# FLEES

A very small file sharing website.

The name comes from mispronouncing "files" very badly.


# installation

- `cp env.example .env`
- `cp data/config.json.example data/config.json`
- `cp data/shares.json.example data/shares.json`
- `touch code/notifier.py`
- `docker-compose up --build`
- open URL: http://localhost:8136/list/test
- `pip install code/manager-requirements.txt`

# configuration

- generate and manage shares with `code/flees-manager.py`
- configure service with data/config.json
    - Change your app_secret_key !!
    - Change your public_url
    - uid = user id for new files
    - workers = parallel processes (i.e. one upload reserves a process)
    - timeout = timeout for processes, single upload might take a long time!
    - max_zip_size = zipping a share with more data is not allowed
- configure bind host and port in .env
- proxy with nginx, match body size and timeout to your needs:
```
location /flees/ {
         proxy_pass http://localhost:8136/;
         proxy_set_header Host $host;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Scheme $scheme;
         proxy_set_header X-Script-Name /flees;
         client_max_body_size 8G;
         client_body_timeout 240s;
    }
```

- configure local port in `docker-compose.yaml`

- Check `flees-manager.py rest` command to get direct links to various
  actions

# custom notifier

- Add a notifier module, and refer to it in the config with:
  "notifier": "python-path-to-file:class-name"
  ex.:  "notifier": "notifier:Notifier"
- The class must have method `def notify(self, message)`

Check the notifier.py.template for clues.
Flees will send notification on upload and download events, with a Dict like this:
```
{
        "recipient": "share recipient",
        "share": "name",
        "filename": "file_path",
        "operation": "direct_download",
        "environment": [env for request, including IP addresses etc]
}
```

Operation is one of download, direct_download, zip_download, or upload


# Passwords

- shares.json stores hashed version of password.
- Additionally, it may store plain text password, if users so wish.
- Internally, Flees only compares the hashes of passwords
- Tokens are encrypted versions of the hash. (login/upload/download with
  direct links). i.e. decrypted URL request equals password hash
- Encryption key is the app_secret_key
- Direct download token is (password hash + filename) hashed