diff options
| author | syuilo <syuilotan@yahoo.co.jp> | 2018-04-11 17:40:01 +0900 |
|---|---|---|
| committer | syuilo <syuilotan@yahoo.co.jp> | 2018-04-11 17:40:01 +0900 |
| commit | bd3d57a67f6d7c6a01516410d2322e6ffbd2f5ad (patch) | |
| tree | e5caa46997f78a61fb09a821aa0ac210784500fb /src/server/api/call.ts | |
| parent | v4771 (diff) | |
| download | sharkey-bd3d57a67f6d7c6a01516410d2322e6ffbd2f5ad.tar.gz sharkey-bd3d57a67f6d7c6a01516410d2322e6ffbd2f5ad.tar.bz2 sharkey-bd3d57a67f6d7c6a01516410d2322e6ffbd2f5ad.zip | |
ストリーム経由でAPIにリクエストできるように
Diffstat (limited to 'src/server/api/call.ts')
| -rw-r--r-- | src/server/api/call.ts | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/src/server/api/call.ts b/src/server/api/call.ts new file mode 100644 index 0000000000..1bfe94bb74 --- /dev/null +++ b/src/server/api/call.ts @@ -0,0 +1,55 @@ +import * as express from 'express'; + +import endpoints, { Endpoint } from './endpoints'; +import limitter from './limitter'; +import { IUser } from '../../models/user'; +import { IApp } from '../../models/app'; + +export default (endpoint: string | Endpoint, user: IUser, app: IApp, data: any, req?: express.Request) => new Promise(async (ok, rej) => { + const isSecure = user != null && app == null; + + //console.log(endpoint, user, app, data); + + const ep = typeof endpoint == 'string' ? endpoints.find(e => e.name == endpoint) : endpoint; + + if (ep.secure && !isSecure) { + return rej('ACCESS_DENIED'); + } + + if (ep.withCredential && user == null) { + return rej('SIGNIN_REQUIRED'); + } + + if (app && ep.kind) { + if (!app.permission.some(p => p === ep.kind)) { + return rej('PERMISSION_DENIED'); + } + } + + if (ep.withCredential && ep.limit) { + try { + await limitter(ep, user); // Rate limit + } catch (e) { + // drop request if limit exceeded + return rej('RATE_LIMIT_EXCEEDED'); + } + } + + let exec = require(`${__dirname}/endpoints/${ep.name}`); + + if (ep.withFile && req) { + exec = exec.bind(null, req.file); + } + + let res; + + // API invoking + try { + res = await exec(data, user, app); + } catch (e) { + rej(e); + return; + } + + ok(res); +}); |