Commit Graph

1691 Commits

Author SHA1 Message Date
Bobby Wibowo
77e87a3ac3
Updated real-ip-from-cf 2020-07-02 15:22:22 +07:00
Bobby Wibowo
2edb7f8bab
Updated dependencies
Bumped v1 version string and rebuilt client assets
2020-07-02 15:16:13 +07:00
Bobby Wibowo
2f7d1533e3
Merge branch 'camjac251-location.hostname' into safe.fiery.me 2020-07-02 15:11:21 +07:00
camjac251
7a23707555
change window.location.host to window.location.hostname
location.hostname() is unsupported by Opera and gives an error using the latest ESLint gulp plugin.
2020-07-01 13:59:22 -05:00
Bobby Wibowo
1981159805
Updated auth.njk again (and auth.js)
Better solution for #215

Bumped v1 version string and rebuilt client asset
2020-06-27 17:42:36 +07:00
Bobby Wibowo
4dfe776ff7
Updated auth.njk
Resolves #215
2020-06-27 17:24:12 +07:00
Bobby Wibowo
117f2ff0a4
Merge branch 'cf-api-token' into safe.fiery.me 2020-06-26 16:46:32 +07:00
Bobby Wibowo
bd3c86c1bb
Fix typos in config.sample.js 2020-06-26 13:58:23 +07:00
Bobby Wibowo
a93e34bf87
Init cf-api-token 2020-06-26 13:48:15 +07:00
Bobby Wibowo
0caa669980
Fix homepage's Config tab not saving some options
Resolved #211

Bumped v1 version string and rebuilt client asset
2020-06-22 19:45:42 +07:00
Bobby Wibowo
49ec795941
Disabled file delete GET API
40dd66297612b2a8429c8fcad2b07170a3ba582b#commitcomment-40060391
2020-06-21 22:21:38 +07:00
Bobby Wibowo
40dd662976
Removed delete URL from upload response
I wasn't aware ShareX wouldn't do a basic GET request to the delete URL,
but would instead open your browser to it.
Unfortunately, due to the structure of lolisafe auth setting token
through HTTP header, which had always been done by JS as it has to get
the value from local storage, just visiting the API from browser will
merely respond with "No token provided".
We'd need cookie-based auth, which I do not want to add.
The old me that added deletion API long ago might have been aware of
this fact, but the me of a few hours ago already forgot..
I'll give this further thoughts at a later date, as ShareX isn't really
a priority to me.

Bumped v1 version string and rebuilt client assets.
2020-06-20 04:01:16 +07:00
Bobby Wibowo
b4ab04f55a
Async-load render.js
Also fixed undefined vars check, as var === undefined throws error
when truly not defined.
It's probably specific to browsers (don't recall seeing this in node).

Bumped v1 version string and rebuilt client assets.
2020-06-20 03:33:39 +07:00
Bobby Wibowo
d29621d5ff
Make render.js standalone
Despite that, it still expects the existence of a so-called main script
in "page" variable, and also expects to be loaded by it instead,
with an internal check to load itself if the main script fails to call
itself within the expected conditions.

Improved button colors in SweetAlert prompts.

Refactored window.onload() to DOMContentLoaded's event listener.
This should essentially allow pages to have multiple scripts that listen
to that event.

Bumped v1 version string and rebuilt client assets.
2020-06-20 02:30:57 +07:00
Bobby Wibowo
51c8df71bc
Added deletion URL for ShareX or derivatives
For registered users only!
This requires adding a basic GET API for file deletion, so that I did.
Configs which guests download will not include pattern for delete URL,
so they won't get notified of unusable delete URL or anything like that.

dev: Improved logger.debug() to support specifying options for node's
Util.inspect() if an object is set as its last param
(assuming >1 params).
Default options now also includes enabling colors.

src/js/utils.js: Simplified dynamic ShareX config generator.
Among other things, it will now use JSON.stringify().
I don't even remember why we didn't use that in the first place..

Some logic improvements in src/js/home.js.

Bumped v1 version string and rebuilt client assets.
2020-06-20 01:28:23 +07:00
Bobby Wibowo
e552017bfb
Change deps versions from major to minor ranges
Since I'd usually test for new versions of dependencies anyway, only
minor version updates that I personally support for self-update.
2020-06-20 00:17:16 +07:00
Bobby Wibowo
fc0433dd67
Updated README.md 2020-06-18 04:09:01 +07:00
Bobby Wibowo
4aeb364d0d
Upgraded all dependencies
Consult package.json
2020-06-18 03:46:27 +07:00
Bobby Wibowo
a4d33c67a2
Updated uploadController.js 2020-06-16 03:01:32 +07:00
Bobby Wibowo
585331c6e5
Added timeout on chunked uploads
The service will now automatically clean up any leftover data from any
inactive & unfinished chunked upload attempts.

Updated config.sample.js for updated description and new sub-option
for chunkSize option.
2020-06-15 23:48:43 +07:00
Bobby Wibowo
b4c8b1d90e
BLAZING FAST CHUNKED UPLOADS 🚀
Inspired by our recent switch to using blake3 for file hashing, chunks
will now be written to a tmp file directly as they're uploaded.
So no more waiting so long for "rebuilding chunks".
There will still be some delay on every following attempts of uploading
each chunks. I'm not sure the specifics, as we're already reusing the
write stream.
2020-06-15 23:14:33 +07:00
Bobby Wibowo
14b97ecbf1
Updated uploadController.js
Make sure .generateThumbs() is always on force mode.
There may be stray thumbnails that weren't stored in DB due to
unexpected errors and whatnot.
2020-06-15 21:10:40 +07:00
Bobby Wibowo
0b8b1ed026
More fixes to thumbnailers
Use fluent-ffmpeg's .screenshots() function instead,
with some countermeasures for weird situations.

No more selective error suppressions.
2020-06-15 21:04:30 +07:00
Bobby Wibowo
4225819b98
Updated src/js/misc/utils.js
Make prepareShareX function practically optional.
If the ShareX element is missing, it shouldn't break everything else.
2020-06-15 15:39:29 +07:00
Bobby Wibowo
15f29f3fb9
Better error handlers in home uploader 2020-06-10 03:01:12 +07:00
Bobby Wibowo
c1d3b9724c
Fix auto page thingy breaking
Basically, when you're on the very last page of either uploads or users
lists, and then you decide to delete all uploads/users in the list, by
default it will automatically load the latest valid page (e.g. page - 1,
or more if it has to).
Unfortunately, that behavior will get cancelled out by "Something else
is still loading" warning. This fixed that.

Bumped v1 version string and rebuilt client assets.
2020-06-10 02:06:43 +07:00
Bobby Wibowo
0851d71688
Fix SQLite not understanding escape char
I honestly expected Knex.js would've already handled this
2020-06-07 20:51:59 +07:00
Bobby Wibowo
8bcee712ac
A toggle button to show original file names
For admins, preference for your personal uploads list and Manage uploads
aren't shared, just like thumbs/lists toggle.

Non-keyed keywords for filtering will now apply to original names too.

Added a new fontello icon for this button.

Various other things I'm too lazy to write.
2020-06-07 12:29:17 +07:00
Bobby Wibowo
6d5ee7dd63
Thumbs size 2020-06-06 19:43:20 +07:00
Bobby Wibowo
46c84db64f
Merge branch 'patch-3' of https://github.com/camjac251/lolisafe into camjac251-patch-3 2020-06-06 19:34:46 +07:00
Bobby Wibowo
28c64d531a
Potentially much better video thumbnails
Notable changes, use fluent-ffmpeg's functions instead of passing raw
ffmpeg switches with inputOptions() or outputOptions().

It seems fluent-ffmpeg may be doing some janks with outputOptions().
I can't get select="eq(pict_type\\,I)" to work with it, but it works
with videoFilters(). Weird stuff.
2020-06-06 19:28:42 +07:00
camjac251
cf2593465a Use top variable over config 2020-06-06 02:39:53 -05:00
Bobby Wibowo
8b4b0e79c5
Improved albums public page cache and more
Removed its dependency towards albums' editedAt property.
Editing album's metas (name, description, etc) will no longer update
its editedAt property.
Instead it will now ONLY be updated when adding/removing files to/from
it. Just like how it was meant to be, which was to be used to check
whether it's necessary to re-generate their downloadable ZIPs.

Albums public page cache will still be properly invalidated when
adding/removing files to/from it, as well as after editing their metas.

Added views/album-notice.njk to be used to render okay-ish notice when
an album's public page is still being generated.
I was originally thinking of using it for disabled albums as well, but
I refrained from it to reduce the possibility of disabled album IDs from
being easily scanned (as it just returns 404 now).

Removed invalidatedAt property from stats cache. Instead their caches
will immediately be nullified as they should (thus frees up memory
slightly as well).

Stats cache for albums will now only be cleared when truly necessary.
As in, adding/removing files to/from albums will no longer clear them.

Updated Nunjucks files to properly use h1, h2, h3 tags in actual
hierarchical orders.
Elements that don't need to use hX tags will now use P instead.
Nothing changes visually, only structurally.

Fixed some elements in Nunjucks using single quotes instead of
double quotes. They'd have worked the same, but consistency.

Added h1 title in FAQ page.

Make text for no JS warning a bit bigger, and improved the phrasing
a little bit.
2020-06-03 10:44:24 +07:00
Bobby Wibowo
f305b08077
Disable some buttons on disabled albums
Also apply strikethrough to their public links.
Though similar with albums that have their public links explicitly
disabled, despite having strikethrough, they're still clickable.
Of course they'll just lead to 404 page regardless.
2020-06-03 09:20:40 +07:00
camjac251
9a4c0d5cea Update utilsController.js 2020-06-01 04:27:57 -05:00
camjac251
776414814d add user config option for thumbnail size 2020-06-01 04:17:23 -05:00
Bobby Wibowo
7f58d80cff
Fixed URL uploads
I forgot that getting rid of the old hashing system would break this
due to the lack of hashing.
So, fixed that.
2020-06-01 12:23:15 +07:00
Bobby Wibowo
5e5d5c5647
Manage albums admin page, and more!
Resolves #194.

Added pagination for Manage your albums page.

Albums sidebar will now only list 9 albums at most.
Use Manage your albums page to view the rest.
Albums in the list will now have View uploads button after all.

Delete album button for albums renamed to Disable album.
Since techincally the server would've always been disabling the albums
instead of deleting them.
It was something upstream dev's decided, and I haven't bothered changing
its behavior.

I'll work on actual Delete album feature some other days.

As the title says, added Manage albums admin page.

Viewing uploads of an album will hook into albumid: filter key.

I'll work on filter and bulk operations some other days.

Updated styling for disabled albums and users.
Instead of havine a line through them, they will be greyed out.
Disable public page of albums will still use line through however.

Links to album's disabled public page are now clickable.

Added a new button styling is-dangerish.
It'll be orange.

Renamed /api/albums/delete to /api/albums/disable.
For backwards compatibility, /api/albums/delete will still work
but automatically re-routed to /api/albums/disable.

/api/uploads/list will no longer print SQLite errors for moderators
or higher when encountering them.
It was originally used to inform moderators of non-existing colum names
when used for sorting.
But on one of the recent commits, I had added a check for allowed colum
names.

Improved some caching in dashboard page.

Added new entries to cookie policy.

Some other small things.

Bumped v1 version string and rebuilt client assets.
2020-06-01 11:44:16 +07:00
Bobby Wibowo
255a5992b5
Simplified error pages for /a/ route
Send 404 error page when identifier is missing or album is not public.
2020-06-01 08:51:17 +07:00
Bobby Wibowo
5f8bad907c
Code clean ups 2020-06-01 08:44:48 +07:00
camjac251
de70b93cc6
thumbnail generation fix and scale
ffmpeg can sometimes generate broken thumbnails (sometimes a full grey image) when it seeks in the input instead of the output. When it's added after the input, it is a bit slower but it is more stable and will fixes the issue for various formats like HEVC or Prores.

The resolution could benefit from being increased 3x for users who scale up the webpage in their browser or tablet views. It becomes scaled up 200% or 300% when viewed on a smaller screen.
2020-05-29 05:51:38 -05:00
Bobby Wibowo
e7fc354729
Updated dependencies
systeminformation: 4.26.4 -> 4.26.5
As always, full upgrade. So some sub-dependencies were updated as well.
2020-05-29 02:58:56 +07:00
Bobby Wibowo
867d005b34
Updated uploadController.js
Removed unnecessary check.
2020-05-29 02:56:11 +07:00
Bobby Wibowo
62a977542e
Switched to BLAKE3 for file hashing [MORE]
UPDATE YOUR CONFIG FILE IF YOU USE CHUNKED UPLOADS!
Read more about this at the end.

Added new dependency: blake3

Hashes will be created as the uploads are being written to disk.
With exception for chunked uploads!
For them specifically, their hashes will be created as they're being
rebuilt into a single file.
Should still be a lot better than the previous case where it had to
re-read the already written files.

To support that feature, added a new file
controllers/multerStorageController.js.
It's just a custom storage engine for Multer.

chunkSize option now allows setting max chunk size from config file.
Previously it was hardcoded to 95MB, but assuming you have paid
Cloudflare plans, you can actually have up to 500MB.

Also moved the option to be after maxSize and before urlMaxSize.
Made a lot more sense to me this way, as chunked uploads only work on
regular uploads.

Updated v1 version string and rebuilt client assets.
2020-05-29 02:52:58 +07:00
Bobby Wibowo
df11fb12ce
Fixed racing condition in initial dirs creation
Fixed #190
2020-05-28 23:10:56 +07:00
Bobby Wibowo
1431bd3d90
Removed TODO.md in favor of GitHub Projects
https://github.com/BobbyWibowo/lolisafe/projects/1
2020-05-28 10:04:20 +07:00
Bobby Wibowo
76b9afbf88
Updated Nginx sample configs
Fixed indents and added lines to configure timeouts, among other things.
2020-05-28 09:54:40 +07:00
Bobby Wibowo
58cbcdd1fe
Updated some Nunjucks files and home.js
Updated options in _globals.njk to NOT use camelCase.

Rephrased banned categories.

Added toggle option for banned categories into faq.njk.

Added FAQ message about Tor and/or VPNs being blocked.

Updated faq.njk and cookiepolicy.njk for updated option names.

Updated cookie settings for Cookie Consent in home.js.
Now it will only enable Secure cookie if on HTTPS protocol.
This should properly store the cookie in local installations.

Bumped v1 version string and rebuilt client assets.
2020-05-28 05:18:09 +07:00
Bobby Wibowo
c36a76e981
Updated thumbs.js 2020-05-28 04:23:26 +07:00
Bobby Wibowo
cc122f63b8
Updated lolisafe.js
https://blog.fiery.me/recent-disturbance-with-temporary-uploads
Fix for temporary uploads failing forever just due to errors not being
caugh.
2020-05-27 01:18:25 +07:00