Download Token - bounty offered
-
You'd probably need to hook into the uploader, as that's where the file path (and link) is being generated; the imgbed plugin only parses for certain urls and wraps it in the correct markdown syntax to make it display as an image instead of a link. I'm just not sure if there's a hook for the uploader...
-
@chrismccoy
Is this, more or less, what you are looking for?
Please consider this an early alpha preview, that will most definetly clutter the * peep * out of your log.npm i nodebb-plugin-expiring-uploads
I've taken the liberty to replace the md5- with xx-hashs. MD5 is outdated since years and quite verbose (aa1469dd64687462ee30378e14d34105 vs. 6edebbb6).
The outcoming url is of the form:
ht*p://nodebb/uploads/xxhash/CreationTimestamp-in-hex/filename.ext
e.g.ht*p://lsw.local/uploads/705bab4a/14e6b6e49dc/droid-sans-mono.zip
The seed of xxhash is the first part (up to the first
-
) of your nodeBB's secret (config.json).On the HDD, files are stored in
/nodeBB/expiring_uploads/
as opposed to/nodeBB/public/uploads/files/
, since everything in/public/
could be guessed, as all of its contents seem to be blindly exposed to the clients. Please note, that my lazily hardcoding the/
could make this plugin fail on Windows. I'll change that, or at least check whether the NodeBB core takes care of it.The created links are routed, but you can't actually download the file, yet.
The plugin hook (filter:uploadFile) is pretty needy - or powerful; depending on your point of view. Anyway, it breaks out of (returns from) the core function, handling uploads, as early as it can get. Meaning, that the plugin has to handle everything like allowed filetypes, -sizes and such. I assume, that you e.g. don't want to have uploaded pictures expire. It's in there, but only rudimentarily, for now. That's why I haven't started the ACP part of it, yet.
In the end the plugin will surely have an option to choose, but for starters: What's your preference, the least setup effort for you? Would you rather define filetypes which should be expiring or those who should not?
Another aproach would be to add a second "Expiring Upload" button to the composer. This way the built-in button would follow the general setup (e.g. allowed filetypes images) and the added button would only accept .zip, .gz, .pdf, what have you. -
@julian
Wow! How about that for incentive? Well, let me tell you: To me it's a great one. I fell in love with NodeBB the second I tested it. Becoming a part of its development puts a satisfied grin on my face - they have yet to invent an emoji for that. (see; not even close) -
wow thanks for this, generates the url good, zip, and rar files would probably only need to expire.
-
what needs to be done to let the links work (dl links) ?
-
one thing, if i have the files set as private, meaning you have to have a user account to download, the expiring link loads for non public as well.
-
@chrismccoy
Done. Moved to Plugins.