moonq/mini-flees
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

getting there

Browse Source
This commit is contained in:
Q
2023-08-19 19:42:31 +03:00
parent bdacb80c43
commit cfee5287d5
9 changed files with 332 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
code/app.py
View File

@@ -1,37 +1,33 @@
# -*- coding: utf-8 -*-
import os, sys, time
import json
from datetime import datetime
import os
import sys
import time
from flask import (
Flask,
render_template,
jsonify,
current_app,
Response,
redirect,
url_for,
request,
g,
session,
send_file,
send_from_directory,
abort,
)
from werkzeug.utils import secure_filename
from revprox import ReverseProxied
from utils import (
from utils.misc import (
random_token,
)
from utils.files import (
db_store_file,
file_details,
file_list,
file_full_path,
file_full_url,
db_add_download,
db_get_file,
db_delete_file,
db_maintenance,
)
__MINI_FLEES_VERSION__ = "20230818.0"
__VERSION__ = "20230818.0"
app = Flask(__name__)
app.config.from_object(__name__)
app.config.from_prefixed_env()
@@ -42,11 +38,30 @@ app.wsgi_app = ReverseProxied(app.wsgi_app)
@app.route("/")
def index():
"""Returns Nothing"""
return "", 200
@app.route("/upload", methods=["POST"])
def upload():
"""
Upload a file, example CURL:
cat file | \
curl -fL -w "\n" -F file="@-" -X POST \
-H "Name: my.file.ext" \
-H "Max-Downloads: 4000" \
-H "Expires-Days: 14" \
-H "Secret: dff789f0bbe8183d32542" \
"$FLASK_PUBLIC_URL"/upload
- Additionally, "Expires-Hours" can be used.
- Max-Dowloads: -1 means no upper limit
Returns the file download URL
"""
if request.method == "POST":
file = request.files.get("file")
name = request.headers.get("Name", None)
@@ -68,13 +83,16 @@ def upload():
if file:
safe_filename = secure_filename(name)
token = random_token()
folder = os.path.join(app.config["DATAFOLDER"], token)
while True:
token = random_token()
folder = os.path.join(app.config["DATAFOLDER"], token)
if not os.path.exists(folder):
break
os.mkdir(folder)
filename = os.path.join(folder, safe_filename)
filename = file_full_path(token, safe_filename)
file.save(filename)
db_store_file(token, safe_filename, expires, max_dl)
download_url = f"{app.config['PUBLIC_URL']}/dl/{token}/{safe_filename}"
download_url = file_full_url(token, safe_filename)
return "File uploaded\n%s\n" % (download_url,), 200
else:
return "Use the 'file' variable to upload\n", 400
@@ -82,6 +100,14 @@ def upload():
@app.route("/details/<token>/<name>", methods=["GET"])
def details(token, name):
"""
Get JSON of file details. Size, added date, download times, etc.
curl -fL -w "\n" \
-H "Secret: dff789f0bbe8183d3254258b33a147d580c1131f39a698c56d3f640ac8415714" \
"$ROOTURL"/details/OdD7X0aKOGM/big_file1.ext
"""
secret = request.headers.get("Secret", "")
if secret != app.config["ACCESS_TOKEN"]:
return "Error", 401
@@ -91,11 +117,14 @@ def details(token, name):
@app.route("/delete/<token>/<name>", methods=["GET"])
def delete_file(name, token):
"""
Delete a file from the system
"""
secret = request.headers.get("Secret", "")
if secret != app.config["ACCESS_TOKEN"]:
return "Error", 401
try:
os.remove(os.path.join(os.getenv("DATAFOLDER"), token, name))
os.remove(os.path.join(app.config["DATAFOLDER"], token, name))
except Exception:
pass
db_delete_file(token, name)
@@ -104,6 +133,9 @@ def delete_file(name, token):
@app.route("/ls", methods=["GET"])
def ls():
"""
Lists all uploaded files
"""
secret = request.headers.get("Secret", "")
if secret != app.config["ACCESS_TOKEN"]:
return "Error", 401
@@ -112,6 +144,11 @@ def ls():
@app.route("/maintenance", methods=["GET"])
def maintenance():
"""
Clears DB of expired entries.
Deletes folders without DB entry
"""
secret = request.headers.get("Secret", "")
if secret != app.config["ACCESS_TOKEN"]:
return "Error", 401
@@ -120,29 +157,30 @@ def maintenance():
@app.route("/dl/<token>/<name>", methods=["GET"])
def download(name, token):
"""
Download a file
"""
return download_file(token, name)
@app.route("/script/client", methods=["GET"])
def script_client():
@app.route("/script/mfl", methods=["GET"])
def script_mfl():
secret = request.headers.get("Secret", "")
if secret != app.config["ACCESS_TOKEN"]:
return "Error", 401
return render_template(
"client.py", name=name, token=token, rooturl=request.url_root
)
@app.route("/script/flip", methods=["GET"])
def script_flip():
return render_template(
"flip",
name=name,
token=token,
rooturl=request.url_root,
version=__FLEES_VERSION__,
"mfl",
token=app.config["ACCESS_TOKEN"],
rooturl=app.config["PUBLIC_URL"],
version=__VERSION__,
)
def download_file(token, name):
full_path = os.path.join(os.getenv("FLASK_DATAFOLDER"), token, name)
"""
check for file expiry, and send file if allowed
"""
full_path = os.path.join(app.config["DATAFOLDER"], token, name)
if not os.path.exists(full_path):
return "Error", 404
db_stat = db_get_file(token, name)
@@ -150,13 +188,13 @@ def download_file(token, name):
added, expires, downloads, max_dl = db_stat
else:
return "Error", 404
if downloads >= max_dl:
if downloads >= max_dl and max_dl > -1:
return "Expired", 401
if expires < time.time():
return "Expired", 401
db_add_download(token, name)
return send_from_directory(
directory=os.path.join(os.getenv("FLASK_DATAFOLDER"), token), path=name
directory=os.path.join(app.config["DATAFOLDER"], token), path=name
)