From 61d9cf9cdef51c9a9f0f2e794e39d2bb9b1ce899 Mon Sep 17 00:00:00 2001 From: multipleof4 Date: Mon, 10 Nov 2025 13:22:30 -0800 Subject: [PATCH] Feat: send ntfy notify on link create --- functions/api/links/create.js | 146 +++++++++++----------------------- 1 file changed, 48 insertions(+), 98 deletions(-) diff --git a/functions/api/links/create.js b/functions/api/links/create.js index f500cc4..b83e96e 100644 --- a/functions/api/links/create.js +++ b/functions/api/links/create.js @@ -1,140 +1,90 @@ -const genSlug = l => - [...Array(l)] - .map( - () => - "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"[ - (Math.random() * 62) | 0 - ] - ) - .join(""); - +const genSlug = l => [...Array(l)] + .map(()=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"[Math.random()*62|0]) + .join(""); const RESERVED = new Set([ - "api", - "dash", - "admin", - "login", - "logout", - "signin", - "signup", - "register", - "account", - "settings", - "profile", - "password", - "user", - "users", - "link", - "links", - "url", - "urls", - "robots", - "sitemap", - "favicon", - "well-known", - "assets", - "static", - "img", - "js", - "css", - "public", + "api","dash","admin","login","logout","signin","signup","register","account", + "settings","profile","password","user","users","link","links","url","urls", + "robots","sitemap","favicon","well-known","assets","static","img","js","css","public" ]); - -const notify = (env, title, message, level = 2) => - env.NTFY_TOPIC - ? fetch(`https://ntfy.sh/${env.NTFY_TOPIC}`, { - method: "POST", - headers: { - "Content-Type": "text/plain", - Title: title, - Priority: String(level), - }, - body: message, - }).catch(() => {}) - : Promise.resolve(); +const ntfy = (env,topic,tags,msg,p=3) => + env.NTFY_TOPIC ? + fetch(`https://ntfy.sh/${topic}`,{ + method:"POST", + headers:{ + "Title":tags, + "Priority":String(p), + "Content-Type":"text/plain" + }, + body:msg + }).catch(()=>{}) : + Promise.resolve(); export async function onRequestPost({ request, env }) { try { - const { "g-recaptcha-response": token, ...body } = await request.json(); - + const { "g-recaptcha-response":token, ...body } = await request.json(); const vR = await fetch( "https://www.google.com/recaptcha/api/siteverify", { - method: "POST", - headers: { "Content-Type": "application/x-www-form-urlencoded" }, - body: `secret=${env.RECAPCHA_KEY}&response=${token}`, + method:"POST", + headers:{ "Content-Type":"application/x-www-form-urlencoded" }, + body:`secret=${env.RECAPCHA_KEY}&response=${token}` } ); - if (!(await vR.json()).success) - return new Response("CAPTCHA verification failed.", { status: 403 }); + return new Response("CAPTCHA verification failed.",{ status:403 }); const { destination_url, slug, username, pass_hash } = body; if (!destination_url || !username || !pass_hash) - return new Response("Missing fields", { status: 400 }); + return new Response("Missing fields",{ status:400 }); - const user = await env.D1_EV.prepare( - "SELECT pass_hash, custom_slugs FROM users WHERE username = ?" - ) + const user = await env.D1_EV + .prepare("SELECT pass_hash, custom_slugs FROM users WHERE username = ?") .bind(username) .first(); - if (user?.pass_hash !== pass_hash) - return new Response("Invalid credentials", { status: 401 }); + return new Response("Invalid credentials",{ status:401 }); let finalSlug = slug; - if (finalSlug) { if ( RESERVED.has(finalSlug.toLowerCase()) || !/^[a-zA-Z0-9-]{3,32}$/.test(finalSlug) || - (await env.KV_EV.get(finalSlug)) - ) - return new Response("Invalid or taken slug", { status: 400 }); + await env.KV_EV.get(finalSlug) + ) return new Response("Invalid or taken slug",{ status:400 }); } else { - do { - finalSlug = genSlug(6); - } while (await env.KV_EV.get(finalSlug)); + do { finalSlug = genSlug(6) } + while (await env.KV_EV.get(finalSlug)); } let url = destination_url.startsWith("http") ? destination_url : `https://${destination_url}`; + try { new URL(url) } + catch { return new Response("Invalid destination URL",{ status:400 }) } - try { - new URL(url); - } catch { - return new Response("Invalid destination URL", { status: 400 }); - } - - const dest_no_proto = url.replace(/^https?:\/\//, ""); - + const dest_no_proto = url.replace(/^https?:\/\//,""); let slugs; - try { - slugs = JSON.parse(user.custom_slugs); - } catch {} - + try { slugs = JSON.parse(user.custom_slugs) } catch {} const newSlugs = Array.isArray(slugs) ? slugs : []; newSlugs.push(finalSlug); await Promise.all([ - env.KV_EV.put(finalSlug, dest_no_proto), - env.D1_EV.prepare( - "UPDATE users SET custom_slugs = ? WHERE username = ?" - ) - .bind(JSON.stringify(newSlugs), username) + env.KV_EV.put(finalSlug,dest_no_proto), + env.D1_EV + .prepare("UPDATE users SET custom_slugs = ? WHERE username = ?") + .bind(JSON.stringify(newSlugs),username) .run(), + ntfy( + env, + env.NTFY_TOPIC, + "link-create", + `event=create\nuser=${username}\nslug=${finalSlug}\ndestination=${dest_no_proto}`, + 3 + ) ]); - env.NTFY_TOPIC && - notify( - env, - "4ev.link: link created", - `user=${username} slug=${finalSlug} dest=${dest_no_proto}`, - 2 - ); - - return Response.json({ slug: finalSlug }, { status: 201 }); + return Response.json({ slug:finalSlug },{ status:201 }); } catch (e) { - return new Response(e.message, { status: 500 }); + return new Response(e.message,{ status:500 }); } }