# frozen_string_literal: true module YiffRest class ApplicationController < ::ApplicationController include YiffyAPIUtil include ::ApplicationController::CommonAssetRoutes before_action :check_ip_block before_action :validate_api_key def site_domain YiffRestRoutes::DOMAIN end def plausible_domain "yiff.rest" end def site_title "YiffyAPI" end def assets_path YiffMediaRoutes::DOMAIN end def site_color "#222222" end def validate_api_key_required return render_error(YiffyAPIErrorCodes::API_KEY_REQUIRED, error: "An API key is required to access this service.") if request.headers["Authorization"].blank? validate_api_key end def validate_api_key return nil if request.headers["Authorization"].blank? @apikey = APIKey.from_request(request, with_anon: false) return render_error(YiffyAPIErrorCodes::INVALID_API_KEY, error: "Invalid api key.") unless @apikey return render_error(YiffyAPIErrorCodes::INACTIVE_API_KEY, error: "Api key is inactive.") unless @apikey.active? if @apikey.disabled? extra = { reason: @apikey.disabled_reason, support: "https://yiff.rest/support", code: YiffyAPIErrorCodes::DISABLED_API_KEY.code, } render_error(YiffyAPIErrorCodes::DISABLED_API_KEY, error: "Your api key has been disabled by an administrator. See \"extra.reason\" for the reasoning.", extra: extra) end CurrentUser.user = @apikey.owner end def validate_images_access @apikey = APIKey.from_request(request) render_error(YiffyAPIErrorCodes::SERVICE_NO_ACCESS, error: "You do not have access to this service.") unless @apikey.images_access? end def validate_thumbs_access @apikey = APIKey.from_request(request) render_error(YiffyAPIErrorCodes::SERVICE_NO_ACCESS, error: "You do not have access to this service.") unless @apikey.thumbs_access? end def validate_shortener_access @apikey = APIKey.from_request(request) render_error(YiffyAPIErrorCodes::SERVICE_NO_ACCESS, error: "You do not have access to this service.") unless @apikey.shortener_access? end def validate_images_bulk_access @apikey = APIKey.from_request(request) render_error(YiffyAPIErrorCodes::SERVICE_NO_ACCESS, error: "You do not have access to this service.") unless @apikey.images_bulk_access? end def handle_ratelimit info, body, rlheaders = RateLimiter.process(request) headers.merge!(rlheaders) return if info.nil? # noinspection RubyCaseWithoutElseBlockInspection case info when :INVALID_KEY render_error(YiffyAPIErrorCodes::INVALID_API_KEY, error: "Invalid api key.") when :RATELIMIT_SHORT render_error(YiffyAPIErrorCodes::RATELIMIT_ROUTE, error: "Request Limit Exceeded", info: body) when :RATELIMIT_LONG render_error(YiffyAPIErrorCodes::RATELIMIT_GLOBAL, error: "Request Limit Exceeded", info: body) end end def check_ip_block Websites.config.blocked_ip_addresses.each do |block| next unless block[:ip] == request.remote_ip render_error(YiffyAPIErrorCodes::IP_BLOCKED, error: "You have been blocked from accessing this service.", extra: { reason: block[:reason], help: "https://yiff.rest/support", }) break end end def user_access_check(method) access_denied(message: "You do not have access to that.") unless CurrentUser.send(method) end APIUser::Levels.constants.each do |constant| define_method("#{constant.downcase}_only") do user_access_check("is_#{constant.downcase}?") end end end end