add auth token checking

2024-06-22 00:18:17 -05:00 · 2024-06-22 00:18:17 -05:00 · 7b9b024f59
commit 7b9b024f59
parent 7298023fb9
3 changed files with 6 additions and 3 deletions
--- a/client/index.ts
+++ b/client/index.ts
@ -66,7 +66,7 @@ async function _upload() {
 		if (!reader.getTableNames().includes('tblContacts'))
 			return console.log('!! No "tblContacts" table present.');

-		const table = reader.getTable("tblContacts");
+		const table = reader.getTable('tblContacts');
 		const tableData = table.getData<Record<string, string>>();

 		const data = tableData.reduce((p, r) => ({ ...p, [r.fldPrimaryKey]: r }), {} as Record<string, any>);
--- a/server/.env.example
+++ b/server/.env.example
@ -0,0 +1,4 @@
+PORT=9992
+HOST=0.0.0.0
+DATABASE_URL="postgresql://user:pass@localhost:5432/fdlogup?schema=public"
+AUTH_TOKEN="" # https://generate-secret.vercel.app/128
--- a/server/index.ts
+++ b/server/index.ts
@ -16,13 +16,12 @@ const server = Bun.serve({
    const path = new URL(req.url).pathname;
 		console.log('-> Recieved logs, parsing...');
 		if (req.method !== 'POST') new Response('Invalid method', { status: 405 });
+		if (process.env.AUTH_TOKEN && req.headers.get('Authorization') === process.env.AUTH_TOKEN) new Response('Unauthorized', { status: 401 });
 		if (req.headers.get('Content-Type') !== 'application/json') new Response('Invalid content type', { status: 404 });

 		try {
 			const newRows: any[] = await req.json();
-
 			const query = `INSERT INTO contacts (${fields.join(', ')}) VALUES (${fields.map((_, i) => `$${i + 1}`).join(', ')}) ON CONFLICT (id) DO UPDATE SET ${fields.map((f, i) => `${f} = $${i + 1}`).slice(1).join(', ')}`
-			console.log(query);

 			for (const row of newRows) {
 				const data: Record<string, string> = {