kawa/CubeAdmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c8895c8e80843840a777d2c126f01d87321cf5a1
CubeAdmin/app/api/server/settings/route.ts
kawa c8895c8e80 BugFixes galore
2026-03-08 17:01:36 +01:00

67 lines
2.5 KiB
TypeScript
Raw Blame History

import { NextRequest, NextResponse } from "next/server";
import { auth, getAuthSession } from "@/lib/auth";
import { db } from "@/lib/db";
import { serverSettings } from "@/lib/db/schema";
import { checkRateLimit, getClientIp } from "@/lib/security/rateLimit";
import { z } from "zod";
const UpdateSettingsSchema = z.object({
minecraftPath: z.string().optional(),
serverJar: z.string().optional(),
serverVersion: z.string().optional(),
serverType: z.enum(["vanilla", "paper", "spigot", "bukkit", "fabric", "forge", "bedrock"]).optional(),
maxRam: z.number().min(512).max(32768).optional(),
minRam: z.number().min(256).max(32768).optional(),
rconEnabled: z.boolean().optional(),
rconPort: z.number().min(1).max(65535).optional(),
rconPassword: z.string().min(8).optional(),
javaArgs: z.string().max(1000).optional(),
autoStart: z.boolean().optional(),
restartOnCrash: z.boolean().optional(),
backupEnabled: z.boolean().optional(),
backupSchedule: z.string().optional(),
bluemapEnabled: z.boolean().optional(),
bluemapUrl: z.string().url().optional().or(z.literal("")),
});
export async function GET(req: NextRequest) {
const session = await getAuthSession(req.headers);
if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
const settings = await db.select().from(serverSettings).get();
// Never return RCON password
if (settings) {
const { rconPassword: _, ...safe } = settings;
return NextResponse.json({ settings: safe });
}
return NextResponse.json({ settings: null });
}
export async function PATCH(req: NextRequest) {
const session = await getAuthSession(req.headers);
if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
if (session.user.role !== "superadmin") {
return NextResponse.json({ error: "Forbidden" }, { status: 403 });
}
const ip = getClientIp(req);
const { allowed } = checkRateLimit(ip);
if (!allowed) return NextResponse.json({ error: "Too many requests" }, { status: 429 });
let body: z.infer<typeof UpdateSettingsSchema>;
try {
body = UpdateSettingsSchema.parse(await req.json());
} catch {
return NextResponse.json({ error: "Invalid request" }, { status: 400 });
}
const existing = await db.select().from(serverSettings).get();
if (existing) {
await db.update(serverSettings).set({ ...body, updatedAt: Date.now() });
} else {
await db.insert(serverSettings).values({ id: 1, ...body, updatedAt: Date.now() });
}
return NextResponse.json({ success: true });
}
Reference in New Issue View Git Blame Copy Permalink