-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.js
More file actions
148 lines (123 loc) · 2.9 KB
/
index.js
File metadata and controls
148 lines (123 loc) · 2.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
import _ from "lodash";
import auth from "./middlewares/auth.js";
import cors from "cors";
import dotenv from "dotenv";
import express from "express";
import { createProxyMiddleware } from "http-proxy-middleware";
import { spawn } from "node:child_process";
import path from "node:path";
import { ethers } from "ethers";
dotenv.config();
const app = express();
const corsConfig = cors({ origin: "*" });
app.use(corsConfig);
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
const gateway = process.env.IPFS_LOCAL_GATEWAY || "http://127.0.0.1:8080";
const api = process.env.IPFS_ENDPOINT || "http://127.0.0.1:5001";
function isOwnPath(address, reqPath) {
let p = path.normalize(reqPath);
const ownPath = path.normalize(path.join("/", address));
if (p.startsWith(ownPath)) {
return true;
}
return false;
}
function isOthersPublic(reqPath) {
let p = path.normalize(reqPath);
if (!p.startsWith("/")) {
throw Error("Invalid based url1");
}
let frag = p.split("/");
if (frag.length < 3) {
throw Error("Invalid based url2");
}
const [root, address, pdir] = frag;
if (root !== "") {
throw Error("Invalid based url3");
}
if (!ethers.utils.isAddress(address)) {
throw Error("Invalid web3 address");
}
if (pdir !== "public") {
throw Error("Unauthorized access!");
}
return true;
}
function ownership(req, res, next) {
const address = _.get(req, ["headers", "address"], null);
if (!address) {
res.status(401).json({
status: "ERROR",
message: "Unauthorized! Visitor must have a web3 address",
});
}
if (!ethers.utils.isAddress(address)) {
res.status(401).json({
status: "ERROR",
message: "Unauthorized! Invalid visitor web3 address",
});
}
const baseUrl = req.baseUrl;
if (baseUrl === "/api/v0/files/ls") {
try {
if (isOwnPath(address, req.query.arg)) {
return next();
}
if (isOthersPublic(req.query.arg)) {
return next();
}
} catch (error) {
return res.status(401).json({
status: "ERROR",
message: error.message,
});
}
return res.status(401).json({
status: "ERROR",
message: "Unauthorized",
});
} else {
return next();
}
}
app.use(
"/ipfs/*",
// auth,
createProxyMiddleware({
target: gateway,
changeOrigin: true,
}),
);
app.use(
"/api/*",
// auth,
ownership,
createProxyMiddleware({
target: api,
changeOrigin: true,
}),
);
app.post("/pin", auth, async (req, res) => {
const cids = _.get(req, ["body"], []);
const processes = cids.map((cid) => {
return spawn("ipfs-clster-ctl", ["pin", "add", cid]);
});
await Promise.all(processes);
res.json({
cids,
});
});
app.post("/unpin", auth, async (req, res) => {
const cids = _.get(req, ["body"], []);
const processes = cids.map((cid) => {
return spawn("ipfs-clster-ctl", ["pin", "rm", cid]);
});
await Promise.all(processes);
res.json({
cids,
});
});
app.listen(3000, "0.0.0.0", () => {
console.log("Server is running on port 3000");
});