Update server.js

server.js

@@ -4,8 +4,9 @@ import fssync from 'fs';
 import path from 'path';
 import fetch from 'node-fetch';
 import { glob } from 'glob';
-import { createProxyMiddleware } from 'http-proxy-middleware';
+import { createProxyMiddleware, responseInterceptor } from 'http-proxy-middleware';
 import crypto from 'crypto';
+import zlib from 'zlib';
 
 const APP_PORT = parseInt(process.env.PORT || '7860', 10);
 const INTERNAL_TELEGRAM_API_PORT = parseInt(process.env.INTERNAL_TELEGRAM_API_PORT || '8081', 10);
@@ -17,6 +18,8 @@ const GITHUB_USERNAME = process.env.GITHUB_USERNAME || '';
 const GITHUB_TOKEN = process.env.GITHUB_TOKEN || '';
 const ENV_GIST_ID = process.env.ENV_GIST_ID || '';
 const LINK_ENCRYPTION_KEY_PASSPHRASE = process.env.LINK_ENCRYPTION_KEY;
+const DEFAULT_LINK_EXPIRY_HOURS = parseInt(process.env.DEFAULT_LINK_EXPIRY_HOURS || '24', 10);
+
 
 const app = express();
 
@@ -31,6 +34,11 @@ const CRYPTO_ALGORITHM = 'aes-256-gcm';
 const CRYPTO_IV_LENGTH_BYTES = 12;
 const CRYPTO_AUTH_TAG_LENGTH_BYTES = 16;
 
+function calculateExpiryTimestamp(hours) {
+    if (hours === -1) return null; 
+    return Date.now() + hours * 60 * 60 * 1000;
+}
+
 function encryptPayload(payloadObject) {
     if (!encryptionKeyBuffer) return null;
     try {
@@ -141,7 +149,7 @@ async function updateEnvGistInGithub() {
   const gistFilename = `hf_space_tg_tools_info.json`;
   let aggregateData = {
       description: `Hugging Face Spaces with TgAPIToolsTunnel - Aggregated Info. Maintained by TgAPIToolsTunnel instances.`,
-      schema_version: "1.1.0",
+      schema_version: "1.2.0",
       spaces_info: {}
   };
 
@@ -156,22 +164,11 @@ async function updateEnvGistInGithub() {
                   const parsedContent = JSON.parse(existingGist.files[gistFilename].content);
                   if (parsedContent && typeof parsedContent.spaces_info === 'object') {
                       aggregateData = parsedContent;
-                      console.log(`Successfully fetched and parsed existing Gist file: ${gistFilename}`);
-                  } else {
-                      console.warn(`Gist file ${gistFilename} content not in expected format. Initializing.`);
                   }
-              } catch (parseError) {
-                  console.warn(`Error parsing Gist file ${gistFilename}: ${parseError.message}. Initializing.`);
-              }
-          } else {
-              console.log(`Gist file ${gistFilename} not found in Gist ${ENV_GIST_ID}. Will create it.`);
+              } catch (parseError) {}
           }
-      } else if (gistFetchResponse.status !== 404) {
-          console.warn(`Failed to fetch Gist ${ENV_GIST_ID}: ${gistFetchResponse.status} ${await gistFetchResponse.text()}. Proceeding with local data.`);
       }
-  } catch (fetchError) {
-      console.error(`Error fetching Gist ${ENV_GIST_ID}: ${fetchError.message}. Proceeding with local data.`);
-  }
+  } catch (fetchError) {}
 
   const spaceId = process.env.SPACE_ID || 'unknown_space';
   const spaceHost = process.env.SPACE_HOST;
@@ -196,6 +193,7 @@ async function updateEnvGistInGithub() {
       internal_telegram_api_port: INTERNAL_TELEGRAM_API_PORT,
       files_ttl_hours: FILES_TTL_HOURS > 0 ? FILES_TTL_HOURS : 'disabled',
       link_encryption_enabled: !!encryptionKeyBuffer,
+      default_link_expiry_hours: DEFAULT_LINK_EXPIRY_HOURS
   };
 
   if (!aggregateData.spaces_info) aggregateData.spaces_info = {};
@@ -345,24 +343,37 @@ fileRouter.get('/downloadEncrypted', async (req, res) => {
     if (!encryptionKeyBuffer) return res.status(503).json({ error: 'Encryption/decryption is not configured on the server (LINK_ENCRYPTION_KEY not set).' });
 
     const decrypted = decryptPayload(encryptedPayload);
-    if (!decrypted || !decrypted.bot_token || !decrypted.file_id) {
+    if (!decrypted) {
         return res.status(400).json({ error: 'Invalid or undecryptable payload.' });
     }
 
-    const { bot_token, file_id } = decrypted;
-    
+    if (decrypted.expiresAt && Date.now() > decrypted.expiresAt) {
+        return res.status(410).json({ error: 'Link expired.' });
+    }
+
+    let filePathOnDisk;
+    let originalFilename;
+
     try {
-        const tgApiResponse = await fetch(`http://localhost:${INTERNAL_TELEGRAM_API_PORT}/bot${bot_token}/getFile?file_id=${file_id}`);
-        if (!tgApiResponse.ok) {
-            const errorData = await tgApiResponse.json().catch(() => ({ description: "Unknown error from Telegram API" }));
-            return res.status(tgApiResponse.status).json({ error: `Telegram API error: ${errorData.description || tgApiResponse.statusText}` });
-        }
-        const fileInfo = await tgApiResponse.json();
-        if (!fileInfo.ok || !fileInfo.result || !fileInfo.result.file_path) {
-            return res.status(404).json({ error: 'File not found or path not available via Telegram API.', details: fileInfo });
+        if (decrypted.type === 'id' && decrypted.bot_token && decrypted.file_id) {
+            const tgApiResponse = await fetch(`http://localhost:${INTERNAL_TELEGRAM_API_PORT}/bot${decrypted.bot_token}/getFile?file_id=${decrypted.file_id}`);
+            if (!tgApiResponse.ok) {
+                const errorData = await tgApiResponse.json().catch(() => ({ description: "Unknown error from Telegram API" }));
+                return res.status(tgApiResponse.status).json({ error: `Telegram API error: ${errorData.description || tgApiResponse.statusText}` });
+            }
+            const fileInfo = await tgApiResponse.json();
+            if (!fileInfo.ok || !fileInfo.result || !fileInfo.result.file_path) {
+                return res.status(404).json({ error: 'File not found or path not available via Telegram API.', details: fileInfo });
+            }
+            filePathOnDisk = fileInfo.result.file_path;
+            originalFilename = path.basename(filePathOnDisk);
+        } else if (decrypted.type === 'path' && decrypted.file_path_relative_to_data_dir) {
+            filePathOnDisk = path.join(TELEGRAM_DATA_DIR, decrypted.file_path_relative_to_data_dir);
+            originalFilename = path.basename(filePathOnDisk);
+        } else {
+            return res.status(400).json({ error: 'Invalid payload structure.' });
         }
-
-        const filePathOnDisk = fileInfo.result.file_path;
+        
         const resolvedDataDir = path.resolve(TELEGRAM_DATA_DIR);
         const resolvedFilePathOnDisk = path.resolve(filePathOnDisk);
 
@@ -372,14 +383,14 @@ fileRouter.get('/downloadEncrypted', async (req, res) => {
         }
 
         if (fssync.existsSync(resolvedFilePathOnDisk) && fssync.statSync(resolvedFilePathOnDisk).isFile()) {
-            res.sendFile(resolvedFilePathOnDisk, { headers: { 'Content-Disposition': `attachment; filename="${path.basename(fileInfo.result.file_path)}"` } }, err => {
+            res.sendFile(resolvedFilePathOnDisk, { headers: { 'Content-Disposition': `attachment; filename="${originalFilename}"` } }, err => {
                 if (err && !res.headersSent) res.status(500).send('Error sending file.');
             });
         } else {
             res.status(404).send('File not found on disk.');
         }
     } catch (error) {
-        console.error(`Error in /downloadEncrypted for file_id ${file_id}:`, error);
+        console.error(`Error in /downloadEncrypted:`, error);
         res.status(500).json({ error: 'Server error during encrypted download process.', details: error.message });
     }
 });
@@ -387,6 +398,7 @@ fileRouter.get('/downloadEncrypted', async (req, res) => {
 fileRouter.get('/:botToken/getFile', async (req, res) => {
     const { botToken } = req.params;
     const { file_id } = req.query;
+    const customExpiryHours = req.query.link_expiry_hours ? parseInt(req.query.link_expiry_hours, 10) : DEFAULT_LINK_EXPIRY_HOURS;
 
     if (!botToken || !file_id) {
         return res.status(400).json({ error: 'Missing botToken in path or file_id in query.' });
@@ -406,19 +418,16 @@ fileRouter.get('/:botToken/getFile', async (req, res) => {
             
             const apiFilePath = fileInfo.result.file_path;
             let relativePathForLink = "";
-
             const resolvedNormalizedDataDir = path.resolve(TELEGRAM_DATA_DIR);
             const resolvedApiFilePath = path.resolve(apiFilePath);
 
             if (resolvedApiFilePath.startsWith(resolvedNormalizedDataDir)) {
                 relativePathForLink = path.relative(resolvedNormalizedDataDir, resolvedApiFilePath);
             } else {
-                console.warn(`[Warning] file_path from API (${apiFilePath}) does not seem to be inside TELEGRAM_DATA_DIR (${TELEGRAM_DATA_DIR}). Using file_path as is for link, which might be incorrect.`);
                 relativePathForLink = apiFilePath; 
             }
             
             if (relativePathForLink.startsWith('..')) {
-                 console.error(`[Security] Calculated relative path for link starts with '..': ${relativePathForLink}. Original API path: ${apiFilePath}`);
                  fileInfo.result.direct_download_link_by_path = "Error: could not construct safe relative path.";
             } else {
                 fileInfo.result.direct_download_link_by_path = `${publicSpaceUrl}/file/${relativePathForLink.split(path.sep).join('/')}`;
@@ -427,14 +436,17 @@ fileRouter.get('/:botToken/getFile', async (req, res) => {
             fileInfo.result.direct_download_link_by_id = `${publicSpaceUrl}/file/${botToken}/downloadFile?file_id=${file_id}`;
             
             if (encryptionKeyBuffer) {
-                const encryptedPayload = encryptPayload({ bot_token: botToken, file_id: file_id });
-                if (encryptedPayload) {
-                    fileInfo.result.encrypted_download_link = `${publicSpaceUrl}/file/downloadEncrypted?payload=${encryptedPayload}`;
-                } else {
-                    fileInfo.result.encrypted_download_link = "Encryption failed or disabled server-side.";
+                const expiresAt = calculateExpiryTimestamp(customExpiryHours);
+                const encryptedPayloadById = encryptPayload({ type: 'id', bot_token: botToken, file_id: file_id, expiresAt });
+                if (encryptedPayloadById) {
+                    fileInfo.result.encrypted_download_link_by_id = `${publicSpaceUrl}/file/downloadEncrypted?payload=${encryptedPayloadById}`;
+                }
+                if (!relativePathForLink.startsWith('..') && relativePathForLink) {
+                    const encryptedPayloadByPath = encryptPayload({ type: 'path', file_path_relative_to_data_dir: relativePathForLink, expiresAt });
+                     if (encryptedPayloadByPath) {
+                        fileInfo.result.encrypted_download_link_by_path = `${publicSpaceUrl}/file/downloadEncrypted?payload=${encryptedPayloadByPath}`;
+                    }
                 }
-            } else {
-                 fileInfo.result.encrypted_download_link = "Encryption not configured on server (LINK_ENCRYPTION_KEY not set).";
             }
         }
         res.json(fileInfo);
@@ -504,15 +516,133 @@ fileRouter.get('/:filepath(*)', (req, res) => {
 
 app.use('/file', fileRouter);
 
+const getBotTokenFromApiFilePath = (apiFilePath) => {
+    if (!apiFilePath || typeof apiFilePath !== 'string') return null;
+    const dataDirPrefix = TELEGRAM_DATA_DIR.endsWith('/') ? TELEGRAM_DATA_DIR : TELEGRAM_DATA_DIR + '/';
+    if (apiFilePath.startsWith(dataDirPrefix)) {
+        const pathPartAfterDataDir = apiFilePath.substring(dataDirPrefix.length);
+        const token = pathPartAfterDataDir.split('/')[0];
+        if (token && token.includes(':')) return token;
+    }
+    const match = apiFilePath.match(/\/([0-9]+:[a-zA-Z0-9_-]+)\//);
+    return match ? match[1] : null;
+};
+
+const augmentFileObject = (fileObj, req) => {
+    if (!fileObj || typeof fileObj !== 'object') return;
+    if (fileObj.file_id && fileObj.file_path) {
+        const spaceHost = process.env.SPACE_HOST;
+        const publicSpaceUrl = spaceHost ? `https://${spaceHost}` : `${req.protocol}://${req.get('host')}`;
+        
+        const apiFilePath = fileObj.file_path;
+        const fileId = fileObj.file_id;
+        const botToken = getBotTokenFromApiFilePath(apiFilePath) || req.proxiedBotToken;
+
+        if (!botToken) {
+            console.warn(`Could not determine botToken for file_path: ${apiFilePath}`);
+            return;
+        }
+
+        let relativePathForLink = "";
+        const resolvedNormalizedDataDir = path.resolve(TELEGRAM_DATA_DIR);
+        const resolvedApiFilePath = path.resolve(apiFilePath);
+
+        if (resolvedApiFilePath.startsWith(resolvedNormalizedDataDir)) {
+            relativePathForLink = path.relative(resolvedNormalizedDataDir, resolvedApiFilePath);
+        } else {
+            relativePathForLink = apiFilePath;
+        }
+        
+        const customExpiryHours = req.query.link_expiry_hours ? parseInt(req.query.link_expiry_hours, 10) : DEFAULT_LINK_EXPIRY_HOURS;
+        const expiresAt = calculateExpiryTimestamp(customExpiryHours);
+
+        if (!relativePathForLink.startsWith('..') && relativePathForLink) {
+            fileObj.direct_download_link_by_path = `${publicSpaceUrl}/file/${relativePathForLink.split(path.sep).join('/')}`;
+            fileObj.delete_link_by_path = `${publicSpaceUrl}/file/deleteFile?file=${encodeURIComponent(relativePathForLink.split(path.sep).join('/'))}`;
+            if (encryptionKeyBuffer) {
+                const encryptedPayloadByPath = encryptPayload({ type: 'path', file_path_relative_to_data_dir: relativePathForLink, expiresAt });
+                if (encryptedPayloadByPath) {
+                    fileObj.encrypted_download_link_by_path = `${publicSpaceUrl}/file/downloadEncrypted?payload=${encryptedPayloadByPath}`;
+                }
+            }
+        }
+        
+        fileObj.direct_download_link_by_id = `${publicSpaceUrl}/file/${botToken}/downloadFile?file_id=${fileId}`;
+        fileObj.delete_link_by_id = `${publicSpaceUrl}/file/${botToken}/deleteById?file_id=${fileId}`;
+        if (encryptionKeyBuffer) {
+            const encryptedPayloadById = encryptPayload({ type: 'id', bot_token: botToken, file_id: fileId, expiresAt });
+            if (encryptedPayloadById) {
+                fileObj.encrypted_download_link_by_id = `${publicSpaceUrl}/file/downloadEncrypted?payload=${encryptedPayloadById}`;
+            }
+        }
+    }
+};
+
+const recursivelyAugmentFileObjects = (data, req) => {
+    if (Array.isArray(data)) {
+        data.forEach(item => recursivelyAugmentFileObjects(item, req));
+    } else if (data && typeof data === 'object') {
+        augmentFileObject(data, req); 
+        if (data.result && typeof data.result === 'object') { 
+             recursivelyAugmentFileObjects(data.result, req);
+        } else {
+            for (const key in data) {
+                if (Object.prototype.hasOwnProperty.call(data, key)) {
+                    recursivelyAugmentFileObjects(data[key], req);
+                }
+            }
+        }
+    }
+};
+
+
 app.use(PROXY_TELEGRAM_PATH_PREFIX, createProxyMiddleware({
   target: `http://localhost:${INTERNAL_TELEGRAM_API_PORT}`,
   changeOrigin: true,
+  selfHandleResponse: true,
   pathRewrite: (pathValue, req) => {
+    const tokenMatch = pathValue.match(/^\/bot([0-9]+:[a-zA-Z0-9_-]+)\//);
+    if (tokenMatch && tokenMatch[1]) {
+        req.proxiedBotToken = tokenMatch[1];
+    }
     return pathValue.startsWith(PROXY_TELEGRAM_PATH_PREFIX) ? pathValue.substring(PROXY_TELEGRAM_PATH_PREFIX.length) : pathValue;
   },
   onProxyReq: (proxyReq, req, res) => {
     console.log(`[Proxy] Request to Telegram API: ${req.method} ${proxyReq.path}`);
   },
+  onProxyRes: responseInterceptor(async (responseBuffer, proxyRes, req, res) => {
+    const contentType = proxyRes.headers['content-type'];
+    const contentEncoding = proxyRes.headers['content-encoding'];
+
+    if (contentType && contentType.includes('application/json')) {
+        let responseData;
+        try {
+            if (contentEncoding === 'gzip') {
+                responseData = zlib.gunzipSync(responseBuffer).toString('utf8');
+            } else if (contentEncoding === 'deflate') {
+                responseData = zlib.inflateSync(responseBuffer).toString('utf8');
+            } else {
+                responseData = responseBuffer.toString('utf8');
+            }
+            
+            const jsonData = JSON.parse(responseData);
+            recursivelyAugmentFileObjects(jsonData, req);
+            
+            let finalResponseBuffer = Buffer.from(JSON.stringify(jsonData));
+            if (contentEncoding === 'gzip') {
+                finalResponseBuffer = zlib.gzipSync(finalResponseBuffer);
+            } else if (contentEncoding === 'deflate') {
+                finalResponseBuffer = zlib.deflateSync(finalResponseBuffer);
+            }
+            return finalResponseBuffer;
+
+        } catch (err) {
+            console.error('Error processing proxied JSON response:', err);
+            return responseBuffer; 
+        }
+    }
+    return responseBuffer;
+  }),
   onError: (err, req, res) => {
     console.error('[Proxy] Error:', err);
     if (!res.headersSent) {
@@ -538,18 +668,19 @@ app.get('/', (req, res) => {
       file_operations: {
         _base: `${baseUrl}/file`,
         list_files_for_bot: `${baseUrl}/file/list?token=${botTokenPlaceholder}`,
-        get_file_info_and_links: `${baseUrl}/file/${botTokenPlaceholder}/getFile?file_id=${fileIdPlaceholder}`,
+        get_file_info_and_links: `${baseUrl}/file/${botTokenPlaceholder}/getFile?file_id=${fileIdPlaceholder}&link_expiry_hours=<HOURS>`,
         download_file_by_id: `${baseUrl}/file/${botTokenPlaceholder}/downloadFile?file_id=${fileIdPlaceholder}`,
         download_file_by_path: `${baseUrl}/file/${filePathPlaceholder}`,
         delete_file_by_path: `${baseUrl}/file/deleteFile?file=${filePathPlaceholder}`,
         delete_file_by_id: `${baseUrl}/file/${botTokenPlaceholder}/deleteById?file_id=${fileIdPlaceholder}`,
-        download_via_encrypted_payload: `${baseUrl}/file/downloadEncrypted?payload=<ENCRYPTED_PAYLOAD_FROM_GETFILE_ENDPOINT>`,
+        download_via_encrypted_payload: `${baseUrl}/file/downloadEncrypted?payload=<ENCRYPTED_PAYLOAD_FROM_GETFILE_ENDPOINT_OR_PROXY>`,
       },
       gist_info_if_configured: ENV_GIST_ID ? `https://gist.github.com/${GITHUB_USERNAME || "_"}/${ENV_GIST_ID}` : "Gist update not configured",
     },
     notes: {
         file_paths_for_delete_or_direct_download: "Should be like 'botTOKEN/photos/file_XYZ.jpg'",
-        link_encryption: encryptionKeyBuffer ? "Enabled" : "Disabled (LINK_ENCRYPTION_KEY not set in secrets)"
+        link_encryption: encryptionKeyBuffer ? "Enabled" : "Disabled (LINK_ENCRYPTION_KEY not set in secrets)",
+        default_link_expiry_hours: DEFAULT_LINK_EXPIRY_HOURS + " (use -1 for indefinite, override with ?link_expiry_hours=N in proxied requests or /getFile)"
     }
   });
 });
@@ -560,6 +691,7 @@ app.listen(APP_PORT, () => {
   console.log(`Statistics available at /stats`);
   console.log(`File operations available under /file/`);
   console.log(`Telegram API proxied from ${PROXY_TELEGRAM_PATH_PREFIX}/`);
+  console.log(`Default link expiry: ${DEFAULT_LINK_EXPIRY_HOURS} hours (-1 for indefinite)`);
 
   updateEnvGistInGithub().catch(console.error);