fix: elysia issues
This commit is contained in:
parent
61560ae521
commit
03fe13e707
|
|
@ -5,6 +5,10 @@ import { createRateLimiter } from "../utils/rate-limit";
|
||||||
|
|
||||||
const EMAIL_HMAC_KEY = process.env.EMAIL_HMAC_KEY || "pingql-default-hmac-key";
|
const EMAIL_HMAC_KEY = process.env.EMAIL_HMAC_KEY || "pingql-default-hmac-key";
|
||||||
|
|
||||||
|
function redir(to: string) {
|
||||||
|
return new Response(null, { status: 302, headers: { Location: to } });
|
||||||
|
}
|
||||||
|
|
||||||
// ── Per-IP rate limiting for auth endpoints ───────────────────────────
|
// ── Per-IP rate limiting for auth endpoints ───────────────────────────
|
||||||
const checkAuthRateLimit = createRateLimiter();
|
const checkAuthRateLimit = createRateLimiter();
|
||||||
|
|
||||||
|
|
@ -79,18 +83,18 @@ export const account = new Elysia({ prefix: "/account" })
|
||||||
const resolved = await resolveKey(key);
|
const resolved = await resolveKey(key);
|
||||||
if (!resolved) {
|
if (!resolved) {
|
||||||
set.status = 401;
|
set.status = 401;
|
||||||
if ((body as any)._form) { set.redirect = "/dashboard?error=invalid"; return; }
|
if ((body as any)._form) return redir("/dashboard?error=invalid");
|
||||||
return { error: "Invalid account key" };
|
return { error: "Invalid account key" };
|
||||||
}
|
}
|
||||||
|
|
||||||
cookie.pingql_key.set({ value: key, ...COOKIE_OPTS });
|
cookie.pingql_key.set({ value: key, ...COOKIE_OPTS });
|
||||||
if ((body as any)._form) { set.redirect = "/dashboard/home"; return; }
|
if ((body as any)._form) return redir("/dashboard/home");
|
||||||
return { ok: true };
|
return { ok: true };
|
||||||
}, { detail: { hide: true } })
|
}, { detail: { hide: true } })
|
||||||
|
|
||||||
.get("/logout", ({ cookie, set }) => {
|
.get("/logout", ({ cookie }) => {
|
||||||
cookie.pingql_key.set({ value: "", ...COOKIE_OPTS, maxAge: 0 });
|
cookie.pingql_key.set({ value: "", ...COOKIE_OPTS, maxAge: 0 });
|
||||||
set.redirect = "/dashboard";
|
return redir("/dashboard");
|
||||||
}, { detail: { hide: true } })
|
}, { detail: { hide: true } })
|
||||||
|
|
||||||
.post("/register", async ({ body, cookie, request, set, error }) => {
|
.post("/register", async ({ body, cookie, request, set, error }) => {
|
||||||
|
|
@ -103,10 +107,7 @@ export const account = new Elysia({ prefix: "/account" })
|
||||||
cookie.pingql_key.set({ value: key, ...COOKIE_OPTS });
|
cookie.pingql_key.set({ value: key, ...COOKIE_OPTS });
|
||||||
|
|
||||||
// Form submission → redirect to welcome page showing the key
|
// Form submission → redirect to welcome page showing the key
|
||||||
if ((body as any)._form) {
|
if ((body as any)._form) return redir(`/dashboard/welcome?key=${encodeURIComponent(key)}`);
|
||||||
set.redirect = `/dashboard/welcome?key=${encodeURIComponent(key)}`;
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
return { key, email_registered: !!emailHash };
|
return { key, email_registered: !!emailHash };
|
||||||
})
|
})
|
||||||
|
|
@ -124,31 +125,31 @@ export const account = new Elysia({ prefix: "/account" })
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
.post("/email", async ({ accountId, body, set }) => {
|
.post("/email", async ({ accountId, body }) => {
|
||||||
const emailHash = (body as any).email ? hashEmail((body as any).email) : null;
|
const emailHash = (body as any).email ? hashEmail((body as any).email) : null;
|
||||||
await sql`UPDATE accounts SET email_hash = ${emailHash} WHERE id = ${accountId}`;
|
await sql`UPDATE accounts SET email_hash = ${emailHash} WHERE id = ${accountId}`;
|
||||||
if ((body as any)._form) { set.redirect = "/dashboard/settings"; return; }
|
if ((body as any)._form) return redir("/dashboard/settings");
|
||||||
return { ok: true };
|
return { ok: true };
|
||||||
})
|
})
|
||||||
|
|
||||||
.post("/reset-key", async ({ accountId, cookie, body, set }) => {
|
.post("/reset-key", async ({ accountId, cookie, body }) => {
|
||||||
const key = generateKey();
|
const key = generateKey();
|
||||||
await sql`UPDATE accounts SET key = ${key} WHERE id = ${accountId}`;
|
await sql`UPDATE accounts SET key = ${key} WHERE id = ${accountId}`;
|
||||||
cookie.pingql_key.set({ value: key, ...COOKIE_OPTS });
|
cookie.pingql_key.set({ value: key, ...COOKIE_OPTS });
|
||||||
if ((body as any)?._form) { set.redirect = "/dashboard/settings"; return; }
|
if ((body as any)?._form) return redir("/dashboard/settings");
|
||||||
return { key, message: "Primary key rotated. Your old key is now invalid." };
|
return { key, message: "Primary key rotated. Your old key is now invalid." };
|
||||||
})
|
})
|
||||||
|
|
||||||
.post("/keys", async ({ accountId, body, set }) => {
|
.post("/keys", async ({ accountId, body }) => {
|
||||||
const key = generateKey();
|
const key = generateKey();
|
||||||
const [created] = await sql`INSERT INTO api_keys (key, account_id, label) VALUES (${key}, ${accountId}, ${(body as any).label}) RETURNING id`;
|
const [created] = await sql`INSERT INTO api_keys (key, account_id, label) VALUES (${key}, ${accountId}, ${(body as any).label}) RETURNING id`;
|
||||||
if ((body as any)._form) { set.redirect = "/dashboard/settings"; return; }
|
if ((body as any)._form) return redir("/dashboard/settings");
|
||||||
return { key, id: created.id, label: (body as any).label };
|
return { key, id: created.id, label: (body as any).label };
|
||||||
})
|
})
|
||||||
|
|
||||||
.post("/keys/:id/delete", async ({ accountId, params, set }) => {
|
.post("/keys/:id/delete", async ({ accountId, params }) => {
|
||||||
await sql`DELETE FROM api_keys WHERE id = ${params.id} AND account_id = ${accountId}`;
|
await sql`DELETE FROM api_keys WHERE id = ${params.id} AND account_id = ${accountId}`;
|
||||||
set.redirect = "/dashboard/settings";
|
return redir("/dashboard/settings");
|
||||||
})
|
})
|
||||||
|
|
||||||
.delete("/keys/:id", async ({ accountId, params, error }) => {
|
.delete("/keys/:id", async ({ accountId, params, error }) => {
|
||||||
|
|
|
||||||
|
|
@ -370,11 +370,11 @@ export const dashboard = new Elysia()
|
||||||
});
|
});
|
||||||
} catch {}
|
} catch {}
|
||||||
|
|
||||||
set.redirect = "/dashboard/home";
|
return redirect("/dashboard/home");
|
||||||
})
|
})
|
||||||
|
|
||||||
// Delete monitor via form POST
|
// Delete monitor via form POST
|
||||||
.post("/dashboard/monitors/:id/delete", async ({ cookie, headers, params, set }) => {
|
.post("/dashboard/monitors/:id/delete", async ({ cookie, headers, params }) => {
|
||||||
const resolved = await getAccountId(cookie, headers);
|
const resolved = await getAccountId(cookie, headers);
|
||||||
if (!resolved?.accountId) return redirect("/dashboard");
|
if (!resolved?.accountId) return redirect("/dashboard");
|
||||||
|
|
||||||
|
|
@ -385,11 +385,11 @@ export const dashboard = new Elysia()
|
||||||
headers: { "Authorization": `Bearer ${key}` },
|
headers: { "Authorization": `Bearer ${key}` },
|
||||||
});
|
});
|
||||||
|
|
||||||
set.redirect = "/dashboard/home";
|
return redirect("/dashboard/home");
|
||||||
})
|
})
|
||||||
|
|
||||||
// Toggle monitor via form POST
|
// Toggle monitor via form POST
|
||||||
.post("/dashboard/monitors/:id/toggle", async ({ cookie, headers, params, set }) => {
|
.post("/dashboard/monitors/:id/toggle", async ({ cookie, headers, params }) => {
|
||||||
const resolved = await getAccountId(cookie, headers);
|
const resolved = await getAccountId(cookie, headers);
|
||||||
if (!resolved?.accountId) return redirect("/dashboard");
|
if (!resolved?.accountId) return redirect("/dashboard");
|
||||||
|
|
||||||
|
|
@ -400,7 +400,7 @@ export const dashboard = new Elysia()
|
||||||
headers: { "Authorization": `Bearer ${key}` },
|
headers: { "Authorization": `Bearer ${key}` },
|
||||||
});
|
});
|
||||||
|
|
||||||
set.redirect = `/dashboard/monitors/${params.id}`;
|
return redirect(`/dashboard/monitors/${params.id}`);
|
||||||
})
|
})
|
||||||
|
|
||||||
// Docs
|
// Docs
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue