filesafe/controllers/uploadController.js

const path = require('path')
const config = require('../config.js')
const multer  = require('multer')
const randomstring = require('randomstring')
const db = require('knex')(config.database)
const crypto = require('crypto')
const fs = require('fs')

let uploadsController = {}

const storage = multer.diskStorage({
	destination: function (req, file, cb) {
		cb(null, './' + config.uploads.folder + '/')
	},
	filename: function (req, file, cb) {
		cb(null, randomstring.generate(config.uploads.fileLength) + path.extname(file.originalname))
	}
})

const upload = multer({
	storage: storage,
	limits: { fileSize: config.uploads.maxSize }
}).array('files[]')

uploadsController.upload = function(req, res, next){

	if(config.private === true)
		if(req.headers.auth !== config.clientToken)
			return res.status(401).json({ success: false, description: 'not-authorized'})

	let album = req.params.albumid
	
	if(album !== undefined)
		if(req.headers.adminauth !== config.adminToken)
			return res.status(401).json({ success: false, description: 'not-authorized'})
	
	upload(req, res, function (err) {
		if (err) {
			console.error(err)
			return res.json({ 
				success: false,
				description: err
			})
		}

		if(req.files.length === 0) return res.json({ success: false, description: 'no-files' })

		let files = []
		let existingFiles = []
		let iteration = 1

		req.files.forEach(function(file) {

			// Check if the file exists by checking hash and size
			let hash = crypto.createHash('md5')
			let stream = fs.createReadStream('./' + config.uploads.folder + '/' + file.filename)

			stream.on('data', function (data) {
				hash.update(data, 'utf8')
			})

			stream.on('end', function () {
				let fileHash = hash.digest('hex') // 34f7a3113803f8ed3b8fd7ce5656ebec

				db.table('files').where({
					hash: fileHash,
					size: file.size
				}).then((dbfile) => {

					if(dbfile.length !== 0){
						uploadsController.deleteFile(file.filename).then(() => {}).catch((e) => console.error(e))
						existingFiles.push(dbfile[0])
					}else{
						files.push({
							name: file.filename, 
							original: file.originalname,
							type: file.mimetype,
							size: file.size, 
							hash: fileHash,
							ip: req.ip,
							albumid: album,
							timestamp: Math.floor(Date.now() / 1000)
						})
					}

					if(iteration === req.files.length)
						return uploadsController.processFilesForDisplay(req, res, files, existingFiles)
					iteration++
				})

			})

		})

	})

}

uploadsController.processFilesForDisplay = function(req, res, files, existingFiles){


	let basedomain = req.get('host')
	for(let domain of config.domains)
		if(domain.host === req.get('host'))
			if(domain.hasOwnProperty('resolve'))
				basedomain = domain.resolve
				
	if(files.length === 0){
		return res.json({
			success: true,
			files: existingFiles.map(file => {
				return {
					name: file.name,
					size: file.size,
					url: basedomain + '/' + file.name
				}
			})
		})
	}

	db.table('files').insert(files).then(() => {

		for(let efile of existingFiles) files.push(efile)

		res.json({
			success: true,
			files: files.map(file => {
				return {
					name: file.name,
					size: file.size,
					url: basedomain + '/' + file.name
				}
			})
		})

	}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
}

uploadsController.delete = function(req, res){

	if(req.headers.auth !== config.adminToken)
		return res.status(401).json({ success: false, description: 'not-authorized'})

	let id = req.body.id
	if(id === undefined || id === '')
		return res.json({ success: false, description: 'No file specified' })

	db.table('files').where('id', id).then((file) => {

		uploadsController.deleteFile(file[0].name).then(() => {
			db.table('files').where('id', id).del().then(() =>{
				return res.json({ success: true })
			}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
		}).catch((e) => {
			return res.json({ success: false, description: e.toString() })
		})

	}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
	
}

uploadsController.deleteFile = function(file){

	return new Promise(function(resolve, reject){
		fs.stat('./' + config.uploads.folder + '/' + file, function (err, stats) {
			if (err) { return reject(err) }
			fs.unlink('./' + config.uploads.folder + '/' + file, function(err){
				if (err) { return reject(err) }
				return resolve()
			})
		})
	})

}

uploadsController.list = function(req, res){

	if(req.headers.auth !== config.adminToken)
		return res.status(401).json({ success: false, description: 'not-authorized'})

	let offset = req.params.page
	if(offset === undefined) offset = 0

	db.table('files')
	.where(function(){
		if(req.params.id === undefined)
			this.where('id', '<>', '')
		else
			this.where('albumid', req.params.id)
	})
	.orderBy('id', 'DESC')
	.limit(25)
	.offset(25 * offset)
	.then((files) => {
		db.table('albums').then((albums) => {

			let basedomain = req.get('host')
			for(let domain of config.domains)
				if(domain.host === req.get('host'))
					if(domain.hasOwnProperty('resolve'))
						basedomain = domain.resolve

			for(let file of files){
				file.file = basedomain + '/' + file.name
				file.date = new Date(file.timestamp * 1000)
				file.date = file.date.getFullYear() + '-' + (file.date.getMonth() + 1) + '-' + file.date.getDate() + ' ' + (file.date.getHours() < 10 ? '0' : '') + file.date.getHours() + ':' + (file.date.getMinutes() < 10 ? '0' : '') + file.date.getMinutes() + ':' + (file.date.getSeconds() < 10 ? '0' : '') + file.date.getSeconds()

				file.album = ''
				
				if(file.albumid !== undefined)
					for(let album of albums)
						if(file.albumid === album.id)
							file.album = album.name

			}

			return res.json({
				success: true,
				files
			})
		})

	}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
}

module.exports = uploadsController
First version 2017-01-13 07:34:21 +00:00			`const path = require('path')`
			`const config = require('../config.js')`
			`const multer = require('multer')`
			`const randomstring = require('randomstring')`
			`const db = require('knex')(config.database)`
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`const crypto = require('crypto')`
File delete, album delete and album rename. Sugoooi! 2017-01-20 06:28:26 +00:00			`const fs = require('fs')`
First version 2017-01-13 07:34:21 +00:00
			`let uploadsController = {}`

			`const storage = multer.diskStorage({`
			`destination: function (req, file, cb) {`
			`cb(null, './' + config.uploads.folder + '/')`
			`},`
			`filename: function (req, file, cb) {`
Frontend done 2017-01-14 08:50:18 +00:00			`cb(null, randomstring.generate(config.uploads.fileLength) + path.extname(file.originalname))`
First version 2017-01-13 07:34:21 +00:00			`}`
			`})`

			`const upload = multer({`
			`storage: storage,`
Camelcased the config 2017-01-18 23:38:13 +00:00			`limits: { fileSize: config.uploads.maxSize }`
Changed upload from single file to array 2017-01-16 08:22:19 +00:00			`}).array('files[]')`
First version 2017-01-13 07:34:21 +00:00
			`uploadsController.upload = function(req, res, next){`

token handling and verification 2017-01-17 03:37:54 +00:00			`if(config.private === true)`
Print and save tokens 2017-01-16 07:45:29 +00:00			`if(req.headers.auth !== config.clientToken)`
Changed request system and post data Changed from XMLHttpRequest to Axiios and made every POST call to look for params or json and not pass the values as headers. Token is still a header though 2017-01-19 05:37:35 +00:00			`return res.status(401).json({ success: false, description: 'not-authorized'})`
First version 2017-01-13 07:34:21 +00:00
Ohboi 2017-01-19 06:04:22 +00:00			`let album = req.params.albumid`
First version 2017-01-13 07:34:21 +00:00
added admin auth for uploading to an album 2017-01-18 06:00:36 +00:00			`if(album !== undefined)`
lowercased headers 2017-01-18 06:40:16 +00:00			`if(req.headers.adminauth !== config.adminToken)`
Changed request system and post data Changed from XMLHttpRequest to Axiios and made every POST call to look for params or json and not pass the values as headers. Token is still a header though 2017-01-19 05:37:35 +00:00			`return res.status(401).json({ success: false, description: 'not-authorized'})`
added admin auth for uploading to an album 2017-01-18 06:00:36 +00:00
First version 2017-01-13 07:34:21 +00:00			`upload(req, res, function (err) {`
			`if (err) {`
			`console.error(err)`
Admin panel, pomf-standarization and stuff 2017-01-16 07:21:46 +00:00			`return res.json({`
			`success: false,`
			`description: err`
			`})`
First version 2017-01-13 07:34:21 +00:00			`}`

Ohboi 2017-01-19 06:04:22 +00:00			`if(req.files.length === 0) return res.json({ success: false, description: 'no-files' })`

Changed upload from single file to array 2017-01-16 08:22:19 +00:00			`let files = []`
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`let existingFiles = []`
			`let iteration = 1`
Small fix for listing 2017-01-19 06:34:48 +00:00
Changed upload from single file to array 2017-01-16 08:22:19 +00:00			`req.files.forEach(function(file) {`
Small fix for listing 2017-01-19 06:34:48 +00:00
			`// Check if the file exists by checking hash and size`
			`let hash = crypto.createHash('md5')`
			`let stream = fs.createReadStream('./' + config.uploads.folder + '/' + file.filename)`

			`stream.on('data', function (data) {`
			`hash.update(data, 'utf8')`
			`})`

			`stream.on('end', function () {`
			`let fileHash = hash.digest('hex') // 34f7a3113803f8ed3b8fd7ce5656ebec`

Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`db.table('files').where({`
			`hash: fileHash,`
			`size: file.size`
			`}).then((dbfile) => {`

			`if(dbfile.length !== 0){`
			`uploadsController.deleteFile(file.filename).then(() => {}).catch((e) => console.error(e))`
			`existingFiles.push(dbfile[0])`
			`}else{`
			`files.push({`
			`name: file.filename,`
			`original: file.originalname,`
			`type: file.mimetype,`
			`size: file.size,`
			`hash: fileHash,`
			`ip: req.ip,`
			`albumid: album,`
			`timestamp: Math.floor(Date.now() / 1000)`
			`})`
			`}`

			`if(iteration === req.files.length)`
Pagination is gucci 2017-01-21 08:17:29 +00:00			`return uploadsController.processFilesForDisplay(req, res, files, existingFiles)`
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`iteration++`
			`})`
Small fix for listing 2017-01-19 06:34:48 +00:00
Changed upload from single file to array 2017-01-16 08:22:19 +00:00			`})`
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00
Changed upload from single file to array 2017-01-16 08:22:19 +00:00			`})`

Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`})`

			`}`

Pagination is gucci 2017-01-21 08:17:29 +00:00			`uploadsController.processFilesForDisplay = function(req, res, files, existingFiles){`
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00
Forced resolve, updated config.sample.js 2017-01-21 20:21:29 +00:00
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`let basedomain = req.get('host')`
			`for(let domain of config.domains)`
			`if(domain.host === req.get('host'))`
			`if(domain.hasOwnProperty('resolve'))`
			`basedomain = domain.resolve`
Forced resolve, updated config.sample.js 2017-01-21 20:21:29 +00:00
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`if(files.length === 0){`
			`return res.json({`
			`success: true,`
			`files: existingFiles.map(file => {`
			`return {`
			`name: file.name,`
			`size: file.size,`
Forced resolve, updated config.sample.js 2017-01-21 20:21:29 +00:00			`url: basedomain + '/' + file.name`
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`}`
First version 2017-01-13 07:34:21 +00:00			`})`
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`})`
			`}`
Changed upload from single file to array 2017-01-16 08:22:19 +00:00
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`db.table('files').insert(files).then(() => {`
First version 2017-01-13 07:34:21 +00:00
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`for(let efile of existingFiles) files.push(efile)`

			`res.json({`
			`success: true,`
			`files: files.map(file => {`
			`return {`
			`name: file.name,`
			`size: file.size,`
Forced resolve, updated config.sample.js 2017-01-21 20:21:29 +00:00			`url: basedomain + '/' + file.name`
Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`}`
			`})`
			`})`

			`}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })`
First version 2017-01-13 07:34:21 +00:00			`}`

File delete, album delete and album rename. Sugoooi! 2017-01-20 06:28:26 +00:00			`uploadsController.delete = function(req, res){`

			`if(req.headers.auth !== config.adminToken)`
			`return res.status(401).json({ success: false, description: 'not-authorized'})`

			`let id = req.body.id`
			`if(id === undefined \|\| id === '')`
			`return res.json({ success: false, description: 'No file specified' })`

			`db.table('files').where('id', id).then((file) => {`

Made deleting files a promise-thingy 2017-01-21 06:57:25 +00:00			`uploadsController.deleteFile(file[0].name).then(() => {`
			`db.table('files').where('id', id).del().then(() =>{`
			`return res.json({ success: true })`
			`}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })`
			`}).catch((e) => {`
			`return res.json({ success: false, description: e.toString() })`
File delete, album delete and album rename. Sugoooi! 2017-01-20 06:28:26 +00:00			`})`

			`}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })`

			`}`

Ignore file if it exists already, return its url 2017-01-21 06:49:04 +00:00			`uploadsController.deleteFile = function(file){`

			`return new Promise(function(resolve, reject){`
			`fs.stat('./' + config.uploads.folder + '/' + file, function (err, stats) {`
			`if (err) { return reject(err) }`
			`fs.unlink('./' + config.uploads.folder + '/' + file, function(err){`
			`if (err) { return reject(err) }`
			`return resolve()`
			`})`
			`})`
			`})`

			`}`

Admin panel, pomf-standarization and stuff 2017-01-16 07:21:46 +00:00			`uploadsController.list = function(req, res){`

token handling and verification 2017-01-17 03:37:54 +00:00			`if(req.headers.auth !== config.adminToken)`
Changed request system and post data Changed from XMLHttpRequest to Axiios and made every POST call to look for params or json and not pass the values as headers. Token is still a header though 2017-01-19 05:37:35 +00:00			`return res.status(401).json({ success: false, description: 'not-authorized'})`
Admin panel, pomf-standarization and stuff 2017-01-16 07:21:46 +00:00
Pagination is gucci 2017-01-21 08:17:29 +00:00			`let offset = req.params.page`
			`if(offset === undefined) offset = 0`

Added browsing galleries from dashboard 2017-01-18 07:05:56 +00:00			`db.table('files')`
			`.where(function(){`
Changed request system and post data Changed from XMLHttpRequest to Axiios and made every POST call to look for params or json and not pass the values as headers. Token is still a header though 2017-01-19 05:37:35 +00:00			`if(req.params.id === undefined)`
Added browsing galleries from dashboard 2017-01-18 07:05:56 +00:00			`this.where('id', '<>', '')`
			`else`
Changed request system and post data Changed from XMLHttpRequest to Axiios and made every POST call to look for params or json and not pass the values as headers. Token is still a header though 2017-01-19 05:37:35 +00:00			`this.where('albumid', req.params.id)`
Added browsing galleries from dashboard 2017-01-18 07:05:56 +00:00			`})`
Small fix for listing 2017-01-19 06:34:48 +00:00			`.orderBy('id', 'DESC')`
Pagination is gucci 2017-01-21 08:17:29 +00:00			`.limit(25)`
			`.offset(25 * offset)`
Added browsing galleries from dashboard 2017-01-18 07:05:56 +00:00			`.then((files) => {`
Better tables and showing album on upload view 2017-01-18 06:29:46 +00:00			`db.table('albums').then((albums) => {`
Admin panel, pomf-standarization and stuff 2017-01-16 07:21:46 +00:00
Small fixes 2017-01-19 03:31:01 +00:00			`let basedomain = req.get('host')`
			`for(let domain of config.domains)`
			`if(domain.host === req.get('host'))`
			`if(domain.hasOwnProperty('resolve'))`
			`basedomain = domain.resolve`

Better tables and showing album on upload view 2017-01-18 06:29:46 +00:00			`for(let file of files){`
Forced resolve, updated config.sample.js 2017-01-21 20:21:29 +00:00			`file.file = basedomain + '/' + file.name`
Better tables and showing album on upload view 2017-01-18 06:29:46 +00:00			`file.date = new Date(file.timestamp * 1000)`
Small fixes 2017-01-19 03:31:01 +00:00			`file.date = file.date.getFullYear() + '-' + (file.date.getMonth() + 1) + '-' + file.date.getDate() + ' ' + (file.date.getHours() < 10 ? '0' : '') + file.date.getHours() + ':' + (file.date.getMinutes() < 10 ? '0' : '') + file.date.getMinutes() + ':' + (file.date.getSeconds() < 10 ? '0' : '') + file.date.getSeconds()`
Better tables and showing album on upload view 2017-01-18 06:29:46 +00:00
			`file.album = ''`

			`if(file.albumid !== undefined)`
			`for(let album of albums)`
			`if(file.albumid === album.id)`
			`file.album = album.name`

			`}`

Changed request system and post data Changed from XMLHttpRequest to Axiios and made every POST call to look for params or json and not pass the values as headers. Token is still a header though 2017-01-19 05:37:35 +00:00			`return res.json({`
			`success: true,`
			`files`
			`})`
Better tables and showing album on upload view 2017-01-18 06:29:46 +00:00			`})`
Admin panel, pomf-standarization and stuff 2017-01-16 07:21:46 +00:00
File delete, album delete and album rename. Sugoooi! 2017-01-20 06:28:26 +00:00			`}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })`
Admin panel, pomf-standarization and stuff 2017-01-16 07:21:46 +00:00			`}`

First version 2017-01-13 07:34:21 +00:00			`module.exports = uploadsController`