2022-02-27 03:07:39 +01:00
|
|
|
import Koa from 'koa';
|
2016-12-28 23:49:51 +01:00
|
|
|
|
2022-07-02 08:12:11 +02:00
|
|
|
import { User } from '@/models/entities/user.js';
|
|
|
|
import { UserIps } from '@/models/index.js';
|
|
|
|
import { fetchMeta } from '@/misc/fetch-meta.js';
|
2022-02-27 03:07:39 +01:00
|
|
|
import { IEndpoint } from './endpoints.js';
|
|
|
|
import authenticate, { AuthenticationError } from './authenticate.js';
|
|
|
|
import call from './call.js';
|
|
|
|
import { ApiError } from './error.js';
|
2016-12-28 23:49:51 +01:00
|
|
|
|
2022-07-02 08:12:11 +02:00
|
|
|
const userIpHistories = new Map<User['id'], Set<string>>();
|
|
|
|
|
|
|
|
setInterval(() => {
|
|
|
|
userIpHistories.clear();
|
|
|
|
}, 1000 * 60 * 60);
|
|
|
|
|
2022-02-19 06:05:32 +01:00
|
|
|
export default (endpoint: IEndpoint, ctx: Koa.Context) => new Promise<void>((res) => {
|
2022-06-25 11:26:31 +02:00
|
|
|
const body = ctx.is('multipart/form-data')
|
2022-06-26 10:38:50 +02:00
|
|
|
? (ctx.request as any).body
|
2022-06-25 11:26:31 +02:00
|
|
|
: ctx.method === 'GET'
|
|
|
|
? ctx.query
|
|
|
|
: ctx.request.body;
|
2018-04-13 04:44:39 +02:00
|
|
|
|
2019-02-22 03:46:58 +01:00
|
|
|
const reply = (x?: any, y?: ApiError) => {
|
|
|
|
if (x == null) {
|
2018-04-12 23:06:18 +02:00
|
|
|
ctx.status = 204;
|
2021-01-11 12:38:34 +01:00
|
|
|
} else if (typeof x === 'number' && y) {
|
2018-04-12 23:06:18 +02:00
|
|
|
ctx.status = x;
|
2019-02-23 07:45:03 +01:00
|
|
|
ctx.body = {
|
|
|
|
error: {
|
2019-04-12 18:43:22 +02:00
|
|
|
message: y!.message,
|
|
|
|
code: y!.code,
|
|
|
|
id: y!.id,
|
|
|
|
kind: y!.kind,
|
2021-12-09 15:58:30 +01:00
|
|
|
...(y!.info ? { info: y!.info } : {}),
|
|
|
|
},
|
2019-02-23 07:45:03 +01:00
|
|
|
};
|
2018-04-11 10:40:01 +02:00
|
|
|
} else {
|
2021-01-11 12:38:34 +01:00
|
|
|
// 文字列を返す場合は、JSON.stringify通さないとJSONと認識されない
|
|
|
|
ctx.body = typeof x === 'string' ? JSON.stringify(x) : x;
|
2018-04-11 10:40:01 +02:00
|
|
|
}
|
2019-02-22 06:46:49 +01:00
|
|
|
res();
|
2018-04-11 10:40:01 +02:00
|
|
|
};
|
|
|
|
|
2017-02-27 08:14:41 +01:00
|
|
|
// Authentication
|
2022-07-18 17:41:08 +02:00
|
|
|
// for GET requests, do not even pass on the body parameter as it is considered unsafe
|
|
|
|
authenticate(ctx.headers.authorization, ctx.method === 'GET' ? null : body['i']).then(([user, app]) => {
|
2019-02-22 06:46:49 +01:00
|
|
|
// API invoking
|
2022-01-30 17:40:27 +01:00
|
|
|
call(endpoint.name, user, app, body, ctx).then((res: any) => {
|
2022-06-25 11:26:31 +02:00
|
|
|
if (ctx.method === 'GET' && endpoint.meta.cacheSec && !body['i'] && !user) {
|
|
|
|
ctx.set('Cache-Control', `public, max-age=${endpoint.meta.cacheSec}`);
|
|
|
|
}
|
2019-02-22 06:46:49 +01:00
|
|
|
reply(res);
|
2019-04-12 18:43:22 +02:00
|
|
|
}).catch((e: ApiError) => {
|
2020-04-04 01:46:54 +02:00
|
|
|
reply(e.httpStatusCode ? e.httpStatusCode : e.kind === 'client' ? 400 : 500, e);
|
2019-02-22 06:46:49 +01:00
|
|
|
});
|
2022-07-02 08:12:11 +02:00
|
|
|
|
|
|
|
// Log IP
|
|
|
|
if (user) {
|
|
|
|
fetchMeta().then(meta => {
|
|
|
|
if (!meta.enableIpLogging) return;
|
|
|
|
const ip = ctx.ip;
|
|
|
|
const ips = userIpHistories.get(user.id);
|
|
|
|
if (ips == null || !ips.has(ip)) {
|
|
|
|
if (ips == null) {
|
|
|
|
userIpHistories.set(user.id, new Set([ip]));
|
|
|
|
} else {
|
|
|
|
ips.add(ip);
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
2022-07-10 04:02:46 +02:00
|
|
|
UserIps.createQueryBuilder().insert().values({
|
2022-07-02 08:12:11 +02:00
|
|
|
createdAt: new Date(),
|
|
|
|
userId: user.id,
|
|
|
|
ip: ip,
|
2022-07-10 04:02:46 +02:00
|
|
|
}).orIgnore(true).execute();
|
2022-07-02 08:12:11 +02:00
|
|
|
} catch {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
2021-07-17 17:53:16 +02:00
|
|
|
}).catch(e => {
|
|
|
|
if (e instanceof AuthenticationError) {
|
|
|
|
reply(403, new ApiError({
|
|
|
|
message: 'Authentication failed. Please ensure your token is correct.',
|
|
|
|
code: 'AUTHENTICATION_FAILED',
|
2021-12-09 15:58:30 +01:00
|
|
|
id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14',
|
2021-07-17 17:53:16 +02:00
|
|
|
}));
|
|
|
|
} else {
|
|
|
|
reply(500, new ApiError());
|
|
|
|
}
|
2019-02-22 06:46:49 +01:00
|
|
|
});
|
|
|
|
});
|