@@ -56,15 +56,53 @@ function isClusterAPIRequest(req) {
5656 )
5757}
5858
59- function handleFileUpload ( req , res , opts ) {
59+ function authenticatedRequest ( func , req , res , opts ) {
60+ if ( typeof config . SHARED_SECRETS === 'undefined' ) {
61+ logger . debug ( 'SHARED_SECRETS is not defined' )
62+ res . writeHead ( 401 , { Connection : 'close' } )
63+ res . end ( )
64+ return
65+ }
66+
67+ if ( req . headers [ 'authorization' ] ) {
68+ const parts = req . headers [ 'authorization' ] . split ( ' ' )
69+ if ( parts . length === 2 && [ 'Bearer' , 'Basic' ] . includes ( parts [ 0 ] ) ) {
70+ let token = parts [ 1 ]
71+
72+ if ( parts [ 0 ] === 'Basic' ) {
73+ const authString = Buffer . from ( parts [ 1 ] , 'base64' ) . toString ( 'ascii' )
74+ if ( ! authString . includes ( ':' ) ) {
75+ logger . debug ( `401: auth string bad formatting: ${ authString } )
76+ res . writeHead ( 401 , { Connection : 'close' } )
77+ res . end ( )
78+ return
79+ }
80+ token = authString . split ( ':' ) [ 1 ] . trim ( )
81+ }
82+
83+ const secrets = config . SHARED_SECRETS . split ( ',' )
84+
85+ if ( secrets . includes ( token ) ) {
86+ func ( req , res , opts )
87+ return
88+ }
89+ }
90+ }
91+
92+ logger . debug ( `401: not authenticated` )
93+ res . writeHead ( 401 , { Connection : 'close' } )
94+ res . end ( )
95+ return
96+ }
97+
98+ function handleFileUpload ( req , res ) {
6099 let busboy
61- const url = opts && opts . url ? opts . url : config . IPFS_API_URL
62100
63101 try {
64102 busboy = new Busboy ( {
65103 headers : req . headers ,
66104 limits : {
67- fileSize : 5 * 1024 * 1024
105+ fileSize : 3 * 1024 * 1024
68106 }
69107 } )
70108 } catch ( error ) {
@@ -81,7 +119,6 @@ function handleFileUpload(req, res, opts) {
81119 file . fileRead = [ ]
82120
83121 file . on ( 'data' , function ( chunk ) {
84- logger . debug ( '.chunk' )
85122 file . fileRead . push ( chunk )
86123 } )
87124
@@ -95,21 +132,20 @@ function handleFileUpload(req, res, opts) {
95132 file . on ( 'end' , function ( ) {
96133 const buffer = Buffer . concat ( file . fileRead )
97134
98- if ( opts . validate !== false && ! isValidFile ( buffer ) ) {
135+ if ( ! isValidFile ( buffer ) ) {
99136 logger . warn ( `Upload of invalid file type attempted` )
100137 res . writeHead ( 415 , { Connection : 'close' } )
101138 res . end ( )
102139 req . unpipe ( req . busboy )
103140 } else {
104- const fullURL = url + req . url
105- logger . debug ( `Sending file to ${ fullURL } )
141+ const url = config . IPFS_API_URL + req . url
142+ logger . debug ( `Sending file to ${ url } )
106143 request
107- . post ( fullURL )
144+ . post ( url )
108145 . set ( req . headers )
109146 . attach ( 'file' , buffer )
110147 . then (
111148 response => {
112- logger . debug ( `Upload complete` )
113149 let responseData = response . text
114150 if ( response . headers [ 'content-encoding' ] === 'gzip' ) {
115151 // Compress the response so the header is correct if necessary
@@ -134,57 +170,26 @@ function handleFileUpload(req, res, opts) {
134170 req . pipe ( busboy )
135171}
136172
137- function handleFileDownload ( req , res ) {
138- // Proxy download requests to gateway
173+ function handleForward ( req , res , opts ) {
174+ // Simple HTTP request proxy forward
139175 proxy . web ( req , res , {
140- target : config . IPFS_GATEWAY_URL ,
176+ target : opts && opts . url ? opts . url : config . IPFS_GATEWAY_URL ,
141177 selfHandleResponse : true
142178 } )
143179}
144180
145- function handleAPIRequest ( req , res , opts ) {
146- // Proxy API requests to API endpoint
147- if ( typeof config . SHARED_SECRETS === 'undefined' ) {
148- logger . debug ( 'SHARED_SECRETS is not defined' )
149- res . writeHead ( 401 , { Connection : 'close' } )
150- res . end ( )
151- return
152- }
153-
154- const url = opts && opts . url ? opts . url : config . IPFS_API_URL
155-
156- if ( req . headers [ 'authorization' ] ) {
157- const parts = req . headers [ 'authorization' ] . split ( ' ' )
158-
159- if ( parts . length === 2 && [ 'Bearer' , 'Basic' ] . includes ( parts [ 0 ] ) ) {
160- let token = parts [ 1 ]
161-
162- if ( parts [ 0 ] === 'Basic' ) {
163- const authString = Buffer . from ( parts [ 1 ] , 'base64' ) . toString ( 'ascii' )
164- if ( ! authString . includes ( ':' ) ) {
165- logger . debug ( `401: auth string bad formatting: ${ authString } )
166- res . writeHead ( 401 , { Connection : 'close' } )
167- res . end ( )
168- return
169- }
170- token = authString . split ( ':' ) [ 1 ] . trim ( )
171- }
172-
173- const secrets = config . SHARED_SECRETS . split ( ',' )
174-
175- if ( secrets . includes ( token ) ) {
176- proxy . web ( req , res , {
177- target : url ,
178- selfHandleResponse : true
179- } )
180- return
181- }
182- }
183- }
181+ function handleGatewayForward ( req , res , opts ) {
182+ // Proxy Gateway requests
183+ handleForward ( req , res , {
184+ url : opts && opts . url ? opts . url : config . IPFS_GATEWAY_URL
185+ } )
186+ }
184187
185- logger . debug ( '401: Unauthorized' )
186- res . writeHead ( 401 , { Connection : 'close' } )
187- res . end ( )
188+ function handleAPIForward ( req , res , opts ) {
189+ // Proxy API requests to API endpoint
190+ handleForward ( req , res , {
191+ url : opts && opts . url ? opts . url : config . IPFS_API_URL
192+ } )
188193}
189194
190195const proxy = httpProxy . createProxyServer ( { } )
@@ -222,19 +227,19 @@ const server = http
222227 if ( req . url . startsWith ( '/api/v0/add' ) ) {
223228 handleFileUpload ( req , res )
224229 } else if ( req . url . startsWith ( '/api/v0' ) ) {
225- handleAPIRequest ( req , res )
230+ authenticatedRequest ( handleAPIForward , req , res )
226231 } else if ( req . url . startsWith ( '/ipfs' ) || req . url . startsWith ( '/ipns' ) ) {
227- handleFileDownload ( req , res )
232+ handleGatewayForward ( req , res )
228233 } else {
229234 if ( req . url . startsWith ( '/add' ) ) {
230- logger . debug ( `ipfs-cluster /add` )
231- handleFileUpload ( req , res , {
235+ authenticatedRequest ( handleAPIForward , req , res , {
232236 url : config . IPFS_CLUSTER_API_URL ,
233237 validate : false
234238 } )
235239 } else if ( isClusterAPIRequest ( req ) ) {
236- logger . debug ( `ipfs-cluster request` )
237- handleAPIRequest ( req , res , { url : config . IPFS_CLUSTER_API_URL } )
240+ authenticatedRequest ( handleAPIForward , req , res , {
241+ url : config . IPFS_CLUSTER_API_URL
242+ } )
238243 } else {
239244 res . writeHead ( 404 , { Connection : 'close' } )
240245 res . end ( )
@@ -246,6 +251,9 @@ const server = http
246251logger . debug ( `Listening on ${ config . IPFS_PROXY_PORT } )
247252logger . debug ( `Proxying to IPFS gateway ${ config . IPFS_GATEWAY_URL } )
248253logger . debug ( `Proxying to IPFS API ${ config . IPFS_API_URL } )
254+ if ( config . IPFS_CLUSTER_API_URL ) {
255+ logger . debug ( `Proxying to IPFS Cluster API ${ config . IPFS_CLUSTER_API_URL } )
256+ }
249257
250258process . on ( 'SIGINT' , function ( ) {
251259 logger . debug ( '\nGracefully shutting down from SIGINT (Ctrl+C)' )
0 commit comments