fix: long uploads

2024-06-18 16:01:23 +01:00 · 2024-06-18 16:01:23 +01:00 · 79338256df
commit 79338256df
parent d18bb4d8a8
3 changed files with 14 additions and 8 deletions
--- a/config.toml
+++ b/config.toml
@ -8,7 +8,7 @@ database = "mysql://root:root@localhost:3366/void_cat"
 storage_dir = "./data"

 # Maximum support filesize for uploading
-max_upload_bytes = 104857600
+max_upload_bytes = 5e+9

 # Public facing url
 public_url = "http://localhost:8000"
--- a/src/auth/nip98.rs
+++ b/src/auth/nip98.rs
@ -1,6 +1,3 @@
-use std::ops::Sub;
-use std::time::Duration;
-
 use base64::Engine;
 use base64::prelude::BASE64_STANDARD;
 use log::info;
@ -42,9 +39,6 @@ impl<'r> FromRequest<'r> for Nip98Auth {
                        "Created timestamp is in the future",
                    ));
                }
-                if event.created_at < Timestamp::now().sub(Duration::from_secs(60)) {
-                    return Outcome::Error((Status::new(401), "Created timestamp is too old"));
-                }

                // check url tag
                if let Some(url) = event.tags.iter().find_map(|t| {
--- a/src/routes/nip96.rs
+++ b/src/routes/nip96.rs
@ -1,8 +1,12 @@
 use std::collections::HashMap;
 use std::fs;
+use std::ops::Sub;
+use std::time::Duration;

 use log::error;
+use nostr::Timestamp;
 use rocket::{FromForm, Responder, Route, routes, State};
+use rocket::data::ToByteUnit;
 use rocket::form::Form;
 use rocket::fs::TempFile;
 use rocket::serde::json::Json;
@ -123,6 +127,7 @@ impl Nip96UploadResult {
            ],
            vec!["x".to_string(), hex_id],
            vec!["m".to_string(), upload.mime_type.clone()],
+            vec!["size".to_string(), upload.size.to_string()],
        ];
        if let Some(bh) = &upload.blur_hash {
            tags.push(vec!["blurhash".to_string(), bh.clone()]);
@ -231,7 +236,14 @@ async fn upload(
    if form.alt.is_some() {
        return Nip96Response::error("\"alt\" is not supported");
    }
-    
+
+    // account for upload speeds as slow as 1MB/s (8 Mbps)
+    let mbs = form.size / 1.megabytes().as_u64() as usize;
+    let max_time = 60.max(mbs) as u64;
+    if auth.event.created_at < Timestamp::now().sub(Duration::from_secs(max_time)) {
+        return Nip96Response::error("Auth event timestamp out of range");
+    }
+
    // check whitelist
    if let Some(wl) = &settings.whitelist {
        if !wl.contains(&auth.event.pubkey.to_hex()) {