diff options
Diffstat (limited to 'src/routes/api.ts')
-rw-r--r-- | src/routes/api.ts | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/src/routes/api.ts b/src/routes/api.ts index 4612c16..e360709 100644 --- a/src/routes/api.ts +++ b/src/routes/api.ts @@ -4,22 +4,21 @@ import cookieParser from 'cookie-parser'; import fileUpload, { UploadedFile } from 'express-fileupload'; import slowDown from 'express-slow-down'; +const api = express.Router(); + +// For file uploads +api.use(fileUpload()); // Slow down everything to prevent DoS attacks const speedLimiter = slowDown({ - windowMs: 5 * 60 * 1000, // 15 minutes - delayAfter: 50, // allow 100 requests per 5 minutes, then... + windowMs: 5 * 60 * 1000, // 5 minutes + delayAfter: 50, // allow 50 requests per 5 minutes, then... delayMs: 500 // begin adding 500ms of delay per request above 100: // request # 101 is delayed by 500ms // request # 102 is delayed by 1000ms // request # 103 is delayed by 1500ms // etc. }); - - -const api = express.Router(); - -api.use(fileUpload()); api.use(speedLimiter); // CSRF protection @@ -27,14 +26,14 @@ api.use(cookieParser()); const csrf = csurf({ cookie: true }); api.post('/upload', csrf, (req: Request, res: Response) => { + // Check if there is a file if (!req.files || Object.keys(req.files).length === 0) - return res.status(400).json({ err: 'ENOENT' }); - // Kludge to prevent a compiler error - const file: UploadedFile = req.files.file as UploadedFile; - console.log(file.mimetype); + return res.status(400).json({ error: 'No file uploaded' }); + const file: UploadedFile = req.files.file as UploadedFile; // Kludge to prevent a compiler error + // Check if the file is a python file if (file.mimetype !== 'text/x-python') - return res.status(400).json({ err: 'EINVAL' }); - res.status(200).json({ err: null }); + return res.status(400).json({ error: 'Not a Python file' }); + res.status(200).json({ file: file.name }); }); export default api;
\ No newline at end of file |