import { Request } from "express"; import { Authorized, Body, Delete, Get, HttpError, JsonController, OnUndefined, Param, Post, Put, QueryParam, Req, UseBefore } from 'routing-controllers'; import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi'; import { Repository, getConnection, getConnectionManager } from 'typeorm'; import { RunnerNotFoundError } from '../errors/RunnerErrors'; import { ScanIdsNotMatchingError, ScanNotFoundError } from '../errors/ScanErrors'; import { ScanStationNotFoundError } from '../errors/ScanStationErrors'; import ScanAuth from '../middlewares/ScanAuth'; import { deleteCardEntry, getCardEntry, setCardEntry } from '../nats/CardKV'; import { deleteRunnerEntry, getRunnerEntry, RunnerKVEntry, setRunnerEntry, warmRunner } from '../nats/RunnerKV'; import { getStationEntryById } from '../nats/StationKV'; import { CreateScan } from '../models/actions/create/CreateScan'; import { CreateTrackScan } from '../models/actions/create/CreateTrackScan'; import { UpdateScan } from '../models/actions/update/UpdateScan'; import { UpdateTrackScan } from '../models/actions/update/UpdateTrackScan'; import { RunnerCard } from '../models/entities/RunnerCard'; import { Scan } from '../models/entities/Scan'; import { TrackScan } from '../models/entities/TrackScan'; import { ResponseEmpty } from '../models/responses/ResponseEmpty'; import { ResponseScan } from '../models/responses/ResponseScan'; import { ResponseScanIntake, ResponseScanIntakeRunner } from '../models/responses/ResponseScanIntake'; import { ResponseTrackScan } from '../models/responses/ResponseTrackScan'; @JsonController('/scans') @OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) export class ScanController { private scanRepository: Repository; private trackScanRepository: Repository; /** * Gets the repository of this controller's model/entity. */ constructor() { this.scanRepository = getConnectionManager().get().getRepository(Scan); this.trackScanRepository = getConnectionManager().get().getRepository(TrackScan); } @Get() @Authorized("SCAN:GET") @ResponseSchema(ResponseScan, { isArray: true }) @ResponseSchema(ResponseTrackScan, { isArray: true }) @OpenAPI({ description: 'Lists all scans (normal or track) from all runners.
This includes the scan\'s runner\'s distance ran.' }) async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) { let responseScans: ResponseScan[] = new Array(); let scans: Array; if (page != undefined) { scans = await this.scanRepository.find({ relations: ['runner', 'track'], skip: page * page_size, take: page_size }); } else { scans = await this.scanRepository.find({ relations: ['runner', 'track'] }); } scans.forEach(scan => { responseScans.push(scan.toResponse()); }); return responseScans; } @Get('/:id') @Authorized("SCAN:GET") @ResponseSchema(ResponseScan) @ResponseSchema(ResponseTrackScan) @ResponseSchema(ScanNotFoundError, { statusCode: 404 }) @OnUndefined(ScanNotFoundError) @OpenAPI({ description: 'Lists all information about the scan whose id got provided. This includes the scan\'s runner\'s distance ran.' }) async getOne(@Param('id') id: number) { let scan = await this.scanRepository.findOne({ id: id }, { relations: ['runner', 'track', 'runner.group', 'card', 'station'] }) if (!scan) { throw new ScanNotFoundError(); } return scan.toResponse(); } @Post() @UseBefore(ScanAuth) @ResponseSchema(ResponseScan) @ResponseSchema(RunnerNotFoundError, { statusCode: 404 }) @OpenAPI({ description: 'Create a new scan (not track scan - use /scans/trackscans instead).
Please rmemember to provide the scan\'s runner\'s id and distance.', security: [{ "StationApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) async post(@Body({ validate: true }) createScan: CreateScan) { let scan = await createScan.toEntity(); scan = await this.scanRepository.save(scan); return (await this.scanRepository.findOne({ id: scan.id }, { relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] })).toResponse(); } @Post("/trackscans") @UseBefore(ScanAuth) @ResponseSchema(ResponseTrackScan) @ResponseSchema(ResponseScanIntake) @ResponseSchema(RunnerNotFoundError, { statusCode: 404 }) @OpenAPI({ description: 'Create a new track scan (for "normal" scans use /scans instead).
Please remember that to provide the scan\'s card\'s station\'s id.', security: [{ "StationApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) async postTrackScans(@Body({ validate: true }) createScan: CreateTrackScan, @Req() req: Request) { // Station token path — KV-backed intake flow if (req.isStationAuth) { return this.stationIntake(createScan.card, req.stationId); } // JWT path — existing full flow, unchanged createScan.station = createScan.station; let scan = await createScan.toEntity(); scan = await this.trackScanRepository.save(scan); return (await this.scanRepository.findOne({ id: scan.id }, { relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] })).toResponse(); } /** * KV-backed hot path for scan station submissions. * Zero DB reads on a fully warm cache. Fixes the race condition via CAS on the runner KV entry. */ private async stationIntake(rawCard: number, stationId: number): Promise { const MAX_RETRIES = 3; const cardId = rawCard % 200000000000; // --- Station (already verified by ScanAuth, just need track data) --- const stationEntry = await getStationEntryById(stationId); // stationEntry is always populated here — ScanAuth wrote it on the cold path const trackDistance = stationEntry.trackDistance; const minimumLapTime = stationEntry.minimumLapTime; // --- Card --- let cardEntry = await getCardEntry(cardId); if (!cardEntry) { // Cold path: load from DB and cache const card = await getConnection().getRepository(RunnerCard).findOne({ id: cardId }, { relations: ['runner'] }); if (!card) throw new ScanNotFoundError(); if (!card.runner) throw new RunnerNotFoundError(); cardEntry = { runnerId: card.runner.id, runnerDisplayName: `${card.runner.firstname} ${card.runner.lastname}`, enabled: card.enabled, }; await setCardEntry(cardId, cardEntry); } if (!cardEntry.enabled) throw new HttpError(400, 'Card is disabled.'); const runnerId = cardEntry.runnerId; // --- Runner state + CAS update (fixes race condition) --- const now = Math.round(Date.now() / 1000); let retries = 0; let response: ResponseScanIntake; while (retries < MAX_RETRIES) { // Get current runner state (warm or cold) let result = await getRunnerEntry(runnerId); if (!result) { const warmed = await warmRunner(runnerId); result = { entry: warmed, revision: undefined }; } const { entry, revision } = result; // Compute const lapTime = entry.latestTimestamp === 0 ? 0 : now - entry.latestTimestamp; const valid = minimumLapTime === 0 || lapTime > minimumLapTime; const newDistance = entry.totalDistance + (valid ? trackDistance : 0); const newTimestamp = valid ? now : entry.latestTimestamp; const updated: RunnerKVEntry = { displayName: entry.displayName, totalDistance: newDistance, latestTimestamp: newTimestamp, }; // CAS write — if revision is undefined (warmed this request), plain put const success = await setRunnerEntry(runnerId, updated, revision); if (!success) { retries++; continue; } // DB insert — synchronous, keeps DB as source of truth const newScan = new TrackScan(); newScan.runner = { id: runnerId } as any; newScan.card = { id: cardId } as any; newScan.station = { id: stationId } as any; newScan.track = { id: stationEntry.trackId } as any; newScan.timestamp = now; newScan.lapTime = lapTime; newScan.valid = valid; await this.trackScanRepository.save(newScan); const runnerInfo = new ResponseScanIntakeRunner(); runnerInfo.displayName = entry.displayName; runnerInfo.totalDistance = newDistance; response = new ResponseScanIntake(); response.accepted = true; response.valid = valid; response.lapTime = lapTime; response.runner = runnerInfo; return response; } throw new HttpError(409, 'Scan rejected: too many concurrent scans for this runner. Please retry.'); } @Put('/:id') @Authorized("SCAN:UPDATE") @ResponseSchema(ResponseScan) @ResponseSchema(ScanNotFoundError, { statusCode: 404 }) @ResponseSchema(RunnerNotFoundError, { statusCode: 404 }) @ResponseSchema(ScanIdsNotMatchingError, { statusCode: 406 }) @OpenAPI({ description: "Update the scan (not track scan use /scans/trackscans/:id instead) whose id you provided.
Please remember that ids can't be changed and distances must be positive." }) async put(@Param('id') id: number, @Body({ validate: true }) scan: UpdateScan) { let oldScan = await this.scanRepository.findOne({ id: id }, { relations: ['runner'] }); if (!oldScan) { throw new ScanNotFoundError(); } if (oldScan.id != scan.id) { throw new ScanIdsNotMatchingError(); } const runnerId = oldScan.runner?.id; await this.scanRepository.save(await scan.update(oldScan)); if (runnerId) await deleteRunnerEntry(runnerId); return (await this.scanRepository.findOne({ id: id }, { relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] })).toResponse(); } @Put('/trackscans/:id') @Authorized("SCAN:UPDATE") @ResponseSchema(ResponseTrackScan) @ResponseSchema(ScanNotFoundError, { statusCode: 404 }) @ResponseSchema(RunnerNotFoundError, { statusCode: 404 }) @ResponseSchema(ScanStationNotFoundError, { statusCode: 404 }) @ResponseSchema(ScanIdsNotMatchingError, { statusCode: 406 }) @OpenAPI({ description: 'Update the track scan (not "normal" scan use /scans/trackscans/:id instead) whose id you provided.
Please remember that only the validity, runner and track can be changed.' }) async putTrackScan(@Param('id') id: number, @Body({ validate: true }) scan: UpdateTrackScan) { let oldScan = await this.trackScanRepository.findOne({ id: id }, { relations: ['runner'] }); if (!oldScan) { throw new ScanNotFoundError(); } if (oldScan.id != scan.id) { throw new ScanIdsNotMatchingError(); } const runnerId = oldScan.runner?.id; await this.trackScanRepository.save(await scan.update(oldScan)); if (runnerId) await deleteRunnerEntry(runnerId); return (await this.scanRepository.findOne({ id: id }, { relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] })).toResponse(); } @Delete('/:id') @Authorized("SCAN:DELETE") @ResponseSchema(ResponseScan) @ResponseSchema(ResponseEmpty, { statusCode: 204 }) @OnUndefined(204) @OpenAPI({ description: 'Delete the scan whose id you provided.
If no scan with this id exists it will just return 204(no content).' }) async remove(@Param("id") id: number, @QueryParam("force") force: boolean) { let scan = await this.scanRepository.findOne({ id: id }); if (!scan) { return null; } const responseScan = await this.scanRepository.findOne({ id: scan.id }, { relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] }); await this.scanRepository.delete(scan); return responseScan.toResponse(); } }