|
|
@ -24,7 +24,7 @@ var storage = multer.diskStorage({
|
|
|
|
},
|
|
|
|
},
|
|
|
|
filename: function (req, file, cb) {
|
|
|
|
filename: function (req, file, cb) {
|
|
|
|
if (req.params.id) {
|
|
|
|
if (req.params.id) {
|
|
|
|
cb(null, req.params.id + (req.params.filename?('-' + req.params.filename):'') +
|
|
|
|
cb(null, req.params.id + (req.params.label?('-' + req.params.label):'') +
|
|
|
|
'-' + new Date().getTime() + '.' + file.originalname.split('.').pop());
|
|
|
|
'-' + new Date().getTime() + '.' + file.originalname.split('.').pop());
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
cb(null, file.originalname);
|
|
|
|
cb(null, file.originalname);
|
|
|
@ -41,9 +41,9 @@ app.use(cookieParser());
|
|
|
|
app.use(function (req, res, next) {
|
|
|
|
app.use(function (req, res, next) {
|
|
|
|
res.header('Access-Control-Allow-Origin', req.headers.origin);
|
|
|
|
res.header('Access-Control-Allow-Origin', req.headers.origin);
|
|
|
|
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, x-xsrf-token');
|
|
|
|
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, x-xsrf-token');
|
|
|
|
res.header('Access-Control-Allow-Credentials', true);
|
|
|
|
res.header('Access-Control-Allow-Credentials', "true");
|
|
|
|
res.header('Access-Control-Allow-Methods', 'GET, OPTIONS, POST, DELETE');
|
|
|
|
res.header('Access-Control-Allow-Methods', 'GET, OPTIONS, POST, DELETE');
|
|
|
|
res.header('Access-Control-Max-Age', 1800);
|
|
|
|
res.header('Access-Control-Max-Age', "1800");
|
|
|
|
next();
|
|
|
|
next();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
@ -70,7 +70,7 @@ app.post("/upload", upload.array("uploads[]", 12), function (req, res) {
|
|
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
app.post(['/upload/:id', '/upload/stakeholder/:id', '/upload/:type/:id', '/upload/:type/:id/:filename'], upload.single('photo'), (req, res) => {
|
|
|
|
app.post(['/upload/:id', '/upload/stakeholder/:id', '/upload/:type/:id', '/upload/:type/:id/:label'], upload.single('photo'), (req, res) => {
|
|
|
|
let fileMaxSize = (req.query.big)?bigMaxSize:maxSize
|
|
|
|
let fileMaxSize = (req.query.big)?bigMaxSize:maxSize
|
|
|
|
sendFile(req, res, fileMaxSize, (result) => {
|
|
|
|
sendFile(req, res, fileMaxSize, (result) => {
|
|
|
|
let type = req.params['type'];
|
|
|
|
let type = req.params['type'];
|
|
|
@ -115,26 +115,8 @@ function sendFile(req, res, size, authorized) {
|
|
|
|
res.status(500).send(getResponse(500, "Exceeds file size limit"));
|
|
|
|
res.status(500).send(getResponse(500, "Exceeds file size limit"));
|
|
|
|
deleteFile(filepath);
|
|
|
|
deleteFile(filepath);
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
let url = (authDeprecated)?(auth + token):auth;
|
|
|
|
getUserInfo(authorized, req, res, () => {
|
|
|
|
http.get(url, {headers: {Cookie: req.header('Cookie')}}, function (resp) {
|
|
|
|
res.send(file);
|
|
|
|
var responseString = "";
|
|
|
|
|
|
|
|
resp.on("data", function (data) {
|
|
|
|
|
|
|
|
responseString += data;
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
resp.on("end", function () {
|
|
|
|
|
|
|
|
var result = JSON.parse(responseString);
|
|
|
|
|
|
|
|
if (result.error) {
|
|
|
|
|
|
|
|
res.status(401).send(getResponse(401, "Unauthorized"));
|
|
|
|
|
|
|
|
deleteFile(filepath);
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
if (authorized(result)) {
|
|
|
|
|
|
|
|
res.send(file);
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
res.status(401).send(getResponse(401, "Unauthorized"));
|
|
|
|
|
|
|
|
deleteFile(filepath);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -144,26 +126,32 @@ function deleteFileSend(req, res, authorized) {
|
|
|
|
if (!cookie) {
|
|
|
|
if (!cookie) {
|
|
|
|
res.status(401).send(getResponse(401, "Unauthorized"));
|
|
|
|
res.status(401).send(getResponse(401, "Unauthorized"));
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
let url = (authDeprecated)?(auth + cookie):auth;
|
|
|
|
getUserInfo(authorized, req, res, () => {
|
|
|
|
http.get(url, {headers: {Cookie: req.header('Cookie')}}, function (resp) {
|
|
|
|
deleteFile('./uploads/' + req.params.filename, res);
|
|
|
|
var responseString = "";
|
|
|
|
});
|
|
|
|
resp.on("data", function (data) {
|
|
|
|
}
|
|
|
|
responseString += data;
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
resp.on("end", function () {
|
|
|
|
function getUserInfo(authorized, req, res, success) {
|
|
|
|
var result = JSON.parse(responseString);
|
|
|
|
let url = (authDeprecated)?(auth + cookie):auth;
|
|
|
|
if (result.error) {
|
|
|
|
http.get(url, {headers: {Cookie: req.header('Cookie')}}, function (resp) {
|
|
|
|
res.status(401).send(getResponse(401, "Unauthorized"));
|
|
|
|
var responseString = "";
|
|
|
|
|
|
|
|
resp.on("data", function (data) {
|
|
|
|
|
|
|
|
responseString += data;
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
resp.on("end", function () {
|
|
|
|
|
|
|
|
var result = JSON.parse(responseString);
|
|
|
|
|
|
|
|
if (result.error) {
|
|
|
|
|
|
|
|
res.status(401).send(getResponse(401, "Unauthorized"));
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
if (authorized(result)) {
|
|
|
|
|
|
|
|
success();
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
if (authorized(result)) {
|
|
|
|
res.status(401).send(getResponse(401, "Unauthorized"));
|
|
|
|
deleteFile('./uploads/' + req.params.filename, res);
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
res.status(401).send(getResponse(401, "Unauthorized"));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function getResponse(code, message) {
|
|
|
|
function getResponse(code, message) {
|
|
|
|