update link routes and add shared_access post api to get the user det…

…ails from shared linkl
bluewave-labs · Dec 23, 2024 · d564702 · d564702
1 parent d050394
commit d564702
Show file tree

Hide file tree

Showing 5 changed files with 102 additions and 70 deletions.
diff --git a/Client/prisma/schema.prisma b/Client/prisma/schema.prisma
@@ -79,7 +79,7 @@ model Link {
   friendlyName      String?   @unique
   linkUrl           String    @unique
   isPublic          Boolean   @default(false)
-  password          String?
+  password          String? // used for SharingOptions
   expirationTime    DateTime?
   hasSharingOptions Boolean   @default(false)
   updatedAt         DateTime  @updatedAt @db.Timestamptz(6)

diff --git a/Client/src/app/api/links/route.ts b/Client/src/app/api/links/route.ts
@@ -2,6 +2,7 @@ import prisma from '@lib/prisma';
 import { NextRequest, NextResponse } from 'next/server';
 import { authenticate } from '@lib/middleware/authenticate';
 import LinkService from '@/services/linkService';
+import bcryptjs from 'bcryptjs';
 
 export async function GET(req: NextRequest): Promise<NextResponse> {
   try {
@@ -14,8 +15,21 @@ export async function GET(req: NextRequest): Promise<NextResponse> {
       return createErrorResponse('link Id is required.', 400);
     }
 
-    const signedUrl = await LinkService.getFileFromLink(linkIdFromParams);
-    return NextResponse.json({ message: 'Link URL generated', data: { signedUrl } }, { status: 200 });
+    const link = await LinkService.getLink(linkIdFromParams);
+    if (!link) {
+      return createErrorResponse('Link not found.', 404);
+    }
+
+    if (link.expirationTime && new Date(link.expirationTime) <= new Date()) {
+      return NextResponse.json({ message: 'Link is expired' }, { status: 410 });
+    }
+
+    if (!link.hasSharingOptions && link.isPublic) {
+      const signedUrl = await LinkService.getFileFromLink(linkIdFromParams);
+      return NextResponse.json({ message: 'Link URL generated', data: { signedUrl } }, { status: 200 });
+    } else {
+      return NextResponse.json({ message: 'Link has sharing options enabled', data: { link } }, { status: 200 });
+    }
   } catch (error) {
     return createErrorResponse('Server error.', 500, error);
   }
@@ -24,21 +38,31 @@ export async function GET(req: NextRequest): Promise<NextResponse> {
 export async function POST(req: NextRequest): Promise<NextResponse> {
   try {
     const userId = await authenticate(req);
-    const { documentId, friendlyName, isPublic, emailRequired, passwordRequired, password, linkUrl, expirationTime } = await req.json();
+    const { documentId, friendlyName, isPublic, password, expirationTime, hasSharingOptions } = await req.json();
 
     if (!documentId) {
       return createErrorResponse('Document ID is required.', 400);
     }
 
+    const { linkUrl, linkId } = LinkService.generateLinkDetails();
+
+    if (expirationTime && new Date(expirationTime) < new Date()) {
+      return createErrorResponse('Expiration time cannot be in the past.', 400);
+    }
+
+    const hashedPassword = password ? await bcryptjs.hash(password, 10) : null;
+
     const newLink = await prisma.link.create({
       data: {
         userId,
+        linkId,
         linkUrl,
         documentId,
         isPublic: isPublic,
-        password: password || null,
+        password: hashedPassword,
         friendlyName: friendlyName || "",
         expirationTime: expirationTime || null,
+        hasSharingOptions: hasSharingOptions || false,
       },
     });
 

diff --git a/Client/src/app/api/links/shared_access.ts b/Client/src/app/api/links/shared_access.ts
@@ -0,0 +1,61 @@
+import bcryptjs from 'bcryptjs';
+import prisma from '@lib/prisma';
+import LinkService from '@/services/linkService';
+import { NextRequest, NextResponse } from 'next/server';
+
+export async function POST(req: NextRequest): Promise<NextResponse> {
+  try {
+    const { linkId, first_name, last_name, email, password } = await req.json();
+
+    if (!linkId || !first_name || !last_name || !email || !password) {
+      return createErrorResponse('Link ID, firstName, lastName, email and password are required.', 400);
+    }
+
+    const link = await LinkService.getLink(linkId);
+    if (!link) {
+      return createErrorResponse('Link not found.', 404);
+    }
+
+    if (!link.hasSharingOptions) {
+      return createErrorResponse('This link does not require sharing options.', 400);
+    }
+
+    const isPasswordValid = await validatePassword(password, link.password as string);
+    if (!isPasswordValid) {
+      return createErrorResponse('Invalid password.', 403);
+    }
+
+    await logLinkRecipient(linkId, first_name, last_name, email);
+
+    const signedUrl = await LinkService.getFileFromLink(linkId);
+    return NextResponse.json({ message: 'Link URL generated', data: { signedUrl } }, { status: 200 });
+  } catch (error) {
+    return createErrorResponse('Server error.', 500, error);
+  }
+}
+
+function createErrorResponse(message: string, status: number, details?: any) {
+  if (Array.isArray(details) && details.length === 2) {
+    const [errorCode, errorMessage] = details;
+    console.error(`[${new Date().toISOString()}] ${errorMessage}`, details);
+    return NextResponse.json({ error: errorMessage, details }, { status: errorCode });
+  } else {
+    console.error(`[${new Date().toISOString()}] ${message}`, details);
+    return NextResponse.json({ error: message, details }, { status });
+  }
+}
+
+async function validatePassword(providedPassword: string, storedPassword: string) {
+  return bcryptjs.compare(providedPassword, storedPassword);
+}
+
+async function logLinkRecipient(linkId: string, first_name: string, last_name: string, email: string) {
+  return prisma.linkRecipients.create({
+    data: {
+      linkId,
+      first_name,
+      last_name,
+      email,
+    },
+  });
+}
diff --git a/Client/src/app/doc-preview/[linkId]/page.tsx b/Client/src/app/doc-preview/[linkId]/page.tsx
diff --git a/Client/src/services/linkService.ts b/Client/src/services/linkService.ts
@@ -4,16 +4,26 @@ import { SupabaseProvider } from '@/providers/storage/supabase/supabaseProvider'
 
 export default class LinkService {
 
-  static generateLinkUrl(host: string): string {
+  static generateLinkDetails(): { linkUrl: string, linkId: string; } {
     const uniqueId = uuidv4();
+    const HOST = process.env.HOST || 'http://localhost:3000';
 
-    return `${host}/${uniqueId}`;
+    return {
+      linkId: uniqueId,
+      linkUrl: `${HOST}/${uniqueId}`
+    };
   }
 
   static async deleteLink(linkId: string): Promise<void> {
     return;
   }
 
+  static async getLink(linkId: string) {
+    return prisma.link.findUnique({
+      where: { linkId },
+    });
+  }
+
   static async getFileFromLink(linkId: string): Promise<string> {
     const bucketName = 'documents';
     let link = await prisma.link.findUnique({