UNPKG

@trap_stevo/vault-link

Version:

Unlock the ultimate gateway to secure file and directory access. VaultLink transforms your files into guarded, time-sensitive links—sealed, tamper-proof, and effortlessly shareable. Elevate your storage game with unparalleled precision and flexibility, tu

99 lines (98 loc) • 3.37 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
"use strict"; const archiver = require("archiver"); const express = require("express"); const path = require("path"); const fs = require("fs"); const { listDirectoryContents } = require("./HUDControllers/fileHandler"); const ReferenceManager = require("./HUDManagers/ReferenceManager"); const { generateHash } = require("./HUDControllers/hashHelper"); function createLinkGateway(config) { const app = express(); function verifySignature(url, signature, secretKey) { const expectedSignature = generateHash(url, secretKey); return expectedSignature === signature; } function parseNameAndReference(combined) { const separatorIndex = combined.lastIndexOf("-"); const name = combined.substring(0, separatorIndex); const reference = combined.substring(separatorIndex + 1); return { name, reference }; } app.get(`${config.linkedFileEndpoint || "/file"}/*`, (req, ress) => { const { name: fileName, reference } = parseNameAndReference(req.params[0]); const absoluteFilePath = ReferenceManager.getReference("file-paths", reference); if (!absoluteFilePath) { return ress.status(404).send("Unauthorized reference."); } const { expires, signature } = req.query; if (Number(expires) < Math.floor(Date.now() / 1000)) { return ress.status(403).send("URL expired."); } const fullUrl = `${req.protocol}://${req.get("host")}${req.originalUrl.split("&signature=")[0]}`; if (!verifySignature(fullUrl, signature, config.secretKey)) { return ress.status(403).send("Unauthorized URL."); } if (fs.existsSync(absoluteFilePath)) { ress.setHeader("Content-Disposition", `attachment; filename="${fileName}"`); ress.setHeader("Content-Type", "application/octet-stream"); ress.sendFile(absoluteFilePath); return; } ress.status(404).send("File not found."); return; }); app.get(`${config.linkedDirectoryEndpoint || "/directory"}/*`, (req, ress) => { const { name: directoryName, reference } = parseNameAndReference(req.params[0]); const absoluteDirectoryPath = ReferenceManager.getReference("file-paths", reference); if (!absoluteDirectoryPath) { return ress.status(404).send("Unauthorized reference."); } const { expires, signature } = req.query; if (Number(expires) < Math.floor(Date.now() / 1000)) { return ress.status(403).send("URL expired."); } const fullUrl = `${req.protocol}://${req.get("host")}${req.originalUrl.split("&signature=")[0]}`; if (!verifySignature(fullUrl, signature, config.secretKey)) { return ress.status(403).send("Unauthorized URL."); } if (fs.existsSync(absoluteDirectoryPath)) { ress.setHeader("Content-Disposition", `attachment; filename="${directoryName}.zip"`); ress.setHeader("Content-Type", "application/zip"); const archive = archiver("zip", { zlib: { level: 9 } }); archive.on("error", err => res.status(500).send({ error: "Did not retrieve vaulted directory." })); archive.pipe(res); archive.directory(absoluteDirectoryPath, false); archive.finalize(); return; } ress.status(404).send("Directory not found."); return; }); return app; } module.exports = createLinkGateway;