const express = require('express'); const fs = require('fs'); const path = require('path'); const router = express.Router(); const fileUpload = require('express-fileupload'); const authMiddleware = require('../../../Middlewares/authMiddleware'); const { loggers } = require('winston'); const ncp = require('ncp').ncp; const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8') const config = JSON.parse(configFile); const bodyParser = require('body-parser'); const crypto = require('crypto'); const os = require('os'); const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware'); const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs'); let setupData = getSetupData(); let userData = getUserData(); router.use(bodyParser.json()); /** * @swagger * /dashboard/deletefile?token={token}: * post: * security: * - bearerAuth: [] * tags: * - File * summary: Delete a specific file for a user * description: This route allows you to delete a specific file for a user. It requires a valid JWT token in the Authorization header. * requestBody: * required: true * content: * application/json: * schema: * type: object * properties: * filename: * type: string * description: The name of the file to delete * parameters: * - in: header * name: Authorization * required: true * schema: * type: string * description: The JWT token of your account to have access * responses: * 200: * description: Success * content: * application/json: * schema: * type: object * properties: * status: * type: string * message: * type: string * 400: * description: Bad Request * content: * application/json: * schema: * type: object * properties: * error: * type: string * 401: * description: Unauthorized * content: * application/json: * schema: * type: object * properties: * message: * type: string * 404: * description: The specified file does not exist * content: * application/json: * schema: * type: object * properties: * status: * type: string * message: * type: string * 500: * description: Internal server error * content: * application/json: * schema: * type: object * properties: * error: * type: string */ function authenticateToken(req, res, next) { if (req.session.user) { req.user = req.session.user; req.userData = req.session.user; return next(); } let token = null; const authHeader = req.headers['authorization']; if (authHeader) { token = authHeader.split(' ')[1]; } else if (req.query.token) { token = req.query.token; } if (!token) { return res.status(401).json({ message: 'Unauthorized: No token provided' }); } fs.readFile(path.join(__dirname, '../../../data', 'user.json'), 'utf8', (err, data) => { if (err) { console.error('Error reading user.json:', err); return res.status(500).json({ message: 'Internal server error' }); } const users = JSON.parse(data); const user = users.find(u => u.token === token); if (!user) { return res.status(401).json({ message: 'Unauthorized: Invalid token' }); } // Enregistrer l'utilisateur dans la session req.session.user = user; req.user = user; req.userData = user; next(); }); } router.get('/', (req, res) => { res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' }); }); router.post('/', authenticateToken, (req, res) => { if (!req.userData) { return res.status(401).json({ message: 'Authentication failed.' }); } const userId = req.userData.name; const { filename } = req.body; if (!userId || !filename) { return res.status(400).json({ message: 'User ID or filename missing for file deletion.' }); } const userFolderPath = path.join('cdn-files', userId); function findAndDeleteFile(folderPath) { const filesInFolder = fs.readdirSync(folderPath); for (const file of filesInFolder) { const filePath = path.join(folderPath, file); if (!filePath.startsWith(userFolderPath)) { return false; } if (fs.statSync(filePath).isDirectory()) { const fileDeletedInSubfolder = findAndDeleteFile(filePath); if (fileDeletedInSubfolder) { return true; } } else if (file === filename) { try { fs.unlinkSync(filePath); return true; } catch (error) { console.error('Error deleting file:', error); return false; } } } return false; } const fileDeleted = findAndDeleteFile(userFolderPath); if (fileDeleted) { res.status(200).json({ status: 'success', message: 'The file has been successfully deleted.' }); } else { res.status(404).json({ status: 'error', message: 'The file you are trying to delete does not exist.' }); } }); const ncpAsync = (source, destination) => { if (!source.startsWith('cdn-files') || !destination.startsWith('cdn-files')) { throw new Error('Unauthorized directory access attempt'); } return new Promise((resolve, reject) => { ncp(source, destination, (err) => { if (err) { reject(err); } else { resolve(); } }); }); }; module.exports = router;