diff --git a/config.template.json b/config.template.json index 5dfc37f..99449b3 100644 --- a/config.template.json +++ b/config.template.json @@ -6,5 +6,11 @@ "password": "12345", "database": "appreports" }, - "port": "8080" + "port": "8080", + "restrictClients": false, + "allowedClients": [ + "127.0.0.1", + "::1" + ], + "clearLogAfterDays": -1 } diff --git a/index.js b/index.js index 57bcc09..9b2178e 100644 --- a/index.js +++ b/index.js @@ -27,11 +27,7 @@ app.use(bodyParser.text({ type: '*/*' })); app.post('/', (req, res, next) => { const json = tryParseJSON(req.body); if (typeof req.query.json != 'undefined') { - switch (json.action) { - case 'delete': { - pg.query('DELETE FROM "Log" WHERE ID = $1', json.data); - } - } + //json mod requests } else { pg.query( `INSERT INTO "Log" ("App", "Type", "Client", "Message", "Misc", "Stack") Values($1, $2, $3, $4, $5, $6)`, @@ -44,6 +40,15 @@ app.post('/', (req, res, next) => { app.get('/', async (req, res, next) => { if (typeof req.query.json != 'undefined') { + if ( + config.restrictClients && + !config.allowedClients.includes(req.connection.remoteAddress) + ) { + console.log('blocked request from ' + req.connection.remoteAddress); + res.status(403).end(); + return; + } + const data = await pg.query( `SELECT "ID", "Timestamp", "Type", "App", "Client", "Message", "Misc", "Stack" FROM "Log"` ); @@ -59,6 +64,11 @@ app.get('/', async (req, res, next) => { .end( JSON.stringify({ headings: headings, data: rows, hidden: hiddenData }) ); + try { + const clearLogInterval = Number.parseInt(config.clearLogAfterDays); + if (clearLogInterval > 0) + await pg.query(`DELETE FROM "Log" WHERE "Timestamp" < now() - interval '${clearLogInterval} days'`); + } catch (e) {} } else { next(); }