mirror of
https://github.com/4ev-link/4ev.link.git
synced 2026-01-14 16:48:41 +00:00
26 lines
1.5 KiB
JavaScript
26 lines
1.5 KiB
JavaScript
export async function onRequestPost({ request, env }) {
|
|
try {
|
|
const { 'g-recaptcha-response': token, ...body } = await request.json();
|
|
const vR = await fetch("https://www.google.com/recaptcha/api/siteverify", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: `secret=${env.RECAPCHA_KEY}&response=${token}` });
|
|
if (!(await vR.json()).success) return new Response("CAPTCHA verification failed.", { status: 403 });
|
|
|
|
const { slug, destination_url, username, pass_hash } = body;
|
|
if (!slug || !destination_url || !username || !pass_hash) return new Response("Missing fields", { status: 400 });
|
|
|
|
const user = await env.D1_EV.prepare("SELECT pass_hash, custom_slugs FROM users WHERE username = ?").bind(username).first();
|
|
if (user?.pass_hash !== pass_hash) return new Response("Invalid credentials", { status: 401 });
|
|
|
|
let slugs = [];
|
|
try { slugs = JSON.parse(user.custom_slugs) } catch {}
|
|
if (!Array.isArray(slugs) || !slugs.includes(slug)) return new Response("Unauthorized", { status: 403 });
|
|
|
|
let url = destination_url.startsWith("http") ? destination_url : `https://${destination_url}`;
|
|
try { new URL(url) } catch { return new Response("Invalid destination URL", { status: 400 }) }
|
|
|
|
await env.KV_EV.put(slug, url.replace(/^https?:\/\//, ""));
|
|
return Response.json({ success: true });
|
|
} catch (e) {
|
|
return new Response(e.message, { status: 500 });
|
|
}
|
|
}
|