Upload from web page

This commit is contained in:
Evert Prants 2020-01-14 16:58:54 +02:00
parent 5807d28cd0
commit fbfd89fc12
Signed by: evert
GPG Key ID: 1688DA83D222D0B5

View File

@ -64,6 +64,15 @@ async function clearDatabase (config, dbPromise) {
files.length, hashes.length, shorts.length) files.length, hashes.length, shorts.length)
} }
function handleAuthHeader (req, res) {
let header = req.header('authorization')
if (!header) return null
let token = header.split(/\s+/).pop() || ''
let auth = Buffer.from(token, 'base64').toString()
let parts = auth.split(/:/)
return (parts[1] && parts[1] !== '') ? parts[1] : null
}
async function init () { async function init () {
// Load configuration // Load configuration
let config = await cfgLoader let config = await cfgLoader
@ -79,16 +88,28 @@ async function init () {
await clearDatabase(config, dbPromise) await clearDatabase(config, dbPromise)
// Upload file form
router.get('/publish', (req, res, next) => {
let token = handleAuthHeader(req, res)
if (!token || !config.tokens[token]) {
return res.status(401).set('WWW-Authenticate', 'Basic realm="Token Auth", charset="UTF-8"').end()
}
next()
}, async (req, res) => {
res.sendFile(path.join(__dirname, 'up.html'))
})
// Upload a file or publish a hash // Upload a file or publish a hash
router.post('/publish', async (req, res, next) => { router.post('/publish', async (req, res, next) => {
let ip = req.ip let ip = req.ip
let token = req.header('token') || req.body.token let token = req.header('token') || req.body.token
if (req.header('authorization')) token = handleAuthHeader(req, res)
if (!token || !config.tokens[token]) return res.status(402).send('Forbidden') if (!token || !config.tokens[token]) return res.status(402).send('Forbidden')
let baseurl = config.tokens[token] let baseurl = config.tokens[token]
// Handle IPFS hash // Handle IPFS hash
let hash = req.query.hash || req.body.hash let hash = req.query.hash || req.body.hash
if (hash) { if (hash && hash !== '') {
let filename = req.query.filename || req.body.filename let filename = req.query.filename || req.body.filename
if (!filename) filename = crypto.randomBytes(8).toString('hex') if (!filename) filename = crypto.randomBytes(8).toString('hex')
@ -146,14 +167,22 @@ async function init () {
} }
if (uploadedFiles.length === 0) return res.status(400).send('No files were uploaded') if (uploadedFiles.length === 0) return res.status(400).send('No files were uploaded')
let tagify = fields && fields['tagify']
if (tagify != null) {
for (let i in uploadedFiles) {
uploadedFiles[i] = '<a href="' + uploadedFiles[i] + '" target="_blank">' + uploadedFiles[i] + '</a>'
}
}
res.send(uploadedFiles.join('\n')) res.send(uploadedFiles.join(tagify ? '<br/>' : '\n'))
}) })
// Shorten URL form
router.get('/shorten', async (req, res) => { router.get('/shorten', async (req, res) => {
res.sendFile(path.join(__dirname, 'go.html')) res.sendFile(path.join(__dirname, 'go.html'))
}) })
// Shorten URLs
router.post('/shorten', async (req, res) => { router.post('/shorten', async (req, res) => {
let ip = req.ip let ip = req.ip
let url = req.body.url let url = req.body.url