shareoverlan/dist/controller/UploadHandle.js

Simple local file sharing over LAN.

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const fs_extra_1 = __importDefault(require("fs-extra"));
const path_1 = __importDefault(require("path"));
const fs_1 = __importDefault(require("fs"));
// Define safe project root
const baseDir = path_1.default.resolve(process.cwd());
const handleError = (err, res) => {
    console.log("File upload error:", err);
    res.status(500).contentType("text/plain").end("Oops! Something went wrong!");
};
const UploadHandle = (req, res) => {
    if (!req.file) {
        res.status(400).send("No file uploaded.");
        return;
    }
    // Get current dir from query
    const currentDirQuery = req.query.currentdir || "./";
    if (typeof currentDirQuery !== "string") {
        res.status(400).send("Missing or invalid 'currentdir' query");
        return;
    }
    const resolvedDir = path_1.default.resolve(baseDir, currentDirQuery);
    // Check that it stays inside baseDir
    if (!resolvedDir.startsWith(baseDir)) {
        console.warn(`Blocked attempt to upload outside baseDir: ${resolvedDir}`);
        res.status(403).send("Forbidden");
        return;
    }
    // Ensure target dir exists
    if (!fs_1.default.existsSync(resolvedDir)) {
        fs_1.default.mkdirSync(resolvedDir, { recursive: true });
    }
    const tempPath = req.file.path;
    const originalname = req.file.originalname;
    const targetPath = path_1.default.join(resolvedDir, originalname);
    fs_extra_1.default
        .move(tempPath, targetPath, { overwrite: true })
        .then(() => {
        res.status(200).json({ message: "File uploaded!" });
    })
        .catch((error) => {
        handleError(error, res);
    });
};
exports.default = UploadHandle;
//# sourceMappingURL=UploadHandle.js.map