diff options
| author | Simon Bartlett <simon@securitycompass.com> | 2015-01-24 20:49:43 -0500 |
|---|---|---|
| committer | Simon Bartlett <simon@securitycompass.com> | 2015-01-24 20:49:43 -0500 |
| commit | 7dc984b2c2305ff3933a46f41df95c6242bce77c (patch) | |
| tree | ceea1aa42d3508ab3898e559b158d9201de5b858 /app/core/files.js | |
| parent | bd26e35b4f0889d13223e1266596207e18c7f91a (diff) | |
| download | lets-chat-7dc984b2c2305ff3933a46f41df95c6242bce77c.zip lets-chat-7dc984b2c2305ff3933a46f41df95c6242bce77c.tar.gz lets-chat-7dc984b2c2305ff3933a46f41df95c6242bce77c.tar.bz2 | |
Use multer middleware instead of bodyParser.
Only use it for the upload endpoints.
Limit each request to 1 file upload.
Diffstat (limited to 'app/core/files.js')
| -rw-r--r-- | app/core/files.js | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/app/core/files.js b/app/core/files.js index 5565a19..1c4dd75 100644 --- a/app/core/files.js +++ b/app/core/files.js @@ -25,8 +25,9 @@ FileManager.prototype.create = function(options, cb) { if (settings.allowed_file_types && settings.allowed_file_types.length && - !_.include(settings.allowed_file_types, options.file.type)) { - return cb('The MIME type ' + options.file.type + ' is not allowed'); + !_.include(settings.allowed_file_types, options.file.mimetype)) { + return cb('The MIME type ' + options.file.mimetype + + ' is not allowed'); } Room.findById(options.room, function(err, room) { @@ -37,11 +38,11 @@ FileManager.prototype.create = function(options, cb) { if (room.archived) { return cb('Room is archived.'); } - + new File({ owner: options.owner, - name: options.file.name, - type: options.file.type, + name: options.file.originalname, + type: options.file.mimetype, size: options.file.size, room: options.room }).save(function(err, savedFile) { |