From 9b28e56e09ef31052935c00c830ceafd481b94f3 Mon Sep 17 00:00:00 2001 From: Pitu Date: Tue, 8 Jun 2021 00:33:01 +0900 Subject: [PATCH] chore: get host from req instead of config --- src/api/routes/admin/fileGET.js | 2 +- src/api/routes/admin/userGET.js | 2 +- src/api/routes/albums/albumFullGET.js | 2 +- src/api/routes/albums/albumGET.js | 2 +- src/api/routes/albums/albumsGET.js | 2 +- src/api/routes/albums/link/linkPOST.js | 10 ---------- src/api/routes/files/fileGET.js | 2 +- src/api/routes/files/filesGET.js | 2 +- src/api/routes/search/searchGET.js | 2 +- src/api/routes/service/configGET.js | 1 - src/api/routes/uploads/uploadPOST.js | 4 ++-- src/api/utils/Util.js | 25 ++++++++++++++----------- 12 files changed, 24 insertions(+), 32 deletions(-) diff --git a/src/api/routes/admin/fileGET.js b/src/api/routes/admin/fileGET.js index 9605da4..72b96f1 100644 --- a/src/api/routes/admin/fileGET.js +++ b/src/api/routes/admin/fileGET.js @@ -15,7 +15,7 @@ class filesGET extends Route { .select('id', 'username', 'enabled', 'createdAt', 'editedAt', 'apiKeyEditedAt', 'isAdmin') .where({ id: file.userId }) .first(); - file = Util.constructFilePublicLink(file); + file = Util.constructFilePublicLink(req, file); // Additional relevant data const filesFromUser = await db.table('files').where({ userId: user.id }).select('id'); diff --git a/src/api/routes/admin/userGET.js b/src/api/routes/admin/userGET.js index 430dfd7..bf4f912 100644 --- a/src/api/routes/admin/userGET.js +++ b/src/api/routes/admin/userGET.js @@ -37,7 +37,7 @@ class usersGET extends Route { } for (let file of files) { - file = Util.constructFilePublicLink(file); + file = Util.constructFilePublicLink(req, file); } return res.json({ diff --git a/src/api/routes/albums/albumFullGET.js b/src/api/routes/albums/albumFullGET.js index d25fe15..32c7326 100644 --- a/src/api/routes/albums/albumFullGET.js +++ b/src/api/routes/albums/albumFullGET.js @@ -43,7 +43,7 @@ class albumGET extends Route { // eslint-disable-next-line no-restricted-syntax for (let file of files) { - file = Util.constructFilePublicLink(file); + file = Util.constructFilePublicLink(req, file); } return res.json({ diff --git a/src/api/routes/albums/albumGET.js b/src/api/routes/albums/albumGET.js index 4ac7089..e121a31 100644 --- a/src/api/routes/albums/albumGET.js +++ b/src/api/routes/albums/albumGET.js @@ -44,7 +44,7 @@ class albumGET extends Route { } for (let file of files) { - file = Util.constructFilePublicLink(file); + file = Util.constructFilePublicLink(req, file); } // Add 1 more view to the link diff --git a/src/api/routes/albums/albumsGET.js b/src/api/routes/albums/albumsGET.js index 3c18d8f..98cc82e 100644 --- a/src/api/routes/albums/albumsGET.js +++ b/src/api/routes/albums/albumsGET.js @@ -37,7 +37,7 @@ class albumsGET extends Route { // Fetch thumbnails and stuff for (let file of files) { - file = Util.constructFilePublicLink(file); + file = Util.constructFilePublicLink(req, file); } album.fileCount = fileCount[0].count; diff --git a/src/api/routes/albums/link/linkPOST.js b/src/api/routes/albums/link/linkPOST.js index 42eac58..7bc8051 100644 --- a/src/api/routes/albums/link/linkPOST.js +++ b/src/api/routes/albums/link/linkPOST.js @@ -20,16 +20,6 @@ class linkPOST extends Route { .first(); if (!exists) return res.status(400).json({ message: 'Album doesn\t exist' }); - /* - Count the amount of links created for that album already and error out if max was reached - */ - const count = await db - .table('links') - .where('albumId', albumId) - .count({ count: 'id' }) - .first(); - if (count >= parseInt(process.env.MAX_LINKS_PER_ALBUM, 10)) return res.status(400).json({ message: 'Maximum links per album reached' }); - let { identifier } = req.body; if (identifier) { if (!user.isAdmin) return res.status(401).json({ message: 'Only administrators can create custom links' }); diff --git a/src/api/routes/files/fileGET.js b/src/api/routes/files/fileGET.js index 9ec6f22..2e6f0b8 100644 --- a/src/api/routes/files/fileGET.js +++ b/src/api/routes/files/fileGET.js @@ -16,7 +16,7 @@ class fileGET extends Route { let file = await db.table('files').where({ id, userId: user.id }).first(); if (!file) return res.status(400).json({ message: 'The file doesn\'t exist or doesn\'t belong to the user' }); - file = Util.constructFilePublicLink(file); + file = Util.constructFilePublicLink(req, file); /* Fetch the albums diff --git a/src/api/routes/files/filesGET.js b/src/api/routes/files/filesGET.js index 9e90633..20ccbc5 100644 --- a/src/api/routes/files/filesGET.js +++ b/src/api/routes/files/filesGET.js @@ -30,7 +30,7 @@ class filesGET extends Route { // For each file, create the public link to be able to display the file for (let file of files) { - file = Util.constructFilePublicLink(file); + file = Util.constructFilePublicLink(req, file); } return res.json({ diff --git a/src/api/routes/search/searchGET.js b/src/api/routes/search/searchGET.js index 187fcab..3cfcfef 100644 --- a/src/api/routes/search/searchGET.js +++ b/src/api/routes/search/searchGET.js @@ -53,7 +53,7 @@ class configGET extends Route { // For each file, create the public link to be able to display the file for (let file of files) { - file = Util.constructFilePublicLink(file); + file = Util.constructFilePublicLink(req, file); } return res.json({ diff --git a/src/api/routes/service/configGET.js b/src/api/routes/service/configGET.js index bc91a7e..291f0a4 100644 --- a/src/api/routes/service/configGET.js +++ b/src/api/routes/service/configGET.js @@ -11,7 +11,6 @@ class configGET extends Route { config: { serviceName: process.env.SERVICE_NAME, uploadFolder: process.env.UPLOAD_FOLDER, - linksPerAlbum: parseInt(process.env.MAX_LINKS_PER_ALBUM, 10), maxUploadSize: parseInt(process.env.MAX_SIZE, 10), filenameLength: parseInt(process.env.GENERATED_FILENAME_LENGTH, 10), albumLinkLength: parseInt(process.env.GENERATED_ALBUM_LENGTH, 10), diff --git a/src/api/routes/uploads/uploadPOST.js b/src/api/routes/uploads/uploadPOST.js index a0dba27..7386490 100644 --- a/src/api/routes/uploads/uploadPOST.js +++ b/src/api/routes/uploads/uploadPOST.js @@ -282,8 +282,8 @@ class uploadPOST extends Route { if (albumId) await Util.saveFileToAlbum(db, albumId, result.id); - result.file = Util.constructFilePublicLink(result.file); - result.deleteUrl = `${process.env.DOMAIN}/api/file/${result.id[0]}`; + result.file = Util.constructFilePublicLink(req, result.file); + result.deleteUrl = `${Util.getHost(req)}/api/file/${result.id[0]}`; return res.status(201).send({ message: 'Sucessfully uploaded the file.', diff --git a/src/api/utils/Util.js b/src/api/utils/Util.js index 878a542..727851e 100644 --- a/src/api/utils/Util.js +++ b/src/api/utils/Util.js @@ -47,13 +47,11 @@ class Util { rateLimitMax: process.env.RATE_LIMIT_MAX || 5, secret: process.env.SECRET || randomstring.generate(64), serviceName: process.env.SERVICE_NAME || 'change-me', - domain: process.env.DOMAIN || `http://localhost:${process.env.SERVER_PORT}`, chunkSize: process.env.CHUNK_SIZE || 90, maxSize: process.env.MAX_SIZE || 5000, generateZips: process.env.GENERATE_ZIPS == undefined ? true : false, generatedFilenameLength: process.env.GENERATED_FILENAME_LENGTH || 12, generatedAlbumLength: process.env.GENERATED_ALBUM_LENGTH || 6, - maxLinksPerAlbum: process.env.MAX_LINKS_PER_ALBUM || 5, uploadFolder: process.env.UPLOAD_FOLDER || 'uploads', blockedExtensions: process.env.BLOCKED_EXTENSIONS || ['.jar', '.exe', '.msi', '.com', '.bat', '.cmd', '.scr', '.ps1', '.sh'], publicMode: process.env.PUBLIC_MODE == undefined ? true : false, @@ -92,17 +90,18 @@ class Util { return fileTypeMimeObj ? fileTypeMimeObj.mime : undefined; } - static constructFilePublicLink(file) { + static constructFilePublicLink(req, file) { /* TODO: This wont work without a reverse proxy serving both the site and the API under the same domain. Pls fix. */ - file.url = `${process.env.DOMAIN}/${file.name}`; + const host = this.getHost(req); + file.url = `${host}/${file.name}`; const { thumb, preview } = ThumbUtil.getFileThumbnail(file.name) || {}; if (thumb) { - file.thumb = `${process.env.DOMAIN}/thumbs/${thumb}`; - file.thumbSquare = `${process.env.DOMAIN}/thumbs/square/${thumb}`; - file.preview = preview && `${process.env.DOMAIN}/thumbs/preview/${preview}`; + file.thumb = `${host}/thumbs/${thumb}`; + file.thumbSquare = `${host}/thumbs/square/${thumb}`; + file.preview = preview && `${host}/thumbs/preview/${preview}`; } return file; } @@ -265,8 +264,8 @@ class Util { static generateThumbnails = ThumbUtil.generateThumbnails; - static async fileExists(res, exists, filename) { - exists = Util.constructFilePublicLink(exists); + static async fileExists(req, res, exists, filename) { + exists = Util.constructFilePublicLink(req, exists); res.json({ message: 'Successfully uploaded the file.', name: exists.name, @@ -274,7 +273,7 @@ class Util { size: exists.size, url: exists.url, thumb: exists.thumb, - deleteUrl: `${process.env.DOMAIN}/api/file/${exists.id}`, + deleteUrl: `${this.getHost(req)}/api/file/${exists.id}`, repeated: true }); @@ -298,7 +297,7 @@ class Util { .first(); if (dbFile) { - await this.fileExists(res, dbFile, file.data.filename); + await this.fileExists(req, res, dbFile, file.data.filename); return; } @@ -406,6 +405,10 @@ class Util { console.error(error); } } + + static getHost(req) { + return `${req.protocol}://${req.headers.host}`; + } } module.exports = Util;