SHiNE-server/SHiNE-server/src/main/java/server/files/DmFilesServlet.java

67 lines
2.4 KiB
Java

package server.files;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import server.logic.ws_protocol.JSON.messages.DmFileStorage;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
public class DmFilesServlet extends HttpServlet {
@Override
protected void doOptions(HttpServletRequest req, HttpServletResponse resp) {
applyCors(resp);
resp.setStatus(HttpServletResponse.SC_NO_CONTENT);
}
@Override
protected void doHead(HttpServletRequest req, HttpServletResponse resp) throws IOException {
handleRead(req, resp, true);
}
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
handleRead(req, resp, false);
}
private void handleRead(HttpServletRequest req, HttpServletResponse resp, boolean headOnly) throws IOException {
applyCors(resp);
String pathInfo = String.valueOf(req.getPathInfo() == null ? "" : req.getPathInfo()).trim();
if (pathInfo.startsWith("/")) pathInfo = pathInfo.substring(1);
if (pathInfo.isBlank()) {
resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "hash is required");
return;
}
try {
DmFileStorage.base64UrlToHash(pathInfo);
} catch (IllegalArgumentException ex) {
resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "bad hash");
return;
}
Path target = DmFileStorage.resolvePathByHashB64Url(pathInfo);
if (!Files.exists(target) || !Files.isRegularFile(target)) {
resp.setStatus(HttpServletResponse.SC_NOT_FOUND);
return;
}
resp.setStatus(HttpServletResponse.SC_OK);
resp.setContentType("application/octet-stream");
resp.setHeader("Cache-Control", "public, max-age=31536000, immutable");
resp.setHeader("Content-Disposition", "inline; filename=\"" + pathInfo + "\"");
long size = Files.size(target);
resp.setContentLengthLong(size);
if (headOnly) return;
Files.copy(target, resp.getOutputStream());
}
private void applyCors(HttpServletResponse resp) {
resp.setHeader("Access-Control-Allow-Origin", "*");
resp.setHeader("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS");
resp.setHeader("Access-Control-Allow-Headers", "Content-Type");
}
}