Update index.ts
This commit is contained in:
+39
-52
@@ -76,7 +76,7 @@ console.log("Server starting with valid 'secrets.json'.")
|
||||
|
||||
function checkHeaderKey(headers: Record<string, string | undefined>, expectList: string[] = [INSTANT_KEY]) {
|
||||
const key = headers["x-instant-key"]
|
||||
if (!expectList.includes(key ?? "")) throw new HttpError(401, "Invalid authentication key")
|
||||
if (!expectList.includes(key ?? "")) done(401, "Invalid authentication key")
|
||||
}
|
||||
|
||||
export const app = new Elysia()
|
||||
@@ -167,65 +167,52 @@ export const app = new Elysia()
|
||||
})
|
||||
|
||||
// ----- 3. GET /photos/:id (Static File) -----
|
||||
// Returns the static file for the *edited* photo.
|
||||
// Respects the 'hide' flag.
|
||||
.get("/photos/:id", async ({ body }) => {
|
||||
const { id } = body
|
||||
const metadata = await getMetadata()
|
||||
const photo = metadata.find((p) => p.id === id)
|
||||
// Returns the static file for the *edited* photo.
|
||||
// Respects the 'hide' flag.
|
||||
.get("/photos/:id", async ({ body }) => {
|
||||
const { id } = body
|
||||
const metadata = await getMetadata()
|
||||
const photo = metadata.find((p) => p.id === id)
|
||||
|
||||
// Not found or hidden
|
||||
if (!photo || photo.hide === true) throw done(404, "Photo not found")
|
||||
// Not found or hidden
|
||||
if (!photo || photo.hide === true) throw done(404, "Photo not found")
|
||||
|
||||
const file = Bun.file(photo.edited_photo.path)
|
||||
if (!(await file.exists())) {
|
||||
console.error(`Missing file for ID ${id} at ${photo.edited_photo.path}`)
|
||||
done(404, "Photo file not found on disk")
|
||||
}
|
||||
return file
|
||||
}, {
|
||||
body: t.Object({ id: t.String() })
|
||||
})
|
||||
const file = Bun.file(photo.edited_photo.path)
|
||||
if (!(await file.exists())) {
|
||||
console.error(`Missing file for ID ${id} at ${photo.edited_photo.path}`)
|
||||
done(404, "Photo file not found on disk")
|
||||
}
|
||||
return file
|
||||
}, {
|
||||
body: t.Object({ id: t.String() })
|
||||
})
|
||||
|
||||
// ----- 4. POST /edit -----
|
||||
// Edits a specific field in the metadata.
|
||||
.post("/edit", async ({ body, status }) => {
|
||||
const { id, key, field, value } = body
|
||||
const metadata = await getMetadata()
|
||||
// ----- 4. POST /edit -----
|
||||
// Edits a specific field in the metadata.
|
||||
.post("/edit", async ({ headers, body, status }) => {
|
||||
const { id, key, field, value } = body
|
||||
const metadata = await getMetadata()
|
||||
|
||||
const photoIndex = metadata.findIndex((p) => p.id === id)
|
||||
if (photoIndex === -1) throw
|
||||
const photoIndex = metadata.findIndex((p) => p.id === id)
|
||||
if (photoIndex === -1) done(404, "Photo not found")
|
||||
|
||||
const photo = metadata[photoIndex]
|
||||
const photo = metadata[photoIndex]
|
||||
checkHeaderKey(headers, [photo.owner_key, INSTANT_KEY])
|
||||
|
||||
// Check authentication (owner key OR site key)
|
||||
if (key !== photo.owner_key && key !== INSTANT_KEY) {
|
||||
throw new HttpError(401, "Invalid authentication key")
|
||||
}
|
||||
// Prevent editing core, protected fields
|
||||
const protectedFields = ["id", "owner_key", "upload_time", "original_photo", "edited_photo"]
|
||||
if (protectedFields.includes(field)) done(400, `Cannot edit protected field: ${field}`)
|
||||
|
||||
// Prevent editing core, protected fields
|
||||
const protectedFields = ["id", "owner_key", "upload_time", "original_photo", "edited_photo"]
|
||||
if (protectedFields.includes(field)) {
|
||||
throw new HttpError(400, `Cannot edit protected field: ${field}`)
|
||||
}
|
||||
// Apply the edit
|
||||
console.log(`Editing photo ${id}: Set ${field} = ${value}`)
|
||||
photo[field] = value
|
||||
metadata[photoIndex] = photo // Update the photo in the main array
|
||||
|
||||
// Apply the edit
|
||||
console.log(`Editing photo ${id}: Set ${field} = ${value}`)
|
||||
photo[field] = value
|
||||
metadata[photoIndex] = photo // Update the photo in the main array
|
||||
|
||||
await saveMetadata(metadata)
|
||||
|
||||
set.status = 200 // OK
|
||||
return { success: true, id, updated: { [field]: value } }
|
||||
}, {
|
||||
body: t.Object({
|
||||
id: t.String(),
|
||||
key: t.String(),
|
||||
field: t.String(),
|
||||
value: t.Any() // Allow any type of value (boolean, string, null, etc.)
|
||||
})
|
||||
})
|
||||
await saveMetadata(metadata)
|
||||
done(200, { success: true, id, updated: { [field]: value } })
|
||||
}, {
|
||||
body: t.Object({ id: t.String(), key: t.String(), field: t.String(), value: t.Any() })
|
||||
})
|
||||
|
||||
.listen(3000)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user