mirror of
https://github.com/Foltik/Shimapan
synced 2025-01-20 22:06:57 -05:00
115 lines
3.3 KiB
JavaScript
115 lines
3.3 KiB
JavaScript
var express = require('express');
|
|
var router = express.Router();
|
|
|
|
var mongoose = require('mongoose');
|
|
var User = require('../models/User.js');
|
|
var Upload = require('../models/Upload.js');
|
|
var Key = require('../models/Key.js');
|
|
|
|
var multer = require('multer');
|
|
var dest = multer({dest: 'uploads/'});
|
|
|
|
function fileNameExists(name) {
|
|
Upload.count({name: name}, function (err, count) {
|
|
return count !== 0;
|
|
});
|
|
}
|
|
|
|
function genFileName() {
|
|
var charset = "abcdefghijklmnopqrstuvwxyz";
|
|
do {
|
|
var chars = [];
|
|
for (var i = 0; i < 6; i++)
|
|
chars.push(charset.charAt(Math.floor(Math.random() * charset.length)));
|
|
} while (fileNameExists(chars.join('')));
|
|
return chars.join('');
|
|
}
|
|
|
|
function updateStats(type, id, size) {
|
|
if (type === 'session') {
|
|
User.updateOne({username: id}, {$inc: {uploadCount: 1, uploadSize: size}}, function (err) {
|
|
if (err) throw err;
|
|
});
|
|
} else if (type === 'apikey') {
|
|
Key.updateOne({key: id}, {$inc: {uploadCount: 1, uploadSize: size}}, function (err) {
|
|
if (err) throw err;
|
|
});
|
|
}
|
|
}
|
|
|
|
var checkApiKey = function (key, cb) {
|
|
Key.find({key: key}, function (err, res) {
|
|
if (err) throw err;
|
|
cb(res.length === 1, res);
|
|
});
|
|
};
|
|
|
|
var checkScope = function (type, id, perm, cb) {
|
|
if (type === 'session') {
|
|
User.findOne({username: id}, function (err, user) {
|
|
if (err) throw err;
|
|
cb(user.scope.indexOf(perm) !== -1);
|
|
});
|
|
} else {
|
|
Key.findOne({key: id}, function (err, key) {
|
|
if (err) throw err;
|
|
cb(key.scope.indexOf(perm) !== -1);
|
|
});
|
|
}
|
|
};
|
|
|
|
function uploadFile(req, res, type, key) {
|
|
if (!req.file)
|
|
return res.status(400).json({'message': 'No file specified.'});
|
|
|
|
// Size must be below 128 Megabytes (1024*1024*128 Bytes)
|
|
if (req.file.size >= 134217728)
|
|
return res.status(413).json({'message': 'File too large.'});
|
|
|
|
var uploader = type === 'session' ? req.session.passport.user : key[0].username;
|
|
var uploadKey = type === 'apikey' ? key[0].key : null;
|
|
var id = type === 'session' ? req.session.passport.user : key[0].key;
|
|
|
|
checkScope(type, id, 'file.upload', function (valid) {
|
|
if (!valid)
|
|
return res.status(403).json({'message': 'No permission.'});
|
|
|
|
var entry = {
|
|
name: genFileName(),
|
|
uploader: uploader,
|
|
uploadKey: uploadKey,
|
|
date: Date.now(),
|
|
file: req.file
|
|
};
|
|
|
|
updateStats(type, id, req.file.size);
|
|
|
|
Upload.create(entry, function (err) {
|
|
if (err) throw err;
|
|
res.status(200).json({
|
|
name: entry.name,
|
|
url: 'https://shimapan.rocks/v/' + entry.name
|
|
});
|
|
});
|
|
});
|
|
}
|
|
|
|
router.post('/', dest.single('file'), function (req, res) {
|
|
if (!req.session || !req.session.passport) {
|
|
if (!req.body.apikey) {
|
|
return res.sendStatus(401);
|
|
} else {
|
|
checkApiKey(req.body.apikey, function (valid, key) {
|
|
if (!valid)
|
|
return res.sendStatus(401);
|
|
else
|
|
uploadFile(req, res, 'apikey', key);
|
|
});
|
|
}
|
|
} else {
|
|
uploadFile(req, res, 'session');
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|