const express = require("express"); const { allowDevAllOrigin, allowAllOrigin, percentageToColor, filterAndJoin, sendHttpError } = require("../util-server"); const { R } = require("redbean-node"); const apicache = require("../modules/apicache"); const Monitor = require("../model/monitor"); const dayjs = require("dayjs"); const { UP, MAINTENANCE, DOWN, PENDING, flipStatus, log } = require("../../src/util"); const StatusPage = require("../model/status_page"); const { UptimeKumaServer } = require("../uptime-kuma-server"); const { makeBadge } = require("badge-maker"); const { badgeConstants } = require("../config"); const { Prometheus } = require("../prometheus"); const Database = require("../database"); const { UptimeCalculator } = require("../uptime-calculator"); const ioClient = require("socket.io-client").io; const Socket = require("socket.io-client").Socket; const { headerAuthMiddleware } = require("../auth"); const jwt = require("jsonwebtoken"); const fs = require("fs"); const JSON5 = require("json5"); const apiSpec = JSON5.parse(fs.readFileSync("./extra/api-spec.json5", "utf8")); let router = express.Router(); let cache = apicache.middleware; const server = UptimeKumaServer.getInstance(); let io = server.io; router.get("/api/entry-page", async (request, response) => { allowDevAllOrigin(response); let result = { }; if (request.hostname in StatusPage.domainMappingList) { result.type = "statusPageMatchedDomain"; result.statusPageSlug = StatusPage.domainMappingList[request.hostname]; } else { result.type = "entryPage"; result.entryPage = server.entryPage; } response.json(result); }); router.get("/api/push/:pushToken", async (request, response) => { try { let pushToken = request.params.pushToken; let msg = request.query.msg || "OK"; let ping = parseInt(request.query.ping) || null; let statusString = request.query.status || "up"; let status = (statusString === "up") ? UP : DOWN; let monitor = await R.findOne("monitor", " push_token = ? AND active = 1 ", [ pushToken ]); if (! monitor) { throw new Error("Monitor not found or not active."); } const previousHeartbeat = await Monitor.getPreviousHeartbeat(monitor.id); if (monitor.isUpsideDown()) { status = flipStatus(status); } let isFirstBeat = true; let previousStatus = status; let duration = 0; let bean = R.dispense("heartbeat"); bean.time = R.isoDateTimeMillis(dayjs.utc()); if (previousHeartbeat) { isFirstBeat = false; previousStatus = previousHeartbeat.status; duration = dayjs(bean.time).diff(dayjs(previousHeartbeat.time), "second"); } if (await Monitor.isUnderMaintenance(monitor.id)) { msg = "Monitor under maintenance"; status = MAINTENANCE; } log.debug("router", `/api/push/ called at ${dayjs().format("YYYY-MM-DD HH:mm:ss.SSS")}`); log.debug("router", "PreviousStatus: " + previousStatus); log.debug("router", "Current Status: " + status); bean.important = Monitor.isImportantBeat(isFirstBeat, previousStatus, status); bean.monitor_id = monitor.id; bean.status = status; bean.msg = msg; bean.ping = ping; bean.duration = duration; await R.store(bean); io.to(monitor.user_id).emit("heartbeat", bean.toJSON()); Monitor.sendStats(io, monitor.id, monitor.user_id); new Prometheus(monitor).update(bean, undefined); response.json({ ok: true, }); if (Monitor.isImportantForNotification(isFirstBeat, previousStatus, status)) { await Monitor.sendNotification(isFirstBeat, monitor, bean); } } catch (e) { response.status(404).json({ ok: false, msg: e.message }); } }); /* * Map Socket.io API to REST API */ router.post("/api", headerAuthMiddleware, async (request, response) => { allowDevAllOrigin(response); // TODO: Allow whitelist of origins // Generate a JWT for logging in to the socket.io server const apiKeyID = response.locals.apiKeyID; const userID = await R.getCell("SELECT user_id FROM api_key WHERE id = ?", [ apiKeyID ]); const username = await R.getCell("SELECT username FROM user WHERE id = ?", [ userID ]); const token = jwt.sign({ username, }, server.jwtSecret); const requestData = request.body; console.log(requestData); // TODO: should not hard coded let wsURL = "ws://localhost:3001"; const socket = ioClient(wsURL, { transports: [ "websocket" ], reconnection: false, }); try { let result = await socketClientHandler(socket, token, requestData); let status = 200; if (result.status) { status = result.status; } else if (typeof result === "object" && result.ok === false) { status = 404; } response.status(status).json(result); } catch (e) { response.status(e.status).json(e); } console.log("Close socket"); socket.disconnect(); }); /** * @param {Socket} socket * @param {string} token JWT * @param {object} requestData Request Data */ function socketClientHandler(socket, token, requestData) { const action = requestData.action; const params = requestData.params; return new Promise((resolve, reject) => { socket.on("connect", () => { socket.emit("loginByToken", token, (res) => { if (res.ok) { let matched = false; // Find the action in the API spec for (let actionObj of apiSpec) { // Find it if (action === actionObj.name) { matched = true; let flatParams = []; // Check if required parameters are provided if (actionObj.params.length > 0 && !params) { reject({ status: 400, ok: false, msg: "Missing \"params\" property in request body", }); return; } // Check if required parameters are valid for (let paramObj of actionObj.params) { let value = params[paramObj.name]; // Check if required parameter is in a correct data type if (typeof value !== paramObj.type) { reject({ status: 400, ok: false, msg: `Parameter "${paramObj.name}" should be "${paramObj.type}". Got "${typeof value}" instead.` }); return; } flatParams.push(value); } socket.emit(actionObj.name, ...flatParams, (res) => { resolve(res); }); break; } } if (action === "getPushExample") { if (params.length <= 0) { reject({ status: 400, ok: false, msg: "Missing required parameter(s)", }); } else { socket.emit("getPushExample", params[0], (res) => { resolve(res); }); } } if (!matched) { reject({ status: 404, ok: false, msg: "Event not found" }); } } else { reject({ status: 401, ok: false, msg: "Login failed?????" }); } }); }); socket.on("connect_error", (error) => { reject({ status: 500, ok: false, msg: error.message }); }); socket.on("error", (error) => { reject({ status: 500, ok: false, msg: error.message }); }); }); } /* * Badge API */ router.get("/api/badge/:id/status", cache("5 minutes"), async (request, response) => { allowAllOrigin(response); const { label, upLabel = "Up", downLabel = "Down", pendingLabel = "Pending", maintenanceLabel = "Maintenance", upColor = badgeConstants.defaultUpColor, downColor = badgeConstants.defaultDownColor, pendingColor = badgeConstants.defaultPendingColor, maintenanceColor = badgeConstants.defaultMaintenanceColor, style = badgeConstants.defaultStyle, value, // for demo purpose only } = request.query; try { const requestedMonitorId = parseInt(request.params.id, 10); const overrideValue = value !== undefined ? parseInt(value) : undefined; let publicMonitor = await R.getRow(` SELECT monitor_group.monitor_id FROM monitor_group, \`group\` WHERE monitor_group.group_id = \`group\`.id AND monitor_group.monitor_id = ? AND public = 1 `, [ requestedMonitorId ] ); const badgeValues = { style }; if (!publicMonitor) { // return a "N/A" badge in naColor (grey), if monitor is not public / not available / non exsitant badgeValues.message = "N/A"; badgeValues.color = badgeConstants.naColor; } else { const heartbeat = await Monitor.getPreviousHeartbeat(requestedMonitorId); const state = overrideValue !== undefined ? overrideValue : heartbeat.status; if (label === undefined) { badgeValues.label = "Status"; } else { badgeValues.label = label; } switch (state) { case DOWN: badgeValues.color = downColor; badgeValues.message = downLabel; break; case UP: badgeValues.color = upColor; badgeValues.message = upLabel; break; case PENDING: badgeValues.color = pendingColor; badgeValues.message = pendingLabel; break; case MAINTENANCE: badgeValues.color = maintenanceColor; badgeValues.message = maintenanceLabel; break; default: badgeValues.color = badgeConstants.naColor; badgeValues.message = "N/A"; } } // build the svg based on given values const svg = makeBadge(badgeValues); response.type("image/svg+xml"); response.send(svg); } catch (error) { sendHttpError(response, error.message); } }); router.get("/api/badge/:id/uptime/:duration?", cache("5 minutes"), async (request, response) => { allowAllOrigin(response); const { label, labelPrefix, labelSuffix = badgeConstants.defaultUptimeLabelSuffix, prefix, suffix = badgeConstants.defaultUptimeValueSuffix, color, labelColor, style = badgeConstants.defaultStyle, value, // for demo purpose only } = request.query; try { const requestedMonitorId = parseInt(request.params.id, 10); // if no duration is given, set value to 24 (h) let requestedDuration = request.params.duration !== undefined ? request.params.duration : "24h"; const overrideValue = value && parseFloat(value); if (requestedDuration === "24") { requestedDuration = "24h"; } let publicMonitor = await R.getRow(` SELECT monitor_group.monitor_id FROM monitor_group, \`group\` WHERE monitor_group.group_id = \`group\`.id AND monitor_group.monitor_id = ? AND public = 1 `, [ requestedMonitorId ] ); const badgeValues = { style }; if (!publicMonitor) { // return a "N/A" badge in naColor (grey), if monitor is not public / not available / non existent badgeValues.message = "N/A"; badgeValues.color = badgeConstants.naColor; } else { const uptimeCalculator = await UptimeCalculator.getUptimeCalculator(requestedMonitorId); const uptime = overrideValue ?? uptimeCalculator.getDataByDuration(requestedDuration).uptime; // limit the displayed uptime percentage to four (two, when displayed as percent) decimal digits const cleanUptime = (uptime * 100).toPrecision(4); // use a given, custom color or calculate one based on the uptime value badgeValues.color = color ?? percentageToColor(uptime); // use a given, custom labelColor or use the default badge label color (defined by badge-maker) badgeValues.labelColor = labelColor ?? ""; // build a label string. If a custom label is given, override the default one (requestedDuration) badgeValues.label = filterAndJoin([ labelPrefix, label ?? `Uptime (${requestedDuration}${labelSuffix})`, ]); badgeValues.message = filterAndJoin([ prefix, cleanUptime, suffix ]); } // build the SVG based on given values const svg = makeBadge(badgeValues); response.type("image/svg+xml"); response.send(svg); } catch (error) { sendHttpError(response, error.message); } }); router.get("/api/badge/:id/ping/:duration?", cache("5 minutes"), async (request, response) => { allowAllOrigin(response); const { label, labelPrefix, labelSuffix = badgeConstants.defaultPingLabelSuffix, prefix, suffix = badgeConstants.defaultPingValueSuffix, color = badgeConstants.defaultPingColor, labelColor, style = badgeConstants.defaultStyle, value, // for demo purpose only } = request.query; try { const requestedMonitorId = parseInt(request.params.id, 10); // Default duration is 24 (h) if not defined in queryParam, limited to 720h (30d) let requestedDuration = request.params.duration !== undefined ? request.params.duration : "24h"; const overrideValue = value && parseFloat(value); if (requestedDuration === "24") { requestedDuration = "24h"; } // Check if monitor is public const uptimeCalculator = await UptimeCalculator.getUptimeCalculator(requestedMonitorId); const publicAvgPing = uptimeCalculator.getDataByDuration(requestedDuration).avgPing; const badgeValues = { style }; if (!publicAvgPing) { // return a "N/A" badge in naColor (grey), if monitor is not public / not available / non exsitant badgeValues.message = "N/A"; badgeValues.color = badgeConstants.naColor; } else { const avgPing = parseInt(overrideValue ?? publicAvgPing); badgeValues.color = color; // use a given, custom labelColor or use the default badge label color (defined by badge-maker) badgeValues.labelColor = labelColor ?? ""; // build a lable string. If a custom label is given, override the default one (requestedDuration) badgeValues.label = filterAndJoin([ labelPrefix, label ?? `Avg. Ping (${requestedDuration}${labelSuffix})` ]); badgeValues.message = filterAndJoin([ prefix, avgPing, suffix ]); } // build the SVG based on given values const svg = makeBadge(badgeValues); response.type("image/svg+xml"); response.send(svg); } catch (error) { sendHttpError(response, error.message); } }); router.get("/api/badge/:id/avg-response/:duration?", cache("5 minutes"), async (request, response) => { allowAllOrigin(response); const { label, labelPrefix, labelSuffix, prefix, suffix = badgeConstants.defaultPingValueSuffix, color = badgeConstants.defaultPingColor, labelColor, style = badgeConstants.defaultStyle, value, // for demo purpose only } = request.query; try { const requestedMonitorId = parseInt(request.params.id, 10); // Default duration is 24 (h) if not defined in queryParam, limited to 720h (30d) const requestedDuration = Math.min( request.params.duration ? parseInt(request.params.duration, 10) : 24, 720 ); const overrideValue = value && parseFloat(value); const sqlHourOffset = Database.sqlHourOffset(); const publicAvgPing = parseInt(await R.getCell(` SELECT AVG(ping) FROM monitor_group, \`group\`, heartbeat WHERE monitor_group.group_id = \`group\`.id AND heartbeat.time > ${sqlHourOffset} AND heartbeat.ping IS NOT NULL AND public = 1 AND heartbeat.monitor_id = ? `, [ -requestedDuration, requestedMonitorId ] )); const badgeValues = { style }; if (!publicAvgPing) { // return a "N/A" badge in naColor (grey), if monitor is not public / not available / non existent badgeValues.message = "N/A"; badgeValues.color = badgeConstants.naColor; } else { const avgPing = parseInt(overrideValue ?? publicAvgPing); badgeValues.color = color; // use a given, custom labelColor or use the default badge label color (defined by badge-maker) badgeValues.labelColor = labelColor ?? ""; // build a label string. If a custom label is given, override the default one (requestedDuration) badgeValues.label = filterAndJoin([ labelPrefix, label ?? `Avg. Response (${requestedDuration}h)`, labelSuffix, ]); badgeValues.message = filterAndJoin([ prefix, avgPing, suffix ]); } // build the SVG based on given values const svg = makeBadge(badgeValues); response.type("image/svg+xml"); response.send(svg); } catch (error) { sendHttpError(response, error.message); } }); router.get("/api/badge/:id/cert-exp", cache("5 minutes"), async (request, response) => { allowAllOrigin(response); const date = request.query.date; const { label, labelPrefix, labelSuffix, prefix, suffix = date ? "" : badgeConstants.defaultCertExpValueSuffix, upColor = badgeConstants.defaultUpColor, warnColor = badgeConstants.defaultWarnColor, downColor = badgeConstants.defaultDownColor, warnDays = badgeConstants.defaultCertExpireWarnDays, downDays = badgeConstants.defaultCertExpireDownDays, labelColor, style = badgeConstants.defaultStyle, value, // for demo purpose only } = request.query; try { const requestedMonitorId = parseInt(request.params.id, 10); const overrideValue = value && parseFloat(value); let publicMonitor = await R.getRow(` SELECT monitor_group.monitor_id FROM monitor_group, \`group\` WHERE monitor_group.group_id = \`group\`.id AND monitor_group.monitor_id = ? AND public = 1 `, [ requestedMonitorId ] ); const badgeValues = { style }; if (!publicMonitor) { // return a "N/A" badge in naColor (grey), if monitor is not public / not available / non existent badgeValues.message = "N/A"; badgeValues.color = badgeConstants.naColor; } else { const tlsInfoBean = await R.findOne("monitor_tls_info", "monitor_id = ?", [ requestedMonitorId, ]); if (!tlsInfoBean) { // return a "No/Bad Cert" badge in naColor (grey), if no cert saved (does not save bad certs?) badgeValues.message = "No/Bad Cert"; badgeValues.color = badgeConstants.naColor; } else { const tlsInfo = JSON.parse(tlsInfoBean.info_json); if (!tlsInfo.valid) { // return a "Bad Cert" badge in naColor (grey), when cert is not valid badgeValues.message = "Bad Cert"; badgeValues.color = downColor; } else { const daysRemaining = parseInt(overrideValue ?? tlsInfo.certInfo.daysRemaining); if (daysRemaining > warnDays) { badgeValues.color = upColor; } else if (daysRemaining > downDays) { badgeValues.color = warnColor; } else { badgeValues.color = downColor; } // use a given, custom labelColor or use the default badge label color (defined by badge-maker) badgeValues.labelColor = labelColor ?? ""; // build a label string. If a custom label is given, override the default one badgeValues.label = filterAndJoin([ labelPrefix, label ?? "Cert Exp.", labelSuffix, ]); badgeValues.message = filterAndJoin([ prefix, date ? tlsInfo.certInfo.validTo : daysRemaining, suffix ]); } } } // build the SVG based on given values const svg = makeBadge(badgeValues); response.type("image/svg+xml"); response.send(svg); } catch (error) { sendHttpError(response, error.message); } }); router.get("/api/badge/:id/response", cache("5 minutes"), async (request, response) => { allowAllOrigin(response); const { label, labelPrefix, labelSuffix, prefix, suffix = badgeConstants.defaultPingValueSuffix, color = badgeConstants.defaultPingColor, labelColor, style = badgeConstants.defaultStyle, value, // for demo purpose only } = request.query; try { const requestedMonitorId = parseInt(request.params.id, 10); const overrideValue = value && parseFloat(value); let publicMonitor = await R.getRow(` SELECT monitor_group.monitor_id FROM monitor_group, \`group\` WHERE monitor_group.group_id = \`group\`.id AND monitor_group.monitor_id = ? AND public = 1 `, [ requestedMonitorId ] ); const badgeValues = { style }; if (!publicMonitor) { // return a "N/A" badge in naColor (grey), if monitor is not public / not available / non existent badgeValues.message = "N/A"; badgeValues.color = badgeConstants.naColor; } else { const heartbeat = await Monitor.getPreviousHeartbeat( requestedMonitorId ); if (!heartbeat.ping) { // return a "N/A" badge in naColor (grey), if previous heartbeat has no ping badgeValues.message = "N/A"; badgeValues.color = badgeConstants.naColor; } else { const ping = parseInt(overrideValue ?? heartbeat.ping); badgeValues.color = color; // use a given, custom labelColor or use the default badge label color (defined by badge-maker) badgeValues.labelColor = labelColor ?? ""; // build a label string. If a custom label is given, override the default one badgeValues.label = filterAndJoin([ labelPrefix, label ?? "Response", labelSuffix, ]); badgeValues.message = filterAndJoin([ prefix, ping, suffix ]); } } // build the SVG based on given values const svg = makeBadge(badgeValues); response.type("image/svg+xml"); response.send(svg); } catch (error) { sendHttpError(response, error.message); } }); module.exports = router;