alma/Neah
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7bd0364c4d
Neah/app/api/nextcloud/files/route.ts
alma 7bd0364c4d Page logic
2025-04-21 11:31:39 +02:00

247 lines
8.4 KiB
TypeScript
Raw Blame History

import { NextResponse } from 'next/server';
import { getServerSession } from 'next-auth';
import { PrismaClient } from '@prisma/client';
import { authOptions } from '@/app/api/auth/[...nextauth]/route';
import { createClient } from 'webdav';
// Use a single PrismaClient instance
declare global {
var prisma: PrismaClient | undefined;
}
const prisma = global.prisma || new PrismaClient();
if (process.env.NODE_ENV !== 'production') global.prisma = prisma;
// Helper function to create WebDAV client
const createWebDAVClient = async (userId: string) => {
const credentials = await prisma.webDAVCredentials.findUnique({
where: { userId },
});
if (!credentials) {
throw new Error('No WebDAV credentials found');
}
const baseURL = process.env.NEXTCLOUD_URL;
if (!baseURL) {
throw new Error('NEXTCLOUD_URL environment variable is not set');
}
const normalizedBaseURL = baseURL.endsWith('/') ? baseURL.slice(0, -1) : baseURL;
const webdavURL = `${normalizedBaseURL}/remote.php/dav`;
return {
client: createClient(webdavURL, {
username: credentials.username,
password: credentials.password,
authType: 'password',
}),
username: credentials.username
};
};
export async function GET(request: Request) {
try {
const { searchParams } = new URL(request.url);
const folder = searchParams.get('folder');
if (!folder) {
return NextResponse.json({ error: 'Folder parameter is required' }, { status: 400 });
}
const session = await getServerSession(authOptions);
if (!session?.user) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const nextcloudUrl = process.env.NEXTCLOUD_URL;
const username = `cube-${session.user.id}`;
// Get credentials without logging
const credentials = await prisma.webDAVCredentials.findUnique({
where: { userId: session.user.id }
});
if (!credentials) {
return NextResponse.json({ error: 'Nextcloud credentials not found' }, { status: 404 });
}
const path = `/files/${username}/Private/${folder}`;
// Make request without logging sensitive information
const response = await fetch(`${nextcloudUrl}/remote.php/dav${path}`, {
method: 'PROPFIND',
headers: {
'Authorization': `Basic ${Buffer.from(`${username}:${credentials.password}`).toString('base64')}`,
'Depth': '1',
'Content-Type': 'application/xml',
},
body: '<?xml version="1.0" encoding="UTF-8"?><d:propfind xmlns:d="DAV:"><d:prop><d:resourcetype/><d:getlastmodified/><d:getcontentlength/><d:getcontenttype/><d:getetag/></d:prop></d:propfind>',
});
if (!response.ok) {
return NextResponse.json({ error: 'Failed to fetch files' }, { status: response.status });
}
const text = await response.text();
const parser = new DOMParser();
const xmlDoc = parser.parseFromString(text, 'text/xml');
const files: any[] = [];
const responses = xmlDoc.getElementsByTagName('d:response');
for (let i = 0; i < responses.length; i++) {
const response = responses[i];
const href = response.getElementsByTagName('d:href')[0]?.textContent;
const propstat = response.getElementsByTagName('d:propstat')[0];
if (href && propstat) {
const prop = propstat.getElementsByTagName('d:prop')[0];
if (prop) {
const type = prop.getElementsByTagName('d:resourcetype')[0];
const lastmod = prop.getElementsByTagName('d:getlastmodified')[0]?.textContent;
const size = prop.getElementsByTagName('d:getcontentlength')[0]?.textContent;
const mime = prop.getElementsByTagName('d:getcontenttype')[0]?.textContent;
const etag = prop.getElementsByTagName('d:getetag')[0]?.textContent;
if (type && !type.getElementsByTagName('d:collection').length) {
const filename = href.split('/').pop() || '';
files.push({
filename: href,
basename: filename,
lastmod,
size,
type: 'file',
etag,
mime
});
}
}
}
}
return NextResponse.json(files);
} catch (error) {
// Log error without sensitive information
console.error('Error fetching files:', error instanceof Error ? error.message : 'Unknown error');
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
export async function POST(request: Request) {
try {
const session = await getServerSession(authOptions);
if (!session?.user?.id) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { title, content, folder } = await request.json();
if (!title || !content || !folder) {
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
}
const { client, username } = await createWebDAVClient(session.user.id);
try {
const path = `/files/${username}/Private/${folder}/${title}.md`;
console.log('Saving note to path:', path);
await client.putFileContents(path, content);
// Get the file details after saving
const fileDetails = await client.stat(path);
return NextResponse.json({
id: fileDetails.filename,
title: fileDetails.basename.replace('.md', ''),
lastModified: new Date(fileDetails.lastmod).toISOString(),
size: fileDetails.size,
type: 'file',
mime: fileDetails.mime,
etag: fileDetails.etag
});
} catch (error) {
console.error('Error saving note:', error);
return NextResponse.json({ error: 'Failed to save note' }, { status: 500 });
}
} catch (error) {
console.error('Error in POST request:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
export async function PUT(request: Request) {
try {
const session = await getServerSession(authOptions);
if (!session?.user?.id) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { id, title, content, folder, mime } = await request.json();
if (!id || !title || !content || !folder) {
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
}
const { client, username } = await createWebDAVClient(session.user.id);
try {
// Use the provided path directly
const path = id;
console.log('Updating file at path:', path);
// Set the correct content type based on file extension or provided mime type
const contentType = mime || (title.endsWith('.vcf') ? 'text/vcard' : 'text/markdown');
await client.putFileContents(path, content, { contentType });
// Get the updated file details
const fileDetails = await client.stat(path);
return NextResponse.json({
id: fileDetails.filename,
title: fileDetails.basename,
lastModified: new Date(fileDetails.lastmod).toISOString(),
size: fileDetails.size,
type: 'file',
mime: fileDetails.mime,
etag: fileDetails.etag
});
} catch (error) {
console.error('Error updating file:', error);
return NextResponse.json({ error: 'Failed to update file' }, { status: 500 });
}
} catch (error) {
console.error('Error in PUT request:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
export async function DELETE(request: Request) {
try {
const session = await getServerSession(authOptions);
if (!session?.user?.id) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { id, folder } = await request.json();
if (!id || !folder) {
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
}
const { client, username } = await createWebDAVClient(session.user.id);
try {
const path = `/files/${username}/Private/${folder}/${id.split('/').pop()}`;
console.log('Deleting note at path:', path);
await client.deleteFile(path);
return NextResponse.json({ success: true });
} catch (error) {
console.error('Error deleting note:', error);
return NextResponse.json({ error: 'Failed to delete note' }, { status: 500 });
}
} catch (error) {
console.error('Error in DELETE request:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
Reference in New Issue View Git Blame Copy Permalink