diff --git a/index.js b/index.js
index d47731e..e044f02 100644
--- a/index.js
+++ b/index.js
@@ -24,7 +24,7 @@ const router = new Router()
/* CONFIGURING THE MIDDLEWARE */
app.keys = ['darkSecret']
app.use(staticDir('public'))
-app.use(staticDir('private')) //TODO: is this considered 'not public'?
+app.use(staticDir('private'))
app.use(bodyParser())
app.use(session(app))
app.use(views(`${__dirname}/views`, { extension: 'handlebars' }, {map: { handlebars: 'handlebars' }}))
@@ -75,6 +75,8 @@ router.get('/myfiles', async ctx => {
} catch(err) {
await ctx.render('error', {message: err.message})
} finally {
+ if(ctx.session.authorised !== true) return ctx.redirect('/login?msg=You need to log in')
+
file.tearDown()
user.tearDown()
}
@@ -102,14 +104,6 @@ router.post('/myfiles', koaBody, async ctx => {
}
})
-router.get('/shared', async ctx => {
-
- try {
- await ctx.render('shared')
- } catch (err) {
- await ctx.render('error', { message: err.message })
- }
-})
router.get('/about', async ctx => {
try {
@@ -202,17 +196,6 @@ router.get('/account', async ctx => {
}
})
-router.post('/account', koaBody, async ctx => {
- try {
- const user = await new User(dbName)
- await user
-
- } catch (err) {
- await ctx.render('error', { message: err.message })
- }
-})
-
-
router.get('/logout', async ctx => {
ctx.session.authorised = null
ctx.redirect('/')
@@ -246,7 +229,7 @@ router.post('/transfer', koaBody, async ctx => {
//TODO: username passed in email
//Send the link in email
- await Mailer.sendMail(email, link, userMessage)
+ // await Mailer.sendMail(email, link, userMessage)
ctx.redirect('/myfiles?msg=Your file has been transfered!')
@@ -262,6 +245,8 @@ router.get('/download/:usrName/:name', async ctx => {
const fileName = ctx.params.name
const userName = ctx.params.usrName
+ // console.log(ctx.request.url)
+
file = await new File(dbName)
const fileData = await file.getFileInfo(fileName, userName)
@@ -290,7 +275,7 @@ router.post('/download', async ctx => {
await file.updateValue(fileHash)
}
- return ctx.redirect('/')
+ return ctx.redirect('back')
} catch (err) {
await ctx.render('error', { message: err.message })
} finally {
diff --git a/modules/upload.js b/modules/upload.js
index e01b3e9..d1bde3c 100644
--- a/modules/upload.js
+++ b/modules/upload.js
@@ -124,10 +124,9 @@ module.exports = class File {
async generateLink(_fileName, username, fullLink) {
try {
- //TODO: Only search table belonging to specific user
const sql = `SELECT FilePath, FileHash FROM Files
WHERE FileName LIKE '${_fileName}' OR
- FileHash LIKE '${_fileName}'`
+ FileHash LIKE '${_fileName}' AND user LIKE '${username}'`
const data = await this.db.all(sql)
let link = data[0]['FilePath']
@@ -160,11 +159,9 @@ module.exports = class File {
async getFileInfo(_fileName, _userName) {
try {
- _userName = ''
- console.log(_userName)
- //TODO: Only search table belonging to specific user
const sql = `SELECT * FROM Files
- WHERE FileHash LIKE '${_fileName}' OR FileName LIKE '${_fileName}'`
+ WHERE FileHash LIKE '${_fileName}' OR
+ FileName LIKE '${_fileName}' AND user LIKE '${_userName}'`
const data = await this.db.all(sql)
diff --git a/modules/user.js b/modules/user.js
index d1ea5db..67973e0 100644
--- a/modules/user.js
+++ b/modules/user.js
@@ -87,7 +87,6 @@ module.exports = class User {
WHERE user LIKE "%${username}%"`
let querystring = ''
- console.log(ctx.query.q)
if (ctx.query !== undefined && ctx.query.q !== undefined) {
sql = `SELECT user, FileName, FileType, FilePath, Size, Date, ExpDate FROM Files
WHERE upper(FileName) LIKE "%${ctx.query.q}%"
@@ -102,12 +101,7 @@ module.exports = class User {
}
const db = await Database.open(dbName)
let data = await db.all(sql)
- console.log(data)
await db.close()
- //console.log('THIS IS A TEST SPACEEEEEE')
- //console.log('THIS IS A TEST SPACEEEEEE')
- //console.log('THIS IS A TEST SPACEEEEEE')
- //console.log('THIS IS A TEST SPACEEEEEE')
if (ctx.query !== undefined && ctx.query.q !== undefined) {
data = data.filter( data => {
if (data.user === username) return true
diff --git a/views/account.handlebars b/views/account.handlebars
index 15020cf..64e43c9 100644
--- a/views/account.handlebars
+++ b/views/account.handlebars
@@ -19,8 +19,7 @@
Hash for string "{{query}}" is: {{text}} Send via email: {{msg.msg}}Hashes testing
-
-
-
- {{#if text}}
-
Download testFile
-
- {{/if}}
-
-
-
\ No newline at end of file
diff --git a/views/myfiles.handlebars b/views/myfiles.handlebars
index da6ea4e..adfb6f5 100644
--- a/views/myfiles.handlebars
+++ b/views/myfiles.handlebars
@@ -41,7 +41,6 @@
@@ -99,10 +98,10 @@