nhcarrigan/hikari
9
0
Fork 0
generated from nhcarrigan/template
Code Issues 2 Pull Requests 3 Actions Releases Activity
Files
a4a80bd91580fd637a4a05df95352384c5cca403
hikari/server/src/routes/sanction.ts
T
naomi 922dee415a
Node.js CI / CI (push) Successful in 44s
Details
Security Scan and Upload / Security & DefectDojo Upload (push) Successful in 1m25s
Details
feat: more automated announcements (#8) 
### Explanation

Makes my life so much easier.

### Issue

_No response_

### Attestations

- [x] I have read and agree to the [Code of Conduct](https://docs.nhcarrigan.com/community/coc/)
- [x] I have read and agree to the [Community Guidelines](https://docs.nhcarrigan.com/community/guide/).
- [x] My contribution complies with the [Contributor Covenant](https://docs.nhcarrigan.com/dev/covenant/).

### Dependencies

- [x] I have pinned the dependencies to a specific patch version.

### Style

- [x] I have run the linter and resolved any errors.
- [x] My pull request uses an appropriate title, matching the conventional commit standards.
- [x] My scope of feat/fix/chore/etc. correctly matches the nature of changes in my pull request.

### Tests

- [ ] My contribution adds new code, and I have added tests to cover it.
- [ ] My contribution modifies existing code, and I have updated the tests to reflect these changes.
- [ ] All new and existing tests pass locally with my changes.
- [ ] Code coverage remains at or above the configured threshold.

### Documentation

_No response_

### Versioning

Minor - My pull request introduces a new non-breaking feature.

Reviewed-on: #8
Co-authored-by: Naomi Carrigan <commits@nhcarrigan.com>
Co-committed-by: Naomi Carrigan <commits@nhcarrigan.com>
2026-01-08 18:07:28 -08:00

133 lines
3.9 KiB
TypeScript
Raw Blame History

/**
* @copyright nhcarrigan
* @license Naomi's Public License
* @author Naomi Carrigan
*/
import { blockedIps } from "../cache/blockedIps.js";
import { database } from "../db/database.js";
import { getIpFromRequest } from "../modules/getIpFromRequest.js";
import { getSanctionComponents } from "../modules/getSanctionComponents.js";
import { isValidString } from "../utils/typeguards.js";
import type { FastifyPluginAsync } from "fastify";
const oneDay = 24 * 60 * 60 * 1000;
/**
* Mounts the entry routes for the application. These routes
* should not require CORS, as they are used by external services
* such as our uptime monitor.
* @param server - The Fastify server instance.
*/
export const sanctionRoutes: FastifyPluginAsync = async(server) => {
server.get("/sanctions", async(_request, reply) => {
const sanctions = await database.getInstance().sanctions.findMany({
orderBy: {
createdAt: "desc",
},
take: 100,
});
return await reply.status(200).type("application/json").
send(sanctions.map((sanction) => {
return {
number: sanction.number,
platform: sanction.platform,
reason: sanction.reason,
type: sanction.type,
username: sanction.username,
uuid: sanction.uuid,
};
}));
});
// eslint-disable-next-line @typescript-eslint/naming-convention -- Fastify requires Body instead of body.
server.post<{ Body: { platform: string;
uuid: string;
username: string;
type: string;
reason: string; }; }>(
"/sanction",
async(request, reply) => {
const token = request.headers.authorization;
if (token === undefined || token !== process.env.ANNOUNCEMENT_TOKEN) {
blockedIps.push({
ip: getIpFromRequest(request),
ttl: new Date(Date.now() + oneDay),
});
return await reply.status(401).send({
error:
// eslint-disable-next-line stylistic/max-len -- Big boi string.
"This endpoint requires a special auth token. If you believe you should have access, please contact Naomi. To protect our services, your IP has been blocked from all routes for 24 hours.",
});
}
const { platform, uuid, username, type, reason } = request.body;
if (
[ platform, uuid, username, type, reason ].some((value) => {
return !isValidString(value);
})
) {
return await reply.status(400).send({
error: "Missing required fields.",
});
}
if (![
"warning",
"kick",
"mute",
"ban",
].includes(type)) {
return await reply.status(400).send({
error: "Invalid type. Choose from warning, kick, mute, ban.",
});
}
const count = await database.getInstance().sanctions.count();
const number = count + 1;
await database.getInstance().sanctions.create({
data: {
number,
platform,
reason,
type,
username,
uuid,
},
});
const components = getSanctionComponents(
{
number,
platform,
reason,
type,
username,
uuid,
},
);
await fetch(
`${process.env.SANCTION_WEBHOOK ?? ""}?with_components=true`,
{
body: JSON.stringify({
components: components,
flags: 32_768,
}),
headers: {
// eslint-disable-next-line @typescript-eslint/naming-convention -- headers.
"content-type": "application/json",
},
method: "POST",
},
);
return await reply.status(201).send({
message: `Sanction ${number.toString()} has been logged!`,
});
},
);
};
Reference in New Issue View Git Blame Copy Permalink