Dinawo/CDN-APP-INSIDER
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
main
CDN-APP-INSIDER/routes/Dpanel/API/DeleteFile.js
Dinawo aaff0ed4ea
All checks were successful
continuous-integration/drone/push Build is passing
Details
Urgent correction of version v1.0.0-beta.14 due to crash issues when acting on the CDN. 
We would like to apologize for the inconvenience caused and we would like to thank you for the quick report.
2024-07-12 18:07:19 +02:00

216 lines
6.3 KiB
JavaScript
Raw Permalink Blame History

const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp').ncp;
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
/**
* @swagger
* /dashboard/deletefile?token={token}:
* post:
* security:
* - bearerAuth: []
* tags:
* - File
* summary: Delete a specific file for a user
* description: This route allows you to delete a specific file for a user. It requires a valid JWT token in the Authorization header.
* requestBody:
* required: true
* content:
* application/json:
* schema:
* type: object
* properties:
* filename:
* type: string
* description: The name of the file to delete
* parameters:
* - in: header
* name: Authorization
* required: true
* schema:
* type: string
* description: The JWT token of your account to have access
* responses:
* 200:
* description: Success
* content:
* application/json:
* schema:
* type: object
* properties:
* status:
* type: string
* message:
* type: string
* 400:
* description: Bad Request
* content:
* application/json:
* schema:
* type: object
* properties:
* error:
* type: string
* 401:
* description: Unauthorized
* content:
* application/json:
* schema:
* type: object
* properties:
* message:
* type: string
* 404:
* description: The specified file does not exist
* content:
* application/json:
* schema:
* type: object
* properties:
* status:
* type: string
* message:
* type: string
* 500:
* description: Internal server error
* content:
* application/json:
* schema:
* type: object
* properties:
* error:
* type: string
*/
function authenticateToken(req, res, next) {
if (req.session.user) {
req.user = req.session.user;
req.userData = req.session.user;
return next();
}
let token = null;
const authHeader = req.headers['authorization'];
if (authHeader) {
token = authHeader.split(' ')[1];
} else if (req.query.token) {
token = req.query.token;
}
if (!token) {
return res.status(401).json({ message: 'Unauthorized: No token provided' });
}
fs.readFile(path.join(__dirname, '../../../data', 'user.json'), 'utf8', (err, data) => {
if (err) {
console.error('Error reading user.json:', err);
return res.status(500).json({ message: 'Internal server error' });
}
const users = JSON.parse(data);
const user = users.find(u => u.token === token);
if (!user) {
return res.status(401).json({ message: 'Unauthorized: Invalid token' });
}
// Enregistrer l'utilisateur dans la session
req.session.user = user;
req.user = user;
req.userData = user;
next();
});
}
router.get('/', (req, res) => {
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
});
router.post('/', authenticateToken, (req, res) => {
if (!req.userData) {
return res.status(401).json({ message: 'Authentication failed.' });
}
const userId = req.userData.name;
const { filename } = req.body;
if (!userId || !filename) {
return res.status(400).json({ message: 'User ID or filename missing for file deletion.' });
}
const userFolderPath = path.join('cdn-files', userId);
function findAndDeleteFile(folderPath) {
const filesInFolder = fs.readdirSync(folderPath);
for (const file of filesInFolder) {
const filePath = path.join(folderPath, file);
if (!filePath.startsWith(userFolderPath)) {
return false;
}
if (fs.statSync(filePath).isDirectory()) {
const fileDeletedInSubfolder = findAndDeleteFile(filePath);
if (fileDeletedInSubfolder) {
return true;
}
} else if (file === filename) {
try {
fs.unlinkSync(filePath);
return true;
} catch (error) {
console.error('Error deleting file:', error);
return false;
}
}
}
return false;
}
const fileDeleted = findAndDeleteFile(userFolderPath);
if (fileDeleted) {
res.status(200).json({ status: 'success', message: 'The file has been successfully deleted.' });
} else {
res.status(404).json({ status: 'error', message: 'The file you are trying to delete does not exist.' });
}
});
const ncpAsync = (source, destination) => {
if (!source.startsWith('cdn-files') || !destination.startsWith('cdn-files')) {
throw new Error('Unauthorized directory access attempt');
}
return new Promise((resolve, reject) => {
ncp(source, destination, (err) => {
if (err) {
reject(err);
} else {
resolve();
}
});
});
};
module.exports = router;
Reference in New Issue View Git Blame Copy Permalink