From e9cc00f8947d3aea0f802a8b8d7f2e406c3fcb1f Mon Sep 17 00:00:00 2001 From: Matt Strapp Date: Fri, 11 Feb 2022 11:30:40 -0600 Subject: Finish upload API endpoint Signed-off-by: Matt Strapp --- src/routes/api.ts | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) (limited to 'src/routes') diff --git a/src/routes/api.ts b/src/routes/api.ts index 4612c16..e360709 100644 --- a/src/routes/api.ts +++ b/src/routes/api.ts @@ -4,22 +4,21 @@ import cookieParser from 'cookie-parser'; import fileUpload, { UploadedFile } from 'express-fileupload'; import slowDown from 'express-slow-down'; +const api = express.Router(); + +// For file uploads +api.use(fileUpload()); // Slow down everything to prevent DoS attacks const speedLimiter = slowDown({ - windowMs: 5 * 60 * 1000, // 15 minutes - delayAfter: 50, // allow 100 requests per 5 minutes, then... + windowMs: 5 * 60 * 1000, // 5 minutes + delayAfter: 50, // allow 50 requests per 5 minutes, then... delayMs: 500 // begin adding 500ms of delay per request above 100: // request # 101 is delayed by 500ms // request # 102 is delayed by 1000ms // request # 103 is delayed by 1500ms // etc. }); - - -const api = express.Router(); - -api.use(fileUpload()); api.use(speedLimiter); // CSRF protection @@ -27,14 +26,14 @@ api.use(cookieParser()); const csrf = csurf({ cookie: true }); api.post('/upload', csrf, (req: Request, res: Response) => { + // Check if there is a file if (!req.files || Object.keys(req.files).length === 0) - return res.status(400).json({ err: 'ENOENT' }); - // Kludge to prevent a compiler error - const file: UploadedFile = req.files.file as UploadedFile; - console.log(file.mimetype); + return res.status(400).json({ error: 'No file uploaded' }); + const file: UploadedFile = req.files.file as UploadedFile; // Kludge to prevent a compiler error + // Check if the file is a python file if (file.mimetype !== 'text/x-python') - return res.status(400).json({ err: 'EINVAL' }); - res.status(200).json({ err: null }); + return res.status(400).json({ error: 'Not a Python file' }); + res.status(200).json({ file: file.name }); }); export default api; \ No newline at end of file -- cgit v1.2.3