Added AUTH_TOKEN for authentication and improved error handling

micthiesen · Oct 26, 2024 · 535be47 · 535be47
1 parent b0e7dac
commit 535be47
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 8 deletions.
diff --git a/.env.example b/.env.example
@@ -1,3 +1,4 @@
+AUTH_TOKEN=
 PUSHOVER_USER=
 PUSHOVER_TOKEN=
 SSH_USERNAME=

diff --git a/src/dns.ts b/src/dns.ts
@@ -25,25 +25,32 @@ export async function validateDns(ssh: SNodeSSH): Promise<PushoverMessage> {
 
   if (arrayItemsEqual(currentDnsServers, env.PRIMARY_DNS_SERVERS)) {
     return {
-      title: "DNS Servers are valid",
+      title: "DNS servers are valid",
       message: `Servers: ${currentDnsServers.join(", ")}`,
     };
   } else {
     await setDnsServers(ssh, env.PRIMARY_DNS_SERVERS);
     console.log(`DNS servers restored to ${env.PRIMARY_DNS_SERVERS}`);
     return {
-      title: "DNS Servers restored",
+      title: "DNS servers restored",
       message: `Servers: ${currentDnsServers.join(", ")}`,
     };
   }
 }
 
 async function restoreDnsServers() {
-  console.log("Restoring original DNS servers...");
-  await withSshConnection(async (ssh) => {
-    await setDnsServers(ssh, env.PRIMARY_DNS_SERVERS);
-  });
-  await sendNotification({ title: "NextDNS re-enabled", message: "" });
+  try {
+    console.log("Restoring original DNS servers...");
+    await withSshConnection(async (ssh) => {
+      await setDnsServers(ssh, env.PRIMARY_DNS_SERVERS);
+    });
+    await sendNotification({
+      title: "NextDNS re-enabled",
+      message: `Restored after ${RESTORE_DELAY_MINUTES} minutes`,
+    });
+  } catch (err) {
+    console.error(`Failed to restore DNS servers: ${err}`);
+  }
 }
 
 async function getDnsServers(ssh: SNodeSSH) {

diff --git a/src/env.ts b/src/env.ts
@@ -7,6 +7,7 @@ const dnsSchema = z
 
 const env = z
   .object({
+    AUTH_TOKEN: z.string(),
     PUSHOVER_USER: z.string(),
     PUSHOVER_TOKEN: z.string(),
     SSH_USERNAME: z.string(),

diff --git a/src/index.ts b/src/index.ts
@@ -3,11 +3,17 @@ import { Hono } from "hono";
 import { logger } from "hono/logger";
 import { timeout } from "hono/timeout";
 import { RESTORE_DELAY_MINUTES, toggleDns, validateDns } from "./dns";
+import env from "./env";
 import { sendNotification } from "./notify";
 import { withSshConnection } from "./ssh";
 
 const app = new Hono<{ Bindings: HttpBindings }>();
-app.use(logger(), timeout(10000));
+app.use(logger(), timeout(15000));
+app.use(async (ctx, next) => {
+  const token = ctx.req.query("token");
+  if (token !== env.AUTH_TOKEN) return ctx.text("Unauthorized", 401);
+  return next();
+});
 app.onError(async (err, ctx) => {
   return ctx.text(`Error: ${err.message}`);
 });