src/api/Server.ts

/**
 * This file is part of SudoBot.
 *
 * Copyright (C) 2021-2023 OSN Developers.
 *
 * SudoBot is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * SudoBot is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with SudoBot. If not, see <https://www.gnu.org/licenses/>.
 */

import cors from "cors";
import express, { Request as ExpressRequest, Response as ExpressResponse, NextFunction } from "express";
import rateLimit from "express-rate-limit";
import fs from "fs/promises";
import { Server as HttpServer } from "http";
import { join, resolve } from "path";
import Client from "../core/Client";
import { RouteMetadata } from "../types/RouteMetadata";
import { log, logError, logInfo, logWarn } from "../utils/logger";
import Controller from "./Controller";
import Response from "./Response";

export default class Server {
    protected expressApp = express();
    public readonly port = process.env.PORT ?? 4000;
    protected controllersDirectory = resolve(__dirname, "controllers");
    expressServer?: HttpServer;

    constructor(protected client: Client) {}

    async onReady() {
        await this.boot();
    }

    async boot() {
        const router = express.Router();
        await this.loadControllers(undefined, router);

        this.expressApp.use((err: unknown, req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
            if (err instanceof SyntaxError && "status" in err && err.status === 400 && "body" in err) {
                res.status(400).json({
                    error: "Invalid JSON payload"
                });

                return;
            }
        });

        this.expressApp.use(cors());

        const limiter = rateLimit({
            windowMs: 30 * 1000,
            max: 28,
            standardHeaders: true,
            legacyHeaders: false
        });

        const configLimiter = rateLimit({
            windowMs: 10 * 1000,
            max: 7,
            standardHeaders: true,
            legacyHeaders: false
        });

        if (this.client.configManager.systemConfig.trust_proxies !== undefined) {
            logInfo("Set express trust proxy option value to ", this.client.configManager.systemConfig.trust_proxies);
            this.expressApp.set("trust proxy", this.client.configManager.systemConfig.trust_proxies);
        }

        this.expressApp.use(limiter);
        this.expressApp.use("/config", configLimiter);
        this.expressApp.use(express.json());
        this.expressApp.use("/", router);
    }

    async loadControllers(directory = this.controllersDirectory, router: express.Router) {
        const files = await fs.readdir(directory);

        for (const file of files) {
            const filePath = join(directory, file);
            const isDirectory = (await fs.lstat(filePath)).isDirectory();

            if (isDirectory) {
                await this.loadControllers(filePath, router);
                continue;
            }

            if (!file.endsWith(".ts") && !file.endsWith(".js")) {
                continue;
            }

            const { default: ControllerClass } = await import(filePath);
            const controller: Controller = new ControllerClass(this.client);

            const metadata: Record<string, RouteMetadata> | undefined = Reflect.getMetadata(
                "action_methods",
                ControllerClass.prototype
            );

            const authMiddleware = Reflect.getMetadata("auth_middleware", ControllerClass.prototype) ?? {};
            const validatonMiddleware = Reflect.getMetadata("validation_middleware", ControllerClass.prototype) ?? {};

            if (metadata) {
                for (const methodName in metadata) {
                    if (!metadata[methodName]) {
                        continue;
                    }

                    for (const method in metadata[methodName]!) {
                        const data = metadata[methodName][method as keyof RouteMetadata]!;

                        if (!data) {
                            continue;
                        }

                        const { middleware, handler, path } = data;

                        if (!handler) {
                            continue;
                        }

                        if (!path) {
                            logError(`[Server] No path specified at function ${handler.name} in controller ${file}. Skipping.`);
                            continue;
                        }

                        if (method && !["GET", "POST", "HEAD", "PUT", "PATCH", "DELETE"].includes(method)) {
                            logError(
                                `[Server] Invalid method '${method}' specified at function ${handler.name} in controller ${file}. Skipping.`
                            );
                            continue;
                        }

                        log(`Added handler for ${method?.toUpperCase() ?? "GET"} ${path}`);

                        const finalMiddlewareArray = [
                            ...(authMiddleware[methodName] ? [authMiddleware[methodName]] : []),
                            ...(validatonMiddleware[methodName] ? [validatonMiddleware[methodName]] : []),
                            ...(middleware ?? [])
                        ];

                        (router[(method?.toLowerCase() ?? "get") as keyof typeof router] as Function)(
                            path,
                            ...(finalMiddlewareArray?.map(
                                fn => (req: ExpressRequest, res: ExpressResponse, next: NextFunction) =>
                                    fn(this.client, req, res, next)
                            ) ?? []),
                            async (req: ExpressRequest, res: ExpressResponse) => {
                                const userResponse = await handler.bind(controller)(req, res);

                                if (!res.headersSent) {
                                    if (userResponse instanceof Response) {
                                        userResponse.send(res);
                                    } else if (userResponse && typeof userResponse === "object") {
                                        res.json(userResponse);
                                    } else if (typeof userResponse === "string") {
                                        res.send(userResponse);
                                    } else if (typeof userResponse === "number") {
                                        res.send(userResponse.toString());
                                    } else {
                                        logWarn("Invalid value was returned from the controller. Not sending a response.");
                                    }
                                }
                            }
                        );
                    }
                }
            }
        }
    }

    async start() {
        this.expressServer = this.expressApp.listen(this.port, () => logInfo(`API server is listening at port ${this.port}`));
    }
}
1	/**
2	* This file is part of SudoBot.
3	*
4	* Copyright (C) 2021-2023 OSN Developers.
5	*
6	* SudoBot is free software; you can redistribute it and/or modify it
7	* under the terms of the GNU Affero General Public License as published by
8	* the Free Software Foundation, either version 3 of the License, or
9	* (at your option) any later version.
10	*
11	* SudoBot is distributed in the hope that it will be useful, but
12	* WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	* GNU Affero General Public License for more details.
15	*
16	* You should have received a copy of the GNU Affero General Public License
17	* along with SudoBot. If not, see <https://www.gnu.org/licenses/>.
18	*/
19
20	import cors from "cors";
21	import express, { Request as ExpressRequest, Response as ExpressResponse, NextFunction } from "express";
22	import rateLimit from "express-rate-limit";
23	import fs from "fs/promises";
24	import { Server as HttpServer } from "http";
25	import { join, resolve } from "path";
26	import Client from "../core/Client";
27	import { RouteMetadata } from "../types/RouteMetadata";
28	import { log, logError, logInfo, logWarn } from "../utils/logger";
29	import Controller from "./Controller";
30	import Response from "./Response";
31
32	export default class Server {
33	protected expressApp = express();
34	public readonly port = process.env.PORT ?? 4000;
35	protected controllersDirectory = resolve(__dirname, "controllers");
36	expressServer?: HttpServer;
37
38	constructor(protected client: Client) {}
39
40	async onReady() {
41	await this.boot();
42	}
43
44	async boot() {
45	const router = express.Router();
46	await this.loadControllers(undefined, router);
47
48	this.expressApp.use((err: unknown, req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
49	if (err instanceof SyntaxError && "status" in err && err.status === 400 && "body" in err) {
50	res.status(400).json({
51	error: "Invalid JSON payload"
52	});
53
54	return;
55	}
56	});
57
58	this.expressApp.use(cors());
59
60	const limiter = rateLimit({
61	windowMs: 30 * 1000,
62	max: 28,
63	standardHeaders: true,
64	legacyHeaders: false
65	});
66
67	const configLimiter = rateLimit({
68	windowMs: 10 * 1000,
69	max: 7,
70	standardHeaders: true,
71	legacyHeaders: false
72	});
73
74	if (this.client.configManager.systemConfig.trust_proxies !== undefined) {
75	logInfo("Set express trust proxy option value to ", this.client.configManager.systemConfig.trust_proxies);
76	this.expressApp.set("trust proxy", this.client.configManager.systemConfig.trust_proxies);
77	}
78
79	this.expressApp.use(limiter);
80	this.expressApp.use("/config", configLimiter);
81	this.expressApp.use(express.json());
82	this.expressApp.use("/", router);
83	}
84
85	async loadControllers(directory = this.controllersDirectory, router: express.Router) {
86	const files = await fs.readdir(directory);
87
88	for (const file of files) {
89	const filePath = join(directory, file);
90	const isDirectory = (await fs.lstat(filePath)).isDirectory();
91
92	if (isDirectory) {
93	await this.loadControllers(filePath, router);
94	continue;
95	}
96
97	if (!file.endsWith(".ts") && !file.endsWith(".js")) {
98	continue;
99	}
100
101	const { default: ControllerClass } = await import(filePath);
102	const controller: Controller = new ControllerClass(this.client);
103
104	const metadata: Record<string, RouteMetadata> \| undefined = Reflect.getMetadata(
105	"action_methods",
106	ControllerClass.prototype
107	);
108
109	const authMiddleware = Reflect.getMetadata("auth_middleware", ControllerClass.prototype) ?? {};
110	const validatonMiddleware = Reflect.getMetadata("validation_middleware", ControllerClass.prototype) ?? {};
111
112	if (metadata) {
113	for (const methodName in metadata) {
114	if (!metadata[methodName]) {
115	continue;
116	}
117
118	for (const method in metadata[methodName]!) {
119	const data = metadata[methodName][method as keyof RouteMetadata]!;
120
121	if (!data) {
122	continue;
123	}
124
125	const { middleware, handler, path } = data;
126
127	if (!handler) {
128	continue;
129	}
130
131	if (!path) {
132	logError(`[Server] No path specified at function ${handler.name} in controller ${file}. Skipping.`);
133	continue;
134	}
135
136	if (method && !["GET", "POST", "HEAD", "PUT", "PATCH", "DELETE"].includes(method)) {
137	logError(
138	`[Server] Invalid method '${method}' specified at function ${handler.name} in controller ${file}. Skipping.`
139	);
140	continue;
141	}
142
143	log(`Added handler for ${method?.toUpperCase() ?? "GET"} ${path}`);
144
145	const finalMiddlewareArray = [
146	...(authMiddleware[methodName] ? [authMiddleware[methodName]] : []),
147	...(validatonMiddleware[methodName] ? [validatonMiddleware[methodName]] : []),
148	...(middleware ?? [])
149	];
150
151	(router[(method?.toLowerCase() ?? "get") as keyof typeof router] as Function)(
152	path,
153	...(finalMiddlewareArray?.map(
154	fn => (req: ExpressRequest, res: ExpressResponse, next: NextFunction) =>
155	fn(this.client, req, res, next)
156	) ?? []),
157	async (req: ExpressRequest, res: ExpressResponse) => {
158	const userResponse = await handler.bind(controller)(req, res);
159
160	if (!res.headersSent) {
161	if (userResponse instanceof Response) {
162	userResponse.send(res);
163	} else if (userResponse && typeof userResponse === "object") {
164	res.json(userResponse);
165	} else if (typeof userResponse === "string") {
166	res.send(userResponse);
167	} else if (typeof userResponse === "number") {
168	res.send(userResponse.toString());
169	} else {
170	logWarn("Invalid value was returned from the controller. Not sending a response.");
171	}
172	}
173	}
174	);
175	}
176	}
177	}
178	}
179	}
180
181	async start() {
182	this.expressServer = this.expressApp.listen(this.port, () => logInfo(`API server is listening at port ${this.port}`));
183	}
184	}