added fxa auth to /params
This commit is contained in:
parent
718d74fa50
commit
fb7176d989
25
app/api.js
25
app/api.js
@ -1,12 +1,16 @@
|
|||||||
import { arrayToB64, b64ToArray, delay } from './utils';
|
import { arrayToB64, b64ToArray, delay } from './utils';
|
||||||
import { ECE_RECORD_SIZE } from './ece';
|
import { ECE_RECORD_SIZE } from './ece';
|
||||||
|
|
||||||
function post(obj) {
|
function post(obj, bearerToken) {
|
||||||
|
const h = {
|
||||||
|
'Content-Type': 'application/json'
|
||||||
|
};
|
||||||
|
if (bearerToken) {
|
||||||
|
h['Authentication'] = `Bearer ${bearerToken}`;
|
||||||
|
}
|
||||||
return {
|
return {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
headers: new Headers({
|
headers: new Headers(h),
|
||||||
'Content-Type': 'application/json'
|
|
||||||
}),
|
|
||||||
body: JSON.stringify(obj)
|
body: JSON.stringify(obj)
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
@ -43,13 +47,16 @@ export async function del(id, owner_token) {
|
|||||||
return response.ok;
|
return response.ok;
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function setParams(id, owner_token, params) {
|
export async function setParams(id, owner_token, bearerToken, params) {
|
||||||
const response = await fetch(
|
const response = await fetch(
|
||||||
`/api/params/${id}`,
|
`/api/params/${id}`,
|
||||||
post({
|
post(
|
||||||
owner_token,
|
{
|
||||||
dlimit: params.dlimit
|
owner_token,
|
||||||
})
|
dlimit: params.dlimit
|
||||||
|
},
|
||||||
|
bearerToken
|
||||||
|
)
|
||||||
);
|
);
|
||||||
return response.ok;
|
return response.ok;
|
||||||
}
|
}
|
||||||
|
@ -56,7 +56,11 @@ export default function(state, emitter) {
|
|||||||
});
|
});
|
||||||
|
|
||||||
emitter.on('changeLimit', async ({ file, value }) => {
|
emitter.on('changeLimit', async ({ file, value }) => {
|
||||||
await file.changeLimit(value);
|
const ok = await file.changeLimit(value, state.user);
|
||||||
|
if (!ok) {
|
||||||
|
// TODO
|
||||||
|
return;
|
||||||
|
}
|
||||||
state.storage.writeFile(file);
|
state.storage.writeFile(file);
|
||||||
metrics.changedDownloadLimit(file);
|
metrics.changedDownloadLimit(file);
|
||||||
});
|
});
|
||||||
@ -138,6 +142,7 @@ export default function(state, emitter) {
|
|||||||
metrics.completedUpload(ownedFile);
|
metrics.completedUpload(ownedFile);
|
||||||
|
|
||||||
state.storage.addFile(ownedFile);
|
state.storage.addFile(ownedFile);
|
||||||
|
// TODO integrate password and limit into /upload request
|
||||||
if (password) {
|
if (password) {
|
||||||
emitter.emit('password', { password, file: ownedFile });
|
emitter.emit('password', { password, file: ownedFile });
|
||||||
}
|
}
|
||||||
|
@ -48,10 +48,10 @@ export default class OwnedFile {
|
|||||||
return del(this.id, this.ownerToken);
|
return del(this.id, this.ownerToken);
|
||||||
}
|
}
|
||||||
|
|
||||||
changeLimit(dlimit) {
|
changeLimit(dlimit, user = {}) {
|
||||||
if (this.dlimit !== dlimit) {
|
if (this.dlimit !== dlimit) {
|
||||||
this.dlimit = dlimit;
|
this.dlimit = dlimit;
|
||||||
return setParams(this.id, this.ownerToken, { dlimit });
|
return setParams(this.id, this.ownerToken, user.bearerToken, { dlimit });
|
||||||
}
|
}
|
||||||
return Promise.resolve(true);
|
return Promise.resolve(true);
|
||||||
}
|
}
|
||||||
|
@ -129,7 +129,7 @@ module.exports = function(state, emit) {
|
|||||||
|
|
||||||
emit('upload', {
|
emit('upload', {
|
||||||
type: 'click',
|
type: 'click',
|
||||||
dlCount: state.downloadCount,
|
dlCount: state.downloadCount || 1,
|
||||||
password: state.password
|
password: state.password
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
@ -84,8 +84,14 @@ errorPageHeader = Something went wrong!
|
|||||||
errorPageMessage = There has been an error uploading the file.
|
errorPageMessage = There has been an error uploading the file.
|
||||||
errorPageLink = Send another file
|
errorPageLink = Send another file
|
||||||
fileTooBig = That file is too big to upload. It should be less than { $size }.
|
fileTooBig = That file is too big to upload. It should be less than { $size }.
|
||||||
tooManyFiles = Only { $count } files can be uploaded at a time.
|
# count will always be > 10
|
||||||
tooManyArchives = Only { $count } archives are allowed.
|
tooManyFiles = { $count ->
|
||||||
|
*[other] Only { $count } files can be uploaded at a time.
|
||||||
|
}
|
||||||
|
# count will always be > 10
|
||||||
|
tooManyArchives = { $count ->
|
||||||
|
*[other] Only { $count } archives are allowed.
|
||||||
|
}
|
||||||
linkExpiredAlt = Link expired
|
linkExpiredAlt = Link expired
|
||||||
expiredPageHeader = This link has expired or never existed in the first place!
|
expiredPageHeader = This link has expired or never existed in the first place!
|
||||||
notSupportedHeader = Your browser is not supported.
|
notSupportedHeader = Your browser is not supported.
|
||||||
|
@ -87,7 +87,12 @@ module.exports = function(app) {
|
|||||||
app.post('/api/upload', auth.fxa, require('./upload'));
|
app.post('/api/upload', auth.fxa, require('./upload'));
|
||||||
app.post(`/api/delete/:id${ID_REGEX}`, auth.owner, require('./delete'));
|
app.post(`/api/delete/:id${ID_REGEX}`, auth.owner, require('./delete'));
|
||||||
app.post(`/api/password/:id${ID_REGEX}`, auth.owner, require('./password'));
|
app.post(`/api/password/:id${ID_REGEX}`, auth.owner, require('./password'));
|
||||||
app.post(`/api/params/:id${ID_REGEX}`, auth.owner, require('./params'));
|
app.post(
|
||||||
|
`/api/params/:id${ID_REGEX}`,
|
||||||
|
auth.owner,
|
||||||
|
auth.fxa,
|
||||||
|
require('./params')
|
||||||
|
);
|
||||||
app.post(`/api/info/:id${ID_REGEX}`, auth.owner, require('./info'));
|
app.post(`/api/info/:id${ID_REGEX}`, auth.owner, require('./info'));
|
||||||
|
|
||||||
app.get('/__version__', function(req, res) {
|
app.get('/__version__', function(req, res) {
|
||||||
|
@ -2,9 +2,9 @@ const config = require('../config');
|
|||||||
const storage = require('../storage');
|
const storage = require('../storage');
|
||||||
|
|
||||||
module.exports = function(req, res) {
|
module.exports = function(req, res) {
|
||||||
|
const max = req.user ? config.max_downloads : config.anon_max_downloads;
|
||||||
const dlimit = req.body.dlimit;
|
const dlimit = req.body.dlimit;
|
||||||
// TODO: fxa auth
|
if (!dlimit || dlimit > max) {
|
||||||
if (!dlimit || dlimit > config.max_downloads) {
|
|
||||||
return res.sendStatus(400);
|
return res.sendStatus(400);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user