| import { Database } from '../database/database.js'; | |
| import { rateLimit } from 'express-rate-limit'; | |
| const authenticateApiKey = async (req, res, next) => { | |
| const apiKey = req.headers['x-api-key']; | |
| const dbClient = new Database("AkenoXJs"); | |
| const db = dbClient.collection("api_keys"); | |
| if (!apiKey) { | |
| return res.status(401).json({ error: 'API Key required' }); | |
| } | |
| try { | |
| const keyDoc = await db.findOne({key: apiKey}); | |
| if (!keyDoc) { | |
| return res.status(403).json({ error: 'Invalid API Key' }); | |
| } | |
| next(); | |
| } catch (err) { | |
| res.status(500).json({ error: 'Server error' }); | |
| } | |
| }; | |
| const apiLimiter = rateLimit({ | |
| windowMs: 15 * 60 * 1000, | |
| max: 100, | |
| keyGenerator: (req) => req.headers['x-api-key'], | |
| message: 'Too many requests from this API Key' | |
| }); | |
| class CheckMilWare { | |
| constructor() { | |
| this.dbClient = new Database("AkenoXJs"); | |
| } | |
| async handle(req, res, next) { | |
| try { | |
| delete req.headers["link"]; | |
| const xForwardedFor = req.headers['x-forwarded-for']; | |
| const xRealIP = req.headers['x-real-ip']; | |
| const cfConnectingIP = req.headers['cf-connecting-ip']; | |
| let realIP = req.ip; | |
| if (xForwardedFor) { | |
| realIP = xForwardedFor.split(',')[0].trim(); | |
| } else if (xRealIP) { | |
| realIP = xRealIP; | |
| } else if (cfConnectingIP) { | |
| realIP = cfConnectingIP; | |
| } | |
| req.realIP = realIP; | |
| const isBlocked = await this.dbClient.CheckIsBlocked(realIP); | |
| if (isBlocked && isBlocked.blocked) { | |
| return res.status(403).send("Access denied: IP is blocked"); | |
| } | |
| if (req.path === '/.env') { | |
| console.log("Check path /env"); | |
| await this.dbClient.AddIpisBlocked(realIP); | |
| return res.status(403).send("Access denied: IP is blocked.."); | |
| } | |
| console.log(`Real IP address is: ${realIP} | |
| path method: ${req.path} | |
| method: ${req.method} | |
| header used: ${xForwardedFor ? "x-forwarded-for" : xRealIP ? "x-real-ip" : cfConnectingIP ? "cf-connecting-ip" : "req.ip"} | |
| `); | |
| next(); | |
| } catch (error) { | |
| console.error("Error in middleware: " + error); | |
| res.status(500).send("Something bad happened"); | |
| } | |
| } | |
| } | |
| export { | |
| CheckMilWare, | |
| authenticateApiKey, | |
| apiLimiter | |
| }; |