[CON-546] Check blacklist and record track listen in stream route (#4636

)

Co-authored-by: Saliou Diallo <saliou@audius.co>

creator-node/src/contentAccess/contentAccessChecker.ts

@@ -33,7 +33,12 @@ export async function checkCIDAccess({
     }
   }
 
-  const { cid: copy320CID, timestamp: signedTimestamp, shouldCache } = data
+  const {
+    cid: copy320CID,
+    trackId,
+    timestamp: signedTimestamp,
+    shouldCache
+  } = data
 
   if (copy320CID !== cid) {
     return {
@@ -58,6 +63,7 @@ export async function checkCIDAccess({
 
   return {
     isValidRequest: true,
+    trackId,
     error: null,
     shouldCache: !!shouldCache
   }

creator-node/src/contentAccess/types.ts

@@ -28,7 +28,7 @@ export type SignedData = {
 }
 
 export type CheckAccessResponse =
-  | { isValidRequest: true; shouldCache: boolean; error: null }
+  | { isValidRequest: true; trackId: number; shouldCache: boolean; error: null }
   | {
       isValidRequest: false
       shouldCache: false

creator-node/src/middlewares/contentAccess/contentAccessMiddleware.ts

@@ -50,14 +50,15 @@ export const contentAccessMiddleware = async (
     const { libs, redis } = serviceRegistry
     const logger = req.logger as Logger
 
-    const { isValidRequest, shouldCache, error } = await checkCIDAccess({
+    const cidAccess = await checkCIDAccess({
       cid,
       data,
       signature,
       libs,
       logger,
       redis
     })
+    const { isValidRequest, shouldCache, error } = cidAccess
     if (!isValidRequest) {
       switch (error) {
         case 'InvalidDiscoveryNode':
@@ -92,6 +93,8 @@ export const contentAccessMiddleware = async (
     // We need the info because if the content is gated, then we need to set
     // the cache-control response header to no-cache so that nginx does not cache it.
     ;(req as any).shouldCache = shouldCache
+    // Set the trackId as the next middleware will need to check against the blacklist.
+    ;(req as any).trackId = cidAccess.trackId
 
     return next()
   } catch (e: any) {

creator-node/src/routes/tracks.js

@@ -959,6 +959,69 @@ router.get(
  * Gets a streamable mp3 link for a track by encodedId. Supports range request headers.
  * @dev - Wrapper around getCID, which retrieves track given its CID.
  **/
-router.get('/tracks/cidstream/:CID', contentAccessMiddleware, getCID)
+router.get(
+  '/tracks/cidstream/:CID',
+  contentAccessMiddleware,
+  async (req, res, next) => {
+    const libs = req.app.get('audiusLibs')
+    const redisClient = req.app.get('redisClient')
+    const delegateOwnerWallet = config.get('delegateOwnerWallet')
+
+    const trackId = req.trackId
+    const CID = req.params.CID
+
+    if (!trackId) {
+      return sendResponse(
+        req,
+        res,
+        errorResponseBadRequest('Please provide a track ID')
+      )
+    }
+
+    const trackIdBlacklisted = await BlacklistManager.trackIdIsInBlacklist(
+      trackId
+    )
+    const cidBlacklisted = await BlacklistManager.CIDIsInBlacklist(CID)
+    const isNotServable = cidBlacklisted || trackIdBlacklisted
+    if (isNotServable) {
+      return sendResponse(
+        req,
+        res,
+        errorResponseForbidden(
+          `trackId=${trackId} cannot be served by this node`
+        )
+      )
+    }
+
+    if (libs.identityService) {
+      req.logger.info(
+        `Logging listen for track ${trackId} by ${delegateOwnerWallet}`
+      )
+      const signatureData = generateListenTimestampAndSignature(
+        config.get('delegatePrivateKey')
+      )
+      // Fire and forget listen recording
+      // TODO: Consider queueing these requests
+      libs.identityService.logTrackListen(
+        trackId,
+        delegateOwnerWallet,
+        req.ip,
+        signatureData
+      )
+    }
+
+    req.params.streamable = true
+    res.set('Content-Type', 'audio/mpeg')
+    res.set('Copy320-CID', CID)
+    await redisClient.set(
+      `trackStreamCache:::${trackId}`,
+      CID,
+      'EX',
+      60 * 60 /* one hour */
+    )
+    next()
+  },
+  getCID
+)
 
 module.exports = router

creator-node/test/contentAccessChecker.test.ts

@@ -128,6 +128,7 @@ describe('Test content access', function () {
       assert.deepStrictEqual(access, {
         isValidRequest: true,
         error: null,
+        trackId,
         shouldCache: true
       })
     })