big rewrite of token system
This commit is contained in:
Ville Rantanen
33
README.md
33
README.md
@@ -13,15 +13,18 @@ The name comes from mispronouncing "files" very badly.
|
||||
- `touch code/notifier.py`
|
||||
- `docker-compose up --build`
|
||||
- open URL: http://localhost:8136/list/test
|
||||
- `pip install code/manager-requirements.txt`
|
||||
|
||||
# configuration
|
||||
|
||||
|
||||
- configure shares with data/shares.json
|
||||
- generate and manage shares with utils/flees-manager.py
|
||||
- generate and manage shares with `code/flees-manager.py`
|
||||
- configure service with data/config.json
|
||||
- Change your app_secret_key !!
|
||||
- Change your public_url
|
||||
- uid = user id for new files
|
||||
- workers = parallel processes (i.e. one upload reserves a process)
|
||||
- timeout = timeout for processes, single upload might take a long time!
|
||||
- max_zip_size = zipping a share with more data is not allowed
|
||||
- configure bind host and port in .env
|
||||
- proxy with nginx, match body size and timeout to your needs:
|
||||
```
|
||||
@@ -38,15 +41,8 @@ location /flees/ {
|
||||
|
||||
- configure local port in `docker-compose.yaml`
|
||||
|
||||
- directly login with URLs:
|
||||
- http://host/list/[share name]/[hashed password]
|
||||
- download with curl (etc.)
|
||||
- http://host/download/[share name]/[hashed password]/[filename]
|
||||
- upload with curl (etc.)
|
||||
- curl -F file=@my.file http://host/upload/[share name]/[hashed password]
|
||||
- "direct link" is a sharing link that does not require other passwords, and is unique to each file.
|
||||
(there should be no danger in sharing a file, and the password to rest of the files leaking)
|
||||
|
||||
- Check `flees-manager.py rest` command to get direct links to various
|
||||
actions
|
||||
|
||||
# custom notifier
|
||||
|
||||
@@ -62,14 +58,21 @@ Flees will send notification on upload and download events, with a Dict like thi
|
||||
"recipient": "share recipient",
|
||||
"share": "name",
|
||||
"filename": "file_path",
|
||||
"operation": "direct_download"
|
||||
"operation": "direct_download",
|
||||
"environment": [env for request, including IP addresses etc]
|
||||
}
|
||||
```
|
||||
|
||||
Operation is one of download, direct_download, zip_download, or upload
|
||||
|
||||
|
||||
# Passwords
|
||||
|
||||
|
||||
|
||||
- shares.json stores hashed version of password.
|
||||
- Additionally, it may store plain text password, if users so wish.
|
||||
- Internally, Flees only compares the hashes of passwords
|
||||
- Tokens are encrypted versions of the hash. (login/upload/download with
|
||||
direct links). i.e. decrypted URL request equals password hash
|
||||
- Encryption key is the app_secret_key
|
||||
- Direct download token is (password hash + filename) hashed
|
||||
|
||||
|
||||
Reference in New Issue
Block a user