sirtimbly/bewcloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7fac7febcfeabd542164f6af7c9402f5e46a0172
bewcloud/routes/file-share/[fileShareId]/open/[fileName].tsx
Bruno Bernardino 7fac7febcf Public File Sharing (#72) 
* Public File Sharing

This implements public file sharing (read-only) with and without passwords (#57).

It also fixes a problem with filenames including special characters like `#` not working properly (#71).

You can share a directory or a single file, by using the new share icon on the right of the directories/files, and click on it to manage an existing file share (setting a new password, or deleting the file share).

There is some other minor cleanup and other copy updates in the README.

Closes #57
Fixes #71

* Hide UI elements when sharing isn't allowed
2025-06-20 12:04:16 +01:00

83 lines
2.7 KiB
TypeScript
Raw Blame History

import { Handlers } from 'fresh/server.ts';
import { join } from 'std/path/join.ts';
import { FreshContextState } from '/lib/types.ts';
import { ensureFileSharePathIsValidAndSecurelyAccessible, FileModel, FileShareModel } from '/lib/models/files.ts';
import { AppConfig } from '/lib/config.ts';
interface Data {}
export const handler: Handlers<Data, FreshContextState> = {
async GET(request, context) {
const { fileShareId, fileName } = context.params;
if (!fileShareId || !fileName) {
return new Response('Not Found', { status: 404 });
}
const isPublicFileSharingAllowed = await AppConfig.isPublicFileSharingAllowed();
if (!isPublicFileSharingAllowed) {
return new Response('Not Found', { status: 404 });
}
const fileShare = await FileShareModel.getById(fileShareId);
if (!fileShare) {
return new Response('Not Found', { status: 404 });
}
if (fileShare.extra.hashed_password) {
const { fileShareId: fileShareIdFromSession, hashedPassword: hashedPasswordFromSession } =
(await FileShareModel.getDataFromRequest(request)) || {};
if (
!fileShareIdFromSession || fileShareIdFromSession !== fileShareId ||
hashedPasswordFromSession !== fileShare.extra.hashed_password
) {
return new Response('Redirect', { status: 303, headers: { 'Location': `/file-share/${fileShareId}/verify` } });
}
}
const searchParams = new URL(request.url).searchParams;
let currentPath = searchParams.get('path') || '/';
// Send invalid paths back to root
if (!currentPath.startsWith('/') || currentPath.includes('../')) {
currentPath = '/';
}
// Always append a trailing slash
if (!currentPath.endsWith('/')) {
currentPath = `${currentPath}/`;
}
// Confirm that currentPath is not _outside_ the fileShare.file_path
await ensureFileSharePathIsValidAndSecurelyAccessible(fileShare.user_id, fileShare.file_path, currentPath);
const isFileSharePathDirectory = fileShare.file_path.endsWith('/');
const fileSharePathDirectory = isFileSharePathDirectory
? fileShare.file_path
: `${fileShare.file_path.split('/').slice(0, -1).join('/')}/`;
currentPath = isFileSharePathDirectory ? join(fileShare.file_path, currentPath) : fileSharePathDirectory;
const fileResult = await FileModel.get(fileShare.user_id, currentPath, decodeURIComponent(fileName));
if (!fileResult.success) {
return new Response('Not Found', { status: 404 });
}
return new Response(fileResult.contents!, {
status: 200,
headers: {
'cache-control': 'no-cache, no-store, must-revalidate',
'content-type': fileResult.contentType!,
'content-length': fileResult.byteSize!.toString(),
},
});
},
};
Reference in New Issue View Git Blame Copy Permalink