const config = require('./config');

const express = require('express');
const fileUpload = require('express-fileupload');
const path = require('path');
const fs = require('fs');
const mime = require('mime-types')

const app = express();

app.use(fileUpload());
app.set('view engine', 'ejs')
app.use(express.urlencoded({ extended: false }));
app.use(express.json());

app.get('/', (req, res) => {
    res.render('upload');
});

const isPathValid = (filename, filePath) => {
    if (!filename) {
        return false;
    }

    if (filename.indexOf('\0') !== -1 || filename.indexOf('%') !== -1 || filename.indexOf('/') !== -1 || filename.indexOf('..') !== -1) {
        return false;
    }

    if (filePath.indexOf(config.storagePath) !== 0) {
        return false;
    }

    return true;
};

const getFileType = (filename) => {
    const extension = path.extname(filename).substring(1);
    let type = config.files.embed[extension];

    if (!type) {
        type = config.files.other;
    }

    return type;
};

app.get('/file/:filename', (req, res) => {
    const filename = req.params.filename;
    const filePath = path.join(config.storagePath, filename);
    const isValid = isPathValid(filename, filePath);

    if (!isValid) {
        res.status(400).send('Invalid input.');
        return;
    }

    fs.access(filePath, fs.F_OK, (err) => {
        if (err) {
            res.status(404).send('File not found or is invalid.');
            return;
        }

        const type = getFileType(filePath);
        const mimeType = mime.lookup(filePath);

        if (type === config.files.other) {
            res.contentType('text/plain');
        } else {
            res.contentType(mimeType);
        }
        
        res.sendFile(filePath);
    });
});

app.post('/api/upload', (req, res) => {
    const password = req.body.password;

    if (config.passwords.indexOf(password) === -1) {
        return res.status(401).send('Incorrect password.');
    }

    if (!req.files || Object.keys(req.files).length === 0) {
        return res.status(400).send('No files were uploaded.');
    }

    const file = req.files.file;
    const filepath = `${config.storagePath}/${file.name}`;

    fs.exists(filepath, (exists) => { 
        if (!exists) { 
            file.mv(filepath, (err) => {
                if (err) return res.status(500).send(err);
                res.render('uploaded', { file: { name: file.name } });
            });
        } else {
            return res.status(400).send('File exists.');
        }
    });
});

app.listen(config.server.port);