Compare commits

...

8 Commits
v1.3.0 ... main

8 changed files with 43 additions and 30 deletions

View File

@ -78,6 +78,8 @@ abyss is a basic and mostly single user http server written in go made for uploa
curl -F "file=@/path/to/file" -H "X-Auth: "$(cat /path/to/.key) http://localhost:3235/
```
- it is also possible to add a `-Fsecret=` to your POST to make filenames bigger and harder to guess.
- you should probably create an `alias` or a `function` to do this automatically for you.
<details>
<summary>click for an example for bash/zsh:</summary>
@ -166,7 +168,7 @@ abyss is a basic and mostly single user http server written in go made for uploa
- `UPLOAD_KEY`: this is key checked when uploading files. if the key doesn't match with server's one, then it refuses uploading.
- `ABYSS_FILEDIR`: this points to the directory where abyss will save the uploads to. defaults to `./files`
- `ABYSS_PORT`: this is the port the server will run on. safe to leave empty. defaults to 3235
- `SHOULD_AUTH`: if it is `yes`, then to upload text through the browser you will need authentication (same auth as `/tree`), any value other than that and upload is auth-less
- `SHOULD_AUTH`: if it is `yes`, then to upload text you will need authentication (same auth as `/tree`), any value other than that and upload is authless
## todo:

View File

@ -100,12 +100,4 @@ func setupHandlers(mux *http.ServeMux, app *Application) {
mux.HandleFunc("/token", BasicAuth(app.createTokenHandler, app))
mux.HandleFunc("/files/", app.fileHandler)
if app.authUpload == "yes" {
mux.HandleFunc("/upload", BasicAuth(app.uploadHandler, app))
slog.Warn("text uploading through the browser will be restricted")
} else {
mux.HandleFunc("/upload", app.uploadHandler)
slog.Warn("text uploading through the browser will NOT be restricted")
}
}

View File

@ -17,6 +17,8 @@ var extensions = map[string]string{
".png": "image", ".jpg": "image", ".jpeg": "image", ".webp": "image",
".mp3": "audio", ".aac": "audio", ".wav": "audio", ".flac": "audio", ".ogg": "audio",
".sh": "text", ".bash": "text", ".zsh": "text",
".bat": "text", ".cmd": "text", ".ps1": "text",
".ini": "text", ".cfg": "text", ".conf": "text",

View File

@ -43,7 +43,7 @@ AUTH_USERNAME=$AUTH_USERNAME
# This is the password of the user for accessing /tree
AUTH_PASSWORD=$AUTH_PASSWORD
# This is whether you need a password to upload text through the browser
# This is whether you need a password to upload text (through browser or curl)
SHOULD_AUTH=$SHOULD_AUTH
# This is the key needed to make uploads. Include it as X-Auth in curl.

View File

@ -137,7 +137,11 @@ func (app *Application) lastUploadedHandler(w http.ResponseWriter, r *http.Reque
func (app *Application) uploadHandler(w http.ResponseWriter, r *http.Request) {
if contentType := r.Header.Get("Content-Type"); contentType == "application/x-www-form-urlencoded" {
app.formHandler(w, r)
if app.authUpload == "yes" {
BasicAuth(app.formHandler, app)(w, r)
} else {
app.formHandler(w, r)
}
} else if strings.Split(contentType, ";")[0] == "multipart/form-data" {
app.curlHandler(w, r)
} else {
@ -158,7 +162,11 @@ func (app *Application) formHandler(w http.ResponseWriter, r *http.Request) {
}
defer file.Close()
filename := app.publicURL(file, ".txt")
full := true
if len(r.Form["secret"]) == 0 {
full = false
}
filename := app.publicURL(file, ".txt", full)
// reopening file because hash consumes it
file, err = os.Open("/tmp/file.txt")
@ -194,7 +202,11 @@ func (app *Application) curlHandler(w http.ResponseWriter, r *http.Request) {
}
defer file.Close()
filename := app.publicURL(file, filepath.Ext(handler.Filename))
full := true
if len(r.Form["secret"]) == 0 {
full = false
}
filename := app.publicURL(file, filepath.Ext(handler.Filename), full)
// reopen the file for copying, as the hash process consumed the file reader
file, _, err = r.FormFile("file")
@ -204,16 +216,15 @@ func (app *Application) curlHandler(w http.ResponseWriter, r *http.Request) {
}
defer file.Close()
err = SaveFile(app.lastUploadedFile, file)
if err != nil {
if err = SaveFile(app.lastUploadedFile, file); err != nil {
fmt.Fprintf(w, "Error parsing file: %s", err.Error())
}
ResponseURLHandler(w, app.url, filename)
}
func (app *Application) publicURL(file io.Reader, extension string) string {
filename, _ := HashFile(file, extension)
func (app *Application) publicURL(file io.Reader, extension string, full bool) string {
filename, _ := HashFile(file, extension, full)
filepath := filepath.Join(app.filesDir, filename)

View File

@ -9,6 +9,7 @@ import (
"io"
"net/http"
"os"
"strings"
"github.com/golang-jwt/jwt/v5"
)
@ -67,17 +68,19 @@ func FormatFileSize(size int64) string {
return fmt.Sprintf("%.2f GB", float64(size)/(1024*1024*1024))
}
func HashFile(file io.Reader, extension string) (string, error) {
func HashFile(file io.Reader, extension string, full bool) (string, error) {
hasher := md5.New()
if _, err := io.Copy(hasher, file); err != nil {
return "", err
}
sha1Hash := hex.EncodeToString(hasher.Sum(nil))[:8]
sha1Hash := strings.ToUpper(hex.EncodeToString(hasher.Sum(nil)))
filename := fmt.Sprintf("%s%s", sha1Hash, extension)
return filename, nil
if full {
return filename, nil
} else {
return fmt.Sprintf("%s%s", sha1Hash[:5], extension), nil
}
}
func SaveFile(name string, file io.Reader) error {

View File

@ -20,8 +20,9 @@
</a>
</div>
<form action="/upload" method="POST">
<textarea name="content" placeholder="Enter your content here..."></textarea><br />
<form action="/" method="POST">
<textarea name="content" placeholder="Enter your content here..."></textarea>
<br />
<button type="submit">upload</button>
</form>

View File

@ -213,12 +213,14 @@
<source src="{{.Name}}" type="video/mp4" />
Your browser does not support the video tag.
</video>
{{else}}
<p>
Couldn't detect file from extension, visit
<a href="http://{{.Path}}">this link</a> to see/download your file.
</p>
{{end}}
{{else if eq .Type "audio"}}
<audio controls src="{{.Name}}"><audio />
{{else}}
<p>
Couldn't detect file from extension, visit
<a href="http://{{.Path}}">this link</a> to see/download your file.
</p>
{{end}}
</div>
<footer>file uploaded in {{.TimeUploaded}}</footer>
</body>