From a93e34bf87e2187a722d4fd95a35347b1ed1b318 Mon Sep 17 00:00:00 2001 From: Bobby Wibowo Date: Fri, 26 Jun 2020 13:48:15 +0700 Subject: [PATCH] Init cf-api-token --- config.sample.js | 29 ++++++++++++++++++-------- controllers/utilsController.js | 37 ++++++++++++++++++++++------------ 2 files changed, 45 insertions(+), 21 deletions(-) diff --git a/config.sample.js b/config.sample.js index e243a7e..b570865 100644 --- a/config.sample.js +++ b/config.sample.js @@ -489,22 +489,35 @@ module.exports = { /* If you have a Page Rule in Cloudflare to cache everything in the album zip - API route (homeDomain/api/album/zip/*), with this option you can limit the + API route (e.g. homeDomain/api/album/zip/*), with this option you can limit the maximum total size of files in an album that can be zipped. - Cloudflare will not cache files bigger than 512MB. + It's worth nothing that Cloudflare will not cache files bigger than 512MB. + However, it's not recommended to do that in high-bandwidth sites anyway, + since long-caching of such huge files are aganst Cloudflare's Terms of Service. NOTE: Set to falsy value to disable max total size. */ zipMaxTotalSize: '512MB', /* - If you want to make it automatically call Cloudflare's API to purge cache on file delete, - fill your API key, email and your site's zone ID below, then set "purgeCache" to true. - This will only purge cache of the deleted file and its associated thumb. + If you want the service to automatically use Cloudflare API to purge cache on file deletion, + fill your zone ID below. It will only purge cache of the deleted file, and its thumbs if applicable. + Afterwards, you will have to choose any of the supported auth methods, which are: + API token, user service key, OR API key + email. + If more than one are provided, it will use the first one from left to right, but it will NOT + attempt to use the next methods even if the selected one fails (meaning there's no fallback mechanism). + Consult https://api.cloudflare.com/#getting-started-requests for differences. + API token configuration example: https://github.com/BobbyWibowo/lolisafe/pull/216#issue-440389284. + After everything is ready, you can then set "purgeCache" to true. */ - apiKey: '', - email: '', zoneId: '', - purgeCache: false + purgeCache: false, + + apiToken: '', + + userServiceKey: '', + + apiKey: '', + email: '' }, /* diff --git a/controllers/utilsController.js b/controllers/utilsController.js index 835797c..4658305 100644 --- a/controllers/utilsController.js +++ b/controllers/utilsController.js @@ -64,8 +64,9 @@ const statsCache = { } } -const cloudflareAuth = config.cloudflare && config.cloudflare.apiKey && - config.cloudflare.email && config.cloudflare.zoneId +const cloudflareAuth = config.cloudflare && config.cloudflare.zoneId && + (config.cloudflare.apiToken || config.cloudflare.userServiceKey || + (config.cloudflare.apiKey && config.cloudflare.email)) self.mayGenerateThumb = extname => { return (config.uploads.generateThumbs.image && self.imageExts.includes(extname)) || @@ -478,12 +479,13 @@ self.bulkDeleteFromDb = async (field, values, user) => { } self.purgeCloudflareCache = async (names, uploads, thumbs) => { - if (!Array.isArray(names) || !names.length || !cloudflareAuth) - return [{ - success: false, - files: [], - errors: ['An unexpected error occured.'] - }] + const errors = [] + if (!cloudflareAuth) + errors.push('Cloudflare auth is incomplete or missing') + if (!Array.isArray(names) || !names.length) + errors.push('Names array is invalid or empty') + if (errors.length) + return [{ success: false, files: [], errors }] let domain = config.domain if (!uploads) domain = config.homeDomain @@ -521,15 +523,24 @@ self.purgeCloudflareCache = async (names, uploads, thumbs) => { } try { + const headers = { + 'Content-Type': 'application/json' + } + if (config.cloudflare.apiToken) { + headers.Authorization = `Bearer ${config.cloudflare.apiToken}` + } else if (config.cloudflare.userServiceKey) { + headers['X-Auth-User-Service-Key'] = config.cloudflare.userServiceKey + } else if (config.cloudflare.apiKey && config.cloudflare.email) { + headers['X-Auth-Key'] = config.cloudflare.apiKey + headers['X-Auth-Email'] = config.cloudflare.email + } + const purge = await fetch(url, { method: 'POST', body: JSON.stringify({ files: chunk }), - headers: { - 'Content-Type': 'application/json', - 'X-Auth-Email': config.cloudflare.email, - 'X-Auth-Key': config.cloudflare.apiKey - } + headers }) + const response = await purge.json() result.success = response.success if (Array.isArray(response.errors) && response.errors.length)