🛂 Authorized required to access large file
This commit is contained in:
parent
35e4f9a9ad
commit
370ee84b34
@ -4,6 +4,7 @@ import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/samber/lo"
|
||||
"github.com/spf13/viper"
|
||||
|
||||
"git.solsynth.dev/hypernet/nexus/pkg/nex/sec"
|
||||
@ -40,10 +41,21 @@ func openAttachment(c *fiber.Ctx) error {
|
||||
|
||||
var err error
|
||||
var url, mimetype string
|
||||
var filesize int64
|
||||
size := lo.Ternary(c.QueryBool("preview", true), 1024, -1)
|
||||
if len(region) > 0 {
|
||||
url, mimetype, err = services.OpenAttachmentByRID(id, c.QueryBool("preview", true), region)
|
||||
url, filesize, mimetype, err = services.OpenAttachmentByRID(id, size, region)
|
||||
} else {
|
||||
url, mimetype, err = services.OpenAttachmentByRID(id, c.QueryBool("preview", true))
|
||||
url, filesize, mimetype, err = services.OpenAttachmentByRID(id, size)
|
||||
}
|
||||
|
||||
authenticated := false
|
||||
if err := sec.EnsureAuthenticated(c); err == nil {
|
||||
authenticated = true
|
||||
}
|
||||
|
||||
if filesize > viper.GetInt64("traffic.maximum_size") && !authenticated {
|
||||
return fiber.NewError(fiber.StatusForbidden, "file is too large, you need authorized to access")
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
|
@ -43,9 +43,9 @@ func openStickerByAlias(c *fiber.Ctx) error {
|
||||
|
||||
var url, mimetype string
|
||||
if len(region) > 0 {
|
||||
url, mimetype, err = services.OpenAttachmentByRID(sticker.Attachment.Rid, true, region)
|
||||
url, _, mimetype, err = services.OpenAttachmentByRID(sticker.Attachment.Rid, 256, region)
|
||||
} else {
|
||||
url, mimetype, err = services.OpenAttachmentByRID(sticker.Attachment.Rid, true)
|
||||
url, _, mimetype, err = services.OpenAttachmentByRID(sticker.Attachment.Rid, 288)
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
|
@ -7,6 +7,7 @@ import (
|
||||
"math/rand/v2"
|
||||
nurl "net/url"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"git.solsynth.dev/hypernet/nexus/pkg/nex/cachekit"
|
||||
@ -28,7 +29,7 @@ func KgAttachmentOpenCache(rid string) string {
|
||||
return fmt.Sprintf("attachment-open#%s", rid)
|
||||
}
|
||||
|
||||
func OpenAttachmentByRID(rid string, preview bool, region ...string) (url string, mimetype string, err error) {
|
||||
func OpenAttachmentByRID(rid string, preferredSize int, region ...string) (url string, filesize int64, mimetype string, err error) {
|
||||
var result *openAttachmentResult
|
||||
if val, err := cachekit.Get[openAttachmentResult](
|
||||
gap.Ca,
|
||||
@ -65,6 +66,8 @@ func OpenAttachmentByRID(rid string, preview bool, region ...string) (url string
|
||||
mimetype = result.Attachment.MimeType
|
||||
}
|
||||
|
||||
filesize = result.Attachment.Size
|
||||
|
||||
var dest models.BaseDestination
|
||||
var rawDest []byte
|
||||
|
||||
@ -138,15 +141,17 @@ func OpenAttachmentByRID(rid string, preview bool, region ...string) (url string
|
||||
nurl.QueryEscape(filepath.Join(destConfigured.Path, result.Attachment.Uuid)),
|
||||
)
|
||||
}
|
||||
if len(destConfigured.ImageProxyURL) > 0 && preview {
|
||||
size := viper.GetInt("imageproxy.size")
|
||||
url = fmt.Sprintf(
|
||||
"%s/%dx%d,fit/%s",
|
||||
destConfigured.ImageProxyURL,
|
||||
size,
|
||||
size,
|
||||
url,
|
||||
)
|
||||
if strings.HasPrefix(mimetype, "image") && filesize >= viper.GetInt64("traffic.minimum_size") {
|
||||
if len(destConfigured.ImageProxyURL) > 0 && preferredSize > 0 {
|
||||
url = fmt.Sprintf(
|
||||
"%s/%dx%d,fit/%s",
|
||||
destConfigured.ImageProxyURL,
|
||||
preferredSize,
|
||||
preferredSize,
|
||||
url,
|
||||
)
|
||||
filesize = int64(preferredSize * preferredSize)
|
||||
}
|
||||
}
|
||||
return
|
||||
default:
|
||||
|
@ -27,8 +27,9 @@ path = "uploads/permanent"
|
||||
access_baseurl = "http://192.168.50.133:8004"
|
||||
image_proxy_baseurl = "https://io.sn.solsynth.dev"
|
||||
|
||||
[imageproxy]
|
||||
size = 1024
|
||||
[traffic]
|
||||
maximum_size = 20971520
|
||||
minimum_size = 1048576
|
||||
|
||||
[security]
|
||||
internal_public_key = "keys/internal_public_key.pem"
|
||||
|
Loading…
x
Reference in New Issue
Block a user