2022-06-21 23:30:11 +02:00
|
|
|
import "dotenv/config";
|
2022-06-29 22:19:50 +02:00
|
|
|
import express, { Express, Request } from "express";
|
2022-06-21 23:30:11 +02:00
|
|
|
import { PrismaClient, EncryptedNote } from "@prisma/client";
|
2022-06-29 14:17:38 +02:00
|
|
|
import { addDays } from "./util";
|
2022-06-29 17:14:05 +02:00
|
|
|
import helmet from "helmet";
|
2022-06-29 22:19:50 +02:00
|
|
|
import rateLimit from "express-rate-limit";
|
2022-07-06 14:59:38 +02:00
|
|
|
import pinoHttp from "pino-http";
|
|
|
|
import logger from "./logger";
|
2022-06-21 23:30:11 +02:00
|
|
|
|
2022-06-29 14:17:38 +02:00
|
|
|
// Initialize middleware clients
|
2022-06-21 23:30:11 +02:00
|
|
|
const prisma = new PrismaClient();
|
|
|
|
const app: Express = express();
|
2022-06-29 14:17:38 +02:00
|
|
|
app.use(express.json());
|
2022-07-06 14:59:38 +02:00
|
|
|
|
|
|
|
// configure logging
|
|
|
|
app.use(
|
|
|
|
pinoHttp({
|
|
|
|
logger: logger,
|
|
|
|
})
|
|
|
|
);
|
|
|
|
|
|
|
|
// configure Helmet and CORS
|
2022-06-30 09:28:49 +02:00
|
|
|
app.use(
|
|
|
|
helmet({
|
|
|
|
crossOriginResourcePolicy: {
|
|
|
|
policy: process.env.ENVIRONMENT == "dev" ? "cross-origin" : "same-origin",
|
|
|
|
},
|
|
|
|
})
|
|
|
|
);
|
2022-06-23 20:22:34 +02:00
|
|
|
|
2022-06-29 22:19:50 +02:00
|
|
|
// Apply rate limiting
|
|
|
|
const postLimiter = rateLimit({
|
2022-06-29 22:32:18 +02:00
|
|
|
windowMs: parseInt(process.env.POST_LIMIT_WINDOW_SECONDS as string) * 1000,
|
|
|
|
max: parseInt(process.env.POST_LIMIT as string), // Limit each IP to X requests per window
|
2022-06-29 22:19:50 +02:00
|
|
|
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
|
|
|
|
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
|
|
|
|
});
|
|
|
|
|
2022-06-21 23:30:11 +02:00
|
|
|
// start the Express server
|
|
|
|
app.listen(process.env.PORT, () => {
|
2022-07-06 14:59:38 +02:00
|
|
|
logger.info(`server started at port ${process.env.PORT}`);
|
2022-06-21 23:30:11 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
// Post new encrypted note
|
2022-06-29 22:19:50 +02:00
|
|
|
app.post(
|
2022-07-03 11:02:21 +02:00
|
|
|
"/api/note/",
|
2022-06-29 22:19:50 +02:00
|
|
|
postLimiter,
|
2022-07-06 15:07:51 +02:00
|
|
|
(req: Request<{}, {}, EncryptedNote>, res, next) => {
|
2022-06-29 22:19:50 +02:00
|
|
|
const note = req.body;
|
2022-07-06 15:07:51 +02:00
|
|
|
prisma.encryptedNote
|
|
|
|
.create({
|
|
|
|
data: { ...note, expire_time: addDays(new Date(), 30) },
|
|
|
|
})
|
|
|
|
.then((savedNote) => {
|
|
|
|
res.json({
|
|
|
|
view_url: `${process.env.FRONTEND_URL}/note/${savedNote.id}`,
|
|
|
|
expire_time: savedNote.expire_time,
|
|
|
|
});
|
|
|
|
})
|
|
|
|
.catch(next);
|
2022-06-29 22:19:50 +02:00
|
|
|
}
|
|
|
|
);
|
2022-06-21 23:30:11 +02:00
|
|
|
|
|
|
|
// Get encrypted note
|
2022-07-06 15:07:51 +02:00
|
|
|
app.get("/api/note/:id", (req, res, next) => {
|
|
|
|
prisma.encryptedNote
|
|
|
|
.findUnique({
|
|
|
|
where: { id: req.params.id },
|
|
|
|
})
|
|
|
|
.then((note) => {
|
|
|
|
if (note != null) {
|
|
|
|
res.send(note);
|
|
|
|
}
|
|
|
|
res.status(404).send();
|
|
|
|
})
|
|
|
|
.catch(next);
|
2022-06-21 23:30:11 +02:00
|
|
|
});
|
|
|
|
|
2022-06-29 14:17:38 +02:00
|
|
|
// Clean up expired notes periodically
|
|
|
|
const interval =
|
|
|
|
Math.max(parseInt(<string>process.env.CLEANUP_INTERVAL_SECONDS) || 1, 1) *
|
|
|
|
1000;
|
|
|
|
setInterval(async () => {
|
|
|
|
try {
|
2022-07-06 14:59:38 +02:00
|
|
|
logger.info("[Cleanup] Cleaning up expired notes...");
|
2022-06-29 14:17:38 +02:00
|
|
|
const deleted = await prisma.encryptedNote.deleteMany({
|
|
|
|
where: {
|
|
|
|
expire_time: {
|
|
|
|
lte: new Date(),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
});
|
2022-07-06 14:59:38 +02:00
|
|
|
logger.info(`[Cleanup] Deleted ${deleted.count} expired notes.`);
|
2022-06-29 14:17:38 +02:00
|
|
|
} catch (err) {
|
2022-07-06 14:59:38 +02:00
|
|
|
logger.error(`[Cleanup] Error cleaning expired notes:`);
|
|
|
|
logger.error(err);
|
2022-06-29 14:17:38 +02:00
|
|
|
}
|
|
|
|
}, interval);
|