Update routes and file paths, fix authentication and security issues

2024-04-13 22:17:54 +02:00
parent 8f3e604774
commit 4e2e085a63
38 changed files with 1918 additions and 1408 deletions
--- a/routes/Dpanel/Dashboard/index.js
+++ b/routes/Dpanel/Dashboard/index.js
@@ -0,0 +1,93 @@
+const express = require('express');
+const fs = require('fs');
+const path = require('path');
+const router = express.Router();
+const fileUpload = require('express-fileupload');
+const authMiddleware = require('../../../Middlewares/authMiddleware');
+const { loggers } = require('winston');
+const ncp = require('ncp').ncp;
+let configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
+let config = JSON.parse(configFile)[0];
+const bodyParser = require('body-parser');
+const crypto = require('crypto');
+const os = require('os');
+const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
+
+let setupData = getSetupData();
+let userData = getUserData();
+router.use(bodyParser.json());
+
+router.get('/', authMiddleware, async (req, res) => {
+    const folderName = req.params.folderName || '';  
+    
+    if (!req.userData || !req.userData.name) {
+        return res.render('error-recovery-file', { error: 'User data is undefined or incomplete' });
+    }
+
+    const userId = req.userData.id; 
+    const userName = req.userData.name;
+    const downloadDir = path.join('cdn-files', userName);
+    const domain = config.domain || 'swiftlogic-labs.com';
+
+    if (!config.domain) {
+        console.error('Domain is not defined in setup.json');
+        config.domain = 'swiftlogic-labs.com';
+    }
+
+    if (!fs.existsSync(downloadDir)) {
+        fs.mkdirSync(downloadDir, { recursive: true });
+    }
+
+    try {
+        fs.accessSync(downloadDir, fs.constants.R_OK | fs.constants.W_OK);
+    } catch (err) {
+        console.error('No access!', err);
+        return res.render('error-recovery-file', { error: 'No access to directory' });
+    }
+
+    let fileInfoNames = [];
+    try {
+        const fileInfo = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'))
+        
+        if (!Array.isArray(fileInfo)) {
+            console.error('fileInfo is not an array. Check the contents of file_info.json');
+        } else {
+            fileInfoNames = fileInfo.map(file => file.fileName);
+        }
+    } catch (err) {
+        console.error('Error reading file_info.json:', err);
+    }
+
+    try {
+        const files = await fs.promises.readdir(downloadDir);
+
+        const folders = files.filter(file => fs.statSync(path.join(downloadDir, file)).isDirectory());
+
+        const fileDetails = files.map(file => {
+            const filePath = path.join(downloadDir, file);
+            const stats = fs.statSync(filePath);
+            const fileExtension = path.extname(file).toLowerCase();
+            const encodedFileName = encodeURIComponent(file);
+            const fileLink = `https://${domain}/attachments/${userId}/${encodedFileName}`;
+
+            const fileType = stats.isDirectory() ? 'folder' : 'file';
+
+            return {
+                name: file,
+                size: stats.size,
+                url: fileLink,
+                extension: fileExtension,
+                type: fileType
+            };
+        });
+
+        const availableExtensions = Array.from(new Set(fileDetails.map(file => file.extension)));
+
+        res.render('dashboard', { files: fileDetails, folders, extensions: availableExtensions, allFolders: folders, folderName: folderName, fileInfoNames: fileInfoNames });
+    } catch (err) {
+        console.error('Error reading directory:', err);
+        return res.render('error-recovery-file', { error: err.message });
+    }
+});
+
+module.exports = router;