assetflow/src/routes/static/index.ts

31 lines
1.1 KiB
TypeScript
Raw Normal View History

2023-05-01 00:07:13 +02:00
import express, { Request, Response } from 'express';
import * as fs from 'fs';
import * as Path from 'path';
import { log, __path } from '../../index.js';
2023-05-01 00:07:13 +02:00
// Router base is '/static'
const Router = express.Router();
// Load from allowsStaticPaths.json file
const allowedURLs: Array<string> = JSON.parse(fs.readFileSync('allowedStaticPaths.json', 'utf8')).allowedStaticFiles;
const recordedURLs: Array<string> = [];
const debugMode: boolean = JSON.parse(fs.readFileSync('allowedStaticPaths.json', 'utf8')).debugMode;
Router.use('*', (req: Request, res: Response) => {
2023-05-01 00:07:13 +02:00
if (debugMode) {
res.sendFile(Path.join(__path, 'node_modules', req.params[0]));
2023-05-01 00:07:13 +02:00
recordedURLs.push(req.params[0]);
log.web.debug(recordedURLs);
} else {
if (allowedURLs.indexOf(req.params[0]) > -1) {
res.sendFile(Path.join(__path, 'node_modules', req.params[0]));
2023-05-01 00:07:13 +02:00
} else {
log.web.warn('Attempt to access restricted asset file ' + req.params[0]);
res.status(403).json({ status: 'error', reason: 'Access to restricted asset file denied' });
}
}
// console.log(recordedURLs)
});
export default Router;