Files
tssbot.web/vite.config.js
T

161 lines
4.7 KiB
JavaScript

import path from 'node:path'
import { execSync } from 'node:child_process'
import { defineConfig } from 'vite'
import react from '@vitejs/plugin-react'
import tailwindcss from '@tailwindcss/vite'
const MAX_TEAM_NAME_LENGTH = 80
function siteVersion() {
try {
const count = execSync('git rev-list --count HEAD', {
cwd: __dirname,
encoding: 'utf8',
stdio: ['ignore', 'pipe', 'ignore'],
}).trim()
return `1.0.${Number(count) || 0}`
} catch {
return '1.0.0'
}
}
function isAllowedApiUrl(req) {
const url = new URL(req.url, 'http://localhost')
const params = url.searchParams
if (url.pathname === '/api/viewers' && (req.method === 'GET' || req.method === 'HEAD')) return true
if (url.pathname === '/api/viewers/event' && req.method === 'POST') return true
if (req.method !== 'GET' && req.method !== 'HEAD') return false
if (url.pathname === '/api/tss/leaderboard/teams') {
const keys = [...params.keys()]
const limit = Number(params.get('limit') || 100)
return keys.every((key) => key === 'limit') && Number.isInteger(limit) && limit >= 1 && limit <= 100
}
if (url.pathname === '/api/tss/leaderboard/players') {
const keys = [...params.keys()]
const limit = Number(params.get('limit') || 100)
return keys.every((key) => key === 'limit') && Number.isInteger(limit) && limit >= 1 && limit <= 100
}
if (url.pathname === '/api/tss/games/recent') {
const keys = [...params.keys()]
const limit = Number(params.get('limit') || 50)
return keys.every((key) => key === 'limit') && Number.isInteger(limit) && limit >= 1 && limit <= 100
}
if (/^\/api\/tss\/games\/[A-Za-z0-9_-]{1,96}$/.test(url.pathname)) {
const keys = [...params.keys()]
const lang = params.get('lang') || 'en'
return keys.every((key) => key === 'lang') && /^[A-Za-z-]{2,8}$/.test(lang)
}
if (/^\/api\/tss\/games\/[A-Za-z0-9_-]{1,96}\/logs$/.test(url.pathname)) {
return [...params.keys()].length === 0
}
if (url.pathname === '/api/tss/teams/resolve') {
const keys = [...params.keys()]
const name = params.get('name') || ''
return keys.every((key) => key === 'name') && name.length >= 2 && name.length <= MAX_TEAM_NAME_LENGTH
}
if (url.pathname === '/api/tss/teams/search') {
const keys = [...params.keys()]
const query = params.get('q') || params.get('name') || ''
const limit = Number(params.get('limit') || 10)
return (
keys.every((key) => ['q', 'name', 'limit'].includes(key)) &&
query.length >= 2 &&
query.length <= MAX_TEAM_NAME_LENGTH &&
Number.isInteger(limit) &&
limit >= 1 &&
limit <= 20
)
}
if (url.pathname === '/api/tss/players/search') {
const keys = [...params.keys()]
const query = params.get('q') || params.get('name') || ''
const limit = Number(params.get('limit') || 25)
return (
keys.every((key) => ['q', 'name', 'limit'].includes(key)) &&
query.length >= 2 &&
query.length <= MAX_TEAM_NAME_LENGTH &&
Number.isInteger(limit) &&
limit >= 1 &&
limit <= 25
)
}
if (/^\/api\/tss\/player\/[0-9]{1,32}$/.test(url.pathname)) {
return [...params.keys()].length === 0
}
if ([...params.keys()].length) return false
try {
const match = url.pathname.match(/^\/api\/tss\/teams\/([^/]+)(?:\/(history|games))?$/)
const teamName = match ? decodeURIComponent(match[1]) : ''
return Boolean(teamName) && teamName.length <= MAX_TEAM_NAME_LENGTH
} catch {
return false
}
}
function apiGuard() {
return {
name: 'api-guard',
configureServer(server) {
server.middlewares.use(async (req, res, next) => {
if (!req.url?.startsWith('/api/')) {
next()
return
}
if (isAllowedApiUrl(req)) {
next()
return
}
res.writeHead(404, {
'content-type': 'application/json; charset=utf-8',
'x-content-type-options': 'nosniff',
})
res.end(JSON.stringify({ error: 'API route not found' }))
})
},
}
}
export default defineConfig(() => {
return {
root: path.resolve(__dirname, 'frontend'),
publicDir: path.resolve(__dirname, 'frontend/public'),
plugins: [apiGuard(), react(), tailwindcss()],
define: {
'import.meta.env.VITE_SITE_VERSION': JSON.stringify(siteVersion()),
},
build: {
outDir: path.resolve(__dirname, 'dist'),
emptyOutDir: true,
},
server: {
host: '0.0.0.0',
port: 3001,
proxy: {
'/api': {
target: process.env.VITE_API_TARGET ?? 'http://localhost:6000',
changeOrigin: true,
},
'/health': {
target: process.env.VITE_API_TARGET ?? 'http://localhost:6000',
changeOrigin: true,
},
},
},
}
})