Add more API route definitions

2025-12-06 08:28:19 +01:00 · 2023-10-16 07:39:41 -10:00 · 2023-10-16 07:39:41 -10:00 · 7f2e89ab20
parent a8d8b70239
commit 7f2e89ab20
10 changed files with 140 additions and 10 deletions
--- a/server/api/.well-known/host-meta/index.ts
+++ b/server/api/.well-known/host-meta/index.ts
@ -1,6 +1,20 @@
 import { MatchedRoute } from "bun";
-import { getHost } from "@config";
+import { getConfig, getHost } from "@config";
 import { xmlResponse } from "@response";
+import { applyConfig } from "@api";
+
+export const meta = applyConfig({
+	allowedMethods: ["GET"],
+	auth: {
+		required: false,
+	},
+	ratelimits: {
+		duration: 60,
+		max: 60,
+	},
+	route: "/.well-known/host-meta",
+});
+

 /**
 * Host meta endpoint
@ -9,10 +23,11 @@ export default async (
 	req: Request,
 	matchedRoute: MatchedRoute
 ): Promise<Response> => {
+	const config = getConfig();
 	return xmlResponse(`
 	<?xml version="1.0" encoding="UTF-8"?>
 	<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0">
-	<Link rel="lrdd" template="https://${getHost()}/.well-known/webfinger?resource={uri}"/>
+	<Link rel="lrdd" template="${config.http.base_url}/.well-known/webfinger?resource={uri}"/>
 	</XRD>
 	`);
 };
--- a/server/api/.well-known/nodeinfo/index.ts
+++ b/server/api/.well-known/nodeinfo/index.ts
@ -1,5 +1,19 @@
 import { MatchedRoute } from "bun";
-import { getHost } from "@config";
+import { getConfig, getHost } from "@config";
+import { applyConfig } from "@api";
+
+export const meta = applyConfig({
+	allowedMethods: ["GET"],
+	auth: {
+		required: false,
+	},
+	ratelimits: {
+		duration: 60,
+		max: 60,
+	},
+	route: "/.well-known/nodeinfo",
+});
+

 /**
 * Redirect to /nodeinfo/2.0
@ -8,10 +22,12 @@ export default async (
 	req: Request,
 	matchedRoute: MatchedRoute
 ): Promise<Response> => {
+	const config = getConfig();
+
 	return new Response("", {
 		status: 301,
 		headers: {
-			Location: `https://${getHost()}/.well-known/nodeinfo/2.0`,
+			Location: `${config.http.base_url}/.well-known/nodeinfo/2.0`,
 		},
 	});
 };
--- a/server/api/.well-known/webfinger/index.ts
+++ b/server/api/.well-known/webfinger/index.ts
@ -2,6 +2,19 @@ import { errorResponse, jsonResponse } from "@response";
 import { MatchedRoute } from "bun";
 import { User } from "~database/entities/User";
 import { getConfig, getHost } from "@config";
+import { applyConfig } from "@api";
+
+export const meta = applyConfig({
+	allowedMethods: ["GET"],
+	auth: {
+		required: false,
+	},
+	ratelimits: {
+		duration: 60,
+		max: 60,
+	},
+	route: "/.well-known/webfinger",
+});

 /**
 * ActivityPub WebFinger endpoint
--- a/server/api/nodeinfo/2.0/index.ts
+++ b/server/api/nodeinfo/2.0/index.ts
@ -1,5 +1,18 @@
+import { applyConfig } from "@api";
 import { jsonResponse } from "@response";

+export const meta = applyConfig({
+	allowedMethods: ["GET"],
+	auth: {
+		required: false,
+	},
+	ratelimits: {
+		duration: 60,
+		max: 500,
+	},
+	route: "/nodeinfo/2.0",
+});
+
 /**
 * ActivityPub nodeinfo 2.0 endpoint
 */
--- a/server/api/oauth/authorize/index.ts
+++ b/server/api/oauth/authorize/index.ts
@ -1,5 +1,18 @@
+import { applyConfig } from "@api";
 import { MatchedRoute } from "bun";

+export const meta = applyConfig({
+	allowedMethods: ["GET"],
+	auth: {
+		required: false,
+	},
+	ratelimits: {
+		duration: 60,
+		max: 20,
+	},
+	route: "/oauth/authorize",
+});
+
 /**
 * Returns an HTML login form
 */
--- a/server/api/oauth/token/index.ts
+++ b/server/api/oauth/token/index.ts
@ -1,7 +1,20 @@
+import { applyConfig } from "@api";
 import { parseRequest } from "@request";
 import { errorResponse, jsonResponse } from "@response";
 import { Token } from "~database/entities/Token";

+export const meta = applyConfig({
+	allowedMethods: ["POST"],
+	auth: {
+		required: false,
+	},
+	ratelimits: {
+		duration: 60,
+		max: 10,
+	},
+	route: "/oauth/token",
+});
+
 /**
 * Allows getting token from OAuth code
 */
--- a/server/api/object/[uuid]/index.ts
+++ b/server/api/object/[uuid]/index.ts
@ -1,7 +1,20 @@
+import { applyConfig } from "@api";
 import { errorResponse, jsonLdResponse } from "@response";
 import { MatchedRoute } from "bun";
 import { RawActivity } from "~database/entities/RawActivity";

+export const meta = applyConfig({
+	allowedMethods: ["GET"],
+	auth: {
+		required: false,
+	},
+	ratelimits: {
+		duration: 60,
+		max: 500,
+	},
+	route: "/object/:id",
+});
+
 /**
 * Fetch a user
 */
--- a/server/api/users/[username]/actor/index.ts
+++ b/server/api/users/[username]/actor/index.ts
@ -2,6 +2,19 @@ import { errorResponse, jsonLdResponse } from "@response";
 import { MatchedRoute } from "bun";
 import { User } from "~database/entities/User";
 import { getConfig, getHost } from "@config";
+import { applyConfig } from "@api";
+
+export const meta = applyConfig({
+	allowedMethods: ["GET"],
+	auth: {
+		required: false,
+	},
+	ratelimits: {
+		duration: 60,
+		max: 500,
+	},
+	route: "/users/:username/actor",
+});

 /**
 * ActivityPub user actor endpoinmt
@ -19,7 +32,7 @@ export default async (

 	const config = getConfig();

-	const username = matchedRoute.params.username.replace("@", "");
+	const username = matchedRoute.params.username;

 	const user = await User.findOneBy({ username });

--- a/server/api/users/[username]/inbox/index.ts
+++ b/server/api/users/[username]/inbox/index.ts
@ -1,5 +1,6 @@
 /* eslint-disable @typescript-eslint/no-unsafe-member-access */
 /* eslint-disable @typescript-eslint/no-unused-vars */
+import { applyConfig } from "@api";
 import { getConfig } from "@config";
 import { errorResponse, jsonResponse } from "@response";
 import {
@ -19,6 +20,18 @@ import { RawActivity } from "~database/entities/RawActivity";
 import { RawActor } from "~database/entities/RawActor";
 import { User } from "~database/entities/User";

+export const meta = applyConfig({
+	allowedMethods: ["POST"],
+	auth: {
+		required: false,
+	},
+	ratelimits: {
+		duration: 60,
+		max: 500,
+	},
+	route: "/users/:username/inbox",
+});
+
 /**
 * ActivityPub user inbox endpoint
 */
@ -26,11 +39,6 @@ export default async (
 	req: Request,
 	matchedRoute: MatchedRoute
 ): Promise<Response> => {
-	// Check if POST request
-	if (req.method !== "POST") {
-		return errorResponse("Method not allowed", 405);
-	}
-
 	const username = matchedRoute.params.username;

 	const config = getConfig();
--- a/server/api/users/[username]/outbox.json/index.ts
+++ b/server/api/users/[username]/outbox.json/index.ts
@ -4,6 +4,19 @@ import { User } from "~database/entities/User";
 import { getHost } from "@config";
 import { NodeObject, compact } from "jsonld";
 import { RawActivity } from "~database/entities/RawActivity";
+import { applyConfig } from "@api";
+
+export const meta = applyConfig({
+	allowedMethods: ["GET"],
+	auth: {
+		required: false,
+	},
+	ratelimits: {
+		duration: 60,
+		max: 500,
+	},
+	route: "/users/:username/outbox",
+});

 /**
 * ActivityPub user outbox endpoint