dsql-admin/dsql-app/.local_dist/server/pages/api/media/getPrivateMedia.js

1 line
4.6 KiB
JavaScript
Raw Permalink Normal View History

2024-12-15 11:27:16 +00:00
"use strict";(()=>{var e={};e.id=2127,e.ids=[2127],e.modules={75600:e=>{e.exports=require("next/dist/compiled/next-server/pages-api.runtime.prod.js")},9973:e=>{e.exports=require("serverless-mysql")},79428:e=>{e.exports=require("buffer")},55511:e=>{e.exports=require("crypto")},29021:e=>{e.exports=require("fs")},81630:e=>{e.exports=require("http")},96762:(e,r)=>{Object.defineProperty(r,"M",{enumerable:!0,get:function(){return function e(r,t){return t in r?r[t]:"then"in r&&"function"==typeof r.then?r.then(r=>e(r,t)):"function"==typeof r&&"default"===t?r:void 0}}})},97243:(e,r,t)=>{t.r(r),t.d(r,{config:()=>p,default:()=>_,routeModule:()=>d});var s={};t.r(s),t.d(s,{default:()=>l});var n=t(89947),o=t(2706),i=t(96762),a=t(6420),c=t.n(a);let u=t(29021);async function l(e,r){if("POST"!==e.method)return r.json({success:!1,msg:"Failed!"});let t=await c()(e,r,!0);if(!t)return r.json({success:!1,msg:"Unauthorized"});try{let s=JSON.parse(e.body).path.replace(/ /g,"").replace(/\.\./g,"");if(s?.match(/\.\./))return r.json({success:!1,msg:"Error!",error:"Invalid url"});let n=`${process.env.DSQL_USER_DB_SCHEMA_PATH}/user-${t.id.toString().replace(/\//g,"")}`,o=s.replace(/\@/,n);u.createReadStream(o).pipe(r)}catch(e){console.log("ERROR in getPrivateMedia api route:",e.message),r.json({success:!1,msg:"Error!",error:e})}}let _=(0,i.M)(s,"default"),p=(0,i.M)(s,"config"),d=new n.PagesAPIRouteModule({definition:{kind:o.A.PAGES_API,page:"/api/media/getPrivateMedia",pathname:"/api/media/getPrivateMedia",bundlePath:"",filename:""},userland:s})},6420:(e,r,t)=>{t(81630);let s=t(51348),n=t(72835),o=t(29021),i=t(31341);async function a(e,r,t,a){let{keyCookieName:c,csrfCookieName:u}=i();if(!e.cookies?.[c]?.match(/./))return null;let l=n({encryptedString:e.cookies[c]});if(!l)return null;let _=JSON.parse(l);if(!_.csrf_k||t&&!e.headers["x-csrf-auth"]?.match(RegExp(`${_.csrf_k}`)))return null;let p=process.env.DSQL_USER_LOGIN_KEYS_PATH;if(!p)return console.log("DSQL_USER_LOGIN_KEYS_PATH env variable not found. Please set this variable."),null;if(t&&!o.existsSync(`${p}/${_.csrf_k}`))return null;if(0==_.verification_status&&!t){let e=await s(`SELECT verification_status FROM users WHERE id='${_.id}'`);e&&e[0]&&1==e[0].verification_status&&r.setHeader("Set-Cookie",["user_refresh=1"])}return _?.date&&Date.now()-_.date>6048e5?null:_}e.exports=a},31341:e=>{e.exports=function(e){let r=process.env.DSQL_COOKIES_PREFIX||"dsql_",t=process.env.DSQL_COOKIES_KEY_NAME||"key",s=process.env.DSQL_COOKIES_CSRF_NAME||"csrf",n=process.env.DSQL_COOKIES_ONE_TIME_CODE_NAME||"one-time-code",o=e?.database?.replace(/^datasquirel_user_\d+_/,"")||process.env.DSQL_DB_NAME?.replace(/^datasquirel_user_\d+_/,""),i=r;e?.userId&&(i+=`user_${e.userId}_`),o&&(i+=`${o}_`),i+=t;let a=r;e?.userId&&(a+=`user_${e.userId}_`),o&&(a+=`${o}_`),a+=s;let c=r;return e?.userId&&(c+=`user_${e.userId}_`),o&&(c+=`${o}_`),{keyCookieName:i,csrfCookieName:a,oneTimeCodeName:c+=n}}},72835:(e,r,t)=>{let{scryptSync:s,createDecipheriv:n}=t(55511),{Buffer:o}=t(79428);e.exports=({encryptedString:e,encryptionKey:r,encryptionSalt:t})=>{if(!e?.match(/./))return console.log("Encrypted string is invalid"),e;let i=r||process.env.DSQL_ENCRYPTION_PASSWORD,a=t||process.env.DSQL_ENCRYPTION_SALT,c=process.env.DSQL_ENCRYPTION_KEY_LENGTH?Number(process.env.DSQL_ENCRYPTION_KEY_LENGTH):24;if(!i?.match(/.{8,}/))return console.log("Decrption key is invalid"),e;if(!a?.match(/.{8,}/))return console.log("Decrption salt is invalid"),e;let u=n("aes-192-cbc",s(i,a,c),o.alloc(16,0));try{let r=u.update(e,"hex","utf8");return r+=u.final("utf8")}catch(r){return console.log("Error in decrypting =>",r.message),e}}},51348:(e,r,t)=>{let s=t(9973),n=t(21580),o=s({config:{host:process.env.DSQL_DB_HOST,user:process.env.DSQL_DB_USERNAME,password:process.env.DSQL_DB_PASSWORD,database:process.env.DSQL_DB_NAME,port:process.env.DSQL_DB_PORT?Number(process.env.DSQL_DB_PORT):void 0,charset:"utf8mb4",ssl:n()}});async function i(...e){try{let r=await o.query(...e);return await o.end(),JSON.parse(JSON.stringify(r))}catch(e){return console.log("DB Error =>",e),{