webhook

TheoBong · TheoBong · commit 0a118d7c97d0 · 2025-07-30T21:34:53.000-07:00
diff --git a/server/index.ts b/server/index.ts
@@ -20,6 +20,8 @@ import securityRoutes from './routes/security';
 import { updateActivity } from './middleware/authMiddleware';
 import EmailService from './services/EmailService';
 import PM2LogService from './services/PM2LogService';
+import { discordWebhookService } from './services/DiscordWebhookService';
+import { serverProvisioningMonitor } from './services/ServerProvisioningMonitor';
 
 // Load environment variables
 dotenv.config();
@@ -136,6 +138,12 @@ app.use('/api/system', systemRoutes);
 app.use('/api/audit', securityRoutes);
 app.use('/api/security', securityRoutes);
 
+// Test routes (only in development)
+if (NODE_ENV === 'development') {
+  const testNotificationRoutes = require('./routes/test-notifications').default;
+  app.use('/api/test-notifications', testNotificationRoutes);
+}
+
 // Health check endpoint
 app.get('/api/health', (req, res) => {
   res.json({
@@ -161,6 +169,13 @@ if (require('fs').existsSync(clientDistPath)) {
 app.use((err: any, req: express.Request, res: express.Response, next: express.NextFunction) => {
   console.error('Global error handler:', err);
   
+  // Send Discord notification for errors
+  if (discordWebhookService.isConfigured()) {
+    discordWebhookService.sendPanelError(err, req).catch(error => {
+      console.error('Failed to send Discord notification:', error);
+    });
+  }
+  
   res.status(err.status || 500).json({
     success: false,
     error: NODE_ENV === 'production' ? 'Internal server error' : err.message,
@@ -213,6 +228,10 @@ async function startServer() {
       
       // Initialize PM2 log streaming based on configuration
       initializePM2Logging();
+      
+      // Start server provisioning monitor
+      serverProvisioningMonitor.start();
+      console.log(`🔍 Server provisioning monitor started`);
     });
   } catch (error) {
     console.error('Failed to start server:', error);
@@ -224,6 +243,7 @@ async function startServer() {
 process.on('SIGTERM', async () => {
   console.log('🛑 SIGTERM received, shutting down gracefully');
   PM2LogService.stopStreaming();
+  serverProvisioningMonitor.stop();
   io.close();
   await mongoose.connection.close();
   process.exit(0);
@@ -232,6 +252,7 @@ process.on('SIGTERM', async () => {
 process.on('SIGINT', async () => {
   console.log('🛑 SIGINT received, shutting down gracefully');
   PM2LogService.stopStreaming();
+  serverProvisioningMonitor.stop();
   io.close();
   await mongoose.connection.close();
   process.exit(0);
diff --git a/server/middleware/rateLimitMiddleware.ts b/server/middleware/rateLimitMiddleware.ts
@@ -0,0 +1,91 @@
+import rateLimit, { RateLimitRequestHandler, Options } from 'express-rate-limit';
+import { Request, Response } from 'express';
+import { discordWebhookService } from '../services/DiscordWebhookService';
+
+interface CustomRateLimitOptions extends Partial<Options> {
+  notificationThreshold?: number; // Send notification after N hits
+}
+
+export function createRateLimiter(
+  windowMs: number,
+  max: number,
+  message: any,
+  endpointName: string,
+  options?: CustomRateLimitOptions
+): RateLimitRequestHandler {
+  const notificationThreshold = options?.notificationThreshold || max;
+  const hitCounts = new Map<string, number>();
+
+  return rateLimit({
+    windowMs,
+    max,
+    message,
+    standardHeaders: true,
+    legacyHeaders: false,
+    skipSuccessfulRequests: false,
+    keyGenerator: (req: Request) => {
+      // Use IP address as the key
+      return req.ip || 'unknown';
+    },
+    handler: async (req: Request, res: Response) => {
+      const key = req.ip || 'unknown';
+      const userId = (req.session as any)?.adminId || 'Anonymous';
+      
+      // Track hit counts
+      const currentHits = (hitCounts.get(key) || 0) + 1;
+      hitCounts.set(key, currentHits);
+      
+      // Send Discord notification when threshold is reached
+      if (currentHits === notificationThreshold && discordWebhookService.isConfigured()) {
+        discordWebhookService.sendRateLimitNotification(
+          userId,
+          `${req.method} ${req.originalUrl}`,
+          key,
+          max,
+          windowMs
+        ).catch(err => console.error('Failed to send rate limit notification:', err));
+      }
+      
+      // Reset hit count after window expires
+      setTimeout(() => {
+        hitCounts.delete(key);
+      }, windowMs);
+      
+      // Send the rate limit response
+      res.status(429).json(message);
+    },
+    ...options
+  });
+}
+
+// Export pre-configured rate limiters
+export const loginRateLimit = createRateLimiter(
+  15 * 60 * 1000, // 15 minutes
+  5, // 5 attempts
+  {
+    success: false,
+    error: 'Too many login attempts, please try again later'
+  },
+  'Login Endpoint'
+);
+
+export const codeRequestRateLimit = createRateLimiter(
+  5 * 60 * 1000, // 5 minutes
+  3, // 3 requests
+  {
+    success: false,
+    error: 'Too many code requests, please try again later'
+  },
+  'Code Request Endpoint'
+);
+
+export const configUpdateRateLimit = createRateLimiter(
+  15 * 60 * 1000, // 15 minutes
+  20, // 20 updates
+  {
+    success: false,
+    error: 'Too many configuration updates, please try again later'
+  },
+  'Configuration Update Endpoint',
+  { notificationThreshold: 15 } // Notify at 15 hits instead of 20
+);
diff --git a/server/routes/auth.ts b/server/routes/auth.ts
@@ -1,8 +1,8 @@
 import { Router, Request, Response } from 'express';
-import rateLimit from 'express-rate-limit';
 import mongoose, { Schema, model, Document, Model } from 'mongoose';
 import EmailService from '../services/EmailService';
 import { requireAuth } from '../middleware/authMiddleware';
+import { loginRateLimit, codeRequestRateLimit } from '../middleware/rateLimitMiddleware';
 
 // Define IAdminUser directly in this file
 interface IAdminUser extends Document {
@@ -29,30 +29,6 @@ const getAdminUserModel = (): Model<IAdminUser> => {
 
 const router = Router();
 
-// Rate limiting for login attempts
-const loginRateLimit = rateLimit({
-  windowMs: 15 * 60 * 1000, // 15 minutes
-  max: 5, // 5 attempts per window
-  message: {
-    success: false,
-    error: 'Too many login attempts, please try again later'
-  },
-  standardHeaders: true,
-  legacyHeaders: false
-});
-
-// Rate limiting for code requests
-const codeRequestRateLimit = rateLimit({
-  windowMs: 5 * 60 * 1000, // 5 minutes
-  max: 3, // 3 code requests per window
-  message: {
-    success: false,
-    error: 'Too many code requests, please try again later'
-  },
-  standardHeaders: true,
-  legacyHeaders: false
-});
-
 /**
  * POST /api/auth/request-code
  * Request verification code for admin email
diff --git a/server/routes/servers.ts b/server/routes/servers.ts
@@ -2,6 +2,7 @@ import { Router, Request, Response } from 'express';
 import mongoose, { Schema, model, Document, Model } from 'mongoose';
 import { IModlServer as IModlServerShared, ApiResponse, ModlServerSchema } from '@modl-gg/shared-web';
 import { requireAuth } from '../middleware/authMiddleware';
+import { discordWebhookService } from '../services/DiscordWebhookService';
 
 type IModlServer = IModlServerShared & Document;
 
@@ -353,6 +354,26 @@ router.post('/bulk', async (req: Request, res: Response) => {
           }
         );
         affectedCount = result.modifiedCount;
+        
+        // Send Discord notifications for suspended servers
+        if (discordWebhookService.isConfigured() && affectedCount > 0) {
+          const suspendedServers = await ModlServerModel.find({
+            _id: { $in: serverIds }
+          }).select('_id name email plan');
+          
+          for (const server of suspendedServers) {
+            discordWebhookService.sendServerProvisioningFailure(
+              server._id.toString(),
+              server.name || 'Unnamed Server',
+              'Server suspended by admin bulk action',
+              {
+                'Email': server.email || 'N/A',
+                'Plan': server.plan || 'N/A',
+                'Action': 'Bulk Suspend'
+              }
+            ).catch(err => console.error('Discord notification error:', err));
+          }
+        }
         break;
         
       case 'activate':
diff --git a/server/routes/system.ts b/server/routes/system.ts
@@ -1,11 +1,11 @@
 import { Router, Request, Response } from 'express';
-import rateLimit from 'express-rate-limit';
 import { z } from 'zod';
 import mongoose, { Schema, model, Document, Model } from 'mongoose';
 import { ISystemConfig as ISystemConfigShared, SystemConfigSchema } from '@modl-gg/shared-web';
 import { requireAuth } from '../middleware/authMiddleware';
 import { logAuditEvent } from './security';
 import PM2LogService from '../services/PM2LogService';
+import { configUpdateRateLimit } from '../middleware/rateLimitMiddleware';
 
 type ISystemConfig = ISystemConfigShared & Document;
 
@@ -114,12 +114,6 @@ export async function getMainConfig(): Promise<ISystemConfig> {
   return config!;
 }
 
-// Rate limiting configuration
-const configRateLimit = rateLimit({
-  windowMs: 15 * 60 * 1000, // 15 minutes
-  max: 20, // Increased limit for config changes
-  message: { error: 'Too many configuration changes' }
-});
 
 // Configuration validation schema
 const configSchema = z.object({
@@ -190,7 +184,7 @@ router.get('/config', async (req, res) => {
 });
 
 // Update system configuration
-router.put('/config', configRateLimit, async (req, res) => {
+router.put('/config', configUpdateRateLimit, async (req, res) => {
   try {
     const validatedConfig = configSchema.parse(req.body);
     
@@ -331,7 +325,7 @@ router.get('/rate-limits', async (req, res) => {
 });
 
 // Update rate limits
-router.put('/rate-limits', configRateLimit, async (req, res) => {
+router.put('/rate-limits', configUpdateRateLimit, async (req, res) => {
   try {
     const { rateLimitRequests, rateLimitWindow } = req.body;
     
diff --git a/server/routes/test-notifications.ts b/server/routes/test-notifications.ts
@@ -0,0 +1,104 @@
+import { Router, Request, Response } from 'express';
+import { requireAuth } from '../middleware/authMiddleware';
+import { discordWebhookService, NotificationType } from '../services/DiscordWebhookService';
+
+const router = Router();
+
+// Apply authentication to all test routes
+router.use(requireAuth);
+
+/**
+ * POST /api/test-notifications/discord
+ * Test Discord webhook notifications
+ */
+router.post('/discord', async (req: Request, res: Response) => {
+  try {
+    const { type = 'all' } = req.body;
+    
+    if (!discordWebhookService.isConfigured()) {
+      return res.status(400).json({
+        success: false,
+        error: 'Discord webhook is not configured. Please set DISCORD_WEBHOOK_URL environment variable.'
+      });
+    }
+
+    const notifications = [];
+
+    // Test panel error notification
+    if (type === 'all' || type === 'error') {
+      await discordWebhookService.sendPanelError(
+        new Error('Test error: This is a test notification'),
+        req
+      );
+      notifications.push('Panel error notification');
+    }
+
+    // Test server provisioning failure notification
+    if (type === 'all' || type === 'provisioning') {
+      await discordWebhookService.sendServerProvisioningFailure(
+        'test-server-123',
+        'Test Server',
+        'Test provisioning failure: This is a test notification',
+        {
+          'Email': 'test@example.com',
+          'Plan': 'premium',
+          'Test': 'true'
+        }
+      );
+      notifications.push('Server provisioning failure notification');
+    }
+
+    // Test rate limit notification
+    if (type === 'all' || type === 'ratelimit') {
+      await discordWebhookService.sendRateLimitNotification(
+        'test-user-123',
+        '/api/test-endpoint',
+        req.ip || '127.0.0.1',
+        10,
+        15 * 60 * 1000
+      );
+      notifications.push('Rate limit notification');
+    }
+
+    return res.json({
+      success: true,
+      message: 'Test notifications sent successfully',
+      data: {
+        notificationsSent: notifications,
+        webhookConfigured: true,
+        adminRoleConfigured: !!process.env.DISCORD_ADMIN_ROLE_ID
+      }
+    });
+  } catch (error) {
+    console.error('Test notification error:', error);
+    return res.status(500).json({
+      success: false,
+      error: 'Failed to send test notifications',
+      details: error instanceof Error ? error.message : 'Unknown error'
+    });
+  }
+});
+
+/**
+ * GET /api/test-notifications/status
+ * Check Discord webhook configuration status
+ */
+router.get('/status', async (req: Request, res: Response) => {
+  const status = {
+    webhookConfigured: discordWebhookService.isConfigured(),
+    webhookUrl: process.env.DISCORD_WEBHOOK_URL ? 'Set (hidden)' : 'Not set',
+    adminRoleId: process.env.DISCORD_ADMIN_ROLE_ID ? 'Set (hidden)' : 'Not set',
+    environment: {
+      NODE_ENV: process.env.NODE_ENV,
+      hasWebhookUrl: !!process.env.DISCORD_WEBHOOK_URL,
+      hasAdminRoleId: !!process.env.DISCORD_ADMIN_ROLE_ID
+    }
+  };
+
+  return res.json({
+    success: true,
+    data: status
+  });
+});
+
+export default router;
diff --git a/server/services/DiscordWebhookService.ts b/server/services/DiscordWebhookService.ts
diff --git a/server/services/ServerProvisioningMonitor.ts b/server/services/ServerProvisioningMonitor.ts
