Spaces:
Sleeping
Sleeping
| import path from 'node:path'; | |
| import fs from 'node:fs'; | |
| import express from 'express'; | |
| import sanitize from 'sanitize-filename'; | |
| import { Jimp } from '../jimp.js'; | |
| import { sync as writeFileAtomicSync } from 'write-file-atomic'; | |
| import { getImages, tryParse } from '../util.js'; | |
| import { getFileNameValidationFunction } from '../middleware/validateFileName.js'; | |
| import { applyAvatarCropResize } from './characters.js'; | |
| import { invalidateThumbnail } from './thumbnails.js'; | |
| import cacheBuster from '../middleware/cacheBuster.js'; | |
| export const router = express.Router(); | |
| router.post('/get', function (request, response) { | |
| const images = getImages(request.user.directories.avatars); | |
| response.send(images); | |
| }); | |
| router.post('/delete', getFileNameValidationFunction('avatar'), function (request, response) { | |
| if (!request.body) return response.sendStatus(400); | |
| if (request.body.avatar !== sanitize(request.body.avatar)) { | |
| console.error('Malicious avatar name prevented'); | |
| return response.sendStatus(403); | |
| } | |
| const fileName = path.join(request.user.directories.avatars, sanitize(request.body.avatar)); | |
| if (fs.existsSync(fileName)) { | |
| fs.unlinkSync(fileName); | |
| invalidateThumbnail(request.user.directories, 'persona', sanitize(request.body.avatar)); | |
| return response.send({ result: 'ok' }); | |
| } | |
| return response.sendStatus(404); | |
| }); | |
| router.post('/upload', getFileNameValidationFunction('overwrite_name'), async (request, response) => { | |
| if (!request.file) return response.sendStatus(400); | |
| try { | |
| const pathToUpload = path.join(request.file.destination, request.file.filename); | |
| const crop = tryParse(request.query.crop); | |
| const rawImg = await Jimp.read(pathToUpload); | |
| const image = await applyAvatarCropResize(rawImg, crop); | |
| // Remove previous thumbnail and bust cache if overwriting | |
| if (request.body.overwrite_name) { | |
| invalidateThumbnail(request.user.directories, 'persona', sanitize(request.body.overwrite_name)); | |
| cacheBuster.bust(request, response); | |
| } | |
| const filename = sanitize(request.body.overwrite_name || `${Date.now()}.png`); | |
| const pathToNewFile = path.join(request.user.directories.avatars, filename); | |
| writeFileAtomicSync(pathToNewFile, image); | |
| fs.unlinkSync(pathToUpload); | |
| return response.send({ path: filename }); | |
| } catch (err) { | |
| console.error('Error uploading user avatar:', err); | |
| return response.status(400).send('Is not a valid image'); | |
| } | |
| }); | |