NotAShelf
8187608b38
Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I3c3e4acb12a5a965bfaba950bf9aa5776a6a6964
70 lines
1.6 KiB
Go
70 lines
1.6 KiB
Go
package api
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
|
|
"notashelf.dev/watchdog/internal/limits"
|
|
)
|
|
|
|
// Represents an incoming analytics event
|
|
type Event struct {
|
|
Domain string `json:"d"` // domain
|
|
Path string `json:"p"` // path
|
|
Referrer string `json:"r"` // referrer URL
|
|
Event string `json:"e"` // custom event name (empty for pageviews)
|
|
Width int `json:"w"` // screen width for device classification
|
|
}
|
|
|
|
// Parses an event from the request body with size limits
|
|
func ParseEvent(body io.Reader) (*Event, error) {
|
|
// Limit read size to prevent memory exhaustion
|
|
limited := io.LimitReader(body, limits.MaxEventSize+1)
|
|
|
|
data, err := io.ReadAll(limited)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to read body: %w", err)
|
|
}
|
|
|
|
if len(data) > limits.MaxEventSize {
|
|
return nil, fmt.Errorf("event payload too large")
|
|
}
|
|
|
|
var event Event
|
|
if err := json.Unmarshal(data, &event); err != nil {
|
|
return nil, fmt.Errorf("invalid JSON")
|
|
}
|
|
|
|
return &event, nil
|
|
}
|
|
|
|
// Validate checks if the event is valid for the given domain
|
|
func (e *Event) Validate(expectedDomain string) error {
|
|
if e.Domain == "" {
|
|
return fmt.Errorf("domain required")
|
|
}
|
|
|
|
if e.Domain != expectedDomain {
|
|
return fmt.Errorf("domain mismatch")
|
|
}
|
|
|
|
if e.Path == "" {
|
|
return fmt.Errorf("path required")
|
|
}
|
|
|
|
if len(e.Path) > limits.MaxPathLen {
|
|
return fmt.Errorf("path too long")
|
|
}
|
|
|
|
if len(e.Referrer) > limits.MaxRefLen {
|
|
return fmt.Errorf("referrer too long")
|
|
}
|
|
|
|
// Validate screen width is in reasonable range
|
|
if e.Width < 0 || e.Width > limits.MaxWidth {
|
|
return fmt.Errorf("invalid width")
|
|
}
|
|
|
|
return nil
|
|
}
|