feat: add support for fish scripts

README.md

@@ -1,11 +1,23 @@
 # abyss
 
-abyss is a basic (mostly) single user http server made for uploading files (logs, images) and then sharing them to the internet
+abyss is a basic and mostly single user http server written in go made for uploading files (logs, images) and then sharing them to the internet
 
-note: this is a project made for learning purposes, you should use other more mature projects if running in production. probably.
+<figure>
+ <img src="https://github.com/user-attachments/assets/eae42368-d8b5-4c42-ac8a-0e1486fcd0d4" alt="homepage"/>
+ <figcaption>this is abyss' default home page<figcaption/>
+</figure>
+
+## features
+
+- **file uploads**: supports uploading various file types, including images, videos, and documents.
+- **flexible media display**: automatically renders uploaded files on a webpage based on their type (images, pdfs, videos, or plain text).
+- **customizable interface**: allows for easy modification of color schemes and layout to suit specific design needs.
+- **syntax highlighting for code**: syntax highlighting available by default for code files, with support for multiple programming languages. (can be tweaked/changed and even removed)
+- **security considerations**: as it is single user, it's mostly secure but there are still some edges to sharpen
 
 ## table of contents
 
+- [features](#features)
 - [running abyss](#running)
   - [installing with docker](#docker)
   - [installing manually](#manual)
@@ -13,6 +25,15 @@ note: this is a project made for learning purposes, you should use other more ma
 - [theming](#theming)
 - [docs](#docs)
 - [todo list](#todo)
+- [more pictures](#pictures)
+
+## features
+
+- **file uploads**: supports uploading various file types, including images, videos, and documents.
+- **flexible media display**: automatically renders uploaded files on a webpage based on their type (images, pdfs, videos, or plain text).
+- **easily customizable interface**: allows for easy modification of color schemes and layout to suit specific design needs.
+- **syntax highlighting for code**: syntax highlighting available by default for code files, with support for multiple programming languages. (can be tweaked/changed and even removed)
+- **security considerations**: as it is single user, it's mostly secure but there are still some edges to sharpen
 
 ## running:
 
@@ -40,7 +61,11 @@ docker compose up -d # might be docker-compose depending on distro
 
 #### with curl
 
-- to upload your files with curl:
+- you can upload both with the main key and with jwt tokens
+
+##### main key
+
+- to upload your files with main key:
 
 ```bash
 curl -F "file=@/path/to/file" -H "X-Auth: "$(cat /path/to/.key) http://localhost:3235/
@@ -64,7 +89,7 @@ pst() {
     return 1
   fi
 
-  curl -F "file=@$file" -H "X-Auth: $(cat ~/.key)" http://localhost:3235
+  curl -F "file=@$file" -H "X-Auth: $(cat ~/.key)" http://localhost:3235/
 
   if [[ -p /dev/stdin ]]; then
     rm "$file"
@@ -88,7 +113,7 @@ function pst
         set file "$argv[1]"
     end
 
-    curl -F "file=@$file" -H "X-Auth: $(cat ~/.key)" http://localhost:3235
+    curl -F "file=@$file" -H "X-Auth: $(cat ~/.key)" http://localhost:3235/
 
     if command test -p /dev/stdin
         rm "$file"
@@ -98,6 +123,22 @@ end
 
 </details>
 
+##### with jwt tokens
+
+- you first need to generate them:
+
+```bash
+curl -u admin http://localhost:3235/token # you can also access the url in the browser directly
+```
+
+- the user will be the value of `$AUTH_USERNAME` and password the value of `$AUTH_PASSWORD`
+
+- then you use the token in place of the main key:
+
+```bash
+curl -F"file=@/path/to/file.jpg" -H "X-Auth: your-token" http://localhost:3235/
+```
+
 #### through the browser
 
 - you can only upload text through the browser, to do so, simply write text in the form in the default webpage and click upload.
@@ -132,3 +173,15 @@ end
 - [x] custom file displaying!!
 - [x] syntax highlighting
 - [ ] add rate limits
+
+## pictures
+
+<figure>
+  <img src="https://github.com/user-attachments/assets/32ce9b3a-8c0f-4bb5-bdcf-3a602e0c81e6"/>
+  <figcaption>this is abyss' default directory list<figcaption/>
+</figure>
+
+<figure>
+  <img src="https://github.com/user-attachments/assets/7072b227-9972-4c2a-a9f3-384d2efb4fe1"/>
+  <figcaption>this is abyss' default file presentation<figcaption/>
+</figure>

abyss.go

@@ -93,6 +93,8 @@ func setupHandlers(mux *http.ServeMux, app *Application) {
 
 	mux.HandleFunc("/last", app.lastUploadedHandler)
 
+	mux.HandleFunc("/token", BasicAuth(app.createTokenHandler, app))
+
 	mux.HandleFunc("/files/", app.fileHandler)
 
 	if app.authText == "yes" {

file_display.go

@@ -29,7 +29,7 @@ var extensions = map[string]string{
 	".log": "text", ".txt": "text", ".csv": "text",
 	".json": "text", ".env": "text", ".sum": "text",
 	".gitignore": "text", ".dockerfile": "text", ".Makefile": "text",
-	".rst": "text", ".el": "text",
+	".rst": "text", ".el": "text", ".fish": "text",
 }
 
 func DisplayFile(app *Application, file string, w http.ResponseWriter) {

go.mod

@@ -3,3 +3,5 @@ module github.com/jabuxas/abyss
 go 1.22.6
 
 require github.com/joho/godotenv v1.5.1
+
+require github.com/golang-jwt/jwt/v5 v5.2.1 // indirect

go.sum

@@ -1,2 +1,4 @@
+github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
+github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
 github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=

handlers.go

@@ -9,6 +9,9 @@ import (
 	"os"
 	"path/filepath"
 	"strings"
+	"time"
+
+	"github.com/golang-jwt/jwt/v5"
 )
 
 type Application struct {
@@ -198,3 +201,17 @@ func (app *Application) publicURL(file io.Reader, extension string) string {
 
 	return filename
 }
+
+func (app *Application) createTokenHandler(w http.ResponseWriter, r *http.Request) {
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"exp": time.Now().Add(time.Hour * 2).Unix(),
+	})
+
+	tokenString, err := token.SignedString([]byte(app.key))
+	if err != nil {
+		http.Error(w, "Error generating token", http.StatusInternalServerError)
+		return
+	}
+
+	fmt.Fprintf(w, "%s", tokenString)
+}

helpers.go

@@ -9,6 +9,8 @@ import (
 	"io"
 	"net/http"
 	"os"
+
+	"github.com/golang-jwt/jwt/v5"
 )
 
 type FileInfo struct {
@@ -27,7 +29,31 @@ type TemplateData struct {
 }
 
 func CheckAuth(r *http.Request, key string) bool {
-	return r.Header.Get("X-Auth") == key
+	receivedKey := r.Header.Get("X-Auth")
+	if receivedKey == key {
+		return true
+	} else if err := validateToken(receivedKey, key); err == nil {
+		return true
+	}
+	return false
+}
+
+func validateToken(tokenString, key string) error {
+	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+		}
+		return []byte(key), nil
+	})
+	if err != nil {
+		return err
+	}
+
+	if _, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+		return nil
+	} else {
+		return fmt.Errorf("invalid token")
+	}
 }
 
 func FormatFileSize(size int64) string {