64 lines
1.8 KiB
TypeScript
64 lines
1.8 KiB
TypeScript
import axios from "axios";
|
|
import { Request, Response } from "express";
|
|
import { Route, RouteMessages } from "server";
|
|
import { PROXY_SECRET } from "../secrets";
|
|
|
|
export default class ProxyRoute extends Route {
|
|
constructor() {
|
|
super({ path: "/proxy" });
|
|
}
|
|
|
|
async handle(req: Request, res: Response) {
|
|
const before = Date.now();
|
|
const json = req.body;
|
|
const secret = json.secret;
|
|
if (!secret) {
|
|
res.status(401).json(RouteMessages.badRequest("No secret provided"));
|
|
return;
|
|
}
|
|
if (secret !== PROXY_SECRET) {
|
|
res.status(401).json(RouteMessages.badRequest("Invalid secret"));
|
|
return;
|
|
}
|
|
|
|
const url = json.url;
|
|
if (!url) {
|
|
res.status(400).json(RouteMessages.badRequest("No URL provided"));
|
|
return;
|
|
}
|
|
// TODO: handle rate limiting? and/or caching?
|
|
const response = await axios.get(url, {
|
|
headers: {
|
|
"Content-Type": "application/json",
|
|
},
|
|
});
|
|
const data = response.data;
|
|
const headers = response.headers;
|
|
|
|
// Is delete the best way to do this??
|
|
// Remove CORS headers
|
|
delete headers["access-control-allow-origin"];
|
|
delete headers["access-control-allow-credentials"];
|
|
delete headers["access-control-allow-headers"];
|
|
delete headers["access-control-allow-methods"];
|
|
|
|
// Cloudflare headers
|
|
delete headers["server"];
|
|
delete headers["nel"];
|
|
delete headers["report-to"];
|
|
delete headers["cf-cache-status"];
|
|
delete headers["cf-ray"];
|
|
delete headers["alt-svc"];
|
|
|
|
// Misc headers
|
|
delete headers["transfer-encoding"];
|
|
|
|
// Add node specific headers
|
|
headers["x-proxy-node"] = process.env.NODE_ID;
|
|
headers["x-proxy-response-time"] = Date.now() - before + "ms";
|
|
|
|
// Return the JSON response
|
|
res.status(response.status).set(headers).json(data);
|
|
}
|
|
}
|