Compare commits
No commits in common. "ba7ebb6210e5ddfca447dee188c7e090eedfa07c" and "f5cb4462642c9b1d80e1c7685a7f2e81aa478fe8" have entirely different histories.
ba7ebb6210
...
f5cb446264
@ -1,6 +1,6 @@
|
|||||||
# abyss
|
# abyss
|
||||||
|
|
||||||
abyss is a basic (mostly) single user http server made for uploading files (logs, images) and then sharing them to the internet
|
abyss is a basic single user http server made for uploading files (logs, images) and then sharing them to the internet
|
||||||
|
|
||||||
note: this is a project made for learning purposes, you should use other more mature projects if running in production. probably.
|
note: this is a project made for learning purposes, you should use other more mature projects if running in production. probably.
|
||||||
|
|
||||||
@ -58,7 +58,6 @@ curl -F "file=@/path/to/file" -H "X-Auth: "$(cat /path/to/.key) http://localhost
|
|||||||
- `UPLOAD_KEY`: this is key checked when uploading files. if the key doesn't match with server's one, then it refuses uploading.
|
- `UPLOAD_KEY`: this is key checked when uploading files. if the key doesn't match with server's one, then it refuses uploading.
|
||||||
- `ABYSS_FILEDIR`: this points to the directory where abyss will save the uploads to. defaults to `./files`
|
- `ABYSS_FILEDIR`: this points to the directory where abyss will save the uploads to. defaults to `./files`
|
||||||
- `ABYSS_PORT`: this is the port the server will run on. safe to leave empty. defaults to 3235
|
- `ABYSS_PORT`: this is the port the server will run on. safe to leave empty. defaults to 3235
|
||||||
- `SHOULD_AUTH`: if it is `yes`, then to upload files you will need authentication (same as `/tree`), anything other than that and upload is free for anyone
|
|
||||||
|
|
||||||
## todo:
|
## todo:
|
||||||
|
|
||||||
|
11
abyss.go
11
abyss.go
@ -25,8 +25,6 @@ func main() {
|
|||||||
app.filesDir = os.Getenv("ABYSS_FILEDIR")
|
app.filesDir = os.Getenv("ABYSS_FILEDIR")
|
||||||
app.port = os.Getenv("ABYSS_PORT")
|
app.port = os.Getenv("ABYSS_PORT")
|
||||||
|
|
||||||
auth := os.Getenv("SHOULD_AUTH")
|
|
||||||
|
|
||||||
if app.auth.username == "" {
|
if app.auth.username == "" {
|
||||||
log.Fatal("basic auth username must be provided")
|
log.Fatal("basic auth username must be provided")
|
||||||
}
|
}
|
||||||
@ -66,14 +64,7 @@ func main() {
|
|||||||
app.basicAuth(app.fileListingHandler),
|
app.basicAuth(app.fileListingHandler),
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
mux.HandleFunc("/last", app.lastUploadedHandler)
|
mux.HandleFunc("/last", app.lastHandler)
|
||||||
if auth == "yes" {
|
|
||||||
mux.HandleFunc("/upload", app.basicAuth(app.uploadHandler))
|
|
||||||
slog.Warn("text uploading through the browser will be restricted")
|
|
||||||
} else {
|
|
||||||
mux.HandleFunc("/upload", app.uploadHandler)
|
|
||||||
slog.Warn("text uploading through the browser will NOT be restricted")
|
|
||||||
}
|
|
||||||
|
|
||||||
srv := &http.Server{
|
srv := &http.Server{
|
||||||
Addr: app.port,
|
Addr: app.port,
|
||||||
|
@ -22,11 +22,6 @@ if [ -z $AUTH_PASSWORD ]; then
|
|||||||
AUTH_PASSWORD="admin"
|
AUTH_PASSWORD="admin"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
read -p "Auth for upload form - should password be needed to upload text through the browser? [yes]: " -e SHOULD_AUTH
|
|
||||||
if [ -z $SHOULD_AUTH ]; then
|
|
||||||
SHOULD_AUTH="yes"
|
|
||||||
fi
|
|
||||||
|
|
||||||
cat << EOF > .env
|
cat << EOF > .env
|
||||||
# This is the full name of the final domain for the server. Example: paste.abyss.dev
|
# This is the full name of the final domain for the server. Example: paste.abyss.dev
|
||||||
ABYSS_URL=$ABYSS_URL
|
ABYSS_URL=$ABYSS_URL
|
||||||
@ -43,9 +38,6 @@ AUTH_USERNAME=$AUTH_USERNAME
|
|||||||
# This is the password of the user for accessing /tree
|
# This is the password of the user for accessing /tree
|
||||||
AUTH_PASSWORD=$AUTH_PASSWORD
|
AUTH_PASSWORD=$AUTH_PASSWORD
|
||||||
|
|
||||||
# This is whether you need a password to upload text through the browser
|
|
||||||
SHOULD_AUTH=$SHOULD_AUTH
|
|
||||||
|
|
||||||
# This is the key needed to make uploads. Include it as X-Auth in curl.
|
# This is the key needed to make uploads. Include it as X-Auth in curl.
|
||||||
# Tip: Save it somewhere and use it in curl with \$(cat /path/to/key)
|
# Tip: Save it somewhere and use it in curl with \$(cat /path/to/key)
|
||||||
UPLOAD_KEY=$UPLOAD_KEY
|
UPLOAD_KEY=$UPLOAD_KEY
|
||||||
|
147
handlers.go
147
handlers.go
@ -1,8 +1,10 @@
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/md5"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
"crypto/subtle"
|
"crypto/subtle"
|
||||||
|
"encoding/hex"
|
||||||
"fmt"
|
"fmt"
|
||||||
"html/template"
|
"html/template"
|
||||||
"io"
|
"io"
|
||||||
@ -10,7 +12,6 @@ import (
|
|||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type Application struct {
|
type Application struct {
|
||||||
@ -69,13 +70,13 @@ func (app *Application) fileListingHandler(w http.ResponseWriter, r *http.Reques
|
|||||||
URL: app.url,
|
URL: app.url,
|
||||||
}
|
}
|
||||||
if err := tmpl.Execute(w, templateData); err != nil {
|
if err := tmpl.Execute(w, templateData); err != nil {
|
||||||
slog.Warn(err.Error())
|
slog.Warn(error.Error(err))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (app *Application) indexHandler(w http.ResponseWriter, r *http.Request) {
|
func (app *Application) indexHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
if r.Method == http.MethodPost {
|
if r.Method == http.MethodPost {
|
||||||
app.parserHandler(w, r)
|
app.uploadCurlHandler(w, r)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -126,7 +127,7 @@ func (app *Application) indexHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
http.StripPrefix("/", http.FileServer(http.Dir("./static"))).ServeHTTP(w, r)
|
http.StripPrefix("/", http.FileServer(http.Dir("./static"))).ServeHTTP(w, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (app *Application) lastUploadedHandler(w http.ResponseWriter, r *http.Request) {
|
func (app *Application) lastHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
if app.lastUploadedFile == "" {
|
if app.lastUploadedFile == "" {
|
||||||
http.Error(w, "No new files uploaded yet", http.StatusNotFound)
|
http.Error(w, "No new files uploaded yet", http.StatusNotFound)
|
||||||
return
|
return
|
||||||
@ -134,26 +135,67 @@ func (app *Application) lastUploadedHandler(w http.ResponseWriter, r *http.Reque
|
|||||||
http.ServeFile(w, r, app.lastUploadedFile)
|
http.ServeFile(w, r, app.lastUploadedFile)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (app *Application) uploadHandler(w http.ResponseWriter, r *http.Request) {
|
func (app *Application) uploadCurlHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
if r.Method == http.MethodPost {
|
if r.URL.Path != "/" {
|
||||||
app.parserHandler(w, r)
|
http.Error(w, "Method not allowed", http.StatusUnauthorized)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !CheckAuth(r, app.key) {
|
||||||
|
http.Error(w, "You're not authorized.", http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
app.uploadHandler(w, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (app *Application) parserHandler(w http.ResponseWriter, r *http.Request) {
|
func (app *Application) uploadHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
|
file, handler, err := r.FormFile("file")
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, "Error retrieving the file", http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer file.Close()
|
||||||
|
|
||||||
if _, err := os.Stat(app.filesDir); err != nil {
|
if _, err := os.Stat(app.filesDir); err != nil {
|
||||||
if err := os.Mkdir(app.filesDir, 0750); err != nil {
|
if err := os.Mkdir(app.filesDir, 0750); err != nil {
|
||||||
http.Error(w, "Error creating storage directory", http.StatusInternalServerError)
|
http.Error(w, "Error creating storage directory", http.StatusInternalServerError)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if contentType := r.Header.Get("Content-Type"); contentType == "application/x-www-form-urlencoded" {
|
|
||||||
app.formHandler(w, r)
|
hasher := md5.New()
|
||||||
} else if strings.Split(contentType, ";")[0] == "multipart/form-data" {
|
if _, err := io.Copy(hasher, file); err != nil {
|
||||||
app.curlHandler(w, r)
|
http.Error(w, "Error hashing file content", http.StatusInternalServerError)
|
||||||
} else {
|
return
|
||||||
http.Error(w, "Method not allowed", http.StatusUnauthorized)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sha1Hash := hex.EncodeToString(hasher.Sum(nil))[:8]
|
||||||
|
|
||||||
|
filename := fmt.Sprintf("%s%s", sha1Hash, filepath.Ext(handler.Filename))
|
||||||
|
|
||||||
|
filepath := filepath.Join(app.filesDir, filename)
|
||||||
|
|
||||||
|
// reopen the file for copying, as the hash process consumed the file reader
|
||||||
|
file, _, err = r.FormFile("file")
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, "Error retrieving the file", http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer file.Close()
|
||||||
|
|
||||||
|
dst, err := os.Create(filepath)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, "Error creating file\n", http.StatusInternalServerError)
|
||||||
|
}
|
||||||
|
defer dst.Close()
|
||||||
|
|
||||||
|
if _, err := io.Copy(dst, file); err != nil {
|
||||||
|
http.Error(w, "Error copying the file", http.StatusInternalServerError)
|
||||||
|
}
|
||||||
|
|
||||||
|
app.lastUploadedFile = filepath
|
||||||
|
|
||||||
|
fmt.Fprintf(w, "http://%s/%s\n", app.url, filename)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (app *Application) basicAuth(next http.HandlerFunc) http.HandlerFunc {
|
func (app *Application) basicAuth(next http.HandlerFunc) http.HandlerFunc {
|
||||||
@ -182,80 +224,3 @@ func (app *Application) basicAuth(next http.HandlerFunc) http.HandlerFunc {
|
|||||||
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (app *Application) formHandler(w http.ResponseWriter, r *http.Request) {
|
|
||||||
content := r.FormValue("content")
|
|
||||||
|
|
||||||
if err := os.WriteFile("/tmp/file.txt", []byte(content), 0666); err != nil {
|
|
||||||
http.Error(w, "Couldn't parse content body", http.StatusNoContent)
|
|
||||||
}
|
|
||||||
|
|
||||||
file, err := os.Open("/tmp/file.txt")
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, "Couldn't find file", http.StatusNotFound)
|
|
||||||
}
|
|
||||||
defer file.Close()
|
|
||||||
|
|
||||||
filename := app.publicURL(file, ".txt")
|
|
||||||
|
|
||||||
// reopening file because hash consumes it
|
|
||||||
file, err = os.Open("/tmp/file.txt")
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, "Couldn't find file", http.StatusNotFound)
|
|
||||||
}
|
|
||||||
defer file.Close()
|
|
||||||
|
|
||||||
err = SaveFile(app.lastUploadedFile, file)
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(w, "Error parsing file: %s", err.Error())
|
|
||||||
}
|
|
||||||
|
|
||||||
fmt.Fprintf(w, "%s", fmt.Sprintf("http://%s/%s\n", app.url, filename))
|
|
||||||
}
|
|
||||||
|
|
||||||
func (app *Application) curlHandler(w http.ResponseWriter, r *http.Request) {
|
|
||||||
if r.URL.Path != "/" {
|
|
||||||
http.Error(w, "Method not allowed", http.StatusUnauthorized)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
if !CheckAuth(r, app.key) {
|
|
||||||
http.Error(w, "You're not authorized.", http.StatusBadRequest)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
file, handler, err := r.FormFile("file")
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, "Error retrieving the file", http.StatusBadRequest)
|
|
||||||
slog.Warn(err.Error())
|
|
||||||
return
|
|
||||||
}
|
|
||||||
defer file.Close()
|
|
||||||
|
|
||||||
filename := app.publicURL(file, filepath.Ext(handler.Filename))
|
|
||||||
|
|
||||||
// reopen the file for copying, as the hash process consumed the file reader
|
|
||||||
file, _, err = r.FormFile("file")
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, "Error retrieving the file", http.StatusBadRequest)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
defer file.Close()
|
|
||||||
|
|
||||||
err = SaveFile(app.lastUploadedFile, file)
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(w, "Error parsing file: %s", err.Error())
|
|
||||||
}
|
|
||||||
|
|
||||||
fmt.Fprintf(w, "%s", fmt.Sprintf("http://%s/%s\n", app.url, filename))
|
|
||||||
}
|
|
||||||
|
|
||||||
func (app *Application) publicURL(file io.Reader, extension string) string {
|
|
||||||
filename, _ := HashFile(file, extension)
|
|
||||||
|
|
||||||
filepath := filepath.Join(app.filesDir, filename)
|
|
||||||
|
|
||||||
app.lastUploadedFile = filepath
|
|
||||||
|
|
||||||
return filename
|
|
||||||
}
|
|
||||||
|
30
helpers.go
30
helpers.go
@ -1,12 +1,8 @@
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/md5"
|
|
||||||
"encoding/hex"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func CheckAuth(r *http.Request, key string) bool {
|
func CheckAuth(r *http.Request, key string) bool {
|
||||||
@ -23,29 +19,3 @@ func FormatFileSize(size int64) string {
|
|||||||
}
|
}
|
||||||
return fmt.Sprintf("%.2f GB", float64(size)/(1024*1024*1024))
|
return fmt.Sprintf("%.2f GB", float64(size)/(1024*1024*1024))
|
||||||
}
|
}
|
||||||
|
|
||||||
func HashFile(file io.Reader, extension string) (string, error) {
|
|
||||||
hasher := md5.New()
|
|
||||||
if _, err := io.Copy(hasher, file); err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
sha1Hash := hex.EncodeToString(hasher.Sum(nil))[:8]
|
|
||||||
|
|
||||||
filename := fmt.Sprintf("%s%s", sha1Hash, extension)
|
|
||||||
|
|
||||||
return filename, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func SaveFile(name string, file io.Reader) error {
|
|
||||||
dst, err := os.Create(name)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
defer dst.Close()
|
|
||||||
|
|
||||||
if _, err := io.Copy(dst, file); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
@ -11,20 +11,9 @@
|
|||||||
|
|
||||||
<body>
|
<body>
|
||||||
<h1>abyss paste</h1>
|
<h1>abyss paste</h1>
|
||||||
<div>
|
<a href="/last">
|
||||||
<a href="/tree">
|
<button>last uploaded file</button>
|
||||||
<button>all uploaded files</button>
|
</a>
|
||||||
</a>
|
|
||||||
<a href="/last">
|
|
||||||
<button>last uploaded file</button>
|
|
||||||
</a>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<form action="/upload" method="POST">
|
|
||||||
<textarea name="content" placeholder="Enter your content here..."></textarea><br />
|
|
||||||
<button type="submit">upload</button>
|
|
||||||
</form>
|
|
||||||
|
|
||||||
<footer>
|
<footer>
|
||||||
abyss paste - powered by
|
abyss paste - powered by
|
||||||
<a href="https://github.com/jabuxas/abyss" target="_blank">abyss</a>
|
<a href="https://github.com/jabuxas/abyss" target="_blank">abyss</a>
|
||||||
|
@ -42,31 +42,3 @@ footer a {
|
|||||||
text-decoration: none;
|
text-decoration: none;
|
||||||
font-weight: bold;
|
font-weight: bold;
|
||||||
}
|
}
|
||||||
|
|
||||||
div {
|
|
||||||
display: flex;
|
|
||||||
gap: 10px;
|
|
||||||
align-items: center;
|
|
||||||
}
|
|
||||||
|
|
||||||
form {
|
|
||||||
display: flex;
|
|
||||||
flex-direction: column;
|
|
||||||
align-items: center;
|
|
||||||
margin-top: 30px;
|
|
||||||
gap: 10px;
|
|
||||||
}
|
|
||||||
|
|
||||||
textarea {
|
|
||||||
background-color: #333;
|
|
||||||
color: #fff;
|
|
||||||
border: 1px solid #555;
|
|
||||||
padding: 10px;
|
|
||||||
width: 400px;
|
|
||||||
height: 150px;
|
|
||||||
border-radius: 5px;
|
|
||||||
}
|
|
||||||
|
|
||||||
textarea::placeholder {
|
|
||||||
color: #bbb;
|
|
||||||
}
|
|
||||||
|
Loading…
Reference in New Issue
Block a user