foxerBN/crm-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: Extract shared multer/upload config from routes

Browse Source 
Create src/config/upload.js with createUpload() factory and shared
ALLOWED_FILE_TYPES constant. Replace duplicated multer configs in 5
route files with calls to the shared factory.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
richardtekula
2026-01-28 07:21:35 +01:00
parent 01ce2fc7ad
commit f463467264
6 changed files with 86 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
src/routes/ai-kurzy.routes.js
View File

@@ -1,57 +1,19 @@
import express from 'express';
import multer from 'multer';
import path from 'path';
import fs from 'fs';
import * as aiKurzyController from '../controllers/ai-kurzy.controller.js';
import { authenticate } from '../middlewares/auth/authMiddleware.js';
import { requireAdmin } from '../middlewares/auth/roleMiddleware.js';
import { validateBody, validateParams, validateQuery } from '../middlewares/security/validateInput.js';
import { z } from 'zod';
import { createUpload, ALLOWED_FILE_TYPES } from '../config/upload.js';
const router = express.Router();
// Configure multer for file uploads
const uploadsDir = path.join(process.cwd(), 'uploads', 'ai-kurzy');
if (!fs.existsSync(uploadsDir)) {
fs.mkdirSync(uploadsDir, { recursive: true });
}
const ALLOWED_FILE_TYPES = [
'application/pdf',
'application/msword',
'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
'application/vnd.ms-excel',
'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
'image/jpeg',
'image/png',
'image/gif',
'image/webp',
'text/plain',
'text/csv',
];
const storage = multer.diskStorage({
destination: (req, file, cb) => {
cb(null, uploadsDir);
},
filename: (req, file, cb) => {
// Sanitize filename to prevent path traversal
const sanitized = path.basename(file.originalname).replace(/[^a-zA-Z0-9._-]/g, '_');
const uniqueSuffix = Date.now() + '-' + Math.round(Math.random() * 1E9);
cb(null, uniqueSuffix + '-' + sanitized);
}
});
const upload = multer({
storage,
limits: { fileSize: 10 * 1024 * 1024 }, // 10MB max
fileFilter: (req, file, cb) => {
if (ALLOWED_FILE_TYPES.includes(file.mimetype)) {
cb(null, true);
} else {
cb(new Error('Nepovolený typ súboru. Povolené: PDF, Word, Excel, obrázky, CSV, TXT.'));
}
},
const upload = createUpload({
maxSizeMB: 10,
allowedTypes: ALLOWED_FILE_TYPES,
errorMessage: 'Nepovolený typ súboru. Povolené: PDF, Word, Excel, obrázky, CSV, TXT.',
diskPath: path.join(process.cwd(), 'uploads', 'ai-kurzy'),
});
// Validation schemas