feat: allow unauthenticated uploads

stonith404 · Oct 18, 2022 · 84d29df · 84d29df
1 parent 41c3baf
commit 84d29df
Show file tree

Hide file tree

Showing 17 changed files with 340 additions and 249 deletions.
diff --git a/.env.example b/.env.example
@@ -5,6 +5,7 @@ APP_URL=http://localhost:3000
 SHOW_HOME_PAGE=true
 ALLOW_REGISTRATION=true
 MAX_FILE_SIZE=1000000000
+ALLOW_UNAUTHENTICATED_SHARES=false
 
 # SECURITY
 JWT_SECRET=long-random-string
diff --git a/backend/.env.example b/backend/.env.example
@@ -2,6 +2,7 @@
 APP_URL=http://localhost:3000
 ALLOW_REGISTRATION=true
 MAX_FILE_SIZE=5000000000
+ALLOW_UNAUTHENTICATED_SHARES=false
 
 # SECURITY
 JWT_SECRET=random-string
diff --git a/backend/prisma/schema.prisma b/backend/prisma/schema.prisma
@@ -40,8 +40,8 @@ model Share {
   views        Int      @default(0)
   expiration   DateTime
 
-  creatorId String
-  creator   User           @relation(fields: [creatorId], references: [id])
+  creatorId String?
+  creator   User?           @relation(fields: [creatorId], references: [id])
   security  ShareSecurity?
   files     File[]
 }

diff --git a/backend/src/auth/guard/jwt.guard.ts b/backend/src/auth/guard/jwt.guard.ts
@@ -1,7 +1,14 @@
+import { ExecutionContext } from "@nestjs/common";
 import { AuthGuard } from "@nestjs/passport";
+import { Observable } from "rxjs";
 
 export class JwtGuard extends AuthGuard("jwt") {
   constructor() {
     super();
   }
+  canActivate(
+    context: ExecutionContext
+  ): boolean | Promise<boolean> | Observable<boolean> {
+    return  process.env.ALLOW_UNAUTHENTICATED_SHARES == "true" ? true : super.canActivate(context);
+  }
 }
diff --git a/backend/src/auth/strategy/jwt.strategy.ts b/backend/src/auth/strategy/jwt.strategy.ts
@@ -11,6 +11,7 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
     super({
       jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
       secretOrKey: config.get("JWT_SECRET"),
+
     });
   }
 

diff --git a/backend/src/share/guard/shareOwner.guard.ts b/backend/src/share/guard/shareOwner.guard.ts
@@ -28,6 +28,8 @@ export class ShareOwnerGuard implements CanActivate {
 
     if (!share) throw new NotFoundException("Share not found");
 
+    if(!share.creatorId) return true;
+
     return share.creatorId == (request.user as User).id;
   }
 }
diff --git a/backend/src/share/share.service.ts b/backend/src/share/share.service.ts
@@ -24,7 +24,7 @@ export class ShareService {
     private jwtService: JwtService
   ) {}
 
-  async create(share: CreateShareDTO, user: User) {
+  async create(share: CreateShareDTO, user?: User) {
     if (!(await this.isShareIdAvailable(share.id)).isAvailable)
       throw new BadRequestException("Share id already in use");
 
@@ -58,7 +58,7 @@ export class ShareService {
       data: {
         ...share,
         expiration: expirationDate,
-        creator: { connect: { id: user.id } },
+        creator: { connect: user ? { id: user.id } : undefined },
         security: { create: share.security },
       },
     });
@@ -154,6 +154,8 @@ export class ShareService {
     });
 
     if (!share) throw new NotFoundException("Share not found");
+    if (!share.creatorId)
+      throw new ForbiddenException("Anonymous shares can't be deleted");
 
     await this.fileService.deleteAllFiles(shareId);
     await this.prisma.share.delete({ where: { id: shareId } });

diff --git a/frontend/.env.example b/frontend/.env.example
@@ -1,3 +1,4 @@
 SHOW_HOME_PAGE=true
 ALLOW_REGISTRATION=true
 MAX_FILE_SIZE=1000000000
+ALLOW_UNAUTHENTICATED_SHARES=false
diff --git a/frontend/next.config.js b/frontend/next.config.js
@@ -5,6 +5,7 @@ const nextConfig = {
     ALLOW_REGISTRATION: process.env.ALLOW_REGISTRATION,
     SHOW_HOME_PAGE: process.env.SHOW_HOME_PAGE,
     MAX_FILE_SIZE: process.env.MAX_FILE_SIZE,
+    ALLOW_UNAUTHENTICATED_SHARES: process.env.ALLOW_UNAUTHENTICATED_SHARES
   }
 }
 

diff --git a/frontend/src/components/share/CreateUploadModalBody.tsx b/frontend/src/components/share/CreateUploadModalBody.tsx
diff --git a/frontend/src/components/upload/ExpirationPreview.tsx b/frontend/src/components/upload/ExpirationPreview.tsx
@@ -0,0 +1,19 @@
+import moment from "moment";
+
+const ExpirationPreview = ({ form }: { form: any }) => {
+  const value = form.values.never_expires
+    ? "never"
+    : form.values.expiration_num + form.values.expiration_unit;
+  if (value === "never") return "This share will never expire.";
+
+  const expirationDate = moment()
+    .add(
+      value.split("-")[0],
+      value.split("-")[1] as moment.unitOfTime.DurationConstructor
+    )
+    .toDate();
+
+  return `This share will expire on ${moment(expirationDate).format("LLL")}`;
+};
+
+export default ExpirationPreview;
diff --git a/...nents/upload/showCompletedUploadModal.tsx → ...pload/modals/showCompletedUploadModal.tsx b/...nents/upload/showCompletedUploadModal.tsx → ...pload/modals/showCompletedUploadModal.tsx
@@ -13,8 +13,8 @@ import moment from "moment";
 import getConfig from "next/config";
 import { useRouter } from "next/router";
 import { TbCopy } from "react-icons/tb";
-import { Share } from "../../types/share.type";
-import toast from "../../utils/toast.util";
+import { Share } from "../../../types/share.type";
+import toast from "../../../utils/toast.util";
 
 const { publicRuntimeConfig } = getConfig();
-Original file line number
+Diff line change
@@ Expand Up / @@ -11,6 +11,7 @@ export class JwtStrategy extends PassportStrategy(Strategy) { @@
         super({
           jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
           secretOrKey: config.get("JWT_SECRET"),
         });
       }
@@ Expand Down @@