src/server/ApiManagers/SessionManager.ts


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

import ApiManager, { Registration } from './ApiManager';
import { Method, _permissionDenied, AuthorizedCore, SecureHandler } from '../RouteManager';
import RouteSubscriber from '../RouteSubscriber';
import { sessionAgent } from '..';
import { DashSessionAgent } from '../DashSession/DashSessionAgent';

const permissionError = 'You are not authorized!';

export default class SessionManager extends ApiManager {
    private secureSubscriber = (root: string, ...params: string[]) => new RouteSubscriber(root).add('session_key', ...params);

    private authorizedAction = (handler: SecureHandler) => (core: AuthorizedCore) => {
        const {
            req: { params },
            res,
        } = core;
        if (!process.env.MONITORED) {
            return res.send('This command only makes sense in the context of a monitored session.');
        }
        if (params.session_key !== process.env.session_key) {
            return _permissionDenied(res, permissionError);
        }
        return handler(core);
    };

    protected initialize(register: Registration): void {
        register({
            method: Method.GET,
            subscription: this.secureSubscriber('debug', 'to?'),
            secureHandler: this.authorizedAction(async ({ req: { params }, res }) => {
                const to = params.to || DashSessionAgent.notificationRecipient;
                const { error } = await sessionAgent.serverWorker.emit('debug', { to });
                res.send(error ? error.message : `Your request was successful: the server captured and compressed (but did not save) a new back up. It was sent to ${to}.`);
            }),
        });

        register({
            method: Method.GET,
            subscription: this.secureSubscriber('backup'),
            secureHandler: this.authorizedAction(async ({ res }) => {
                const { error } = await sessionAgent.serverWorker.emit('backup');
                res.send(error ? error.message : 'Your request was successful: the server successfully created a new back up.');
            }),
        });

        register({
            method: Method.GET,
            subscription: this.secureSubscriber('kill'),
            secureHandler: this.authorizedAction(({ res }) => {
                res.send('Your request was successful: the server and its session have been killed.');
                sessionAgent.killSession('an authorized user has manually ended the server session via the /kill route');
            }),
        });

        register({
            method: Method.GET,
            subscription: this.secureSubscriber('deleteSession'),
            secureHandler: this.authorizedAction(async ({ res }) => {
                const { error } = await sessionAgent.serverWorker.emit('delete');
                res.send(error ? error.message : 'Your request was successful: the server successfully deleted the database. Return to /home.');
            }),
        });
    }
}