|
|
@@ -7,6 +7,7 @@ using Microsoft.Extensions.Options;
|
|
|
|
using Microsoft.Net.Http.Headers;
|
|
|
|
using Microsoft.Net.Http.Headers;
|
|
|
|
using Swashbuckle.AspNetCore.Annotations;
|
|
|
|
using Swashbuckle.AspNetCore.Annotations;
|
|
|
|
using Common.Responses;
|
|
|
|
using Common.Responses;
|
|
|
|
|
|
|
|
using Microsoft.AspNetCore.RateLimiting;
|
|
|
|
|
|
|
|
|
|
|
|
namespace Api.Controllers
|
|
|
|
namespace Api.Controllers
|
|
|
|
{
|
|
|
|
{
|
|
|
@@ -17,38 +18,44 @@ namespace Api.Controllers
|
|
|
|
[ApiController]
|
|
|
|
[ApiController]
|
|
|
|
[Route("api/[controller]")]
|
|
|
|
[Route("api/[controller]")]
|
|
|
|
[EnableCors("FrontendOnly")]
|
|
|
|
[EnableCors("FrontendOnly")]
|
|
|
|
|
|
|
|
[EnableRateLimiting("download")]
|
|
|
|
public sealed class FileDownloadController : ControllerBase
|
|
|
|
public sealed class FileDownloadController : ControllerBase
|
|
|
|
{
|
|
|
|
{
|
|
|
|
private readonly ILogger<FileDownloadController> _logger;
|
|
|
|
private readonly ILogger<FileDownloadController> _logger;
|
|
|
|
private readonly FileStorageSettings _fileStorageSettings;
|
|
|
|
private readonly FileStorageSettings _fileStorageSettings;
|
|
|
|
private readonly IContentTypeProvider _contentTypeProvider;
|
|
|
|
private readonly IContentTypeProvider _contentTypeProvider;
|
|
|
|
private readonly IEmailSender _emailSender;
|
|
|
|
private readonly IEmailSender _emailSender;
|
|
|
|
private const int BufferSize = 81920; // 80 KB buffer for optimal streaming performance
|
|
|
|
private readonly ICaptchaVerifier _captcha;
|
|
|
|
|
|
|
|
private const int BufferSize = 81920;
|
|
|
|
|
|
|
|
|
|
|
|
public FileDownloadController(
|
|
|
|
public FileDownloadController(
|
|
|
|
ILogger<FileDownloadController> logger,
|
|
|
|
ILogger<FileDownloadController> logger,
|
|
|
|
IOptions<FileStorageSettings> fileStorageSettings,
|
|
|
|
IOptions<FileStorageSettings> fileStorageSettings,
|
|
|
|
IContentTypeProvider contentTypeProvider,
|
|
|
|
IContentTypeProvider contentTypeProvider,
|
|
|
|
IEmailSender emailSender)
|
|
|
|
IEmailSender emailSender,
|
|
|
|
|
|
|
|
ICaptchaVerifier captcha)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
_logger = logger;
|
|
|
|
_logger = logger;
|
|
|
|
_fileStorageSettings = fileStorageSettings.Value;
|
|
|
|
_fileStorageSettings = fileStorageSettings.Value;
|
|
|
|
_contentTypeProvider = contentTypeProvider;
|
|
|
|
_contentTypeProvider = contentTypeProvider;
|
|
|
|
_emailSender = emailSender;
|
|
|
|
_emailSender = emailSender;
|
|
|
|
|
|
|
|
_captcha = captcha;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
/// <summary>
|
|
|
|
/// Downloads a file with support for resume (range requests) and chunked transfer.
|
|
|
|
/// Downloads a file with support for resume (range requests) and chunked transfer.
|
|
|
|
/// Supports HTTP 206 Partial Content for efficient downloads and resume capability.
|
|
|
|
/// Supports HTTP 206 Partial Content for efficient downloads and resume capability.
|
|
|
|
|
|
|
|
/// Requires a valid reCAPTCHA v3 token on the initial (non-range) request.
|
|
|
|
/// Sends email notification when download starts.
|
|
|
|
/// Sends email notification when download starts.
|
|
|
|
/// </summary>
|
|
|
|
/// </summary>
|
|
|
|
/// <param name="fileName">The name of the file to download (optional - uses default from settings if not provided)</param>
|
|
|
|
/// <param name="fileName">The name of the file to download (optional - uses default from settings if not provided).</param>
|
|
|
|
|
|
|
|
/// <param name="captchaToken">reCAPTCHA v3 token — required on the initial download request; omit on subsequent range requests.</param>
|
|
|
|
/// <returns>File stream with appropriate headers for resumable downloads</returns>
|
|
|
|
/// <returns>File stream with appropriate headers for resumable downloads</returns>
|
|
|
|
[HttpGet("{fileName?}")]
|
|
|
|
[HttpGet("{fileName?}")]
|
|
|
|
[SwaggerOperation(Summary = "Download file", Description = "Downloads a file with support for full and ranged (resumable) transfers.")]
|
|
|
|
[SwaggerOperation(Summary = "Download file", Description = "Downloads a file. Requires a reCAPTCHA v3 token on the initial request. Range requests for resume do not require a token.")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status200OK, "Full file content returned")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status200OK, "Full file content returned")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status206PartialContent, "Partial file content returned for a range request")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status206PartialContent, "Partial file content returned for a range request")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status400BadRequest, "No file name provided and no default configured")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status400BadRequest, "Missing/invalid captcha token, no file name, or no default configured")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status404NotFound, "Requested file was not found")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status404NotFound, "Requested file was not found")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status416RangeNotSatisfiable, "Requested byte range is invalid")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status416RangeNotSatisfiable, "Requested byte range is invalid")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status500InternalServerError, "Unexpected server error while downloading")]
|
|
|
|
[SwaggerResponse(StatusCodes.Status500InternalServerError, "Unexpected server error while downloading")]
|
|
|
@@ -58,10 +65,29 @@ namespace Api.Controllers
|
|
|
|
[ProducesResponseType(typeof(ErrorResponse), StatusCodes.Status404NotFound)]
|
|
|
|
[ProducesResponseType(typeof(ErrorResponse), StatusCodes.Status404NotFound)]
|
|
|
|
[ProducesResponseType(StatusCodes.Status416RangeNotSatisfiable)]
|
|
|
|
[ProducesResponseType(StatusCodes.Status416RangeNotSatisfiable)]
|
|
|
|
[ProducesResponseType(typeof(ErrorResponse), StatusCodes.Status500InternalServerError)]
|
|
|
|
[ProducesResponseType(typeof(ErrorResponse), StatusCodes.Status500InternalServerError)]
|
|
|
|
public async Task<IActionResult> DownloadFile(string? fileName = null)
|
|
|
|
public async Task<IActionResult> DownloadFile(string? fileName = null, [FromQuery] string? captchaToken = null)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
try
|
|
|
|
try
|
|
|
|
{
|
|
|
|
{
|
|
|
|
|
|
|
|
// Captcha required on the initial (full) download only — range requests are resume continuations.
|
|
|
|
|
|
|
|
var isRangeRequest = !string.IsNullOrEmpty(Request.Headers[HeaderNames.Range].ToString());
|
|
|
|
|
|
|
|
if (!isRangeRequest)
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
if (string.IsNullOrWhiteSpace(captchaToken))
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
_logger.LogWarning("Download attempt without captcha token from IP={IP}", HttpContext.Connection.RemoteIpAddress);
|
|
|
|
|
|
|
|
return BadRequest(new ErrorResponse { Error = "Captcha token is required.", Code = "captcha_token_missing" });
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var userIp = HttpContext.Connection.RemoteIpAddress?.ToString();
|
|
|
|
|
|
|
|
var verdict = await _captcha.VerifyAsync(captchaToken, userIp, "file_download", CancellationToken.None);
|
|
|
|
|
|
|
|
if (!verdict.Success)
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
_logger.LogWarning("Download blocked by captcha. IP={IP} Score={Score}", userIp, verdict.Score);
|
|
|
|
|
|
|
|
return BadRequest(new ErrorResponse { Error = "Captcha verification failed.", Code = "captcha_verification_failed" });
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (string.IsNullOrWhiteSpace(fileName))
|
|
|
|
if (string.IsNullOrWhiteSpace(fileName))
|
|
|
|
{
|
|
|
|
{
|
|
|
|
fileName = _fileStorageSettings.DefaultFileName;
|
|
|
|
fileName = _fileStorageSettings.DefaultFileName;
|
|
|
|