-
Notifications
You must be signed in to change notification settings - Fork 225
Expand file tree
/
Copy pathserver.ts
More file actions
333 lines (278 loc) · 11.3 KB
/
Copy pathserver.ts
File metadata and controls
333 lines (278 loc) · 11.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
import http from 'node:http'
import {EventEmitter} from 'node:events'
import type {ServerRequest} from 'srvx/types'
import {toNodeHandler} from 'srvx/node'
import debug from 'debug'
import {EVENTS, ERRORS, REQUEST_METHODS, TUS_RESUMABLE, HEADERS} from '@tus/utils'
import type {DataStore, Upload, CancellationContext} from '@tus/utils'
import {GetHandler} from './handlers/GetHandler.js'
import {HeadHandler} from './handlers/HeadHandler.js'
import {OptionsHandler} from './handlers/OptionsHandler.js'
import {PatchHandler} from './handlers/PatchHandler.js'
import {PostHandler} from './handlers/PostHandler.js'
import {DeleteHandler} from './handlers/DeleteHandler.js'
import {validateHeader} from './validators/HeaderValidator.js'
import type {ServerOptions, RouteHandler, WithOptional} from './types.js'
import {MemoryLocker} from './lockers/index.js'
type Handlers = {
GET: InstanceType<typeof GetHandler>
HEAD: InstanceType<typeof HeadHandler>
OPTIONS: InstanceType<typeof OptionsHandler>
PATCH: InstanceType<typeof PatchHandler>
POST: InstanceType<typeof PostHandler>
DELETE: InstanceType<typeof DeleteHandler>
}
interface TusEvents {
[EVENTS.POST_CREATE]: (req: ServerRequest, upload: Upload, url: string) => void
[EVENTS.POST_RECEIVE]: (req: ServerRequest, upload: Upload) => void
[EVENTS.POST_FINISH]: (req: ServerRequest, res: Response, upload: Upload) => void
[EVENTS.POST_TERMINATE]: (req: ServerRequest, res: Response, id: string) => void
}
type on = EventEmitter['on']
type emit = EventEmitter['emit']
export declare interface Server {
on<Event extends keyof TusEvents>(event: Event, listener: TusEvents[Event]): this
on(eventName: Parameters<on>[0], listener: Parameters<on>[1]): this
emit<Event extends keyof TusEvents>(
event: Event,
listener: TusEvents[Event]
): ReturnType<emit>
emit(eventName: Parameters<emit>[0], listener: Parameters<emit>[1]): ReturnType<emit>
}
const log = debug('tus-node-server')
// biome-ignore lint/suspicious/noUnsafeDeclarationMerging: it's fine
export class Server extends EventEmitter {
datastore: DataStore
handlers: Handlers
options: ServerOptions
constructor(options: WithOptional<ServerOptions, 'locker'> & {datastore: DataStore}) {
super()
if (!options) {
throw new Error("'options' must be defined")
}
if (!options.path) {
throw new Error("'path' is not defined; must have a path")
}
if (!options.datastore) {
throw new Error("'datastore' is not defined; must have a datastore")
}
if (!options.locker) {
options.locker = new MemoryLocker()
}
if (!options.lockDrainTimeout) {
options.lockDrainTimeout = 3000
}
if (!options.postReceiveInterval) {
options.postReceiveInterval = 1000
}
const {datastore, ...rest} = options
this.options = rest as ServerOptions
this.datastore = datastore
this.handlers = {
// GET handlers should be written in the implementations
GET: new GetHandler(this.datastore, this.options),
// These methods are handled under the tus protocol
HEAD: new HeadHandler(this.datastore, this.options),
OPTIONS: new OptionsHandler(this.datastore, this.options),
PATCH: new PatchHandler(this.datastore, this.options),
POST: new PostHandler(this.datastore, this.options),
DELETE: new DeleteHandler(this.datastore, this.options),
}
// Any handlers assigned to this object with the method as the key
// will be used to respond to those requests. They get set/re-set
// when a datastore is assigned to the server.
// Remove any event listeners from each handler as they are removed
// from the server. This must come before adding a 'newListener' listener,
// to not add a 'removeListener' event listener to all request handlers.
this.on('removeListener', (event: string, listener) => {
this.datastore.removeListener(event, listener)
for (const method of REQUEST_METHODS) {
this.handlers[method].removeListener(event, listener)
}
})
// As event listeners are added to the server, make sure they are
// bubbled up from request handlers to fire on the server level.
this.on('newListener', (event: string, listener) => {
this.datastore.on(event, listener)
for (const method of REQUEST_METHODS) {
this.handlers[method].on(event, listener)
}
})
}
get(path: string, handler: RouteHandler) {
this.handlers.GET.registerPath(path, handler)
}
async handle(req: http.IncomingMessage, res: http.ServerResponse) {
return toNodeHandler(this.handler.bind(this))(req, res)
}
async handleWeb(req: Request) {
return this.handler(req)
}
private async handler(req: Request) {
const context = this.createContext()
const headers = new Headers()
// Special case on the Node.js runtime,
// We handle gracefully request errors such as disconnects or timeouts.
// This is important to avoid memory leaks and ensure that the server can
// handle subsequent requests without issues.
if ('node' in req && req.node) {
const nodeReq = (req.node as { req: http.IncomingMessage }).req
nodeReq.once('error', () => {
context.abort()
})
}
const onError = async (error: {
status_code?: number
body?: string
message: string
}) => {
let status_code = error.status_code || ERRORS.UNKNOWN_ERROR.status_code
let body = error.body || `${ERRORS.UNKNOWN_ERROR.body}${error.message || ''}\n`
if (this.options.onResponseError) {
const errorMapping = await this.options.onResponseError(req, error as Error)
if (errorMapping) {
status_code = errorMapping.status_code
body = errorMapping.body
}
}
return this.write(context, headers, status_code, body)
}
if (req.method === 'GET') {
const handler = this.handlers.GET
const res = await handler.send(req, context, headers).catch(onError)
context.abort()
return res
}
// The Tus-Resumable header MUST be included in every request and
// response except for OPTIONS requests. The value MUST be the version
// of the protocol used by the Client or the Server.
headers.set('Tus-Resumable', TUS_RESUMABLE)
if (req.method !== 'OPTIONS' && !req.headers.get('tus-resumable')) {
return this.write(context, headers, 412, 'Tus-Resumable Required\n')
}
// Validate all required headers to adhere to the tus protocol
const invalid_headers: string[] = []
for (const [name, value] of req.headers.entries()) {
if (req.method === 'OPTIONS') {
continue
}
// Content type is only checked for PATCH requests. For all other
// request methods it will be ignored and treated as no content type
// was set because some HTTP clients may enforce a default value for
// this header.
// See https://github.com/tus/tus-node-server/pull/116
if (name.toLowerCase() === 'content-type' && req.method !== 'PATCH') {
continue
}
if (!validateHeader(name, value)) {
log(`Invalid ${name} header: ${value}`)
invalid_headers.push(name)
}
}
if (invalid_headers.length > 0) {
return this.write(context, headers, 400, `Invalid ${invalid_headers.join(' ')}\n`)
}
// Enable CORS
headers.set(
'Access-Control-Allow-Origin',
this.getCorsOrigin(req.headers.get('origin'))
)
headers.set(
'Access-Control-Expose-Headers',
[...HEADERS, this.options.exposedHeaders ?? []].join(', ')
)
if (this.options.allowedCredentials === true) {
headers.set('Access-Control-Allow-Credentials', 'true')
}
// Invoke the handler for the method requested
const handler = this.handlers[req.method as keyof Handlers]
if (handler) {
const resp = await handler.send(req, context, headers).catch(onError)
if (context.signal.aborted) {
// If the request was aborted, we should not send any response body.
// The server should just close the connection.
return this.handleAbortedRequest(context, resp)
}
return resp
}
return this.write(context, headers, 404, 'Not found\n')
}
private getCorsOrigin(origin?: string | null): string {
const isOriginAllowed =
this.options.allowedOrigins?.some((allowedOrigin) => allowedOrigin === origin) ??
true
if (origin && isOriginAllowed) {
return origin
}
if (this.options.allowedOrigins && this.options.allowedOrigins.length > 0) {
return this.options.allowedOrigins[0]
}
return '*'
}
async write(context: CancellationContext, headers: Headers, status: number, body = '') {
const isAborted = context.signal.aborted
if (status !== 204) {
headers.set('Content-Length', String(Buffer.byteLength(body, 'utf8')))
}
if (isAborted) {
// This condition handles situations where the request has been flagged as aborted.
// In such cases, the server informs the client that the connection will be closed.
// This is communicated by setting the 'Connection' header to 'close' in the response.
// This step is essential to prevent the server from continuing to process a request
// that is no longer needed, thereby saving resources.
headers.set('Connection', 'close')
}
return new Response(body, {status, headers})
}
// biome-ignore lint/suspicious/noExplicitAny: <explanation>
listen(...args: any[]): http.Server {
return http.createServer(this.handle.bind(this)).listen(...args)
}
cleanUpExpiredUploads(): Promise<number> {
if (!this.datastore.hasExtension('expiration')) {
throw ERRORS.UNSUPPORTED_EXPIRATION_EXTENSION
}
return this.datastore.deleteExpired()
}
protected handleAbortedRequest(context: CancellationContext, resp: Response) {
const isAborted = context.signal.aborted
if (isAborted) {
// If the request was aborted, we should not send any response body.
// The server should just close the connection.
resp.headers.set('Connection', 'close')
return resp
}
return resp
}
protected createContext() {
// Initialize two AbortControllers:
// 1. `requestAbortController` for instant request termination, particularly useful for stopping clients to upload when errors occur.
// 2. `abortWithDelayController` to introduce a delay before aborting, allowing the server time to complete ongoing operations.
// This is particularly useful when a future request may need to acquire a lock currently held by this request.
const requestAbortController = new AbortController()
const abortWithDelayController = new AbortController()
const onDelayedAbort = (err: unknown) => {
setTimeout(() => {
requestAbortController.abort(err)
}, this.options.lockDrainTimeout)
}
abortWithDelayController.signal.addEventListener('abort', onDelayedAbort, {
once: true,
})
return {
signal: requestAbortController.signal,
abort: () => {
// abort the request immediately
if (!requestAbortController.signal.aborted) {
requestAbortController.abort(ERRORS.ABORTED)
}
},
cancel: () => {
// Initiates the delayed abort sequence unless it's already in progress.
if (!abortWithDelayController.signal.aborted) {
abortWithDelayController.abort(ERRORS.ABORTED)
}
},
}
}
}