Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
actions-user committed Mar 14, 2024
2 parents 6b08b27 + cc0eae7 commit 9ad212c
Show file tree
Hide file tree
Showing 10 changed files with 243 additions and 110 deletions.
43 changes: 0 additions & 43 deletions app/api/cors/[...path]/route.ts

This file was deleted.

73 changes: 73 additions & 0 deletions app/api/upstash/[action]/[...key]/route.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
import { NextRequest, NextResponse } from "next/server";

async function handle(
req: NextRequest,
{ params }: { params: { action: string; key: string[] } },
) {
const requestUrl = new URL(req.url);
const endpoint = requestUrl.searchParams.get("endpoint");

if (req.method === "OPTIONS") {
return NextResponse.json({ body: "OK" }, { status: 200 });
}
const [...key] = params.key;
// only allow to request to *.upstash.io
if (!endpoint || !new URL(endpoint).hostname.endsWith(".upstash.io")) {
return NextResponse.json(
{
error: true,
msg: "you are not allowed to request " + params.key.join("/"),
},
{
status: 403,
},
);
}

// only allow upstash get and set method
if (params.action !== "get" && params.action !== "set") {
console.log("[Upstash Route] forbidden action ", params.action);
return NextResponse.json(
{
error: true,
msg: "you are not allowed to request " + params.action,
},
{
status: 403,
},
);
}

const targetUrl = `${endpoint}/${params.action}/${params.key.join("/")}`;

const method = req.method;
const shouldNotHaveBody = ["get", "head"].includes(
method?.toLowerCase() ?? "",
);

const fetchOptions: RequestInit = {
headers: {
authorization: req.headers.get("authorization") ?? "",
},
body: shouldNotHaveBody ? null : req.body,
method,
// @ts-ignore
duplex: "half",
};

console.log("[Upstash Proxy]", targetUrl, fetchOptions);
const fetchResult = await fetch(targetUrl, fetchOptions);

console.log("[Any Proxy]", targetUrl, {
status: fetchResult.status,
statusText: fetchResult.statusText,
});

return fetchResult;
}

export const POST = handle;
export const GET = handle;
export const OPTIONS = handle;

export const runtime = "edge";
112 changes: 112 additions & 0 deletions app/api/webdav/[...path]/route.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,112 @@
import { NextRequest, NextResponse } from "next/server";
import { STORAGE_KEY } from "../../../constant";
async function handle(
req: NextRequest,
{ params }: { params: { path: string[] } },
) {
if (req.method === "OPTIONS") {
return NextResponse.json({ body: "OK" }, { status: 200 });
}
const folder = STORAGE_KEY;
const fileName = `${folder}/backup.json`;

const requestUrl = new URL(req.url);
let endpoint = requestUrl.searchParams.get("endpoint");
if (!endpoint?.endsWith("/")) {
endpoint += "/";
}
const endpointPath = params.path.join("/");

// only allow MKCOL, GET, PUT
if (req.method !== "MKCOL" && req.method !== "GET" && req.method !== "PUT") {
return NextResponse.json(
{
error: true,
msg: "you are not allowed to request " + params.path.join("/"),
},
{
status: 403,
},
);
}

// for MKCOL request, only allow request ${folder}
if (
req.method == "MKCOL" &&
!new URL(endpointPath).pathname.endsWith(folder)
) {
return NextResponse.json(
{
error: true,
msg: "you are not allowed to request " + params.path.join("/"),
},
{
status: 403,
},
);
}

// for GET request, only allow request ending with fileName
if (
req.method == "GET" &&
!new URL(endpointPath).pathname.endsWith(fileName)
) {
return NextResponse.json(
{
error: true,
msg: "you are not allowed to request " + params.path.join("/"),
},
{
status: 403,
},
);
}

// for PUT request, only allow request ending with fileName
if (
req.method == "PUT" &&
!new URL(endpointPath).pathname.endsWith(fileName)
) {
return NextResponse.json(
{
error: true,
msg: "you are not allowed to request " + params.path.join("/"),
},
{
status: 403,
},
);
}

const targetUrl = `${endpoint + endpointPath}`;

const method = req.method;
const shouldNotHaveBody = ["get", "head"].includes(
method?.toLowerCase() ?? "",
);

const fetchOptions: RequestInit = {
headers: {
authorization: req.headers.get("authorization") ?? "",
},
body: shouldNotHaveBody ? null : req.body,
method,
// @ts-ignore
duplex: "half",
};

const fetchResult = await fetch(targetUrl, fetchOptions);

console.log("[Any Proxy]", targetUrl, {
status: fetchResult.status,
statusText: fetchResult.statusText,
});

return fetchResult;
}

export const POST = handle;
export const GET = handle;
export const OPTIONS = handle;

export const runtime = "edge";
2 changes: 1 addition & 1 deletion app/constant.ts
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ export enum Path {
}

export enum ApiPath {
Cors = "/api/cors",
Cors = "",
OpenAI = "/api/openai",
}

Expand Down
11 changes: 10 additions & 1 deletion app/store/sync.ts
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ export const useSyncStore = createPersistStore(
}),
{
name: StoreKey.Sync,
version: 1.1,
version: 1.2,

migrate(persistedState, version) {
const newState = persistedState as typeof DEFAULT_SYNC_STATE;
Expand All @@ -127,6 +127,15 @@ export const useSyncStore = createPersistStore(
newState.upstash.username = STORAGE_KEY;
}

if (version < 1.2) {
if (
(persistedState as typeof DEFAULT_SYNC_STATE).proxyUrl ===
"/api/cors/"
) {
newState.proxyUrl = "";
}
}

return newState as any;
},
},
Expand Down
34 changes: 20 additions & 14 deletions app/utils/cloud/upstash.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import { STORAGE_KEY } from "@/app/constant";
import { SyncStore } from "@/app/store/sync";
import { corsFetch } from "../cors";
import { chunks } from "../format";

export type UpstashConfig = SyncStore["upstash"];
Expand All @@ -18,10 +17,9 @@ export function createUpstashClient(store: SyncStore) {
return {
async check() {
try {
const res = await corsFetch(this.path(`get/${storeKey}`), {
const res = await fetch(this.path(`get/${storeKey}`, proxyUrl), {
method: "GET",
headers: this.headers(),
proxyUrl,
});
console.log("[Upstash] check", res.status, res.statusText);
return [200].includes(res.status);
Expand All @@ -32,10 +30,9 @@ export function createUpstashClient(store: SyncStore) {
},

async redisGet(key: string) {
const res = await corsFetch(this.path(`get/${key}`), {
const res = await fetch(this.path(`get/${key}`, proxyUrl), {
method: "GET",
headers: this.headers(),
proxyUrl,
});

console.log("[Upstash] get key = ", key, res.status, res.statusText);
Expand All @@ -45,11 +42,10 @@ export function createUpstashClient(store: SyncStore) {
},

async redisSet(key: string, value: string) {
const res = await corsFetch(this.path(`set/${key}`), {
const res = await fetch(this.path(`set/${key}`, proxyUrl), {
method: "POST",
headers: this.headers(),
body: value,
proxyUrl,
});

console.log("[Upstash] set key = ", key, res.status, res.statusText);
Expand Down Expand Up @@ -84,18 +80,28 @@ export function createUpstashClient(store: SyncStore) {
Authorization: `Bearer ${config.apiKey}`,
};
},
path(path: string) {
let url = config.endpoint;

if (!url.endsWith("/")) {
url += "/";
path(path: string, proxyUrl: string = "") {
if (!path.endsWith("/")) {
path += "/";
}

if (path.startsWith("/")) {
path = path.slice(1);
}

return url + path;
if (proxyUrl.length > 0 && !proxyUrl.endsWith("/")) {
proxyUrl += "/";
}

let url;
if (proxyUrl.length > 0 || proxyUrl === "/") {
let u = new URL(proxyUrl + "/api/upstash/" + path);
// add query params
u.searchParams.append("endpoint", config.endpoint);
url = u.toString();
} else {
url = "/api/upstash/" + path + "?endpoint=" + config.endpoint;
}
return url;
},
};
}
Loading

0 comments on commit 9ad212c

Please sign in to comment.