MCPcopy
hub / github.com/tinode/chat / largeFileServeHTTP

Function largeFileServeHTTP

server/hdl_files.go:37–167  ·  view source on GitHub ↗
(wrt http.ResponseWriter, req *http.Request)

Source from the content-addressed store, hash-verified

35var allowedMimeTypes = []string{"application/", "audio/", "font/", "image/", "text/", "video/"}
36
37func largeFileServeHTTP(wrt http.ResponseWriter, req *http.Request) {
38 now := types.TimeNow()
39 enc := json.NewEncoder(wrt)
40 mh := store.Store.GetMediaHandler()
41 statsInc("FileDownloadsTotal", 1)
42
43 writeHttpResponse := func(msg *ServerComMessage, err error) {
44 // Gorilla CompressHandler requires Content-Type to be set.
45 wrt.Header().Set("Content-Type", "application/json; charset=utf-8")
46 wrt.WriteHeader(msg.Ctrl.Code)
47 enc.Encode(msg)
48 if err != nil {
49 logs.Warn.Println("media serve:", req.URL.String(), err)
50 }
51 }
52
53 // Preflight request: process before any security checks.
54 if req.Method == http.MethodOptions {
55 headers, statusCode, err := mh.Headers(req.Method, req.URL, req.Header, true)
56 if err != nil {
57 writeHttpResponse(decodeStoreError(err, "", now, nil), err)
58 return
59 }
60 for name, values := range headers {
61 for _, value := range values {
62 wrt.Header().Add(name, value)
63 }
64 }
65 if statusCode <= 0 {
66 statusCode = http.StatusNoContent
67 }
68 wrt.WriteHeader(statusCode)
69 logs.Info.Println("media serve: preflight completed")
70 return
71 }
72
73 // Check if this is a GET/HEAD request.
74 if req.Method != http.MethodGet && req.Method != http.MethodHead {
75 writeHttpResponse(ErrOperationNotAllowed("", "", now), errors.New("method '"+req.Method+"' not allowed"))
76 return
77 }
78
79 // Check for API key presence
80 if isValid, _ := checkAPIKey(getAPIKey(req)); !isValid {
81 writeHttpResponse(ErrAPIKeyRequired(now), errors.New("invalid or missing API key"))
82 return
83 }
84
85 // Check authorization: either auth information or SID must be present
86 authMethod, secret := getHttpAuth(req)
87 uid, challenge, err := authFileRequest(authMethod, secret, req.FormValue("sid"), getRemoteAddr(req))
88 if err != nil {
89 writeHttpResponse(decodeStoreError(err, "", now, nil), err)
90 return
91 }
92
93 if challenge != nil {
94 writeHttpResponse(InfoChallenge("", now, challenge), nil)

Callers

nothing calls this directly

Calls 15

TimeNowFunction · 0.92
statsIncFunction · 0.85
decodeStoreErrorFunction · 0.85
ErrOperationNotAllowedFunction · 0.85
checkAPIKeyFunction · 0.85
getAPIKeyFunction · 0.85
ErrAPIKeyRequiredFunction · 0.85
getHttpAuthFunction · 0.85
authFileRequestFunction · 0.85
getRemoteAddrFunction · 0.85
InfoChallengeFunction · 0.85
ErrAuthRequiredFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…