Rewrote token handling and upload.js

This commit is contained in:
kanadeko 2017-01-17 16:54:25 -03:00
parent 79e786f3b8
commit a114d298d0
5 changed files with 140 additions and 131 deletions

View File

@ -0,0 +1,27 @@
const config = require('../config.js')
const db = require('knex')(config.database)
let tokenController = {}
tokenController.verify = function(req, res, next){
let type = req.headers.type
let token = req.headers.token
if(type === undefined) return res.json({ success: false, description: 'No type provided.' })
if(token === undefined) return res.json({ success: false, description: 'No token provided.' })
if(type !== 'client' && type !== 'admin') return res.json({ success: false, description: 'Wrong type provided.' })
if(type === 'client'){
if(token !== config.clientToken) return res.json({ success: false, description: 'Token mismatch.' })
return res.json({ success: true })
}
if(type === 'admin'){
if(token !== config.adminToken) return res.json({ success: false, description: 'Token mismatch.' })
return res.json({ success: true })
}
return res.json({ success: false, description: '(╯°□°)╯︵ ┻━┻' })
}
module.exports = tokenController

View File

@ -45,8 +45,6 @@
<div class="column"></div>
</div>
<div id="uploads">
<div id="template" class="columns">
<div class="column">

View File

@ -34,7 +34,7 @@ window.onload = function () {
// xhr.responseText
}
}
xhr.open('GET', '/api/verify', true);
xhr.open('GET', '/api/token/verify', true);
xhr.setRequestHeader('type', 'admin');
xhr.setRequestHeader('token', document.getElementById('token').value);
xhr.send(null);

View File

@ -1,127 +1,131 @@
var upload = {};
window.onload = function () {
upload.isPrivate = true;
upload.token = localStorage.token;
var USINGTOKEN;
var maxSize = '512';
// First check to see if the service is using token or not
upload.checkIfPublic = function(){
var xhr = new XMLHttpRequest();
xhr.onreadystatechange = function() {
if (xhr.readyState == XMLHttpRequest.DONE) {
USINGTOKEN = JSON.parse(xhr.responseText).private;
prepareTokenThing();
upload.isPublic = JSON.parse(xhr.responseText).private;
upload.preparePage();
}
}
xhr.open('GET', '/api/check', true);
xhr.send(null);
}
function prepareTokenThing(){
if(!USINGTOKEN) return getInfo();
if(!localStorage.token){
document.getElementById('tokenSubmit').addEventListener('click', function(){
getInfo(document.getElementById('token').value)
});
return document.getElementById('tokenContainer').style.display = 'flex';
}
getInfo(localStorage.token);
upload.preparePage = function(){
if(!upload.isPrivate) return upload.prepareUpload();
if(!upload.token){
document.getElementById('tokenSubmit').addEventListener('click', function(){
upload.verifyToken(document.getElementById('token').value)
});
document.getElementById('tokenContainer').style.display = 'flex';
return;
}
upload.verifyToken(upload.token, true);
}
function prepareDropzone(){
upload.verifyToken = function(token, reloadOnError = false){
var xhr = new XMLHttpRequest();
var previewNode = document.querySelector('#template');
previewNode.id = '';
var previewTemplate = previewNode.parentNode.innerHTML;
previewNode.parentNode.removeChild(previewNode);
xhr.onreadystatechange = function() {
if (xhr.readyState == XMLHttpRequest.DONE) {
var dropzone = new Dropzone('div#dropzone', {
url: '/api/upload',
paramName: 'files[]',
maxFilesize: maxSize,
parallelUploads: 2,
uploadMultiple: false,
previewsContainer: 'div#uploads',
previewTemplate: previewTemplate,
createImageThumbnails: false,
maxFiles: 1000,
autoProcessQueue: true,
headers: {
'auth': localStorage.token
},
init: function() {
this.on('addedfile', function(file) {
document.getElementById('uploads').style.display = 'block';
});
}
});
// Update the total progress bar
dropzone.on('uploadprogress', function(file, progress) {
file.previewElement.querySelector('.progress').style.width = progress + '%';
});
dropzone.on('success', function(file, response) {
// Handle the responseText here. For example, add the text to the preview element:
if(response.success === false){
var span = document.createElement('span');
span.innerHTML = response.description;
file.previewTemplate.querySelector('.link').appendChild(span);
var json = JSON.parse(xhr.responseText);
if(json.success === false){
alert(json.description);
if(reloadOnError){
localStorage.removeItem("token");
location.reload();
}
return;
}
a = document.createElement('a');
a.href = response.files[0].url;
a.target = '_blank';
a.innerHTML = response.files[0].url;
file.previewTemplate.querySelector('.link').appendChild(a);
localStorage.token = token;
upload.token = token;
return upload.prepareUpload();
file.previewTemplate.querySelector('.progress').style.display = 'none';
});
}
function getInfo(token) {
var xhr = new XMLHttpRequest();
xhr.onreadystatechange = function() {
if (xhr.readyState == XMLHttpRequest.DONE) {
if(xhr.responseText === 'not-authorized')
return notAuthorized();
div = document.createElement('div');
div.id = 'dropzone';
div.innerHTML = 'Click here or drag and drop files';
div.style.display = 'flex';
document.getElementById('btnGithub').style.display = 'none';
document.getElementById('tokenContainer').style.display = 'none';
document.getElementById('uploadContainer').appendChild(div);
document.getElementById('panel').style.display = 'block';
if(xhr.responseText.maxFileSize) maxSize = JSON.parse(xhr.responseText).maxFileSize;
if(token) localStorage.token = token;
prepareDropzone();
}
}
xhr.open('GET', '/api/info', true);
if(token !== undefined)
xhr.setRequestHeader('auth', token);
xhr.send(null);
}
xhr.open('GET', '/api/token/verify', true);
xhr.setRequestHeader('type', 'client');
xhr.setRequestHeader('token', token);
xhr.send(null);
}
function notAuthorized() {
localStorage.removeItem("token");
location.reload();
}
upload.prepareUpload = function(){
div = document.createElement('div');
div.id = 'dropzone';
div.innerHTML = 'Click here or drag and drop files';
div.style.display = 'flex';
document.getElementById('btnGithub').style.display = 'none';
document.getElementById('tokenContainer').style.display = 'none';
document.getElementById('uploadContainer').appendChild(div);
document.getElementById('panel').style.display = 'block';
upload.prepareDropzone();
}
upload.prepareDropzone = function(){
var previewNode = document.querySelector('#template');
previewNode.id = '';
var previewTemplate = previewNode.parentNode.innerHTML;
previewNode.parentNode.removeChild(previewNode);
var dropzone = new Dropzone('div#dropzone', {
url: '/api/upload',
paramName: 'files[]',
parallelUploads: 2,
uploadMultiple: false,
previewsContainer: 'div#uploads',
previewTemplate: previewTemplate,
createImageThumbnails: false,
maxFiles: 1000,
autoProcessQueue: true,
headers: {
'auth': localStorage.token
},
init: function() {
this.on('addedfile', function(file) {
document.getElementById('uploads').style.display = 'block';
});
}
});
// Update the total progress bar
dropzone.on('uploadprogress', function(file, progress) {
file.previewElement.querySelector('.progress').style.width = progress + '%';
});
dropzone.on('success', function(file, response) {
// Handle the responseText here. For example, add the text to the preview element:
if(response.success === false){
var span = document.createElement('span');
span.innerHTML = response.description;
file.previewTemplate.querySelector('.link').appendChild(span);
return;
}
a = document.createElement('a');
a.href = response.files[0].url;
a.target = '_blank';
a.innerHTML = response.files[0].url;
file.previewTemplate.querySelector('.link').appendChild(a);
file.previewTemplate.querySelector('.progress').style.display = 'none';
});
}
window.onload = function () {
upload.checkIfPublic();
};

View File

@ -2,33 +2,12 @@ const config = require('../config.js')
const routes = require('express').Router()
const uploadController = require('../controllers/uploadController')
const galleryController = require('../controllers/galleryController')
const tokenController = require('../controllers/tokenController')
routes.get ('/check', (req, res, next) => {
return res.json({ private: config.private })
})
routes.get ('/verify', (req, res, next) => {
let type = req.headers.type
let token = req.headers.token
if(type === undefined) return res.json({ success: false, description: 'No type provided.' })
if(token === undefined) return res.json({ success: false, description: 'No token provided.' })
if(type !== 'client' && type !== 'admin') return res.json({ success: false, description: 'Wrong type provided.' })
if(type === 'client'){
if(token !== config.clientToken) return res.json({ success: false, description: 'Token mismatch.' })
return res.json({ success: true })
}
if(type === 'admin'){
if(token !== config.adminToken) return res.json({ success: false, description: 'Token mismatch.' })
return res.json({ success: true })
}
return res.json({ success: false, description: '(╯°□°)╯︵ ┻━┻' })
})
routes.get('/info', (req, res, next) => {
if(config.private === true)
@ -44,5 +23,6 @@ routes.get ('/uploads', (req, res, next) => uploadController.list(req, res))
routes.post ('/upload', (req, res, next) => uploadController.upload(req, res, next))
routes.get ('/gallery', (req, res, next) => galleryController.list(req, res, next))
routes.get ('/gallery/test', (req, res, next) => galleryController.test(req, res, next))
routes.get ('/token/verify', (req, res, next) => tokenController.verify(req, res))
module.exports = routes