Hugging Face's logo

Spaces:
mike23415
/
Sharelock
Sleeping

App Files Community
mike23415 commited on
Commit
0a9cca4
Β·
verified Β·
1 Parent(s): 592595c

Update app.py

Browse files
Files changed (1) hide show
  1. app.py +22 -54
app.py CHANGED
@@ -163,7 +163,7 @@ def index():
163
 
164
  @app.route("/api/store", methods=["POST"])
165
  def store():
166
- """Store encrypted secret with enhanced features"""
167
  try:
168
  form = request.form
169
  data = form.get("data")
@@ -177,33 +177,10 @@ def store():
177
  delay_seconds = int(form.get("delay_seconds", 0))
178
  theme = form.get("theme", "default")
179
  password_hint = form.get("password_hint", "")
 
180
 
181
- # Handle file upload
182
- file_data = None
183
- file_type = None
184
- file_name = None
185
-
186
- if 'file' in request.files:
187
- file = request.files['file']
188
- if file and file.filename:
189
- # Check file size
190
- file.seek(0, os.SEEK_END)
191
- file_size = file.tell()
192
- file.seek(0)
193
-
194
- if file_size > MAX_FILE_SIZE:
195
- return jsonify({"error": f"File too large. Max size: {MAX_FILE_SIZE/1024/1024:.1f}MB"}), 400
196
-
197
- # Process file
198
- file_name = secure_filename(file.filename)
199
- file_type = get_file_type(file_name)
200
-
201
- if file_type == 'unknown':
202
- return jsonify({"error": "File type not supported"}), 400
203
-
204
- # Read and encode file
205
- file_content = file.read()
206
- file_data = base64.b64encode(file_content).decode('utf-8')
207
 
208
  # Generate IDs
209
  secret_id = str(uuid.uuid4())
@@ -213,17 +190,15 @@ def store():
213
  while short_id in SHORT_LINKS:
214
  short_id = generate_short_id()
215
 
216
- # Store secret
217
  SECRETS[secret_id] = {
218
- "data": data,
219
- "file_data": file_data,
220
- "file_type": file_type,
221
- "file_name": file_name,
222
  "expire_at": time.time() + ttl,
223
  "view_once": view_once,
224
  "delay_seconds": delay_seconds,
225
  "theme": theme,
226
  "password_hint": password_hint,
 
227
  "created_at": time.time(),
228
  "creator_ip": get_client_ip(request),
229
  "access_count": 0
@@ -243,7 +218,7 @@ def store():
243
  "short_url": f"{base_url}/s/{short_id}",
244
  "qr_code": qr_code,
245
  "expires_at": SECRETS[secret_id]["expire_at"],
246
- "has_file": file_data is not None
247
  })
248
 
249
  except Exception as e:
@@ -251,7 +226,7 @@ def store():
251
 
252
  @app.route("/api/fetch/<secret_id>")
253
  def fetch(secret_id):
254
- """Fetch and decrypt secret with analytics - MODIFIED TO HANDLE verify_only"""
255
  try:
256
  # Check if it's a short link
257
  if secret_id in SHORT_LINKS:
@@ -272,7 +247,7 @@ def fetch(secret_id):
272
  del SHORT_LINKS[short_id]
273
  return jsonify({"error": "Secret has expired"}), 410
274
 
275
- # CHECK FOR verify_only PARAMETER
276
  verify_only = request.args.get('verify_only', 'false').lower() == 'true'
277
 
278
  # Only record access and increment count if NOT verify_only
@@ -283,21 +258,16 @@ def fetch(secret_id):
283
  # Increment access count
284
  secret["access_count"] += 1
285
 
286
- # Prepare response
287
  response = {
288
- "data": secret["data"],
289
  "theme": secret.get("theme", "default"),
290
  "delay_seconds": secret.get("delay_seconds", 0),
291
  "password_hint": secret.get("password_hint", ""),
 
292
  "access_count": secret["access_count"]
293
  }
294
 
295
- # Include file data if present
296
- if secret.get("file_data"):
297
- response["file_data"] = secret["file_data"]
298
- response["file_type"] = secret.get("file_type", "unknown")
299
- response["file_name"] = secret.get("file_name", "unknown")
300
-
301
  # Handle view-once deletion (only if not verify_only)
302
  if secret["view_once"] and not verify_only:
303
  # Delete the secret
@@ -355,7 +325,7 @@ def get_analytics(secret_id):
355
 
356
  @app.route("/api/secrets")
357
  def list_secrets():
358
- """List all active secrets (for dashboard)"""
359
  try:
360
  current_time = time.time()
361
  active_secrets = []
@@ -375,11 +345,10 @@ def list_secrets():
375
  "created_at": secret["created_at"],
376
  "expires_at": secret["expire_at"],
377
  "view_once": secret["view_once"],
378
- "has_file": secret.get("file_data") is not None,
379
- "file_type": secret.get("file_type"),
380
  "theme": secret.get("theme", "default"),
381
  "access_count": secret.get("access_count", 0),
382
- "preview": secret["data"][:100] + "..." if len(secret["data"]) > 100 else secret["data"]
383
  })
384
 
385
  return jsonify({
@@ -457,18 +426,16 @@ def get_qr_code(secret_id):
457
  except Exception as e:
458
  return jsonify({"error": str(e)}), 500
459
 
 
460
  @app.route("/api/stats")
461
  def get_stats():
462
- """Get overall statistics"""
463
  try:
464
  total_secrets = len(SECRETS)
465
  total_accesses = sum(len(analytics) for analytics in ANALYTICS.values())
466
 
467
- # Count by file type
468
- file_types = {}
469
- for secret in SECRETS.values():
470
- file_type = secret.get("file_type", "text")
471
- file_types[file_type] = file_types.get(file_type, 0) + 1
472
 
473
  # Count by theme
474
  themes = {}
@@ -479,7 +446,7 @@ def get_stats():
479
  return jsonify({
480
  "total_secrets": total_secrets,
481
  "total_accesses": total_accesses,
482
- "file_types": file_types,
483
  "themes": themes,
484
  "active_short_links": len(SHORT_LINKS)
485
  })
@@ -532,6 +499,7 @@ if __name__ == "__main__":
532
  print("πŸ” Sharelock Backend Starting...")
533
  print("πŸ“Š Features enabled:")
534
  print(" βœ… End-to-end encryption")
 
535
  print(" βœ… File uploads (5MB max)")
536
  print(" βœ… QR code generation")
537
  print(" βœ… Analytics tracking")
 
163
 
164
  @app.route("/api/store", methods=["POST"])
165
  def store():
166
+ """Store encrypted secret with enhanced features - MODIFIED FOR FRONTEND FILE ENCRYPTION"""
167
  try:
168
  form = request.form
169
  data = form.get("data")
 
177
  delay_seconds = int(form.get("delay_seconds", 0))
178
  theme = form.get("theme", "default")
179
  password_hint = form.get("password_hint", "")
180
+ has_file = form.get("has_file", "false").lower() == "true" # NEW: File flag from frontend
181
 
182
+ # REMOVED: File upload handling (no longer needed)
183
+ # The frontend now encrypts files into the data field
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
184
 
185
  # Generate IDs
186
  secret_id = str(uuid.uuid4())
 
190
  while short_id in SHORT_LINKS:
191
  short_id = generate_short_id()
192
 
193
+ # Store secret - SIMPLIFIED STRUCTURE
194
  SECRETS[secret_id] = {
195
+ "data": data, # Now contains encrypted message + file data
 
 
 
196
  "expire_at": time.time() + ttl,
197
  "view_once": view_once,
198
  "delay_seconds": delay_seconds,
199
  "theme": theme,
200
  "password_hint": password_hint,
201
+ "has_file": has_file, # NEW: Flag to indicate if encrypted data contains file
202
  "created_at": time.time(),
203
  "creator_ip": get_client_ip(request),
204
  "access_count": 0
 
218
  "short_url": f"{base_url}/s/{short_id}",
219
  "qr_code": qr_code,
220
  "expires_at": SECRETS[secret_id]["expire_at"],
221
+ "has_file": has_file # Return the file flag
222
  })
223
 
224
  except Exception as e:
 
226
 
227
  @app.route("/api/fetch/<secret_id>")
228
  def fetch(secret_id):
229
+ """Fetch and decrypt secret with analytics - SIMPLIFIED FOR FRONTEND DECRYPTION"""
230
  try:
231
  # Check if it's a short link
232
  if secret_id in SHORT_LINKS:
 
247
  del SHORT_LINKS[short_id]
248
  return jsonify({"error": "Secret has expired"}), 410
249
 
250
+ # Check for verify_only parameter
251
  verify_only = request.args.get('verify_only', 'false').lower() == 'true'
252
 
253
  # Only record access and increment count if NOT verify_only
 
258
  # Increment access count
259
  secret["access_count"] += 1
260
 
261
+ # SIMPLIFIED RESPONSE - No separate file handling
262
  response = {
263
+ "data": secret["data"], # Encrypted data (contains message + file)
264
  "theme": secret.get("theme", "default"),
265
  "delay_seconds": secret.get("delay_seconds", 0),
266
  "password_hint": secret.get("password_hint", ""),
267
+ "has_file": secret.get("has_file", False), # File flag for frontend
268
  "access_count": secret["access_count"]
269
  }
270
 
 
 
 
 
 
 
271
  # Handle view-once deletion (only if not verify_only)
272
  if secret["view_once"] and not verify_only:
273
  # Delete the secret
 
325
 
326
  @app.route("/api/secrets")
327
  def list_secrets():
328
+ """List all active secrets (for dashboard) - UPDATED FOR FRONTEND FILE ENCRYPTION"""
329
  try:
330
  current_time = time.time()
331
  active_secrets = []
 
345
  "created_at": secret["created_at"],
346
  "expires_at": secret["expire_at"],
347
  "view_once": secret["view_once"],
348
+ "has_file": secret.get("has_file", False), # UPDATED: Use file flag
 
349
  "theme": secret.get("theme", "default"),
350
  "access_count": secret.get("access_count", 0),
351
+ "preview": "Encrypted data" # UPDATED: Can't preview encrypted data
352
  })
353
 
354
  return jsonify({
 
426
  except Exception as e:
427
  return jsonify({"error": str(e)}), 500
428
 
429
+ # 5. UPDATE THE STATS ENDPOINT
430
  @app.route("/api/stats")
431
  def get_stats():
432
+ """Get overall statistics - UPDATED FOR FRONTEND FILE ENCRYPTION"""
433
  try:
434
  total_secrets = len(SECRETS)
435
  total_accesses = sum(len(analytics) for analytics in ANALYTICS.values())
436
 
437
+ # Count secrets with files
438
+ secrets_with_files = sum(1 for secret in SECRETS.values() if secret.get("has_file", False))
 
 
 
439
 
440
  # Count by theme
441
  themes = {}
 
446
  return jsonify({
447
  "total_secrets": total_secrets,
448
  "total_accesses": total_accesses,
449
+ "secrets_with_files": secrets_with_files, # UPDATED: File count
450
  "themes": themes,
451
  "active_short_links": len(SHORT_LINKS)
452
  })
 
499
  print("πŸ” Sharelock Backend Starting...")
500
  print("πŸ“Š Features enabled:")
501
  print(" βœ… End-to-end encryption")
502
+ print(" βœ… Frontend file encryption")
503
  print(" βœ… File uploads (5MB max)")
504
  print(" βœ… QR code generation")
505
  print(" βœ… Analytics tracking")