From 47f405aae0b4cf13ed24f4c5a699ea63877573ea Mon Sep 17 00:00:00 2001
From: Sam Wilkins <samwilkins333@gmail.com>
Date: Thu, 9 Jan 2020 22:34:14 -0500
Subject: remote authorized session actions

---
 src/server/ApiManagers/SessionManager.ts | 57 ++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 src/server/ApiManagers/SessionManager.ts

(limited to 'src/server/ApiManagers')

diff --git a/src/server/ApiManagers/SessionManager.ts b/src/server/ApiManagers/SessionManager.ts
new file mode 100644
index 000000000..eb17ff567
--- /dev/null
+++ b/src/server/ApiManagers/SessionManager.ts
@@ -0,0 +1,57 @@
+import ApiManager, { Registration } from "./ApiManager";
+import { Method, _permission_denied, AuthorizedCore, SecureHandler } from "../RouteManager";
+import RouteSubscriber from "../RouteSubscriber";
+import { sessionAgent } from "..";
+
+const permissionError = "You are not authorized!";
+
+export default class SessionManager extends ApiManager {
+
+    private secureSubscriber = (root: string, ...params: string[]) => new RouteSubscriber(root).add("password", ...params);
+
+    private authorizedAction = (handler: SecureHandler) => {
+        return (core: AuthorizedCore) => {
+            const { req, res, isRelease } = core;
+            const { password } = req.params;
+            if (!isRelease) {
+                return res.send("This can be run only on the release server.");
+            }
+            if (password !== process.env.session_key) {
+                return _permission_denied(res, permissionError);
+            }
+            handler(core);
+            res.redirect("/home");
+        };
+    }
+
+    protected initialize(register: Registration): void {
+
+        register({
+            method: Method.GET,
+            subscription: this.secureSubscriber("debug", "mode", "recipient"),
+            secureHandler: this.authorizedAction(({ req }) => {
+                const { mode, recipient } = req.params;
+                if (["passive", "active"].includes(mode)) {
+                    sessionAgent.serverWorker.sendMonitorAction("debug", { mode, recipient });
+                }
+            })
+        });
+
+        register({
+            method: Method.GET,
+            subscription: this.secureSubscriber("backup"),
+            secureHandler: this.authorizedAction(() => sessionAgent.serverWorker.sendMonitorAction("backup"))
+        });
+
+        register({
+            method: Method.GET,
+            subscription: this.secureSubscriber("kill"),
+            secureHandler: this.authorizedAction(({ res }) => {
+                res.send("<img src='https://media.giphy.com/media/NGIfqtcS81qi4/giphy.gif' style='width:100%;height:100%;'/>");
+                sessionAgent.killSession("an authorized user has manually ended the server session via the /kill route", true);
+            })
+        });
+
+    }
+
+}
\ No newline at end of file
-- 
cgit v1.2.3-70-g09d2