95 lines
2.6 KiB
TypeScript
Raw Normal View History

2022-06-21 23:30:11 +02:00
import "dotenv/config";
2022-06-29 22:19:50 +02:00
import express, { Express, Request } from "express";
2022-06-23 20:22:34 +02:00
import cors from "cors";
2022-06-21 23:30:11 +02:00
import { PrismaClient, EncryptedNote } from "@prisma/client";
2022-06-29 14:17:38 +02:00
import { addDays } from "./util";
2022-06-29 17:14:05 +02:00
import helmet from "helmet";
2022-06-29 22:19:50 +02:00
import rateLimit from "express-rate-limit";
2022-06-21 23:30:11 +02:00
2022-06-29 14:17:38 +02:00
// Initialize middleware clients
2022-06-21 23:30:11 +02:00
const prisma = new PrismaClient();
const app: Express = express();
2022-06-29 14:17:38 +02:00
app.use(express.json());
2022-06-30 09:28:49 +02:00
app.use(
helmet({
crossOriginResourcePolicy: {
policy: process.env.ENVIRONMENT == "dev" ? "cross-origin" : "same-origin",
},
})
);
2022-06-23 20:22:34 +02:00
2022-06-29 22:19:50 +02:00
// Apply rate limiting
const postLimiter = rateLimit({
2022-06-29 22:32:18 +02:00
windowMs: parseInt(process.env.POST_LIMIT_WINDOW_SECONDS as string) * 1000,
max: parseInt(process.env.POST_LIMIT as string), // Limit each IP to X requests per window
2022-06-29 22:19:50 +02:00
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
});
2022-06-21 23:30:11 +02:00
// start the Express server
app.listen(process.env.PORT, () => {
2022-07-01 22:06:50 +02:00
console.log(`server started at port ${process.env.PORT}`);
2022-06-21 23:30:11 +02:00
});
// Post new encrypted note
2022-06-29 22:19:50 +02:00
app.post(
"/api/note/",
2022-06-29 22:19:50 +02:00
postLimiter,
async (req: Request<{}, {}, EncryptedNote>, res) => {
const note = req.body;
const savedNote = await prisma.encryptedNote.create({
data: { ...note, expire_time: addDays(new Date(), 30) },
});
res.json({
view_url: `${process.env.FRONTEND_URL}/note/${savedNote.id}`,
expire_time: savedNote.expire_time,
});
}
);
2022-06-21 23:30:11 +02:00
// Get encrypted note
app.get("/api/note/:id", async (req, res) => {
2022-06-21 23:30:11 +02:00
const note = await prisma.encryptedNote.findUnique({
where: { id: req.params.id },
});
if (note != null) {
res.send(note);
2022-07-01 22:06:50 +02:00
console.log(`[GET] Retrieved note <${note.id}> for <${req.ip}>`);
2022-06-21 23:30:11 +02:00
}
res.status(404).send();
});
// Default response for any other request
app.use((req, res, next) => {
console.log(`Route not found: ${req.path}`);
res.status(404).send("Route not found");
2022-06-21 23:30:11 +02:00
});
2022-06-29 14:17:38 +02:00
2022-07-01 22:06:50 +02:00
// // Error handling
// app.use((err, req, res, next) => {
// console.error(err.stack);
// res.status(500).send("Something broke!");
// });
2022-06-29 14:17:38 +02:00
// Clean up expired notes periodically
const interval =
Math.max(parseInt(<string>process.env.CLEANUP_INTERVAL_SECONDS) || 1, 1) *
1000;
setInterval(async () => {
try {
console.log("[Cleanup] Cleaning up expired notes...");
const deleted = await prisma.encryptedNote.deleteMany({
where: {
expire_time: {
lte: new Date(),
},
},
});
console.log(`[Cleanup] Deleted ${deleted.count} expired notes.`);
} catch (err) {
console.error(`[Cleanup] Error cleaning expired notes:`);
console.error(err);
}
}, interval);