neoris/openvidu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

backend: Clean up routes code

Browse Source
This commit is contained in:
juancarmore 2025-03-28 12:55:07 +01:00
parent 28b65db651
commit 6f0e0a2bd3
6 changed files with 13 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
backend/src/middlewares/auth.middleware.ts
View File

@ -18,6 +18,8 @@ import {
errorInvalidApiKey, errorInvalidApiKey,
OpenViduMeetError OpenViduMeetError
} from '../models/index.js'; } from '../models/index.js';
import rateLimit from 'express-rate-limit';
import ms from 'ms';
/** /**
* This middleware allows to chain multiple validators to check if the request is authorized. * This middleware allows to chain multiple validators to check if the request is authorized.
@ -157,3 +159,10 @@ export const allowAnonymous = async (req: Request) => {
req.session = req.session || {}; req.session = req.session || {};
req.session.user = user; req.session.user = user;
}; };
// Limit login attempts to avoid brute force attacks
export const loginLimiter = rateLimit({
windowMs: ms('15m'),
limit: 5,
message: 'Too many login attempts, please try again later'
});

12
backend/src/routes/auth.routes.ts
View File

@ -1,21 +1,11 @@
import ms from 'ms';
import { Router } from 'express'; import { Router } from 'express';
import bodyParser from 'body-parser'; import bodyParser from 'body-parser';
import * as authCtrl from '../controllers/auth.controller.js'; import * as authCtrl from '../controllers/auth.controller.js';
import rateLimit from 'express-rate-limit'; import { loginLimiter, tokenAndRoleValidator, withAuth } from '../middlewares/auth.middleware.js';
import { tokenAndRoleValidator, withAuth } from '../middlewares/auth.middleware.js';
import { validateLoginRequest } from '../middlewares/request-validators/auth-validator.middleware.js'; import { validateLoginRequest } from '../middlewares/request-validators/auth-validator.middleware.js';
import { UserRole } from '@typings-ce'; import { UserRole } from '@typings-ce';
export const authRouter = Router(); export const authRouter = Router();
// Limit login attempts for avoiding brute force attacks
const loginLimiter = rateLimit({
windowMs: ms('15m'),
limit: 5,
message: 'Too many login attempts, please try again later'
});
authRouter.use(bodyParser.urlencoded({ extended: true })); authRouter.use(bodyParser.urlencoded({ extended: true }));
authRouter.use(bodyParser.json()); authRouter.use(bodyParser.json());

6
backend/src/routes/livekit.routes.ts
View File

@ -1,9 +1,7 @@
import express, { Router } from 'express'; import express, { Router } from 'express';
import { lkWebhookHandler } from '../controllers/livekit-webhook.controller.js'; import { lkWebhookHandler } from '../controllers/livekit-webhook.controller.js';
const livekitWebhookRouter = Router(); export const livekitWebhookRouter = Router();
livekitWebhookRouter.use(express.raw({ type: 'application/webhook+json' })); livekitWebhookRouter.use(express.raw({ type: 'application/webhook+json' }));
livekitWebhookRouter.post('/', lkWebhookHandler);
export { livekitWebhookRouter }; livekitWebhookRouter.post('/', lkWebhookHandler);

1
backend/src/routes/participants.routes.ts
View File

@ -12,6 +12,7 @@ export const internalParticipantsRouter = Router();
internalParticipantsRouter.use(bodyParser.urlencoded({ extended: true })); internalParticipantsRouter.use(bodyParser.urlencoded({ extended: true }));
internalParticipantsRouter.use(bodyParser.json()); internalParticipantsRouter.use(bodyParser.json());
// Internal Participant Routes
internalParticipantsRouter.post( internalParticipantsRouter.post(
'/token', '/token',
validateParticipantTokenRequest, validateParticipantTokenRequest,

1
backend/src/routes/room.routes.ts
View File

@ -16,7 +16,6 @@ import { UserRole } from '@typings-ce';
import { configureCreateRoomAuth, configureRoomAuthorization } from '../middlewares/room.middleware.js'; import { configureCreateRoomAuth, configureRoomAuthorization } from '../middlewares/room.middleware.js';
export const roomRouter = Router(); export const roomRouter = Router();
roomRouter.use(bodyParser.urlencoded({ extended: true })); roomRouter.use(bodyParser.urlencoded({ extended: true }));
roomRouter.use(bodyParser.json()); roomRouter.use(bodyParser.json());

2
backend/src/server.ts
View File

@ -45,8 +45,6 @@ const createApp = () => {
app.use(`${MEET_API_BASE_PATH_V1}/rooms`, /*mediaTypeValidatorMiddleware,*/ roomRouter); app.use(`${MEET_API_BASE_PATH_V1}/rooms`, /*mediaTypeValidatorMiddleware,*/ roomRouter);
app.use(`${MEET_API_BASE_PATH_V1}/recordings`, /*mediaTypeValidatorMiddleware,*/ recordingRouter); app.use(`${MEET_API_BASE_PATH_V1}/recordings`, /*mediaTypeValidatorMiddleware,*/ recordingRouter);
app.use(`${MEET_API_BASE_PATH_V1}/auth`, /*mediaTypeValidatorMiddleware,*/ authRouter); app.use(`${MEET_API_BASE_PATH_V1}/auth`, /*mediaTypeValidatorMiddleware,*/ authRouter);
// TODO: This route should be part of the rooms router
app.use(`${MEET_API_BASE_PATH_V1}/preferences`, /*mediaTypeValidatorMiddleware,*/ preferencesRouter); app.use(`${MEET_API_BASE_PATH_V1}/preferences`, /*mediaTypeValidatorMiddleware,*/ preferencesRouter);
// Internal routes // Internal routes