4ev-link/4ev.link
1
0
Fork 0
mirror of https://github.com/4ev-link/4ev.link.git synced 2026-01-14 00:28:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix: Add ban check and update ntfy actions

Browse Source
This commit is contained in:
multipleof4
2025-11-28 08:00:51 -08:00
parent b061587156
commit 1fed0a503d
1 changed files with 23 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
functions/api/links/create.js
View File

@@ -6,19 +6,21 @@ const RESERVED = new Set([
"settings","profile","password","user","users","link","links","url","urls", "settings","profile","password","user","users","link","links","url","urls",
"robots","sitemap","favicon","well-known","assets","static","img","js","css","public" "robots","sitemap","favicon","well-known","assets","static","img","js","css","public"
]); ]);
const ntfy = (env,title,msg,act,p=3) => const ntfy = (env,title,msg,slug,user,p=3) => {
env.NTFY_TOPIC if(!env.NTFY_TOPIC) return Promise.resolve();
? fetch(`https://ntfy.sh/${env.NTFY_TOPIC}`,{ const origin = "https://4ev.link"; // Hardcoded or derived from env if needed
method:"POST", const actions = `view, Seize, ${origin}/admin?slug=${slug}; view, Ban User, ${origin}/admin?user=${user}`;
headers:{ return fetch(`https://ntfy.sh/${env.NTFY_TOPIC}`,{
"Title":`🔔 ${title}`, method:"POST",
"Priority":String(p), headers:{
"Content-Type":"text/plain", "Title":`🔔 ${title}`,
...(act?{"Actions":`view, Seize, ${act}`}:{}) "Priority":String(p),
}, "Content-Type":"text/plain",
body:msg "Actions": actions
}).catch(()=>{}) },
: Promise.resolve(); body:msg
}).catch(()=>{});
};
export async function onRequestPost({ request, env }) { export async function onRequestPost({ request, env }) {
try { try {
@@ -39,11 +41,16 @@ export async function onRequestPost({ request, env }) {
return new Response("Missing fields",{ status:400 }); return new Response("Missing fields",{ status:400 });
const user = await env.D1_EV const user = await env.D1_EV
.prepare("SELECT pass_hash, custom_slugs FROM users WHERE username = ?") .prepare("SELECT pass_hash, custom_slugs, banned_until FROM users WHERE username = ?")
.bind(username) .bind(username)
.first(); .first();
if (user?.pass_hash !== pass_hash) if (user?.pass_hash !== pass_hash)
return new Response("Invalid credentials",{ status:401 }); return new Response("Invalid credentials",{ status:401 });
if (user.banned_until && user.banned_until > Date.now()) {
const days = Math.ceil((user.banned_until - Date.now()) / 86400000);
return new Response(`Account banned for ${days} more days.`, { status: 403 });
}
let finalSlug = slug; let finalSlug = slug;
if (finalSlug) { if (finalSlug) {
@@ -79,7 +86,8 @@ export async function onRequestPost({ request, env }) {
env, env,
"link-create", "link-create",
`event=create\nuser=${username}\nslug=${finalSlug}\ndestination=${dest_no_proto}`, `event=create\nuser=${username}\nslug=${finalSlug}\ndestination=${dest_no_proto}`,
`${new URL(request.url).origin}/admin?slug=${finalSlug}`, finalSlug,
username,
3 3
) )
]); ]);