48 lines
1.5 KiB
TypeScript
48 lines
1.5 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import path from 'node:path';
|
|
import fs from 'node:fs/promises';
|
|
|
|
const BASE_DIR = '/app/files';
|
|
|
|
export async function GET(req: Request) {
|
|
try {
|
|
const url = new URL(req.url);
|
|
const raw = url.searchParams.get('path');
|
|
if (!raw) {
|
|
return NextResponse.json({ error: 'Missing path' }, { status: 400 });
|
|
}
|
|
const safe = path.normalize('/' + raw).replace(/^\/+/, '/');
|
|
const target = path.resolve(BASE_DIR, '.' + safe);
|
|
|
|
if (!target.startsWith(BASE_DIR)) {
|
|
return NextResponse.json({ error: 'Invalid path' }, { status: 400 });
|
|
}
|
|
|
|
const st = await fs.stat(target).catch(() => null);
|
|
if (!st || !st.isFile()) {
|
|
return NextResponse.json({ error: 'Not a file' }, { status: 400 });
|
|
}
|
|
|
|
const data = await fs.readFile(target);
|
|
// naive content-type guess
|
|
const ext = path.extname(target).toLowerCase();
|
|
const ctype =
|
|
ext === '.pdf' ? 'application/pdf' :
|
|
ext === '.png' ? 'image/png' :
|
|
ext === '.jpg' || ext === '.jpeg' ? 'image/jpeg' :
|
|
ext === '.webp' ? 'image/webp' :
|
|
ext === '.txt' ? 'text/plain; charset=utf-8' :
|
|
'application/octet-stream';
|
|
|
|
return new Response(data, {
|
|
headers: {
|
|
'Content-Type': ctype,
|
|
'Content-Length': String(data.byteLength),
|
|
'Content-Disposition': `inline; filename="${path.basename(target)}"`,
|
|
'Cache-Control': 'no-store',
|
|
}
|
|
});
|
|
} catch (e: any) {
|
|
return NextResponse.json({ error: e?.message ?? 'Unknown error' }, { status: 500 });
|
|
}
|
|
}
|