-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathexpress_app.js
164 lines (147 loc) · 5.71 KB
/
express_app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
#!/usr/bin/env node
/*
* Copyright (C) 2013-2016 Stéphane Péchard.
*
* This file is part of PhotoBackup.
*
* PhotoBackup is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PhotoBackup is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
(function () {
'use strict';
// imports
var bcrypt = require('bcrypt');
var bodyParser = require('body-parser');
var express = require('express');
var fs = require('fs');
var multer = require('multer');
var path = require('path');
// variables
var app = express();
var createRoutes = function (config, sectionName) {
var fileHasBeenFiltered = false;
var upload = multer({
storage: multer.diskStorage({
// multer creates the directory if it does not exist
destination: config[sectionName].MediaRoot,
filename: function (req, file, cb) {
cb(null, file.originalname);
}
}),
fileFilter: function (req, file, cb) {
// test file existance and compare sizes
// this is a bit crappy, thanks to multer messing with the request...
try {
var filepath = path.join(config[sectionName].MediaRoot, file.originalname);
var filesize = parseInt(req.body.filesize, 10);
var stats = fs.statSync(filepath);
var localFilesize = stats["size"];
if (localFilesize === filesize) {
fileHasBeenFiltered = true;
// fill the request as if the file was here like it is actually...
req.file = {
'fieldname': 'upfile',
'size': localFilesize
};
}
}
// if file does not exist, write it
catch(err) {
fileHasBeenFiltered = false;
}
cb(null, !fileHasBeenFiltered);
}
});
// allows to access body parameters of the requests, because you have to...
app.use(bodyParser.urlencoded({ extended: true }));
// routes
app.get('/', function (req, res) {
res.redirect('https://photobackup.github.io/');
endWithSuccess(res);
});
app.post('/', upload.single('upfile'), function (req, res) {
var password, filesize;
try {
password = req.body.password;
filesize = parseInt(req.body.filesize, 10);
} catch (err) {
end(res, 400, 'missing parameter in the request! => ' + err);
return;
}
if(password === undefined) {
end(res, 403, 'no password in request');
return;
} else if (!bcrypt.compareSync(password, config[sectionName].PasswordBcrypt)) {
end(res, 403, 'wrong password!');
return;
} else if (!req.hasOwnProperty('file')) {
end(res, 401, 'missing upfile');
return;
} else if (!req.file.hasOwnProperty('fieldname')) {
end(res, 403, 'upfile has no filedname!');
return;
} else if (req.file.fieldname !== 'upfile') {
end(res, 403, "upfile should be named 'upfile'!");
return;
} else if (isNaN(filesize)) {
end(res, 400, 'missing file size in the request!');
return;
} else if (filesize !== req.file.size) {
end(res, 411, 'file sizes do not match!');
return;
} else if (fileHasBeenFiltered) {
end(res, 409, 'file exists and is complete');
return;
}
// file is saved by some NodeJS magic...
res.send();
endWithSuccess(res);
});
app.post('/test', function (req, res) {
var password = req.body.password;
if (password !== config[sectionName].Password) {
end(res, 403, 'wrong password!');
return;
}
fs.access(config[sectionName].MediaRoot, fs.W_OK, function (err) {
if (err) {
end(res, 500, "Can't write to MEDIA_ROOT!");
return;
} else {
res.send();
endWithSuccess(res);
}
});
});
};
// show error and return response
function end (res, code, message) {
res.status(code).send({ error: message });
pblog(console.error, res.req.method + ' ' + res.req.url, code + ' => ' + message);
}
// in case of success
function endWithSuccess (res) {
if (res.statusCode === 200) {
pblog(console.log, res.req.method + ' ' + res.req.url, res.statusCode);
}
}
// minimalist logger
function pblog (consoleFunc, message, suffix) {
consoleFunc((new Date()).toISOString(), message || '', suffix || '');
}
// final export
module.exports = {
app: app,
createRoutes: createRoutes
};
}());