@bbki.ng/backend 0.3.6 → 0.3.9

package/src/controllers/streaming/remove.controller.ts

@@ -1,5 +1,5 @@
-import { Context } from "hono";
-import { HTTPException } from "hono/http-exception";
+import { Context } from 'hono';
+import { HTTPException } from 'hono/http-exception';
 
 const timingSafeEqual = (a: string, b: string): boolean => {
   if (a.length !== b.length) return false;
@@ -16,58 +16,57 @@ export const removeStreaming = async (c: Context) => {
     const streamApiKey = c.env?.STREAM_API_KEY;
     if (!streamApiKey) {
       console.error('STREAM_API_KEY not configured in environment');
-      throw new HTTPException(500, { message: "Server configuration error" });
+      throw new HTTPException(500, { message: 'Server configuration error' });
     }
 
     // 1. Authentication (Header method)
     const apiKey = c.req.header('x-api-key');
     if (!apiKey || !timingSafeEqual(apiKey, streamApiKey)) {
-      throw new HTTPException(401, { message: "Invalid API key" });
+      throw new HTTPException(401, { message: 'Invalid API key' });
     }
 
     // 2. Get ID from URL params
     const id = c.req.param('id');
     if (!id) {
-      throw new HTTPException(400, { message: "ID is required" });
+      throw new HTTPException(400, { message: 'ID is required' });
     }
 
     // 3. Database check
     if (!c.env?.DB) {
-      throw new HTTPException(503, { message: "Database unavailable" });
+      throw new HTTPException(503, { message: 'Database unavailable' });
     }
 
     // 4. Check if stream exists
-    const existing = await c.env.DB.prepare(
-      "SELECT id FROM streaming WHERE id = ?"
-    )
+    const existing = await c.env.DB.prepare('SELECT id FROM streaming WHERE id = ?')
       .bind(id)
       .first();
 
     if (!existing) {
-      throw new HTTPException(404, { message: "Stream not found" });
+      throw new HTTPException(404, { message: 'Stream not found' });
     }
 
     // 5. Delete the stream
-    await c.env.DB.prepare(
-      "DELETE FROM streaming WHERE id = ?"
-    )
-      .bind(id)
-      .run();
-
-    return c.json({
-      status: "success",
-      message: "Stream deleted successfully"
-    }, 200);
+    await c.env.DB.prepare('DELETE FROM streaming WHERE id = ?').bind(id).run();
 
+    return c.json(
+      {
+        status: 'success',
+        message: 'Stream deleted successfully',
+      },
+      200
+    );
   } catch (error) {
     if (error instanceof HTTPException) {
-      return c.json({ status: "error", message: error.message }, error.status);
+      return c.json({ status: 'error', message: error.message }, error.status);
     }
 
     console.error('Unexpected error:', error);
-    return c.json({
-      status: "error",
-      message: "Internal server error"
-    }, 500);
+    return c.json(
+      {
+        status: 'error',
+        message: 'Internal server error',
+      },
+      500
+    );
   }
 };

package/src/index.ts

@@ -2,9 +2,11 @@ import app from './config/app.config';
 
 import { commentRouter } from './routes/comment.routes';
 import { streamingRouter } from './routes/streaming.routes';
+import { postsRouter } from './routes/posts.routes';
 
 app.route('comment', commentRouter);
 app.route('streaming', streamingRouter);
+app.route('posts', postsRouter);
 
 app.get('/', c => {
   return c.text('Hello Hono!');

package/src/routes/comment.routes.ts

@@ -1,8 +1,8 @@
-import { Hono } from "hono";
-import { addComment } from "../controllers/comment/add.controller";
+import { Hono } from 'hono';
+import { addComment } from '../controllers/comment/add.controller';
 
 const commentRouter = new Hono();
 
-commentRouter.post("/add", addComment);
+commentRouter.post('/add', addComment);
 
 export { commentRouter };

package/src/routes/posts.routes.ts

@@ -0,0 +1,20 @@
+import { Hono } from 'hono';
+import { listPosts } from '../controllers/posts/list.controller';
+import { getPost } from '../controllers/posts/get.controller';
+import { addPost } from '../controllers/posts/add.controller';
+import { updatePost } from '../controllers/posts/update.controller';
+import { removePost } from '../controllers/posts/remove.controller';
+import { requireAuth } from '../utils/auth';
+
+const postsRouter = new Hono();
+
+// Public routes
+postsRouter.get('/', listPosts);
+postsRouter.get('/:title', getPost);
+
+// Protected routes (require API key)
+postsRouter.post('/', requireAuth, addPost);
+postsRouter.put('/:id', requireAuth, updatePost);
+postsRouter.delete('/:id', requireAuth, removePost);
+
+export { postsRouter };

package/src/routes/streaming.routes.ts

@@ -1,12 +1,12 @@
-import { Hono } from "hono";
-import { listStreaming } from "../controllers/streaming/list.controller";
-import { addStreaming } from "../controllers/streaming/add.controller";
-import { removeStreaming } from "../controllers/streaming/remove.controller";
+import { Hono } from 'hono';
+import { listStreaming } from '../controllers/streaming/list.controller';
+import { addStreaming } from '../controllers/streaming/add.controller';
+import { removeStreaming } from '../controllers/streaming/remove.controller';
 
 const streamingRouter = new Hono();
 
-streamingRouter.get("/", listStreaming);
-streamingRouter.post("/", addStreaming);
-streamingRouter.delete("/:id", removeStreaming);
+streamingRouter.get('/', listStreaming);
+streamingRouter.post('/', addStreaming);
+streamingRouter.delete('/:id', removeStreaming);
 
 export { streamingRouter };

package/src/types/index.ts

@@ -9,7 +9,7 @@ export type Passkey = {
   userId: string;
   publicKey: string; // base64url
   counter: number;
-  deviceType: "singleDevice" | "multiDevice";
+  deviceType: 'singleDevice' | 'multiDevice';
   backedUp: boolean;
   transports?: string[]; // 存为 JSON 字符串
 };
@@ -21,3 +21,12 @@ export type Streaming = {
   type?: string;
   createdAt: string;
 };
+
+export type Post = {
+  id: string;
+  title: string;
+  content: string;
+  author: string;
+  createdAt: string;
+  updatedAt: string;
+};

package/src/utils/auth.ts

@@ -0,0 +1,40 @@
+import { Context } from 'hono';
+import { HTTPException } from 'hono/http-exception';
+
+/**
+ * Timing-safe string comparison to prevent timing attacks
+ */
+export const timingSafeEqual = (a: string, b: string): boolean => {
+  if (a.length !== b.length) return false;
+  let result = 0;
+  for (let i = 0; i < a.length; i++) {
+    result |= a.charCodeAt(i) ^ b.charCodeAt(i);
+  }
+  return result === 0;
+};
+
+/**
+ * Validate API Key from request header
+ * Returns true if valid, false otherwise
+ */
+export const validateApiKey = (c: Context): boolean => {
+  const apiKey = c.req.header('x-api-key');
+  const streamApiKey = c.env?.STREAM_API_KEY;
+
+  if (!apiKey || !streamApiKey) {
+    return false;
+  }
+
+  return timingSafeEqual(apiKey, streamApiKey);
+};
+
+/**
+ * Middleware to require API Key authentication
+ * Throws HTTPException 401 if invalid
+ */
+export const requireAuth = async (c: Context, next: () => Promise<void>) => {
+  if (!validateApiKey(c)) {
+    throw new HTTPException(401, { message: 'Invalid API key' });
+  }
+  await next();
+};

package/tsconfig.json

@@ -4,6 +4,6 @@
     "moduleResolution": "bundler",
     "jsx": "react-jsx",
     "jsxImportSource": "hono/jsx",
-    "types": ["@cloudflare/workers-types", "node"],
-  },
+    "types": ["@cloudflare/workers-types", "node"]
+  }
 }