Update index.ts

This commit is contained in:
2025-10-25 22:11:10 +08:00
parent b0721ddafa
commit e9c364ba7a
+39 -52
View File
@@ -76,7 +76,7 @@ console.log("Server starting with valid 'secrets.json'.")
function checkHeaderKey(headers: Record<string, string | undefined>, expectList: string[] = [INSTANT_KEY]) {
const key = headers["x-instant-key"]
if (!expectList.includes(key ?? "")) throw new HttpError(401, "Invalid authentication key")
if (!expectList.includes(key ?? "")) done(401, "Invalid authentication key")
}
export const app = new Elysia()
@@ -167,65 +167,52 @@ export const app = new Elysia()
})
// ----- 3. GET /photos/:id (Static File) -----
// Returns the static file for the *edited* photo.
// Respects the 'hide' flag.
.get("/photos/:id", async ({ body }) => {
const { id } = body
const metadata = await getMetadata()
const photo = metadata.find((p) => p.id === id)
// Returns the static file for the *edited* photo.
// Respects the 'hide' flag.
.get("/photos/:id", async ({ body }) => {
const { id } = body
const metadata = await getMetadata()
const photo = metadata.find((p) => p.id === id)
// Not found or hidden
if (!photo || photo.hide === true) throw done(404, "Photo not found")
// Not found or hidden
if (!photo || photo.hide === true) throw done(404, "Photo not found")
const file = Bun.file(photo.edited_photo.path)
if (!(await file.exists())) {
console.error(`Missing file for ID ${id} at ${photo.edited_photo.path}`)
done(404, "Photo file not found on disk")
}
return file
}, {
body: t.Object({ id: t.String() })
})
const file = Bun.file(photo.edited_photo.path)
if (!(await file.exists())) {
console.error(`Missing file for ID ${id} at ${photo.edited_photo.path}`)
done(404, "Photo file not found on disk")
}
return file
}, {
body: t.Object({ id: t.String() })
})
// ----- 4. POST /edit -----
// Edits a specific field in the metadata.
.post("/edit", async ({ body, status }) => {
const { id, key, field, value } = body
const metadata = await getMetadata()
// ----- 4. POST /edit -----
// Edits a specific field in the metadata.
.post("/edit", async ({ headers, body, status }) => {
const { id, key, field, value } = body
const metadata = await getMetadata()
const photoIndex = metadata.findIndex((p) => p.id === id)
if (photoIndex === -1) throw
const photoIndex = metadata.findIndex((p) => p.id === id)
if (photoIndex === -1) done(404, "Photo not found")
const photo = metadata[photoIndex]
const photo = metadata[photoIndex]
checkHeaderKey(headers, [photo.owner_key, INSTANT_KEY])
// Check authentication (owner key OR site key)
if (key !== photo.owner_key && key !== INSTANT_KEY) {
throw new HttpError(401, "Invalid authentication key")
}
// Prevent editing core, protected fields
const protectedFields = ["id", "owner_key", "upload_time", "original_photo", "edited_photo"]
if (protectedFields.includes(field)) done(400, `Cannot edit protected field: ${field}`)
// Prevent editing core, protected fields
const protectedFields = ["id", "owner_key", "upload_time", "original_photo", "edited_photo"]
if (protectedFields.includes(field)) {
throw new HttpError(400, `Cannot edit protected field: ${field}`)
}
// Apply the edit
console.log(`Editing photo ${id}: Set ${field} = ${value}`)
photo[field] = value
metadata[photoIndex] = photo // Update the photo in the main array
// Apply the edit
console.log(`Editing photo ${id}: Set ${field} = ${value}`)
photo[field] = value
metadata[photoIndex] = photo // Update the photo in the main array
await saveMetadata(metadata)
set.status = 200 // OK
return { success: true, id, updated: { [field]: value } }
}, {
body: t.Object({
id: t.String(),
key: t.String(),
field: t.String(),
value: t.Any() // Allow any type of value (boolean, string, null, etc.)
})
})
await saveMetadata(metadata)
done(200, { success: true, id, updated: { [field]: value } })
}, {
body: t.Object({ id: t.String(), key: t.String(), field: t.String(), value: t.Any() })
})
.listen(3000)