exceed/dc-recorder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add admin authentication to media and voice routes for secure access

Browse Source
This commit is contained in:
MythEclipse
2026-05-17 00:39:29 +07:00
parent 05feb697f0
commit d04093ec6e
3 changed files with 55 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/routes/voiceRoutes.ts
View File

@@ -1,4 +1,4 @@
import type { Router } from "express";
import type { NextFunction, Request, Response, Router } from "express";
import express from "express";
import { AppError } from "../errors";
import { createChildLogger } from "../logger";
@@ -12,6 +12,7 @@ export interface VoiceRouteOptions {
voiceController: VoiceController;
patchSharedUIState: (patch: Partial<SharedUIState>) => SharedUIState;
broadcaster: ModerationBroadcaster;
adminPassword?: string;
}
export function createVoiceRoutes(
@@ -25,6 +26,7 @@ export function createVoiceRoutes(
| ((patch: Partial<SharedUIState>) => SharedUIState)
| undefined;
let broadcaster: ModerationBroadcaster | undefined;
let adminPassword: string | undefined;
if ("connect" in options && "disconnect" in options) {
// Old signature: just VoiceController
@@ -35,10 +37,21 @@ export function createVoiceRoutes(
voiceController = opts.voiceController;
patchSharedUIState = opts.patchSharedUIState;
broadcaster = opts.broadcaster;
adminPassword = opts.adminPassword;
}
const adminAuth = (req: Request, res: Response, next: NextFunction) => {
if (!adminPassword) return next();
const authHeader = req.headers["x-admin-password"];
if (authHeader === adminPassword) {
next();
} else {
res.status(401).json({ error: "Unauthorized access to admin features" });
}
};
// GET /api/status - Get voice connection status
router.get("/status", (_req, res, next) => {
router.get("/status", (_req: Request, res: Response, next: NextFunction) => {
try {
const status = voiceController.getStatus();
res.json(status);
@@ -48,7 +61,7 @@ export function createVoiceRoutes(
});
// GET /api/guilds - List available guilds
router.get("/guilds", (_req, res, next) => {
router.get("/guilds", (_req: Request, res: Response, next: NextFunction) => {
try {
const guilds = voiceController.listGuilds();
res.json(guilds);
@@ -58,7 +71,7 @@ export function createVoiceRoutes(
});
// GET /api/guilds/:guildId/voice-channels - List voice channels in a guild
router.get("/guilds/:guildId/voice-channels", async (req, res, next) => {
router.get("/guilds/:guildId/voice-channels", async (req: Request, res: Response, next: NextFunction) => {
try {
const { guildId } = req.params;
@@ -66,7 +79,7 @@ export function createVoiceRoutes(
throw new AppError("Guild ID is required", "MISSING_GUILD_ID", 400);
}
const channels = await voiceController.listVoiceChannels(guildId);
const channels = await voiceController.listVoiceChannels(guildId as string);
res.json(channels);
} catch (error) {
next(error);
@@ -74,7 +87,7 @@ export function createVoiceRoutes(
});
// GET /api/guilds/:guildId/channels - List text channels in a guild
router.get("/guilds/:guildId/channels", async (req, res, next) => {
router.get("/guilds/:guildId/channels", async (req: Request, res: Response, next: NextFunction) => {
try {
const { guildId } = req.params;
@@ -82,7 +95,7 @@ export function createVoiceRoutes(
throw new AppError("Guild ID is required", "MISSING_GUILD_ID", 400);
}
const channels = await voiceController.listWatchableChannels(guildId);
const channels = await voiceController.listWatchableChannels(guildId as string);
res.json(channels);
} catch (error) {
next(error);
@@ -90,7 +103,7 @@ export function createVoiceRoutes(
});
// POST /api/connect - Connect to a voice channel
router.post("/connect", async (req, res, next) => {
router.post("/connect", adminAuth, async (req: Request, res: Response, next: NextFunction) => {
try {
const { guildId, channelId } = req.body as {
guildId?: string;
@@ -125,7 +138,7 @@ export function createVoiceRoutes(
});
// POST /api/disconnect - Disconnect from voice channel
router.post("/disconnect", async (_req, res, next) => {
router.post("/disconnect", adminAuth, async (_req: Request, res: Response, next: NextFunction) => {
try {
logger.info("Disconnecting from voice channel");