From df146e9ff1a27de4be62f7cb8ab60a5cc4ec53a0 Mon Sep 17 00:00:00 2001 From: jotacemarin Date: Sun, 8 Sep 2024 10:54:42 -0500 Subject: [PATCH] fix authorizer, add long ttl and change schema name --- src/functions/telegram_authorizer/index.ts | 1 + .../telegram_get_messages/function.yml | 4 ++- src/functions/telegram_get_messages/index.ts | 14 +++++++--- .../telegram_public_webhook/function.yml | 3 ++ .../telegram_public_webhook/index.ts | 28 +------------------ .../telegram_send_message/function.yml | 4 ++- .../telegram_send_photo/function.yml | 4 ++- .../telegram_send_video/function.yml | 4 ++- .../telegram_set_webhook/function.yml | 4 ++- src/functions/telegram_webhook/index.ts | 2 +- src/lib/dao/chatMessageDao.ts | 10 ++++--- src/lib/models/botnorrea.ts | 2 +- 12 files changed, 38 insertions(+), 42 deletions(-) diff --git a/src/functions/telegram_authorizer/index.ts b/src/functions/telegram_authorizer/index.ts index 03b247c..177e990 100644 --- a/src/functions/telegram_authorizer/index.ts +++ b/src/functions/telegram_authorizer/index.ts @@ -33,6 +33,7 @@ const extractToken = (authorizationToken: string) => { const [_, token] = authorizationToken?.split(" "); const cleanToken = atob(token); const [clientId, clientSecret] = cleanToken?.split(":"); + console.log("extractToken", `${clientId}, ${clientSecret}`); return { clientId, clientSecret }; }; diff --git a/src/functions/telegram_get_messages/function.yml b/src/functions/telegram_get_messages/function.yml index 54fee34..7631799 100644 --- a/src/functions/telegram_get_messages/function.yml +++ b/src/functions/telegram_get_messages/function.yml @@ -8,4 +8,6 @@ events: path: /${self:custom.secrets.service.name}-${self:custom.secrets.provider.stage}/telegram/get-messages method: GET cors: true - authorizer: telegramAuthorizer + authorizer: + name: telegramAuthorizer + resultTtlInSeconds: 0 diff --git a/src/functions/telegram_get_messages/index.ts b/src/functions/telegram_get_messages/index.ts index c72741a..3e8dace 100644 --- a/src/functions/telegram_get_messages/index.ts +++ b/src/functions/telegram_get_messages/index.ts @@ -1,10 +1,16 @@ import { APIGatewayEvent, Callback, Context } from "aws-lambda"; -import { OK } from "http-status"; +import { BAD_REQUEST, OK } from "http-status"; import { ChatMessageDao } from "../../lib/dao"; -const execute = async (): Promise => { +const execute = async (event: APIGatewayEvent): Promise => { + if (!event?.queryStringParameters?.chat_id) { + return { statusCode: BAD_REQUEST }; + } + + const chatId = Number(event.queryStringParameters.chat_id); + await ChatMessageDao.initInstance(); - const messages = await ChatMessageDao.getAll(); + const messages = await ChatMessageDao.getAll(chatId); return { statusCode: OK, body: JSON.stringify(messages) }; }; @@ -16,7 +22,7 @@ export const telegramGetMessages = async ( ): Promise => { context.callbackWaitsForEmptyEventLoop = false; - const response = await execute(); + const response = await execute(event); return callback(null, response); }; diff --git a/src/functions/telegram_public_webhook/function.yml b/src/functions/telegram_public_webhook/function.yml index b8c124d..49a8125 100644 --- a/src/functions/telegram_public_webhook/function.yml +++ b/src/functions/telegram_public_webhook/function.yml @@ -8,3 +8,6 @@ events: path: /${self:custom.secrets.service.name}-${self:custom.secrets.provider.stage}/telegram/public-webhook method: POST cors: true + authorizer: + name: telegramAuthorizer + resultTtlInSeconds: 0 diff --git a/src/functions/telegram_public_webhook/index.ts b/src/functions/telegram_public_webhook/index.ts index c1e7094..5b953cd 100644 --- a/src/functions/telegram_public_webhook/index.ts +++ b/src/functions/telegram_public_webhook/index.ts @@ -1,7 +1,6 @@ import { APIGatewayEvent, Callback, Context } from "aws-lambda"; -import { OK, BAD_REQUEST, UNAUTHORIZED } from "http-status"; +import { OK, BAD_REQUEST } from "http-status"; import { TelegramService } from "../../lib/services"; -import { UserDao } from "../../lib/dao"; import { FormattingOptionsTg } from "../../lib/models"; interface PublicWebhookParams { @@ -13,26 +12,6 @@ interface PublicWebhookParams { media_is_spoiler?: boolean; } -const checkAuthorization = async (event: APIGatewayEvent) => { - if ( - !event?.queryStringParameters?.id || - !event?.queryStringParameters?.username - ) { - return false; - } - - const { id, username } = event?.queryStringParameters; - - await UserDao.initInstance(); - - try { - const user = await UserDao.findByIdAndUsername(id, username); - return Boolean(user); - } catch (_error) { - return false; - } -}; - const buildText = (body: PublicWebhookParams): string | undefined => { if (!body?.text) { return; @@ -138,11 +117,6 @@ export const telegramPublicWebhook = async ( ): Promise => { context.callbackWaitsForEmptyEventLoop = false; - const checkAuth = await checkAuthorization(event); - if (!checkAuth) { - return callback(null, { statusCode: UNAUTHORIZED }); - } - if (!event?.body) { return callback(null, { statusCode: BAD_REQUEST }); } diff --git a/src/functions/telegram_send_message/function.yml b/src/functions/telegram_send_message/function.yml index ac8ea0f..7a19a7f 100644 --- a/src/functions/telegram_send_message/function.yml +++ b/src/functions/telegram_send_message/function.yml @@ -8,4 +8,6 @@ events: path: /${self:custom.secrets.service.name}-${self:custom.secrets.provider.stage}/telegram/send-message method: POST cors: true - authorizer: telegramAuthorizer + authorizer: + name: telegramAuthorizer + resultTtlInSeconds: 0 diff --git a/src/functions/telegram_send_photo/function.yml b/src/functions/telegram_send_photo/function.yml index deb6e7b..416a94b 100644 --- a/src/functions/telegram_send_photo/function.yml +++ b/src/functions/telegram_send_photo/function.yml @@ -8,4 +8,6 @@ events: path: /${self:custom.secrets.service.name}-${self:custom.secrets.provider.stage}/telegram/send-photo method: POST cors: true - authorizer: telegramAuthorizer + authorizer: + name: telegramAuthorizer + resultTtlInSeconds: 0 diff --git a/src/functions/telegram_send_video/function.yml b/src/functions/telegram_send_video/function.yml index 53d1552..c6eb5e1 100644 --- a/src/functions/telegram_send_video/function.yml +++ b/src/functions/telegram_send_video/function.yml @@ -8,4 +8,6 @@ events: path: /${self:custom.secrets.service.name}-${self:custom.secrets.provider.stage}/telegram/send-video method: POST cors: true - authorizer: telegramAuthorizer + authorizer: + name: telegramAuthorizer + resultTtlInSeconds: 0 diff --git a/src/functions/telegram_set_webhook/function.yml b/src/functions/telegram_set_webhook/function.yml index c2677df..5fb9e09 100644 --- a/src/functions/telegram_set_webhook/function.yml +++ b/src/functions/telegram_set_webhook/function.yml @@ -8,4 +8,6 @@ events: path: /${self:custom.secrets.service.name}-${self:custom.secrets.provider.stage}/telegram/set-webhook method: POST cors: true - authorizer: telegramAuthorizer + authorizer: + name: telegramAuthorizer + resultTtlInSeconds: 0 diff --git a/src/functions/telegram_webhook/index.ts b/src/functions/telegram_webhook/index.ts index a767870..ba82cbe 100644 --- a/src/functions/telegram_webhook/index.ts +++ b/src/functions/telegram_webhook/index.ts @@ -23,7 +23,7 @@ const getCommand = async (body: UpdateTg): Promise => { const saveChatMessage = async (body: UpdateTg): Promise => { await ChatMessageDao.initInstance(); - await ChatMessageDao.save({ message: body, expireAt: new Date() }); + await ChatMessageDao.save({ telegramMessage: body, expireAt: new Date() }); }; const request = async (command: Command, body: UpdateTg) => { diff --git a/src/lib/dao/chatMessageDao.ts b/src/lib/dao/chatMessageDao.ts index d38e3a5..8933d20 100644 --- a/src/lib/dao/chatMessageDao.ts +++ b/src/lib/dao/chatMessageDao.ts @@ -3,7 +3,7 @@ import { ChatMessage } from "../models"; import { MongodbService } from "../services"; export class ChatMessageDao { - private static schemaName: string = "chatMessage"; + private static schemaName: string = "chat_message"; private static chatMessageSchema: Schema; public static chatMessageModel: Model; @@ -15,7 +15,7 @@ export class ChatMessageDao { if (!ChatMessageDao.chatMessageSchema) { ChatMessageDao.chatMessageSchema = new Schema( { - message: { type: Schema.Types.Mixed, required: true }, + telegramMessage: { type: Schema.Types.Mixed, required: true }, expireAt: { type: Schema.Types.Date, expires: 43200 }, }, { @@ -39,8 +39,10 @@ export class ChatMessageDao { return ChatMessageDao.chatMessageModel.create(chatMessage); } - public static async getAll(): Promise> { - const chatMessages = await ChatMessageDao.chatMessageModel.find({}).exec(); + public static async getAll(chatId: Number): Promise> { + const chatMessages = await ChatMessageDao.chatMessageModel + .find({ telegramMessage: { message: { chat: { id: chatId } } } }) + .exec(); if (!chatMessages || !chatMessages?.length) { return []; } diff --git a/src/lib/models/botnorrea.ts b/src/lib/models/botnorrea.ts index 4fdcd0b..38e49b4 100644 --- a/src/lib/models/botnorrea.ts +++ b/src/lib/models/botnorrea.ts @@ -39,7 +39,7 @@ export interface Command { export interface ChatMessage { _id?: ID | string; - message: UpdateTg; + telegramMessage: UpdateTg; expireAt?: Date | AtedAt | string; createdAt?: AtedAt | string; updatedAt?: AtedAt | string;