tedkulp/send
1
0
Fork 0
mirror of https://github.com/timvisee/send.git synced 2026-04-18 21:54:11 -04:00
Code Issues Packages Projects Releases Wiki Activity

added oauth refresh token support

Browse Source
This commit is contained in:
Danny Coates
2020-07-24 18:11:50 -07:00
parent ce507c557f
commit f3a1fde07f
9 changed files with 120 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/middleware/auth.js
View File

@@ -70,6 +70,10 @@ module.exports = {
const token = authHeader.split(' ')[1];
req.user = await fxa.verify(token);
}
return next();
if (req.user) {
next();
} else {
res.sendStatus(401);
}
}
};

6
server/routes/filelist.js
View File

@@ -13,9 +13,6 @@ function id(user, kid) {
module.exports = {
async get(req, res) {
if (!req.user) {
return res.sendStatus(401);
}
const kid = req.params.id;
try {
const fileId = id(req.user, kid);
@@ -32,9 +29,6 @@ module.exports = {
},
async post(req, res) {
if (!req.user) {
return res.sendStatus(401);
}
const kid = req.params.id;
try {
const limiter = new Limiter(1024 * 1024 * 10);

11
server/routes/ws.js
View File

@@ -41,13 +41,20 @@ module.exports = function(ws, req) {
? config.max_downloads
: config.anon_max_downloads;
if (config.fxa_required && !user) {
ws.send(
JSON.stringify({
error: 401
})
);
return ws.close();
}
if (
!metadata ||
!auth ||
timeLimit <= 0 ||
timeLimit > maxExpireSeconds ||
dlimit > maxDownloads ||
(config.fxa_required && !user)
dlimit > maxDownloads
) {
ws.send(
JSON.stringify({