bert.hausmans/event-uploader
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
bert.hausmans
2026-02-03 10:38:46 +01:00
commit eb304f4b14
144 changed files with 22605 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

71
api/app/Http/Controllers/Admin/EventsController.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Actions\Events\CreateEventAction;
use App\Actions\Events\UpdateEventAction;
use App\Http\Controllers\Controller;
use App\Http\Requests\Admin\StoreEventRequest;
use App\Http\Requests\Admin\UpdateEventRequest;
use App\Models\Event;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
class EventsController extends Controller
{
public function index(Request $request): JsonResponse
{
$events = Event::query()
->where('user_id', $request->user()->id)
->withCount('uploads')
->orderByDesc('created_at')
->paginate($request->input('per_page', 15));
return response()->json($events);
}
public function store(StoreEventRequest $request, CreateEventAction $action): JsonResponse
{
$event = $action->execute($request->validated(), $request->user());
return response()->json($event->loadCount('uploads'), 201);
}
public function show(Event $event, Request $request): JsonResponse
{
$this->authorizeEvent($event, $request);
return response()->json($event->loadCount('uploads'));
}
public function update(UpdateEventRequest $request, Event $event, UpdateEventAction $action): JsonResponse
{
$this->authorizeEvent($event, $request);
$event = $action->execute($event, $request->validated());
return response()->json($event->loadCount('uploads'));
}
public function destroy(Event $event, Request $request): JsonResponse
{
$this->authorizeEvent($event, $request);
$event->delete();
return response()->json(null, 204);
}
public function uploads(Event $event, Request $request): JsonResponse
{
$this->authorizeEvent($event, $request);
$uploads = $event->uploads()->orderByDesc('created_at')->paginate($request->input('per_page', 20));
return response()->json($uploads);
}
protected function authorizeEvent(Event $event, Request $request): void
{
if ($event->user_id !== $request->user()->id) {
abort(404);
}
}
}

103
api/app/Http/Controllers/Admin/GoogleDriveController.php Normal file
View File

@@ -0,0 +1,103 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\Services\GoogleDrive\GoogleDriveService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class GoogleDriveController extends Controller
{
public function __construct(
protected GoogleDriveService $googleDrive
) {}
public function authUrl(): JsonResponse
{
$url = $this->googleDrive->getAuthUrl();
return response()->json(['url' => $url]);
}
public function callback(Request $request): RedirectResponse
{
$frontendUrl = config('app.frontend_admin_url', 'http://localhost:5173');
$code = $request->query('code');
if (! $code) {
return redirect($frontendUrl.'?google_drive_error=missing_code');
}
$user = Auth::user();
if (! $user) {
return redirect($frontendUrl.'?google_drive_error=not_authenticated');
}
try {
$this->googleDrive->handleCallback($code, $user);
} catch (\Throwable $e) {
Log::error('Google Drive connection failed', [
'error' => $e->getMessage(),
'user_id' => $user->id,
]);
return redirect($frontendUrl.'?google_drive_error=connection_failed');
}
return redirect($frontendUrl.'?google_drive_connected=1');
}
public function status(): JsonResponse
{
$connection = Auth::user()?->googleDriveConnections()->first();
return response()->json([
'connected' => (bool) $connection,
'account_email' => $connection?->account_email,
]);
}
public function disconnect(): JsonResponse
{
Auth::user()?->googleDriveConnections()->delete();
return response()->json(['message' => 'Disconnected']);
}
public function sharedDrives(): JsonResponse
{
$drives = $this->googleDrive->listSharedDrives(Auth::user());
return response()->json(['data' => $drives]);
}
public function folders(Request $request): JsonResponse
{
$parentId = $request->query('parent_id');
$driveId = $request->query('drive_id');
$folders = $this->googleDrive->listFolders(Auth::user(), $parentId, $driveId);
return response()->json(['data' => $folders]);
}
public function createFolder(Request $request): JsonResponse
{
$request->validate([
'name' => ['required', 'string', 'max:255'],
'parent_id' => ['nullable', 'string'],
'drive_id' => ['nullable', 'string'],
]);
$folder = $this->googleDrive->createFolder(
Auth::user(),
$request->input('name'),
$request->input('parent_id'),
$request->input('drive_id')
);
return response()->json(['data' => $folder]);
}
}

55
api/app/Http/Controllers/Admin/UploadsController.php Normal file
View File

@@ -0,0 +1,55 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\Models\Upload;
use App\Services\GoogleDrive\GoogleDriveService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
class UploadsController extends Controller
{
public function show(Upload $upload, Request $request): JsonResponse
{
$this->authorizeUpload($upload, $request);
return response()->json($upload);
}
public function destroy(Upload $upload, Request $request, GoogleDriveService $googleDrive): JsonResponse
{
$this->authorizeUpload($upload, $request);
if ($upload->google_drive_file_id) {
try {
$googleDrive->deleteFile($request->user(), $upload->google_drive_file_id);
} catch (\Throwable) {
// Continue to delete record even if Drive delete fails
}
}
$upload->delete();
return response()->json(null, 204);
}
public function downloadUrl(Upload $upload, Request $request, GoogleDriveService $googleDrive): JsonResponse
{
$this->authorizeUpload($upload, $request);
if (! $upload->google_drive_file_id) {
return response()->json(['message' => 'File not yet available'], 404);
}
$url = $googleDrive->getFileLink($request->user(), $upload->google_drive_file_id);
return response()->json(['url' => $url]);
}
protected function authorizeUpload(Upload $upload, Request $request): void
{
if ($upload->event->user_id !== $request->user()->id) {
abort(404);
}
}
}

47
api/app/Http/Controllers/AuthController.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Validation\ValidationException;
class AuthController extends Controller
{
public function login(Request $request): JsonResponse
{
$request->validate([
'email' => ['required', 'string', 'email'],
'password' => ['required', 'string'],
'remember' => ['boolean'],
]);
if (! Auth::attempt(
$request->only('email', 'password'),
$request->boolean('remember')
)) {
throw ValidationException::withMessages([
'email' => [__('auth.failed')],
]);
}
$request->session()->regenerate();
return response()->json(['user' => Auth::user()]);
}
public function logout(Request $request): JsonResponse
{
Auth::guard('web')->logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return response()->json(['message' => 'Logged out']);
}
public function user(Request $request): JsonResponse
{
return response()->json($request->user());
}
}

8
api/app/Http/Controllers/Controller.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
namespace App\Http\Controllers;
abstract class Controller
{
//
}

183
api/app/Http/Controllers/Public/EventUploadController.php Normal file
View File

@@ -0,0 +1,183 @@
<?php
namespace App\Http\Controllers\Public;
use App\Http\Controllers\Controller;
use App\Http\Requests\Public\VerifyPasswordRequest;
use App\Jobs\ProcessEventUpload;
use App\Models\Event;
use App\Models\Upload;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Str;
class EventUploadController extends Controller
{
public function show(string $slug): JsonResponse
{
$event = Event::where('slug', $slug)->where('is_active', true)->firstOrFail();
return response()->json([
'name' => $event->name,
'description' => $event->description,
'slug' => $event->slug,
'is_active' => $event->is_active,
'upload_start_at' => $event->upload_start_at?->toIso8601String(),
'upload_end_at' => $event->upload_end_at?->toIso8601String(),
'max_file_size_mb' => $event->max_file_size_mb,
'allowed_extensions' => $event->allowed_extensions,
'require_password' => $event->require_password,
'has_password' => $event->has_password,
]);
}
public function verifyPassword(VerifyPasswordRequest $request, string $slug): JsonResponse
{
$event = Event::where('slug', $slug)->where('is_active', true)->firstOrFail();
if (! $event->require_password) {
return response()->json(['verified' => true]);
}
if (! Hash::check($request->password, $event->upload_password)) {
RateLimiter::hit('password-verify:'.$request->ip());
return response()->json(['message' => 'Invalid password'], 401);
}
return response()->json(['verified' => true]);
}
public function upload(Request $request, string $slug): JsonResponse
{
\Log::info('Upload request received', [
'slug' => $slug,
'has_file' => $request->hasFile('file'),
'files' => array_keys($request->allFiles()),
'content_length' => $request->header('Content-Length'),
]);
$event = Event::where('slug', $slug)->where('is_active', true)->firstOrFail();
if ($event->require_password) {
$password = $request->header('X-Upload-Password');
if (! $password || ! Hash::check($password, $event->upload_password)) {
return response()->json(['message' => 'Invalid or missing upload password'], 401);
}
}
$this->validateUploadWindow($event);
$request->validate([
'file' => ['required', 'file'],
]);
$file = $request->file('file');
\Log::info('File details', [
'original_name' => $file->getClientOriginalName(),
'size' => $file->getSize(),
'mime' => $file->getMimeType(),
'is_valid' => $file->isValid(),
'error' => $file->getError(),
'temp_path' => $file->getPathname(),
]);
$originalName = $file->getClientOriginalName();
$extension = strtolower($file->getClientOriginalExtension() ?: $file->guessExtension());
if (! in_array($extension, $event->allowed_extensions ?? [], true)) {
return response()->json([
'message' => 'File type not allowed. Allowed: '.implode(', ', $event->allowed_extensions),
], 422);
}
$maxBytes = $event->max_file_size_mb * 1024 * 1024;
if ($file->getSize() > $maxBytes) {
return response()->json([
'message' => 'File too large. Maximum size: '.$event->max_file_size_mb.' MB',
], 422);
}
// Ensure temp directory exists (local disk uses app/private/)
$tempDir = storage_path('app/private/uploads/temp');
if (! is_dir($tempDir)) {
mkdir($tempDir, 0755, true);
}
$storedName = Str::uuid().'.'.$extension;
try {
$tempPath = $file->storeAs('uploads/temp', $storedName, ['disk' => 'local']);
if ($tempPath === false || $tempPath === null) {
\Log::error('File storeAs returned false/null', [
'original_name' => $originalName,
'stored_name' => $storedName,
'temp_dir' => $tempDir,
'temp_dir_exists' => is_dir($tempDir),
'temp_dir_writable' => is_writable($tempDir),
]);
return response()->json(['message' => 'Failed to store file'], 500);
}
} catch (\Throwable $e) {
\Log::error('File storage exception', [
'error' => $e->getMessage(),
'original_name' => $originalName,
'stored_name' => $storedName,
]);
return response()->json(['message' => 'Failed to store file: '.$e->getMessage()], 500);
}
// Local disk stores in app/private/, so construct full path accordingly
$fullPath = storage_path('app/private/'.$tempPath);
\Log::info('File stored successfully', [
'temp_path' => $tempPath,
'full_path' => $fullPath,
'file_exists' => file_exists($fullPath),
]);
$upload = $event->uploads()->create([
'original_filename' => $originalName,
'stored_filename' => $storedName,
'file_size' => $file->getSize(),
'mime_type' => $file->getMimeType(),
'status' => 'pending',
'uploader_name' => $request->input('uploader_name'),
'uploader_email' => $request->input('uploader_email'),
]);
ProcessEventUpload::dispatch($upload, $fullPath);
return response()->json([
'upload_id' => $upload->id,
'status' => $upload->status,
], 201);
}
public function uploadStatus(string $slug, int $uploadId): JsonResponse
{
$event = Event::where('slug', $slug)->where('is_active', true)->firstOrFail();
$upload = $event->uploads()->findOrFail($uploadId);
return response()->json([
'id' => $upload->id,
'status' => $upload->status,
'error_message' => $upload->error_message,
'google_drive_web_link' => $upload->google_drive_web_link,
]);
}
protected function validateUploadWindow(Event $event): void
{
if ($event->upload_start_at && now()->isBefore($event->upload_start_at)) {
abort(422, 'Uploads are not yet open.');
}
if ($event->upload_end_at && now()->isAfter($event->upload_end_at)) {
abort(422, 'Upload window has closed.');
}
}
}

26
api/app/Http/Middleware/ThrottlePasswordVerification.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\RateLimiter;
use Symfony\Component\HttpFoundation\Response;
class ThrottlePasswordVerification
{
public function handle(Request $request, Closure $next): Response
{
$key = 'password-verify:'.$request->ip();
if (RateLimiter::tooManyAttempts($key, 5)) {
$seconds = RateLimiter::availableIn($key);
return response()->json([
'message' => "Too many attempts. Please try again in {$seconds} seconds.",
], 429);
}
return $next($request);
}
}

32
api/app/Http/Requests/Admin/StoreEventRequest.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
namespace App\Http\Requests\Admin;
use Illuminate\Foundation\Http\FormRequest;
class StoreEventRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
return [
'name' => ['required', 'string', 'max:255'],
'description' => ['nullable', 'string', 'max:5000'],
'slug' => ['nullable', 'string', 'max:100', 'unique:events,slug', 'regex:/^[a-z0-9]+(?:-[a-z0-9]+)*$/'],
'google_drive_folder_id' => ['nullable', 'string', 'max:255'],
'google_drive_folder_name' => ['nullable', 'string', 'max:255'],
'is_active' => ['boolean'],
'upload_start_at' => ['nullable', 'date'],
'upload_end_at' => ['nullable', 'date', 'after:upload_start_at'],
'max_file_size_mb' => ['integer', 'min:1', 'max:2000'],
'allowed_extensions' => ['array'],
'allowed_extensions.*' => ['string', 'in:mp4,mov,avi,mkv,webm,jpg,jpeg,png'],
'require_password' => ['boolean'],
'upload_password' => ['nullable', 'string', 'min:4', 'max:100'],
];
}
}

42
api/app/Http/Requests/Admin/UpdateEventRequest.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
namespace App\Http\Requests\Admin;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
class UpdateEventRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
$event = $this->route('event');
$eventId = $event?->id ?? $this->route('id');
return [
'name' => ['required', 'string', 'max:255'],
'description' => ['nullable', 'string', 'max:5000'],
'slug' => [
'nullable',
'string',
'max:100',
'regex:/^[a-z0-9]+(?:-[a-z0-9]+)*$/',
Rule::unique('events', 'slug')->ignore($eventId),
],
'google_drive_folder_id' => ['nullable', 'string', 'max:255'],
'google_drive_folder_name' => ['nullable', 'string', 'max:255'],
'is_active' => ['boolean'],
'upload_start_at' => ['nullable', 'date'],
'upload_end_at' => ['nullable', 'date', 'after:upload_start_at'],
'max_file_size_mb' => ['integer', 'min:1', 'max:2000'],
'allowed_extensions' => ['array'],
'allowed_extensions.*' => ['string', 'in:mp4,mov,avi,mkv,webm,jpg,jpeg,png'],
'require_password' => ['boolean'],
'upload_password' => ['nullable', 'string', 'min:4', 'max:100'],
];
}
}

20
api/app/Http/Requests/Public/VerifyPasswordRequest.php Normal file
View File

@@ -0,0 +1,20 @@
<?php
namespace App\Http\Requests\Public;
use Illuminate\Foundation\Http\FormRequest;
class VerifyPasswordRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
return [
'password' => ['required', 'string'],
];
}
}