diff options
| author | Pitu <[email protected]> | 2018-09-16 00:39:58 -0300 |
|---|---|---|
| committer | Pitu <[email protected]> | 2018-09-16 00:39:58 -0300 |
| commit | 868f4a64eca3fb38fbfa12e7b9a9d0d4a374f369 (patch) | |
| tree | 4b825dc642cb6eb9a060e54bf8d69288fbee4904 /controllers | |
| parent | Merge pull request #149 from iilukas/patch-1 (diff) | |
| download | host.fuwn.me-868f4a64eca3fb38fbfa12e7b9a9d0d4a374f369.tar.xz host.fuwn.me-868f4a64eca3fb38fbfa12e7b9a9d0d4a374f369.zip | |
Begone!
Diffstat (limited to 'controllers')
| -rw-r--r-- | controllers/albumsController.js | 179 | ||||
| -rw-r--r-- | controllers/authController.js | 91 | ||||
| -rw-r--r-- | controllers/tokenController.js | 34 | ||||
| -rw-r--r-- | controllers/uploadController.js | 311 | ||||
| -rw-r--r-- | controllers/utilsController.js | 67 |
5 files changed, 0 insertions, 682 deletions
diff --git a/controllers/albumsController.js b/controllers/albumsController.js deleted file mode 100644 index a395f9b..0000000 --- a/controllers/albumsController.js +++ /dev/null @@ -1,179 +0,0 @@ -const config = require('../config.js'); -const db = require('knex')(config.database); -const randomstring = require('randomstring'); -const utils = require('./utilsController.js'); -const path = require('path'); -const fs = require('fs'); -const Zip = require('jszip'); -const albumsController = {}; - -albumsController.list = async (req, res, next) => { - const user = await utils.authorize(req, res); - - const fields = ['id', 'name']; - if (req.params.sidebar === undefined) { - fields.push('timestamp'); - fields.push('identifier'); - } - - const albums = await db.table('albums').select(fields).where({ enabled: 1, userid: user.id }); - if (req.params.sidebar !== undefined) { - return res.json({ success: true, albums }); - } - - let ids = []; - for (let album of albums) { - album.date = new Date(album.timestamp * 1000); - album.date = utils.getPrettyDate(album.date); - - album.identifier = `${config.domain}/a/${album.identifier}`; - ids.push(album.id); - } - - const files = await db.table('files').whereIn('albumid', ids).select('albumid'); - const albumsCount = {}; - - for (let id of ids) albumsCount[id] = 0; - for (let file of files) albumsCount[file.albumid] += 1; - for (let album of albums) album.files = albumsCount[album.id]; - - return res.json({ success: true, albums }); -}; - -albumsController.create = async (req, res, next) => { - const user = await utils.authorize(req, res); - - const name = req.body.name; - if (name === undefined || name === '') { - return res.json({ success: false, description: 'No album name specified' }); - } - - const album = await db.table('albums').where({ - name: name, - enabled: 1, - userid: user.id - }).first(); - - if (album) { - return res.json({ success: false, description: 'There\'s already an album with that name' }); - } - - await db.table('albums').insert({ - name: name, - enabled: 1, - userid: user.id, - identifier: randomstring.generate(8), - timestamp: Math.floor(Date.now() / 1000) - }); - - return res.json({ success: true }); -}; - -albumsController.delete = async (req, res, next) => { - const user = await utils.authorize(req, res); - - const id = req.body.id; - if (id === undefined || id === '') { - return res.json({ success: false, description: 'No album specified' }); - } - - await db.table('albums').where({ id: id, userid: user.id }).update({ enabled: 0 }); - return res.json({ success: true }); -}; - -albumsController.rename = async (req, res, next) => { - const user = await utils.authorize(req, res); - - const id = req.body.id; - if (id === undefined || id === '') { - return res.json({ success: false, description: 'No album specified' }); - } - - const name = req.body.name; - if (name === undefined || name === '') { - return res.json({ success: false, description: 'No name specified' }); - } - - const album = await db.table('albums').where({ name: name, userid: user.id }).first(); - if (album) { - return res.json({ success: false, description: 'Name already in use' }); - } - - await db.table('albums').where({ id: id, userid: user.id }).update({ name: name }); - return res.json({ success: true }); -}; - -albumsController.get = async (req, res, next) => { - const identifier = req.params.identifier; - if (identifier === undefined) return res.status(401).json({ success: false, description: 'No identifier provided' }); - - const album = await db.table('albums').where({ identifier, enabled: 1 }).first(); - if (!album) return res.json({ success: false, description: 'Album not found' }); - - const title = album.name; - const files = await db.table('files').select('name').where('albumid', album.id).orderBy('id', 'DESC'); - - for (let file of files) { - file.file = `${config.domain}/${file.name}`; - - const ext = path.extname(file.name).toLowerCase(); - if (utils.imageExtensions.includes(ext) || utils.videoExtensions.includes(ext)) { - file.thumb = `${config.domain}/thumbs/${file.name.slice(0, -ext.length)}.png`; - } - } - - return res.json({ - success: true, - title: title, - count: files.length, - files - }); -}; - - -albumsController.generateZip = async (req, res, next) => { - const identifier = req.params.identifier; - if (identifier === undefined) return res.status(401).json({ success: false, description: 'No identifier provided' }); - if (!config.uploads.generateZips) return res.status(401).json({ success: false, description: 'Zip generation disabled' }); - - const album = await db.table('albums').where({ identifier, enabled: 1 }).first(); - if (!album) return res.json({ success: false, description: 'Album not found' }); - - if (album.zipGeneratedAt > album.editedAt) { - const filePath = path.join(config.uploads.folder, 'zips', `${identifier}.zip`); - const fileName = `${album.name}.zip`; - return res.download(filePath, fileName); - } else { - console.log(`Generating zip for album identifier: ${identifier}`); - const files = await db.table('files').select('name').where('albumid', album.id); - if (files.length === 0) return res.json({ success: false, description: 'There are no files in the album' }); - - const zipPath = path.join(__dirname, '..', config.uploads.folder, 'zips', `${album.identifier}.zip`); - let archive = new Zip(); - - for (let file of files) { - try { - const exists = fs.statSync(path.join(__dirname, '..', config.uploads.folder, file.name)); - archive.file(file.name, fs.readFileSync(path.join(__dirname, '..', config.uploads.folder, file.name))); - } catch (err) { - console.log(err); - } - } - - archive - .generateNodeStream({ type: 'nodebuffer', streamFiles: true }) - .pipe(fs.createWriteStream(zipPath)) - .on('finish', async () => { - console.log(`Generated zip for album identifier: ${identifier}`); - await db.table('albums') - .where('id', album.id) - .update({ zipGeneratedAt: Math.floor(Date.now() / 1000) }); - - const filePath = path.join(config.uploads.folder, 'zips', `${identifier}.zip`); - const fileName = `${album.name}.zip`; - return res.download(filePath, fileName); - }); - } -}; - -module.exports = albumsController; diff --git a/controllers/authController.js b/controllers/authController.js deleted file mode 100644 index eb7df09..0000000 --- a/controllers/authController.js +++ /dev/null @@ -1,91 +0,0 @@ -const config = require('../config.js'); -const db = require('knex')(config.database); -const bcrypt = require('bcrypt'); -const randomstring = require('randomstring'); -const utils = require('./utilsController.js'); - -let authController = {}; - -authController.verify = async (req, res, next) => { - const username = req.body.username; - const password = req.body.password; - - if (username === undefined) return res.json({ success: false, description: 'No username provided' }); - if (password === undefined) return res.json({ success: false, description: 'No password provided' }); - - const user = await db.table('users').where('username', username).first(); - if (!user) return res.json({ success: false, description: 'Username doesn\'t exist' }); - if (user.enabled === false || user.enabled === 0) return res.json({ - success: false, - description: 'This account has been disabled' - }); - - bcrypt.compare(password, user.password, (err, result) => { - if (err) { - console.log(err); - return res.json({ success: false, description: 'There was an error' }); - } - if (result === false) return res.json({ success: false, description: 'Wrong password' }); - return res.json({ success: true, token: user.token }); - }); -}; - -authController.register = async (req, res, next) => { - if (config.enableUserAccounts === false) { - return res.json({ success: false, description: 'Register is disabled at the moment' }); - } - - const username = req.body.username; - const password = req.body.password; - - if (username === undefined) return res.json({ success: false, description: 'No username provided' }); - if (password === undefined) return res.json({ success: false, description: 'No password provided' }); - - if (username.length < 4 || username.length > 32) { - return res.json({ success: false, description: 'Username must have 4-32 characters' }); - } - if (password.length < 6 || password.length > 64) { - return res.json({ success: false, description: 'Password must have 6-64 characters' }); - } - - const user = await db.table('users').where('username', username).first(); - if (user) return res.json({ success: false, description: 'Username already exists' }); - - bcrypt.hash(password, 10, async (err, hash) => { - if (err) { - console.log(err); - return res.json({ success: false, description: 'Error generating password hash (╯°□°)╯︵ ┻━┻' }); - } - const token = randomstring.generate(64); - await db.table('users').insert({ - username: username, - password: hash, - token: token, - enabled: 1 - }); - return res.json({ success: true, token: token }); - }); -}; - -authController.changePassword = async (req, res, next) => { - const user = await utils.authorize(req, res); - - let password = req.body.password; - if (password === undefined) return res.json({ success: false, description: 'No password provided' }); - - if (password.length < 6 || password.length > 64) { - return res.json({ success: false, description: 'Password must have 6-64 characters' }); - } - - bcrypt.hash(password, 10, async (err, hash) => { - if (err) { - console.log(err); - return res.json({ success: false, description: 'Error generating password hash (╯°□°)╯︵ ┻━┻' }); - } - - await db.table('users').where('id', user.id).update({ password: hash }); - return res.json({ success: true }); - }); -}; - -module.exports = authController; diff --git a/controllers/tokenController.js b/controllers/tokenController.js deleted file mode 100644 index cbcc550..0000000 --- a/controllers/tokenController.js +++ /dev/null @@ -1,34 +0,0 @@ -const config = require('../config.js'); -const db = require('knex')(config.database); -const randomstring = require('randomstring'); -const utils = require('./utilsController.js'); - -const tokenController = {}; - -tokenController.verify = async (req, res, next) => { - const token = req.body.token; - if (token === undefined) return res.status(401).json({ success: false, description: 'No token provided' }); - - const user = await db.table('users').where('token', token).first(); - if (!user) return res.status(401).json({ success: false, description: 'Invalid token' }); - return res.json({ success: true, username: user.username }); -}; - -tokenController.list = async (req, res, next) => { - const user = await utils.authorize(req, res); - return res.json({ success: true, token: user.token }); -}; - -tokenController.change = async (req, res, next) => { - const user = await utils.authorize(req, res); - const newtoken = randomstring.generate(64); - - await db.table('users').where('token', user.token).update({ - token: newtoken, - timestamp: Math.floor(Date.now() / 1000) - }); - - res.json({ success: true, token: newtoken }); -}; - -module.exports = tokenController; diff --git a/controllers/uploadController.js b/controllers/uploadController.js deleted file mode 100644 index d5615d0..0000000 --- a/controllers/uploadController.js +++ /dev/null @@ -1,311 +0,0 @@ -const config = require('../config.js'); -const path = require('path'); -const multer = require('multer'); -const randomstring = require('randomstring'); -const db = require('knex')(config.database); -const crypto = require('crypto'); -const fs = require('fs'); -const utils = require('./utilsController.js'); - -const uploadsController = {}; - -// Let's default it to only 1 try -const maxTries = config.uploads.maxTries || 1; -const uploadDir = path.join(__dirname, '..', config.uploads.folder); - -const storage = multer.diskStorage({ - destination: function(req, file, cb) { - cb(null, uploadDir); - }, - filename: function(req, file, cb) { - const access = i => { - const name = randomstring.generate(config.uploads.fileLength) + path.extname(file.originalname); - fs.access(path.join(uploadDir, name), err => { - if (err) return cb(null, name); - console.log(`A file named "${name}" already exists (${++i}/${maxTries}).`); - if (i < maxTries) return access(i); - return cb('Could not allocate a unique file name. Try again?'); - }); - }; - access(0); - } -}); - -const upload = multer({ - storage: storage, - limits: { fileSize: config.uploads.maxSize }, - fileFilter: function(req, file, cb) { - if (config.blockedExtensions !== undefined) { - if (config.blockedExtensions.some(extension => path.extname(file.originalname).toLowerCase() === extension)) { - return cb('This file extension is not allowed'); - } - return cb(null, true); - } - return cb(null, true); - } -}).array('files[]'); - -uploadsController.upload = async (req, res, next) => { - if (config.private === true) { - await utils.authorize(req, res); - } - - const token = req.headers.token || ''; - const user = await db.table('users').where('token', token).first(); - if (user && (user.enabled === false || user.enabled === 0)) return res.json({ - success: false, - description: 'This account has been disabled' - }); - const albumid = req.headers.albumid || req.params.albumid; - - if (albumid && user) { - const album = await db.table('albums').where({ id: albumid, userid: user.id }).first(); - if (!album) { - return res.json({ - success: false, - description: 'Album doesn\'t exist or it doesn\'t belong to the user' - }); - } - return uploadsController.actuallyUpload(req, res, user, albumid); - } - return uploadsController.actuallyUpload(req, res, user, albumid); -}; - -uploadsController.actuallyUpload = async (req, res, userid, albumid) => { - upload(req, res, async err => { - if (err) { - console.error(err); - return res.json({ success: false, description: err }); - } - - if (req.files.length === 0) return res.json({ success: false, description: 'no-files' }); - - const files = []; - const existingFiles = []; - let iteration = 1; - - req.files.forEach(async file => { - // Check if the file exists by checking hash and size - let hash = crypto.createHash('md5'); - let stream = fs.createReadStream(path.join(__dirname, '..', config.uploads.folder, file.filename)); - - stream.on('data', data => { - hash.update(data, 'utf8'); - }); - - stream.on('end', async () => { - const fileHash = hash.digest('hex'); - const dbFile = await db.table('files') - .where(function() { - if (userid === undefined) this.whereNull('userid'); - else this.where('userid', userid.id); - }) - .where({ - hash: fileHash, - size: file.size - }) - .first(); - - if (!dbFile) { - files.push({ - name: file.filename, - original: file.originalname, - type: file.mimetype, - size: file.size, - hash: fileHash, - ip: req.ip, - albumid: albumid, - userid: userid !== undefined ? userid.id : null, - timestamp: Math.floor(Date.now() / 1000) - }); - } else { - uploadsController.deleteFile(file.filename).then(() => {}).catch(err => console.error(err)); - existingFiles.push(dbFile); - } - - if (iteration === req.files.length) { - return uploadsController.processFilesForDisplay(req, res, files, existingFiles, albumid); - } - iteration++; - }); - }); - }); -}; - -uploadsController.processFilesForDisplay = async (req, res, files, existingFiles, albumid) => { - let basedomain = config.domain; - if (files.length === 0) { - return res.json({ - success: true, - files: existingFiles.map(file => { - return { - name: file.name, - size: file.size, - url: `${basedomain}/${file.name}` - }; - }) - }); - } - - await db.table('files').insert(files); - for (let efile of existingFiles) files.push(efile); - - for (let file of files) { - let ext = path.extname(file.name).toLowerCase(); - if (utils.imageExtensions.includes(ext) || utils.videoExtensions.includes(ext)) { - file.thumb = `${basedomain}/thumbs/${file.name.slice(0, -ext.length)}.png`; - utils.generateThumbs(file); - } - } - - let albumSuccess = true; - if (albumid) { - const editedAt = Math.floor(Date.now() / 1000) - albumSuccess = await db.table('albums') - .where('id', albumid) - .update('editedAt', editedAt) - .then(() => true) - .catch(error => { - console.log(error); - return false; - }); - } - - return res.json({ - success: albumSuccess, - description: albumSuccess ? null : 'Warning: Error updating album.', - files: files.map(file => { - return { - name: file.name, - size: file.size, - url: `${basedomain}/${file.name}` - }; - }) - }); -}; - -uploadsController.delete = async (req, res) => { - const user = await utils.authorize(req, res); - const id = req.body.id; - if (id === undefined || id === '') { - return res.json({ success: false, description: 'No file specified' }); - } - - const file = await db.table('files') - .where('id', id) - .where(function() { - if (user.username !== 'root') { - this.where('userid', user.id); - } - }) - .first(); - - try { - await uploadsController.deleteFile(file.name); - await db.table('files').where('id', id).del(); - if (file.albumid) { - await db.table('albums').where('id', file.albumid).update('editedAt', Math.floor(Date.now() / 1000)); - } - } catch (err) { - console.log(err); - } - - return res.json({ success: true }); -}; - -uploadsController.deleteFile = function(file) { - const ext = path.extname(file).toLowerCase(); - return new Promise((resolve, reject) => { - fs.stat(path.join(__dirname, '..', config.uploads.folder, file), (err, stats) => { - if (err) { return reject(err); } - fs.unlink(path.join(__dirname, '..', config.uploads.folder, file), err => { - if (err) { return reject(err); } - if (!utils.imageExtensions.includes(ext) && !utils.videoExtensions.includes(ext)) { - return resolve(); - } - file = file.substr(0, file.lastIndexOf('.')) + '.png'; - fs.stat(path.join(__dirname, '..', config.uploads.folder, 'thumbs/', file), (err, stats) => { - if (err) { - console.log(err); - return resolve(); - } - fs.unlink(path.join(__dirname, '..', config.uploads.folder, 'thumbs/', file), err => { - if (err) { return reject(err); } - return resolve(); - }); - }); - }); - }); - }); -}; - -uploadsController.list = async (req, res) => { - const user = await utils.authorize(req, res); - - let offset = req.params.page; - if (offset === undefined) offset = 0; - - const files = await db.table('files') - .where(function() { - if (req.params.id === undefined) this.where('id', '<>', ''); - else this.where('albumid', req.params.id); - }) - .where(function() { - if (user.username !== 'root') this.where('userid', user.id); - }) - .orderBy('id', 'DESC') - .limit(25) - .offset(25 * offset) - .select('id', 'albumid', 'timestamp', 'name', 'userid'); - - const albums = await db.table('albums'); - let basedomain = config.domain; - let userids = []; - - for (let file of files) { - file.file = `${basedomain}/${file.name}`; - file.date = new Date(file.timestamp * 1000); - file.date = utils.getPrettyDate(file.date); - - file.album = ''; - - if (file.albumid !== undefined) { - for (let album of albums) { - if (file.albumid === album.id) { - file.album = album.name; - } - } - } - - // Only push usernames if we are root - if (user.username === 'root') { - if (file.userid !== undefined && file.userid !== null && file.userid !== '') { - userids.push(file.userid); - } - } - - let ext = path.extname(file.name).toLowerCase(); - if (utils.imageExtensions.includes(ext) || utils.videoExtensions.includes(ext)) { - file.thumb = `${basedomain}/thumbs/${file.name.slice(0, -ext.length)}.png`; - } - } - - // If we are a normal user, send response - if (user.username !== 'root') return res.json({ success: true, files }); - - // If we are root but there are no uploads attached to a user, send response - if (userids.length === 0) return res.json({ success: true, files }); - - const users = await db.table('users').whereIn('id', userids); - for (let dbUser of users) { - for (let file of files) { - if (file.userid === dbUser.id) { - file.username = dbUser.username; - } - } - } - - return res.json({ success: true, files }); -}; - -module.exports = uploadsController; diff --git a/controllers/utilsController.js b/controllers/utilsController.js deleted file mode 100644 index bc182b7..0000000 --- a/controllers/utilsController.js +++ /dev/null @@ -1,67 +0,0 @@ -const path = require('path'); -const config = require('../config.js'); -const fs = require('fs'); -const gm = require('gm'); -const ffmpeg = require('fluent-ffmpeg'); -const db = require('knex')(config.database); - -const utilsController = {}; -utilsController.imageExtensions = ['.jpg', '.jpeg', '.bmp', '.gif', '.png']; -utilsController.videoExtensions = ['.webm', '.mp4', '.wmv', '.avi', '.mov']; - -utilsController.getPrettyDate = function(date) { - return date.getFullYear() + '-' - + (date.getMonth() + 1) + '-' - + date.getDate() + ' ' - + (date.getHours() < 10 ? '0' : '') - + date.getHours() + ':' - + (date.getMinutes() < 10 ? '0' : '') - + date.getMinutes() + ':' - + (date.getSeconds() < 10 ? '0' : '') - + date.getSeconds(); -}; - -utilsController.authorize = async (req, res) => { - const token = req.headers.token; - if (token === undefined) return res.status(401).json({ success: false, description: 'No token provided' }); - - const user = await db.table('users').where('token', token).first(); - if (!user) return res.status(401).json({ success: false, description: 'Invalid token' }); - return user; -}; - -utilsController.generateThumbs = function(file, basedomain) { - if (config.uploads.generateThumbnails !== true) return; - const ext = path.extname(file.name).toLowerCase(); - - let thumbname = path.join(__dirname, '..', config.uploads.folder, 'thumbs', file.name.slice(0, -ext.length) + '.png'); - fs.access(thumbname, err => { - if (err && err.code === 'ENOENT') { - if (utilsController.videoExtensions.includes(ext)) { - ffmpeg(path.join(__dirname, '..', config.uploads.folder, file.name)) - .thumbnail({ - timestamps: [0], - filename: '%b.png', - folder: path.join(__dirname, '..', config.uploads.folder, 'thumbs'), - size: '200x?' - }) - .on('error', error => console.log('Error - ', error.message)); - } else { - let size = { - width: 200, - height: 200 - }; - gm(path.join(__dirname, '..', config.uploads.folder, file.name)) - .resize(size.width, size.height + '>') - .gravity('Center') - .extent(size.width, size.height) - .background('transparent') - .write(thumbname, error => { - if (error) console.log('Error - ', error); - }); - } - } - }); -}; - -module.exports = utilsController; |