From e6b7711b3dfeac5ceedca2eeb9598e121cfae1fc Mon Sep 17 00:00:00 2001
From: Dimitrie Stefanescu <didimitrie@gmail.com>
Date: Fri, 8 Oct 2021 11:46:11 +0100
Subject: [PATCH] feat(ifc/frontend/backend): re #426, adds authorised download
 button for original files

---
 .../src/components/FileProcessingItem.vue     | 25 +++++++++++++++++--
 packages/server/modules/fileuploads/index.js  |  4 ++-
 packages/server/modules/shared/index.js       |  5 ++--
 3 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/packages/frontend/src/components/FileProcessingItem.vue b/packages/frontend/src/components/FileProcessingItem.vue
index d4c22a718..c81d304c6 100644
--- a/packages/frontend/src/components/FileProcessingItem.vue
+++ b/packages/frontend/src/components/FileProcessingItem.vue
@@ -2,7 +2,10 @@
   <v-card class="my-4 elevation-1" :loading="$apollo.loading">
     <div v-if="!$apollo.loading && file">
       <v-toolbar dense flat color="transparent">
-        <v-app-bar-nav-icon>
+        <v-app-bar-nav-icon
+          v-tooltip="`Download the original file`"
+          @click="downloadOriginalFile()"
+        >
           <v-icon>mdi-download</v-icon>
         </v-app-bar-nav-icon>
         <v-toolbar-title>
@@ -104,6 +107,24 @@ export default {
   mounted() {
     this.$apollo.queries.file.startPolling(1000)
   },
-  methods: {}
+  methods: {
+    async downloadOriginalFile() {
+      let res = await fetch(`/api/file/${this.fileId}`, {
+        headers: {
+          Authorization: localStorage.getItem('AuthToken')
+        }
+      })
+      let blob = await res.blob()
+      let file = window.URL.createObjectURL(blob)
+
+      let a = document.createElement('a')
+      document.body.appendChild(a)
+      a.style = 'display: none'
+      a.href = file
+      a.download = this.file.fileName
+      a.click()
+      window.URL.revokeObjectURL(file)
+    }
+  }
 }
 </script>
diff --git a/packages/server/modules/fileuploads/index.js b/packages/server/modules/fileuploads/index.js
index b5aa50ac9..1a48f9f8b 100644
--- a/packages/server/modules/fileuploads/index.js
+++ b/packages/server/modules/fileuploads/index.js
@@ -53,7 +53,9 @@ exports.init = async ( app, options ) => {
     if ( process.env.DISABLE_FILE_UPLOADS ) {
       return res.status( 503 ).send( 'File uploads are disabled on this server' )
     }
+
     let fileInfo = await getFileInfo( { fileId: req.params.fileId } )
+
     if ( !fileInfo )
       return res.status( 404 ).send( 'File not found' )
 
@@ -85,7 +87,7 @@ exports.init = async ( app, options ) => {
 
     let fileStream = await getFileStream( { fileId: req.params.fileId } )
 
-    res.writeHead( 200, { 'Content-Type': 'application/octet-stream', 'Content-Disposition': 'attachment' } )
+    res.writeHead( 200, { 'Content-Type': 'application/octet-stream', 'Content-Disposition': `attachment; filename="${fileInfo.fileName}"`,  } )
 
     fileStream.pipe( res )
   } ),
diff --git a/packages/server/modules/shared/index.js b/packages/server/modules/shared/index.js
index cab2cfcc7..ddeebfcfe 100644
--- a/packages/server/modules/shared/index.js
+++ b/packages/server/modules/shared/index.js
@@ -21,10 +21,9 @@ async function contextApiTokenHelper( { req, res, connection } ) {
 
   if ( connection && connection.context.token ) { // Websockets (subscriptions)
     token = connection.context.token
-  } else if ( req && req.headers.authorization ) { // Standard http
+  } else if ( req && req.headers.authorization ) { // Standard http post
     token = req.headers.authorization
-  }
-
+  } 
   if ( token && token.includes( 'Bearer ' ) ) {
     token = token.split( ' ' )[ 1 ]
   }