flo-bit.dev
your personal website on atproto - mirror
blento.app
1import { json } from '@sveltejs/kit';
2import { verifyDomainDns } from '$lib/dns';
3
4const EXPECTED_TARGET = 'blento-proxy.fly.dev';
5
6export async function POST({ request }) {
7 let body: { domain: string };
8 try {
9 body = await request.json();
10 } catch {
11 return json({ error: 'Invalid JSON body' }, { status: 400 });
12 }
13
14 const { domain } = body;
15
16 if (!domain) {
17 return json({ error: 'Missing required field: domain' }, { status: 400 });
18 }
19
20 // Validate domain format
21 if (
22 !/^[a-zA-Z0-9]([a-zA-Z0-9-]*[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9-]*[a-zA-Z0-9])?)+$/.test(
23 domain
24 )
25 ) {
26 return json({ error: 'Invalid domain format' }, { status: 400 });
27 }
28
29 // Verify DNS by querying authoritative nameservers directly.
30 // This gives instant, accurate results instead of relying on cached resolvers.
31 // Checks CNAME for subdomains and A records for root/apex domains.
32 // See: https://jacob.gold/posts/stop-telling-users-their-dns-is-wrong/
33 try {
34 const result = await verifyDomainDns(domain, EXPECTED_TARGET);
35 if (!result.ok) {
36 return json({ error: result.error, hint: result.hint }, { status: 400 });
37 }
38 } catch {
39 return json({ error: 'Failed to verify DNS records.' }, { status: 500 });
40 }
41
42 return json({ success: true });
43}