Avoid repeated appearances of parse_date_string to reduce the amount of data downloaded

Add session maxAge
2026-03-10 01:59:47 +08:00 · 2026-01-11 15:40:32 +08:00
10 changed files with 128 additions and 105 deletions
@@ -1,5 +1,5 @@
 {
-  "name": "express-jtw-update-server",
+  "name": "express-storage-site",
  "version": "1.0.0",
  "description": "",
  "main": "index.js",
@@ -0,0 +1,14 @@
+import dotenv from 'dotenv'
+dotenv.config()
+
+const header_string = (page_title: string | boolean, notitle = false, add: string = null) => {
+    return `
+    <head>
+        ${notitle ? "" : `<title>${process.env.servicename || "File Server"}${page_title ? ` | ${page_title}` : ""}</title>`}
+        ${/*<link rel="icon" type="image/x-icon" href="/favicon.ico">*/""}
+        ${add ? add : ""}
+    </head>
+    `
+}
+
+export default header_string;
@@ -29,19 +29,19 @@ if (!fs.existsSync(path.join(process.cwd(), ".env"))) {
    const secret = PasswordGen(24)

    const rString = `
-    port=80
-    altregion=us # the displayed region in each page's header
+port=80
+altregion=us # the displayed region in each page's header
    
-    servicename=File Server # the displayed service name in each page's header
-    description=A simple file server built with Express. # the displayed description in the home page
+servicename=File Server # the displayed service name in each page's header
+description=A simple file server built with Express. # the displayed description in the home page

-    bootmessage=Welcome!
+bootmessage=Welcome!

-    session_secret=${secret} # the session secret used for logins. you can generate a new secret using the idGen command.
-    enable_register=false # it's advised to keep this off unless you're hosting a public instance
+session_secret=${secret} # the session secret used for logins. you can generate a new secret using the idGen command.
+enable_register=false # it's advised to keep this off unless you're hosting a public instance

-    postwrite_notice=Hi! # the notice on top of the post form
-    postwrite_html=false # if enabled, users can use html in posts. this is unsafe! you can set it to true if you trust your users.
+postwrite_notice=Hi! # the notice on top of the post form
+postwrite_html=false # if enabled, users can use html in posts. this is unsafe! you can set it to true if you trust your users.
    `

    fs.writeFileSync(path.join(process.cwd(), ".env"), rString);
@@ -74,7 +74,7 @@ export var server: Server;

 import moment from 'moment-timezone'
 import { Server } from "http";
-import session from "express-session";
+import session, { MemoryStore, Store } from "express-session";

 var accessLogStream = fs.createWriteStream('./pvfiles/interactions.log', { flags: 'a' });

@@ -88,15 +88,17 @@ try {
        filename: (req, file, cb) =>
            cb(null, `${Date.now()}_${file.originalname}`)
    })
-    upload = multer({storage})
+    upload = multer({ storage })

    app.use(
        session({
            name: "session",
+            store: new MemoryStore(),
            secret: process.env.session_secret,
            resave: false,
            saveUninitialized: false,
            cookie: {
+                maxAge: Date.now() + (30 * 24 * 3600 * 1000),
                httpOnly: true,
                sameSite: "lax",
                secure: dev
@@ -91,7 +91,7 @@ export async function Main(app: Express) {
                    username: user.username
                };

-                res.redirect("/");
+                res.redirect(req.query?.next?.toString() ?? "/");
            }
        );
    });
@@ -162,13 +162,22 @@ async function posts_string(user?: UserSession): Promise<string> {
                out += `
                    <div class="postlist" onClick="location.href='/posts/${p.hash_id}'">
                        <a href="/posts/${p.hash_id}">${title}</a> ${p.visibility == "public" ? "" : `(${p.visibility})`} <br>
-                        <small>by ${await getUsernameById(p.user_id)} (<span id="time_span${times}"></span><script>${parse_date_string}; document.getElementById("time_span${times}").innerHTML = parseDate(new Date(toIso("${p.created_at.replace(" ", "T") + ".000Z"}")));</script>)</small><br><br>
+                        <small>by ${await getUsernameById(p.user_id)} (<span class="time" data-date="${p.created_at}" id="time_span${times}"></span>)</small><br><br>
                        ${content}
                    </div>
                `
            };

-            resolve(out || "No posts yet.");
+            resolve(out + `
+                <script>
+                document.addEventsListener("DOMContentLoaded", () => {
+                    document.querySelectorAll(".time").forEach(span => {
+                        const raw = span.dataset.date.replace(" ", "T") + ".000Z";
+                        span.textContent = parseDate(new Date(toIso(raw)), false, true);
+                    })
+                })
+                </script>
+                ` || "No posts yet.");
        });
    });
 }
@@ -185,7 +194,7 @@ export async function Main(app: Express) {
            <form action="/posts/new" method="GET">
                <button class="tonly">New Post</button>
            </form>
-        ` : `<p><a href="/login">Log in</a> to create posts.</p>`}
+        ` : `<p><a href="/login?next=/posts/new">Log in</a> to create posts.</p>`}
        <hr>
        <br>
        <div class="postlist_r">
@@ -202,7 +211,7 @@ export async function Main(app: Express) {
                    <p>You must be logged in to create a post.</p>
                </div>
                `, `
-                <a href="/login">Log in</a> | <a href="/register">Register</a><br><br>
+                <a href="/login?next=/posts/new">Log in</a> | <a href="/register?next=/posts/new">Register</a><br><br>
            `))
        else {
            return res.send(newpost_string());
@@ -78,94 +78,20 @@ export async function Main(app: Express) {
                db.run(
                    `INSERT INTO users (username, password_hash) VALUES (?, ?)`,
                    [username, passwordHash],
-                    (err: any) => {
-                        var isnameerror = false;
+                    function (err: any) {
                        if (err) {
                            if (err.message.includes("UNIQUE")) {
-                                isnameerror = true;
+                                return res.send(register_string(`The username ${username} is already taken!`))
                            }
                        }
-                        if (!isnameerror)
-                            c.log(`User registered: ${username}`);

-                        if (isnameerror)
-                            res.send(register_string(`The username ${username} is already taken!`))
-                        else
-                            res.send(`
-                        <!DOCTYPE html>
+                        req.session.user = {
+                            id: this.lastID,
+                            username: username
+                        }

-<body>
-    <style>
-        h1 {
-            font-size: 50
-        }
-
-        body {
-            margin-right: 10%;
-            margin-left: 10%;
-            margin-bottom: 10%;
-            text-align: left;
-            color: black;
-            font-family: Verdana, sans-serif;
-        }
-
-        a:link {
-            color: #3c72a3
-        }
-
-        a:visited {
-            color: #2a567d
-        }
-
-        @media screen and (prefers-color-scheme: dark) {
-            body {
-                background-color: #383737;
-                color: #b0acac;
-            }
-        }
-
-        @media screen and (prefers-color-scheme: light) {
-            body {
-                background-color: #e3e3e3;
-                color: black;
-            }
-        }
-
-        .description {
-            font-size: 32px
-        }
-
-        .details {
-            font-size: 20px
-        }
-
-        .extra {
-            font-size: 24px
-        }
-
-    </style>
-    <h1>${process.env.servicename || "File Server"}</h1>
-    <div class="details">
-        <p>Server region: ${'(alternate) ' + process.env.altregion}</p>
-    </div><hr><br>
-    <div class="description">
-        ${process.env.description || "A simple file server built with Express."}
-    </div>
-    <div class="extra">
-        Account created successfully!<br>
-            ${req.session.user ? `
-        <p>Logged in as ${req.session.user.username}<br>
-        <a href=/api/logout>log out</a></p>
-            ` : `
-        <a href=/login>Log in</a> | <a href=/register>Register</a><br>
-            `}
-        <br><br>
-        Pages<br>
-        ) <a href=/staticfiles>/staticfiles</a><br>
-        ) <a href="/">Home</a>
-    </div>
-</body>
-                    `);
+                        c.log(`User registered: ${username}`);
+                        res.redirect(req.query?.next?.toString() ?? "/");
                    }
                );
            } catch (err) {
@@ -72,11 +72,7 @@ async function files_string(user: UserSession): Promise<string> {
                    out += `
                         <form method="POST" action="/delete" style="display:inline;">
                                ${filect}) <a href="/uploads/${f.stored_name}" target="_blank">${f.original_name}</a> - uploaded on
-                                <span id="time_span${times}"></span>
-                                <script>
-                                ${parse_date_string}
-                                document.getElementById("time_span${times}").innerHTML = parseDate(new Date(toIso("${f.upload_date.replace(" ", "T") + ".000Z"}")), false, true);
-                                </script>
+                                <span class=".time" id="time_span${times}" data-date="${f.upload_date}></span>
                                <input type="hidden" name="fileId" value="${f.id}">
                                | <button class="tonly" onclick="return confirm('Delete ${f.original_name}?')" type="submit">Delete</button>
                        </form><br>
@@ -84,6 +80,17 @@ async function files_string(user: UserSession): Promise<string> {
                    filect++;
                });

+                out += `
+                <script>
+                document.addEventListener("DOMContentLoaded", () => {
+                    document.querySelectorAll(".time").forEach(span => {
+                        const raw = span.dataset.date.replace(" ", "T") + ".000Z";
+                        span.textContent = parseDate(new Date(toIso(raw)), false, true);
+                    });
+                });
+                </script>
+                `
+
                resolve(out);
            }
        );
@@ -145,7 +152,7 @@ export async function Main(app: Express) {

    app.get("/upload", async (req: Request, res: Response) => {
        if (!req.session.user)
-            return res.status(401).send(upload_string("", "You must be <a href=/login>logged in</a> to use this feature."))
+            return res.status(401).send(upload_string("", "You must be <a href=/login?next=/upload>logged in</a> to use this feature."))
        else {
            const user = req.session.user;
            return res.send(await upload_string_home(null, null, user))
@@ -31,6 +31,7 @@ function getUploadByFilename(filename: string): Promise<Upload> {
        })
    } catch (err) {
        // if the cb fails somehow
+        // its not actually somehow it IS possible, like when a user is deleted from the users table or when a file is manually placed in the /uploads directory
        return null
    }
 }
@@ -0,0 +1,64 @@
+const p_404 = {
+    page: "The file you were looking for does not exist on the server."
+}
+
+const p_login = {
+    title: "Log in",
+    login: "Log in",
+    missing_credentials: "Missing username or password!",
+    wrong_credentials: "Invalid username or password."
+}
+
+const p_posts = {
+    title: "Posts",
+    by_user: "by",
+    new: {
+        post_title: "Post title:",
+        post_content: "Post content:",
+        new_post: "New Post",
+        visibility: "Visibility:",
+        public: "Public",
+        unlisted: "Unlisted",
+        private: "Private",
+        font: "Font:",
+        login: "You must be logged in to create a post.",
+
+        content_placeholder: "...",
+        post: "Post"
+    },
+
+    not_found: "Post not found.",
+    no_visible: "No posts yet.",
+    login: `<a href="/login?next=/posts/new">Log in</a> to create posts.`,
+    delete_post: "Delete Post"
+}
+
+const p_register = {
+    title: "Registration",
+    register: "Register",
+
+    name_taken: "The username $(var) is already taken!",
+    register_disabled: "$(var) does not support account registration."
+}
+
+const p_root = {
+    existing_session: "Logged in as $(var).",
+    logout_confirm: "Are you sure you want to log out of $(var)?"
+}
+
+const loc = {
+    username: "Username",
+    password: "Password",
+
+    default_title: "File Server",
+    default_description: "A simple file server built with Express.",
+    unknown_user: "Unknown",
+    log_in: "Login",
+    log_out: "Log out",
+    register: "Register",
+    back: "Back",
+
+    p_404, p_login, p_posts, p_register, p_root
+}
+
+export default loc
Author	SHA1	Message	Date
rrryfoo	6cb4d56e3d	Avoid repeated appearances of parse_date_string to reduce the amount of data downloaded	2026-03-10 01:59:47 +08:00
Maki	caf6ae9416	Add session maxAge	2026-01-11 15:40:32 +08:00