Commit Graph

259 Commits

Author SHA1 Message Date
Bobby Wibowo
6ba30a23c6
feat: improved chunked uploads lifecycle
added checks when there's an attempt to uploads chunks to same file in
parallel

improved final file size checks
2022-07-25 07:09:28 +07:00
Bobby Wibowo
ee8f1914ca
feat: req content-type for upload api 2022-07-25 06:13:12 +07:00
Bobby Wibowo
1b109e0dc0
feat: req content-type json -> application/json 2022-07-25 06:12:55 +07:00
Bobby
4ca64b141f
refactor: do not await assertRequestType
it's not an async function, lmao
2022-07-22 08:50:26 +07:00
Bobby
951737d7d0
feat: handle upload post api based on request type
it'd previously always try to parse as multipart first
now it'll immediately assume the upload post api is for url uploads if
the request type is json
2022-07-22 08:42:11 +07:00
Bobby
776ab8ab37
feat: assert request content-type in post apis 2022-07-22 08:40:40 +07:00
Bobby Wibowo
aa85d04d34
fix: url uploads failing 2022-07-22 04:20:37 +07:00
Bobby Wibowo
96d276b396
fix: check if req.path_parameters is set 2022-07-22 02:03:59 +07:00
Bobby Wibowo
7b9fca0bc3
refactor: req.params -> .path_parameters
direct hyper-express prop get
2022-07-22 01:44:15 +07:00
Bobby
e6753ab15d
fix: handle connection drop on multiform upload 2022-07-15 01:40:57 +07:00
Bobby
27f3bc3119
perf: don't wrap multipart handler in try-catch
fixed in https://github.com/kartikk221/hyper-express/releases/tag/6.3.0
2022-07-15 01:06:28 +07:00
Bobby Wibowo
7f6c29b136
fix: properly clean rejected empty files
should also now properly clean temp files from other unexpected errors
2022-07-14 18:18:39 +07:00
Bobby Wibowo
5ee82ce680
perf: don't wait for unlink promise in fail upload
just let it run in the background and respond to client immediately
2022-07-14 18:17:46 +07:00
Bobby Wibowo
7710e63d70
fix: prevent hashStream.update() after .dispose() 2022-07-14 17:01:59 +07:00
Bobby Wibowo
29b16edc04
perf: improve uploads flow
lessen temporary objects/variables creation,
and refactor some variable names to be more obvious
2022-07-14 16:35:06 +07:00
Bobby Wibowo
c32f18a697
fix: uploads mimetype not properly set 2022-07-12 15:26:53 +07:00
Bobby Wibowo
0f6409132a
feat: busboy limits and multipart errors handler
unfortunately to capture multipart errors, we have to wrap the entire
callback function with try-catch block

but it appears overall processing is still slightly faster than
expressjs + multer
2022-07-12 14:39:16 +07:00
Bobby Wibowo
7f9d05da26
feat: multer -> hyper-express multipartfield
get outta here multer, lmao
2022-07-12 13:07:13 +07:00
Bobby Wibowo
38d86779ae
refactor: HUGE REFACTOR for hyper-express 2022-07-10 19:46:25 +07:00
Bobby Wibowo
b3a304729f
refactor: uploadController pass errors 2022-07-10 14:20:49 +07:00
Bobby
2ca2fef301
feat: use SimpleDataStore for album pages cache
this should have better lifecycle and use less memory over time, since
we can define max items in cache
at the moment hard-coded to 10 cached pages (inclusive of nojs version
if ever generated)
2022-07-06 17:51:34 +07:00
Bobby Wibowo
1404cf9328
fix: utf-8 filename breaks
https://github.com/expressjs/multer/issues/1104
2022-07-03 10:18:04 +07:00
Bobby Wibowo
38e673226f
fix: inconsistent size field in DB !! yarn migrate
we used to store number directly into the string size field, and
during the conversion it seemed to always add ".0" at the final string,
probably because the driver or sqlite3 itself assumes float

please run yarn migrate after pulling this commit
if you skip converting the DB, file duplicates check will fail to
function

and in the future im planning to do size statistics in bigint, which
will also fail if not converted
2022-06-29 14:35:00 +07:00
Bobby Wibowo
b117fa9ad1
feat: expose utils to nunjucks templates
also fix nunjucks templates not adhering to env vars overrides for
domains config options, because they attempted to read config directly
2022-06-29 13:58:09 +07:00
Bobby
b17b24b159
feat: new page /file/:identifier
this will display all information recorded from the specified file, but
only to the users that own them (it requires token)

this page also has a delete file button, allowing us to provide link to
this page for sharex deletion url option

once again, this is only for authenticated users, and will only show
file that the users own, unless said user is a moderator or higher
2022-06-28 12:03:49 +07:00
Bobby
5d1bea39ef
feat: new api /api/upload/get/:identifier
this api only returns file that the user owns (thus token must be set)
2022-06-28 11:57:56 +07:00
Bobby Wibowo
9d4c08e460
feat: some env vars support 2022-06-22 13:27:38 +07:00
Bobby Wibowo
954df13aa2
fix: better null domain fallback logic 2022-06-22 11:22:35 +07:00
Bobby
8799189a04
feat: initiate db connection only once
db is now initiated via utilsController, and gets re-used by main
lolisafe.js script and the other controllers

this should now make sure we only have 1 active db connection pool ever

this is a pretty big refactor due to how we used to reference db,
but it should functionally be identical
2022-06-04 04:21:56 +07:00
Bobby
d2b8656800
fix: url uploads stricter error handling
this should properly dispose of unfinished write & hasher streams on
any errors if they have been initiated

also do content-length header check a bit more early
2022-05-08 15:35:28 +07:00
Bobby
ce71a9e8d6
feat: better size check for url uploads
first layer is via sending HEAD request to the url to determine its size
via content-length header
however not all hosts properly set the header, so we ignore it if
it isn't a valid number

next via size option in fetch(), which supposedly limits response body
size during the request itself (?)

lastly via checking actual bytes written to physical file as reported by
fs.createWriteStream()
2022-05-08 15:19:29 +07:00
Bobby
71a6adc3d3
fix: url uploads failing with missing content-type 2022-05-08 15:15:10 +07:00
Bobby
eeb1611b2a
fix: failsafes for chunks timeout 2022-05-08 12:01:18 +07:00
Bobby
f3b7d5e56d
fix: empty string for age header failing 2022-05-08 12:00:27 +07:00
Bobby
2d147e748b
feat: usergroup-based file retention periods
this supersedes the old temporaryUploadAges, while maintaining full
backwards-compatibility.

please consult config.sample.js if you want to start using this
2022-05-07 02:17:31 +07:00
Bobby
3d94ae599e
feat: debug log for clean files 2022-04-23 05:01:56 +07:00
Bobby
88d32a6dcf
refactor: uploadController.js 2022-04-23 04:48:59 +07:00
Bobby
86c26cb50c
feat: some bypass support to passthrough scanning
only usergroup and file extension bypass

real file size can't be determined before passthrough scan,
so there's no bypass by max file size
please read the comments in sample config file

refactored utils.clamscan into utils.scan
2022-04-23 04:44:01 +07:00
Bobby
9af52e068d
docs: config and uploadController 2022-04-16 23:06:25 +07:00
Bobby
4b9740cf5c
docs: uploadController.js 2022-04-16 20:44:11 +07:00
Bobby
b5aa8d0758
fix: passthrough scan 2022-04-16 13:33:11 +07:00
Bobby
db254c602b
feat: experimental clamscan passthrough support
when enabled, passthrough scanning will be used for non-chunked uploads

upload processing will be significantly faster if scanning is required
2022-04-15 16:41:05 +07:00
Bobby
6788dc2094
fix: align with clamscan v2 2022-04-15 15:36:50 +07:00
Bobby
ffc82f6a2a
feat: logger.debug() outputs only on dev mode 2022-04-15 15:30:32 +07:00
Bobby
b86aa8dc08
fix: private upload custom response config option 2021-06-08 08:01:11 +07:00
Bobby Wibowo
48488667c8
feat: limit upload to specific usergroups 2021-05-22 20:59:00 +07:00
Bobby Wibowo
5a74776978
fix: thumbnails not generated with mixed case
e.g. .jpG, .JPG, .PnG, etc.

Also simplified some codes.
2021-02-01 05:23:53 +07:00
Bobby Wibowo
631d14d887
feat: better extension names parsing
It will now preserve upper/lower/mixed case.

It will now properly preserve all tarballs (#370).
2021-01-29 23:15:24 +07:00
Bobby Wibowo
a5607c00f6
refactor: make use of improved utils.authorize() 2021-01-08 10:50:25 +07:00
Bobby Wibowo
b5af733dc2
refactor: Client/ServerError on uploadController 2021-01-08 09:44:04 +07:00