// site-tripwire.js
// Copyright (C) 2024 DTP Technologies, LLC
// All Rights Reserved

'use strict';

import path from 'node:path';
import { SiteLog } from './site-log.js';

export class SiteTripwire {

  constructor (dtp) {
    this.dtp = dtp;
    this.log = new SiteLog(this, 'Harness');
  }

  async start ( ) {
    this.blockedPaths = (await import(path.join(this.dtp.config.root, 'config', 'tripwire.js'))).default;
  }

  async guard (req, res, next) {
    // Tripwire looks for known-bad URLs, malicious URLs, and requests that indicate
    // the client is "snooping" and shuts them down.
    const path = this.blockedPaths.find((path) => req.path.startsWith(path));
    if (!path) {
      return next();
    }

    this.log.alert('tripwire path requested', { path, ip: req.ip });
    return res.status(403).end();
  }
}