npm - @base44-preview/cli - Versions diffs - 0.0.40-pr.388.e82c3e8 → 0.0.41-pr.379.099a4e6 - Mend

@base44-preview/cli 0.0.40-pr.388.e82c3e8 → 0.0.41-pr.379.099a4e6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/cli/index.js CHANGED Viewed

@@ -231453,7 +231453,7 @@ import { join as join7 } from "node:path";
 // package.json
 var package_default = {
   name: "base44",
-  version: "0.0.40",
+  version: "0.0.41",
   description: "Base44 CLI - Unified interface for managing Base44 applications",
   type: "module",
   bin: {
@@ -241845,13 +241845,19 @@ function createEntityRoutes(db2, logger, remoteProxy, broadcast) {
 // src/cli/dev/dev-server/routes/integrations.ts
 var import_express3 = __toESM(require_express(), 1);
 var import_multer = __toESM(require_multer(), 1);
-import { randomUUID as randomUUID4 } from "node:crypto";
+import { createHash, randomUUID as randomUUID4 } from "node:crypto";
 import fs28 from "node:fs";
 import path18 from "node:path";
+function createFileToken(fileUri) {
+  return createHash("sha256").update(fileUri).digest("hex");
+}
 function createIntegrationRoutes(mediaFilesDir, baseUrl, remoteProxy, logger) {
   const router = import_express3.Router({ mergeParams: true });
   const parseBody = import_express3.json();
+  const privateFilesDir = path18.join(mediaFilesDir, "private");
   fs28.mkdirSync(mediaFilesDir, { recursive: true });
+  fs28.mkdirSync(privateFilesDir, { recursive: true });
+  const MAX_FILE_SIZE = 50 * 1024 * 1024;
   const storage = import_multer.default.diskStorage({
     destination: mediaFilesDir,
     filename: (_req, file2, cb2) => {
@@ -241859,8 +241865,18 @@ function createIntegrationRoutes(mediaFilesDir, baseUrl, remoteProxy, logger) {
       cb2(null, `${randomUUID4()}${ext}`);
     }
   });
-  const MAX_FILE_SIZE = 50 * 1024 * 1024;
+  const privateStorage = import_multer.default.diskStorage({
+    destination: privateFilesDir,
+    filename: (_req, file2, cb2) => {
+      const ext = path18.extname(file2.originalname);
+      cb2(null, `${randomUUID4()}${ext}`);
+    }
+  });
   const upload = import_multer.default({ storage, limits: { fileSize: MAX_FILE_SIZE } });
+  const privateUpload = import_multer.default({
+    storage: privateStorage,
+    limits: { fileSize: MAX_FILE_SIZE }
+  });
   router.post("/Core/UploadFile", upload.single("file"), (req, res) => {
     if (!req.file) {
       res.status(400).json({ error: "No file uploaded" });
@@ -241869,7 +241885,7 @@ function createIntegrationRoutes(mediaFilesDir, baseUrl, remoteProxy, logger) {
     const file_url = `${baseUrl}/media/${req.file.filename}`;
     res.json({ file_url });
   });
-  router.post("/Core/UploadPrivateFile", upload.single("file"), (req, res) => {
+  router.post("/Core/UploadPrivateFile", privateUpload.single("file"), (req, res) => {
     if (!req.file) {
       res.status(400).json({ error: "No file uploaded" });
       return;
@@ -241883,8 +241899,8 @@ function createIntegrationRoutes(mediaFilesDir, baseUrl, remoteProxy, logger) {
       res.status(400).json({ error: "file_uri is required" });
       return;
     }
-    const signature = randomUUID4();
-    const signed_url = `${baseUrl}/media/${file_uri}?signature=${signature}`;
+    const token2 = createFileToken(file_uri);
+    const signed_url = `${baseUrl}/media/private/${file_uri}?token=${token2}`;
     res.json({ signed_url });
   });
   router.post("/Core/:endpointName", (req, res, next) => {
@@ -243653,6 +243669,24 @@ async function createDevServer(options8) {
   const entityRoutes = createEntityRoutes(db2, devLogger, remoteProxy, (...args) => emitEntityEvent(...args));
   app.use("/api/apps/:appId/entities", entityRoutes);
   const { path: mediaFilesDir } = await $dir();
+  app.use("/media/private/:fileUri", (req, res, next) => {
+    const { fileUri } = req.params;
+    const token2 = req.query.token;
+    if (!token2) {
+      res.status(401).json({ error: "Missing token" });
+      return;
+    }
+    const expectedToken = createFileToken(fileUri);
+    if (token2 !== expectedToken) {
+      res.status(400).json({
+        error: "InvalidJWT",
+        message: "signature verification failed",
+        statusCode: "400"
+      });
+      return;
+    }
+    next();
+  });
   app.use("/media", import_express4.default.static(mediaFilesDir));
   const integrationRoutes = createIntegrationRoutes(mediaFilesDir, baseUrl, remoteProxy, devLogger);
   app.use("/api/apps/:appId/integration-endpoints", integrationRoutes);
@@ -248103,4 +248137,4 @@ export {
   CLIExitError
 };
-//# debugId=B1A9A7CE6BA5120664756E2164756E21
+//# debugId=E2A1C79322A8941664756E2164756E21