From 66a546b465d0eea3f170c737bc47d435e85bbeba Mon Sep 17 00:00:00 2001
From: harold <tihon414@gmail.com>
Date: Mon, 30 Jun 2025 23:01:37 +0500
Subject: [PATCH] add 20mb max file size

---
 internal/api/http/handlers/files/files.go | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/internal/api/http/handlers/files/files.go b/internal/api/http/handlers/files/files.go
index 1356ec2..6a7c7fc 100644
--- a/internal/api/http/handlers/files/files.go
+++ b/internal/api/http/handlers/files/files.go
@@ -6,6 +6,7 @@ import (
 	"github.com/labstack/echo/v4"
 	"log/slog"
 	"net/http"
+	"strings"
 )
 
 // AddNewFile godoc
@@ -15,11 +16,12 @@ import (
 // @Accept       multipart/form-data
 // @Produce      json
 // @Security     BearerAuth
-// @Param        new_file formData file true "New file to upload"
+// @Param        new_file formData file true "New file to upload (max 20 MB)"
 // @Param        entity   formData string false "Optional entity type (defaults to 'widget')"
 // @Success      200 {object} model.DataFile "File has been uploaded successfully!"
 // @Failure      400 {object} echo.HTTPError "Bad request (e.g., missing file, invalid form data)"
 // @Failure      401 {object} echo.HTTPError "Unauthorized or expired token"
+// @Failure      413 {object} echo.HTTPError "File size exceeds 20 MB limit"
 // @Failure      422 {object} echo.HTTPError "Validation error (specific cases, might overlap with 400/500)"
 // @Failure      500 {object} echo.HTTPError "Internal server error (e.g., failed to save file, DB error)"
 // @Router       /files [post]
@@ -38,16 +40,28 @@ func AddNewFile(fileService model.FileService, donatService model.DonatService)
 			slog.Info("Entity parameter not provided, defaulting to 'widget'")
 		}
 
+		const maxFileSize = 20 << 20 // 20 MB
+		request.Request().Body = http.MaxBytesReader(request.Response(), request.Request().Body, maxFileSize)
+
 		newFile, err := request.FormFile("new_file")
 		if err != nil {
 			if err == http.ErrMissingFile {
 				slog.Error("Missing 'new_file' in form data", "error", err)
 				return echo.NewHTTPError(http.StatusBadRequest, "Required form field 'new_file' is missing")
 			}
+			if strings.Contains(err.Error(), "request body too large") {
+				slog.Error("File size exceeds 20 MB limit", "error", err)
+				return echo.NewHTTPError(http.StatusRequestEntityTooLarge, "File size exceeds 20 MB limit")
+			}
 			slog.Error("Failed to get file from form", "error", err)
 			return echo.NewHTTPError(http.StatusBadRequest, "Cannot process uploaded file: "+err.Error())
 		}
 
+		if newFile.Size > maxFileSize {
+			slog.Error("File size exceeds 20 MB limit", "size", newFile.Size)
+			return echo.NewHTTPError(http.StatusRequestEntityTooLarge, "File size exceeds 20 MB limit")
+		}
+
 		fileId, err := fileService.AddNewFile(
 			ctx,
 			*newFile,