drop.chapril.org-firefoxsend/server/routes/upload.js
2017-12-04 15:52:31 -08:00

56 lines
1.4 KiB
JavaScript

const crypto = require('crypto');
const storage = require('../storage');
const config = require('../config');
const mozlog = require('../log');
const log = mozlog('send.upload');
module.exports = function(req, res) {
const newId = crypto.randomBytes(5).toString('hex');
const metadata = req.header('X-File-Metadata');
const auth = req.header('Authorization');
if (!metadata || !auth) {
return res.sendStatus(400);
}
const owner = crypto.randomBytes(10).toString('hex');
const meta = {
dlimit: 1,
dl: 0,
owner,
delete: owner, // delete is deprecated
metadata,
pwd: 0,
auth: auth.split(' ')[1],
nonce: crypto.randomBytes(16).toString('base64')
};
req.pipe(req.busboy);
req.busboy.on('file', async (fieldname, file) => {
try {
await storage.set(newId, file, meta);
const protocol = config.env === 'production' ? 'https' : req.protocol;
const url = `${protocol}://${req.get('host')}/download/${newId}/`;
res.set('WWW-Authenticate', `send-v1 ${meta.nonce}`);
res.json({
url,
owner: meta.owner,
id: newId
});
} catch (e) {
log.error('upload', e);
if (e.message === 'limit') {
return res.sendStatus(413);
}
res.sendStatus(500);
}
});
req.on('close', async err => {
try {
await storage.forceDelete(newId);
} catch (e) {
log.info('DeleteError:', newId);
}
});
};