sami7777/dashcaddy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: Phase 1 code cleanup - constants, logging, and repository organization

Browse Source
This commit is contained in:
Sami
2026-03-28 18:54:39 -07:00
parent f1b0ac43d0
commit 6c3848102b
24 changed files with 17078 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
dashcaddy-api/.gitignore vendored Normal file
View File

@@ -0,0 +1,7 @@
# Backups
.backup/
# Test artifacts
__tests__/jest.setup.js
audit-routes.js

28
dashcaddy-api/constants.js
View File

@@ -143,6 +143,28 @@ const LIMITS = {
BODY_UPLOAD: '10mb',
};
// HTTP Status Codes
const HTTP_STATUS = {
OK: 200,
CREATED: 201,
NO_CONTENT: 204,
BAD_REQUEST: 400,
UNAUTHORIZED: 401,
FORBIDDEN: 403,
NOT_FOUND: 404,
CONFLICT: 409,
INTERNAL_ERROR: 500,
SERVICE_UNAVAILABLE: 503,
};
// Network Constants
const NETWORK = {
LOCALHOST: '127.0.0.1',
PRIVATE_RANGES: ['192.168.', '10.', /^172\.(1[6-9]|2[0-9]|3[0-1])\./],
BUFFER_SIZE: 1024,
};
module.exports = {
APP,
TAILSCALE,
@@ -159,4 +181,10 @@ module.exports = {
DNS_RECORD_TYPES,
DOCKER,
buildMediaAuth,
HTTP_STATUS,
NETWORK,
HTTP_STATUS,
NETWORK,
};

8
dashcaddy-api/csrf-protection.js
View File

@@ -120,13 +120,15 @@ function csrfValidationMiddleware(req, res, next) {
const excludedPaths = [
'/api/totp/verify',
'/api/totp/verify-setup',
'/api/totp/setup',
'/health',
'/api/health'
];
// Check if path starts with excluded prefix
const isExcluded = excludedPaths.some(path => req.path === path) ||
req.path.startsWith('/api/auth/gate/');
// Normalize /api/v1/... to /api/... so exclusions work with both prefixes
const normalizedPath = req.path.replace(/^\/api\/v1\//, '/api/');
const isExcluded = excludedPaths.some(path => normalizedPath === path) ||
normalizedPath.startsWith('/api/auth/gate/');
if (isExcluded) {
return next();

6
dashcaddy-api/middleware.js
View File

@@ -277,8 +277,10 @@ module.exports = function configureMiddleware(app, {
{ path: '/api/health', exact: true },
{ path: '/probe/', prefix: true },
{ path: '/api/tailscale/', prefix: true },
{ path: '/api/totp/config', exact: true, method: 'GET' },
{ path: '/api/totp/verify', exact: true },
{ path: '/api/totp/config', exact: true, method: 'GET' },
{ path: '/api/totp/verify', exact: true },
{ path: '/api/totp/setup', exact: true, method: 'POST' },
{ path: '/api/totp/verify-setup', exact: true, method: 'POST' },
{ path: '/api/totp/check-session', exact: true },
{ path: '/api/auth/gate/', prefix: true },
{ path: '/api/auth/app-token/', prefix: true },

95
dashcaddy-api/routes/arr/config.js
View File

@@ -479,5 +479,100 @@ module.exports = function(ctx, helpers) {
});
}, 'arr-auto-setup'));
// Fetch quality profiles from an arr service (Radarr/Sonarr)
router.get('/arr/quality-profiles', ctx.asyncHandler(async (req, res) => {
const { service, url, apiKey } = req.query;
if (!service || !['radarr', 'sonarr'].includes(service)) {
return ctx.errorResponse(res, 400, 'Service must be radarr or sonarr');
}
// Resolve API key: from query param, or from stored credentials
let resolvedKey = apiKey;
let resolvedUrl = url;
if (!resolvedKey) {
resolvedKey = await ctx.credentialManager.retrieve(`arr.${service}.apikey`);
}
if (!resolvedKey) {
resolvedKey = await ctx.credentialManager.retrieve(`service.${service}.apikey`);
}
if (!resolvedUrl) {
const metadata = await ctx.credentialManager.getMetadata(`arr.${service}.apikey`);
resolvedUrl = metadata?.url;
}
if (!resolvedUrl) {
try {
const services = await ctx.servicesStateManager.read();
const svcList = Array.isArray(services) ? services : services.services || [];
const found = svcList.find(s => s.id === service);
if (found?.externalUrl) resolvedUrl = found.externalUrl;
else if (found?.url) resolvedUrl = found.url;
} catch (e) { /* ignore */ }
}
if (!resolvedKey || !resolvedUrl) {
return ctx.errorResponse(res, 400, 'Could not resolve API key or URL for this service');
}
const baseUrl = resolvedUrl.replace(/\/+$/, '');
try {
const profilesRes = await ctx.fetchT(`${baseUrl}/api/v3/qualityprofile`, {
headers: { 'X-Api-Key': resolvedKey, 'Accept': 'application/json' },
signal: AbortSignal.timeout(10000)
});
if (!profilesRes.ok) {
return ctx.errorResponse(res, profilesRes.status === 401 ? 401 : 502,
profilesRes.status === 401 ? 'Invalid API key' : `Failed to fetch profiles (HTTP ${profilesRes.status})`);
}
const profiles = await profilesRes.json();
const mapped = profiles.map(p => ({ id: p.id, name: p.name }));
// Load stored profile preference
const metadata = await ctx.credentialManager.getMetadata(`arr.${service}.apikey`);
const storedProfileId = metadata?.qualityProfileId || null;
res.json({ success: true, profiles: mapped, storedProfileId });
} catch (e) {
if (e.cause?.code === 'ECONNREFUSED') {
return ctx.errorResponse(res, 502, 'Connection refused — is the service running?');
}
if (e.name === 'AbortError') {
return ctx.errorResponse(res, 504, 'Connection timeout');
}
return ctx.errorResponse(res, 500, e.message);
}
}, 'arr-quality-profiles'));
// Save quality profile preference (without re-storing API key)
router.post('/arr/quality-profiles', ctx.asyncHandler(async (req, res) => {
const { service, qualityProfileId, qualityProfileName } = req.body;
if (!service || !['radarr', 'sonarr'].includes(service)) {
return ctx.errorResponse(res, 400, 'Service must be radarr or sonarr');
}
if (!qualityProfileId) {
return ctx.errorResponse(res, 400, 'qualityProfileId required');
}
const credKey = `arr.${service}.apikey`;
const existing = await ctx.credentialManager.getMetadata(credKey);
if (!existing) {
return ctx.errorResponse(res, 404, 'No stored credentials for this service');
}
// Merge quality profile into existing metadata
existing.qualityProfileId = qualityProfileId;
existing.qualityProfileName = qualityProfileName || null;
await ctx.credentialManager.storeMetadata(credKey, existing);
res.json({ success: true, message: `Quality profile updated for ${service}` });
}, 'arr-quality-profile-save'));
return router;
};

8
dashcaddy-api/routes/arr/credentials.js
View File

@@ -6,7 +6,7 @@ module.exports = function(ctx, helpers) {
// Store arr service credentials
router.post('/arr/credentials', ctx.asyncHandler(async (req, res) => {
const { service, apiKey, url, seedboxBaseUrl } = req.body;
const { service, apiKey, url, seedboxBaseUrl, qualityProfileId, qualityProfileName } = req.body;
if (!service || !apiKey) {
return ctx.errorResponse(res, 400, 'Service name and API key required');
@@ -65,6 +65,12 @@ module.exports = function(ctx, helpers) {
}
}
// Store quality profile preference if provided
if (qualityProfileId) {
metadata.qualityProfileId = qualityProfileId;
metadata.qualityProfileName = qualityProfileName || null;
}
// Store the credential
const stored = await ctx.credentialManager.store(credKey, apiKey, metadata);
if (!stored) {

18
dashcaddy-api/routes/arr/smart-connect.js
View File

@@ -113,7 +113,14 @@ module.exports = function(ctx, helpers) {
signal: AbortSignal.timeout(10000)
});
const profiles = profilesRes.ok ? await profilesRes.json() : [];
const defaultProfile = profiles[0] || { id: 1, name: 'Any' };
// Use stored quality profile preference, fallback to first profile
const radarrMeta = await ctx.credentialManager.getMetadata('arr.radarr.apikey');
let defaultProfile = profiles[0] || { id: 1, name: 'Any' };
if (radarrMeta?.qualityProfileId) {
const stored = profiles.find(p => p.id === radarrMeta.qualityProfileId);
if (stored) defaultProfile = stored;
}
// Fetch root folders
const rootFoldersRes = await ctx.fetchT(`${radarrUrl}/api/v3/rootfolder`, {
@@ -173,7 +180,14 @@ module.exports = function(ctx, helpers) {
signal: AbortSignal.timeout(10000)
});
const profiles = profilesRes.ok ? await profilesRes.json() : [];
const defaultProfile = profiles[0] || { id: 1, name: 'Any' };
// Use stored quality profile preference, fallback to first profile
const sonarrMeta = await ctx.credentialManager.getMetadata('arr.sonarr.apikey');
let defaultProfile = profiles[0] || { id: 1, name: 'Any' };
if (sonarrMeta?.qualityProfileId) {
const stored = profiles.find(p => p.id === sonarrMeta.qualityProfileId);
if (stored) defaultProfile = stored;
}
const rootFoldersRes = await ctx.fetchT(`${sonarrUrl}/api/v3/rootfolder`, {
headers: { 'X-Api-Key': connectedServices.sonarr.apiKey },

2
dashcaddy-api/routes/auth/totp.js
View File

@@ -25,6 +25,8 @@ module.exports = function(ctx) {
let secret;
if (req.body && req.body.secret) {
secret = req.body.secret.replace(/\s/g, '').toUpperCase();
// Normalize common Base32 confusions: 0→O, 1→L, 8→B
secret = secret.replace(/0/g, 'O').replace(/1/g, 'L').replace(/8/g, 'B');
if (!/^[A-Z2-7]{16,}$/.test(secret)) {
return ctx.errorResponse(res, 400, 'Invalid secret key format. Must be a Base32 string (letters A-Z and digits 2-7).');
}

58
dashcaddy-api/routes/services.js
View File

@@ -37,29 +37,35 @@ module.exports = function(ctx) {
return resolveServiceUrl(id, service, ctx.siteConfig, ctx.buildServiceUrl);
}
const PROBE_TIMEOUT = 3000; // 3s — covers DNS + connect + response
function requestStatusCode(url, method) {
const parsed = new URL(url);
const isHttps = parsed.protocol === 'https:';
const lib = isHttps ? https : http;
return new Promise((resolve, reject) => {
const timer = setTimeout(() => {
req.destroy();
reject(new Error('Timeout'));
}, PROBE_TIMEOUT);
const req = lib.request({
hostname: parsed.hostname,
port: parsed.port || (isHttps ? 443 : 80),
path: parsed.pathname + parsed.search,
method,
timeout: TIMEOUTS.HTTP_DEFAULT,
agent: isHttps ? probeHttpsAgent : undefined,
headers: { 'User-Agent': APP.USER_AGENTS.PROBE },
}, (response) => {
clearTimeout(timer);
response.resume();
resolve(response.statusCode || 0);
});
req.on('error', reject);
req.on('timeout', () => {
req.destroy();
reject(new Error('Timeout'));
req.on('error', (err) => {
clearTimeout(timer);
reject(err);
});
req.end();
});
@@ -73,7 +79,7 @@ module.exports = function(ctx) {
const headers = {};
if (pylonConfig.key) headers['x-pylon-key'] = pylonConfig.key;
const controller = new AbortController();
const timeout = setTimeout(() => controller.abort(), 12000);
const timeout = setTimeout(() => controller.abort(), 5000);
const response = await ctx.fetchT(probeUrl, { method: 'GET', signal: controller.signal, headers });
clearTimeout(timeout);
if (!response.ok) return null;
@@ -86,7 +92,7 @@ module.exports = function(ctx) {
async function probeServiceStatus(id, service) {
const startedAt = process.hrtime.bigint();
let url = resolveProbeUrl(id, service);
const url = resolveProbeUrl(id, service);
let statusCode = 502;
let error = null;
@@ -97,21 +103,9 @@ module.exports = function(ctx) {
}
} catch (primaryError) {
error = primaryError;
if (id !== 'internet') {
const fallbackUrl = ctx.buildServiceUrl(id);
if (fallbackUrl !== url) {
try {
statusCode = await requestStatusCode(fallbackUrl, 'GET');
url = fallbackUrl;
error = null;
} catch (fallbackError) {
error = fallbackError;
}
}
}
}
// Pylon relay fallback — if direct probes failed, try through the pylon
// Pylon relay fallback — if direct probe failed, try through the pylon
if (error && ctx.siteConfig?.pylon) {
const pylonResult = await probeViaPylon(url);
if (pylonResult && pylonResult.status) {
@@ -267,6 +261,8 @@ module.exports = function(ctx) {
// ===== SERVICE CRUD ENDPOINTS =====
// Batched live status for dashboard cards
const STATUS_DEADLINE = 10000; // 10s — return whatever we have by then
router.get('/services/status', ctx.asyncHandler(async (req, res) => {
const services = await loadServicesList();
const serviceMap = new Map(services.filter(s => s && s.id).map(s => [s.id, s]));
@@ -283,19 +279,31 @@ module.exports = function(ctx) {
Object.keys(ctx.siteConfig?.dnsServers || {}).forEach(addId);
services.forEach(service => addId(service.id));
const statusResults = await mapWithConcurrency(ids, PROBE_CONCURRENCY, (id) =>
probeServiceStatus(id, serviceMap.get(id))
);
// Collect results as they arrive; deadline returns whatever we have
const statuses = {};
statusResults.forEach((result) => {
const probeWork = mapWithConcurrency(ids, PROBE_CONCURRENCY, async (id) => {
const result = await probeServiceStatus(id, serviceMap.get(id));
statuses[result.id] = result;
return result;
});
const deadline = new Promise((resolve) =>
setTimeout(() => resolve(null), STATUS_DEADLINE)
);
await Promise.race([probeWork, deadline]);
// Fill any IDs that didn't finish before the deadline
const partial = ids.some((id) => !statuses[id]);
ids.forEach((id) => {
if (!statuses[id]) {
statuses[id] = { id, isUp: false, statusCode: 0, responseTime: STATUS_DEADLINE, error: 'deadline' };
}
});
res.set('Cache-Control', 'no-store');
res.json({
success: true,
checkedAt: new Date().toISOString(),
partial,
statuses
});
}, 'services-status'));

7
dashcaddy-api/server.js
View File

@@ -52,9 +52,9 @@ const healthChecker = require('./health-checker');
const updateManager = require('./update-manager');
const selfUpdater = require('./self-updater');
let dockerMaintenance;
try { dockerMaintenance = require('./docker-maintenance'); } catch (_) { console.warn('[WARN] docker-maintenance module not found, skipped'); }
try { dockerMaintenance = require('./docker-maintenance'); } catch (_) { logger.warn('[WARN] docker-maintenance module not found, skipped'); }
let logDigest;
try { logDigest = require('./log-digest'); } catch (_) { console.warn('[WARN] log-digest module not found, skipped'); }
try { logDigest = require('./log-digest'); } catch (_) { logger.warn('[WARN] log-digest module not found, skipped'); }
const StateManager = require('./state-manager');
const auditLogger = require('./audit-logger');
const portLockManager = require('./port-lock-manager');
@@ -296,7 +296,7 @@ function log(level, context, message, data = {}) {
msg: message,
};
if (Object.keys(data).length) entry.data = data;
const fn = level === 'error' ? console.error : level === 'warn' ? console.warn : console.log;
const fn = level === 'error' ? logger.error : level === 'warn' ? logger.warn : logger.info;
fn(JSON.stringify(entry));
}
log.info = (ctx, msg, data) => log('info', ctx, msg, data);
@@ -1959,3 +1959,4 @@ process.on('uncaughtException', (error) => {
// Give the error log time to flush, then exit
setTimeout(() => process.exit(1), 1000).unref();
});