4ev-link/4ev.link
1
0
Fork 0
mirror of https://github.com/4ev-link/4ev.link.git synced 2026-01-14 08:38:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
92edd1e2eca1fc7dffa34d039c2ee58a43ff2eaa
4ev.link/functions/api/links/create.js

43 lines
2.5 KiB
JavaScript
Raw Blame History

const genSlug = l => [...Array(l)].map(() => "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" [Math.random() * 62 | 0]).join("");
const RESERVED = new Set(["api", "dash", "admin", "login", "logout", "signin", "signup", "register", "account", "settings", "profile", "password", "user", "users", "link", "links", "url", "urls", "robots", "sitemap", "favicon", "well-known", "assets", "static", "img", "js", "css", "public"]);
export async function onRequestPost({ request, env }) {
try {
const { 'g-recaptcha-response': token, ...body } = await request.json();
const vR = await fetch("https://www.google.com/recaptcha/api/siteverify", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: `secret=${env.RECAPCHA_KEY}&response=${token}` });
if (!(await vR.json()).success) return new Response("CAPTCHA verification failed.", { status: 403 });
const { destination_url, slug, username, pass_hash } = body;
if (!destination_url || !username || !pass_hash) return new Response("Missing fields", { status: 400 });
const user = await env.D1_EV.prepare("SELECT pass_hash, custom_slugs FROM users WHERE username = ?").bind(username).first();
if (user?.pass_hash !== pass_hash) return new Response("Invalid credentials", { status: 401 });
let finalSlug = slug;
if (finalSlug) {
if (RESERVED.has(finalSlug.toLowerCase()) || !/^[a-zA-Z0-9-]{3,32}$/.test(finalSlug) || await env.KV_EV.get(finalSlug))
return new Response("Invalid or taken slug", { status: 400 });
} else {
do { finalSlug = genSlug(6) } while (await env.KV_EV.get(finalSlug));
}
let url = destination_url.startsWith("http") ? destination_url : `https://${destination_url}`;
try { new URL(url) } catch { return new Response("Invalid destination URL", { status: 400 }) }
const dest_no_proto = url.replace(/^https?:\/\//, "");
let slugs;
try { slugs = JSON.parse(user.custom_slugs) } catch {}
const newSlugs = Array.isArray(slugs) ? slugs : [];
newSlugs.push(finalSlug);
await Promise.all([
env.KV_EV.put(finalSlug, dest_no_proto),
env.D1_EV.prepare("UPDATE users SET custom_slugs = ? WHERE username = ?").bind(JSON.stringify(newSlugs), username).run()
]);
return Response.json({ slug: finalSlug }, { status: 201 });
} catch (e) {
return new Response(e.message, { status: 500 });
}
}
Reference in New Issue View Git Blame Copy Permalink