From c3d14b51eb819931a70e6d8749c1ea2b2df93d39 Mon Sep 17 00:00:00 2001
From: Jon Breen <jonbreen@outlook.com>
Date: Thu, 9 May 2024 14:00:54 +0100
Subject: [PATCH] Fallback to non-secure endpoint on failure

---
 src/index.ts | 73 +++++++++++++++++++++++++++-------------------------
 1 file changed, 38 insertions(+), 35 deletions(-)

diff --git a/src/index.ts b/src/index.ts
index 32c739d..1a2df3d 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -285,50 +285,53 @@ app.post("/submit", auth0Middleware, async (c) => {
 	c.header("Access-Control-Allow-Origin", getOrigin(c.req.header("Origin")));
 	c.header("Access-Control-Allow-Methods", "POST,GET,OPTIONS");
 
+	let secureEndpointFailed: Boolean = false;
 	if (auth0Payload?.permissions && auth0Payload.permissions.includes('submit')) {
 		let originRequest = new Request(c.req.raw);
 		const resp = await fetch(c.env.secureSubmitEndpoint, originRequest);
 		if (resp.status == 200) {
+			console.log(`Successfully used secure enpoint.`);
 			return c.json({ success: "Submitted" });
 		} else {
-			return c.json({ error: "Unable to accept" }, 400);
+			console.log(`Failed to use secure submit endpoint. Response code: '${resp.status}'.`);
 		}
-	} else {
-		return c.req
-			.json()
-			.then(async (data: any) => {
-				const adapter = new PrismaD1(c.env.apiDB);
-				const prisma = new PrismaClient({ adapter });
-				let url: URL | undefined;
-				let urlParam = data.url;
-				if (urlParam == null) {
-					return c.json({ error: "Missing url param." }, 400);
-				}
-				try {
-					url = new URL(urlParam);
-				} catch {
-					return c.json({ error: `Invalid url '${data.url}'.` }, 400);
-				}
+	}
+	console.log(`Using non-secure submit endpoint.`);
+	return c.req
+		.json()
+		.then(async (data: any) => {
+			const adapter = new PrismaD1(c.env.apiDB);
+			const prisma = new PrismaClient({ adapter });
+			let url: URL | undefined;
+			let urlParam = data.url;
+			if (urlParam == null) {
+				return c.json({ error: "Missing url param." }, 400);
+			}
+			try {
+				url = new URL(urlParam);
+			} catch {
+				return c.json({ error: `Invalid url '${data.url}'.` }, 400);
+			}
 
-				try {
-					const record = {
-						url: url.toString(),
-						ip_address: c.req.header("CF-Connecting-IP") ?? null,
-						user_agent: c.req.header("User-Agent") ?? null,
-						country: c.req.header("CF-IPCountry") ?? null
-					};
-					const submission = await prisma.submissions.create({
-						data: record
-					});
-				} catch (e) {
-					if (e instanceof Prisma.PrismaClientKnownRequestError) {
-						console.log(`PrismaClientKnownRequestError code: '${e.code}'`, e);
-					}
-					return c.json({ error: "Unable to accept" }, 400);
+			try {
+				const record = {
+					url: url.toString(),
+					ip_address: c.req.header("CF-Connecting-IP") ?? null,
+					user_agent: c.req.header("User-Agent") ?? null,
+					country: c.req.header("CF-IPCountry") ?? null
+				};
+				const submission = await prisma.submissions.create({
+					data: record
+				});
+			} catch (e) {
+				if (e instanceof Prisma.PrismaClientKnownRequestError) {
+					console.log(`PrismaClientKnownRequestError code: '${e.code}'`, e);
 				}
-				return c.json({ success: "Submitted" });
-			});
-	}
+				return c.json({ error: "Unable to accept" }, 400);
+			}
+			return c.json({ success: "Submitted" });
+		});
+}
 });
 
 export default app;