api: raw stream status responses, clean up core
This commit is contained in:
parent
13524a4aa1
commit
98e05368ed
3 changed files with 98 additions and 107 deletions
165
src/core/api.js
165
src/core/api.js
|
@ -16,10 +16,10 @@ import { verifyStream, getInternalStream } from "../modules/stream/manage.js";
|
|||
import { extract } from "../modules/processing/url.js";
|
||||
|
||||
export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
|
||||
const corsConfig = !env.corsWildcard ? {
|
||||
const corsConfig = env.corsWildcard ? {} : {
|
||||
origin: env.corsURL,
|
||||
optionsSuccessStatus: 200
|
||||
} : {};
|
||||
};
|
||||
|
||||
const apiLimiter = rateLimit({
|
||||
windowMs: 60000,
|
||||
|
@ -33,7 +33,8 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
|
|||
"text": loc(languageCode(req), 'ErrorRateLimit')
|
||||
});
|
||||
}
|
||||
});
|
||||
})
|
||||
|
||||
const apiLimiterStream = rateLimit({
|
||||
windowMs: 60000,
|
||||
max: 25,
|
||||
|
@ -41,12 +42,9 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
|
|||
legacyHeaders: false,
|
||||
keyGenerator: req => generateHmac(getIP(req), ipSalt),
|
||||
handler: (req, res) => {
|
||||
return res.status(429).json({
|
||||
"status": "rate-limit",
|
||||
"text": loc(languageCode(req), 'ErrorRateLimit')
|
||||
});
|
||||
return res.sendStatus(429)
|
||||
}
|
||||
});
|
||||
})
|
||||
|
||||
const startTime = new Date();
|
||||
const startTimestamp = startTime.getTime();
|
||||
|
@ -56,7 +54,7 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
|
|||
app.use('/api/:type', cors({
|
||||
methods: ['GET', 'POST'],
|
||||
...corsConfig
|
||||
}));
|
||||
}))
|
||||
|
||||
app.use('/api/json', apiLimiter);
|
||||
app.use('/api/stream', apiLimiterStream);
|
||||
|
@ -65,27 +63,27 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
|
|||
app.use((req, res, next) => {
|
||||
try { decodeURIComponent(req.path) } catch (e) { return res.redirect('/') }
|
||||
next();
|
||||
});
|
||||
})
|
||||
|
||||
app.use('/api/json', express.json({
|
||||
verify: (req, res, buf) => {
|
||||
let acceptCon = String(req.header('Accept')) === "application/json";
|
||||
if (acceptCon) {
|
||||
const acceptHeader = String(req.header('Accept')) === "application/json";
|
||||
if (acceptHeader) {
|
||||
if (buf.length > 720) throw new Error();
|
||||
JSON.parse(buf);
|
||||
} else {
|
||||
throw new Error();
|
||||
}
|
||||
}
|
||||
}));
|
||||
}))
|
||||
|
||||
// handle express.json errors properly (https://github.com/expressjs/express/issues/4065)
|
||||
app.use('/api/json', (err, req, res, next) => {
|
||||
let errorText = "invalid json body";
|
||||
let acceptCon = String(req.header('Accept')) !== "application/json";
|
||||
const errorText = "invalid json body";
|
||||
const acceptHeader = String(req.header('Accept')) !== "application/json";
|
||||
|
||||
if (err || acceptCon) {
|
||||
if (acceptCon) errorText = "invalid accept header";
|
||||
if (err || acceptHeader) {
|
||||
if (acceptHeader) errorText = "invalid accept header";
|
||||
return res.status(400).json({
|
||||
status: "error",
|
||||
text: errorText
|
||||
|
@ -93,12 +91,14 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
|
|||
} else {
|
||||
next();
|
||||
}
|
||||
});
|
||||
})
|
||||
|
||||
const acceptRegex = /^application\/json(; charset=utf-8)?$/;
|
||||
|
||||
app.post('/api/json', async (req, res) => {
|
||||
const request = req.body;
|
||||
const lang = languageCode(req);
|
||||
|
||||
const fail = (t) => {
|
||||
const { status, body } = createResponse("error", { t: loc(lang, t) });
|
||||
res.status(status).json(body);
|
||||
|
@ -132,80 +132,83 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
|
|||
} catch {
|
||||
fail('ErrorSomethingWentWrong');
|
||||
}
|
||||
});
|
||||
})
|
||||
|
||||
app.get('/api/:type', (req, res) => {
|
||||
try {
|
||||
let j;
|
||||
switch (req.params.type) {
|
||||
case 'stream':
|
||||
const q = req.query;
|
||||
const checkQueries = q.t && q.e && q.h && q.s && q.i;
|
||||
const checkBaseLength = q.t.length === 21 && q.e.length === 13;
|
||||
const checkSafeLength = q.h.length === 43 && q.s.length === 43 && q.i.length === 22;
|
||||
if (checkQueries && checkBaseLength && checkSafeLength) {
|
||||
if (q.p) {
|
||||
return res.status(200).json({
|
||||
status: "continue"
|
||||
})
|
||||
}
|
||||
let streamInfo = verifyStream(q.t, q.h, q.e, q.s, q.i);
|
||||
if (streamInfo.error) {
|
||||
return res.status(streamInfo.status).json(apiJSON(0, { t: streamInfo.error }).body);
|
||||
}
|
||||
return stream(res, streamInfo);
|
||||
}
|
||||
app.get('/api/stream', (req, res) => {
|
||||
const id = String(req.query.id);
|
||||
const exp = String(req.query.exp);
|
||||
const sig = String(req.query.sig);
|
||||
const sec = String(req.query.sec);
|
||||
const iv = String(req.query.iv);
|
||||
|
||||
j = apiJSON(0, {
|
||||
t: "bad request. stream link may be incomplete or corrupted."
|
||||
})
|
||||
return res.status(j.status).json(j.body);
|
||||
case 'istream':
|
||||
if (!req.ip.endsWith('127.0.0.1'))
|
||||
return res.sendStatus(403);
|
||||
if (('' + req.query.t).length !== 21)
|
||||
return res.sendStatus(400);
|
||||
|
||||
let streamInfo = getInternalStream(req.query.t);
|
||||
if (!streamInfo) return res.sendStatus(404);
|
||||
streamInfo.headers = req.headers;
|
||||
|
||||
return stream(res, { type: 'internal', ...streamInfo });
|
||||
case 'serverInfo':
|
||||
return res.status(200).json({
|
||||
version: version,
|
||||
commit: gitCommit,
|
||||
branch: gitBranch,
|
||||
name: env.apiName,
|
||||
url: env.apiURL,
|
||||
cors: Number(env.corsWildcard),
|
||||
startTime: `${startTimestamp}`
|
||||
});
|
||||
default:
|
||||
j = apiJSON(0, {
|
||||
t: "unknown response type"
|
||||
})
|
||||
return res.status(j.status).json(j.body);
|
||||
const checkQueries = id && exp && sig && sec && iv;
|
||||
const checkBaseLength = id.length === 21 && exp.length === 13;
|
||||
const checkSafeLength = sig.length === 43 && sec.length === 43 && iv.length === 22;
|
||||
|
||||
if (checkQueries && checkBaseLength && checkSafeLength) {
|
||||
// rate limit probe, will not return json after 8.0
|
||||
if (req.query.p) {
|
||||
return res.status(200).json({
|
||||
status: "continue"
|
||||
})
|
||||
}
|
||||
try {
|
||||
const streamInfo = verifyStream(id, sig, exp, sec, iv);
|
||||
if (!streamInfo?.service) {
|
||||
return res.sendStatus(streamInfo.status);
|
||||
}
|
||||
return stream(res, streamInfo);
|
||||
} catch {
|
||||
return res.destroy();
|
||||
}
|
||||
} catch (e) {
|
||||
return res.status(500).json({
|
||||
status: "error",
|
||||
text: loc(languageCode(req), 'ErrorCantProcess')
|
||||
});
|
||||
}
|
||||
});
|
||||
return res.sendStatus(400);
|
||||
})
|
||||
|
||||
app.get('/api/istream', (req, res) => {
|
||||
try {
|
||||
if (!req.ip.endsWith('127.0.0.1'))
|
||||
return res.sendStatus(403);
|
||||
if (String(req.query.id).length !== 21)
|
||||
return res.sendStatus(400);
|
||||
|
||||
const streamInfo = getInternalStream(req.query.id);
|
||||
if (!streamInfo) return res.sendStatus(404);
|
||||
streamInfo.headers = req.headers;
|
||||
|
||||
return stream(res, { type: 'internal', ...streamInfo });
|
||||
} catch {
|
||||
return res.destroy();
|
||||
}
|
||||
})
|
||||
|
||||
app.get('/api/serverInfo', (req, res) => {
|
||||
try {
|
||||
return res.status(200).json({
|
||||
version: version,
|
||||
commit: gitCommit,
|
||||
branch: gitBranch,
|
||||
name: env.apiName,
|
||||
url: env.apiURL,
|
||||
cors: Number(env.corsWildcard),
|
||||
startTime: `${startTimestamp}`
|
||||
});
|
||||
} catch {
|
||||
return res.destroy();
|
||||
}
|
||||
})
|
||||
|
||||
app.get('/api/status', (req, res) => {
|
||||
res.status(200).end()
|
||||
});
|
||||
})
|
||||
|
||||
app.get('/favicon.ico', (req, res) => {
|
||||
res.sendFile(`${__dirname}/src/front/icons/favicon.ico`)
|
||||
});
|
||||
})
|
||||
|
||||
app.get('/*', (req, res) => {
|
||||
res.redirect('/api/json')
|
||||
});
|
||||
res.redirect('/api/serverInfo')
|
||||
})
|
||||
|
||||
app.listen(env.apiPort, env.listenAddress, () => {
|
||||
console.log(`\n` +
|
||||
|
@ -214,5 +217,5 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
|
|||
`URL: ${Cyan(`${env.apiURL}`)}\n` +
|
||||
`Port: ${env.apiPort}\n`
|
||||
)
|
||||
});
|
||||
})
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
import NodeCache from "node-cache";
|
||||
import { randomBytes } from "crypto";
|
||||
import { nanoid } from 'nanoid';
|
||||
import { nanoid } from "nanoid";
|
||||
|
||||
import { decryptStream, encryptStream, generateHmac } from "../sub/crypto.js";
|
||||
import { streamLifespan, env } from "../config.js";
|
||||
|
@ -11,15 +11,6 @@ const freebind = env.freebindCIDR && await import('freebind').catch(() => {});
|
|||
|
||||
const M3U_SERVICES = ['dailymotion', 'vimeo', 'rutube'];
|
||||
|
||||
const streamNoAccess = {
|
||||
error: "i couldn't verify if you have access to this stream. go back and try again!",
|
||||
status: 401
|
||||
}
|
||||
const streamNoExist = {
|
||||
error: "this download link has expired or doesn't exist. go back and try again!",
|
||||
status: 400
|
||||
}
|
||||
|
||||
const streamCache = new NodeCache({
|
||||
stdTTL: streamLifespan/1000,
|
||||
checkperiod: 10,
|
||||
|
@ -61,11 +52,11 @@ export function createStream(obj) {
|
|||
let streamLink = new URL('/api/stream', env.apiURL);
|
||||
|
||||
const params = {
|
||||
't': streamID,
|
||||
'e': exp,
|
||||
'h': hmac,
|
||||
's': secret,
|
||||
'i': iv
|
||||
'id': streamID,
|
||||
'exp': exp,
|
||||
'sig': hmac,
|
||||
'sec': secret,
|
||||
'iv': iv
|
||||
}
|
||||
|
||||
for (const [key, value] of Object.entries(params)) {
|
||||
|
@ -96,7 +87,7 @@ export function createInternalStream(url, obj = {}) {
|
|||
};
|
||||
|
||||
let streamLink = new URL('/api/istream', `http://127.0.0.1:${env.apiPort}`);
|
||||
streamLink.searchParams.set('t', streamID);
|
||||
streamLink.searchParams.set('id', streamID);
|
||||
return streamLink.toString();
|
||||
}
|
||||
|
||||
|
@ -106,7 +97,7 @@ export function destroyInternalStream(url) {
|
|||
return;
|
||||
}
|
||||
|
||||
const id = url.searchParams.get('t');
|
||||
const id = url.searchParams.get('id');
|
||||
|
||||
if (internalStreamCache[id]) {
|
||||
internalStreamCache[id].controller.abort();
|
||||
|
@ -141,22 +132,19 @@ export function verifyStream(id, hmac, exp, secret, iv) {
|
|||
const ghmac = generateHmac(`${id},${exp},${iv},${secret}`, hmacSalt);
|
||||
const cache = streamCache.get(id.toString());
|
||||
|
||||
if (ghmac !== String(hmac)) return streamNoAccess;
|
||||
if (!cache) return streamNoExist;
|
||||
if (ghmac !== String(hmac)) return { status: 401 };
|
||||
if (!cache) return { status: 404 };
|
||||
|
||||
const streamInfo = JSON.parse(decryptStream(cache, iv, secret));
|
||||
|
||||
if (!streamInfo) return streamNoExist;
|
||||
if (!streamInfo) return { status: 404 };
|
||||
|
||||
if (Number(exp) <= new Date().getTime())
|
||||
return streamNoExist;
|
||||
return { status: 404 };
|
||||
|
||||
return wrapStream(streamInfo);
|
||||
}
|
||||
catch {
|
||||
return {
|
||||
error: "something went wrong and i couldn't verify this stream. go back and try again!",
|
||||
status: 500
|
||||
}
|
||||
return { status: 500 };
|
||||
}
|
||||
}
|
||||
|
|
|
@ -25,6 +25,6 @@ export default async function(res, streamInfo) {
|
|||
break;
|
||||
}
|
||||
} catch {
|
||||
res.status(500).json({ status: "error", text: "Internal Server Error" });
|
||||
res.sendStatus(500);
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue