94 lines
2.0 KiB
JavaScript
94 lines
2.0 KiB
JavaScript
import fs from "fs";
|
|
import path from "path";
|
|
import crypto from "crypto";
|
|
import express from "express";
|
|
import multer from "multer";
|
|
import 'dotenv/config'
|
|
|
|
const {
|
|
FILE_LOCATION,
|
|
ID_LENGTH = 12,
|
|
TOKEN_FILE,
|
|
PORT = 3000
|
|
} = process.env;
|
|
|
|
if (!FILE_LOCATION || !TOKEN_FILE) {
|
|
throw new Error("Missing FILE_LOCATION or TOKEN_FILE");
|
|
}
|
|
|
|
const TOKENS = new Set(
|
|
fs.readFileSync(TOKEN_FILE, "utf8")
|
|
.split("\n")
|
|
.map(t => t.trim())
|
|
.filter(Boolean)
|
|
);
|
|
|
|
function randomId(len) {
|
|
const chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
|
|
let out = "";
|
|
for (let i = 0; i < len; i++) {
|
|
out += chars[Math.floor(Math.random() * chars.length)];
|
|
}
|
|
return out;
|
|
}
|
|
|
|
function auth(req, res, next) {
|
|
const header = req.headers.authorization;
|
|
if (!header || !header.startsWith("Bearer ")) {
|
|
return res.status(401).json({ error: "Missing auth" });
|
|
}
|
|
|
|
const token = header.slice(7);
|
|
if (!TOKENS.has(token)) {
|
|
return res.status(403).json({ error: "Invalid token" });
|
|
}
|
|
|
|
next();
|
|
}
|
|
|
|
const upload = multer({
|
|
storage: multer.diskStorage({
|
|
destination: FILE_LOCATION,
|
|
filename: (req, file, cb) => {
|
|
const id = randomId(Number(ID_LENGTH));
|
|
const ext = path.extname(file.originalname);
|
|
cb(null, id + ext);
|
|
}
|
|
}),
|
|
limits: {
|
|
fileSize: 25 * 1024 * 1024
|
|
}
|
|
});
|
|
|
|
const app = express();
|
|
|
|
app.post("/upload", auth, upload.single("file"), (req, res) => {
|
|
if (!req.file) {
|
|
return res.status(400).json({ error: "No file" });
|
|
}
|
|
|
|
res.json({
|
|
id: path.parse(req.file.filename).name,
|
|
filename: req.file.filename,
|
|
url: `/${req.file.filename}`
|
|
});
|
|
});
|
|
|
|
app.get("/:name", (req, res) => {
|
|
const filePath = path.join(FILE_LOCATION, req.params.name);
|
|
|
|
if (!filePath.startsWith(FILE_LOCATION)) {
|
|
return res.status(400).end();
|
|
}
|
|
|
|
fs.access(filePath, fs.constants.R_OK, err => {
|
|
if (err) return res.status(404).end();
|
|
res.sendFile(filePath);
|
|
});
|
|
});
|
|
|
|
app.listen(PORT, "0.0.0.0", () => {
|
|
console.log(`Listening on :${PORT}`);
|
|
});
|
|
|