import cordxConfig from '@/src/configurations/cordx.config' import makeId from '@/utils/functions/makeId' import sqlQuery from '@/utils/functions/sqlQuery' //import webhook from '@/utils/functions/webhook' import { Request, Response } from 'express' import Formidable from 'formidable-serverless' import { S3 } from '@aws-sdk/client-s3' import { PutObjectCommand } from '@aws-sdk/client-s3' import fs from 'fs' export const config = { api: { bodyParser: false } } function formatSizeUnits(bytes) { if (bytes >= 1073741824) { bytes = (bytes / 1073741824).toFixed(2) + ' GB' } else if (bytes >= 1048576) { bytes = (bytes / 1048576).toFixed(2) + ' MB' } else if (bytes >= 1024) { bytes = (bytes / 1024).toFixed(2) + ' KB' } else if (bytes > 1) { bytes = bytes + ' bytes' } else if (bytes == 1) { bytes = bytes + ' byte' } else { bytes = '0 bytes' } return bytes } export default async function POST(req: Request, res: Response) { const space = new S3({ forcePathStyle: false, endpoint: process.env.DoCdnLink, region: 'us-east-1', credentials: { accessKeyId: process.env.DoKeyId, secretAccessKey: process.env.DoSecret } }) if (req.method !== 'POST') return res.status(400).send('Invalid method') return new Promise(async (resolve, reject) => { const form = new Formidable.IncomingForm({ multiples: true, keepExtensions: true }) form.on('aborted', () => { reject( res.status(500).send( JSON.stringify({ status: '[UPLOAD_FAILED]', errormsg: 'client aborted the request', url: '[CORDX]: aborted' }) ) ) }) form.on('error', async e => { await console.log(e.stack) reject( res.status(500).send( JSON.stringify({ status: 'UPLOAD_ERROR', errormsg: `${e.message}`, url: '' }) ) ) }) return form.parse(req, async function (err, fields, files) { let secret = req?.headers?.secret let userid = req?.headers?.userid let file = files.sharex const data = await fs.readFileSync(file.path) let nameExt = file.name.substr(file.name.lastIndexOf('.') + 1) let fileId = await makeId({ length: cordxConfig.sharexConfig.defaults.fileNameLength }) const getBase = req => `${process.env.NODE_ENV === 'development' ? 'http' : 'https'}://${req.headers.host}` let user = await sqlQuery({ query: `SELECT * FROM users WHERE secret="${secret}"` }).then(i => i) if (err) { await console.log(err.stack) return res.status(500).send( JSON.stringify({ status: 'UPLOAD_ERROR', errormsg: `${err.message}`, url: '[CORDX]: error occurred' }) ) } if (!secret) return res.status(400).send( JSON.stringify({ status: 'NO_SECRET_HEADER', errormsg: 'No secret provided in header params', url: '[CORDX]: unable to locate secret' }) ) if (!userid) return res.status(400).send( JSON.stringify({ status: 'NO_USERID_HEADER', errormsg: 'No userid provided in header params', url: '[CORDX]: unable to locate userid' }) ) if (!user) return res.status(400).send( JSON.stringify({ status: 'NO_USERID_HEADER', errormsg: 'No userid provided in header params', url: '[CORDX]: unable to locate userid' }) ) if (secret && secret !== user[0].secret) return res.status(400).send( JSON.stringify({ status: 'INVALID_SECRET_HEADER', errormsg: 'The provided secret does not match our records for the provided user', url: '[CORDX]: unable to locate valid secret' }) ) if (!file) return res.status(400).send( JSON.stringify({ status: 'NO_POST_DATA', errormsg: 'No valid uploads provided', url: '[CORDX]: No post data received' }) ) else { if (file.size >= 52428800) return res.status(400).send( JSON.stringify({ status: 'FILE_SIZE_LIMITED', errormsg: 'Whoops, looks like you have hit your file size limit. We currently limit uploads to `50M`', url: '[CORDX]: file size limited' }) ) let bucketParams = { Bucket: 'cordx', Body: data, ACL: 'public-read', ContentType: 'image/png', Key: `${userid}/${fileId}.${nameExt}` } await space .send(new PutObjectCommand(bucketParams)) .then(async () => { let imgUrl = `https://cordx.${process.env.DoShortLink}/${userid}/${fileId}.${nameExt}` await sqlQuery({ query: `INSERT INTO images (userid, fileid, filename) VALUES ("${userid}", "${fileId}", "${fileId}.${nameExt}")` }).catch(async e => { await console.error(`${e.stack}`) return reject( res.status(500).send( JSON.stringify({ status: 'POST_ERROR', errormsg: `${e.message}`, url: '[CORDX]: oops, something went wrong' }) ) ) }) /**await webhook({ userid: userid, webhook: user[0].webhook, link: imgUrl })*/ return resolve( res.status(200).send( JSON.stringify({ status: 'OK', errormsg: '', url: `${getBase(req)}/users/${userid}/${fileId}.${nameExt}` }) ) ) }) .catch(async e => { await console.error(e) return reject( res.status(500).send( JSON.stringify({ status: 'POST_ERROR', errormsg: `${e.message}`, url: '[CORDX]: oops, something went wrong' }) ) ) }) return res.status(200).send( JSON.stringify({ status: 'OK', errormsg: '', url: `${getBase(req)}/users/${userid}/${fileId}.${nameExt}` }) ) } }) }) }