Added subject endpoints (#35)

cultpodcasts · Aug 6, 2024 · 39eef0d · 39eef0d
1 parent a05c574
commit 39eef0d
Showing 1 changed file with 74 additions and 0 deletions.
diff --git a/src/index.ts b/src/index.ts
@@ -22,6 +22,7 @@ type Env = {
 	secureDiscoveryCurationEndpoint: URL;
 	securePodcastIndexEndpoint: URL;
 	securePodcastEndpoint: URL;
+	secureSubjectEndpoint: URL
 }
 
 const allowedOrigins: Array<string> = [
@@ -567,6 +568,79 @@ app.post("/podcast/index/:name", auth0Middleware, async (c) => {
 	return c.json({ error: "Unauthorised" }, 403);
 });
 
+
+app.get("/subject/:name", auth0Middleware, async (c) => {
+	const auth0Payload: Auth0JwtPayload = c.var.auth0('payload');
+	const name = c.req.param('name')
+	c.header("Cache-Control", "max-age=600");
+	c.header("Content-Type", "application/json");
+	c.header("Access-Control-Allow-Origin", getOrigin(c.req.header("Origin")));
+	c.header("Access-Control-Allow-Methods", "POST,GET,OPTIONS");
+
+	if (auth0Payload?.permissions && auth0Payload.permissions.includes('curate')) {
+		const authorisation: string = c.req.header("Authorization")!;
+		console.log(`Using auth header '${authorisation.slice(0, 20)}..'`);
+		const url = `${c.env.secureSubjectEndpoint}/${encodeURIComponent(name)}`;
+		console.log(url);
+		const resp = await fetch(url, {
+			headers: {
+				'Accept': "*/*",
+				'Authorization': authorisation,
+				"Content-type": "application/json",
+				"Cache-Control": "no-cache",
+				"User-Agent": "cult-podcasts-api",
+				"Host": new URL(c.env.secureSubjectEndpoint).host
+			},
+			method: "GET"
+		});
+		if (resp.status == 200) {
+			console.log(`Successfully used secure-subject-endpoint.`);
+
+			return new Response(resp.body);
+		} else {
+			console.log(`Failed to use secure-subject-endpoint. Response code: '${resp.status}'.`);
+			return c.json({ error: "Error" }, 500);
+		}
+	}
+	return c.json({ error: "Unauthorised" }, 403);
+});
+
+app.post("/subject/:id", auth0Middleware, async (c) => {
+	const auth0Payload: Auth0JwtPayload = c.var.auth0('payload');
+	const id = c.req.param('id')
+	c.header("Cache-Control", "max-age=600");
+	c.header("Content-Type", "application/json");
+	c.header("Access-Control-Allow-Origin", getOrigin(c.req.header("Origin")));
+	c.header("Access-Control-Allow-Methods", "POST,GET,OPTIONS");
+
+	if (auth0Payload?.permissions && auth0Payload.permissions.includes('curate')) {
+		const authorisation: string = c.req.header("Authorization")!;
+		const url = `${c.env.secureSubjectEndpoint}/${id}`;
+		const data: any = await c.req.json();
+		const body: string = JSON.stringify(data)
+		const resp = await fetch(url, {
+			headers: {
+				'Accept': "*/*",
+				'Authorization': authorisation,
+				"Content-type": "application/json",
+				"Cache-Control": "no-cache",
+				"User-Agent": "cult-podcasts-api",
+				"Host": new URL(c.env.secureSubjectEndpoint).host
+			},
+			method: "POST",
+			body: body
+		});
+		if (resp.status == 202) {
+			console.log(`Successfully used secure-subject-endpoint.`);
+			return new Response(resp.body);
+		} else {
+			console.log(`Failed to use secure-subject-endpoint. Response code: '${resp.status}'.`);
+			return c.json({ error: "Error" }, 500);
+		}
+	}
+	return c.json({ error: "Unauthorised" }, 403);
+});
+
 app.get("/discovery-curation", auth0Middleware, async (c) => {
 	const auth0Payload: Auth0JwtPayload = c.var.auth0('payload');
 	c.header("Cache-Control", "max-age=600");