alma/NeahNew
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
197b240109
NeahNew/app/api/storage/files/content/route.ts
alma 197b240109 build fix
2025-05-05 13:04:01 +02:00

92 lines
3.5 KiB
TypeScript
Raw Blame History

import { NextResponse } from 'next/server';
import { getServerSession } from 'next-auth';
import { authOptions } from "@/app/api/auth/options";
import { getObjectContent } from '@/lib/s3';
// Helper function to check authentication
async function checkAuth(request: Request) {
const session = await getServerSession(authOptions);
if (!session?.user?.id) {
console.error('Unauthorized access attempt:', {
url: request.url,
method: request.method,
headers: Object.fromEntries(request.headers)
});
return { authorized: false, userId: null };
}
return { authorized: true, userId: session.user.id };
}
export async function GET(request: Request) {
try {
const { authorized, userId } = await checkAuth(request);
if (!authorized || !userId) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { searchParams } = new URL(request.url);
const path = searchParams.get('path');
const id = searchParams.get('id');
if (!path && !id) {
return NextResponse.json({ error: 'Path or ID parameter is required' }, { status: 400 });
}
// Determine the key to use
let key: string;
if (id) {
// If id is provided directly, use it as the key
key = id;
// Ensure the user can only access their own files
if (!key.startsWith(`user-${userId}/`)) {
console.error('Unauthorized file access attempt:', { userId, fileId: id });
return NextResponse.json({ error: 'Unauthorized access to file' }, { status: 403 });
}
} else if (path) {
// If a path is provided, ensure it contains the user's ID
if (!path.includes(`/files/cube-${userId}/`) && !path.includes(`user-${userId}/`)) {
// For backward compatibility, convert NextCloud path to S3 path
if (path.startsWith('/files/') || path.includes('/Private/')) {
// Extract folder and filename from path
const parts = path.split('/').filter(Boolean);
const file = parts[parts.length - 1];
let folder = 'notes'; // Default folder
// Try to determine folder from path
if (path.includes('/Notes/')) folder = 'notes';
else if (path.includes('/Diary/')) folder = 'diary';
else if (path.includes('/Contacts/')) folder = 'contacts';
else if (path.includes('/Health/')) folder = 'health';
// Use direct user path without pages prefix
key = `user-${userId}/${folder}/${file}`;
console.log('Converted NextCloud path to S3 key:', { path, key });
} else {
console.error('Unauthorized file access attempt:', { userId, filePath: path });
return NextResponse.json({ error: 'Unauthorized access to file' }, { status: 403 });
}
} else {
// If it already contains user ID, use the path directly
key = path;
}
} else {
return NextResponse.json({ error: 'Invalid parameters' }, { status: 400 });
}
console.log('Fetching file content from S3:', { key });
// Get the file content
const content = await getObjectContent(key);
if (!content) {
return NextResponse.json({ error: 'File not found' }, { status: 404 });
}
return NextResponse.json({ content });
} catch (error) {
console.error('Error fetching file content:', error);
return NextResponse.json({ error: 'Internal server error', details: error instanceof Error ? error.message : String(error) }, { status: 500 });
}
}
Reference in New Issue View Git Blame Copy Permalink