110 lines
3.0 KiB
TypeScript
110 lines
3.0 KiB
TypeScript
import type { Handle } from "@sveltejs/kit";
|
|
import { error, redirect } from "@sveltejs/kit";
|
|
|
|
import { env } from "$env/dynamic/private"
|
|
|
|
import SessionStore from "$lib/server/session_store"
|
|
import { init_db, close_db, create_user, do_users_exist } from "$lib/server/database";
|
|
|
|
import Logs from "$lib/server/log";
|
|
|
|
let local_setup: {user_setup: (() => void) | ((username: string, password: string) => void) }= {
|
|
user_setup: () => {}
|
|
}
|
|
|
|
async function init() {
|
|
|
|
Logs.process.info("Initializing server");
|
|
Logs.process.debug(`ORIGIN: ${env.ORIGIN}`);
|
|
|
|
if (process.env.APP_USER_DATA_PATH == null) {
|
|
throw new Error("APP_USER_DATA_PATH is not defined. Exiting.");
|
|
}
|
|
|
|
if (process.env.APP_TMP_USER_DATA_PATH == null) {
|
|
throw new Error("APP_TMP_USER_DATA_PATH is not defined. Exiting.");
|
|
}
|
|
|
|
await init_db();
|
|
|
|
if (!do_users_exist()) {
|
|
local_setup.user_setup = (username: string, password: string) => {
|
|
Logs.user.info("Creating first user")
|
|
|
|
create_user({name: "name", gender: "x", address: "home", username: username, password: password });
|
|
|
|
local_setup.user_setup = () => {}
|
|
}
|
|
|
|
}
|
|
|
|
Logs.process.info("Initializing of server complete")
|
|
|
|
}
|
|
|
|
function deinit() {
|
|
close_db();
|
|
}
|
|
|
|
process.on('exit', (_) => {
|
|
deinit();
|
|
Logs.process.info("Exiting server")
|
|
process.exit(0);
|
|
});
|
|
|
|
process.on('SIGINT', (_) => {
|
|
Logs.process.info("Received SIGINT, shutting down")
|
|
process.exit(0);
|
|
})
|
|
|
|
process.on("uncaughtExceptionMonitor", (error, origin) => {
|
|
Logs.process.fatal(`Encountered uncaught exception (origin: ${origin}): ${error.name}${error.cause ? (" caused by "+error.cause) : ""}: ${error.message} `)
|
|
})
|
|
|
|
await init();
|
|
|
|
export let handle: Handle = async function ({ event, resolve }) {
|
|
event.locals.setup = local_setup
|
|
|
|
Logs.route.debug(`incoming ${event.request.method} request to: ${event.url.href} (route id: ${event.route.id})`);
|
|
|
|
event.setHeaders({
|
|
//"Strict-Transport-Security": "max-age=63072000; includeSubdomains; preload",
|
|
"X-Frame-Options": "Deny",
|
|
"X-Content-Type-Options": "nosniff",
|
|
"Referrer-Policy": "strict-origin-when-cross-origin"
|
|
})
|
|
|
|
if (event.route.id == null) {
|
|
Logs.route.info(`Tried to access a route which does not exist: ${event.url.href}`)
|
|
return error(404, "This page does not exist.");
|
|
}
|
|
|
|
const token = event.cookies.get("session_id")
|
|
const user = SessionStore.get_user_by_access_token(token ?? "")
|
|
|
|
Logs.user.debug(user ? `Found user ${user.id} for session token` : "No user for session token")
|
|
|
|
if (!token || !user) {
|
|
if (event.request.method == "POST" && event.route.id != "/login") {
|
|
return error(401, "Invalid Session");
|
|
}
|
|
|
|
if (token) {
|
|
Logs.user.debug("recieved an invalid session id. Deleting on client.")
|
|
event.cookies.delete("session_id", { path: "/" });
|
|
}
|
|
|
|
if (event.route.id == "/login") {
|
|
return await resolve(event);
|
|
} else {
|
|
event.url.searchParams.set("redirect", event.route.id);
|
|
return redirect(302, `/login?${event.url.searchParams}`);
|
|
}
|
|
}
|
|
|
|
event.locals.user = user;
|
|
|
|
return await resolve(event);
|
|
}
|