2022-06-22 00:30:11 +03:00
|
|
|
import "dotenv/config";
|
2022-06-29 23:19:50 +03:00
|
|
|
import express, { Express, Request } from "express";
|
2022-06-23 21:22:34 +03:00
|
|
|
import cors from "cors";
|
2022-06-22 00:30:11 +03:00
|
|
|
import { PrismaClient, EncryptedNote } from "@prisma/client";
|
2022-06-29 15:17:38 +03:00
|
|
|
import { addDays } from "./util";
|
2022-06-29 18:14:05 +03:00
|
|
|
import helmet from "helmet";
|
2022-06-29 23:19:50 +03:00
|
|
|
import rateLimit from "express-rate-limit";
|
2022-06-22 00:30:11 +03:00
|
|
|
|
2022-06-29 15:17:38 +03:00
|
|
|
// Initialize middleware clients
|
2022-06-22 00:30:11 +03:00
|
|
|
const prisma = new PrismaClient();
|
|
|
|
|
|
|
|
|
|
const app: Express = express();
|
2022-06-29 15:17:38 +03:00
|
|
|
app.use(express.json());
|
2022-06-30 10:28:49 +03:00
|
|
|
app.use(
|
|
|
|
|
helmet({
|
|
|
|
|
crossOriginResourcePolicy: {
|
|
|
|
|
policy: process.env.ENVIRONMENT == "dev" ? "cross-origin" : "same-origin",
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
);
|
2022-06-23 21:22:34 +03:00
|
|
|
|
2022-06-29 23:19:50 +03:00
|
|
|
// Apply rate limiting
|
|
|
|
|
const postLimiter = rateLimit({
|
2022-06-29 23:32:18 +03:00
|
|
|
windowMs: parseInt(process.env.POST_LIMIT_WINDOW_SECONDS as string) * 1000,
|
|
|
|
|
max: parseInt(process.env.POST_LIMIT as string), // Limit each IP to X requests per window
|
2022-06-29 23:19:50 +03:00
|
|
|
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
|
|
|
|
|
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
|
|
|
|
|
});
|
|
|
|
|
|
2022-06-22 00:30:11 +03:00
|
|
|
// start the Express server
|
|
|
|
|
app.listen(process.env.PORT, () => {
|
2022-07-01 23:06:50 +03:00
|
|
|
console.log(`server started at port ${process.env.PORT}`);
|
2022-06-22 00:30:11 +03:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Post new encrypted note
|
2022-06-29 23:19:50 +03:00
|
|
|
app.post(
|
|
|
|
|
"/note/",
|
|
|
|
|
postLimiter,
|
|
|
|
|
async (req: Request<{}, {}, EncryptedNote>, res) => {
|
|
|
|
|
const note = req.body;
|
|
|
|
|
const savedNote = await prisma.encryptedNote.create({
|
|
|
|
|
data: { ...note, expire_time: addDays(new Date(), 30) },
|
|
|
|
|
});
|
|
|
|
|
res.json({
|
|
|
|
|
view_url: `${process.env.FRONTEND_URL}/note/${savedNote.id}`,
|
|
|
|
|
expire_time: savedNote.expire_time,
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
);
|
2022-06-22 00:30:11 +03:00
|
|
|
|
|
|
|
|
// Get encrypted note
|
|
|
|
|
app.get("/note/:id", async (req, res) => {
|
|
|
|
|
const note = await prisma.encryptedNote.findUnique({
|
|
|
|
|
where: { id: req.params.id },
|
|
|
|
|
});
|
|
|
|
|
if (note != null) {
|
|
|
|
|
res.send(note);
|
2022-07-01 23:06:50 +03:00
|
|
|
console.log(`[GET] Retrieved note <${note.id}> for <${req.ip}>`);
|
2022-06-22 00:30:11 +03:00
|
|
|
}
|
|
|
|
|
res.status(404).send();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Default response for any other request
|
|
|
|
|
app.use((req, res, next) => {
|
|
|
|
|
res.status(404).send();
|
|
|
|
|
});
|
2022-06-29 15:17:38 +03:00
|
|
|
|
2022-07-01 23:06:50 +03:00
|
|
|
// // Error handling
|
|
|
|
|
// app.use((err, req, res, next) => {
|
|
|
|
|
// console.error(err.stack);
|
|
|
|
|
// res.status(500).send("Something broke!");
|
|
|
|
|
// });
|
|
|
|
|
|
2022-06-29 15:17:38 +03:00
|
|
|
// Clean up expired notes periodically
|
|
|
|
|
const interval =
|
|
|
|
|
Math.max(parseInt(<string>process.env.CLEANUP_INTERVAL_SECONDS) || 1, 1) *
|
|
|
|
|
1000;
|
|
|
|
|
setInterval(async () => {
|
|
|
|
|
try {
|
|
|
|
|
console.log("[Cleanup] Cleaning up expired notes...");
|
|
|
|
|
const deleted = await prisma.encryptedNote.deleteMany({
|
|
|
|
|
where: {
|
|
|
|
|
expire_time: {
|
|
|
|
|
lte: new Date(),
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
console.log(`[Cleanup] Deleted ${deleted.count} expired notes.`);
|
|
|
|
|
} catch (err) {
|
|
|
|
|
console.error(`[Cleanup] Error cleaning expired notes:`);
|
|
|
|
|
console.error(err);
|
|
|
|
|
}
|
|
|
|
|
}, interval);
|
