-
-
Notifications
You must be signed in to change notification settings - Fork 50
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #403 from sinamics/stats-api
Added statistics api
- Loading branch information
Showing
15 changed files
with
288 additions
and
18 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
openapi: 3.1.0 | ||
info: | ||
title: ZTNet Statistics Rest API | ||
# version: 1.0.0 | ||
description: | | ||
Access the ZTNet Statistics API to get various statistics that can be used in 3rd party applications. | ||
Available from version v0.6.4. | ||
This interface is subject to a rate limit of 50 requests per minute to ensure service reliability. | ||
servers: | ||
- url: https://ztnet.network/api/v1 | ||
description: ZTNet API | ||
variables: | ||
version: | ||
default: v1 | ||
description: API version | ||
|
||
components: | ||
$ref: '../../_schema/security.yml#/components' | ||
|
||
security: | ||
- x-ztnet-auth: [] | ||
|
||
paths: | ||
/stats: | ||
get: | ||
summary: Returns statistics for ztnet | ||
description: | | ||
Returns various statistics that can be used in 3rd party applications. | ||
Available from version v0.6.4 | ||
operationId: getAppStats | ||
responses: | ||
200: | ||
description: An object of statistics | ||
content: | ||
application/json: | ||
schema: | ||
$ref: '../../_schema/StatsSchema.yml#/StatsResponse' | ||
example: | ||
$ref: '../../_example/StatsExample.yml#/StatsExample' | ||
401: | ||
$ref: '../../_http_responses/Unauthorized.yml#/Unauthorized' | ||
429: | ||
$ref: '../../_http_responses/RateLimitExceeded.yml#/RateLimitExceeded' | ||
500: | ||
$ref: '../../_http_responses/InternalServerError.yml#/InternalServerError' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
StatsExample: | ||
- users: 1 | ||
networks: 8 | ||
networkMembers: 7 | ||
appVersion: "v0.6.3" | ||
loginsLast24h: 1 | ||
pendingUserInvitations: 0 | ||
activeWebhooks: 0 | ||
ztnetUptime: 735.491790795 | ||
registrationEnabled: false | ||
hasPrivatRoot: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
StatsResponse: | ||
type: object | ||
properties: | ||
users: | ||
type: integer | ||
description: The number of users. | ||
networks: | ||
type: integer | ||
description: The number of networks. | ||
networkMembers: | ||
type: integer | ||
description: The total number of network members. | ||
appVersion: | ||
type: string | ||
description: The current version of the ztnet application. | ||
loginsLast24h: | ||
type: integer | ||
description: The number of logins in the last 24 hours. | ||
pendingUserInvitations: | ||
type: integer | ||
description: The number of pending user invitations. | ||
activeWebhooks: | ||
type: integer | ||
description: The number of active webhooks. | ||
ztnetUptime: | ||
type: number | ||
format: float | ||
description: The uptime of ztnet in minutes. | ||
registrationEnabled: | ||
type: boolean | ||
description: Indicates if registration is enabled. | ||
hasPrivatRoot: | ||
type: boolean | ||
description: Indicates if a private root is currently in use. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
import apiStatsHandler from "~/pages/api/v1/stats/index"; | ||
import { NextApiRequest, NextApiResponse } from "next"; | ||
|
||
describe("/api/stats", () => { | ||
it("should allow only GET method", async () => { | ||
const methods = ["DELETE", "POST", "PUT", "PATCH", "OPTIONS", "HEAD"]; | ||
const req = {} as NextApiRequest; | ||
const res = { | ||
status: jest.fn().mockReturnThis(), | ||
end: jest.fn(), | ||
json: jest.fn().mockReturnThis(), | ||
setHeader: jest.fn(), // Mock `setHeader` rate limiter uses it | ||
} as unknown as NextApiResponse; | ||
|
||
for (const method of methods) { | ||
req.method = method; | ||
await apiStatsHandler(req, res); | ||
|
||
expect(res.status).toHaveBeenCalledWith(405); | ||
|
||
// expect json to be called with text "Method Not Allowed" | ||
expect(res.json).toHaveBeenCalledWith( | ||
expect.objectContaining({ error: "Method Not Allowed" }), | ||
); | ||
} | ||
}); | ||
|
||
it("should respond 401 when invalid API key for GET", async () => { | ||
const req = { | ||
method: "GET", | ||
headers: { "x-ztnet-auth": "invalidApiKey" }, | ||
} as unknown as NextApiRequest; | ||
const res = { | ||
status: jest.fn().mockReturnThis(), | ||
end: jest.fn(), | ||
json: jest.fn().mockReturnThis(), | ||
setHeader: jest.fn(), // Mock `setHeader` rate limiter uses it | ||
} as unknown as NextApiResponse; | ||
|
||
await apiStatsHandler(req, res); | ||
|
||
expect(res.status).toHaveBeenCalledWith(401); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,106 @@ | ||
import type { NextApiRequest, NextApiResponse } from "next"; | ||
import { prisma } from "~/server/db"; | ||
import { AuthorizationType } from "~/types/apiTypes"; | ||
import { decryptAndVerifyToken } from "~/utils/encryption"; | ||
import { handleApiErrors } from "~/utils/errors"; | ||
import { globalSiteVersion } from "~/utils/global"; | ||
import rateLimit from "~/utils/rateLimit"; | ||
|
||
// Number of allowed requests per minute | ||
const limiter = rateLimit({ | ||
interval: 60 * 1000, // 60 seconds | ||
uniqueTokenPerInterval: 500, // Max 500 users per second | ||
}); | ||
|
||
const REQUEST_PR_MINUTE = 50; | ||
|
||
export default async function createStatsHandler( | ||
req: NextApiRequest, | ||
res: NextApiResponse, | ||
) { | ||
try { | ||
await limiter.check(res, REQUEST_PR_MINUTE, "CREATE_USER_CACHE_TOKEN"); // 10 requests per minute | ||
} catch { | ||
return res.status(429).json({ error: "Rate limit exceeded" }); | ||
} | ||
|
||
// create a switch based on the HTTP method | ||
switch (req.method) { | ||
case "GET": | ||
await GET_stats(req, res); | ||
break; | ||
default: // Method Not Allowed | ||
res.status(405).json({ error: "Method Not Allowed" }); | ||
break; | ||
} | ||
} | ||
|
||
export const GET_stats = async (req: NextApiRequest, res: NextApiResponse) => { | ||
const apiKey = req.headers["x-ztnet-auth"] as string; | ||
|
||
const requireAdmin = true; | ||
|
||
try { | ||
await decryptAndVerifyToken({ | ||
apiKey, | ||
apiAuthorizationType: AuthorizationType.PERSONAL, | ||
requireAdmin, | ||
}); | ||
|
||
// get number of users | ||
const users = await prisma.user.count(); | ||
|
||
// get number of networks | ||
const networks = await prisma.network.count(); | ||
|
||
// get number of members | ||
const networkMembers = await prisma.network_members.count(); | ||
|
||
// get application version | ||
const appVersion = globalSiteVersion; | ||
|
||
// get logins last 24 hours | ||
const loginsLast24h = await prisma.user.count({ | ||
where: { | ||
lastLogin: { | ||
gte: new Date(new Date().getTime() - 24 * 60 * 60 * 1000), | ||
}, | ||
}, | ||
}); | ||
|
||
// get UserInvitation | ||
const pendingUserInvitations = await prisma.userInvitation.count(); | ||
|
||
// get pending Webhook | ||
const activeWebhooks = await prisma.webhook.count(); | ||
|
||
// get uptime | ||
const ztnetUptime = process.uptime(); | ||
|
||
// get if customPlanetUsed is used | ||
const rootServer = await prisma.planet.count(); | ||
|
||
// get global options | ||
const globalOptions = await prisma.globalOptions.findFirst({ | ||
where: { | ||
id: 1, | ||
}, | ||
}); | ||
|
||
// return all json | ||
return res.status(200).json({ | ||
users, | ||
networks, | ||
networkMembers, | ||
appVersion, | ||
loginsLast24h, | ||
pendingUserInvitations, | ||
activeWebhooks, | ||
ztnetUptime, | ||
registrationEnabled: globalOptions?.enableRegistration || false, | ||
hasPrivatRoot: !!rootServer, | ||
}); | ||
} catch (cause) { | ||
return handleApiErrors(cause, res); | ||
} | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters