added fxa auth to /params
This commit is contained in:
parent
718d74fa50
commit
fb7176d989
25
app/api.js
25
app/api.js
@ -1,12 +1,16 @@
|
||||
import { arrayToB64, b64ToArray, delay } from './utils';
|
||||
import { ECE_RECORD_SIZE } from './ece';
|
||||
|
||||
function post(obj) {
|
||||
function post(obj, bearerToken) {
|
||||
const h = {
|
||||
'Content-Type': 'application/json'
|
||||
};
|
||||
if (bearerToken) {
|
||||
h['Authentication'] = `Bearer ${bearerToken}`;
|
||||
}
|
||||
return {
|
||||
method: 'POST',
|
||||
headers: new Headers({
|
||||
'Content-Type': 'application/json'
|
||||
}),
|
||||
headers: new Headers(h),
|
||||
body: JSON.stringify(obj)
|
||||
};
|
||||
}
|
||||
@ -43,13 +47,16 @@ export async function del(id, owner_token) {
|
||||
return response.ok;
|
||||
}
|
||||
|
||||
export async function setParams(id, owner_token, params) {
|
||||
export async function setParams(id, owner_token, bearerToken, params) {
|
||||
const response = await fetch(
|
||||
`/api/params/${id}`,
|
||||
post({
|
||||
owner_token,
|
||||
dlimit: params.dlimit
|
||||
})
|
||||
post(
|
||||
{
|
||||
owner_token,
|
||||
dlimit: params.dlimit
|
||||
},
|
||||
bearerToken
|
||||
)
|
||||
);
|
||||
return response.ok;
|
||||
}
|
||||
|
@ -56,7 +56,11 @@ export default function(state, emitter) {
|
||||
});
|
||||
|
||||
emitter.on('changeLimit', async ({ file, value }) => {
|
||||
await file.changeLimit(value);
|
||||
const ok = await file.changeLimit(value, state.user);
|
||||
if (!ok) {
|
||||
// TODO
|
||||
return;
|
||||
}
|
||||
state.storage.writeFile(file);
|
||||
metrics.changedDownloadLimit(file);
|
||||
});
|
||||
@ -138,6 +142,7 @@ export default function(state, emitter) {
|
||||
metrics.completedUpload(ownedFile);
|
||||
|
||||
state.storage.addFile(ownedFile);
|
||||
// TODO integrate password and limit into /upload request
|
||||
if (password) {
|
||||
emitter.emit('password', { password, file: ownedFile });
|
||||
}
|
||||
|
@ -48,10 +48,10 @@ export default class OwnedFile {
|
||||
return del(this.id, this.ownerToken);
|
||||
}
|
||||
|
||||
changeLimit(dlimit) {
|
||||
changeLimit(dlimit, user = {}) {
|
||||
if (this.dlimit !== dlimit) {
|
||||
this.dlimit = dlimit;
|
||||
return setParams(this.id, this.ownerToken, { dlimit });
|
||||
return setParams(this.id, this.ownerToken, user.bearerToken, { dlimit });
|
||||
}
|
||||
return Promise.resolve(true);
|
||||
}
|
||||
|
@ -129,7 +129,7 @@ module.exports = function(state, emit) {
|
||||
|
||||
emit('upload', {
|
||||
type: 'click',
|
||||
dlCount: state.downloadCount,
|
||||
dlCount: state.downloadCount || 1,
|
||||
password: state.password
|
||||
});
|
||||
}
|
||||
|
@ -84,8 +84,14 @@ errorPageHeader = Something went wrong!
|
||||
errorPageMessage = There has been an error uploading the file.
|
||||
errorPageLink = Send another file
|
||||
fileTooBig = That file is too big to upload. It should be less than { $size }.
|
||||
tooManyFiles = Only { $count } files can be uploaded at a time.
|
||||
tooManyArchives = Only { $count } archives are allowed.
|
||||
# count will always be > 10
|
||||
tooManyFiles = { $count ->
|
||||
*[other] Only { $count } files can be uploaded at a time.
|
||||
}
|
||||
# count will always be > 10
|
||||
tooManyArchives = { $count ->
|
||||
*[other] Only { $count } archives are allowed.
|
||||
}
|
||||
linkExpiredAlt = Link expired
|
||||
expiredPageHeader = This link has expired or never existed in the first place!
|
||||
notSupportedHeader = Your browser is not supported.
|
||||
|
@ -87,7 +87,12 @@ module.exports = function(app) {
|
||||
app.post('/api/upload', auth.fxa, require('./upload'));
|
||||
app.post(`/api/delete/:id${ID_REGEX}`, auth.owner, require('./delete'));
|
||||
app.post(`/api/password/:id${ID_REGEX}`, auth.owner, require('./password'));
|
||||
app.post(`/api/params/:id${ID_REGEX}`, auth.owner, require('./params'));
|
||||
app.post(
|
||||
`/api/params/:id${ID_REGEX}`,
|
||||
auth.owner,
|
||||
auth.fxa,
|
||||
require('./params')
|
||||
);
|
||||
app.post(`/api/info/:id${ID_REGEX}`, auth.owner, require('./info'));
|
||||
|
||||
app.get('/__version__', function(req, res) {
|
||||
|
@ -2,9 +2,9 @@ const config = require('../config');
|
||||
const storage = require('../storage');
|
||||
|
||||
module.exports = function(req, res) {
|
||||
const max = req.user ? config.max_downloads : config.anon_max_downloads;
|
||||
const dlimit = req.body.dlimit;
|
||||
// TODO: fxa auth
|
||||
if (!dlimit || dlimit > config.max_downloads) {
|
||||
if (!dlimit || dlimit > max) {
|
||||
return res.sendStatus(400);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user