Removed blocking logic and duplicate validations.

src/lib/crypto.ts

@@ -1,6 +1,6 @@
 import { startOfHour, startOfMonth } from 'date-fns';
 import { hash } from 'next-basics';
-import { v4, v5, validate } from 'uuid';
+import { v4, v5 } from 'uuid';
 
 export function secret() {
   return hash(process.env.APP_SECRET || process.env.DATABASE_URL);
@@ -23,7 +23,3 @@ export function uuid(...args: any) {
 
   return v5(hash(...args, salt()), v5.DNS);
 }
-
-export function isUuid(value: string) {
-  return validate(value);
-}

src/lib/session.ts

@@ -1,9 +1,8 @@
-import { isUuid, secret, uuid, visitSalt } from 'lib/crypto';
+import { secret, uuid, visitSalt } from 'lib/crypto';
 import { getClientInfo } from 'lib/detect';
 import { parseToken } from 'next-basics';
 import { NextApiRequestCollect } from 'pages/api/send';
 import { createSession } from 'queries';
-import cache from './cache';
 import clickhouse from './clickhouse';
 import { loadSession, loadWebsite } from './load';
 import { SessionData } from 'lib/types';
@@ -23,8 +22,6 @@ export async function getSession(req: NextApiRequestCollect): Promise<SessionDat
 
     // Token is valid
     if (result) {
-      await checkUserBlock(result?.ownerId);
-
       return result;
     }
   }
@@ -32,15 +29,6 @@ export async function getSession(req: NextApiRequestCollect): Promise<SessionDat
   // Verify payload
   const { website: websiteId, hostname, screen, language } = payload;
 
-  const validHostnameRegex = /^[\w-.]+$/;
-  if (!validHostnameRegex.test(hostname)) {
-    throw new Error('Invalid hostname.');
-  }
-
-  if (!isUuid(websiteId)) {
-    throw new Error('Invalid website ID.');
-  }
-
   // Find website
   const website = await loadWebsite(websiteId);
 
@@ -48,8 +36,6 @@ export async function getSession(req: NextApiRequestCollect): Promise<SessionDat
     throw new Error(`Website not found: ${websiteId}.`);
   }
 
-  await checkUserBlock(website.userId);
-
   const { userAgent, browser, os, ip, country, subdivision1, subdivision2, city, device } =
     await getClientInfo(req);
 
@@ -72,7 +58,6 @@ export async function getSession(req: NextApiRequestCollect): Promise<SessionDat
       subdivision1,
       subdivision2,
       city,
-      ownerId: website.userId,
     };
   }
 
@@ -103,13 +88,5 @@ export async function getSession(req: NextApiRequestCollect): Promise<SessionDat
     }
   }
 
-  return { ...session, ownerId: website.userId, visitId: visitId };
-}
-
-async function checkUserBlock(userId: string) {
-  if (process.env.ENABLE_BLOCKER && (await cache.fetchUserBlock(userId))) {
-    await cache.incrementUserBlock(userId);
-
-    throw new Error('Usage Limit.');
-  }
+  return { ...session, visitId: visitId };
 }

src/lib/types.ts

@@ -245,5 +245,4 @@ export interface SessionData {
   subdivision1: string;
   subdivision2: string;
   city: string;
-  ownerId: string;
 }

src/pages/api/send.ts

@@ -1,10 +1,5 @@
 import ipaddr from 'ipaddr.js';
 import { isbot } from 'isbot';
-import { COLLECTION_TYPE, HOSTNAME_REGEX, IP_REGEX } from 'lib/constants';
-import { secret, visitSalt, uuid } from 'lib/crypto';
-import { getIpAddress } from 'lib/detect';
-import { useCors, useSession, useValidate } from 'lib/middleware';
-import { CollectionType, YupRequest } from 'lib/types';
 import { NextApiRequest, NextApiResponse } from 'next';
 import {
   badRequest,
@@ -15,6 +10,11 @@ import {
   safeDecodeURI,
   send,
 } from 'next-basics';
+import { COLLECTION_TYPE, HOSTNAME_REGEX, IP_REGEX } from 'lib/constants';
+import { secret, visitSalt, uuid } from 'lib/crypto';
+import { getIpAddress } from 'lib/detect';
+import { useCors, useSession, useValidate } from 'lib/middleware';
+import { CollectionType, YupRequest } from 'lib/types';
 import { saveEvent, saveSessionData } from 'queries';
 import * as yup from 'yup';
 
@@ -41,7 +41,6 @@ export interface NextApiRequestCollect extends NextApiRequest {
     id: string;
     websiteId: string;
     visitId: string;
-    ownerId: string;
     hostname: string;
     browser: string;
     os: string;