admin/cobalt
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

api: raw stream status responses, clean up core

Browse Source
This commit is contained in:
wukko
2024-05-15 22:28:09 +06:00
parent 13524a4aa1
commit 98e05368ed
3 changed files with 98 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

165
src/core/api.js
View File

@@ -16,10 +16,10 @@ import { verifyStream, getInternalStream } from "../modules/stream/manage.js";
import { extract } from "../modules/processing/url.js";
export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
const corsConfig = !env.corsWildcard ? {
const corsConfig = env.corsWildcard ? {} : {
origin: env.corsURL,
optionsSuccessStatus: 200
} : {};
};
const apiLimiter = rateLimit({
windowMs: 60000,
@@ -33,7 +33,8 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
"text": loc(languageCode(req), 'ErrorRateLimit')
});
}
});
})
const apiLimiterStream = rateLimit({
windowMs: 60000,
max: 25,
@@ -41,12 +42,9 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
legacyHeaders: false,
keyGenerator: req => generateHmac(getIP(req), ipSalt),
handler: (req, res) => {
return res.status(429).json({
"status": "rate-limit",
"text": loc(languageCode(req), 'ErrorRateLimit')
});
return res.sendStatus(429)
}
});
})
const startTime = new Date();
const startTimestamp = startTime.getTime();
@@ -56,7 +54,7 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
app.use('/api/:type', cors({
methods: ['GET', 'POST'],
...corsConfig
}));
}))
app.use('/api/json', apiLimiter);
app.use('/api/stream', apiLimiterStream);
@@ -65,27 +63,27 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
app.use((req, res, next) => {
try { decodeURIComponent(req.path) } catch (e) { return res.redirect('/') }
next();
});
})
app.use('/api/json', express.json({
verify: (req, res, buf) => {
let acceptCon = String(req.header('Accept')) === "application/json";
if (acceptCon) {
const acceptHeader = String(req.header('Accept')) === "application/json";
if (acceptHeader) {
if (buf.length > 720) throw new Error();
JSON.parse(buf);
} else {
throw new Error();
}
}
}));
}))
// handle express.json errors properly (https://github.com/expressjs/express/issues/4065)
app.use('/api/json', (err, req, res, next) => {
let errorText = "invalid json body";
let acceptCon = String(req.header('Accept')) !== "application/json";
const errorText = "invalid json body";
const acceptHeader = String(req.header('Accept')) !== "application/json";
if (err || acceptCon) {
if (acceptCon) errorText = "invalid accept header";
if (err || acceptHeader) {
if (acceptHeader) errorText = "invalid accept header";
return res.status(400).json({
status: "error",
text: errorText
@@ -93,12 +91,14 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
} else {
next();
}
});
})
const acceptRegex = /^application\/json(; charset=utf-8)?$/;
app.post('/api/json', async (req, res) => {
const request = req.body;
const lang = languageCode(req);
const fail = (t) => {
const { status, body } = createResponse("error", { t: loc(lang, t) });
res.status(status).json(body);
@@ -132,80 +132,83 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
} catch {
fail('ErrorSomethingWentWrong');
}
});
})
app.get('/api/:type', (req, res) => {
try {
let j;
switch (req.params.type) {
case 'stream':
const q = req.query;
const checkQueries = q.t && q.e && q.h && q.s && q.i;
const checkBaseLength = q.t.length === 21 && q.e.length === 13;
const checkSafeLength = q.h.length === 43 && q.s.length === 43 && q.i.length === 22;
if (checkQueries && checkBaseLength && checkSafeLength) {
if (q.p) {
return res.status(200).json({
status: "continue"
})
}
let streamInfo = verifyStream(q.t, q.h, q.e, q.s, q.i);
if (streamInfo.error) {
return res.status(streamInfo.status).json(apiJSON(0, { t: streamInfo.error }).body);
}
return stream(res, streamInfo);
}
app.get('/api/stream', (req, res) => {
const id = String(req.query.id);
const exp = String(req.query.exp);
const sig = String(req.query.sig);
const sec = String(req.query.sec);
const iv = String(req.query.iv);
j = apiJSON(0, {
t: "bad request. stream link may be incomplete or corrupted."
})
return res.status(j.status).json(j.body);
case 'istream':
if (!req.ip.endsWith('127.0.0.1'))
return res.sendStatus(403);
if (('' + req.query.t).length !== 21)
return res.sendStatus(400);
let streamInfo = getInternalStream(req.query.t);
if (!streamInfo) return res.sendStatus(404);
streamInfo.headers = req.headers;
return stream(res, { type: 'internal', ...streamInfo });
case 'serverInfo':
return res.status(200).json({
version: version,
commit: gitCommit,
branch: gitBranch,
name: env.apiName,
url: env.apiURL,
cors: Number(env.corsWildcard),
startTime: `${startTimestamp}`
});
default:
j = apiJSON(0, {
t: "unknown response type"
})
return res.status(j.status).json(j.body);
const checkQueries = id && exp && sig && sec && iv;
const checkBaseLength = id.length === 21 && exp.length === 13;
const checkSafeLength = sig.length === 43 && sec.length === 43 && iv.length === 22;
if (checkQueries && checkBaseLength && checkSafeLength) {
// rate limit probe, will not return json after 8.0
if (req.query.p) {
return res.status(200).json({
status: "continue"
})
}
try {
const streamInfo = verifyStream(id, sig, exp, sec, iv);
if (!streamInfo?.service) {
return res.sendStatus(streamInfo.status);
}
return stream(res, streamInfo);
} catch {
return res.destroy();
}
} catch (e) {
return res.status(500).json({
status: "error",
text: loc(languageCode(req), 'ErrorCantProcess')
});
}
});
return res.sendStatus(400);
})
app.get('/api/istream', (req, res) => {
try {
if (!req.ip.endsWith('127.0.0.1'))
return res.sendStatus(403);
if (String(req.query.id).length !== 21)
return res.sendStatus(400);
const streamInfo = getInternalStream(req.query.id);
if (!streamInfo) return res.sendStatus(404);
streamInfo.headers = req.headers;
return stream(res, { type: 'internal', ...streamInfo });
} catch {
return res.destroy();
}
})
app.get('/api/serverInfo', (req, res) => {
try {
return res.status(200).json({
version: version,
commit: gitCommit,
branch: gitBranch,
name: env.apiName,
url: env.apiURL,
cors: Number(env.corsWildcard),
startTime: `${startTimestamp}`
});
} catch {
return res.destroy();
}
})
app.get('/api/status', (req, res) => {
res.status(200).end()
});
})
app.get('/favicon.ico', (req, res) => {
res.sendFile(`${__dirname}/src/front/icons/favicon.ico`)
});
})
app.get('/*', (req, res) => {
res.redirect('/api/json')
});
res.redirect('/api/serverInfo')
})
app.listen(env.apiPort, env.listenAddress, () => {
console.log(`\n` +
@@ -214,5 +217,5 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
`URL: ${Cyan(`${env.apiURL}`)}\n` +
`Port: ${env.apiPort}\n`
)
});
})
}