khalidadil/dynamic-sites-simple
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ec92b6c7c668941612ff1a8f714865d287e34269
dynamic-sites-simple/server/src/sms/config.ts
Khalid A ec92b6c7c6 Fix SMS echo loop and empty manifest in Docker 
Two bugs fixed:

1. SMS echo loop: Telnyx delivers our own outbound messages back to the
   webhook, causing the system to process its own replies as new requests.
   Added isOwnNumber() check to skip messages from system phone numbers.

2. Sender authorization: Added findAuthorizedSite() to verify that the
   sender is in the allowedSenders list for the receiving phone number,
   preventing unauthorized messages from being processed.

3. Empty manifest: The server Dockerfile runs from /app/server/ but
   REPO_ROOT defaulted to '.', causing content/sections/ to resolve to
   /app/server/content/sections/ (doesn't exist) instead of
   /app/content/sections/. Added ENV REPO_ROOT=/app to the Dockerfile.

Added new sms/config.ts module that loads config/sms-sites.json at
runtime (with 60-second cache) and provides isOwnNumber() and
findAuthorizedSite() checks.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-17 20:40:52 -05:00

57 lines
2.0 KiB
TypeScript
Raw Blame History

import fs from 'node:fs';
import path from 'node:path';
import { smsSitesConfigSchema, type SmsSitesConfig } from '@dynamic-sites/shared';
import { logger } from '../logger.js';
const REPO_ROOT = process.env.REPO_ROOT || '.';
const CONFIG_PATH = path.join(REPO_ROOT, 'config/sms-sites.json');
let cachedConfig: SmsSitesConfig | null = null;
let configLoadedAt = 0;
const CONFIG_TTL_MS = 60_000; // Reload every minute
function loadConfig(): SmsSitesConfig | null {
const now = Date.now();
if (cachedConfig && now - configLoadedAt < CONFIG_TTL_MS) return cachedConfig;
try {
const raw = fs.readFileSync(CONFIG_PATH, 'utf-8');
const parsed = JSON.parse(raw);
const result = smsSitesConfigSchema.safeParse(parsed);
if (!result.success) {
logger.warn({ event: 'sms.config_invalid', errors: result.error.message }, 'Invalid SMS sites config');
return cachedConfig;
}
cachedConfig = result.data;
configLoadedAt = now;
return cachedConfig;
} catch (err) {
logger.warn({ event: 'sms.config_missing', error: (err as Error).message }, 'Could not load SMS sites config');
return cachedConfig;
}
}
/**
* Check if a phone number is one of our own system numbers (the Telnyx numbers we send from).
* Used to filter out Telnyx delivery receipts / echo of our own sent messages.
*/
export function isOwnNumber(phone: string): boolean {
const config = loadConfig();
if (!config) return false;
return config.sites.some(site => site.phoneNumber === phone);
}
/**
* Check if a sender is authorized to make edits for a given site.
* Returns the matching site config if authorized, or null.
*/
export function findAuthorizedSite(from: string, to: string): { siteId: string; repoRoot: string } | null {
const config = loadConfig();
if (!config) return null;
const site = config.sites.find(site =>
site.phoneNumber === to && site.allowedSenders.includes(from)
);
if (!site) return null;
return { siteId: site.siteId, repoRoot: site.repoRoot || '.' };
}
Reference in New Issue View Git Blame Copy Permalink