stop user for too large file, rivernews/iriversland2-api#16

src/app/services/api.service.ts

@@ -16,16 +16,16 @@ export class ApiService {
     static TIMEOUT_GET: number = 20000;
 
     // http options used for making API calls
-    private httpOptions: any;
+    // private httpOptions: any;
 
     constructor(
         private http: HttpClient,
     ) {
-        this.httpOptions = {
-            headers: new HttpHeaders({
-                'Content-Type': 'application/json',
-            })
-        };
+        // this.httpOptions = {
+        //     headers: new HttpHeaders({
+        //         'Content-Type': 'application/json',
+        //     })
+        // };
     }
 
     public getApiBaseUrl() {
@@ -72,6 +72,7 @@ export class ApiService {
                 'Authorization': (token) ? 'JWT ' + token : '',
             }),
             params: (params) ? params : {},
+            withCredentials: true
         })
         .pipe(
             timeout(ApiService.TIMEOUT_GET),
@@ -86,7 +87,8 @@ export class ApiService {
             headers: new HttpHeaders({
                 'Content-Type': 'application/json',
                 'Authorization': (token) ? 'JWT ' + token : '',
-            })
+            }),
+            withCredentials: true
         });
         if (this.DEBUG) console.log('POST:', queryUrl, token, formData, httpOptions);
         return this.http.post(queryUrl,
@@ -102,7 +104,8 @@ export class ApiService {
             headers: new HttpHeaders({
                 'Content-Type': 'application/json',
                 'Authorization': (token) ? 'JWT ' + token : '',
-            })
+            }),
+            withCredentials: true
         });
         if (this.DEBUG) console.log('PUT:', queryUrl, token, formData, httpOptions);
         return this.http.put(queryUrl,
@@ -117,7 +120,8 @@ export class ApiService {
             headers: new HttpHeaders({
                 'Content-Type': 'application/json',
                 'Authorization': (token) ? 'JWT ' + token : '',
-            })
+            }),
+            withCredentials: true
         };
         if (this.DEBUG) console.log('PATCH:', queryUrl, token, data, httpOptions);
         return this.http.patch(queryUrl,
@@ -132,7 +136,8 @@ export class ApiService {
             headers: new HttpHeaders({
                 'Content-Type': 'application/json',
                 'Authorization': (token) ? 'JWT ' + token : '',
-            })
+            }),
+            withCredentials: true
         };
         if (this.DEBUG) console.log('DELETE:', queryUrl, token, httpOptions);
         return this.http.delete(queryUrl,
@@ -145,7 +150,8 @@ export class ApiService {
         let httpOptions = {
             headers: new HttpHeaders({
                 'Authorization': (token) ? 'JWT ' + token : '',
-            })
+            }),
+            withCredentials: true
         };
         if (this.DEBUG) console.log('POST FILE:', queryUrl, token, httpOptions);        
         return this.http.post(queryUrl,

src/app/services/upload-adapter.ts

@@ -48,6 +48,15 @@ export class UploadAdapter {
     getUploadedFileUrl() {
         this.barService.popUpMessage("Uploading...", 0);
         return new Promise( (resolve, reject) => {
+            /** Check file size limit to 1M */
+            const fileSizeMB = this.loader.file.size/1024/1024;
+            if (fileSizeMB > 1.0) {
+                const errorMessage = `🛑 File size limit is 1MB, but file size too large: ${+fileSizeMB.toFixed(3)}MB.`;
+                console.error(errorMessage);
+                // reject will already trigger `alert`, which is the behavior of the ckeditor uploader; so we will not make another `popUpMessage`
+                reject(errorMessage + `...reject`);
+                return;
+            }
 
             /** Prepare form data for file upload */
             let uploadFileForm = new FormData();