fix: ingest endpoint routing conflict with requireAuth

2026-03-16 12:06:03 +04:00 · 2026-03-16 12:06:03 +04:00 · 802055d24d
parent 570222c7a9
commit 802055d24d
1 changed files with 29 additions and 25 deletions
--- a/apps/web/src/routes/checks.ts
+++ b/apps/web/src/routes/checks.ts
@ -1,29 +1,10 @@
-import { Elysia } from "elysia";
+import { Elysia, t } from "elysia";
 import { requireAuth } from "./auth";
 import sql from "../db";

-export const checks = new Elysia({ prefix: "/checks" })
-  .use(requireAuth)
-
-  // Get recent results for a monitor
-  .get("/:monitorId", async ({ accountId, params, query, error }) => {
-    // Verify ownership
-    const [monitor] = await sql`
-      SELECT id FROM monitors WHERE id = ${params.monitorId} AND account_id = ${accountId}
-    `;
-    if (!monitor) return error(404, { error: "Not found" });
-
-    const limit = Math.min(Number(query.limit ?? 100), 1000);
-    return sql`
-      SELECT * FROM check_results
-      WHERE monitor_id = ${params.monitorId}
-      ORDER BY checked_at DESC
-      LIMIT ${limit}
-    `;
-  }, { detail: { summary: "Get check history", tags: ["checks"] } })
-
-  // Internal endpoint: monitor runner posts results here
-  .post("/ingest", async ({ body, headers, error }) => {
+export const checks = new Elysia()
+  // Public-ish: token protected, no user auth
+  .post("/checks/ingest", async ({ body, headers, error }) => {
    const token = headers["x-monitor-token"];
    if (token !== process.env.MONITOR_TOKEN) return error(401, { error: "Unauthorized" });

@ -40,5 +21,28 @@ export const checks = new Elysia({ prefix: "/checks" })
    `;
    return { ok: true };
  }, {
-    detail: { summary: "Ingest check result (monitor runner only)", tags: ["internal"] },
-  });
+    body: t.Object({
+      monitor_id: t.String(),
+      status_code: t.Optional(t.Number()),
+      latency_ms:  t.Optional(t.Number()),
+      up:          t.Boolean(),
+      error:       t.Optional(t.String()),
+      meta:        t.Optional(t.Any()),
+    }),
+    detail: { summary: "Ingest result (monitor runner)", tags: ["internal"] },
+  })
+
+  // User auth required below
+  .use(requireAuth)
+  .get("/checks/:monitorId", async ({ accountId, params, query, error }) => {
+    const [monitor] = await sql`
+      SELECT id FROM monitors WHERE id = ${params.monitorId} AND account_id = ${accountId}
+    `;
+    if (!monitor) return error(404, { error: "Not found" });
+    const limit = Math.min(Number(query.limit ?? 100), 1000);
+    return sql`
+      SELECT * FROM check_results
+      WHERE monitor_id = ${params.monitorId}
+      ORDER BY checked_at DESC LIMIT ${limit}
+    `;
+  }, { detail: { summary: "Get check history", tags: ["checks"] } });