const stream = fs.createReadStream(filePath); stream.pipe(res);
// ---- Helper: generate signed token (valid 1 hour) ---- function generateToken(fileId) const expires = Math.floor(Date.now() / 1000) + 3600; // epoch seconds const data = `$fileId:$expires`; const signature = crypto .createHmac('sha256', process.env.DOWNLOAD_SECRET) .update(data) .digest('hex'); return Buffer.from(`$data:$signature`).toString('base64url'); Tarzan -enlace de descarga normal-
module.exports = router, generateToken ; const stream = fs
// ---- Helper: validate token ---- function validateToken(token) try const decoded = Buffer.from(token, 'base64url').toString('utf8'); const [fileId, expires, signature] = decoded.split(':'); if (Date.now() / 1000 > Number(expires)) return null; // expired const stream = fs.createReadStream(filePath)
// ---- Rate limiting (5 downloads / minute per IP) ---- const downloadLimiter = rateLimit( windowMs: 60_000, max: 5, message: error: 'Too many download attempts, please try again later.' );
if (range) // Example: "bytes=0-1023" const [startStr, endStr] = range.replace(/bytes=/, '').split('-'); const start = parseInt(startStr, 10); const end = endStr ? parseInt(endStr, 10) : total - 1; const chunkSize = end - start + 1;
const PORT = process.env.PORT || 3000; app.listen(PORT, () => console.log(`🚀 Server listening on $PORT`));