Skip to content

Commit 65aa37b

Browse files
izadoesdevizadoesdev
committed
better basket
1 parent 1b4692f commit 65aa37b

File tree

1 file changed

+144
-104
lines changed

1 file changed

+144
-104
lines changed

apps/basket/src/routes/basket.ts

Lines changed: 144 additions & 104 deletions
Original file line numberDiff line numberDiff line change
@@ -42,25 +42,27 @@ function saltAnonymousId(anonymousId: string, salt: string): string {
4242
.digest('hex');
4343
}
4444

45-
async function validateRequest(body: any, request: Request) {
45+
async function validateRequest(body: any, query: any, request: Request) {
4646
if (!validatePayloadSize(body, VALIDATION_LIMITS.PAYLOAD_MAX_SIZE)) {
4747
await logBlockedTraffic(
4848
request,
4949
body,
50+
query,
5051
'payload_too_large',
5152
'Validation Error'
5253
);
5354
return { error: { status: 'error', message: 'Payload too large' } };
5455
}
5556

5657
const clientId = sanitizeString(
57-
request.headers.get('client-id'),
58+
query.client_id,
5859
VALIDATION_LIMITS.SHORT_STRING_MAX_LENGTH
5960
);
6061
if (!clientId) {
6162
await logBlockedTraffic(
6263
request,
6364
body,
65+
query,
6466
'missing_client_id',
6567
'Validation Error'
6668
);
@@ -72,6 +74,7 @@ async function validateRequest(body: any, request: Request) {
7274
await logBlockedTraffic(
7375
request,
7476
body,
77+
query,
7578
'invalid_client_id',
7679
'Validation Error',
7780
undefined,
@@ -93,6 +96,7 @@ async function validateRequest(body: any, request: Request) {
9396
await logBlockedTraffic(
9497
request,
9598
body,
99+
query,
96100
'exceeded_event_limit',
97101
'Validation Error',
98102
undefined,
@@ -107,6 +111,7 @@ async function validateRequest(body: any, request: Request) {
107111
await logBlockedTraffic(
108112
request,
109113
body,
114+
query,
110115
'origin_not_authorized',
111116
'Security Check',
112117
undefined,
@@ -125,6 +130,7 @@ async function validateRequest(body: any, request: Request) {
125130
await logBlockedTraffic(
126131
request,
127132
body,
133+
query,
128134
botCheck.reason || 'unknown_bot',
129135
botCheck.category || 'Bot Detection',
130136
botCheck.botName,
@@ -439,6 +445,7 @@ async function checkDuplicate(
439445
async function logBlockedTraffic(
440446
request: Request,
441447
body: any,
448+
query: any,
442449
blockReason: string,
443450
blockCategory: string,
444451
botName?: string,
@@ -516,9 +523,7 @@ async function logBlockedTraffic(
516523
values: [blockedEvent],
517524
format: 'JSONEachRow',
518525
})
519-
.then(() => {
520-
logger.info('Logged blocked traffic', { blockedEvent });
521-
})
526+
.then(() => {})
522527
.catch((err) => {
523528
logger.error('Failed to log blocked traffic', { error: err as Error });
524529
});
@@ -528,101 +533,129 @@ async function logBlockedTraffic(
528533
}
529534

530535
const app = new Elysia()
531-
.post('/', async ({ body, request }: { body: any; request: Request }) => {
532-
const validation = await validateRequest(body, request);
533-
if (!validation.success) {
534-
return validation.error;
535-
}
536+
.post(
537+
'/',
538+
async ({
539+
body,
540+
query,
541+
request,
542+
}: {
543+
body: any;
544+
query: any;
545+
request: Request;
546+
}) => {
547+
const validation = await validateRequest(body, query, request);
548+
if (!validation.success) {
549+
return validation.error;
550+
}
536551

537-
const { clientId, userAgent, ip } = validation;
552+
const { clientId, userAgent, ip } = validation;
538553

539-
const salt = await getDailySalt();
540-
if (body.anonymous_id) {
541-
body.anonymous_id = saltAnonymousId(body.anonymous_id, salt);
542-
}
554+
const salt = await getDailySalt();
555+
if (body.anonymous_id) {
556+
body.anonymous_id = saltAnonymousId(body.anonymous_id, salt);
557+
}
543558

544-
const eventType = body.type || 'track';
545-
546-
if (eventType === 'track') {
547-
const parseResult = analyticsEventSchema.safeParse(body);
548-
if (!parseResult.success) {
549-
logger.error('Blocked event schema errors:', {
550-
issues: parseResult.error.issues,
551-
payload: body,
552-
});
553-
await logBlockedTraffic(
554-
request,
555-
body,
556-
'invalid_schema',
557-
'Schema Validation',
558-
undefined,
559-
clientId
560-
);
561-
return {
562-
status: 'error',
563-
message: 'Invalid event schema',
564-
errors: parseResult.error.issues,
565-
};
559+
const eventType = body.type || 'track';
560+
561+
if (eventType === 'track') {
562+
const parseResult = analyticsEventSchema.safeParse(body);
563+
if (!parseResult.success) {
564+
console.error(
565+
'Blocked event schema errors:',
566+
parseResult.error.issues,
567+
'Payload:',
568+
body
569+
);
570+
await logBlockedTraffic(
571+
request,
572+
body,
573+
query,
574+
'invalid_schema',
575+
'Schema Validation',
576+
undefined,
577+
clientId
578+
);
579+
return {
580+
status: 'error',
581+
message: 'Invalid event schema',
582+
errors: parseResult.error.issues,
583+
};
584+
}
585+
insertTrackEvent(body, clientId, userAgent, ip);
586+
return { status: 'success', type: 'track' };
566587
}
567-
insertTrackEvent(body, clientId, userAgent, ip);
568-
return { status: 'success', type: 'track' };
569-
}
570588

571-
if (eventType === 'error') {
572-
const parseResult = errorEventSchema.safeParse(body);
573-
if (!parseResult.success) {
574-
logger.error('Blocked event schema errors:', {
575-
issues: parseResult.error.issues,
576-
payload: body,
577-
});
578-
await logBlockedTraffic(
579-
request,
580-
body,
581-
'invalid_schema',
582-
'Schema Validation',
583-
undefined,
584-
clientId
585-
);
586-
return {
587-
status: 'error',
588-
message: 'Invalid event schema',
589-
errors: parseResult.error.issues,
590-
};
589+
if (eventType === 'error') {
590+
const parseResult = errorEventSchema.safeParse(body);
591+
if (!parseResult.success) {
592+
console.error(
593+
'Blocked event schema errors:',
594+
parseResult.error.issues,
595+
'Payload:',
596+
body
597+
);
598+
await logBlockedTraffic(
599+
request,
600+
body,
601+
query,
602+
'invalid_schema',
603+
'Schema Validation',
604+
undefined,
605+
clientId
606+
);
607+
return {
608+
status: 'error',
609+
message: 'Invalid event schema',
610+
errors: parseResult.error.issues,
611+
};
612+
}
613+
insertError(body, clientId, userAgent, ip);
614+
return { status: 'success', type: 'error' };
591615
}
592-
insertError(body, clientId, userAgent, ip);
593-
return { status: 'success', type: 'error' };
594-
}
595616

596-
if (eventType === 'web_vitals') {
597-
const parseResult = webVitalsEventSchema.safeParse(body);
598-
if (!parseResult.success) {
599-
logger.error('Blocked event schema errors:', {
600-
issues: parseResult.error.issues,
601-
payload: body,
602-
});
603-
await logBlockedTraffic(
604-
request,
605-
body,
606-
'invalid_schema',
607-
'Schema Validation',
608-
undefined,
609-
clientId
610-
);
611-
return {
612-
status: 'error',
613-
message: 'Invalid event schema',
614-
errors: parseResult.error.issues,
615-
};
617+
if (eventType === 'web_vitals') {
618+
const parseResult = webVitalsEventSchema.safeParse(body);
619+
if (!parseResult.success) {
620+
console.error(
621+
'Blocked event schema errors:',
622+
parseResult.error.issues,
623+
'Payload:',
624+
body
625+
);
626+
await logBlockedTraffic(
627+
request,
628+
body,
629+
query,
630+
'invalid_schema',
631+
'Schema Validation',
632+
undefined,
633+
clientId
634+
);
635+
return {
636+
status: 'error',
637+
message: 'Invalid event schema',
638+
errors: parseResult.error.issues,
639+
};
640+
}
641+
insertWebVitals(body, clientId, userAgent, ip);
642+
return { status: 'success', type: 'web_vitals' };
616643
}
617-
insertWebVitals(body, clientId, userAgent, ip);
618-
return { status: 'success', type: 'web_vitals' };
619-
}
620644

621-
return { status: 'error', message: 'Unknown event type' };
622-
})
645+
return { status: 'error', message: 'Unknown event type' };
646+
}
647+
)
623648
.post(
624649
'/batch',
625-
async ({ body, request }: { body: any; request: Request }) => {
650+
async ({
651+
body,
652+
query,
653+
request,
654+
}: {
655+
body: any;
656+
query: any;
657+
request: Request;
658+
}) => {
626659
if (!Array.isArray(body)) {
627660
return {
628661
status: 'error',
@@ -634,7 +667,7 @@ const app = new Elysia()
634667
return { status: 'error', message: 'Batch too large' };
635668
}
636669

637-
const validation = await validateRequest(body, request);
670+
const validation = await validateRequest(body, query, request);
638671
if (!validation.success) {
639672
return { ...validation.error, batch: true };
640673
}
@@ -655,13 +688,16 @@ const app = new Elysia()
655688
if (eventType === 'track') {
656689
const parseResult = analyticsEventSchema.safeParse(event);
657690
if (!parseResult.success) {
658-
logger.error('Blocked event schema errors:', {
659-
issues: parseResult.error.issues,
660-
payload: event,
661-
});
691+
console.error(
692+
'Blocked event schema errors:',
693+
parseResult.error.issues,
694+
'Payload:',
695+
event
696+
);
662697
await logBlockedTraffic(
663698
request,
664699
event,
700+
query,
665701
'invalid_schema',
666702
'Schema Validation',
667703
undefined,
@@ -694,14 +730,16 @@ const app = new Elysia()
694730
if (eventType === 'error') {
695731
const parseResult = errorEventSchema.safeParse(event);
696732
if (!parseResult.success) {
697-
logger.error('Blocked event schema errors:', {
698-
issues: parseResult.error.issues,
699-
payload: event,
700-
event,
701-
});
733+
console.error(
734+
'Blocked event schema errors:',
735+
parseResult.error.issues,
736+
'Payload:',
737+
event
738+
);
702739
await logBlockedTraffic(
703740
request,
704741
event,
742+
query,
705743
'invalid_schema',
706744
'Schema Validation',
707745
undefined,
@@ -734,14 +772,16 @@ const app = new Elysia()
734772
if (eventType === 'web_vitals') {
735773
const parseResult = webVitalsEventSchema.safeParse(event);
736774
if (!parseResult.success) {
737-
logger.error('Blocked event schema errors:', {
738-
issues: parseResult.error.issues,
739-
payload: event,
740-
event,
741-
});
775+
console.error(
776+
'Blocked event schema errors:',
777+
parseResult.error.issues,
778+
'Payload:',
779+
event
780+
);
742781
await logBlockedTraffic(
743782
request,
744783
event,
784+
query,
745785
'invalid_schema',
746786
'Schema Validation',
747787
undefined,

0 commit comments

Comments
 (0)