mirror of
https://github.com/BobbyWibowo/lolisafe.git
synced 2024-12-14 00:16:21 +00:00
Rewrote token handling and upload.js
This commit is contained in:
parent
79e786f3b8
commit
a114d298d0
27
controllers/tokenController.js
Normal file
27
controllers/tokenController.js
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
const config = require('../config.js')
|
||||||
|
const db = require('knex')(config.database)
|
||||||
|
|
||||||
|
let tokenController = {}
|
||||||
|
|
||||||
|
tokenController.verify = function(req, res, next){
|
||||||
|
let type = req.headers.type
|
||||||
|
let token = req.headers.token
|
||||||
|
|
||||||
|
if(type === undefined) return res.json({ success: false, description: 'No type provided.' })
|
||||||
|
if(token === undefined) return res.json({ success: false, description: 'No token provided.' })
|
||||||
|
if(type !== 'client' && type !== 'admin') return res.json({ success: false, description: 'Wrong type provided.' })
|
||||||
|
|
||||||
|
if(type === 'client'){
|
||||||
|
if(token !== config.clientToken) return res.json({ success: false, description: 'Token mismatch.' })
|
||||||
|
return res.json({ success: true })
|
||||||
|
}
|
||||||
|
|
||||||
|
if(type === 'admin'){
|
||||||
|
if(token !== config.adminToken) return res.json({ success: false, description: 'Token mismatch.' })
|
||||||
|
return res.json({ success: true })
|
||||||
|
}
|
||||||
|
|
||||||
|
return res.json({ success: false, description: '(╯°□°)╯︵ ┻━┻' })
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = tokenController
|
@ -45,8 +45,6 @@
|
|||||||
<div class="column"></div>
|
<div class="column"></div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<div id="uploads">
|
<div id="uploads">
|
||||||
<div id="template" class="columns">
|
<div id="template" class="columns">
|
||||||
<div class="column">
|
<div class="column">
|
||||||
|
@ -34,7 +34,7 @@ window.onload = function () {
|
|||||||
// xhr.responseText
|
// xhr.responseText
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
xhr.open('GET', '/api/verify', true);
|
xhr.open('GET', '/api/token/verify', true);
|
||||||
xhr.setRequestHeader('type', 'admin');
|
xhr.setRequestHeader('type', 'admin');
|
||||||
xhr.setRequestHeader('token', document.getElementById('token').value);
|
xhr.setRequestHeader('token', document.getElementById('token').value);
|
||||||
xhr.send(null);
|
xhr.send(null);
|
||||||
|
@ -1,127 +1,131 @@
|
|||||||
|
var upload = {};
|
||||||
|
|
||||||
window.onload = function () {
|
upload.isPrivate = true;
|
||||||
|
upload.token = localStorage.token;
|
||||||
|
|
||||||
var USINGTOKEN;
|
upload.checkIfPublic = function(){
|
||||||
var maxSize = '512';
|
|
||||||
|
|
||||||
// First check to see if the service is using token or not
|
|
||||||
var xhr = new XMLHttpRequest();
|
var xhr = new XMLHttpRequest();
|
||||||
xhr.onreadystatechange = function() {
|
xhr.onreadystatechange = function() {
|
||||||
if (xhr.readyState == XMLHttpRequest.DONE) {
|
if (xhr.readyState == XMLHttpRequest.DONE) {
|
||||||
USINGTOKEN = JSON.parse(xhr.responseText).private;
|
upload.isPublic = JSON.parse(xhr.responseText).private;
|
||||||
prepareTokenThing();
|
upload.preparePage();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
xhr.open('GET', '/api/check', true);
|
xhr.open('GET', '/api/check', true);
|
||||||
xhr.send(null);
|
xhr.send(null);
|
||||||
|
}
|
||||||
|
|
||||||
function prepareTokenThing(){
|
upload.preparePage = function(){
|
||||||
|
if(!upload.isPrivate) return upload.prepareUpload();
|
||||||
if(!USINGTOKEN) return getInfo();
|
if(!upload.token){
|
||||||
|
document.getElementById('tokenSubmit').addEventListener('click', function(){
|
||||||
if(!localStorage.token){
|
upload.verifyToken(document.getElementById('token').value)
|
||||||
document.getElementById('tokenSubmit').addEventListener('click', function(){
|
});
|
||||||
getInfo(document.getElementById('token').value)
|
document.getElementById('tokenContainer').style.display = 'flex';
|
||||||
});
|
return;
|
||||||
return document.getElementById('tokenContainer').style.display = 'flex';
|
|
||||||
}
|
|
||||||
|
|
||||||
getInfo(localStorage.token);
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
upload.verifyToken(upload.token, true);
|
||||||
|
}
|
||||||
|
|
||||||
function prepareDropzone(){
|
upload.verifyToken = function(token, reloadOnError = false){
|
||||||
|
var xhr = new XMLHttpRequest();
|
||||||
|
|
||||||
var previewNode = document.querySelector('#template');
|
xhr.onreadystatechange = function() {
|
||||||
previewNode.id = '';
|
if (xhr.readyState == XMLHttpRequest.DONE) {
|
||||||
var previewTemplate = previewNode.parentNode.innerHTML;
|
|
||||||
previewNode.parentNode.removeChild(previewNode);
|
var json = JSON.parse(xhr.responseText);
|
||||||
|
if(json.success === false){
|
||||||
var dropzone = new Dropzone('div#dropzone', {
|
alert(json.description);
|
||||||
url: '/api/upload',
|
if(reloadOnError){
|
||||||
paramName: 'files[]',
|
localStorage.removeItem("token");
|
||||||
maxFilesize: maxSize,
|
location.reload();
|
||||||
parallelUploads: 2,
|
}
|
||||||
uploadMultiple: false,
|
|
||||||
previewsContainer: 'div#uploads',
|
|
||||||
previewTemplate: previewTemplate,
|
|
||||||
createImageThumbnails: false,
|
|
||||||
maxFiles: 1000,
|
|
||||||
autoProcessQueue: true,
|
|
||||||
headers: {
|
|
||||||
'auth': localStorage.token
|
|
||||||
},
|
|
||||||
init: function() {
|
|
||||||
this.on('addedfile', function(file) {
|
|
||||||
document.getElementById('uploads').style.display = 'block';
|
|
||||||
});
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
// Update the total progress bar
|
|
||||||
dropzone.on('uploadprogress', function(file, progress) {
|
|
||||||
file.previewElement.querySelector('.progress').style.width = progress + '%';
|
|
||||||
});
|
|
||||||
|
|
||||||
dropzone.on('success', function(file, response) {
|
|
||||||
|
|
||||||
// Handle the responseText here. For example, add the text to the preview element:
|
|
||||||
|
|
||||||
if(response.success === false){
|
|
||||||
var span = document.createElement('span');
|
|
||||||
span.innerHTML = response.description;
|
|
||||||
file.previewTemplate.querySelector('.link').appendChild(span);
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
a = document.createElement('a');
|
localStorage.token = token;
|
||||||
a.href = response.files[0].url;
|
upload.token = token;
|
||||||
a.target = '_blank';
|
return upload.prepareUpload();
|
||||||
a.innerHTML = response.files[0].url;
|
|
||||||
file.previewTemplate.querySelector('.link').appendChild(a);
|
|
||||||
|
|
||||||
file.previewTemplate.querySelector('.progress').style.display = 'none';
|
|
||||||
|
|
||||||
});
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
function getInfo(token) {
|
|
||||||
var xhr = new XMLHttpRequest();
|
|
||||||
|
|
||||||
xhr.onreadystatechange = function() {
|
|
||||||
if (xhr.readyState == XMLHttpRequest.DONE) {
|
|
||||||
|
|
||||||
if(xhr.responseText === 'not-authorized')
|
|
||||||
return notAuthorized();
|
|
||||||
|
|
||||||
div = document.createElement('div');
|
|
||||||
div.id = 'dropzone';
|
|
||||||
div.innerHTML = 'Click here or drag and drop files';
|
|
||||||
div.style.display = 'flex';
|
|
||||||
|
|
||||||
document.getElementById('btnGithub').style.display = 'none';
|
|
||||||
document.getElementById('tokenContainer').style.display = 'none';
|
|
||||||
document.getElementById('uploadContainer').appendChild(div);
|
|
||||||
document.getElementById('panel').style.display = 'block';
|
|
||||||
|
|
||||||
if(xhr.responseText.maxFileSize) maxSize = JSON.parse(xhr.responseText).maxFileSize;
|
|
||||||
if(token) localStorage.token = token;
|
|
||||||
|
|
||||||
prepareDropzone();
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
xhr.open('GET', '/api/info', true);
|
|
||||||
|
|
||||||
if(token !== undefined)
|
|
||||||
xhr.setRequestHeader('auth', token);
|
|
||||||
|
|
||||||
xhr.send(null);
|
|
||||||
}
|
}
|
||||||
|
xhr.open('GET', '/api/token/verify', true);
|
||||||
|
xhr.setRequestHeader('type', 'client');
|
||||||
|
xhr.setRequestHeader('token', token);
|
||||||
|
xhr.send(null);
|
||||||
|
}
|
||||||
|
|
||||||
function notAuthorized() {
|
upload.prepareUpload = function(){
|
||||||
localStorage.removeItem("token");
|
|
||||||
location.reload();
|
div = document.createElement('div');
|
||||||
}
|
div.id = 'dropzone';
|
||||||
|
div.innerHTML = 'Click here or drag and drop files';
|
||||||
|
div.style.display = 'flex';
|
||||||
|
|
||||||
|
document.getElementById('btnGithub').style.display = 'none';
|
||||||
|
document.getElementById('tokenContainer').style.display = 'none';
|
||||||
|
document.getElementById('uploadContainer').appendChild(div);
|
||||||
|
document.getElementById('panel').style.display = 'block';
|
||||||
|
|
||||||
|
upload.prepareDropzone();
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
upload.prepareDropzone = function(){
|
||||||
|
|
||||||
|
var previewNode = document.querySelector('#template');
|
||||||
|
previewNode.id = '';
|
||||||
|
var previewTemplate = previewNode.parentNode.innerHTML;
|
||||||
|
previewNode.parentNode.removeChild(previewNode);
|
||||||
|
|
||||||
|
var dropzone = new Dropzone('div#dropzone', {
|
||||||
|
url: '/api/upload',
|
||||||
|
paramName: 'files[]',
|
||||||
|
parallelUploads: 2,
|
||||||
|
uploadMultiple: false,
|
||||||
|
previewsContainer: 'div#uploads',
|
||||||
|
previewTemplate: previewTemplate,
|
||||||
|
createImageThumbnails: false,
|
||||||
|
maxFiles: 1000,
|
||||||
|
autoProcessQueue: true,
|
||||||
|
headers: {
|
||||||
|
'auth': localStorage.token
|
||||||
|
},
|
||||||
|
init: function() {
|
||||||
|
this.on('addedfile', function(file) {
|
||||||
|
document.getElementById('uploads').style.display = 'block';
|
||||||
|
});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
// Update the total progress bar
|
||||||
|
dropzone.on('uploadprogress', function(file, progress) {
|
||||||
|
file.previewElement.querySelector('.progress').style.width = progress + '%';
|
||||||
|
});
|
||||||
|
|
||||||
|
dropzone.on('success', function(file, response) {
|
||||||
|
|
||||||
|
// Handle the responseText here. For example, add the text to the preview element:
|
||||||
|
|
||||||
|
if(response.success === false){
|
||||||
|
var span = document.createElement('span');
|
||||||
|
span.innerHTML = response.description;
|
||||||
|
file.previewTemplate.querySelector('.link').appendChild(span);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
a = document.createElement('a');
|
||||||
|
a.href = response.files[0].url;
|
||||||
|
a.target = '_blank';
|
||||||
|
a.innerHTML = response.files[0].url;
|
||||||
|
file.previewTemplate.querySelector('.link').appendChild(a);
|
||||||
|
|
||||||
|
file.previewTemplate.querySelector('.progress').style.display = 'none';
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
window.onload = function () {
|
||||||
|
upload.checkIfPublic();
|
||||||
};
|
};
|
@ -2,33 +2,12 @@ const config = require('../config.js')
|
|||||||
const routes = require('express').Router()
|
const routes = require('express').Router()
|
||||||
const uploadController = require('../controllers/uploadController')
|
const uploadController = require('../controllers/uploadController')
|
||||||
const galleryController = require('../controllers/galleryController')
|
const galleryController = require('../controllers/galleryController')
|
||||||
|
const tokenController = require('../controllers/tokenController')
|
||||||
|
|
||||||
routes.get ('/check', (req, res, next) => {
|
routes.get ('/check', (req, res, next) => {
|
||||||
return res.json({ private: config.private })
|
return res.json({ private: config.private })
|
||||||
})
|
})
|
||||||
|
|
||||||
routes.get ('/verify', (req, res, next) => {
|
|
||||||
let type = req.headers.type
|
|
||||||
let token = req.headers.token
|
|
||||||
|
|
||||||
if(type === undefined) return res.json({ success: false, description: 'No type provided.' })
|
|
||||||
if(token === undefined) return res.json({ success: false, description: 'No token provided.' })
|
|
||||||
if(type !== 'client' && type !== 'admin') return res.json({ success: false, description: 'Wrong type provided.' })
|
|
||||||
|
|
||||||
if(type === 'client'){
|
|
||||||
if(token !== config.clientToken) return res.json({ success: false, description: 'Token mismatch.' })
|
|
||||||
return res.json({ success: true })
|
|
||||||
}
|
|
||||||
|
|
||||||
if(type === 'admin'){
|
|
||||||
if(token !== config.adminToken) return res.json({ success: false, description: 'Token mismatch.' })
|
|
||||||
return res.json({ success: true })
|
|
||||||
}
|
|
||||||
|
|
||||||
return res.json({ success: false, description: '(╯°□°)╯︵ ┻━┻' })
|
|
||||||
|
|
||||||
})
|
|
||||||
|
|
||||||
routes.get('/info', (req, res, next) => {
|
routes.get('/info', (req, res, next) => {
|
||||||
|
|
||||||
if(config.private === true)
|
if(config.private === true)
|
||||||
@ -44,5 +23,6 @@ routes.get ('/uploads', (req, res, next) => uploadController.list(req, res))
|
|||||||
routes.post ('/upload', (req, res, next) => uploadController.upload(req, res, next))
|
routes.post ('/upload', (req, res, next) => uploadController.upload(req, res, next))
|
||||||
routes.get ('/gallery', (req, res, next) => galleryController.list(req, res, next))
|
routes.get ('/gallery', (req, res, next) => galleryController.list(req, res, next))
|
||||||
routes.get ('/gallery/test', (req, res, next) => galleryController.test(req, res, next))
|
routes.get ('/gallery/test', (req, res, next) => galleryController.test(req, res, next))
|
||||||
|
routes.get ('/token/verify', (req, res, next) => tokenController.verify(req, res))
|
||||||
|
|
||||||
module.exports = routes
|
module.exports = routes
|
||||||
|
Loading…
Reference in New Issue
Block a user