diff options
Diffstat (limited to 'src/api/routes')
| -rw-r--r-- | src/api/routes/albums/albumDELETE.js | 4 | ||||
| -rw-r--r-- | src/api/routes/albums/albumGET.js | 4 | ||||
| -rw-r--r-- | src/api/routes/albums/albumPOST.js | 4 | ||||
| -rw-r--r-- | src/api/routes/albums/albumZipGET.js | 8 | ||||
| -rw-r--r-- | src/api/routes/albums/albumsGET.js | 6 | ||||
| -rw-r--r-- | src/api/routes/albums/link/linkEditPOST.js | 4 | ||||
| -rw-r--r-- | src/api/routes/albums/link/linkPOST.js | 6 | ||||
| -rw-r--r-- | src/api/routes/auth/changePasswordPOST.js | 4 | ||||
| -rw-r--r-- | src/api/routes/auth/registerPOST.js | 6 | ||||
| -rw-r--r-- | src/api/routes/configGET.js | 22 | ||||
| -rw-r--r-- | src/api/routes/files/fileDELETE.js | 4 | ||||
| -rw-r--r-- | src/api/routes/files/filesGET.js | 4 | ||||
| -rw-r--r-- | src/api/routes/files/uploadPOST.js | 90 | ||||
| -rw-r--r-- | src/api/routes/verifyGET.js | 2 |
14 files changed, 61 insertions, 107 deletions
diff --git a/src/api/routes/albums/albumDELETE.js b/src/api/routes/albums/albumDELETE.js index eefbf41..3fdf209 100644 --- a/src/api/routes/albums/albumDELETE.js +++ b/src/api/routes/albums/albumDELETE.js @@ -1,6 +1,4 @@ const Route = require('../../structures/Route'); -const config = require('../../../../config'); -const db = require('knex')(config.server.database); const Util = require('../../utils/Util'); const log = require('../../utils/Log'); @@ -9,7 +7,7 @@ class albumDELETE extends Route { super('/album/:id/:purge*?', 'delete'); } - async run(req, res, user) { + async run(req, res, db, user) { const { id, purge } = req.params; if (!id) return res.status(400).json({ message: 'Invalid album ID supplied' }); diff --git a/src/api/routes/albums/albumGET.js b/src/api/routes/albums/albumGET.js index f5e339f..59398a1 100644 --- a/src/api/routes/albums/albumGET.js +++ b/src/api/routes/albums/albumGET.js @@ -1,6 +1,4 @@ const Route = require('../../structures/Route'); -const config = require('../../../../config'); -const db = require('knex')(config.server.database); const Util = require('../../utils/Util'); class albumGET extends Route { @@ -8,7 +6,7 @@ class albumGET extends Route { super('/album/:identifier', 'get', { bypassAuth: true }); } - async run(req, res) { + async run(req, res, db) { const { identifier } = req.params; if (!identifier) return res.status(400).json({ message: 'Invalid identifier supplied' }); diff --git a/src/api/routes/albums/albumPOST.js b/src/api/routes/albums/albumPOST.js index 12b88fa..0d3a44c 100644 --- a/src/api/routes/albums/albumPOST.js +++ b/src/api/routes/albums/albumPOST.js @@ -1,6 +1,4 @@ const Route = require('../../structures/Route'); -const config = require('../../../../config'); -const db = require('knex')(config.server.database); const moment = require('moment'); class albumPOST extends Route { @@ -8,7 +6,7 @@ class albumPOST extends Route { super('/album/new', 'post'); } - async run(req, res, user) { + async run(req, res, db, user) { if (!req.body) return res.status(400).json({ message: 'No body provided' }); const { name } = req.body; if (!name) return res.status(400).json({ message: 'No name provided' }); diff --git a/src/api/routes/albums/albumZipGET.js b/src/api/routes/albums/albumZipGET.js index 7a853cd..9419654 100644 --- a/src/api/routes/albums/albumZipGET.js +++ b/src/api/routes/albums/albumZipGET.js @@ -1,6 +1,4 @@ const Route = require('../../structures/Route'); -const config = require('../../../../config'); -const db = require('knex')(config.server.database); const Util = require('../../utils/Util'); const log = require('../../utils/Log'); const path = require('path'); @@ -11,7 +9,7 @@ class albumGET extends Route { super('/album/:identifier/zip', 'get', { bypassAuth: true }); } - async run(req, res) { + async run(req, res, db) { const { identifier } = req.params; if (!identifier) return res.status(400).json({ message: 'Invalid identifier supplied' }); @@ -31,7 +29,7 @@ class albumGET extends Route { If the date when the album was zipped is greater than the album's last edit, we just send the zip to the user */ if (album.zippedAt > album.editedAt) { - const filePath = path.join(__dirname, '..', '..', '..', '..', config.uploads.uploadFolder, 'zips', `${album.userId}-${album.id}.zip`); + const filePath = path.join(__dirname, '..', '..', '..', '..', process.env.UPLOAD_FOLDER, 'zips', `${album.userId}-${album.id}.zip`); const exists = await jetpack.existsAsync(filePath); /* Make sure the file exists just in case, and if not, continue to it's generation. @@ -65,7 +63,7 @@ class albumGET extends Route { Util.createZip(filesToZip, album); await db.table('albums').where('id', link.albumId).update('zippedAt', db.fn.now()); - const filePath = path.join(__dirname, '..', '..', '..', '..', config.uploads.uploadFolder, 'zips', `${album.userId}-${album.id}.zip`); + const filePath = path.join(__dirname, '..', '..', '..', '..', process.env.UPLOAD_FOLDER, 'zips', `${album.userId}-${album.id}.zip`); const fileName = `lolisafe-${identifier}.zip`; return res.download(filePath, fileName); } catch (error) { diff --git a/src/api/routes/albums/albumsGET.js b/src/api/routes/albums/albumsGET.js index b19e03a..3be1213 100644 --- a/src/api/routes/albums/albumsGET.js +++ b/src/api/routes/albums/albumsGET.js @@ -1,6 +1,4 @@ const Route = require('../../structures/Route'); -const config = require('../../../../config'); -const db = require('knex')(config.server.database); const Util = require('../../utils/Util'); class albumsGET extends Route { @@ -8,7 +6,7 @@ class albumsGET extends Route { super('/albums/mini', 'get'); } - async run(req, res, user) { + async run(req, res, db, user) { /* Let's fetch the albums. This route will only return a small portion of the album files for displaying on the dashboard. It's probably useless @@ -72,7 +70,7 @@ class albumsDropdownGET extends Route { super('/albums/dropdown', 'get'); } - async run(req, res, user) { + async run(req, res, db, user) { const albums = await db.table('albums') .where('userId', user.id) .select('id', 'name'); diff --git a/src/api/routes/albums/link/linkEditPOST.js b/src/api/routes/albums/link/linkEditPOST.js index d9dbcac..753c496 100644 --- a/src/api/routes/albums/link/linkEditPOST.js +++ b/src/api/routes/albums/link/linkEditPOST.js @@ -1,6 +1,4 @@ const Route = require('../../../structures/Route'); -const config = require('../../../../../config'); -const db = require('knex')(config.server.database); const log = require('../../../utils/Log'); class linkEditPOST extends Route { @@ -8,7 +6,7 @@ class linkEditPOST extends Route { super('/album/link/edit', 'post'); } - async run(req, res, user) { + async run(req, res, db, user) { if (!req.body) return res.status(400).json({ message: 'No body provided' }); const { identifier, enabled, enableDownload, expiresAt } = req.body; if (!identifier) return res.status(400).json({ message: 'Invalid album identifier supplied' }); diff --git a/src/api/routes/albums/link/linkPOST.js b/src/api/routes/albums/link/linkPOST.js index 1edf891..91e1521 100644 --- a/src/api/routes/albums/link/linkPOST.js +++ b/src/api/routes/albums/link/linkPOST.js @@ -1,6 +1,4 @@ const Route = require('../../../structures/Route'); -const config = require('../../../../../config'); -const db = require('knex')(config.server.database); const Util = require('../../../utils/Util'); const log = require('../../../utils/Log'); @@ -9,7 +7,7 @@ class linkPOST extends Route { super('/album/link/new', 'post'); } - async run(req, res, user) { + async run(req, res, db, user) { if (!req.body) return res.status(400).json({ message: 'No body provided' }); const { albumId } = req.body; if (!albumId) return res.status(400).json({ message: 'No album provided' }); @@ -24,7 +22,7 @@ class linkPOST extends Route { Count the amount of links created for that album already and error out if max was reached */ const count = await db.table('links').where('albumId', albumId).count({ count: 'id' }); - if (count[0].count >= config.albums.maxLinksPerAlbum) return res.status(400).json({ message: 'Maximum links per album reached' }); + if (count[0].count >= process.env.MAX_LINKS_PER_ALBUM) return res.status(400).json({ message: 'Maximum links per album reached' }); /* Try to allocate a new identifier on the db diff --git a/src/api/routes/auth/changePasswordPOST.js b/src/api/routes/auth/changePasswordPOST.js index bd64320..d698896 100644 --- a/src/api/routes/auth/changePasswordPOST.js +++ b/src/api/routes/auth/changePasswordPOST.js @@ -1,7 +1,5 @@ const Route = require('../../structures/Route'); -const config = require('../../../../config'); const log = require('../../utils/Log'); -const db = require('knex')(config.server.database); const bcrypt = require('bcrypt'); const moment = require('moment'); @@ -10,7 +8,7 @@ class changePasswordPOST extends Route { super('/auth/password/change', 'post'); } - async run(req, res, user) { + async run(req, res, db, user) { if (!req.body) return res.status(400).json({ message: 'No body provided' }); const { password, newPassword } = req.body; if (!password || !newPassword) return res.status(401).json({ message: 'Invalid body provided' }); diff --git a/src/api/routes/auth/registerPOST.js b/src/api/routes/auth/registerPOST.js index d3532f4..762eaf2 100644 --- a/src/api/routes/auth/registerPOST.js +++ b/src/api/routes/auth/registerPOST.js @@ -1,7 +1,5 @@ const Route = require('../../structures/Route'); -const config = require('../../../../config'); const log = require('../../utils/Log'); -const db = require('knex')(config.server.database); const bcrypt = require('bcrypt'); const randomstring = require('randomstring'); const moment = require('moment'); @@ -11,8 +9,8 @@ class registerPOST extends Route { super('/auth/register', 'post', { bypassAuth: true }); } - async run(req, res) { - if (!config.enableCreateUserAccounts) return res.status(401).json({ message: 'Creation of new accounts is currently disabled' }); + async run(req, res, db) { + if (!process.env.USER_ACCOUNTS) return res.status(401).json({ message: 'Creation of new accounts is currently disabled' }); if (!req.body) return res.status(400).json({ message: 'No body provided' }); const { username, password } = req.body; if (!username || !password) return res.status(401).json({ message: 'Invalid body provided' }); diff --git a/src/api/routes/configGET.js b/src/api/routes/configGET.js deleted file mode 100644 index 4bc7e15..0000000 --- a/src/api/routes/configGET.js +++ /dev/null @@ -1,22 +0,0 @@ -const Route = require('../structures/Route'); -const config = require('../../../config'); - -class configGET extends Route { - constructor() { - super('/config', 'get', { bypassAuth: true }); - } - - run(req, res) { - return res.json({ - version: process.env.npm_package_version, - URL: config.filesServeLocatio, - baseURL: config.backendLocation, - serviceName: config.serviceName, - maxFileSize: config.uploads.uploadMaxSize, - chunkSize: config.uploads.chunkSize, - maxLinksPerAlbum: config.albums.maxLinksPerAlbum - }); - } -} - -module.exports = configGET; diff --git a/src/api/routes/files/fileDELETE.js b/src/api/routes/files/fileDELETE.js index b50e576..c659255 100644 --- a/src/api/routes/files/fileDELETE.js +++ b/src/api/routes/files/fileDELETE.js @@ -1,6 +1,4 @@ const Route = require('../../structures/Route'); -const config = require('../../../../config'); -const db = require('knex')(config.server.database); const Util = require('../../utils/Util'); const log = require('../../utils/Log'); @@ -9,7 +7,7 @@ class fileDELETE extends Route { super('/file/:id', 'delete'); } - async run(req, res, user) { + async run(req, res, db, user) { const { id } = req.params; if (!id) return res.status(400).json({ message: 'Invalid file ID supplied' }); diff --git a/src/api/routes/files/filesGET.js b/src/api/routes/files/filesGET.js index d1b6619..b41996b 100644 --- a/src/api/routes/files/filesGET.js +++ b/src/api/routes/files/filesGET.js @@ -1,6 +1,4 @@ const Route = require('../../structures/Route'); -const config = require('../../../../config'); -const db = require('knex')(config.server.database); const Util = require('../../utils/Util'); class filesGET extends Route { @@ -8,7 +6,7 @@ class filesGET extends Route { super('/files', 'get'); } - async run(req, res, user) { + async run(req, res, db, user) { /* Get all the files from the user */ diff --git a/src/api/routes/files/uploadPOST.js b/src/api/routes/files/uploadPOST.js index f217167..f83148f 100644 --- a/src/api/routes/files/uploadPOST.js +++ b/src/api/routes/files/uploadPOST.js @@ -1,8 +1,6 @@ const Route = require('../../structures/Route'); -const config = require('../../../../config'); const path = require('path'); const Util = require('../../utils/Util'); -const db = require('knex')(config.server.database); const moment = require('moment'); const log = require('../../utils/Log'); const jetpack = require('fs-jetpack'); @@ -22,13 +20,13 @@ class uploadPOST extends Route { super('/upload', 'post', { bypassAuth: true }); } - async run(req, res) { + async run(req, res, db) { const user = await Util.isAuthorized(req); - if (!user && !config.uploads.allowAnonymousUploads) return res.status(401).json({ message: 'Not authorized to use this resource' }); - return this.uploadFile(req, res, user); + if (!user && !process.env.PUBLIC_MODE) return res.status(401).json({ message: 'Not authorized to use this resource' }); + return this.uploadFile(req, res, db, user); } - async processFile(req, res, user, file) { + async processFile(req, res, db, user, file) { /* Check if the user is trying to upload to an album */ @@ -55,38 +53,37 @@ class uploadPOST extends Route { We got a chunk that is not the last part, send smoke signal that we received it. */ return res.json({ message: 'Successfully uploaded chunk' }); - } else { - /* - Seems we finally got the last part of a chunk upload - */ - const uploadsDir = path.join(__dirname, '..', '..', '..', '..', config.uploads.uploadFolder); - const chunkedFileDir = path.join(__dirname, '..', '..', '..', '..', config.uploads.uploadFolder, 'chunks', file.body.uuid); - const chunkFiles = await jetpack.findAsync(chunkedFileDir, { matching: '*' }); - const originalname = Util.getFilenameFromPath(chunkFiles[0].substring(0, chunkFiles[0].lastIndexOf('.'))); - - const tempFile = { - filename: Util.getUniqueFilename(originalname), - originalname, - size: file.body.totalfilesize - }; - - for (const chunkFile of chunkFiles) { - try { - const data = await jetpack.readAsync(chunkFile, 'buffer'); // eslint-disable-line no-await-in-loop - await jetpack.appendAsync(path.join(uploadsDir, tempFile.filename), data); // eslint-disable-line no-await-in-loop - } catch (error) { - log.error(error); - } - } - + } + /* + Seems we finally got the last part of a chunk upload + */ + const uploadsDir = path.join(__dirname, '..', '..', '..', '..', process.env.UPLOAD_FOLDER); + const chunkedFileDir = path.join(__dirname, '..', '..', '..', '..', process.env.UPLOAD_FOLDER, 'chunks', file.body.uuid); + const chunkFiles = await jetpack.findAsync(chunkedFileDir, { matching: '*' }); + const originalname = Util.getFilenameFromPath(chunkFiles[0].substring(0, chunkFiles[0].lastIndexOf('.'))); + + const tempFile = { + filename: Util.getUniqueFilename(originalname), + originalname, + size: file.body.totalfilesize + }; + + for (const chunkFile of chunkFiles) { try { - await jetpack.removeAsync(chunkedFileDir); + const data = await jetpack.readAsync(chunkFile, 'buffer'); // eslint-disable-line no-await-in-loop + await jetpack.appendAsync(path.join(uploadsDir, tempFile.filename), data); // eslint-disable-line no-await-in-loop } catch (error) { log.error(error); } + } - upload = tempFile; + try { + await jetpack.removeAsync(chunkedFileDir); + } catch (error) { + log.error(error); } + + upload = tempFile; } /* @@ -109,7 +106,7 @@ class uploadPOST extends Route { message: 'Successfully uploaded file BUT IT EXISTED ALREADY', name: exists.name, size: exists.size, - url: `${config.filesServeLocation}/${exists.name}` + url: `${process.env.DOMAIN}/${exists.name}` }); return Util.deleteFile(upload.filename); @@ -147,7 +144,7 @@ class uploadPOST extends Route { message: 'Successfully uploaded file', name: upload.filename, size: upload.size, - url: `${config.filesServeLocation}/${upload.filename}` + url: `${process.env.DOMAIN}/${upload.filename}` }); /* @@ -167,7 +164,7 @@ class uploadPOST extends Route { /* If exif removal has been force service-wide or requested by the user, remove it */ - if (config.uploads.forceStripExif) { // || user.settings.stripExif) { + if (process.env.STRIP_EXIF) { // || user.settings.stripExif) { // Util.removeExif(upload.filename); } @@ -177,11 +174,11 @@ class uploadPOST extends Route { return Util.generateThumbnails(upload.filename); } - uploadFile(req, res, user) { + uploadFile(req, res, db, user) { const busboy = new Busboy({ headers: req.headers, limits: { - fileSize: config.uploads.uploadMaxSize * (1000 * 1000), + fileSize: process.env.MAX_SIZE * (1000 * 1000), files: 1 } }); @@ -209,7 +206,8 @@ class uploadPOST extends Route { Hey ther's a file! Let's upload it. */ busboy.on('file', (fieldname, file, filename, encoding, mimetype) => { - let name, saveTo; + let name; + let saveTo; /* Let check whether the file is part of a chunk upload or if it's a standalone one. @@ -219,15 +217,15 @@ class uploadPOST extends Route { const ext = path.extname(filename).toLowerCase(); if (Util.isExtensionBlocked(ext)) return res.status(400).json({ message: 'This extension is not allowed.' }); - if (!fileToUpload.body.uuid) { - name = Util.getUniqueFilename(filename); - if (!name) return res.status(500).json({ message: 'There was a problem allocating a filename for your upload' }); - saveTo = path.join(__dirname, '..', '..', '..', '..', config.uploads.uploadFolder, name); - } else { + if (fileToUpload.body.uuid) { name = `${filename}.${fileToUpload.body.chunkindex}`; - const chunkDir = path.join(__dirname, '..', '..', '..', '..', config.uploads.uploadFolder, 'chunks', fileToUpload.body.uuid); + const chunkDir = path.join(__dirname, '..', '..', '..', '..', process.env.UPLOAD_FOLDER, 'chunks', fileToUpload.body.uuid); jetpack.dir(chunkDir); - saveTo = path.join(__dirname, '..', '..', '..', '..', config.uploads.uploadFolder, 'chunks', fileToUpload.body.uuid, name); + saveTo = path.join(__dirname, '..', '..', '..', '..', process.env.UPLOAD_FOLDER, 'chunks', fileToUpload.body.uuid, name); + } else { + name = Util.getUniqueFilename(filename); + if (!name) return res.status(500).json({ message: 'There was a problem allocating a filename for your upload' }); + saveTo = path.join(__dirname, '..', '..', '..', '..', process.env.UPLOAD_FOLDER, name); } /* @@ -269,7 +267,7 @@ class uploadPOST extends Route { return res.status(500).json({ message: 'There was an error uploading the file.' }); }); - busboy.on('finish', () => this.processFile(req, res, user, fileToUpload)); + busboy.on('finish', () => this.processFile(req, res, db, user, fileToUpload)); req.pipe(busboy); } } diff --git a/src/api/routes/verifyGET.js b/src/api/routes/verifyGET.js index b6ade59..e588c22 100644 --- a/src/api/routes/verifyGET.js +++ b/src/api/routes/verifyGET.js @@ -5,7 +5,7 @@ class verifyGET extends Route { super('/verify', 'get'); } - run(req, res, user) { + run(req, res, db, user) { const returnUser = { id: user.id, username: user.username, |