Compare commits
5 Commits
v0.0.2
...
dfc3f4cd87
| Author | SHA1 | Date | |
|---|---|---|---|
| dfc3f4cd87 | |||
| e0d8849bd1 | |||
| 429613c67e | |||
| 681555fef8 | |||
| 066b9884c2 |
@@ -1,3 +1,4 @@
|
|||||||
.env
|
.env
|
||||||
*/.env
|
*/.env
|
||||||
*.md
|
build
|
||||||
|
node_modules
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
# Server config
|
# Server config
|
||||||
ACCESS_TOKEN_PRIVATE_KEY=CHANGE_ME_TO_SOMETHING_RANDOM # Used to generate user tokens. Make sure this is pretty random.
|
ACCESS_TOKEN_PRIVATE_KEY=CHANGE_ME_TO_SOMETHING_RANDOM # Used to generate user tokens. Make sure this is pretty random.
|
||||||
TRUSTED_ORIGINS=http://localhost:6568 # Comma separated list of trusted origins. Make sure to include your PUBLIC_URL here.
|
TRUSTED_ORIGINS=http://localhost:6568,http://127.0.0.1:6568 # Comma separated list of trusted origins. Make sure to include your PUBLIC_URL here.
|
||||||
|
|
||||||
# TypeORM specific
|
# TypeORM specific
|
||||||
# Please make sure these match with docker-compose.yml, or your own postgres server.
|
# Please make sure these match with docker-compose.yml, or your own postgres server.
|
||||||
|
|||||||
@@ -4,7 +4,7 @@ FROM node:24-trixie-slim AS builder
|
|||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
COPY package*.json ./
|
COPY package*.json ./
|
||||||
RUN npm ci --only=production && npm cache clean --force
|
RUN npm ci && npm cache clean --force
|
||||||
COPY . .
|
COPY . .
|
||||||
|
|
||||||
FROM node:24-trixie-slim AS production
|
FROM node:24-trixie-slim AS production
|
||||||
|
|||||||
@@ -26,10 +26,14 @@ Running the back-end is as simple as:
|
|||||||
npm ci
|
npm ci
|
||||||
```
|
```
|
||||||
- Copying the .env.default file to .env, and customizing it to own preferences.
|
- Copying the .env.default file to .env, and customizing it to own preferences.
|
||||||
|
|
||||||
**Example:** Say, you want to add a domain to the trusted CORS origins list. To do so, your .env file in your editor of choice and append a comma (`,`) with the origin you want to add (say, `http://example.com`). Your .env file might then look as follows: `TRUSTED_ORIGINS=http://localhost:6568,http://example.com`.
|
**Example:** Say, you want to add a domain to the trusted CORS origins list. To do so, your .env file in your editor of choice and append a comma (`,`) with the origin you want to add (say, `http://example.com`). Your .env file might then look as follows: `TRUSTED_ORIGINS=http://localhost:6568,http://example.com`.
|
||||||
|
|
||||||
**Important:** Make sure to change the `ACCESS_TOKEN_PRIVATE_KEY` variable to something secure, as this secret value will be used to generate user sessions. **Setting a weak key will allow attackers to potentially bruteforce your secret and forge user tokens!**
|
**Important:** Make sure to change the `ACCESS_TOKEN_PRIVATE_KEY` variable to something secure, as this secret value will be used to generate user sessions. **Setting a weak key will allow attackers to potentially bruteforce your secret and forge user tokens!**
|
||||||
- Pasting your wordlist file into `src/tools/wordlist.ts`.
|
- Pasting your wordlist file into `src/tools/wordlist.ts`.
|
||||||
|
|
||||||
No wordlist file exists by default in `src/tools/wordlist.ts`. This is because wordlists were meant to be as modular as possible (with the philosophy of "bring your own wordlist"). If you leave that as-is, you'll run into runtime errors.
|
No wordlist file exists by default in `src/tools/wordlist.ts`. This is because wordlists were meant to be as modular as possible (with the philosophy of "bring your own wordlist"). If you leave that as-is, you'll run into runtime errors.
|
||||||
|
|
||||||
However, if you don't want to provide your own wordlist, and just want to get up and running as fast as possible, you're free to use the provided sample `wordlist.example-large.ts` file. Just copy it into `src/tools/wordlist.ts`:
|
However, if you don't want to provide your own wordlist, and just want to get up and running as fast as possible, you're free to use the provided sample `wordlist.example-large.ts` file. Just copy it into `src/tools/wordlist.ts`:
|
||||||
```sh
|
```sh
|
||||||
cp wordlist.example-large.ts src/tools/wordlist.ts
|
cp wordlist.example-large.ts src/tools/wordlist.ts
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "kittyBE",
|
"name": "kittyBE",
|
||||||
"version": "0.0.2",
|
"version": "0.0.3",
|
||||||
"description": "Your go-to place for short and memorable URLs.",
|
"description": "Your go-to place for short and memorable URLs.",
|
||||||
"type": "commonjs",
|
"type": "commonjs",
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
|
|||||||
@@ -91,7 +91,7 @@ AppDataSource.initialize().then(async () => {
|
|||||||
|
|
||||||
// Retrieve url, subdomain from request.
|
// Retrieve url, subdomain from request.
|
||||||
let uri: string = req.url.slice(1); // discards / from /abc, /abc -> abc
|
let uri: string = req.url.slice(1); // discards / from /abc, /abc -> abc
|
||||||
let subdomain: string | null = req.headers.host!.replace(rs.fqdn, '') || null;
|
let subdomain: string | null = req.headers.host!.replace(rs.fqdn, '').slice(0, -1) || null; // slice() to remove trailing dot
|
||||||
|
|
||||||
// Try to lookup the url in DB
|
// Try to lookup the url in DB
|
||||||
const reversedLink: Link | null = await linkService.lookupUriWithExpiryValidation(uri, subdomain);
|
const reversedLink: Link | null = await linkService.lookupUriWithExpiryValidation(uri, subdomain);
|
||||||
|
|||||||
Reference in New Issue
Block a user