Update v1.0.0-beta.13

Several modifications made to the API and several bug fixes
2024-06-02 18:13:28 +02:00
parent f2d244c95a
commit ce8f1bbbac
21 changed files with 1228 additions and 170 deletions
--- a/routes/Dpanel/API/DeleteFile.js
+++ b/routes/Dpanel/API/DeleteFile.js
@@ -18,49 +18,129 @@ let setupData = getSetupData();
 let userData = getUserData();
 router.use(bodyParser.json());

+/**
+ * @swagger
+ * /dashboard/deletefile?token={token}:
+ *   post:
+ *     security:
+ *       - bearerAuth: []
+ *     tags:
+ *       - File
+ *     summary: Delete a specific file for a user
+ *     description: This route allows you to delete a specific file for a user. It requires a valid JWT token in the Authorization header.
+ *     requestBody:
+ *       required: true
+ *       content:
+ *         application/json:
+ *           schema:
+ *             type: object
+ *             properties:
+ *               filename:
+ *                 type: string
+ *                 description: The name of the file to delete
+ *     parameters:
+ *       - in: header
+ *         name: Authorization
+ *         required: true
+ *         schema:
+ *           type: string
+ *         description: The JWT token of your account to have access
+ *     responses:
+ *       200:
+ *         description: Success
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 status:
+ *                   type: string
+ *                 message:
+ *                   type: string
+ *       400:
+ *         description: Bad Request
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 error:
+ *                   type: string
+ *       401:
+ *         description: Unauthorized
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 message:
+ *                   type: string
+ *       404:
+ *         description: The specified file does not exist
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 status:
+ *                   type: string
+ *                 message:
+ *                   type: string
+ *       500:
+ *         description: Internal server error
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 error:
+ *                   type: string
+ */
+
+
 function authenticateToken(req, res, next) {
    let token = null;
    const authHeader = req.headers['authorization'];
-  
+
    if (authHeader) {
-      token = authHeader.split(' ')[1];
+        token = authHeader.split(' ')[1];
    } else if (req.query.token) {
-      token = req.query.token;
+        token = req.query.token;
    }
-  
-    if (token == null) {
-      if (req.user) {
-        return next();
-      } else {
-        return res.status(401).json({ message: 'Unauthorized' });
-      }
+
+    if (!token) {
+        return res.status(401).json({ message: 'Unauthorized: No token provided' });
    }
-  
+
    fs.readFile(path.join(__dirname, '../../../data', 'user.json'), 'utf8', (err, data) => {
-      if (err) {
-        console.error('Error reading user.json:', err);
-        return res.status(401).json({ message: 'Unauthorized' });
-      }
-  
-      const users = JSON.parse(data);
-  
-      const user = users.find(u => u.token === token);
-  
-      if (user) {
+        if (err) {
+            console.error('Error reading user.json:', err);
+            return res.status(500).json({ message: 'Internal server error' });
+        }
+
+        const users = JSON.parse(data);
+        const user = users.find(u => u.token === token);
+
+        if (!user) {
+            return res.status(401).json({ message: 'Unauthorized: Invalid token' });
+        }
+
        req.user = user;
        req.userData = user;
        next();
-    } else {
-        return res.status(401).json({ message: 'Unauthorized' });
-    }
    });
-  }
+}
+

 router.get('/', (req, res) => {
    res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
 });

 router.post('/', authenticateToken, (req, res) => {
+    if (!req.userData) {
+        return res.status(401).json({ message: 'Authentication failed.' });
+    }
+
    const userId = req.userData.name;
    const { filename } = req.body;

@@ -90,6 +170,7 @@ router.post('/', authenticateToken, (req, res) => {
                    fs.unlinkSync(filePath);
                    return true;
                } catch (error) {
+                    console.error('Error deleting file:', error);
                    return false;
                }
            }
@@ -107,9 +188,9 @@ router.post('/', authenticateToken, (req, res) => {
    }
 });

+
 const ncpAsync = (source, destination) => {
-    const userFolderPath = path.join('cdn-files', userId);
-    if (!source.startsWith(userFolderPath) || !destination.startsWith(userFolderPath)) {
+    if (!source.startsWith('cdn-files') || !destination.startsWith('cdn-files')) {
        throw new Error('Unauthorized directory access attempt');
    }