HoshinoKoji/experiment-worker-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add support for CORS

Browse Source
This commit is contained in:
HoshinoKoji 2024-10-01 17:41:54 +08:00
parent 471226574a
commit 885434b87e
3 changed files with 36 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/getAccessToken.js
View File

@ -10,7 +10,9 @@ export async function verifyAccessToken(request, env, ctx) {
const timestamp = headers.get('x-timestamp');
const token = headers.get('x-access-token');
const secretBase = env.ACCESS_TOKEN_BASE;
return token === await getAccessToken(subid, timestamp, secretBase);
const adminSecret = env.ADMIN_SECRET;
return token === await getAccessToken(subid, timestamp, secretBase)
|| token === adminSecret;
}
export async function getAccessTokenDispatcher(request, env, ctx) {
@ -23,7 +25,14 @@ export async function getAccessTokenDispatcher(request, env, ctx) {
const token = await getAccessToken(subid, timestamp, secretBase);
const res = JSON.stringify({ token, timestamp });
return new Response(res, { status: 200 });
return new Response(res, {
status: 200,
headers: {
'Access-Control-Allow-Origin': request.headers.get('Origin'),
'Access-Control-Allow-Methods': '*',
'Access-Control-Allow-Headers': '*',
},
});
}
export default getAccessTokenDispatcher;

15
src/index.js
View File

@ -23,10 +23,6 @@ export default {
}});
}
if (request.method === 'GET' && uri === '/getAccessToken') {
return await getAccessTokenDispatcher(request, env, ctx);
}
if (request.method === 'GET' && uri === '/auth') {
return await authDispatcher(request, env, ctx);
}
@ -42,6 +38,17 @@ export default {
if (request.method === 'PUT') {
return await putDispatcher(request, env, ctx);
}
if (request.method === 'OPTIONS') {
return new Response(null, {
status: 200,
headers: {
'Access-Control-Allow-Origin': request.headers.get('Origin'),
'Access-Control-Allow-Methods': 'GET,PUT,OPTIONS',
'Access-Control-Allow-Headers': '*',
},
});
}
return new Response('', { status: 200 });
},

22
src/put.js
View File

@ -11,9 +11,8 @@ async function invalidPutRequest(request, env, ctx) {
const contentType = headers.get('content-type');
return (subid === null)
|| (!subid.match(/^[a-zA-Z0-9]{1,32}$/))
|| (!await verifyAccessToken(request, env, ctx))
|| (!allowedContentTypes.includes(contentType));
|| (!allowedContentTypes.includes(contentType))
|| (!await verifyAccessToken(request, env, ctx));
}
export async function putDispatcher(request, env, ctx) {
@ -29,14 +28,14 @@ export async function putDispatcher(request, env, ctx) {
if (await invalidPutRequest(request, env, ctx))
return new Response(null, { status: 401, statusText: 'Unauthorized' });
const subid = headers.get('x-subject-id');
const studyId = headers.get('x-study-id');
const subjectId = headers.get('x-subject-id');
const data = await request.text();
const objectKey = `${subid}${uri}`;
const objectKey = `${keyPrefix}${studyId}/${subjectId}${uri}`;
const customMetadata = JSON.parse(headers.get('x-metadata') || '{}');
const httpMetadata = { contentType: headers.get('content-type') };
const result = await bucket.put(
keyPrefix + objectKey,
data,
objectKey, data,
{ customMetadata, httpMetadata }
);
@ -45,7 +44,14 @@ export async function putDispatcher(request, env, ctx) {
objectKey,
etag: result.etag,
message: 'Data saved successfully',
}), { status: 200 });
}), {
status: 200,
headers: {
'Access-Control-Allow-Origin': headers.get('Origin'),
'Access-Control-Allow-Methods': 'GET,PUT,OPTIONS',
'Access-Control-Allow-Headers': '*',
}
});
} catch (e) { console.log(e); return new Response(null, { status: 400 }); }
}