Changed from ip whitelist to token based auth

author: kanadeko <[email protected]> 2017-01-14 18:13:58 -0300
committer: kanadeko <[email protected]> 2017-01-14 18:13:58 -0300
commit: b81cf72ac41f61e48a86d699e12fcfc327cefb14 (patch)
tree: c64cdd3d6df48a1969148f7b0fca2cbd60568ded /controllers/uploadController.js
parent: Update config.sample.js (diff)
download: host.fuwn.me-b81cf72ac41f61e48a86d699e12fcfc327cefb14.tar.xz
host.fuwn.me-b81cf72ac41f61e48a86d699e12fcfc327cefb14.zip
1 files changed, 5 insertions, 4 deletions
diff --git a/controllers/uploadController.js b/controllers/uploadController.js
index 259e824..7754261 100644
--- a/controllers/uploadController.js
+++ b/controllers/uploadController.js
@@ -22,10 +22,11 @@ const upload = multer({
 
 uploadsController.upload = function(req, res, next){
 
-	let gallery = req.headers.gallery
+	if(config.TOKEN !== '')
+		if(req.headers.auth !== config.TOKEN)
+			return res.status(401).send('not-authorized')
 
-	if(!config.privacy.public)
-		if(!config.privacy.IPs.includes(req.ip)) return res.status(401).send('not-authorized')
+	let gallery = req.headers.gallery
 	
 	upload(req, res, function (err) {
 		if (err) {
@@ -38,7 +39,7 @@ uploadsController.upload = function(req, res, next){
 			galleryid: gallery
 		}).then(() => {
 			return res.json({
-				'filename': req.file.filename
+				'url': config.uploads.basedomain + req.file.filename
 			})
 		})
author	kanadeko <[email protected]>	2017-01-14 18:13:58 -0300
committer	kanadeko <[email protected]>	2017-01-14 18:13:58 -0300
commit	b81cf72ac41f61e48a86d699e12fcfc327cefb14 (patch)
tree	c64cdd3d6df48a1969148f7b0fca2cbd60568ded /controllers/uploadController.js
parent	Update config.sample.js (diff)
download	host.fuwn.me-b81cf72ac41f61e48a86d699e12fcfc327cefb14.tar.xz host.fuwn.me-b81cf72ac41f61e48a86d699e12fcfc327cefb14.zip