deploy

server/src/routes/api/admin-products.js

@@ -1,4 +1,9 @@
 import { prisma } from '../../lib/prisma.js'
+import {
+  formatFileTooLargeMessage,
+  getProductImageMaxFileBytes,
+  isMultipartFileTooLargeError,
+} from '../../lib/upload-limits.js'
 import { persistMultipartImages } from '../../lib/upload-images.js'
 
 export async function registerAdminProductRoutes(
@@ -22,14 +27,21 @@ export async function registerAdminProductRoutes(
     { preHandler: [fastify.verifyAdmin] },
     async (request, reply) => {
       try {
-        const urls = await persistMultipartImages(request, { maxFiles: 10 })
+        const urls = await persistMultipartImages(request, {
+          maxFiles: 10,
+          maxFileBytes: getProductImageMaxFileBytes(),
+        })
         return { urls }
       } catch (error) {
-        const message = error instanceof Error ? error.message : 'Не удалось загрузить файлы'
-        const statusCode =
+        let message = error instanceof Error ? error.message : 'Не удалось загрузить файлы'
+        let statusCode =
           error && typeof error === 'object' && 'statusCode' in error && Number.isInteger(error.statusCode)
             ? Number(error.statusCode)
             : 400
+        if (isMultipartFileTooLargeError(error)) {
+          message = formatFileTooLargeMessage(getProductImageMaxFileBytes())
+          statusCode = 413
+        }
         return reply.code(statusCode).send({ error: message })
       }
     },

server/src/routes/api/public-reviews.js

@@ -1,5 +1,10 @@
 import { publicReviewAuthorDisplay } from '../../lib/review-display.js'
 import { prisma } from '../../lib/prisma.js'
+import {
+  formatFileTooLargeMessage,
+  getOtherUploadMaxFileBytes,
+  isMultipartFileTooLargeError,
+} from '../../lib/upload-limits.js'
 import { persistMultipartImages } from '../../lib/upload-images.js'
 
 export async function registerPublicReviewRoutes(fastify) {
@@ -8,15 +13,22 @@ export async function registerPublicReviewRoutes(fastify) {
     { preHandler: [fastify.authenticate] },
     async (request, reply) => {
       try {
-        const urls = await persistMultipartImages(request, { maxFiles: 1 })
+        const urls = await persistMultipartImages(request, {
+          maxFiles: 1,
+          maxFileBytes: getOtherUploadMaxFileBytes(),
+        })
         if (urls.length !== 1) return reply.code(400).send({ error: 'Нужно прикрепить 1 изображение' })
         return { url: urls[0] }
       } catch (error) {
-        const message = error instanceof Error ? error.message : 'Не удалось загрузить изображение'
-        const statusCode =
+        let message = error instanceof Error ? error.message : 'Не удалось загрузить изображение'
+        let statusCode =
           error && typeof error === 'object' && 'statusCode' in error && Number.isInteger(error.statusCode)
             ? Number(error.statusCode)
             : 400
+        if (isMultipartFileTooLargeError(error)) {
+          message = formatFileTooLargeMessage(getOtherUploadMaxFileBytes())
+          statusCode = 413
+        }
         return reply.code(statusCode).send({ error: message })
       }
     },

server/src/routes/auth.js

@@ -1,6 +1,7 @@
 import { issueEmailCode, normalizeEmail, verifyEmailCode } from '../lib/auth.js'
 import { escapeHtml } from '../lib/escape-html.js'
 import { prisma } from '../lib/prisma.js'
+import { getOtherUploadMaxFileBytes } from '../lib/upload-limits.js'
 import { saveImageBufferToUploads } from '../lib/upload-images.js'
 
 function mapUserForClient(user) {
@@ -724,9 +725,15 @@ export async function registerAuthRoutes(fastify) {
         let receiptBuffer = null
         let receiptFilename = ''
         try {
-          const parts = request.parts()
+          const otherLimit = getOtherUploadMaxFileBytes()
+          const parts = request.parts({
+            limits: {
+              fileSize: otherLimit,
+              files: 2,
+            },
+          })
           for await (const part of parts) {
-            if (part.type === 'file') {
+            if (part.file) {
               if (part.fieldname === 'receipt') {
                 if (receiptBuffer !== null) {
                   return reply.code(400).send({ error: 'Допускается один файл receipt' })
@@ -734,7 +741,7 @@ export async function registerAuthRoutes(fastify) {
                 receiptBuffer = await part.toBuffer()
                 receiptFilename = part.filename ?? 'receipt'
               }
-            } else if (part.type === 'field' && part.fieldname === 'detail') {
+            } else if (part.fieldname === 'detail') {
               detail = String(part.value ?? '').trim()
             }
           }