Bobby
a44af208aa
feat: click on table headers to sort uploads
...
fairly robust logic, with auto toggling of asc or desc sort direction
2022-09-24 08:09:27 +07:00
Bobby
a646d6731a
fix: possible upload stream starting early
2022-09-24 06:41:31 +07:00
Bobby
518b29c8df
feat: better albums.onHold debugging messages
2022-09-24 06:35:41 +07:00
Bobby
c47d3f5437
feat: better upload.onHold debugging messages
...
expose util.inspect via utils when on dev mode
2022-09-24 06:33:58 +07:00
Bobby
32efacd411
feat: configure timemark for video thumbnails
2022-09-24 06:24:56 +07:00
Bobby
47727f3ca8
feat: allow specifying api token in nojs uploader
2022-09-21 08:03:28 +07:00
Bobby
7147afc309
feat: better props override for auth helepr functs
2022-09-21 08:02:13 +07:00
Bobby
ffe6d6ed88
feat: console log incoming requests on dev mode
2022-09-21 07:44:40 +07:00
Bobby
bf077f4aa3
fix: typos in ServeStatic.js
2022-09-21 06:09:27 +07:00
Bobby
cc5625fabf
fix: url upload fetch timeout failsafe
2022-09-14 06:04:18 +07:00
Bobby
93dc820368
feat: fetch() with AbortController for timeout
...
to be used with URL uploads
please consult the comments in the source files
this adds new dependency abort-controller
2022-09-14 01:33:31 +07:00
Bobby
3df67f87be
feat: timeout url uploads to 10s
...
uwebsockets.js has a 10s timeout of no communication between client and
server, for it to simply drop the connection
there's no point waiting any further at that point since we can't reply
to client anymore
2022-08-24 04:37:13 +07:00
Bobby
6ad8ed7ae6
fix: only accept files upload with files[] field
...
was always supposed to only accept said field, but i forgot to include
the logic during migration from expressjs to hyper-express
2022-08-24 04:17:07 +07:00
Bobby
96522a425f
chore: indents
2022-08-23 15:16:02 +07:00
Bobby
ab4f8263de
feat: ignore option for ServeStaticQuick class
2022-08-23 15:13:04 +07:00
Bobby
414afc7ae6
feat: allow specifying root path in serve classes
...
when used on non-root paths
2022-08-23 15:12:25 +07:00
Bobby
ff7ec4aeaf
fix: /users/edit throw with empty edits
2022-08-23 15:09:47 +07:00
Bobby
09fea107f3
feat: env SERVE_STATIC_QUICK=0 yarn start
...
restore an older behavior of serving static files with
ServeLiveDirectory middleware instead of ServeStaticQuick, in case of
issues with streaming files from disk via createReadStream
if you do encounter this issue, serving uploaded files with node will
likely encounter issues as well, but you can choose to serve them
directly with nginx, etc., so i guess it's not beyond hope
2022-08-21 21:23:14 +07:00
Bobby Wibowo
bd71035517
fix: missing cpu temp and swap logic
2022-08-19 10:48:45 +07:00
Bobby Wibowo
991cfe134e
feat: add cpu temp and swap memory to statistics
...
temp is currently hard-coded to C
also increased system info caching to 1s
2022-08-19 10:38:24 +07:00
Bobby Wibowo
86d9db3137
feat: split service info in statistics
...
additionally add cpu detail in system info
2022-08-19 10:18:35 +07:00
Bobby Wibowo
ea30e5dee5
feat: enable persistent cache for nojs uploader
...
also slight improvement to NunjucksRenderer class
2022-08-19 09:50:08 +07:00
Bobby Wibowo
0d05da40b0
fix: fallback deletion url to relative path
...
if homeDomain is not configured via config file or env var
the deletion url is a frontend page, so it cannot simply assume it's on
the same domain as uploaded files
2022-08-19 09:29:11 +07:00
Bobby Wibowo
6c929efa7b
fix: less strict missing token header check
...
previously would still assume token is provided when the header is
simply an empty string, which may be unavoidable for some clients
2022-08-19 07:30:32 +07:00
Bobby Wibowo
59c5c8b7b0
fix: guest uploads hanging
...
caused by auth middleware not passing the request when token is missing
2022-08-19 07:01:45 +07:00
Bobby Wibowo
8142eae9df
refactor: /users/{delete,disable,edit} API routes
...
simplify self.assertPermission function to only assert permission
fixed hard-coded "root" user protection not being asserted first
2022-08-09 17:51:31 +07:00
Bobby Wibowo
0a62002a6e
fix: re-create "root" user if users table is empty
...
previously it'd always re-create it if "root" user itself is missing
from users table
this facilitates not having "root" user altogether
2022-08-09 17:28:21 +07:00
Bobby Wibowo
6ff735badb
feat: wrap add to album db query in transaction
...
additionally allow superadmins to arbitrarily add/remove files to/from
albums via manual API calls, instead of only allowing root user
2022-08-09 17:18:56 +07:00
Bobby Wibowo
4907ef9ad7
chore: indent albumsController.js
2022-08-09 17:00:26 +07:00
Bobby Wibowo
edf7c091e4
feat: wrap upload db insert within transaction
2022-08-09 16:57:55 +07:00
Bobby Wibowo
d8b78d29ed
feat: hard-code prevent registering as "root"
...
and allow migration script to not throw when root user is missing
this facilitates safely removing root user altogether via database query
if you don't use it
2022-08-08 06:22:18 +07:00
Bobby Wibowo
253042e24e
fix: improve filtering uploads by album ids
...
database logic and dashboard display
2022-08-08 06:08:40 +07:00
Bobby Wibowo
b21fa66e59
fix: possible event listeners memory leak
2022-08-05 00:54:44 +07:00
Bobby Wibowo
c6c485447f
feat: token failure rate limit on login/register
...
also removed default 2 reqs in 5s rate limiter for login/register routes
from sample config, as it's pretty much redundant now
2022-08-04 23:34:58 +07:00
Bobby Wibowo
a406f85215
feat: rate limit token auth failures
...
hard-coded to max 6 failures in 10 minutes
2022-08-04 23:09:14 +07:00
Bobby Wibowo
3e0aa1361d
fix: detect uploads timed out by uwebsockets
2022-08-04 22:08:40 +07:00
Bobby Wibowo
7381cac0e9
chore: indents and comments
2022-08-04 21:59:50 +07:00
Bobby Wibowo
d7d6a29123
feat: cleaned up routes init
...
asserting auth and JSON body will now be done via route-specific
mini middlewares (authController's requireUser or optionalUser)
2022-08-04 21:59:06 +07:00
Bobby Wibowo
2351528a42
fix: redundant logic
2022-08-03 17:31:49 +07:00
Bobby Wibowo
46c8867223
fix: internally prepend chunksData UUID with IP
...
even less chance for a collision to occur
2022-08-03 17:28:42 +07:00
Bobby Wibowo
0ebefe083a
refactor: removed clamscan passthrough support
...
unfortunately it simply was not reliable enough
and maintaining it is simply adding more complexity to the codes
moreover it was only possible to passthrough regular non-chunked uploads
2022-08-02 16:19:57 +07:00
Bobby Wibowo
164cadd8b9
feat: increased regular users' max sort keys to 2
...
possible use case, sorting by albumid, then size
moderators and above still have no limits
2022-08-01 15:21:23 +07:00
Bobby Wibowo
ac38b6f06e
feat: if sort uploads by album id, sort null last
...
also improved indenting on some lines of codes
2022-08-01 15:20:14 +07:00
Bobby Wibowo
323c107f64
fix: ServeStatic
...
init setContentDisposition and setContentType functions immediately as
private functions to reduce complexity
so instead check for the required map/store before using them
also fixed content-type override ending up with duplicate headers
2022-08-01 07:29:49 +07:00
Bobby Wibowo
21ec4a7479
fix: 416 status code handling
2022-07-31 16:46:35 +07:00
Bobby Wibowo
0598a63989
refactor: serve handlers/middlewares
...
moved shared codes into serveUtils to reduce complexity
2022-07-31 16:34:06 +07:00
Bobby Wibowo
527498bb1e
perf: list albums db query
2022-07-31 15:55:27 +07:00
Bobby Wibowo
285e79c5a7
feat: configurable uploads/albums/users per page
...
please check sample.config.js for new options
if missing from config, defaults to 25 per page (old defaults)
2022-07-31 15:51:32 +07:00
Bobby Wibowo
2389974c7d
feat: ServeStaticQuick
...
chokidar is now a production dependency
please read the comments in ServeStaticQuick.js for a description of
what the class does
public and dist directories are now served with that class by default
before starting hyper-express on the listen port, await for all
ServeLiveDirectory and ServeStaticQuick instances
2022-07-31 14:31:25 +07:00
Bobby Wibowo
d40d1e396f
fix: ServeStatic with zero bytes files
2022-07-31 14:17:06 +07:00
Bobby Wibowo
b1566c5abf
refactor: ServeLiveDirectory
...
ensure forward slashes path
refactored init method
ensure internal res.type is set before attempting to call external
setHeaders function, to allow overrides
2022-07-31 14:08:13 +07:00
Bobby Wibowo
b9badcc944
fix: ServeStatic ensure forward slashes path
2022-07-31 14:06:17 +07:00
Bobby
4591b8bb42
refactor: generateUniqueToken -> getUniqueToken
...
this now matches lifecycle with similar functions in upload and album
controllers
also added a new util function .mask() for basic string masking
2022-07-30 08:37:57 +07:00
Bobby
b7dcf30578
feat: console logs for identifiers on debug only
2022-07-30 08:35:26 +07:00
Bobby
548af312a7
chore: authController.js
2022-07-30 08:02:17 +07:00
Bobby
c23bc90412
refactor: album random identifier generation
2022-07-30 08:01:19 +07:00
Bobby Wibowo
8782a004d6
chore: uploadController.js
2022-07-29 10:17:17 +07:00
Bobby Wibowo
681a3ca32f
fix: ServeStatic content-length transfer-encoding
...
both headers cannot co-exist at the same time, so we pass the expected
content-length value into 2nd param of Response.stream(), so that the
internal can decide to add it only when required
2022-07-29 10:16:49 +07:00
Bobby Wibowo
8748dcefb0
feat: parse content-disposition on url uploads
2022-07-29 10:15:11 +07:00
Bobby Wibowo
fae28f9aa2
feat: deprecate uploads.cacheFileIdentifiers conf
...
maintaining it is an unnecessary complexity
it's a feature that doesn't scale too well anyways
also renamed "queryDbForFileCollisions" to
"queryDatabaseForIdentifierMatch"
and updated config description accordingly
this should also now properly free the internal onHold Set
2022-07-29 09:14:55 +07:00
Bobby Wibowo
03eff45e8c
refactor: uploadController.js
...
some logic improvements
2022-07-28 13:26:15 +07:00
Bobby
301cf3377d
fix: set upload name utf8 encoding via busboy conf
...
instead of converting from the default latin1 using Buffer
changing busboy config was not possible with express + multer,
so i did not notice it's instead possible with hyper-express
2022-07-28 10:19:28 +07:00
Bobby Wibowo
b9a1604440
refactor: rename handler/middleware class files
2022-07-25 07:48:31 +07:00
Bobby Wibowo
235a1c56e1
refactor: move devmode flag to utils
2022-07-25 07:39:35 +07:00
Bobby Wibowo
ec4d54573a
fix: errors thrown when url uploads get rejected
2022-07-25 07:32:39 +07:00
Bobby Wibowo
5bab3a495e
feat: allow to disable file hashing completely
2022-07-25 07:32:25 +07:00
Bobby Wibowo
6ba30a23c6
feat: improved chunked uploads lifecycle
...
added checks when there's an attempt to uploads chunks to same file in
parallel
improved final file size checks
2022-07-25 07:09:28 +07:00
Bobby Wibowo
ee8f1914ca
feat: req content-type for upload api
2022-07-25 06:13:12 +07:00
Bobby Wibowo
1b109e0dc0
feat: req content-type json -> application/json
2022-07-25 06:12:55 +07:00
Bobby
4ca64b141f
refactor: do not await assertRequestType
...
it's not an async function, lmao
2022-07-22 08:50:26 +07:00
Bobby
951737d7d0
feat: handle upload post api based on request type
...
it'd previously always try to parse as multipart first
now it'll immediately assume the upload post api is for url uploads if
the request type is json
2022-07-22 08:42:11 +07:00
Bobby
776ab8ab37
feat: assert request content-type in post apis
2022-07-22 08:40:40 +07:00
Bobby Wibowo
aa85d04d34
fix: url uploads failing
2022-07-22 04:20:37 +07:00
Bobby Wibowo
96d276b396
fix: check if req.path_parameters is set
2022-07-22 02:03:59 +07:00
Bobby Wibowo
07d0237031
refactor: res.query -> .query_parameters
...
direct hyper-express prop get
2022-07-22 02:02:59 +07:00
Bobby Wibowo
25f87b3a49
chore: albumsController.js
2022-07-22 01:44:53 +07:00
Bobby Wibowo
7b9fca0bc3
refactor: req.params -> .path_parameters
...
direct hyper-express prop get
2022-07-22 01:44:15 +07:00
Bobby Wibowo
76a73b7e83
refactor: ServeStatic.middleware -> .handler
...
also moved it from middlewares to handlers directory
reasoning is that this class is better suited to handle routes directly
instead of being a global middleware
since IO stat to check if request path matches a physical file in the
disk every single time is not very performant
2022-07-22 01:12:35 +07:00
Bobby Wibowo
30e9227a78
feat: custom pages use ServeLiveDirectory
...
they now have conditional GET suppor too
2022-07-22 01:09:17 +07:00
Bobby Wibowo
51e12e13c0
refactor: rateLimiter.js
2022-07-22 00:57:57 +07:00
Bobby Wibowo
d6020d81ae
feat: serveStatic with accept-ranges support
...
for streaming support
and with conditional GET support
2022-07-22 00:01:25 +07:00
Bobby Wibowo
d9fd98f7de
feat: improved serveLiveDirectory
...
allow disabling etag and lastModified headers if required
2022-07-21 23:56:57 +07:00
Bobby Wibowo
1b4b73b67c
feat: improved errorsController.js
...
mainly handling generic errors
2022-07-21 23:56:08 +07:00
Bobby Wibowo
c0e91e205c
chore: rateLimiter.js
2022-07-21 23:55:48 +07:00
Bobby Wibowo
97bd8f9e5a
chore: serveLiveDirectory.js
2022-07-21 21:14:56 +07:00
Bobby Wibowo
e7a15ecc47
feat: custom livedirectory middleware
...
with conditional gets support
2022-07-21 21:13:46 +07:00
Bobby Wibowo
ad22285661
refactor: res.set -> res.header
...
res.set() is an expressjs-compat function with unnecessary checks for
our use case
2022-07-21 20:28:10 +07:00
Bobby
e6753ab15d
fix: handle connection drop on multiform upload
2022-07-15 01:40:57 +07:00
Bobby
27f3bc3119
perf: don't wrap multipart handler in try-catch
...
fixed in https://github.com/kartikk221/hyper-express/releases/tag/6.3.0
2022-07-15 01:06:28 +07:00
Bobby Wibowo
f40c9e0287
chore: serveStatic.js
2022-07-14 18:34:25 +07:00
Bobby Wibowo
7f6c29b136
fix: properly clean rejected empty files
...
should also now properly clean temp files from other unexpected errors
2022-07-14 18:18:39 +07:00
Bobby Wibowo
5ee82ce680
perf: don't wait for unlink promise in fail upload
...
just let it run in the background and respond to client immediately
2022-07-14 18:17:46 +07:00
Bobby Wibowo
7710e63d70
fix: prevent hashStream.update() after .dispose()
2022-07-14 17:01:59 +07:00
Bobby Wibowo
29b16edc04
perf: improve uploads flow
...
lessen temporary objects/variables creation,
and refactor some variable names to be more obvious
2022-07-14 16:35:06 +07:00
Bobby Wibowo
ac63f8b76d
perf: no try-catch block on cloudflare cache purge
2022-07-14 14:41:55 +07:00
Bobby Wibowo
c32f18a697
fix: uploads mimetype not properly set
2022-07-12 15:26:53 +07:00
Bobby Wibowo
0f6409132a
feat: busboy limits and multipart errors handler
...
unfortunately to capture multipart errors, we have to wrap the entire
callback function with try-catch block
but it appears overall processing is still slightly faster than
expressjs + multer
2022-07-12 14:39:16 +07:00
Bobby Wibowo
7f9d05da26
feat: multer -> hyper-express multipartfield
...
get outta here multer, lmao
2022-07-12 13:07:13 +07:00
Bobby Wibowo
e9736f436c
feat: have res.render return the compiled html
2022-07-12 10:41:58 +07:00
Bobby Wibowo
80d59ff2f0
feat: front-end pages middleware
...
custom pages may now override any built-in pages on the fly as lolisafe
is running
also added internal persistent cache feature into NunjucksRenderer
front-end pages will now be persistently cached during production
2022-07-12 10:31:59 +07:00