open-source-mirrors
/
ass
mirror of https://github.com/tycrek/ass
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: properly specify and use Magic Number HTTP codes

Browse Source
pull/197/head
tycrek 1 year ago
parent e38adcaa28
commit d91e572e82
No known key found for this signature in database
GPG Key ID: FF8A54DCE404885A
3 changed files with 25 additions and 16 deletions
Show Stats Download Patch File Download Diff File

2
MagicNumbers.json
Unescape View File

@ -3,8 +3,10 @@
"HTTPS": 443, "HTTPS": 443,
"CODE_OK": 200, "CODE_OK": 200,
"CODE_NO_CONTENT": 204, "CODE_NO_CONTENT": 204,
"CODE_BAD_REQUEST": 400,
"CODE_UNAUTHORIZED": 401, "CODE_UNAUTHORIZED": 401,
"CODE_NOT_FOUND": 404, "CODE_NOT_FOUND": 404,
"CODE_CONFLICT": 409,
"CODE_PAYLOAD_TOO_LARGE": 413, "CODE_PAYLOAD_TOO_LARGE": 413,
"CODE_UNSUPPORTED_MEDIA_TYPE": 415, "CODE_UNSUPPORTED_MEDIA_TYPE": 415,
"CODE_INTERNAL_SERVER_ERROR": 500, "CODE_INTERNAL_SERVER_ERROR": 500,

37
src/routers/api.ts
Unescape View File

@ -4,12 +4,17 @@
* - Resources * - Resources
*/ */
import { MagicNumbers } from 'ass-json';
import fs from 'fs-extra';
import { Router, Request, Response, NextFunction } from 'express'; import { Router, Request, Response, NextFunction } from 'express';
import { findFromToken, setUserPassword, users, createNewUser, deleteUser, setUserMeta, deleteUserMeta, setUsername, resetToken, verifyCliKey } from '../auth'; import { findFromToken, setUserPassword, users, createNewUser, deleteUser, setUserMeta, deleteUserMeta, setUsername, resetToken, verifyCliKey } from '../auth';
import { log } from '../utils'; import { log, path } from '../utils';
import { data } from '../data'; import { data } from '../data';
import { User } from '../types/auth'; import { User } from '../types/auth';
// Load the status codes
const { CODE_OK, CODE_BAD_REQUEST, CODE_UNAUTHORIZED, CODE_NOT_FOUND, CODE_CONFLICT, CODE_INTERNAL_SERVER_ERROR }: MagicNumbers = fs.readJsonSync(path('MagicNumbers.json'));
/** /**
* The primary API router * The primary API router
*/ */
@ -26,12 +31,12 @@ const errorHandler = (res: Response, err: Error | any) => {
let code: number; let code: number;
switch (err.message) { switch (err.message) {
case 'User not found': case 'User not found':
code = 404; break; code = CODE_NOT_FOUND; break;
case 'Meta key already exists': case 'Meta key already exists':
case 'Username already taken': case 'Username already taken':
code = 409; break; code = CODE_CONFLICT; break;
default: default:
code = 500; code = CODE_INTERNAL_SERVER_ERROR;
} }
return res.status(code).type('text').send(err.message ?? err); return res.status(code).type('text').send(err.message ?? err);
@ -43,14 +48,14 @@ const errorHandler = (res: Response, err: Error | any) => {
*/ */
const adminAuthMiddleware = (req: Request, res: Response, next: NextFunction) => { const adminAuthMiddleware = (req: Request, res: Response, next: NextFunction) => {
const user = findFromToken(req.headers.authorization ?? ''); const user = findFromToken(req.headers.authorization ?? '');
(verifyCliKey(req) || (user && user.admin)) ? next() : res.sendStatus(401); (verifyCliKey(req) || (user && user.admin)) ? next() : res.sendStatus(CODE_UNAUTHORIZED);
}; };
/** /**
* Simple function to either return JSON or a 404, so I don't have to write it 40 times. * Simple function to either return JSON or a 404, so I don't have to write it 40 times.
* @since v0.14.0 * @since v0.14.0
*/ */
const userFinder = (res: Response, user: User | undefined) => user ? res.json(user) : res.sendStatus(404); const userFinder = (res: Response, user: User | undefined) => user ? res.json(user) : res.sendStatus(CODE_NOT_FOUND);
function buildUserRouter() { function buildUserRouter() {
const userRouter = Router(); const userRouter = Router();
@ -75,7 +80,7 @@ function buildUserRouter() {
const newPassword = req.body.password; const newPassword = req.body.password;
setUserPassword(id, newPassword) setUserPassword(id, newPassword)
.then(() => res.sendStatus(200)) .then(() => res.sendStatus(CODE_OK))
.catch((err) => errorHandler(res, err)); .catch((err) => errorHandler(res, err));
}); });
@ -89,7 +94,7 @@ function buildUserRouter() {
// Block if username or password is empty, or if username is already taken // Block if username or password is empty, or if username is already taken
if (username == null || username.length === 0 || password == null || password.length == 0 || users.find(user => user.username === username)) if (username == null || username.length === 0 || password == null || password.length == 0 || users.find(user => user.username === username))
return res.sendStatus(400); return res.sendStatus(CODE_BAD_REQUEST);
createNewUser(username, password, admin, meta) createNewUser(username, password, admin, meta)
.then((user) => res.send(user)) .then((user) => res.send(user))
@ -107,7 +112,7 @@ function buildUserRouter() {
const id = req.params.id; const id = req.params.id;
deleteUser(id) deleteUser(id)
.then(() => res.sendStatus(200)) .then(() => res.sendStatus(CODE_OK))
.catch((err) => errorHandler(res, err)); .catch((err) => errorHandler(res, err));
}); });
@ -120,10 +125,10 @@ function buildUserRouter() {
const force = req.body.force ?? false; const force = req.body.force ?? false;
if (key == null || key.length === 0 || value == null || value.length === 0) if (key == null || key.length === 0 || value == null || value.length === 0)
return res.sendStatus(400); return res.sendStatus(CODE_BAD_REQUEST);
setUserMeta(id, key, value, force) setUserMeta(id, key, value, force)
.then(() => res.sendStatus(200)) .then(() => res.sendStatus(CODE_OK))
.catch((err) => errorHandler(res, err)); .catch((err) => errorHandler(res, err));
}); });
@ -134,10 +139,10 @@ function buildUserRouter() {
const key: string | undefined = req.body.key; const key: string | undefined = req.body.key;
if (key == null || key.length === 0) if (key == null || key.length === 0)
return res.sendStatus(400); return res.sendStatus(CODE_BAD_REQUEST);
deleteUserMeta(id, key) deleteUserMeta(id, key)
.then(() => res.sendStatus(200)) .then(() => res.sendStatus(CODE_OK))
.catch((err) => errorHandler(res, err)); .catch((err) => errorHandler(res, err));
}); });
@ -149,10 +154,10 @@ function buildUserRouter() {
const username: string | undefined = req.body.username; const username: string | undefined = req.body.username;
if (username == null || username.length === 0) if (username == null || username.length === 0)
return res.sendStatus(400); return res.sendStatus(CODE_BAD_REQUEST);
setUsername(id, username) setUsername(id, username)
.then(() => res.sendStatus(200)) .then(() => res.sendStatus(CODE_OK))
.catch((err) => errorHandler(res, err)); .catch((err) => errorHandler(res, err));
}); });
@ -163,7 +168,7 @@ function buildUserRouter() {
const id = req.params.id; const id = req.params.id;
resetToken(id) resetToken(id)
.then(() => res.sendStatus(200)) .then(() => res.sendStatus(CODE_OK))
.catch((err) => errorHandler(res, err)); .catch((err) => errorHandler(res, err));
}); });

2
src/types/json.d.ts vendored
Unescape View File

@ -39,8 +39,10 @@ declare module 'ass-json' {
HTTPS: number HTTPS: number
CODE_OK: number CODE_OK: number
CODE_NO_CONTENT: number CODE_NO_CONTENT: number
CODE_BAD_REQUEST: number
CODE_UNAUTHORIZED: number CODE_UNAUTHORIZED: number
CODE_NOT_FOUND: number CODE_NOT_FOUND: number
CODE_CONFLICT: number
CODE_PAYLOAD_TOO_LARGE: number CODE_PAYLOAD_TOO_LARGE: number
CODE_UNSUPPORTED_MEDIA_TYPE: number CODE_UNSUPPORTED_MEDIA_TYPE: number
CODE_INTERNAL_SERVER_ERROR: number CODE_INTERNAL_SERVER_ERROR: number

Write Preview
Loading…
Cancel
Save