From 8e4f1b7838e3c43320f2e25e691c1808ae3c4089 Mon Sep 17 00:00:00 2001 From: Pitu Date: Mon, 30 Sep 2019 07:06:22 +0000 Subject: feature: album links --- src/api/routes/albums/albumZipGET.js | 8 ++++++-- src/api/structures/Server.js | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'src/api') diff --git a/src/api/routes/albums/albumZipGET.js b/src/api/routes/albums/albumZipGET.js index b2c9fa7..d1d3e16 100644 --- a/src/api/routes/albums/albumZipGET.js +++ b/src/api/routes/albums/albumZipGET.js @@ -17,9 +17,13 @@ class albumGET extends Route { Make sure it exists and it's enabled */ const link = await db.table('links') - .where({ identifier, enabled: true }) + .where({ + identifier, + enabled: true, + enableDownload: true + }) .first(); - if (!link) return res.status(400).json({ message: 'The identifier supplied could not be found' }); + if (!link) return res.status(400).json({ message: 'The supplied identifier could not be found' }); /* Same with the album, just to make sure is not a deleted album and a leftover link diff --git a/src/api/structures/Server.js b/src/api/structures/Server.js index f8c6ad1..50f6754 100644 --- a/src/api/structures/Server.js +++ b/src/api/structures/Server.js @@ -26,7 +26,7 @@ class Server { /* This bypasses the headers.accept for album download, since it's accesed directly through the browser. */ - if (req.url.includes('/api/album/') && req.url.includes('/zip') && req.method === 'GET') return next(); + if ((req.url.includes('/api/album/') || req.url.includes('/zip')) && req.method === 'GET') return next(); if (req.headers.accept && req.headers.accept.includes('application/vnd.lolisafe.json')) return next(); return res.status(405).json({ message: 'Incorrect `Accept` header provided' }); }); -- cgit v1.2.3