CDN-APP-INSIDER/Middlewares/discordWebhookSuspisiousAlertMiddleware.js

const axios = require('axios');
const fs = require('fs');
const path = require('path');
const setupFilePath = path.join(__dirname, '../data', 'setup.json');

function isIpAllowed(ip, allowedIps) {
    return allowedIps.some(allowedIp => {

        if (allowedIp.includes('/')) {
            const [network, bits] = allowedIp.split('/');
            const ipLong = ip2long(ip);
            const networkLong = ip2long(network);
            const mask = ~(2 ** (32 - bits) - 1);
            return (ipLong & mask) === (networkLong & mask);
        }

        return ip === allowedIp;
    });
}

function ip2long(ip) {
    return ip.split('.')
        .reduce((long, octet) => (long << 8) + parseInt(octet), 0) >>> 0;
}

function sendDiscordWebhook(url, req, statusCode) {
    if (!url) {
        return;
    }

    const setupData = JSON.parse(fs.readFileSync(setupFilePath, 'utf-8'));
    const allowedIps = setupData[0].allowedIps || [];
    const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;

    if (isIpAllowed(ip, allowedIps)) {
        return;
    } else {
    }

    const fullUrl = `${req.protocol}://${req.get('host')}${req.originalUrl}`;
    const statusEmoji = [200, 302].includes(statusCode) ? '✅' : '❌';
    const statusMessage = `**Statut:** ${statusEmoji} (${statusCode})`;
    const timestamp = new Date().toLocaleString('fr-FR', { timeZone: 'UTC', hour12: false });
    const userAgent = req.get('User-Agent');
    const { v4: uuidv4 } = require('uuid');
    const webhookId = uuidv4();
    const userId = req.user ? req.user.id : 'Inconnu';
    const userName = req.user ? req.user.name : 'Inconnu';

    const data = {
        embeds: [{
            title: "📡 Requête API",
            description: "Une requête API a été effectuée. Voici les détails :",
            color: 16753920,            
            fields: [{
                name: `🔎 Détails de la requête\n\n`,
                value: `🔗 **URL:** ${fullUrl}\n\n🚦 ${statusMessage}\n\n🌐 **IP**: ${ip}\n\n🔧 **Méthode**: ${req.method}\n\n⏰ **Heure**: ${timestamp}\n\n🕵️ **Agent utilisateur**: ${userAgent}\n\n👤 **Utilisateur**: ${userName} (*ID: ${userId}*)`,
                inline: false
            }],
            footer: {
                text: `📚 Journal des requêtes API | ${webhookId}`
            }
        }]
    };

    axios.post(url, data)
        .then(response => {
        })
        .catch(error => {
            console.error('Erreur lors de l\'envoi du webhook:', error);
        });
}


function discordWebhookSuspisiousAlertMiddleware(req, res, next) {
    const setupData = JSON.parse(fs.readFileSync(setupFilePath, 'utf-8'));
   
    res.on('finish', () => {
        const discordWebhookUrl = setupData[0].webhooks_discord;
        sendDiscordWebhook(discordWebhookUrl, req, res.statusCode);
    });
    next();
}

module.exports = discordWebhookSuspisiousAlertMiddleware;