Update v1.0.0-beta.13

Several modifications made to the API and several bug fixes
2024-06-02 18:13:28 +02:00
parent f2d244c95a
commit ce8f1bbbac
21 changed files with 1228 additions and 170 deletions
--- a/routes/Dpanel/API/RenameFile.js
+++ b/routes/Dpanel/API/RenameFile.js
@@ -18,45 +18,163 @@ let setupData = getSetupData();
 let userData = getUserData();
 router.use(bodyParser.json());

+/**
+ * @swagger
+ * /dashboard/rename?token={token}:
+ *   post:
+ *     security:
+ *       - bearerAuth: []
+ *     tags:
+ *       - File
+ *     summary: Rename a file
+ *     description: This route allows you to rename a file. It requires a valid JWT token in the Authorization header.
+ *     requestBody:
+ *       required: true
+ *       content:
+ *         application/json:
+ *           schema:
+ *             type: object
+ *             properties:
+ *               currentName:
+ *                 type: string
+ *                 description: The current name of the file
+ *               newName:
+ *                 type: string
+ *                 description: The new name for the file
+ *     parameters:
+ *       - in: header
+ *         name: Authorization
+ *         required: true
+ *         schema:
+ *           type: string
+ *         description: The JWT token of your account to have access
+ *     responses:
+ *       200:
+ *         description: Success
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 message:
+ *                   type: string
+ *       400:
+ *         description: Bad Request
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 message:
+ *                   type: string
+ *       401:
+ *         description: Unauthorized
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 message:
+ *                   type: string
+ *       500:
+ *         description: Error renaming the file
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 message:
+ *                   type: string
+ *                 error:
+ *                   type: string
+ */
+
+function authenticateToken(req, res, next) {
+    let token = null;
+    const authHeader = req.headers['authorization'];
+
+    if (authHeader) {
+        token = authHeader.split(' ')[1];
+    } else if (req.query.token) {
+        token = req.query.token;
+    }
+
+    if (token == null) {
+        if (req.user) {
+            return next();
+        } else {
+            return res.status(401).json({ message: 'Unauthorized' });
+        }
+    }
+
+    fs.readFile(path.join(__dirname, '../../../data', 'user.json'), 'utf8', (err, data) => {
+        if (err) {
+            console.error('Error reading user.json:', err);
+            return res.status(401).json({ message: 'Unauthorized' });
+        }
+
+        const users = JSON.parse(data);
+
+        const user = users.find(u => u.token === token);
+
+        if (user) {
+            console.log('User found:', user);
+            req.user = user;
+            req.userData = user;
+            next();
+        } else {
+            console.log('No user found for token:', token);
+            return res.status(401).json({ message: 'Unauthorized' });
+        }
+    });
+}
+
 router.get('/', (req, res) => {
    res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
 });

 router.post('/', authMiddleware, async (req, res) => {
-    const userId = req.userData.name; 
-    const { currentName, newName } = req.body;
+  const userId = req.userData.name;
+  const { currentName, newName } = req.body;
+  const filePath = path.join(req.params.filePath || '', req.params[0] || '');

-    if (!currentName || !newName) {
-        return res.status(400).send('Both currentName and newName must be provided.');
-    }
+  if (!currentName || !newName) {
+      return res.status(400).json('Both currentName and newName must be provided.');
+  }

-    const currentPath = path.join('cdn-files', userId || '', currentName);
-    const newPath = path.join('cdn-files', userId, newName);
+  const userDir = path.join('cdn-files', userId);
+  const currentPath = path.join(userDir, filePath, currentName);
+  const newPath = path.join(userDir, filePath, newName);

-    try {
-        await fs.promises.rename(currentPath, newPath);
+  if (!currentPath.startsWith(userDir) || !newPath.startsWith(userDir)) {
+      ErrorLogger.error('Unauthorized directory access attempt');
+      return res.status(403).json('Unauthorized directory access attempt');
+  }

-        const data = await fs.promises.readFile(path.join(__dirname, '../../../data', 'file_info.json'), 'utf-8')
-        let fileInfo = JSON.parse(data);
+  try {
+      await fs.promises.rename(currentPath, newPath);

-        let found = false;
-        for (let i = 0; i < fileInfo.length; i++) {
-            if (fileInfo[i].fileName === currentName) {
-                fileInfo[i].fileName = newName;
-                found = true;
-                break;
-            }
-        }
+      const data = await fs.promises.readFile(path.join(__dirname, '../../../data', 'file_info.json'), 'utf8');
+      let fileInfo = JSON.parse(data);

-        if (found) {
-            await fs.promises.writeFile(path.join(__dirname, '../../../data', 'file_info.json'), JSON.stringify(fileInfo, null, 2), 'utf8');
-        }
+      let found = false;
+      for (let i = 0; i < fileInfo.length; i++) {
+          if (fileInfo[i].fileName === currentName) {
+              fileInfo[i].fileName = newName;
+              found = true;
+              break;
+          }
+      }

-        res.status(200).send('L\'opération a été effectuée avec succès.');  
-    } catch (err) {
-        console.error(err);
-        return res.status(500).send('Erreur lors du changement de nom du fichier.');
-    }
+      if (found) {
+          await fs.promises.writeFile(path.join(__dirname, '../../../data', 'file_info.json'), JSON.stringify(fileInfo, null, 2), 'utf8');
+      }
+
+      res.status(200).json('Operation was successful.');  
+  } catch (err) {
+      console.error(err);
+      return res.status(500).json('Error renaming the file.');
+  }
 });

 router.post('/:filePath*', authMiddleware, async (req, res) => {
@@ -65,7 +183,7 @@ router.post('/:filePath*', authMiddleware, async (req, res) => {
    const filePath = path.join(req.params.filePath, req.params[0] || '');

    if (!currentName || !newName) {
-        return res.status(400).send('Both currentName and newName must be provided.');
+        return res.status(400).json('Both currentName and newName must be provided.');
    }

    const userDir = path.join('cdn-files', userId);
@@ -74,7 +192,7 @@ router.post('/:filePath*', authMiddleware, async (req, res) => {

    if (!currentPath.startsWith(userDir) || !newPath.startsWith(userDir)) {
        ErrorLogger.error('Unauthorized directory access attempt');
-        return res.status(403).send('Unauthorized directory access attempt');
+        return res.status(403).json('Unauthorized directory access attempt');
    }

    try {
@@ -96,10 +214,10 @@ router.post('/:filePath*', authMiddleware, async (req, res) => {
            await fs.promises.writeFile(path.join(__dirname, '../../../data', 'file_info.json'), JSON.stringify(fileInfo, null, 2), 'utf8');
        }

-        res.status(200).send('L\'opération a été effectuée avec succès.');  
+        res.status(200).json('Operation was successful.');  
    } catch (err) {
        console.error(err);
-        return res.status(500).send('Erreur lors du changement de nom du fichier.');
+        return res.status(500).json('Error renaming the file.');
    }
 });