andras/perfect-postcode
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

deploy

Browse source
This commit is contained in:
Andras Schmelczer 2026-05-14 20:42:48 +01:00
parent 273d7a83ee
commit 084117cea8
48 changed files with 2283 additions and 890 deletions
Download patch file Download diff file Expand all files Collapse all files

359
server-rs/src/routes/shorten.rs
View file

@ -3,16 +3,24 @@ use std::sync::Arc;
use axum::extract::{Path, State};
use axum::http::{header, StatusCode};
use axum::response::{Html, IntoResponse, Response};
use axum::Extension;
use axum::Json;
use rand::RngExt;
use serde::{Deserialize, Serialize};
use tracing::warn;
use url::form_urlencoded;
use crate::auth::OptionalUser;
use crate::licensing::{is_valid_share_bounds, share_bounds_from_params, ShareBounds};
use crate::pocketbase::get_superuser_token;
use crate::state::SharedState;
const CODE_LEN: usize = 8;
const CHARSET: &[u8] = b"abcdefghijklmnopqrstuvwxyz0123456789";
const MAX_QUERY_LEN: usize = 4096;
const MAX_QUERY_PAIRS: usize = 80;
const MAX_PARAM_KEY_LEN: usize = 64;
const MAX_PARAM_VALUE_LEN: usize = 512;
fn generate_code() -> String {
let mut rng = rand::rng();
@ -36,15 +44,178 @@ pub struct ShortenResponse {
struct PbRecord {
code: String,
params: String,
#[serde(skip_serializing_if = "Option::is_none")]
created_by: Option<String>,
click_count: u64,
#[serde(skip_serializing_if = "Option::is_none")]
share_south: Option<f64>,
#[serde(skip_serializing_if = "Option::is_none")]
share_west: Option<f64>,
#[serde(skip_serializing_if = "Option::is_none")]
share_north: Option<f64>,
#[serde(skip_serializing_if = "Option::is_none")]
share_east: Option<f64>,
}
#[derive(Serialize)]
struct ShareLinkListItem {
code: String,
url: String,
og_image_url: String,
params: String,
click_count: u64,
created: String,
}
#[derive(Serialize)]
struct ShareLinksResponse {
links: Vec<ShareLinkListItem>,
}
fn json_number_as_u64(value: &serde_json::Value) -> u64 {
value
.as_u64()
.or_else(|| {
value
.as_f64()
.filter(|n| n.is_finite() && *n > 0.0)
.map(|n| n as u64)
})
.unwrap_or(0)
}
fn sanitized_query_params(params: &str, keep_share: bool) -> Result<String, &'static str> {
let params = params.trim_start_matches('?');
if params.len() > MAX_QUERY_LEN {
return Err("query string is too long");
}
let mut pairs = Vec::new();
for (idx, (key, value)) in form_urlencoded::parse(params.as_bytes()).enumerate() {
if idx >= MAX_QUERY_PAIRS {
return Err("query string has too many parameters");
}
if key == "share" && !keep_share {
continue;
}
if !is_allowed_param_key(&key) {
return Err("query string contains an unsupported parameter");
}
if key.len() > MAX_PARAM_KEY_LEN || value.len() > MAX_PARAM_VALUE_LEN {
return Err("query parameter is too long");
}
if key.chars().any(char::is_control) || value.chars().any(char::is_control) {
return Err("query parameter contains control characters");
}
pairs.push((key.into_owned(), value.into_owned()));
}
let mut out = form_urlencoded::Serializer::new(String::new());
for (key, value) in pairs {
out.append_pair(&key, &value);
}
Ok(out.finish())
}
fn is_allowed_param_key(key: &str) -> bool {
matches!(
key,
"lat"
| "lon"
| "zoom"
| "filter"
| "school"
| "crime"
| "voteShare"
| "ethnicity"
| "amenityDistance"
| "transportDistance"
| "amenityCount2km"
| "amenityCount5km"
| "poi"
| "tab"
| "pc"
| "tt"
| "share"
)
}
fn escape_attr(value: &str) -> String {
value
.replace('&', "&amp;")
.replace('"', "&quot;")
.replace('\'', "&#39;")
.replace('<', "&lt;")
.replace('>', "&gt;")
}
fn user_can_create_share_grant(user: &OptionalUser) -> bool {
user.0
.as_ref()
.is_some_and(|u| u.is_admin || u.subscription == "licensed")
}
fn share_fields(
bounds: Option<ShareBounds>,
) -> (Option<f64>, Option<f64>, Option<f64>, Option<f64>) {
match bounds {
Some(bounds) => (
Some(bounds.south),
Some(bounds.west),
Some(bounds.north),
Some(bounds.east),
),
None => (None, None, None, None),
}
}
fn record_share_bounds(item: &serde_json::Value) -> Option<ShareBounds> {
let bounds = ShareBounds {
south: item.get("share_south")?.as_f64()?,
west: item.get("share_west")?.as_f64()?,
north: item.get("share_north")?.as_f64()?,
east: item.get("share_east")?.as_f64()?,
};
is_valid_share_bounds(bounds).then_some(bounds)
}
fn dashboard_redirect_url(params: &str, code: &str, include_share: bool) -> String {
match (params.is_empty(), include_share) {
(true, false) => "/dashboard".to_string(),
(true, true) => format!("/dashboard?share={code}"),
(false, false) => format!("/dashboard?{params}"),
(false, true) => format!("/dashboard?{params}&share={code}"),
}
}
fn og_image_url(public_url: &str, params: &str) -> String {
if params.is_empty() {
format!("{}/api/screenshot?og=1", public_url.trim_end_matches('/'))
} else {
format!(
"{}/api/screenshot?og=1&{params}",
public_url.trim_end_matches('/')
)
}
}
pub async fn post_shorten(
State(shared): State<Arc<SharedState>>,
Extension(user): Extension<OptionalUser>,
Json(req): Json<ShortenRequest>,
) -> Response {
let state = shared.load_state();
let pb_url = state.pocketbase_url.trim_end_matches('/');
let can_create_share_grant = user_can_create_share_grant(&user);
let params = match sanitized_query_params(&req.params, !can_create_share_grant) {
Ok(params) => params,
Err(reason) => {
warn!("Rejected short URL params: {reason}");
return (StatusCode::BAD_REQUEST, reason).into_response();
}
};
let token = match get_superuser_token(&state).await {
Ok(t) => t,
Err(err) => {
@ -54,10 +225,22 @@ pub async fn post_shorten(
};
let code = generate_code();
let share_bounds = if can_create_share_grant {
share_bounds_from_params(&params)
} else {
None
};
let (share_south, share_west, share_north, share_east) = share_fields(share_bounds);
let record = PbRecord {
code: code.clone(),
params: req.params,
params,
created_by: user.0.as_ref().map(|u| u.id.clone()),
click_count: 0,
share_south,
share_west,
share_north,
share_east,
};
let res = state
@ -89,6 +272,85 @@ pub async fn post_shorten(
}
}
pub async fn get_share_links(
State(shared): State<Arc<SharedState>>,
Extension(user): Extension<OptionalUser>,
) -> Response {
let state = shared.load_state();
let user = match user.0 {
Some(u) => u,
None => return StatusCode::UNAUTHORIZED.into_response(),
};
let pb_url = state.pocketbase_url.trim_end_matches('/');
let token = match get_superuser_token(&state).await {
Ok(t) => t,
Err(err) => {
warn!("PocketBase superuser auth failed: {err}");
return StatusCode::BAD_GATEWAY.into_response();
}
};
let filter = format!("created_by=\"{}\"", user.id);
let url = format!(
"{pb_url}/api/collections/short_urls/records?sort=-created&perPage=200&filter={}",
urlencoding::encode(&filter)
);
let res = match state
.http_client
.get(&url)
.header("Authorization", format!("Bearer {token}"))
.send()
.await
{
Ok(r) => r,
Err(err) => {
warn!("Failed to list share links: {err}");
return StatusCode::BAD_GATEWAY.into_response();
}
};
if !res.status().is_success() {
let status = res.status();
let text = res.text().await.unwrap_or_default();
warn!("PocketBase list share links failed ({status}): {text}");
return StatusCode::BAD_GATEWAY.into_response();
}
let body: serde_json::Value = match res.json().await {
Ok(v) => v,
Err(err) => {
warn!("Failed to parse share links response: {err}");
return StatusCode::BAD_GATEWAY.into_response();
}
};
let public_url = state.public_url.trim_end_matches('/');
let links: Vec<ShareLinkListItem> = body["items"]
.as_array()
.map(|arr| {
arr.iter()
.map(|item| {
let code = item["code"].as_str().unwrap_or("").to_string();
let params = item["params"].as_str().unwrap_or("").to_string();
ShareLinkListItem {
url: format!("{public_url}/s/{code}"),
code,
og_image_url: og_image_url(public_url, &params),
params,
click_count: json_number_as_u64(&item["click_count"]),
created: item["created"].as_str().unwrap_or("").to_string(),
}
})
.collect()
})
.unwrap_or_default();
Json(ShareLinksResponse { links }).into_response()
}
pub async fn get_short_url(
State(shared): State<Arc<SharedState>>,
Path(code): Path<String>,
@ -132,22 +394,51 @@ pub async fn get_short_url(
}
};
let params = json["items"]
.as_array()
.and_then(|items| items.first())
.and_then(|item| item["params"].as_str());
let item = json["items"].as_array().and_then(|items| items.first());
match params {
Some(params) => {
let redirect_url = if params.is_empty() {
format!("/dashboard?share={code}")
} else {
format!("/dashboard?{params}&share={code}")
match item.and_then(|item| item["params"].as_str().map(|params| (item, params))) {
Some((item, params)) => {
let record_id = item["id"].as_str().unwrap_or("").to_string();
let next_click_count =
json_number_as_u64(&item["click_count"]).saturating_add(1);
let params = match sanitized_query_params(params, true) {
Ok(params) => params,
Err(reason) => {
warn!("Stored short URL params rejected for {code}: {reason}");
return StatusCode::BAD_REQUEST.into_response();
}
};
let og_image_url = format!("{}/api/screenshot?og=1&{params}", state.public_url);
let og_url = format!("{}/s/{code}", state.public_url);
if !record_id.is_empty() {
let update_url =
format!("{pb_url}/api/collections/short_urls/records/{record_id}");
match state
.http_client
.patch(&update_url)
.header("Authorization", format!("Bearer {token}"))
.json(&serde_json::json!({ "click_count": next_click_count }))
.send()
.await
{
Ok(update_resp) if update_resp.status().is_success() => {}
Ok(update_resp) => {
let status = update_resp.status();
let text = update_resp.text().await.unwrap_or_default();
warn!("PocketBase click count update failed ({status}): {text}");
}
Err(err) => warn!("PocketBase click count update failed: {err}"),
}
}
let redirect_url =
dashboard_redirect_url(&params, &code, record_share_bounds(item).is_some());
let og_image_url = og_image_url(&state.public_url, &params);
let og_url = format!("{}/s/{code}", state.public_url.trim_end_matches('/'));
let og_title = "Perfect Postcode | Every neighbourhood in England";
let og_description = "Explore property prices, energy ratings, crime stats, school ratings, and more across England on one interactive map.";
let redirect_url = escape_attr(&redirect_url);
let og_image_url = escape_attr(&og_image_url);
let og_url = escape_attr(&og_url);
let og_title = escape_attr(og_title);
let og_description = escape_attr(og_description);
let html = format!(
r#"<!DOCTYPE html>
@ -168,7 +459,13 @@ pub async fn get_short_url(
</head><body></body></html>"#
);
(
[(header::CACHE_CONTROL, "public, max-age=86400")],
[
(header::CACHE_CONTROL, "no-store"),
(
header::CONTENT_SECURITY_POLICY,
"default-src 'none'; img-src https: data:; base-uri 'none'; form-action 'none'",
),
],
Html(html),
)
.into_response()
@ -187,3 +484,37 @@ pub async fn get_short_url(
}
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn sanitizes_short_url_params_and_drops_share() {
let params = sanitized_query_params(
"lat=51.5&lon=-0.1&zoom=12&filter=price%3A1%3A2&share=oldcode",
false,
)
.unwrap();
assert_eq!(params, "lat=51.5&lon=-0.1&zoom=12&filter=price%3A1%3A2");
}
#[test]
fn rejects_html_in_unsupported_params() {
assert!(sanitized_query_params("lat=51&x=%22%3E%3Cscript%3E", false).is_err());
}
#[test]
fn can_preserve_existing_share_grant() {
let params =
sanitized_query_params("lat=51.5&lon=-0.1&zoom=12&share=oldcode", true).unwrap();
assert_eq!(params, "lat=51.5&lon=-0.1&zoom=12&share=oldcode");
}
#[test]
fn escapes_html_attributes() {
assert_eq!(escape_attr(r#""'><&"#), "&quot;&#39;&gt;&lt;&amp;");
}
}