Adding antivirus scanning capabilities with ClamAV via API calls and Add User fucntion

compose.yaml

@@ -16,5 +16,32 @@ services:
       # - HIDE_HISTORY=true # hides the history tab in the web interface, defaults to false
       - TZ=Europe/Stockholm # set your timezone, defaults to UTC
       # - UNAUTHENTICATED_USER_SHARING=true # for use with ALLOW_UNAUTHENTICATED=true to share history with all unauthenticated users / devices
+      - CLAMAV_URL=http://clam_av_api:3000/api/v1/scan
     ports:
-      - 3000:3000
+      - 8080:3000
+
+  clamav-rest-api:
+    image: benzino77/clamav-rest-api:latest
+    container_name: clamav-rest-api
+    restart: unless-stopped
+    environment:
+      - NODE_ENV=production
+      # field name expected in the multipart form
+      - APP_FORM_KEY=FILES
+      # talk to your existing ClamAV daemon
+      - CLAMD_IP=CLAMAV_server_IP
+      - CLAMD_PORT=3310
+      # max allowed file size (here: 250 MB)
+      - APP_MAX_FILE_SIZE=262144000
+    ports:
+      # outside:inside
+      - "3000:3000"
+
+   clamav:
+    image: clamav/clamav:latest
+    container_name: clamav
+    restart: unless-stopped
+    ports:
+      - "3310:3310"
+    environment:
+      - CLAMAV_NO_FRESHCLAMD=false   

public/script.js

@@ -33,7 +33,6 @@ dropZone.addEventListener("drop", (e) => {
   }
 });
 
-// Extracted handleFile function for reusability in drag-and-drop and file input
 function handleFile(file) {
   const fileList = document.querySelector("#file-list");
 
@@ -128,14 +127,11 @@ const updateSearchBar = () => {
   });
 
   convertToInput.addEventListener("search", () => {
-    // when the user clears the search bar using the 'x' button
     convertButton.disabled = true;
     formatSelected = false;
   });
 
   convertToInput.addEventListener("blur", (e) => {
-    // Keep the popup open even when clicking on a target button
-    // for a split second to allow the click to go through
     if (e?.relatedTarget?.classList?.contains("target")) {
       convertToPopup.classList.add("hidden");
       convertToPopup.classList.remove("flex");
@@ -152,7 +148,6 @@ const updateSearchBar = () => {
   });
 };
 
-// Add a 'change' event listener to the file input element
 fileInput.addEventListener("change", (e) => {
   const files = e.target.files;
   for (const file of files) {
@@ -165,21 +160,19 @@ const setTitle = () => {
   title.textContent = `Convert ${fileType ? `.${fileType}` : ""}`;
 };
 
-// Add a onclick for the delete button
 // eslint-disable-next-line @typescript-eslint/no-unused-vars
 const deleteRow = (target) => {
   const filename = target.parentElement.parentElement.children[0].textContent;
   const row = target.parentElement.parentElement;
   row.remove();
 
-  // remove from fileNames
   const index = fileNames.indexOf(filename);
-  fileNames.splice(index, 1);
+  if (index !== -1) {
+    fileNames.splice(index, 1);
+  }
 
-  // reset fileInput
   fileInput.value = "";
 
-  // if fileNames is empty, reset fileType
   if (fileNames.length === 0) {
     fileType = null;
     fileInput.removeAttribute("accept");
@@ -209,20 +202,104 @@ const uploadFile = (file) => {
   xhr.open("POST", `${webroot}/upload`, true);
 
   xhr.onload = () => {
-    let data = JSON.parse(xhr.responseText);
-
     pendingFiles -= 1;
+
+    // 🔍 1) Log exactly what the browser got
+    console.log("Upload raw response:", xhr.status, xhr.responseText);
+
+    let data = {};
+    try {
+      data = JSON.parse(xhr.responseText || "{}");
+    } catch (e) {
+      console.error("Failed to parse upload response:", e, xhr.responseText);
+    }
+
+    // 🔍 2) Compute an "infected" flag as robustly as possible
+    const isInfected =
+      (typeof data === "object" &&
+        data !== null &&
+        (data.infected === true ||
+          data.infected === "true" ||
+          (typeof data.message === "string" &&
+            data.message.toLowerCase().includes("infected file found")))) ||
+      (typeof xhr.responseText === "string" &&
+        xhr.responseText.toLowerCase().includes("infected file found"));
+
+    // 🔴 3) If backend reports infection, show popup and stop
+    if (xhr.status >= 200 && xhr.status < 300 && isInfected) {
+      const infectedFiles = data.infectedFiles || [];
+      const details = infectedFiles
+        .map((f) =>
+          `${f.name}: ${
+            Array.isArray(f.viruses) && f.viruses.length
+              ? f.viruses.join(", ")
+              : "malware detected"
+          }`,
+        )
+        .join("\n");
+
+      alert(
+        "⚠️ Infected file found. Conversion will be aborted.\n\n" +
+          (details ? "Details:\n" + details : ""),
+      );
+
+      // Remove row for this file
+      if (file.htmlRow && file.htmlRow.remove) {
+        file.htmlRow.remove();
+      }
+
+      // Remove from internal list
+      const idx = fileNames.indexOf(file.name);
+      if (idx !== -1) {
+        fileNames.splice(idx, 1);
+      }
+
+      if (fileNames.length === 0) {
+        fileType = null;
+        fileInput.removeAttribute("accept");
+        setTitle();
+        convertButton.disabled = true;
+      } else if (pendingFiles === 0 && formatSelected) {
+        convertButton.disabled = false;
+      }
+
+      convertButton.textContent = "Convert";
+
+      const progressbar = file.htmlRow?.getElementsByTagName("progress");
+      if (progressbar && progressbar[0]?.parentElement) {
+        progressbar[0].parentElement.remove();
+      }
+
+      return;
+    }
+
+    // Generic HTTP error
+    if (xhr.status !== 200) {
+      console.error("Upload failed:", xhr.status, xhr.responseText);
+      alert("Upload failed. Please try again.");
+      convertButton.disabled = false;
+      convertButton.textContent = "Upload failed";
+
+      const progressbar = file.htmlRow.getElementsByTagName("progress");
+      if (progressbar[0]?.parentElement) {
+        progressbar[0].parentElement.remove();
+      }
+      return;
+    }
+
+    // Clean upload
     if (pendingFiles === 0) {
-      if (formatSelected) {
+      if (formatSelected && fileNames.length > 0) {
         convertButton.disabled = false;
       }
       convertButton.textContent = "Convert";
     }
 
-    //Remove the progress bar when upload is done
-    let progressbar = file.htmlRow.getElementsByTagName("progress");
-    progressbar[0].parentElement.remove();
-    console.log(data);
+    const progressbar = file.htmlRow.getElementsByTagName("progress");
+    if (progressbar[0]?.parentElement) {
+      progressbar[0].parentElement.remove();
+    }
+    console.log("Upload parsed response:", data);
   };
 
   xhr.upload.onprogress = (e) => {
@@ -231,11 +308,16 @@ const uploadFile = (file) => {
     console.log(`upload progress (${file.name}):`, (100 * sent) / total);
 
     let progressbar = file.htmlRow.getElementsByTagName("progress");
-    progressbar[0].value = (100 * sent) / total;
+    if (progressbar[0]) {
+      progressbar[0].value = (100 * sent) / total;
+    }
   };
 
   xhr.onerror = (e) => {
-    console.log(e);
+    console.log("XHR error:", e);
+    alert("Upload failed due to a network error.");
+    convertButton.disabled = false;
+    convertButton.textContent = "Upload failed";
   };
 
   xhr.send(formData);
@@ -249,3 +331,4 @@ formConvert.addEventListener("submit", () => {
 });
 
 updateSearchBar();
+

src/helpers/avToggle.ts

@@ -0,0 +1,34 @@
+// src/helpers/avToggle.ts
+
+import {
+  ANTIVIRUS_ENABLED_DEFAULT,
+  CLAMAV_CONFIGURED,
+} from "./env";
+
+let antivirusEnabled = ANTIVIRUS_ENABLED_DEFAULT;
+
+/**
+ * Is ClamAV configured at all (CLAMAV_URL set)?
+ */
+export function isAntivirusAvailable(): boolean {
+  return CLAMAV_CONFIGURED;
+}
+
+/**
+ * Is antivirus scanning currently enabled (and available)?
+ */
+export function isAntivirusEnabled(): boolean {
+  return CLAMAV_CONFIGURED && antivirusEnabled;
+}
+
+/**
+ * Change current antivirus enabled/disabled state.
+ * If CLAMAV is not configured, this is effectively a no-op and remains false.
+ */
+export function setAntivirusEnabled(enabled: boolean): void {
+  if (!CLAMAV_CONFIGURED) {
+    antivirusEnabled = false;
+    return;
+  }
+  antivirusEnabled = enabled;
+}

src/helpers/env.ts

@@ -1,7 +1,10 @@
+// src/helpers/env.ts
+
 export const ACCOUNT_REGISTRATION =
   process.env.ACCOUNT_REGISTRATION?.toLowerCase() === "true" || false;
 
-export const HTTP_ALLOWED = process.env.HTTP_ALLOWED?.toLowerCase() === "true" || false;
+export const HTTP_ALLOWED =
+  process.env.HTTP_ALLOWED?.toLowerCase() === "true" || false;
 
 export const ALLOW_UNAUTHENTICATED =
   process.env.ALLOW_UNAUTHENTICATED?.toLowerCase() === "true" || false;
@@ -10,7 +13,8 @@ export const AUTO_DELETE_EVERY_N_HOURS = process.env.AUTO_DELETE_EVERY_N_HOURS
   ? Number(process.env.AUTO_DELETE_EVERY_N_HOURS)
   : 24;
 
-export const HIDE_HISTORY = process.env.HIDE_HISTORY?.toLowerCase() === "true" || false;
+export const HIDE_HISTORY =
+  process.env.HIDE_HISTORY?.toLowerCase() === "true" || false;
 
 export const WEBROOT = process.env.WEBROOT ?? "";
 
@@ -23,3 +27,22 @@ export const MAX_CONVERT_PROCESS =
 
 export const UNAUTHENTICATED_USER_SHARING =
   process.env.UNAUTHENTICATED_USER_SHARING?.toLowerCase() === "true" || false;
+
+// ─────────────────────────────────────────────────────────────
+// ClamAV / Antivirus integration
+// ─────────────────────────────────────────────────────────────
+
+// REST endpoint of benzino77/clamav-rest-api, e.g.
+// CLAMAV_URL=http://192.168.68.134:3000/api/v1/scan
+export const CLAMAV_URL = process.env.CLAMAV_URL ?? "";
+
+// True only if CLAMAV_URL is non-empty
+export const CLAMAV_CONFIGURED = CLAMAV_URL.length > 0;
+
+// Default AV toggle value:
+// - If ANTIVIRUS_ENABLED_DEFAULT=false → force disabled
+// - Otherwise: enabled only when CLAMAV is configured
+export const ANTIVIRUS_ENABLED_DEFAULT =
+  process.env.ANTIVIRUS_ENABLED_DEFAULT?.toLowerCase() === "false"
+    ? false
+    : CLAMAV_CONFIGURED;

src/index.tsx

@@ -18,6 +18,7 @@ import { root } from "./pages/root";
 import { upload } from "./pages/upload";
 import { user } from "./pages/user";
 import { healthcheck } from "./pages/healthcheck";
+import { antivirus } from "./pages/antivirus"; // 👈 NEW
 
 export const uploadsDir = "./data/uploads/";
 export const outputDir = "./data/output/";
@@ -50,6 +51,7 @@ const app = new Elysia({
   .use(listConverters)
   .use(chooseConverter)
   .use(healthcheck)
+  .use(antivirus) // 👈 register the antivirus toggle API
   .onError(({ error }) => {
     console.error(error);
   });
@@ -67,13 +69,19 @@ if (process.env.NODE_ENV !== "production") {
 
 app.listen(3000);
 
-console.log(`🦊 Elysia is running at http://${app.server?.hostname}:${app.server?.port}${WEBROOT}`);
+console.log(
+  `🦊 Elysia is running at http://${app.server?.hostname}:${app.server?.port}${WEBROOT}`,
+);
 
 const clearJobs = () => {
   const jobs = db
     .query("SELECT * FROM jobs WHERE date_created < ?")
     .as(Jobs)
-    .all(new Date(Date.now() - AUTO_DELETE_EVERY_N_HOURS * 60 * 60 * 1000).toISOString());
+    .all(
+      new Date(
+        Date.now() - AUTO_DELETE_EVERY_N_HOURS * 60 * 60 * 1000,
+      ).toISOString(),
+    );
 
   for (const job of jobs) {
     // delete the directories

src/pages/antivirus.tsx

@@ -0,0 +1,45 @@
+// src/pages/antivirus.tsx
+
+import { Elysia, t } from "elysia";
+import { userService } from "./user";
+import {
+  isAntivirusAvailable,
+  isAntivirusEnabled,
+  setAntivirusEnabled,
+} from "../helpers/avToggle";
+
+export const antivirus = new Elysia()
+  .use(userService)
+  // Get current AV status
+  .get("/api/antivirus", () => {
+    const available = isAntivirusAvailable();
+    const enabled = isAntivirusEnabled();
+    return { available, enabled };
+  })
+  // Update AV status
+  .post(
+    "/api/antivirus",
+    ({ body }) => {
+      const { enabled } = body;
+
+      if (!isAntivirusAvailable()) {
+        // CLAMAV_URL missing: force disabled and report unavailable
+        return {
+          available: false,
+          enabled: false,
+        };
+      }
+
+      setAntivirusEnabled(Boolean(enabled));
+
+      return {
+        available: true,
+        enabled: isAntivirusEnabled(),
+      };
+    },
+    {
+      body: t.Object({
+        enabled: t.Boolean(),
+      }),
+    },
+  );