hippofish/packages/backend/src/server/api/api-handler.ts

import type Koa from "koa";

import type { User } from "@/models/entities/user.js";
import { UserIps } from "@/models/index.js";
import { fetchMeta } from "@/misc/fetch-meta.js";
import type { IEndpoint } from "./endpoints.js";
import authenticate, { AuthenticationError } from "./authenticate.js";
import call from "./call.js";
import { ApiError } from "./error.js";

const userIpHistories = new Map<User["id"], Set<string>>();

setInterval(() => {
	userIpHistories.clear();
}, 1000 * 60 * 60);

export default (endpoint: IEndpoint, ctx: Koa.Context) =>
	new Promise<void>((res) => {
		const body = ctx.is("multipart/form-data")
			? (ctx.request as any).body
			: ctx.method === "GET"
			? ctx.query
			: ctx.request.body;

		const reply = (x?: any, y?: ApiError) => {
			if (x == null) {
				ctx.status = 204;
			} else if (typeof x === "number" && y) {
				ctx.status = x;
				ctx.body = {
					error: {
						message: y!.message,
						code: y!.code,
						id: y!.id,
						kind: y!.kind,
						...((y!.info && process.env.NODE_ENV !== "production") ? { info: y!.info } : {}),
					},
				};
			} else {
				// 文字列を返す場合は、JSON.stringify通さないとJSONと認識されない
				ctx.body = typeof x === "string" ? JSON.stringify(x) : x;
			}
			res();
		};

		// Authentication
		// for GET requests, do not even pass on the body parameter as it is considered unsafe
		authenticate(
			ctx.headers.authorization,
			ctx.method === "GET" ? null : body["i"],
		)
			.then(([user, app]) => {
				// API invoking
				call(endpoint.name, user, app, body, ctx)
					.then((res: any) => {
						if (
							ctx.method === "GET" &&
							endpoint.meta.cacheSec &&
							!body["i"] &&
							!user
						) {
							ctx.set(
								"Cache-Control",
								`public, max-age=${endpoint.meta.cacheSec}`,
							);
						}
						reply(res);
					})
					.catch((e: ApiError) => {
						reply(
							e.httpStatusCode
								? e.httpStatusCode
								: e.kind === "client"
								? 400
								: 500,
							e,
						);
					});

				// Log IP
				if (user) {
					fetchMeta().then((meta) => {
						if (!meta.enableIpLogging) return;
						const ip = ctx.ip;
						const ips = userIpHistories.get(user.id);
						if (ips == null || !ips.has(ip)) {
							if (ips == null) {
								userIpHistories.set(user.id, new Set([ip]));
							} else {
								ips.add(ip);
							}

							try {
								UserIps.createQueryBuilder()
									.insert()
									.values({
										createdAt: new Date(),
										userId: user.id,
										ip: ip,
									})
									.orIgnore(true)
									.execute();
							} catch {}
						}
					});
				}
			})
			.catch((e) => {
				if (e instanceof AuthenticationError) {
					ctx.response.status = 403;
					ctx.response.set("WWW-Authenticate", "Bearer");
					ctx.response.body = {
						message: `Authentication failed: ${e.message}`,
						code: "AUTHENTICATION_FAILED",
						id: "b0a7f5f8-dc2f-4171-b91f-de88ad238e14",
						kind: "client",
					};
					res();
				} else {
					reply(500, new ApiError());
				}
			});
	});
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`import type Koa from "koa";`
Initial commit :four_leaf_clover: 2016-12-28 23:49:51 +01:00
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`import type { User } from "@/models/entities/user.js";`
			`import { UserIps } from "@/models/index.js";`
			`import { fetchMeta } from "@/misc/fetch-meta.js";`
			`import type { IEndpoint } from "./endpoints.js";`
			`import authenticate, { AuthenticationError } from "./authenticate.js";`
			`import call from "./call.js";`
			`import { ApiError } from "./error.js";`
Initial commit :four_leaf_clover: 2016-12-28 23:49:51 +01:00
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`const userIpHistories = new Map<User["id"], Set<string>>();`
feat: Log user ips (#8872) * wip * store ip and headers * Update admin-file.vue * require admin for view ip/headers * IP (recent) 消した * admin必須 * opt in * clean ips periodically * respect logging setting in drive/files/create 2022-07-02 08:12:11 +02:00
			`setInterval(() => {`
			`userIpHistories.clear();`
			`}, 1000 * 60 * 60);`

refactor: :art: rome 2023-01-13 05:40:33 +01:00			`export default (endpoint: IEndpoint, ctx: Koa.Context) =>`
			`new Promise<void>((res) => {`
			`const body = ctx.is("multipart/form-data")`
			`? (ctx.request as any).body`
			`: ctx.method === "GET"`
feat: allow GET for some endpoints Resolve #8263 2022-06-25 11:26:31 +02:00			`? ctx.query`
			`: ctx.request.body;`
wip 2018-04-13 04:44:39 +02:00
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`const reply = (x?: any, y?: ApiError) => {`
			`if (x == null) {`
			`ctx.status = 204;`
			`} else if (typeof x === "number" && y) {`
			`ctx.status = x;`
			`ctx.body = {`
			`error: {`
			`message: y!.message,`
			`code: y!.code,`
			`id: y!.id,`
			`kind: y!.kind,`
Don't leak error details (including the stack trace) upon API call failure to client in production 2023-07-21 21:32:39 +02:00			`...((y!.info && process.env.NODE_ENV !== "production") ? { info: y!.info } : {}),`
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`},`
			`};`
			`} else {`
			`// 文字列を返す場合は、JSON.stringify通さないとJSONと認識されない`
			`ctx.body = typeof x === "string" ? JSON.stringify(x) : x;`
feat: allow GET for some endpoints Resolve #8263 2022-06-25 11:26:31 +02:00			`}`
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`res();`
			`};`

			`// Authentication`
			`// for GET requests, do not even pass on the body parameter as it is considered unsafe`
			`authenticate(`
			`ctx.headers.authorization,`
			`ctx.method === "GET" ? null : body["i"],`
			`)`
			`.then(([user, app]) => {`
			`// API invoking`
			`call(endpoint.name, user, app, body, ctx)`
			`.then((res: any) => {`
			`if (`
			`ctx.method === "GET" &&`
			`endpoint.meta.cacheSec &&`
			`!body["i"] &&`
			`!user`
			`) {`
			`ctx.set(`
			`"Cache-Control",`
			`public, max-age=${endpoint.meta.cacheSec}`,
			`);`
			`}`
			`reply(res);`
			`})`
			`.catch((e: ApiError) => {`
			`reply(`
			`e.httpStatusCode`
			`? e.httpStatusCode`
			`: e.kind === "client"`
			`? 400`
			`: 500,`
			`e,`
			`);`
			`});`
feat: Log user ips (#8872) * wip * store ip and headers * Update admin-file.vue * require admin for view ip/headers * IP (recent) 消した * admin必須 * opt in * clean ips periodically * respect logging setting in drive/files/create 2022-07-02 08:12:11 +02:00
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`// Log IP`
			`if (user) {`
			`fetchMeta().then((meta) => {`
			`if (!meta.enableIpLogging) return;`
			`const ip = ctx.ip;`
			`const ips = userIpHistories.get(user.id);`
			`if (ips == null \|\| !ips.has(ip)) {`
			`if (ips == null) {`
			`userIpHistories.set(user.id, new Set([ip]));`
			`} else {`
			`ips.add(ip);`
			`}`
feat: Log user ips (#8872) * wip * store ip and headers * Update admin-file.vue * require admin for view ip/headers * IP (recent) 消した * admin必須 * opt in * clean ips periodically * respect logging setting in drive/files/create 2022-07-02 08:12:11 +02:00
refactor: :art: rome 2023-01-13 05:40:33 +01:00			`try {`
			`UserIps.createQueryBuilder()`
			`.insert()`
			`.values({`
			`createdAt: new Date(),`
			`userId: user.id,`
			`ip: ip,`
			`})`
			`.orIgnore(true)`
			`.execute();`
			`} catch {}`
			`}`
			`});`
			`}`
			`})`
			`.catch((e) => {`
			`if (e instanceof AuthenticationError) {`
			`ctx.response.status = 403;`
			`ctx.response.set("WWW-Authenticate", "Bearer");`
			`ctx.response.body = {`
			message: `Authentication failed: ${e.message}`,
			`code: "AUTHENTICATION_FAILED",`
			`id: "b0a7f5f8-dc2f-4171-b91f-de88ad238e14",`
			`kind: "client",`
			`};`
			`res();`
			`} else {`
			`reply(500, new ApiError());`
feat: Log user ips (#8872) * wip * store ip and headers * Update admin-file.vue * require admin for view ip/headers * IP (recent) 消した * admin必須 * opt in * clean ips periodically * respect logging setting in drive/files/create 2022-07-02 08:12:11 +02:00			`}`
			`});`
Refactor 2019-02-22 06:46:49 +01:00			`});`