cobalt/src/core/api.js

import cors from "cors";
import rateLimit from "express-rate-limit";
import { randomBytes } from "crypto";

const ipSalt = randomBytes(64).toString('hex');

import { env, version } from "../modules/config.js";
import { getJSON } from "../modules/api.js";
import { apiJSON, checkJSONPost, getIP, languageCode } from "../modules/sub/utils.js";
import { Bright, Cyan } from "../modules/sub/consoleText.js";
import stream from "../modules/stream/stream.js";
import loc from "../localization/manager.js";
import { generateHmac } from "../modules/sub/crypto.js";
import { verifyStream, getInternalStream } from "../modules/stream/manage.js";

export function runAPI(express, app, gitCommit, gitBranch, __dirname) {
    const corsConfig = !env.corsWildcard ? {
        origin: env.corsURL,
        optionsSuccessStatus: 200
    } : {};

    const apiLimiter = rateLimit({
        windowMs: 60000,
        max: 20,
        standardHeaders: true,
        legacyHeaders: false,
        keyGenerator: req => generateHmac(getIP(req), ipSalt),
        handler: (req, res, next, opt) => {
            return res.status(429).json({
                "status": "rate-limit",
                "text": loc(languageCode(req), 'ErrorRateLimit')
            });
        }
    });
    const apiLimiterStream = rateLimit({
        windowMs: 60000,
        max: 25,
        standardHeaders: true,
        legacyHeaders: false,
        keyGenerator: req => generateHmac(getIP(req), ipSalt),
        handler: (req, res, next, opt) => {
            return res.status(429).json({
                "status": "rate-limit",
                "text": loc(languageCode(req), 'ErrorRateLimit')
            });
        }
    });
    
    const startTime = new Date();
    const startTimestamp = startTime.getTime();

    app.set('trust proxy', ['loopback', 'uniquelocal']);

    app.use('/api/:type', cors({
        methods: ['GET', 'POST'],
        ...corsConfig
    }));

    app.use('/api/json', apiLimiter);
    app.use('/api/stream', apiLimiterStream);
    app.use('/api/onDemand', apiLimiter);

    app.use((req, res, next) => {
        try { decodeURIComponent(req.path) } catch (e) { return res.redirect('/') }
        next();
    });

    app.use('/api/json', express.json({
        verify: (req, res, buf) => {
            let acceptCon = String(req.header('Accept')) === "application/json";
            if (acceptCon) {
                if (buf.length > 720) throw new Error();
                JSON.parse(buf);
            } else {
                throw new Error();
            }
        }
    }));

    // handle express.json errors properly (https://github.com/expressjs/express/issues/4065)
    app.use('/api/json', (err, req, res, next) => {
        let errorText = "invalid json body";
        let acceptCon = String(req.header('Accept')) !== "application/json";

        if (err || acceptCon) {
            if (acceptCon) errorText = "invalid accept header";
            return res.status(400).json({
                status: "error",
                text: errorText
            });
        } else {
            next();
        }
    });

    app.post('/api/json', async (req, res) => {
        try {
            let lang = languageCode(req);
            let j = apiJSON(0, { t: "bad request" });
            try {
                let contentCon = String(req.header('Content-Type')) === "application/json";
                let request = req.body;
                if (contentCon && request.url) {
                    request.dubLang = request.dubLang ? lang : false;
    
                    let chck = checkJSONPost(request);
                    if (!chck) throw new Error();
    
                    j = await getJSON(chck.url, lang, chck);
                } else {
                    j = apiJSON(0, {
                        t: !contentCon ? "invalid content type header" : loc(lang, 'ErrorNoLink')
                    });
                }
            } catch (e) {
                j = apiJSON(0, { t: loc(lang, 'ErrorCantProcess') });
            }
            return res.status(j.status).json(j.body);
        } catch (e) {
            return res.destroy();
        }
    });

    app.get('/api/:type', (req, res) => {
        try {
            let j;
            switch (req.params.type) {
                case 'stream':
                    const q = req.query;
                    const checkQueries = q.t && q.e && q.h && q.s && q.i;
                    const checkBaseLength = q.t.length === 21 && q.e.length === 13;
                    const checkSafeLength = q.h.length === 43 && q.s.length === 43 && q.i.length === 22;
                    if (checkQueries && checkBaseLength && checkSafeLength) {
                        if (q.p) {
                            return res.status(200).json({
                                status: "continue"
                            })
                        }
                        let streamInfo = verifyStream(q.t, q.h, q.e, q.s, q.i);
                        if (streamInfo.error) {
                            return res.status(streamInfo.status).json(apiJSON(0, { t: streamInfo.error }).body);
                        }
                        return stream(res, streamInfo);
                    } 

                    j = apiJSON(0, {
                        t: "bad request. stream link may be incomplete or corrupted."
                    })
                    return res.status(j.status).json(j.body);
                case 'istream':
                    if (!req.ip.endsWith('127.0.0.1'))
                        return res.sendStatus(403);
                    if (('' + req.query.t).length !== 21)
                        return res.sendStatus(400);
    
                    let streamInfo = getInternalStream(req.query.t);
                    if (!streamInfo) return res.sendStatus(404);
                    streamInfo.headers = req.headers;
    
                    return stream(res, { type: 'internal', ...streamInfo });
                case 'serverInfo':
                    return res.status(200).json({
                        version: version,
                        commit: gitCommit,
                        branch: gitBranch,
                        name: env.apiName,
                        url: env.apiURL,
                        cors: Number(env.corsWildcard),
                        startTime: `${startTimestamp}`
                    });
                default:
                    j = apiJSON(0, {
                        t: "unknown response type"
                    })
                    return res.status(j.status).json(j.body);
            }
        } catch (e) {
            return res.status(500).json({
                status: "error",
                text: loc(languageCode(req), 'ErrorCantProcess')
            });
        }
    });

    app.get('/api/status', (req, res) => {
        res.status(200).end()
    });

    app.get('/favicon.ico', (req, res) => {
        res.sendFile(`${__dirname}/src/front/icons/favicon.ico`)
    });

    app.get('/*', (req, res) => {
        res.redirect('/api/json')
    });

    app.listen(env.apiPort, () => {
        console.log(`\n` +
            `${Cyan("cobalt")} API ${Bright(`v.${version}-${gitCommit} (${gitBranch})`)}\n` +
            `Start time: ${Bright(`${startTime.toUTCString()} (${startTimestamp})`)}\n\n` +
            `URL: ${Cyan(`${env.apiURL}`)}\n` +
            `Port: ${env.apiPort}\n`
        )
    });
}
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`import cors from "cors";`
			`import rateLimit from "express-rate-limit";`
			`import { randomBytes } from "crypto";`

			`const ipSalt = randomBytes(64).toString('hex');`

refactor: centralize envs and their defaults in `modules/config` (#464) * feat(config): centralized env variables and their default values * fix: fip `corsWildcard` variable check in `corsConfig` * fix(config): use already declared variables and default some strings to undefined * fix: check processingPriority against NaN 2024-04-29 13:56:05 +02:00			`import { env, version } from "../modules/config.js";`
new inner layout - one main controlling script (cobalt.js). - added api server name to serverInfo endpoint. - one dockerfile. - less mess. 2023-05-21 21:13:05 +02:00			`import { getJSON } from "../modules/api.js";`
			`import { apiJSON, checkJSONPost, getIP, languageCode } from "../modules/sub/utils.js";`
			`import { Bright, Cyan } from "../modules/sub/consoleText.js";`
			`import stream from "../modules/stream/stream.js";`
			`import loc from "../localization/manager.js";`
crypto: rename sha256 func to generateHmac it has always been actually hmac 2024-03-05 15:55:17 +01:00			`import { generateHmac } from "../modules/sub/crypto.js";`
feat: internal streams 2024-04-26 13:53:50 +02:00			`import { verifyStream, getInternalStream } from "../modules/stream/manage.js";`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00
oops 2023-06-05 08:47:03 +02:00			`export function runAPI(express, app, gitCommit, gitBranch, __dirname) {`
refactor: centralize envs and their defaults in `modules/config` (#464) * feat(config): centralized env variables and their default values * fix: fip `corsWildcard` variable check in `corsConfig` * fix(config): use already declared variables and default some strings to undefined * fix: check processingPriority against NaN 2024-04-29 13:56:05 +02:00			`const corsConfig = !env.corsWildcard ? {`
			`origin: env.corsURL,`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`optionsSuccessStatus: 200`
			`} : {};`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00
			`const apiLimiter = rateLimit({`
			`windowMs: 60000,`
6.2: no more ip verification - removed ip verification and updated privacy policy to reflect this change. - streamable links now last for 20 seconds instead of 2 minutes. - cleaned up stream verification algorithm. now the same function isn't run 4 times in a row. - removed deprecated way of hosting a cobalt instance. 2023-06-27 15:56:15 +02:00			`max: 20,`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`standardHeaders: true,`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`legacyHeaders: false,`
crypto: rename sha256 func to generateHmac it has always been actually hmac 2024-03-05 15:55:17 +01:00			`keyGenerator: req => generateHmac(getIP(req), ipSalt),`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`handler: (req, res, next, opt) => {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`return res.status(429).json({`
actually use rate-limit status 2023-08-13 21:51:55 +02:00			`"status": "rate-limit",`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`"text": loc(languageCode(req), 'ErrorRateLimit')`
			`});`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
			`});`
			`const apiLimiterStream = rateLimit({`
			`windowMs: 60000,`
6.2: no more ip verification - removed ip verification and updated privacy policy to reflect this change. - streamable links now last for 20 seconds instead of 2 minutes. - cleaned up stream verification algorithm. now the same function isn't run 4 times in a row. - removed deprecated way of hosting a cobalt instance. 2023-06-27 15:56:15 +02:00			`max: 25,`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`standardHeaders: true,`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`legacyHeaders: false,`
crypto: rename sha256 func to generateHmac it has always been actually hmac 2024-03-05 15:55:17 +01:00			`keyGenerator: req => generateHmac(getIP(req), ipSalt),`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`handler: (req, res, next, opt) => {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`return res.status(429).json({`
actually use rate-limit status 2023-08-13 21:51:55 +02:00			`"status": "rate-limit",`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`"text": loc(languageCode(req), 'ErrorRateLimit')`
			`});`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
			`});`

			`const startTime = new Date();`
core/api: remove unnecessary Math.floor for timestamp 2024-03-05 15:41:33 +01:00			`const startTimestamp = startTime.getTime();`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00
api: use req.ip instead of cloudflare headers, ratelimit ipv6 by prefix allows for more versatile configurations that do not necessarily have to use cloudflare also ratelimits IPv6 addresses by prefix instead of individual addresses currently set at /56, which should not be too strict (yet allows a /48 holder to make 256 as many requests instead of 2^80 as many requests), change if needed 2023-07-25 21:46:25 +02:00			`app.set('trust proxy', ['loopback', 'uniquelocal']);`

stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00			`app.use('/api/:type', cors({`
			`methods: ['GET', 'POST'],`
			`...corsConfig`
			`}));`

separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`app.use('/api/json', apiLimiter);`
			`app.use('/api/stream', apiLimiterStream);`
			`app.use('/api/onDemand', apiLimiter);`

			`app.use((req, res, next) => {`
			`try { decodeURIComponent(req.path) } catch (e) { return res.redirect('/') }`
			`next();`
			`});`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`app.use('/api/json', express.json({`
			`verify: (req, res, buf) => {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`let acceptCon = String(req.header('Accept')) === "application/json";`
			`if (acceptCon) {`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`if (buf.length > 720) throw new Error();`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`JSON.parse(buf);`
			`} else {`
			`throw new Error();`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
			`}`
			`}));`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`// handle express.json errors properly (https://github.com/expressjs/express/issues/4065)`
			`app.use('/api/json', (err, req, res, next) => {`
			`let errorText = "invalid json body";`
			`let acceptCon = String(req.header('Accept')) !== "application/json";`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`if (err \|\| acceptCon) {`
			`if (acceptCon) errorText = "invalid accept header";`
			`return res.status(400).json({`
			`status: "error",`
			`text: errorText`
			`});`
			`} else {`
			`next();`
			`}`
			`});`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`app.post('/api/json', async (req, res) => {`
			`try {`
			`let lang = languageCode(req);`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`let j = apiJSON(0, { t: "bad request" });`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`try {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`let contentCon = String(req.header('Content-Type')) === "application/json";`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`let request = req.body;`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`if (contentCon && request.url) {`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`request.dubLang = request.dubLang ? lang : false;`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`let chck = checkJSONPost(request);`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`if (!chck) throw new Error();`

api: clean url upon entry, not down the road 2023-12-25 13:20:51 +01:00			`j = await getJSON(chck.url, lang, chck);`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`} else {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`j = apiJSON(0, {`
			`t: !contentCon ? "invalid content type header" : loc(lang, 'ErrorNoLink')`
			`});`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
			`} catch (e) {`
			`j = apiJSON(0, { t: loc(lang, 'ErrorCantProcess') });`
			`}`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`return res.status(j.status).json(j.body);`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`} catch (e) {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`return res.destroy();`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
			`});`

			`app.get('/api/:type', (req, res) => {`
			`try {`
feat: internal streams 2024-04-26 13:53:50 +02:00			`let j;`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`switch (req.params.type) {`
			`case 'stream':`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00			`const q = req.query;`
			`const checkQueries = q.t && q.e && q.h && q.s && q.i;`
			`const checkBaseLength = q.t.length === 21 && q.e.length === 13;`
crypto: use secret directly instead of deriving key 2024-03-05 17:49:00 +01:00			`const checkSafeLength = q.h.length === 43 && q.s.length === 43 && q.i.length === 22;`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00			`if (checkQueries && checkBaseLength && checkSafeLength) {`
			`if (q.p) {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`return res.status(200).json({`
			`status: "continue"`
core/api: don't trigger verifyStream on premature probe 2024-04-27 18:44:25 +02:00			`})`
			`}`
			`let streamInfo = verifyStream(q.t, q.h, q.e, q.s, q.i);`
			`if (streamInfo.error) {`
			`return res.status(streamInfo.status).json(apiJSON(0, { t: streamInfo.error }).body);`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`return stream(res, streamInfo);`
feat: internal streams 2024-04-26 13:53:50 +02:00			`}`

			`j = apiJSON(0, {`
			`t: "bad request. stream link may be incomplete or corrupted."`
			`})`
			`return res.status(j.status).json(j.body);`
			`case 'istream':`
			`if (!req.ip.endsWith('127.0.0.1'))`
			`return res.sendStatus(403);`
			`if (('' + req.query.t).length !== 21)`
			`return res.sendStatus(400);`

			`let streamInfo = getInternalStream(req.query.t);`
			`if (!streamInfo) return res.sendStatus(404);`
			`streamInfo.headers = req.headers;`

			`return stream(res, { type: 'internal', ...streamInfo });`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`case 'serverInfo':`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`return res.status(200).json({`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`version: version,`
new inner layout - one main controlling script (cobalt.js). - added api server name to serverInfo endpoint. - one dockerfile. - less mess. 2023-05-21 21:13:05 +02:00			`commit: gitCommit,`
			`branch: gitBranch,`
refactor: centralize envs and their defaults in `modules/config` (#464) * feat(config): centralized env variables and their default values * fix: fip `corsWildcard` variable check in `corsConfig` * fix(config): use already declared variables and default some strings to undefined * fix: check processingPriority against NaN 2024-04-29 13:56:05 +02:00			`name: env.apiName,`
			`url: env.apiURL,`
			`cors: Number(env.corsWildcard),`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			startTime: `${startTimestamp}`
			`});`
			`default:`
feat: internal streams 2024-04-26 13:53:50 +02:00			`j = apiJSON(0, {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`t: "unknown response type"`
			`})`
			`return res.status(j.status).json(j.body);`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
			`} catch (e) {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`return res.status(500).json({`
			`status: "error",`
			`text: loc(languageCode(req), 'ErrorCantProcess')`
			`});`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`
			`});`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
new inner layout - one main controlling script (cobalt.js). - added api server name to serverInfo endpoint. - one dockerfile. - less mess. 2023-05-21 21:13:05 +02:00			`app.get('/api/status', (req, res) => {`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`res.status(200).end()`
			`});`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
new inner layout - one main controlling script (cobalt.js). - added api server name to serverInfo endpoint. - one dockerfile. - less mess. 2023-05-21 21:13:05 +02:00			`app.get('/favicon.ico', (req, res) => {`
			res.sendFile(`${__dirname}/src/front/icons/favicon.ico`)
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`});`
stream: encrypt cached stream data & clean up related modules also limited CORS methods to GET and POST 2024-03-05 13:14:26 +01:00
new inner layout - one main controlling script (cobalt.js). - added api server name to serverInfo endpoint. - one dockerfile. - less mess. 2023-05-21 21:13:05 +02:00			`app.get('/*', (req, res) => {`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`res.redirect('/api/json')`
			`});`

refactor: centralize envs and their defaults in `modules/config` (#464) * feat(config): centralized env variables and their default values * fix: fip `corsWildcard` variable check in `corsConfig` * fix(config): use already declared variables and default some strings to undefined * fix: check processingPriority against NaN 2024-04-29 13:56:05 +02:00			`app.listen(env.apiPort, () => {`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			console.log(`\n` +
			`${Cyan("cobalt")} API ${Bright(`v.${version}-${gitCommit} (${gitBranch})`)}\n` +
			`Start time: ${Bright(`${startTime.toUTCString()} (${startTimestamp})`)}\n\n` +
refactor: centralize envs and their defaults in `modules/config` (#464) * feat(config): centralized env variables and their default values * fix: fip `corsWildcard` variable check in `corsConfig` * fix(config): use already declared variables and default some strings to undefined * fix: check processingPriority against NaN 2024-04-29 13:56:05 +02:00			`URL: ${Cyan(`${env.apiURL}`)}\n` +
			`Port: ${env.apiPort}\n`
7.0: ui refresh and more 2023-08-04 20:43:12 +02:00			`)`
new inner layout - one main controlling script (cobalt.js). - added api server name to serverInfo endpoint. - one dockerfile. - less mess. 2023-05-21 21:13:05 +02:00			`});`
separated web and api, build improvements wip: - separate web and api servers. - script for building static pages. - building improvements. - async localisation preloading. 2023-05-19 12:13:38 +02:00			`}`