contented/upload.go

138 lines
2.8 KiB
Go
Raw Normal View History

package contented
import (
2023-05-19 07:13:55 +00:00
"context"
"crypto/sha512"
"encoding/hex"
2017-10-08 01:10:15 +00:00
"encoding/json"
"io"
2017-10-08 01:10:15 +00:00
"log"
"mime"
"mime/multipart"
2017-10-08 01:10:15 +00:00
"net/http"
"path"
"strings"
"time"
)
2017-10-08 01:10:15 +00:00
func (this *Server) handleUpload(w http.ResponseWriter, r *http.Request) {
if !this.opts.EnableUpload {
http.Error(w, "Server is read-only", 403)
return
}
2017-10-15 06:11:13 +00:00
remoteIP := this.remoteIP(r)
err := r.ParseMultipartForm(0) // buffer upload in temporary files on disk, not memory
2017-10-08 01:10:15 +00:00
if err != nil {
2017-10-15 06:11:13 +00:00
log.Printf("%s Invalid request: %s\n", remoteIP, err.Error())
2017-10-08 01:10:15 +00:00
http.Error(w, "Invalid request", 400)
return
}
if r.MultipartForm == nil || r.MultipartForm.File == nil || len(r.MultipartForm.File["f"]) < 1 {
2017-10-15 06:11:13 +00:00
log.Printf("%s Invalid request: no multipart content\n", remoteIP)
2017-10-08 01:10:15 +00:00
http.Error(w, "Invalid request", 400)
return
}
ret := make([]string, 0, len(r.MultipartForm.File["f"]))
for _, fhs := range r.MultipartForm.File["f"] {
f, err := fhs.Open()
if err != nil {
2017-10-15 06:11:13 +00:00
log.Printf("%s Internal error: %s\n", remoteIP, err.Error())
2017-10-08 01:10:15 +00:00
http.Error(w, "Internal error", 500)
return
}
2017-10-15 06:11:13 +00:00
path, err := this.handleUploadFile(f, fhs, remoteIP)
2017-10-08 01:10:15 +00:00
if err != nil {
2017-10-15 06:11:13 +00:00
log.Printf("%s Upload failed: %s\n", remoteIP, err.Error())
2017-10-08 01:10:15 +00:00
http.Error(w, "Upload failed", 500)
}
ret = append(ret, path)
}
jb, err := json.Marshal(ret)
if err != nil {
2017-10-15 06:11:13 +00:00
log.Printf("%s Internal error: %s\n", remoteIP, err.Error())
2017-10-08 01:10:15 +00:00
http.Error(w, "Internal error", 500)
return
}
w.Header().Set(`Content-Type`, `application/json`)
w.WriteHeader(200)
w.Write(jb)
}
func (this *Server) handleUploadFile(src multipart.File, hdr *multipart.FileHeader, UploadIP string) (string, error) {
// Get file length
srcLen, err := src.Seek(0, io.SeekEnd)
if err != nil {
return "", err
}
_, err = src.Seek(0, io.SeekStart)
if err != nil {
return "", err
}
// Get file hash
hasher := sha512.New512_256()
_, err = io.CopyN(hasher, src, int64(srcLen))
if err != nil {
return "", err
}
_, err = src.Seek(0, io.SeekStart)
if err != nil {
return "", err
}
2017-10-08 02:53:00 +00:00
fileHash := hex.EncodeToString(hasher.Sum(nil))
2023-05-19 07:13:55 +00:00
// Save file to disk/s3
err = this.SaveFile(context.Background(), fileHash, srcLen, src)
if err != nil {
return "", err
}
// Determine mime type
ctype := hdr.Header.Get("Content-Type")
if ctype == "" {
ctype = mime.TypeByExtension(path.Ext(hdr.Filename))
}
if ctype == "" {
ctype = `application/octet-stream`
}
// Blacklisted mime-types
ctype = strings.ToLower(ctype)
if strings.HasPrefix(ctype, `text/html`) ||
strings.HasPrefix(ctype, `application/javascript`) {
ctype = `application/octet-stream`
}
// Persist metadata to DB
m := Metadata{
2017-10-08 02:53:00 +00:00
FileHash: fileHash,
Filename: hdr.Filename,
UploadTime: time.Now(),
UploadIP: UploadIP,
FileSize: srcLen,
MimeType: ctype,
}
2017-10-08 02:53:00 +00:00
fileRef, err := this.AddMetadata(m)
if err != nil {
return "", err
}
// Done
2017-10-08 02:53:00 +00:00
return fileRef, nil
}