Jonatan Nilsson
58553f3e34
Breaking: Renamed name to filename when listing files in folder. Breaking: Fixed the schema response for /media/resize. It is now consistent with other upload methods.
78 lines
2.1 KiB
JavaScript
78 lines
2.1 KiB
JavaScript
import { HttpError } from '../error.mjs'
|
|
import decode from '../jwt/decode.mjs'
|
|
import config from '../config.mjs'
|
|
|
|
export function verifyToken(ctx) {
|
|
let token = ctx.query.get('token')
|
|
if (!token) {
|
|
throw new HttpError('Token is missing in query', 422)
|
|
}
|
|
|
|
let org = config.get('sites')
|
|
let sites = {}
|
|
for (let key in org) {
|
|
if (org.hasOwnProperty(key)) {
|
|
sites[key] = org[key].keys
|
|
}
|
|
}
|
|
|
|
try {
|
|
let decoded = decode(token, sites, [])
|
|
return decoded.iss
|
|
} catch (err) {
|
|
ctx.log.error(err, 'Error decoding token: ' + token)
|
|
throw new HttpError('Token was invalid', 422)
|
|
}
|
|
}
|
|
|
|
export function throwIfNotPublic(site) {
|
|
let sites = config.get('sites')
|
|
if (!sites[site] || sites[site].public !== true) {
|
|
throw new HttpError(`Requested site ${site} did not exist`, 404)
|
|
}
|
|
}
|
|
|
|
export function verifyBody(ctx) {
|
|
let keys = Object.keys(ctx.req.body)
|
|
|
|
for (let key of keys) {
|
|
if (key === 'filename' || key === 'path') {
|
|
throw new HttpError('Body item with name filename or path is not allowed', 422)
|
|
}
|
|
let item = ctx.req.body[key]
|
|
|
|
if (typeof(item) !== 'object'
|
|
|| !item
|
|
|| Array.isArray(item)) {
|
|
throw new HttpError(`Body item ${key} was not valid`, 422)
|
|
}
|
|
|
|
if (typeof(item.format) !== 'string'
|
|
|| !item.format
|
|
|| item.format === 'resize'
|
|
|| item.format === 'out') {
|
|
throw new HttpError(`Body item ${key} missing valid format`, 422)
|
|
}
|
|
|
|
if (typeof(item[item.format]) !== 'object'
|
|
|| !item[item.format]
|
|
|| Array.isArray(item[item.format])) {
|
|
throw new HttpError(`Body item ${key} options for format ${item.format} was not valid`, 422)
|
|
}
|
|
|
|
if (item.out != null) {
|
|
if (typeof(item.out) !== 'string'
|
|
|| (item.out !== '' && item.out !== 'file' && item.out !== 'base64')
|
|
) {
|
|
throw new HttpError(`Body item ${key} key out was invalid`, 422)
|
|
}
|
|
}
|
|
|
|
if (item.resize != null) {
|
|
if (typeof(item.resize) !== 'object'
|
|
|| Array.isArray(item.resize)) {
|
|
throw new HttpError(`Body item ${key} key resize was invalid`, 422)
|
|
}
|
|
}
|
|
}
|
|
}
|