diff --git a/src/utils.ts b/src/utils.ts index fe75272..893b932 100644 --- a/src/utils.ts +++ b/src/utils.ts @@ -171,7 +171,8 @@ export function get_auth(headers: Headers, required_scheme: string): string | [s return [decoded.slice(0, index), decoded.slice(index + 1)]; } else if (scheme == 'Bearer') { - return encoded; + if (encoded.length > 0) return encoded; + else null; } } return null; diff --git a/src/v2/api.ts b/src/v2/api.ts index 046611a..457a98e 100644 --- a/src/v2/api.ts +++ b/src/v2/api.ts @@ -80,7 +80,7 @@ router.post('/info/:uuid', async (req, env, ctx) => { ); } // Check password and username should be empty - if (cert.length != 0 || descriptor.password !== sha256(cert).slice(0, 16)) { + if (descriptor.password !== sha256(cert as string).slice(0, 16)) { return PasteAPIRepsonse.build(403, 'Invalid access credentials.'); } } @@ -91,13 +91,23 @@ router.post('/info/:uuid', async (req, env, ctx) => { // Change paste info logic // Explict assign the fields - const updated_descriptor = { - ...descriptor, + const update: PasteInfoUpdateParams = { password: params.password ? sha256(params.password).slice(0, 16) : undefined, max_access_n: params.max_access_n, title: params.title, mime_type: params.mime_type, - expired_at: params.expired_at ? params.expired_at : descriptor.expired_at, + expired_at: params.expired_at, + }; + + // Remove redundant fields + Object.keys(update).forEach( + (key) => + update[key as keyof PasteInfoUpdateParams] === undefined && delete update[key as keyof PasteInfoUpdateParams] + ); + + const updated_descriptor: PasteIndexEntry = { + ...descriptor, + ...update, }; ctx.waitUntil(env.PASTE_INDEX.put(uuid, JSON.stringify(updated_descriptor), { expirationTtl: 2419200 })); @@ -291,4 +301,9 @@ router.post('/upload', async (req, env, ctx) => { return PasteAPIRepsonse.build(200, 'This endpoint is not ready.'); }); +// Fallback route +router.all('*', async () => { + return PasteAPIRepsonse.build(403, 'Invalid endpoint.'); +}); + export default router;