kamp/pingvin-share
1
0
Fork 0
mirror of https://github.com/stonith404/pingvin-share.git synced 2024-10-02 09:30:10 +02:00
Code

feature: Added "never" expiration date

Browse Source
This commit is contained in:
Steve Tautonico 2022-10-12 16:59:04 -04:00
parent 69ee88aebc
commit 56349c6f4c
No known key found for this signature in database
GPG Key ID: 6422E5D217FC628B
9 changed files with 406 additions and 390 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
backend/src/auth/jobs/jobs.service.ts
View File

@ -2,36 +2,41 @@ import { Injectable } from "@nestjs/common";
import { Cron } from "@nestjs/schedule"; import { Cron } from "@nestjs/schedule";
import { FileService } from "src/file/file.service"; import { FileService } from "src/file/file.service";
import { PrismaService } from "src/prisma/prisma.service"; import { PrismaService } from "src/prisma/prisma.service";
import * as moment from "moment";
@Injectable() @Injectable()
export class JobsService { export class JobsService {
constructor( constructor(
private prisma: PrismaService, private prisma: PrismaService,
private fileService: FileService private fileService: FileService
) {} ) {
@Cron("0 * * * *")
async deleteExpiredShares() {
const expiredShares = await this.prisma.share.findMany({
where: { expiration: { lt: new Date() } },
});
for (const expiredShare of expiredShares) {
await this.prisma.share.delete({
where: { id: expiredShare.id },
});
await this.fileService.deleteAllFiles(expiredShare.id);
} }
console.log(`job: deleted ${expiredShares.length} expired shares`); @Cron("0 * * * *")
} async deleteExpiredShares() {
const expiredShares = await this.prisma.share.findMany({
where: {
// We want to remove only shares that have an expiration date less than the current date, but not 0
AND: [{expiration: {lt: new Date()}}, {expiration: {not: moment(0).toDate()}}]
},
});
@Cron("0 * * * *") for (const expiredShare of expiredShares) {
async deleteExpiredRefreshTokens() { await this.prisma.share.delete({
const expiredShares = await this.prisma.refreshToken.deleteMany({ where: {id: expiredShare.id},
where: { expiresAt: { lt: new Date() } }, });
});
console.log(`job: deleted ${expiredShares.count} expired refresh tokens`); await this.fileService.deleteAllFiles(expiredShare.id);
} }
console.log(`job: deleted ${expiredShares.length} expired shares`);
}
@Cron("0 * * * *")
async deleteExpiredRefreshTokens() {
const expiredShares = await this.prisma.refreshToken.deleteMany({
where: {expiresAt: {lt: new Date()}},
});
console.log(`job: deleted ${expiredShares.count} expired refresh tokens`);
}
} }

2
backend/src/share/guard/shareSecurity.guard.ts
View File

@ -33,7 +33,7 @@ export class ShareSecurityGuard implements CanActivate {
include: { security: true }, include: { security: true },
}); });
if (!share || moment().isAfter(share.expiration)) if (!share || (moment().isAfter(share.expiration) && moment(share.expiration).unix() !== 0))
throw new NotFoundException("Share not found"); throw new NotFoundException("Share not found");
if (!share.security) return true; if (!share.security) return true;

353
backend/src/share/share.service.ts
View File

@ -1,8 +1,8 @@
import { import {
BadRequestException, BadRequestException,
ForbiddenException, ForbiddenException,
Injectable, Injectable,
NotFoundException, NotFoundException,
} from "@nestjs/common"; } from "@nestjs/common";
import { ConfigService } from "@nestjs/config"; import { ConfigService } from "@nestjs/config";
import { JwtService } from "@nestjs/jwt"; import { JwtService } from "@nestjs/jwt";
@ -17,184 +17,195 @@ import { CreateShareDTO } from "./dto/createShare.dto";
@Injectable() @Injectable()
export class ShareService { export class ShareService {
constructor( constructor(
private prisma: PrismaService, private prisma: PrismaService,
private fileService: FileService, private fileService: FileService,
private config: ConfigService, private config: ConfigService,
private jwtService: JwtService private jwtService: JwtService
) {} ) {
async create(share: CreateShareDTO, user: User) {
if (!(await this.isShareIdAvailable(share.id)).isAvailable)
throw new BadRequestException("Share id already in use");
if (!share.security || Object.keys(share.security).length == 0)
share.security = undefined;
if (share.security?.password) {
share.security.password = await argon.hash(share.security.password);
} }
const expirationDate = moment() async create(share: CreateShareDTO, user: User) {
.add( if (!(await this.isShareIdAvailable(share.id)).isAvailable)
share.expiration.split("-")[0], throw new BadRequestException("Share id already in use");
share.expiration.split("-")[1] as moment.unitOfTime.DurationConstructor
)
.toDate();
// Throw error if expiration date is now if (!share.security || Object.keys(share.security).length == 0)
if (expirationDate.setMilliseconds(0) == new Date().setMilliseconds(0)) share.security = undefined;
throw new BadRequestException("Invalid expiration date");
return await this.prisma.share.create({ if (share.security?.password) {
data: { share.security.password = await argon.hash(share.security.password);
...share, }
expiration: expirationDate,
creator: { connect: { id: user.id } },
security: { create: share.security },
},
});
}
async createZip(shareId: string) { // We have to add an exception for "never" (since moment won't like that)
const path = `./data/uploads/shares/${shareId}`; let expirationDate;
if (share.expiration !== "never") {
expirationDate = moment()
.add(
share.expiration.split("-")[0],
share.expiration.split("-")[1] as moment.unitOfTime.DurationConstructor
)
.toDate();
const files = await this.prisma.file.findMany({ where: { shareId } }); // Throw error if expiration date is now
const archive = archiver("zip", { if (expirationDate.setMilliseconds(0) == new Date().setMilliseconds(0))
zlib: { level: 9 }, throw new BadRequestException("Invalid expiration date");
}); } else {
const writeStream = fs.createWriteStream(`${path}/archive.zip`); expirationDate = moment(0).toDate();
}
for (const file of files) { return await this.prisma.share.create({
archive.append(fs.createReadStream(`${path}/${file.id}`), { data: {
name: file.name, ...share,
}); expiration: expirationDate,
creator: {connect: {id: user.id}},
security: {create: share.security},
},
});
} }
archive.pipe(writeStream); async createZip(shareId: string) {
await archive.finalize(); const path = `./data/uploads/shares/${shareId}`;
}
async complete(id: string) { const files = await this.prisma.file.findMany({where: {shareId}});
const moreThanOneFileInShare = const archive = archiver("zip", {
(await this.prisma.file.findMany({ where: { shareId: id } })).length != 0; zlib: {level: 9},
});
const writeStream = fs.createWriteStream(`${path}/archive.zip`);
if (!moreThanOneFileInShare) for (const file of files) {
throw new BadRequestException( archive.append(fs.createReadStream(`${path}/${file.id}`), {
"You need at least on file in your share to complete it." name: file.name,
); });
}
this.createZip(id).then(() => archive.pipe(writeStream);
this.prisma.share.update({ where: { id }, data: { isZipReady: true } }) await archive.finalize();
); }
return await this.prisma.share.update({ async complete(id: string) {
where: { id }, const moreThanOneFileInShare =
data: { uploadLocked: true }, (await this.prisma.file.findMany({where: {shareId: id}})).length != 0;
});
} if (!moreThanOneFileInShare)
throw new BadRequestException(
async getSharesByUser(userId: string) { "You need at least on file in your share to complete it."
return await this.prisma.share.findMany({ );
where: { creator: { id: userId }, expiration: { gt: new Date() } },
}); this.createZip(id).then(() =>
} this.prisma.share.update({where: {id}, data: {isZipReady: true}})
);
async get(id: string) {
let share: any = await this.prisma.share.findUnique({ return await this.prisma.share.update({
where: { id }, where: {id},
include: { data: {uploadLocked: true},
files: true, });
creator: true, }
},
}); async getSharesByUser(userId: string) {
return await this.prisma.share.findMany({
if (!share || !share.uploadLocked) where: {
throw new NotFoundException("Share not found"); creator: {id: userId},
// We want to grab any shares that are not expired or have their expiration date set to "never" (unix 0)
share.files = share.files.map((file) => { OR: [{expiration: {gt: new Date()}}, {expiration: {equals: moment(0).toDate()}}]
file["url"] = `http://localhost:8080/file/${file.id}`; },
return file; });
}); }
await this.increaseViewCount(share); async get(id: string) {
let share: any = await this.prisma.share.findUnique({
return share; where: {id},
} include: {
files: true,
async getMetaData(id: string) { creator: true,
const share = await this.prisma.share.findUnique({ },
where: { id }, });
});
if (!share || !share.uploadLocked)
if (!share || !share.uploadLocked) throw new NotFoundException("Share not found");
throw new NotFoundException("Share not found");
share.files = share.files.map((file) => {
return share; file["url"] = `http://localhost:8080/file/${file.id}`;
} return file;
});
async remove(shareId: string) {
const share = await this.prisma.share.findUnique({ await this.increaseViewCount(share);
where: { id: shareId },
}); return share;
}
if (!share) throw new NotFoundException("Share not found");
async getMetaData(id: string) {
await this.fileService.deleteAllFiles(shareId); const share = await this.prisma.share.findUnique({
await this.prisma.share.delete({ where: { id: shareId } }); where: {id},
} });
async isShareCompleted(id: string) { if (!share || !share.uploadLocked)
return (await this.prisma.share.findUnique({ where: { id } })).uploadLocked; throw new NotFoundException("Share not found");
}
return share;
async isShareIdAvailable(id: string) { }
const share = await this.prisma.share.findUnique({ where: { id } });
return { isAvailable: !share }; async remove(shareId: string) {
} const share = await this.prisma.share.findUnique({
where: {id: shareId},
async increaseViewCount(share: Share) { });
await this.prisma.share.update({
where: { id: share.id }, if (!share) throw new NotFoundException("Share not found");
data: { views: share.views + 1 },
}); await this.fileService.deleteAllFiles(shareId);
} await this.prisma.share.delete({where: {id: shareId}});
}
async exchangeSharePasswordWithToken(shareId: string, password: string) {
const sharePassword = ( async isShareCompleted(id: string) {
await this.prisma.shareSecurity.findFirst({ return (await this.prisma.share.findUnique({where: {id}})).uploadLocked;
where: { share: { id: shareId } }, }
})
).password; async isShareIdAvailable(id: string) {
const share = await this.prisma.share.findUnique({where: {id}});
if (!(await argon.verify(sharePassword, password))) return {isAvailable: !share};
throw new ForbiddenException("Wrong password"); }
const token = this.generateShareToken(shareId); async increaseViewCount(share: Share) {
return { token }; await this.prisma.share.update({
} where: {id: share.id},
data: {views: share.views + 1},
generateShareToken(shareId: string) { });
return this.jwtService.sign( }
{
shareId, async exchangeSharePasswordWithToken(shareId: string, password: string) {
}, const sharePassword = (
{ await this.prisma.shareSecurity.findFirst({
expiresIn: "1h", where: {share: {id: shareId}},
secret: this.config.get("JWT_SECRET"), })
} ).password;
);
} if (!(await argon.verify(sharePassword, password)))
throw new ForbiddenException("Wrong password");
verifyShareToken(shareId: string, token: string) {
try { const token = this.generateShareToken(shareId);
const claims = this.jwtService.verify(token, { return {token};
secret: this.config.get("JWT_SECRET"), }
});
generateShareToken(shareId: string) {
return claims.shareId == shareId; return this.jwtService.sign(
} catch { {
return false; shareId,
},
{
expiresIn: "1h",
secret: this.config.get("JWT_SECRET"),
}
);
}
verifyShareToken(shareId: string, token: string) {
try {
const claims = this.jwtService.verify(token, {
secret: this.config.get("JWT_SECRET"),
});
return claims.shareId == shareId;
} catch {
return false;
}
} }
}
} }

254
frontend/src/components/share/CreateUploadModalBody.tsx
View File

@ -1,14 +1,14 @@
import { import {
Accordion, Accordion,
Button, Button,
Col, Col,
Grid, Grid,
NumberInput, NumberInput,
PasswordInput, PasswordInput,
Select, Select,
Stack, Stack,
Text, Text,
TextInput, TextInput,
} from "@mantine/core"; } from "@mantine/core";
import { useForm, yupResolver } from "@mantine/form"; import { useForm, yupResolver } from "@mantine/form";
import { useModals } from "@mantine/modals"; import { useModals } from "@mantine/modals";
@ -17,129 +17,127 @@ import shareService from "../../services/share.service";
import { ShareSecurity } from "../../types/share.type"; import { ShareSecurity } from "../../types/share.type";
const CreateUploadModalBody = ({ const CreateUploadModalBody = ({
uploadCallback, uploadCallback,
}: { }: {
uploadCallback: ( uploadCallback: (
id: string, id: string,
expiration: string, expiration: string,
security: ShareSecurity security: ShareSecurity
) => void; ) => void;
}) => { }) => {
const modals = useModals(); const modals = useModals();
const validationSchema = yup.object().shape({ const validationSchema = yup.object().shape({
link: yup link: yup
.string() .string()
.required() .required()
.min(3) .min(3)
.max(100) .max(100)
.matches(new RegExp("^[a-zA-Z0-9_-]*$"), { .matches(new RegExp("^[a-zA-Z0-9_-]*$"), {
message: "Can only contain letters, numbers, underscores and hyphens", message: "Can only contain letters, numbers, underscores and hyphens",
}), }),
password: yup.string().min(3).max(30), password: yup.string().min(3).max(30),
maxViews: yup.number().min(1), maxViews: yup.number().min(1),
}); });
const form = useForm({ const form = useForm({
initialValues: { initialValues: {
link: "", link: "",
password: undefined, password: undefined,
maxViews: undefined, maxViews: undefined,
expiration: "1-day", expiration: "1-day",
}, },
validate: yupResolver(validationSchema), validate: yupResolver(validationSchema),
}); });
return ( return (
<form <form
onSubmit={form.onSubmit(async (values) => { onSubmit={form.onSubmit(async (values) => {
if (!(await shareService.isShareIdAvailable(values.link))) { if (!(await shareService.isShareIdAvailable(values.link))) {
form.setFieldError("link", "This link is already in use"); form.setFieldError("link", "This link is already in use");
} else { } else {
uploadCallback(values.link, values.expiration, { uploadCallback(values.link, values.expiration, {
password: values.password, password: values.password,
maxViews: values.maxViews, maxViews: values.maxViews,
}); });
modals.closeAll(); modals.closeAll();
} }
})} })}
>
<Stack align="stretch">
<Grid align={form.errors.link ? "center" : "flex-end"}>
<Col xs={9}>
<TextInput
variant="filled"
label="Link"
placeholder="myAwesomeShare"
{...form.getInputProps("link")}
/>
</Col>
<Col xs={3}>
<Button
variant="outline"
onClick={() =>
form.setFieldValue(
"link",
Buffer.from(Math.random().toString(), "utf8")
.toString("base64")
.substr(10, 7)
)
}
>
Generate
</Button>
</Col>
</Grid>
<Text
size="xs"
sx={(theme) => ({
color: theme.colors.gray[6],
})}
> >
{window.location.origin}/share/ <Stack align="stretch">
{form.values.link == "" ? "myAwesomeShare" : form.values.link} <Grid align={form.errors.link ? "center" : "flex-end"}>
</Text> <Col xs={9}>
<Select <TextInput
label="Expiration" variant="filled"
{...form.getInputProps("expiration")} label="Link"
data={[ placeholder="myAwesomeShare"
{ {...form.getInputProps("link")}
value: "10-minutes", />
label: "10 Minutes", </Col>
}, <Col xs={3}>
{ value: "1-hour", label: "1 Hour" }, <Button
{ value: "1-day", label: "1 Day" }, variant="outline"
{ value: "1-week".toString(), label: "1 Week" }, onClick={() =>
{ value: "1-month", label: "1 Month" }, form.setFieldValue(
]} "link",
/> Buffer.from(Math.random().toString(), "utf8")
<Accordion> .toString("base64")
<Accordion.Item value="security" sx={{ borderBottom: "none" }}> .substr(10, 7)
<Accordion.Control>Security options</Accordion.Control> )
<Accordion.Panel> }
<Stack align="stretch"> >
<PasswordInput Generate
variant="filled" </Button>
placeholder="No password" </Col>
label="Password protection" </Grid>
{...form.getInputProps("password")}
<Text
size="xs"
sx={(theme) => ({
color: theme.colors.gray[6],
})}
>
{window.location.origin}/share/
{form.values.link == "" ? "myAwesomeShare" : form.values.link}
</Text>
<Select
label="Expiration"
{...form.getInputProps("expiration")}
data={[
{value: "never", label: "Never"},
{value: "10-minutes", label: "10 Minutes"},
{value: "1-hour", label: "1 Hour"},
{value: "1-day", label: "1 Day"},
{value: "1-week", label: "1 Week"},
{value: "1-month", label: "1 Month"},
]}
/> />
<NumberInput <Accordion>
min={1} <Accordion.Item value="security" sx={{borderBottom: "none"}}>
type="number" <Accordion.Control>Security options</Accordion.Control>
variant="filled" <Accordion.Panel>
placeholder="No limit" <Stack align="stretch">
label="Maximal views" <PasswordInput
{...form.getInputProps("maxViews")} variant="filled"
/> placeholder="No password"
</Stack> label="Password protection"
</Accordion.Panel> {...form.getInputProps("password")}
</Accordion.Item> />
</Accordion> <NumberInput
<Button type="submit">Share</Button> min={1}
</Stack> type="number"
</form> variant="filled"
); placeholder="No limit"
label="Maximal views"
{...form.getInputProps("maxViews")}
/>
</Stack>
</Accordion.Panel>
</Accordion.Item>
</Accordion>
<Button type="submit">Share</Button>
</Stack>
</form>
);
}; };
export default CreateUploadModalBody; export default CreateUploadModalBody;

2
frontend/src/components/share/showEnterPasswordModal.tsx
View File

@ -1,4 +1,4 @@
import { Button, Group, PasswordInput, Stack, Text, Title } from "@mantine/core"; import { Button, PasswordInput, Stack, Text, Title } from "@mantine/core";
import { ModalsContextProps } from "@mantine/modals/lib/context"; import { ModalsContextProps } from "@mantine/modals/lib/context";
import { useState } from "react"; import { useState } from "react";

2
frontend/src/components/share/showErrorModal.tsx
View File

@ -1,4 +1,4 @@
import { Button, Group, Stack, Text, Title } from "@mantine/core"; import { Button, Stack, Text, Title } from "@mantine/core";
import { useModals } from "@mantine/modals"; import { useModals } from "@mantine/modals";
import { ModalsContextProps } from "@mantine/modals/lib/context"; import { ModalsContextProps } from "@mantine/modals/lib/context";
import { useRouter } from "next/router"; import { useRouter } from "next/router";

2
frontend/src/components/upload/Dropzone.tsx
View File

@ -4,7 +4,6 @@ import {
createStyles, createStyles,
Group, Group,
Text, Text,
useMantineTheme,
} from "@mantine/core"; } from "@mantine/core";
import { Dropzone as MantineDropzone } from "@mantine/dropzone"; import { Dropzone as MantineDropzone } from "@mantine/dropzone";
import getConfig from "next/config"; import getConfig from "next/config";
@ -46,7 +45,6 @@ const Dropzone = ({
isUploading: boolean; isUploading: boolean;
setFiles: Dispatch<SetStateAction<File[]>>; setFiles: Dispatch<SetStateAction<File[]>>;
}) => { }) => {
const theme = useMantineTheme();
const { classes } = useStyles(); const { classes } = useStyles();
const openRef = useRef<() => void>(); const openRef = useRef<() => void>();
return ( return (

120
frontend/src/components/upload/showCompletedUploadModal.tsx
View File

@ -1,11 +1,10 @@
import { import {
ActionIcon, ActionIcon,
Button, Button,
Group, Stack,
Stack, Text,
Text, TextInput,
TextInput, Title
Title
} from "@mantine/core"; } from "@mantine/core";
import { useClipboard } from "@mantine/hooks"; import { useClipboard } from "@mantine/hooks";
import { useModals } from "@mantine/modals"; import { useModals } from "@mantine/modals";
@ -17,62 +16,65 @@ import { Share } from "../../types/share.type";
import toast from "../../utils/toast.util"; import toast from "../../utils/toast.util";
const showCompletedUploadModal = ( const showCompletedUploadModal = (
modals: ModalsContextProps, modals: ModalsContextProps,
share: Share, share: Share,
) => { ) => {
return modals.openModal({ return modals.openModal({
closeOnClickOutside: false, closeOnClickOutside: false,
withCloseButton: false, withCloseButton: false,
closeOnEscape: false, closeOnEscape: false,
title: ( title: (
<Stack align="stretch" spacing={0}> <Stack align="stretch" spacing={0}>
<Title order={4}>Share ready</Title> <Title order={4}>Share ready</Title>
</Stack> </Stack>
), ),
children: <Body share={share} />, children: <Body share={share}/>,
}); });
}; };
const Body = ({ share }: { share: Share }) => { const Body = ({share}: { share: Share }) => {
const clipboard = useClipboard({ timeout: 500 }); const clipboard = useClipboard({timeout: 500});
const modals = useModals(); const modals = useModals();
const router = useRouter(); const router = useRouter();
const link = `${window.location.origin}/share/${share.id}`; const link = `${window.location.origin}/share/${share.id}`;
return ( return (
<Stack align="stretch"> <Stack align="stretch">
<TextInput <TextInput
variant="filled" variant="filled"
value={link} value={link}
rightSection={ rightSection={
<ActionIcon <ActionIcon
onClick={() => { onClick={() => {
clipboard.copy(link); clipboard.copy(link);
toast.success("Your link was copied to the keyboard."); toast.success("Your link was copied to the keyboard.");
}} }}
> >
<Copy /> <Copy/>
</ActionIcon> </ActionIcon>
} }
/> />
<Text <Text
size="xs" size="xs"
sx={(theme) => ({ sx={(theme) => ({
color: theme.colors.gray[6], color: theme.colors.gray[6],
})} })}
> >
Your share expires at {moment(share.expiration).format("LLL")} {/* If our share.expiration is timestamp 0, show a different message */}
</Text> {moment(share.expiration).unix() === 0
? "This share will never expire."
: `This share will expire on ${moment(share.expiration).format("LLL")}`}
</Text>
<Button <Button
onClick={() => { onClick={() => {
modals.closeAll(); modals.closeAll();
router.push("/upload"); router.push("/upload");
}} }}
> >
Done Done
</Button> </Button>
</Stack> </Stack>
); );
}; };
export default showCompletedUploadModal; export default showCompletedUploadModal;

4
frontend/src/pages/account/shares.tsx
View File

@ -65,7 +65,9 @@ const MyShares = () => {
<td>{share.id}</td> <td>{share.id}</td>
<td>{share.views}</td> <td>{share.views}</td>
<td> <td>
{moment(share.expiration).format("MMMM DD YYYY, HH:mm")} {moment(share.expiration).unix() === 0
? "Never"
: moment(share.expiration).format("MMMM DD YYYY, HH:mm")}
</td> </td>
<td> <td>
<Group position="right"> <Group position="right">