2015-07-09 23:01:43 +01:00
|
|
|
import fs from 'fs';
|
|
|
|
import path from 'path';
|
|
|
|
import mime from 'mime-types';
|
|
|
|
import hostrFileStream from '../../lib/hostr-file-stream';
|
|
|
|
import { formatFile } from '../../lib/format';
|
|
|
|
|
|
|
|
import debugname from 'debug';
|
|
|
|
const debug = debugname('hostr-web:file');
|
|
|
|
|
|
|
|
const storePath = process.env.STORE_PATH || path.join(process.env.HOME, '.hostr', 'uploads');
|
|
|
|
|
|
|
|
const userAgentCheck = function(userAgent) {
|
|
|
|
if (!userAgent){
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return userAgent.match(/^(wget|curl|vagrant)/i);
|
|
|
|
};
|
|
|
|
|
2015-08-09 01:11:48 +01:00
|
|
|
const hotlinkCheck = function(file, userAgent, referrer) {
|
|
|
|
return !userAgentCheck(userAgent) && !file.width && !(referrer.match(/^https:\/\/hostr.co/) || referrer.match(/^http:\/\/localhost:4040/))
|
|
|
|
};
|
|
|
|
|
2015-07-09 23:01:43 +01:00
|
|
|
export function* get(id, name, size) {
|
|
|
|
const file = yield this.db.Files.findOne({_id: id, 'file_name': name, 'status': 'active'});
|
|
|
|
this.assert(file, 404);
|
2015-08-09 17:21:39 +01:00
|
|
|
|
2015-08-09 01:11:48 +01:00
|
|
|
if (hotlinkCheck(file, this.headers['user-agent'], this.headers['referer'])) {
|
2015-08-09 17:21:39 +01:00
|
|
|
return this.redirect('/' + id);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!file.width && this.request.query.warning != 'on') {
|
|
|
|
return this.redirect('/' + id);
|
2015-08-09 01:11:48 +01:00
|
|
|
}
|
2015-08-09 17:21:39 +01:00
|
|
|
|
|
|
|
if (file.malware) {
|
|
|
|
let alert = this.request.query.alert;
|
|
|
|
if (!alert || !alert.match(/i want to download malware/i)) {
|
|
|
|
return this.redirect('/' + id);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-07-09 23:01:43 +01:00
|
|
|
let localPath = path.join(storePath, file._id[0], file._id + '_' + file.file_name);
|
|
|
|
let remotePath = path.join(file._id[0], file._id + '_' + file.file_name);
|
|
|
|
if (size > 0) {
|
|
|
|
localPath = path.join(storePath, file._id[0], size, file._id + '_' + file.file_name);
|
|
|
|
remotePath = path.join(size, file._id + '_' + file.file_name);
|
|
|
|
}
|
|
|
|
|
2015-08-09 17:21:39 +01:00
|
|
|
if (file.malware) {
|
|
|
|
this.statsd.incr('file.malware.download', 1);
|
|
|
|
}
|
|
|
|
|
2015-07-09 23:01:43 +01:00
|
|
|
let type = 'application/octet-stream';
|
|
|
|
if (file.width > 0) {
|
2015-08-09 17:21:39 +01:00
|
|
|
if (size) {
|
|
|
|
this.statsd.incr('file.view', 1);
|
|
|
|
}
|
2015-07-09 23:01:43 +01:00
|
|
|
type = mime.lookup(file.file_name);
|
2015-08-09 17:21:39 +01:00
|
|
|
} else {
|
|
|
|
this.statsd.incr('file.download', 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (userAgentCheck(this.headers['user-agent'])) {
|
|
|
|
this.set('Content-Disposition', 'attachment; filename=' + file.file_name);
|
2015-07-09 23:01:43 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
this.set('Content-type', type);
|
|
|
|
this.set('Expires', new Date(2020, 1).toISOString());
|
|
|
|
this.set('Cache-control', 'max-age=2592000');
|
|
|
|
|
|
|
|
this.body = yield hostrFileStream(localPath, remotePath);
|
|
|
|
}
|
|
|
|
|
|
|
|
export function* resized(size, id, name) {
|
|
|
|
yield get.call(this, id, name, size);
|
|
|
|
}
|
|
|
|
|
|
|
|
export function* landing(id, next) {
|
|
|
|
if (id === 'config.js') {
|
|
|
|
return yield next;
|
|
|
|
}
|
|
|
|
const file = yield this.db.Files.findOne({_id: id});
|
|
|
|
this.assert(file, 404);
|
|
|
|
if(userAgentCheck(this.headers['user-agent'])) {
|
2015-08-09 01:11:48 +01:00
|
|
|
return yield get.call(this, file._id, file.file_name);
|
2015-07-09 23:01:43 +01:00
|
|
|
}
|
2015-08-09 17:21:39 +01:00
|
|
|
this.statsd.incr('file.landing', 1);
|
2015-07-09 23:01:43 +01:00
|
|
|
const formattedFile = formatFile(file);
|
|
|
|
yield this.render('file', {file: formattedFile});
|
|
|
|
}
|