packages/ui/certd-server/src/controller/basic/file-controller.ts

import { Controller, Fields, Files, Get, Inject, Post, Provide, Query } from '@midwayjs/core';
import { BaseController, Constants, FileService, PermissionException, UploadFileItem, uploadTmpFileCacheKey } from '@certd/lib-server';
import send from 'koa-send';
import { nanoid } from 'nanoid';
import { cache } from '@certd/basic';
import { UploadFileInfo } from '@midwayjs/upload';
import { AuthService } from '../../modules/sys/authority/service/auth-service.js';

const imageExtSet = new Set(['.apng', '.avif', '.bmp', '.gif', '.ico', '.jpeg', '.jpg', '.png', '.svg', '.webp']);
const imageCacheSeconds = 3 * 24 * 60 * 60;

export function isImageFile(filePath: string) {
  return imageExtSet.has(filePath.substring(filePath.lastIndexOf('.')).toLowerCase());
}

export function getImageDownloadOptions(filePath: string) {
  if (!isImageFile(filePath)) {
    return undefined;
  }
  return {
    maxage: imageCacheSeconds * 1000,
    setHeaders(res: any) {
      res.setHeader('Cache-Control', `public,max-age=${imageCacheSeconds}`);
    },
  };
}

/**
 */
@Provide()
@Controller('/api/basic/file')
export class FileController extends BaseController {
  @Inject()
  fileService: FileService;

  @Inject()
  authService: AuthService;

  @Post('/upload', { description: Constants.per.authOnly })
  async upload(@Files() files: UploadFileInfo<string>[], @Fields() fields: any, @Query('autoSave') autoSave: string) {
    console.log('files', files, fields);
    const cacheKey = uploadTmpFileCacheKey + nanoid();
    const file = files[0];
    cache.set(
      cacheKey,
      {
        filename: file.filename,
        tmpFilePath: file.data,
      } as UploadFileItem,
      {
        ttl: 1000 * 60 * 60,
      }
    );
    if (autoSave === 'true') {
      const key = await this.fileService.saveFile(this.getUserId(), cacheKey, 'public');
      return this.ok({
        key,
        url: `/api/basic/file/download?key=${encodeURIComponent(key)}`,
      });
    }
    return this.ok({
      key: cacheKey,
    });
  }

  @Get('/download', { description: Constants.per.guestOptionalAuth })
  async download(@Query('key') key: string) {
    const filePath = this.getDownloadFilePath(key);
    const sendOptions = getImageDownloadOptions(filePath);
    if (!sendOptions) {
      this.ctx.response.attachment(filePath);
    }
    await send(this.ctx, filePath, sendOptions);
  }

  private getDownloadFilePath(key: string) {
    const isPrivateFile = !key.startsWith('/public');
    const userId = isPrivateFile ? this.getUserId() : null;
    try {
      return this.fileService.getFile(key, userId);
    } catch (e) {
      if (!(e instanceof PermissionException) || !isPrivateFile || !this.authService.isAdmin(this.ctx)) {
        throw e;
      }
      const adminFilePath = this.fileService.getFile(key, userId, true);
      if (!isImageFile(adminFilePath)) {
        throw e;
      }
      return adminFilePath;
    }
  }
}
feat: 站点个性化设置 2024-10-05 01:46:25 +08:00			`import { Controller, Fields, Files, Get, Inject, Post, Provide, Query } from '@midwayjs/core';`
chore: 优化私有图片上传和查看逻辑 2026-05-25 23:05:23 +08:00			`import { BaseController, Constants, FileService, PermissionException, UploadFileItem, uploadTmpFileCacheKey } from '@certd/lib-server';`
feat: 站点个性化设置 2024-10-05 01:46:25 +08:00			`import send from 'koa-send';`
			`import { nanoid } from 'nanoid';`
chore: lego改成从github直接下载 2024-11-04 16:39:02 +08:00			`import { cache } from '@certd/basic';`
feat: 站点个性化设置 2024-10-05 01:46:25 +08:00			`import { UploadFileInfo } from '@midwayjs/upload';`
chore: 优化私有图片上传和查看逻辑 2026-05-25 23:05:23 +08:00			`import { AuthService } from '../../modules/sys/authority/service/auth-service.js';`
feat: 站点个性化设置 2024-10-05 01:46:25 +08:00
perf: 第三方登录自动注册的用户支持设置初始化密码 2026-05-15 00:25:28 +08:00			`const imageExtSet = new Set(['.apng', '.avif', '.bmp', '.gif', '.ico', '.jpeg', '.jpg', '.png', '.svg', '.webp']);`
			`const imageCacheSeconds = 3 * 24 * 60 * 60;`

			`export function isImageFile(filePath: string) {`
			`return imageExtSet.has(filePath.substring(filePath.lastIndexOf('.')).toLowerCase());`
			`}`

perf: 头像增加缓存时间 2026-05-15 00:39:35 +08:00			`export function getImageDownloadOptions(filePath: string) {`
			`if (!isImageFile(filePath)) {`
			`return undefined;`
			`}`
			`return {`
			`maxage: imageCacheSeconds * 1000,`
			`setHeaders(res: any) {`
			res.setHeader('Cache-Control', `public,max-age=${imageCacheSeconds}`);
			`},`
			`};`
			`}`

feat: 站点个性化设置 2024-10-05 01:46:25 +08:00			`/**`
			`*/`
			`@Provide()`
			`@Controller('/api/basic/file')`
			`export class FileController extends BaseController {`
			`@Inject()`
			`fileService: FileService;`

chore: 优化私有图片上传和查看逻辑 2026-05-25 23:05:23 +08:00			`@Inject()`
			`authService: AuthService;`

chore: 修改权限判断字段从summary改成description 2026-03-15 16:20:20 +08:00			`@Post('/upload', { description: Constants.per.authOnly })`
feat: 商业版支持邀请推广功能 2026-05-26 01:08:17 +08:00			`async upload(@Files() files: UploadFileInfo<string>[], @Fields() fields: any, @Query('autoSave') autoSave: string) {`
feat: 站点个性化设置 2024-10-05 01:46:25 +08:00			`console.log('files', files, fields);`
			`const cacheKey = uploadTmpFileCacheKey + nanoid();`
			`const file = files[0];`
			`cache.set(`
			`cacheKey,`
			`{`
			`filename: file.filename,`
			`tmpFilePath: file.data,`
			`} as UploadFileItem,`
			`{`
			`ttl: 1000 * 60 * 60,`
			`}`
			`);`
feat: 商业版支持邀请推广功能 2026-05-26 01:08:17 +08:00			`if (autoSave === 'true') {`
			`const key = await this.fileService.saveFile(this.getUserId(), cacheKey, 'public');`
			`return this.ok({`
			`key,`
			url: `/api/basic/file/download?key=${encodeURIComponent(key)}`,
			`});`
			`}`
feat: 站点个性化设置 2024-10-05 01:46:25 +08:00			`return this.ok({`
			`key: cacheKey,`
			`});`
			`}`

chore: 优化私有图片上传和查看逻辑 2026-05-25 23:05:23 +08:00			`@Get('/download', { description: Constants.per.guestOptionalAuth })`
feat: 站点个性化设置 2024-10-05 01:46:25 +08:00			`async download(@Query('key') key: string) {`
chore: 优化私有图片上传和查看逻辑 2026-05-25 23:05:23 +08:00			`const filePath = this.getDownloadFilePath(key);`
perf: 头像增加缓存时间 2026-05-15 00:39:35 +08:00			`const sendOptions = getImageDownloadOptions(filePath);`
			`if (!sendOptions) {`
perf: 第三方登录自动注册的用户支持设置初始化密码 2026-05-15 00:25:28 +08:00			`this.ctx.response.attachment(filePath);`
			`}`
perf: 头像增加缓存时间 2026-05-15 00:39:35 +08:00			`await send(this.ctx, filePath, sendOptions);`
feat: 站点个性化设置 2024-10-05 01:46:25 +08:00			`}`
chore: 优化私有图片上传和查看逻辑 2026-05-25 23:05:23 +08:00
			`private getDownloadFilePath(key: string) {`
			`const isPrivateFile = !key.startsWith('/public');`
			`const userId = isPrivateFile ? this.getUserId() : null;`
			`try {`
			`return this.fileService.getFile(key, userId);`
			`} catch (e) {`
			`if (!(e instanceof PermissionException) \|\| !isPrivateFile \|\| !this.authService.isAdmin(this.ctx)) {`
			`throw e;`
			`}`
			`const adminFilePath = this.fileService.getFile(key, userId, true);`
			`if (!isImageFile(adminFilePath)) {`
			`throw e;`
			`}`
			`return adminFilePath;`
			`}`
			`}`
feat: 站点个性化设置 2024-10-05 01:46:25 +08:00			`}`