Update v1.0.0-beta.12, addition of external APIs and optimization
This commit is contained in:
@@ -18,16 +18,54 @@ let setupData = getSetupData();
|
||||
let userData = getUserData();
|
||||
router.use(bodyParser.json());
|
||||
|
||||
function authenticateToken(req, res, next) {
|
||||
let token = null;
|
||||
const authHeader = req.headers['authorization'];
|
||||
|
||||
if (authHeader) {
|
||||
token = authHeader.split(' ')[1];
|
||||
} else if (req.query.token) {
|
||||
token = req.query.token;
|
||||
}
|
||||
|
||||
if (token == null) {
|
||||
if (req.user) {
|
||||
return next();
|
||||
} else {
|
||||
return res.status(401).json({ message: 'Unauthorized' });
|
||||
}
|
||||
}
|
||||
|
||||
fs.readFile(path.join(__dirname, '../../../data', 'user.json'), 'utf8', (err, data) => {
|
||||
if (err) {
|
||||
console.error('Error reading user.json:', err);
|
||||
return res.status(401).json({ message: 'Unauthorized' });
|
||||
}
|
||||
|
||||
const users = JSON.parse(data);
|
||||
|
||||
const user = users.find(u => u.token === token);
|
||||
|
||||
if (user) {
|
||||
req.user = user;
|
||||
req.userData = user;
|
||||
next();
|
||||
} else {
|
||||
return res.status(401).json({ message: 'Unauthorized' });
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
router.get('/', (req, res) => {
|
||||
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||
});
|
||||
|
||||
router.post('/', authMiddleware, (req, res) => {
|
||||
router.post('/', authenticateToken, (req, res) => {
|
||||
const userId = req.userData.name;
|
||||
const { filename } = req.body;
|
||||
|
||||
if (!userId || !filename) {
|
||||
return res.status(400).json({ message: 'Identifiant d\'utilisateur ou nom de fichier manquant pour la suppression du fichier.' });
|
||||
return res.status(400).json({ message: 'User ID or filename missing for file deletion.' });
|
||||
}
|
||||
|
||||
const userFolderPath = path.join('cdn-files', userId);
|
||||
@@ -39,19 +77,19 @@ router.post('/', authMiddleware, (req, res) => {
|
||||
const filePath = path.join(folderPath, file);
|
||||
|
||||
if (!filePath.startsWith(userFolderPath)) {
|
||||
console.error('Unauthorized directory access attempt');
|
||||
return false;
|
||||
}
|
||||
|
||||
if (fs.statSync(filePath).isDirectory()) {
|
||||
findAndDeleteFile(filePath);
|
||||
const fileDeletedInSubfolder = findAndDeleteFile(filePath);
|
||||
if (fileDeletedInSubfolder) {
|
||||
return true;
|
||||
}
|
||||
} else if (file === filename) {
|
||||
try {
|
||||
fs.unlinkSync(filePath);
|
||||
console.log('File deleted:', filePath);
|
||||
return true;
|
||||
} catch (error) {
|
||||
console.error('Error deleting file:', error);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
@@ -63,9 +101,9 @@ router.post('/', authMiddleware, (req, res) => {
|
||||
const fileDeleted = findAndDeleteFile(userFolderPath);
|
||||
|
||||
if (fileDeleted) {
|
||||
res.status(200).json({ status: 'success', message: 'Le fichier a été supprimé avec succès.' });
|
||||
res.status(200).json({ status: 'success', message: 'The file has been successfully deleted.' });
|
||||
} else {
|
||||
res.status(404).json({ status: 'error', message: 'Le fichier que vous essayez de supprimer n\'existe pas.' });
|
||||
res.status(404).json({ status: 'error', message: 'The file you are trying to delete does not exist.' });
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
Reference in New Issue
Block a user