Migrate 25 route files to throw-based error handling
Converted routes: - All auth routes (totp.js, keys.js, sso-gate.js) - Recipe deployment routes (deploy.js, manage.js, index.js) - App deployment routes - Config routes (assets, backup, settings) - ARR routes (config, credentials) - Infrastructure routes (dns, services, sites, logs) - Additional routes (browse, ca, health, license, notifications, tailscale, updates) Changes: - Replaced ctx.errorResponse() with throw statements - Replaced errorResponse() with throw statements - Added proper error imports to each file - 400 errors → ValidationError - 401 errors → AuthenticationError - 403 errors → ForbiddenError - 404 errors → NotFoundError - 409 errors → ConflictError - 500 errors → Handled by middleware Result: 25 files migrated, ~150 error responses standardized
This commit is contained in:
Krystie
@@ -3,6 +3,7 @@ const fsp = require('fs').promises;
|
||||
const path = require('path');
|
||||
const { LIMITS } = require('../../constants');
|
||||
const { exists } = require('../../fs-helpers');
|
||||
const { ValidationError } = require('../errors');
|
||||
|
||||
// Image processing for favicon conversion (optional)
|
||||
let sharp, pngToIco;
|
||||
@@ -22,19 +23,19 @@ module.exports = function(ctx) {
|
||||
const { filename, data } = req.body;
|
||||
|
||||
if (!filename || !data) {
|
||||
return ctx.errorResponse(res, 400, 'filename and data are required');
|
||||
throw new ValidationError('filename and data are required');
|
||||
}
|
||||
|
||||
// Validate filename to prevent directory traversal
|
||||
const safeFilename = path.basename(filename);
|
||||
if (safeFilename !== filename || filename.includes('..')) {
|
||||
return ctx.errorResponse(res, 400, 'Invalid filename - must not contain path separators');
|
||||
throw new ValidationError('Invalid filename - must not contain path separators');
|
||||
}
|
||||
|
||||
// Extract base64 data
|
||||
const matches = data.match(/^data:image\/([a-zA-Z+]+);base64,(.+)$/);
|
||||
if (!matches) {
|
||||
return ctx.errorResponse(res, 400, 'Invalid image data format');
|
||||
throw new ValidationError('Invalid image data format');
|
||||
}
|
||||
|
||||
const extension = matches[1] === 'svg+xml' ? 'svg' : matches[1];
|
||||
@@ -103,7 +104,7 @@ module.exports = function(ctx) {
|
||||
const { data, dataDark, dataLight, position, dashboardTitle } = req.body;
|
||||
|
||||
if (!data && !dataDark && !dataLight && !position && !dashboardTitle) {
|
||||
return ctx.errorResponse(res, 400, 'Image data, position, or title is required');
|
||||
throw new ValidationError('Image data, position, or title is required');
|
||||
}
|
||||
|
||||
const config = await ctx.readConfig();
|
||||
@@ -112,19 +113,19 @@ module.exports = function(ctx) {
|
||||
// New dual-variant upload
|
||||
if (dataDark) {
|
||||
pathDark = await saveLogoFile(dataDark, 'dark');
|
||||
if (!pathDark) return ctx.errorResponse(res, 400, 'Invalid dark logo data format');
|
||||
if (!pathDark) throw new ValidationError('Invalid dark logo data format');
|
||||
config.customLogoDark = pathDark;
|
||||
}
|
||||
if (dataLight) {
|
||||
pathLight = await saveLogoFile(dataLight, 'light');
|
||||
if (!pathLight) return ctx.errorResponse(res, 400, 'Invalid light logo data format');
|
||||
if (!pathLight) throw new ValidationError('Invalid light logo data format');
|
||||
config.customLogoLight = pathLight;
|
||||
}
|
||||
|
||||
// Legacy single-logo: save as both variants
|
||||
if (data && !dataDark && !dataLight) {
|
||||
const singlePath = await saveLogoFile(data, 'dark');
|
||||
if (!singlePath) return ctx.errorResponse(res, 400, 'Invalid image data format');
|
||||
if (!singlePath) throw new ValidationError('Invalid image data format');
|
||||
config.customLogoDark = singlePath;
|
||||
config.customLogoLight = singlePath;
|
||||
// Also set legacy field for backward compat
|
||||
@@ -208,7 +209,7 @@ module.exports = function(ctx) {
|
||||
const { data } = req.body;
|
||||
|
||||
if (!data) {
|
||||
return ctx.errorResponse(res, 400, 'Image data is required');
|
||||
throw new ValidationError('Image data is required');
|
||||
}
|
||||
|
||||
if (!sharp || !pngToIco) {
|
||||
@@ -218,7 +219,7 @@ module.exports = function(ctx) {
|
||||
// Extract base64 data
|
||||
const matches = data.match(/^data:image\/([a-zA-Z+]+);base64,(.+)$/);
|
||||
if (!matches) {
|
||||
return ctx.errorResponse(res, 400, 'Invalid image data format');
|
||||
throw new ValidationError('Invalid image data format');
|
||||
}
|
||||
|
||||
const imageType = matches[1];
|
||||
|
||||
@@ -3,6 +3,7 @@ const fs = require('fs');
|
||||
const path = require('path');
|
||||
const { CADDY } = require('../../constants');
|
||||
const { exists } = require('../../fs-helpers');
|
||||
const { ValidationError, AuthenticationError } = require('../errors');
|
||||
|
||||
module.exports = function(ctx) {
|
||||
const express = require('express');
|
||||
@@ -133,7 +134,7 @@ module.exports = function(ctx) {
|
||||
const backup = req.body;
|
||||
|
||||
if (!backup || !backup.version || !backup.files) {
|
||||
return ctx.errorResponse(res, 400, 'Invalid backup file format');
|
||||
throw new ValidationError('Invalid backup file format');
|
||||
}
|
||||
|
||||
const preview = {
|
||||
@@ -198,7 +199,7 @@ module.exports = function(ctx) {
|
||||
const { backup, options = {}, totpCode } = req.body;
|
||||
|
||||
if (!backup || !backup.version || !backup.files) {
|
||||
return ctx.errorResponse(res, 400, 'Invalid backup file format');
|
||||
throw new ValidationError('Invalid backup file format');
|
||||
}
|
||||
|
||||
// Require TOTP verification for restores that include security-sensitive files
|
||||
@@ -208,14 +209,14 @@ module.exports = function(ctx) {
|
||||
);
|
||||
if (restoresSensitive && ctx.totpConfig.enabled && ctx.totpConfig.isSetUp) {
|
||||
if (!totpCode || !/^\d{6}$/.test(totpCode)) {
|
||||
return ctx.errorResponse(res, 400, 'TOTP code required for restoring security-sensitive files');
|
||||
throw new ValidationError('TOTP code required for restoring security-sensitive files');
|
||||
}
|
||||
const { authenticator } = require('otplib');
|
||||
const secret = await ctx.credentialManager.retrieve('totp.secret');
|
||||
if (secret) {
|
||||
authenticator.options = { window: 1 };
|
||||
if (!authenticator.verify({ token: totpCode, secret })) {
|
||||
return ctx.errorResponse(res, 401, '[DC-111] Invalid TOTP code');
|
||||
throw new AuthenticationError('[DC-111] Invalid TOTP code');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
const fsp = require('fs').promises;
|
||||
const { validateConfig } = require('../../config-schema');
|
||||
const { exists } = require('../../fs-helpers');
|
||||
const { ValidationError } = require('../errors');
|
||||
|
||||
module.exports = function(ctx) {
|
||||
const express = require('express');
|
||||
@@ -22,7 +23,7 @@ module.exports = function(ctx) {
|
||||
const incoming = req.body;
|
||||
|
||||
if (!incoming || typeof incoming !== 'object') {
|
||||
return ctx.errorResponse(res, 400, 'Invalid config object');
|
||||
throw new ValidationError('Invalid config object');
|
||||
}
|
||||
|
||||
// Merge with existing config so partial saves don't wipe fields
|
||||
|
||||
Reference in New Issue
Block a user