gistfile1.txt
· 8.1 KiB · Text
原始檔案
import cordxConfig from '@/src/configurations/cordx.config'
import makeId from '@/utils/functions/makeId'
import sqlQuery from '@/utils/functions/sqlQuery'
//import webhook from '@/utils/functions/webhook'
import { Request, Response } from 'express'
import Formidable from 'formidable-serverless'
import { S3 } from '@aws-sdk/client-s3'
import { PutObjectCommand } from '@aws-sdk/client-s3'
import fs from 'fs'
export const config = {
api: { bodyParser: false }
}
function formatSizeUnits(bytes) {
if (bytes >= 1073741824) {
bytes = (bytes / 1073741824).toFixed(2) + ' GB'
} else if (bytes >= 1048576) {
bytes = (bytes / 1048576).toFixed(2) + ' MB'
} else if (bytes >= 1024) {
bytes = (bytes / 1024).toFixed(2) + ' KB'
} else if (bytes > 1) {
bytes = bytes + ' bytes'
} else if (bytes == 1) {
bytes = bytes + ' byte'
} else {
bytes = '0 bytes'
}
return bytes
}
export default async function POST(req: Request, res: Response) {
const space = new S3({
forcePathStyle: false,
endpoint: process.env.DoCdnLink,
region: 'us-east-1',
credentials: {
accessKeyId: process.env.DoKeyId,
secretAccessKey: process.env.DoSecret
}
})
if (req.method !== 'POST') return res.status(400).send('Invalid method')
return new Promise(async (resolve, reject) => {
const form = new Formidable.IncomingForm({
multiples: true,
keepExtensions: true
})
form.on('aborted', () => {
reject(
res.status(500).send(
JSON.stringify({
status: '[UPLOAD_FAILED]',
errormsg: 'client aborted the request',
url: '[CORDX]: aborted'
})
)
)
})
form.on('error', async e => {
await console.log(e.stack)
reject(
res.status(500).send(
JSON.stringify({
status: 'UPLOAD_ERROR',
errormsg: `${e.message}`,
url: ''
})
)
)
})
return form.parse(req, async function (err, fields, files) {
let secret = req?.headers?.secret
let userid = req?.headers?.userid
let file = files.sharex
const data = await fs.readFileSync(file.path)
let nameExt = file.name.substr(file.name.lastIndexOf('.') + 1)
let fileId = await makeId({ length: cordxConfig.sharexConfig.defaults.fileNameLength })
const getBase = req => `${process.env.NODE_ENV === 'development' ? 'http' : 'https'}://${req.headers.host}`
let user = await sqlQuery({ query: `SELECT * FROM users WHERE secret="${secret}"` }).then(i => i)
if (err) {
await console.log(err.stack)
return res.status(500).send(
JSON.stringify({
status: 'UPLOAD_ERROR',
errormsg: `${err.message}`,
url: '[CORDX]: error occurred'
})
)
}
if (!secret)
return res.status(400).send(
JSON.stringify({
status: 'NO_SECRET_HEADER',
errormsg: 'No secret provided in header params',
url: '[CORDX]: unable to locate secret'
})
)
if (!userid)
return res.status(400).send(
JSON.stringify({
status: 'NO_USERID_HEADER',
errormsg: 'No userid provided in header params',
url: '[CORDX]: unable to locate userid'
})
)
if (!user)
return res.status(400).send(
JSON.stringify({
status: 'NO_USERID_HEADER',
errormsg: 'No userid provided in header params',
url: '[CORDX]: unable to locate userid'
})
)
if (secret && secret !== user[0].secret)
return res.status(400).send(
JSON.stringify({
status: 'INVALID_SECRET_HEADER',
errormsg: 'The provided secret does not match our records for the provided user',
url: '[CORDX]: unable to locate valid secret'
})
)
if (!file)
return res.status(400).send(
JSON.stringify({
status: 'NO_POST_DATA',
errormsg: 'No valid uploads provided',
url: '[CORDX]: No post data received'
})
)
else {
if (file.size >= 52428800)
return res.status(400).send(
JSON.stringify({
status: 'FILE_SIZE_LIMITED',
errormsg:
'Whoops, looks like you have hit your file size limit. We currently limit uploads to `50M`',
url: '[CORDX]: file size limited'
})
)
let bucketParams = {
Bucket: 'cordx',
Body: data,
ACL: 'public-read',
ContentType: 'image/png',
Key: `${userid}/${fileId}.${nameExt}`
}
await space
.send(new PutObjectCommand(bucketParams))
.then(async () => {
let imgUrl = `https://cordx.${process.env.DoShortLink}/${userid}/${fileId}.${nameExt}`
await sqlQuery({
query: `INSERT INTO images (userid, fileid, filename) VALUES ("${userid}", "${fileId}", "${fileId}.${nameExt}")`
}).catch(async e => {
await console.error(`${e.stack}`)
return reject(
res.status(500).send(
JSON.stringify({
status: 'POST_ERROR',
errormsg: `${e.message}`,
url: '[CORDX]: oops, something went wrong'
})
)
)
})
/**await webhook({
userid: userid,
webhook: user[0].webhook,
link: imgUrl
})*/
return resolve(
res.status(200).send(
JSON.stringify({
status: 'OK',
errormsg: '',
url: `${getBase(req)}/users/${userid}/${fileId}.${nameExt}`
})
)
)
})
.catch(async e => {
await console.error(e)
return reject(
res.status(500).send(
JSON.stringify({
status: 'POST_ERROR',
errormsg: `${e.message}`,
url: '[CORDX]: oops, something went wrong'
})
)
)
})
return res.status(200).send(
JSON.stringify({
status: 'OK',
errormsg: '',
url: `${getBase(req)}/users/${userid}/${fileId}.${nameExt}`
})
)
}
})
})
}
| 1 | import cordxConfig from '@/src/configurations/cordx.config' |
| 2 | import makeId from '@/utils/functions/makeId' |
| 3 | import sqlQuery from '@/utils/functions/sqlQuery' |
| 4 | //import webhook from '@/utils/functions/webhook' |
| 5 | import { Request, Response } from 'express' |
| 6 | import Formidable from 'formidable-serverless' |
| 7 | import { S3 } from '@aws-sdk/client-s3' |
| 8 | import { PutObjectCommand } from '@aws-sdk/client-s3' |
| 9 | import fs from 'fs' |
| 10 | |
| 11 | export const config = { |
| 12 | api: { bodyParser: false } |
| 13 | } |
| 14 | |
| 15 | function formatSizeUnits(bytes) { |
| 16 | if (bytes >= 1073741824) { |
| 17 | bytes = (bytes / 1073741824).toFixed(2) + ' GB' |
| 18 | } else if (bytes >= 1048576) { |
| 19 | bytes = (bytes / 1048576).toFixed(2) + ' MB' |
| 20 | } else if (bytes >= 1024) { |
| 21 | bytes = (bytes / 1024).toFixed(2) + ' KB' |
| 22 | } else if (bytes > 1) { |
| 23 | bytes = bytes + ' bytes' |
| 24 | } else if (bytes == 1) { |
| 25 | bytes = bytes + ' byte' |
| 26 | } else { |
| 27 | bytes = '0 bytes' |
| 28 | } |
| 29 | return bytes |
| 30 | } |
| 31 | |
| 32 | export default async function POST(req: Request, res: Response) { |
| 33 | const space = new S3({ |
| 34 | forcePathStyle: false, |
| 35 | endpoint: process.env.DoCdnLink, |
| 36 | region: 'us-east-1', |
| 37 | credentials: { |
| 38 | accessKeyId: process.env.DoKeyId, |
| 39 | secretAccessKey: process.env.DoSecret |
| 40 | } |
| 41 | }) |
| 42 | |
| 43 | if (req.method !== 'POST') return res.status(400).send('Invalid method') |
| 44 | |
| 45 | return new Promise(async (resolve, reject) => { |
| 46 | const form = new Formidable.IncomingForm({ |
| 47 | multiples: true, |
| 48 | keepExtensions: true |
| 49 | }) |
| 50 | |
| 51 | form.on('aborted', () => { |
| 52 | reject( |
| 53 | res.status(500).send( |
| 54 | JSON.stringify({ |
| 55 | status: '[UPLOAD_FAILED]', |
| 56 | errormsg: 'client aborted the request', |
| 57 | url: '[CORDX]: aborted' |
| 58 | }) |
| 59 | ) |
| 60 | ) |
| 61 | }) |
| 62 | |
| 63 | form.on('error', async e => { |
| 64 | await console.log(e.stack) |
| 65 | |
| 66 | reject( |
| 67 | res.status(500).send( |
| 68 | JSON.stringify({ |
| 69 | status: 'UPLOAD_ERROR', |
| 70 | errormsg: `${e.message}`, |
| 71 | url: '' |
| 72 | }) |
| 73 | ) |
| 74 | ) |
| 75 | }) |
| 76 | |
| 77 | return form.parse(req, async function (err, fields, files) { |
| 78 | let secret = req?.headers?.secret |
| 79 | let userid = req?.headers?.userid |
| 80 | let file = files.sharex |
| 81 | const data = await fs.readFileSync(file.path) |
| 82 | let nameExt = file.name.substr(file.name.lastIndexOf('.') + 1) |
| 83 | let fileId = await makeId({ length: cordxConfig.sharexConfig.defaults.fileNameLength }) |
| 84 | const getBase = req => `${process.env.NODE_ENV === 'development' ? 'http' : 'https'}://${req.headers.host}` |
| 85 | let user = await sqlQuery({ query: `SELECT * FROM users WHERE secret="${secret}"` }).then(i => i) |
| 86 | |
| 87 | if (err) { |
| 88 | await console.log(err.stack) |
| 89 | |
| 90 | return res.status(500).send( |
| 91 | JSON.stringify({ |
| 92 | status: 'UPLOAD_ERROR', |
| 93 | errormsg: `${err.message}`, |
| 94 | url: '[CORDX]: error occurred' |
| 95 | }) |
| 96 | ) |
| 97 | } |
| 98 | |
| 99 | if (!secret) |
| 100 | return res.status(400).send( |
| 101 | JSON.stringify({ |
| 102 | status: 'NO_SECRET_HEADER', |
| 103 | errormsg: 'No secret provided in header params', |
| 104 | url: '[CORDX]: unable to locate secret' |
| 105 | }) |
| 106 | ) |
| 107 | |
| 108 | if (!userid) |
| 109 | return res.status(400).send( |
| 110 | JSON.stringify({ |
| 111 | status: 'NO_USERID_HEADER', |
| 112 | errormsg: 'No userid provided in header params', |
| 113 | url: '[CORDX]: unable to locate userid' |
| 114 | }) |
| 115 | ) |
| 116 | |
| 117 | if (!user) |
| 118 | return res.status(400).send( |
| 119 | JSON.stringify({ |
| 120 | status: 'NO_USERID_HEADER', |
| 121 | errormsg: 'No userid provided in header params', |
| 122 | url: '[CORDX]: unable to locate userid' |
| 123 | }) |
| 124 | ) |
| 125 | |
| 126 | if (secret && secret !== user[0].secret) |
| 127 | return res.status(400).send( |
| 128 | JSON.stringify({ |
| 129 | status: 'INVALID_SECRET_HEADER', |
| 130 | errormsg: 'The provided secret does not match our records for the provided user', |
| 131 | url: '[CORDX]: unable to locate valid secret' |
| 132 | }) |
| 133 | ) |
| 134 | |
| 135 | if (!file) |
| 136 | return res.status(400).send( |
| 137 | JSON.stringify({ |
| 138 | status: 'NO_POST_DATA', |
| 139 | errormsg: 'No valid uploads provided', |
| 140 | url: '[CORDX]: No post data received' |
| 141 | }) |
| 142 | ) |
| 143 | else { |
| 144 | if (file.size >= 52428800) |
| 145 | return res.status(400).send( |
| 146 | JSON.stringify({ |
| 147 | status: 'FILE_SIZE_LIMITED', |
| 148 | errormsg: |
| 149 | 'Whoops, looks like you have hit your file size limit. We currently limit uploads to `50M`', |
| 150 | url: '[CORDX]: file size limited' |
| 151 | }) |
| 152 | ) |
| 153 | |
| 154 | let bucketParams = { |
| 155 | Bucket: 'cordx', |
| 156 | Body: data, |
| 157 | ACL: 'public-read', |
| 158 | ContentType: 'image/png', |
| 159 | Key: `${userid}/${fileId}.${nameExt}` |
| 160 | } |
| 161 | |
| 162 | await space |
| 163 | .send(new PutObjectCommand(bucketParams)) |
| 164 | .then(async () => { |
| 165 | let imgUrl = `https://cordx.${process.env.DoShortLink}/${userid}/${fileId}.${nameExt}` |
| 166 | |
| 167 | await sqlQuery({ |
| 168 | query: `INSERT INTO images (userid, fileid, filename) VALUES ("${userid}", "${fileId}", "${fileId}.${nameExt}")` |
| 169 | }).catch(async e => { |
| 170 | await console.error(`${e.stack}`) |
| 171 | |
| 172 | return reject( |
| 173 | res.status(500).send( |
| 174 | JSON.stringify({ |
| 175 | status: 'POST_ERROR', |
| 176 | errormsg: `${e.message}`, |
| 177 | url: '[CORDX]: oops, something went wrong' |
| 178 | }) |
| 179 | ) |
| 180 | ) |
| 181 | }) |
| 182 | |
| 183 | /**await webhook({ |
| 184 | userid: userid, |
| 185 | webhook: user[0].webhook, |
| 186 | link: imgUrl |
| 187 | })*/ |
| 188 | |
| 189 | return resolve( |
| 190 | res.status(200).send( |
| 191 | JSON.stringify({ |
| 192 | status: 'OK', |
| 193 | errormsg: '', |
| 194 | url: `${getBase(req)}/users/${userid}/${fileId}.${nameExt}` |
| 195 | }) |
| 196 | ) |
| 197 | ) |
| 198 | }) |
| 199 | .catch(async e => { |
| 200 | await console.error(e) |
| 201 | |
| 202 | return reject( |
| 203 | res.status(500).send( |
| 204 | JSON.stringify({ |
| 205 | status: 'POST_ERROR', |
| 206 | errormsg: `${e.message}`, |
| 207 | url: '[CORDX]: oops, something went wrong' |
| 208 | }) |
| 209 | ) |
| 210 | ) |
| 211 | }) |
| 212 | |
| 213 | return res.status(200).send( |
| 214 | JSON.stringify({ |
| 215 | status: 'OK', |
| 216 | errormsg: '', |
| 217 | url: `${getBase(req)}/users/${userid}/${fileId}.${nameExt}` |
| 218 | }) |
| 219 | ) |
| 220 | } |
| 221 | }) |
| 222 | }) |
| 223 | } |