diff options
| author | Factiven <[email protected]> | 2023-09-25 00:44:40 +0700 |
|---|---|---|
| committer | GitHub <[email protected]> | 2023-09-25 00:44:40 +0700 |
| commit | 1a85c2571690ba592ac5183d5eadaf9846fe532b (patch) | |
| tree | 3f3552c00cd49c0eeab5275275cf5cf5666e5027 /pages/api/v2/admin | |
| parent | Delete .github/workflows/deploy.yml (diff) | |
| download | moopa-4.1.0.tar.xz moopa-4.1.0.zip | |
Update v4.1.0 (#79)v4.1.0
* Update v4.1.0
* Update pages/_app.js
Diffstat (limited to 'pages/api/v2/admin')
| -rw-r--r-- | pages/api/v2/admin/broadcast/index.js | 40 | ||||
| -rw-r--r-- | pages/api/v2/admin/bug-report/index.js | 49 | ||||
| -rw-r--r-- | pages/api/v2/admin/meta/index.js | 47 |
3 files changed, 136 insertions, 0 deletions
diff --git a/pages/api/v2/admin/broadcast/index.js b/pages/api/v2/admin/broadcast/index.js new file mode 100644 index 0000000..d3d3af0 --- /dev/null +++ b/pages/api/v2/admin/broadcast/index.js @@ -0,0 +1,40 @@ +import { rateLimitStrict, redis } from "@/lib/redis"; +// import { getServerSession } from "next-auth"; +// import { authOptions } from "pages/api/auth/[...nextauth]"; + +export default async function handler(req, res) { + // Check if the custom header "X-Your-Custom-Header" is present and has a specific value + const customHeaderValue = req.headers["x-broadcast-key"]; + + if (customHeaderValue !== "get-broadcast") { + return res.status(401).json({ message: "Unauthorized" }); + } + + try { + if (redis) { + try { + const ipAddress = req.socket.remoteAddress; + await rateLimitStrict.consume(ipAddress); + } catch (error) { + return res.status(429).json({ + error: `Too Many Requests, retry after ${error.msBeforeNext / 1000}`, + }); + } + + const getId = await redis.get(`broadcast`); + if (getId) { + const broadcast = JSON.parse(getId); + return res + .status(200) + .json({ message: broadcast.message, startAt: broadcast.startAt }); + } else { + return res.status(200).json({ message: "No broadcast" }); + } + } + + return res.status(200).json({ message: "redis is not defined" }); + } catch (err) { + console.error(err); + res.status(500).json({ error: err.message }); + } +} diff --git a/pages/api/v2/admin/bug-report/index.js b/pages/api/v2/admin/bug-report/index.js new file mode 100644 index 0000000..fc5ee77 --- /dev/null +++ b/pages/api/v2/admin/bug-report/index.js @@ -0,0 +1,49 @@ +import { rateLimitStrict, redis } from "@/lib/redis"; +// import { getServerSession } from "next-auth"; +// import { authOptions } from "pages/api/auth/[...nextauth]"; + +export default async function handler(req, res) { + // const session = await getServerSession(req, res, authOptions); + // const admin = session?.user?.name === process.env.ADMIN_USERNAME; + // create random id each time the endpoint is called + const id = Math.random().toString(36).substr(2, 9); + + // if (!admin) { + // return res.status(401).json({ message: "Unauthorized" }); + // } + const { data } = req.body; + + // if method is not POST return message "Method not allowed" + if (req.method !== "POST") { + return res.status(405).json({ message: "Method not allowed" }); + } + + try { + if (redis) { + try { + const ipAddress = req.socket.remoteAddress; + await rateLimitStrict.consume(ipAddress); + } catch (error) { + return res.status(429).json({ + error: `Too Many Requests, retry after ${error.msBeforeNext / 1000}`, + }); + } + + const getId = await redis.get(`report:${id}`); + if (getId) { + return res + .status(200) + .json({ message: `Data already exist for id: ${id}` }); + } + await redis.set(`report:${id}`, JSON.stringify(data)); + return res + .status(200) + .json({ message: `Report has successfully sent, with Id of ${id}` }); + } + + return res.status(200).json({ message: "redis is not defined" }); + } catch (err) { + console.error(err); + res.status(500).json({ error: err.message }); + } +} diff --git a/pages/api/v2/admin/meta/index.js b/pages/api/v2/admin/meta/index.js new file mode 100644 index 0000000..5f51b7f --- /dev/null +++ b/pages/api/v2/admin/meta/index.js @@ -0,0 +1,47 @@ +import { rateLimitStrict, redis } from "@/lib/redis"; +import { getServerSession } from "next-auth"; +import { authOptions } from "pages/api/auth/[...nextauth]"; + +export default async function handler(req, res) { + const session = await getServerSession(req, res, authOptions); + const admin = session?.user?.name === process.env.ADMIN_USERNAME; + + if (!admin) { + return res.status(401).json({ message: "Unauthorized" }); + } + const { id, data } = req.body; + + // if method is not POST return message "Method not allowed" + if (req.method !== "POST") { + return res.status(405).json({ message: "Method not allowed" }); + } + + try { + if (redis) { + try { + const ipAddress = req.socket.remoteAddress; + await rateLimitStrict.consume(ipAddress); + } catch (error) { + return res.status(429).json({ + error: `Too Many Requests, retry after ${error.msBeforeNext / 1000}`, + }); + } + + const getId = await redis.get(`meta:${id}`); + if (getId) { + return res + .status(200) + .json({ message: `Data already exist for id: ${id}` }); + } + await redis.set(`meta:${id}`, JSON.stringify(data)); + return res + .status(200) + .json({ message: `Data stored successfully for id: ${id}` }); + } + + return res.status(200).json({ message: "redis is not defined" }); + } catch (err) { + console.error(err); + res.status(500).json({ error: err.message }); + } +} |