drop.chapril.org-firefoxsend/server/routes/upload.js

const crypto = require('crypto');
const storage = require('../storage');
const config = require('../config');
const mozlog = require('../log');

const log = mozlog('send.upload');

module.exports = function(req, res) {
  const newId = crypto.randomBytes(5).toString('hex');
  const metadata = req.header('X-File-Metadata');
  const auth = req.header('Authorization');
  if (!metadata || !auth) {
    return res.sendStatus(400);
  }
  const owner = crypto.randomBytes(10).toString('hex');
  const meta = {
    owner,
    metadata,
    auth: auth.split(' ')[1],
    nonce: crypto.randomBytes(16).toString('base64')
  };
  req.pipe(req.busboy);

  req.busboy.on('file', async (fieldname, file) => {
    try {
      await storage.set(newId, file, meta);
      const protocol = config.env === 'production' ? 'https' : req.protocol;
      const url = `${protocol}://${req.get('host')}/download/${newId}/`;
      res.set('WWW-Authenticate', `send-v1 ${meta.nonce}`);
      res.json({
        url,
        owner: meta.owner,
        id: newId
      });
    } catch (e) {
      log.error('upload', e);
      if (e.message === 'limit') {
        return res.sendStatus(413);
      }
      res.sendStatus(500);
    }
  });

  req.on('close', async err => {
    try {
      await storage.del(newId);
    } catch (e) {
      log.info('DeleteError:', newId);
    }
  });
};
a few changes to make A/B testing easier 2017-08-24 23:54:02 +02:00			`const crypto = require('crypto');`
			`const storage = require('../storage');`
			`const config = require('../config');`
			`const mozlog = require('../log');`

			`const log = mozlog('send.upload');`

			`module.exports = function(req, res) {`
			`const newId = crypto.randomBytes(5).toString('hex');`
Add optional password to the download url 2017-08-31 18:43:36 +02:00			`const metadata = req.header('X-File-Metadata');`
			`const auth = req.header('Authorization');`
			`if (!metadata \|\| !auth) {`
			`return res.sendStatus(400);`
a few changes to make A/B testing easier 2017-08-24 23:54:02 +02:00			`}`
Added multiple download option 2017-11-30 22:41:09 +01:00			`const owner = crypto.randomBytes(10).toString('hex');`
Add optional password to the download url 2017-08-31 18:43:36 +02:00			`const meta = {`
Added multiple download option 2017-11-30 22:41:09 +01:00			`owner,`
Add optional password to the download url 2017-08-31 18:43:36 +02:00			`metadata,`
			`auth: auth.split(' ')[1],`
			`nonce: crypto.randomBytes(16).toString('base64')`
			`};`
a few changes to make A/B testing easier 2017-08-24 23:54:02 +02:00			`req.pipe(req.busboy);`

Add optional password to the download url 2017-08-31 18:43:36 +02:00			`req.busboy.on('file', async (fieldname, file) => {`
			`try {`
			`await storage.set(newId, file, meta);`
			`const protocol = config.env === 'production' ? 'https' : req.protocol;`
			const url = `${protocol}://${req.get('host')}/download/${newId}/`;
			res.set('WWW-Authenticate', `send-v1 ${meta.nonce}`);
			`res.json({`
			`url,`
Added multiple download option 2017-11-30 22:41:09 +01:00			`owner: meta.owner,`
Add optional password to the download url 2017-08-31 18:43:36 +02:00			`id: newId`
			`});`
			`} catch (e) {`
			`log.error('upload', e);`
			`if (e.message === 'limit') {`
			`return res.sendStatus(413);`
a few changes to make A/B testing easier 2017-08-24 23:54:02 +02:00			`}`
Add optional password to the download url 2017-08-31 18:43:36 +02:00			`res.sendStatus(500);`
a few changes to make A/B testing easier 2017-08-24 23:54:02 +02:00			`}`
Add optional password to the download url 2017-08-31 18:43:36 +02:00			`});`
a few changes to make A/B testing easier 2017-08-24 23:54:02 +02:00
			`req.on('close', async err => {`
			`try {`
refactored server 2018-02-06 23:31:18 +01:00			`await storage.del(newId);`
a few changes to make A/B testing easier 2017-08-24 23:54:02 +02:00			`} catch (e) {`
			`log.info('DeleteError:', newId);`
			`}`
			`});`
			`};`