(json|png)/ + "/auth/login", + "/auth/register", + "/webhooks/", + "/ping", + "/gateway", + "/experiments" + // /^\/api(\/v\d+)?\/guilds\/\d+\/widget\.(json|png)/ ]; export const API_PREFIX = /^\/api(\/v\d+)?/; @@ -24,13 +24,14 @@ declare global { } } } +// TODO wenn client offen ist, wird http://localhost:8080/api/v9/users/@me/guild-events blockiert? export async function Authentication(req: Request, res: Response, next: NextFunction) { if (req.method === "OPTIONS") return res.sendStatus(204); if (!req.url.startsWith("/api")) return next(); const apiPath = req.url.replace(API_PREFIX, ""); - if (apiPath.startsWith("/invites") && req.method === "GET") return next(); - if (NO_AUTHORIZATION_ROUTES.some((x) => x.test(req.url))) return next(); + if (apiPath.startsWith("/invites") && req.method === "GET") return next(); // @ts-ignore + if (NO_AUTHORIZATION_ROUTES.some((x) => apiPath.startsWith(x) || x.test?.(req.url))) return next(); if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401)); try { diff --git a/api/src/middlewares/ErrorHandler.ts b/api/src/middlewares/ErrorHandler.ts index 2e6b1d8b..04d56026 100644 --- a/api/src/middlewares/ErrorHandler.ts +++ b/api/src/middlewares/ErrorHandler.ts @@ -25,8 +25,6 @@ export function ErrorHandler(error: Error, req: Request, res: Response, next: Ne if (httpcode > 511) httpcode = 400; res.status(httpcode).json({ code: code, message, errors }); - - return; } catch (error) { console.error(error); return res.status(500).json({ code: 500, message: "Internal Server Error" }); diff --git a/api/src/middlewares/RateLimit.ts b/api/src/middlewares/RateLimit.ts index c8fdeba2..a1bb0c44 100644 --- a/api/src/middlewares/RateLimit.ts +++ b/api/src/middlewares/RateLimit.ts @@ -1,16 +1,17 @@ -import { db, MongooseCache, Bucket, Config } from "@fosscord/server-util"; +// @ts-nocheck +import { db, Bucket, Config } from "@fosscord/util"; import { NextFunction, Request, Response, Router } from "express"; import { getIpAdress } from "../util/ipAddress"; import { API_PREFIX_TRAILING_SLASH } from "./Authentication"; -const Cache = new MongooseCache( - db.collection("ratelimits"), - [ - // TODO: uncomment $match and fix error: not receiving change events - // { $match: { blocked: true } } - ], - { onlyEvents: false, array: true } -); +// const Cache = new MongooseCache( +// db.collection("ratelimits"), +// [ +// // TODO: uncomment $match and fix error: not receiving change events +// // { $match: { blocked: true } } +// ], +// { onlyEvents: false, array: true } +// ); // Docs: https://discord.com/developers/docs/topics/rate-limits @@ -31,6 +32,7 @@ TODO: use config values */ +// TODO: FIX with new event handling export default function RateLimit(opts: { bucket?: string; window: number; @@ -44,6 +46,7 @@ export default function RateLimit(opts: { success?: boolean; onlyIp?: boolean; }): any { + return (req, res, next) => next(); Cache.init(); // will only initalize it once return async (req: Request, res: Response, next: NextFunction): Promise<any> => { diff --git a/api/src/middlewares/TestClient.ts b/api/src/middlewares/TestClient.ts index 4e3c9de3..45b8a072 100644 --- a/api/src/middlewares/TestClient.ts +++ b/api/src/middlewares/TestClient.ts @@ -4,7 +4,7 @@ import { HTTPError } from "lambert-server"; import fs from "fs"; import path from "path"; import fetch, { Response as FetchResponse } from "node-fetch"; -import { Config } from "@fosscord/server-util"; +import { Config } from "@fosscord/util"; export default function TestClient(app: Application) { const assetCache = new Map<string, { response: FetchResponse; buffer: Buffer }>(); |