Spaces:

mike23415
/

Sharelock

Sleeping

App Files Files Community

mike23415 commited on Jun 19

Commit

592595c

verified ·

1 Parent(s): fab4a8e

Update app.py

Browse files

Files changed (1) hide show

app.py +49 -49

app.py CHANGED Viewed

@@ -33,7 +33,7 @@ ALLOWED_EXTENSIONS = {
 }
 def get_file_type(filename):
-    """Determine file type based on extension - NO CHANGES NEEDED"""
     if not filename:
         return 'unknown'
@@ -163,7 +163,7 @@ def index():
 @app.route("/api/store", methods=["POST"])
 def store():
-    """Store encrypted secret with enhanced encrypted file support"""
     try:
         form = request.form
         data = form.get("data")
@@ -178,23 +178,32 @@ def store():
         theme = form.get("theme", "default")
         password_hint = form.get("password_hint", "")
-        # Handle ENCRYPTED file data from frontend
-        encrypted_file = form.get("encrypted_file")  # NEW: Get encrypted file data
-        file_name = form.get("file_name")            # NEW: Get file name
-        file_type = form.get("file_type")            # NEW: Get file type
-        file_size = form.get("file_size")            # NEW: Get original file size
-        # REMOVE the old file handling code that processed raw files
-        # No need to handle 'file' in request.files anymore since frontend sends encrypted data
-        # Validate encrypted file data if present
-        if encrypted_file:
-            if not file_name or not file_type:
-                return jsonify({"error": "File name and type required for encrypted files"}), 400
-            # Optional: Validate file size (encrypted data will be larger due to base64 encoding)
-            if file_size and int(file_size) > MAX_FILE_SIZE:
-                return jsonify({"error": f"File too large. Max size: {MAX_FILE_SIZE/1024/1024:.1f}MB"}), 400
         # Generate IDs
         secret_id = str(uuid.uuid4())
@@ -204,13 +213,12 @@ def store():
         while short_id in SHORT_LINKS:
             short_id = generate_short_id()
-        # Store secret with encrypted file data
         SECRETS[secret_id] = {
             "data": data,
-            "encrypted_file": encrypted_file,        # NEW: Store encrypted file data
-            "file_name": file_name,                  # NEW: Store file name
-            "file_type": file_type,                  # NEW: Store file type
-            "file_size": file_size,                  # NEW: Store original file size
             "expire_at": time.time() + ttl,
             "view_once": view_once,
             "delay_seconds": delay_seconds,
@@ -235,7 +243,7 @@ def store():
             "short_url": f"{base_url}/s/{short_id}",
             "qr_code": qr_code,
             "expires_at": SECRETS[secret_id]["expire_at"],
-            "has_file": encrypted_file is not None  # MODIFIED: Check encrypted_file instead
         })
     except Exception as e:
@@ -243,7 +251,7 @@ def store():
 @app.route("/api/fetch/<secret_id>")
 def fetch(secret_id):
-    """Fetch encrypted secret with encrypted file data"""
     try:
         # Check if it's a short link
         if secret_id in SHORT_LINKS:
@@ -264,7 +272,7 @@ def fetch(secret_id):
                     del SHORT_LINKS[short_id]
             return jsonify({"error": "Secret has expired"}), 410
-        # Check for verify_only parameter
         verify_only = request.args.get('verify_only', 'false').lower() == 'true'
         # Only record access and increment count if NOT verify_only
@@ -284,12 +292,11 @@ def fetch(secret_id):
             "access_count": secret["access_count"]
         }
-        # Include ENCRYPTED file data if present
-        if secret.get("encrypted_file"):
-            response["encrypted_file"] = secret["encrypted_file"]  # MODIFIED: Return encrypted file
-            response["file_name"] = secret.get("file_name", "unknown")
             response["file_type"] = secret.get("file_type", "unknown")
-            response["file_size"] = secret.get("file_size")
         # Handle view-once deletion (only if not verify_only)
         if secret["view_once"] and not verify_only:
@@ -348,7 +355,7 @@ def get_analytics(secret_id):
 @app.route("/api/secrets")
 def list_secrets():
-    """List all active secrets with encrypted file info"""
     try:
         current_time = time.time()
         active_secrets = []
@@ -368,10 +375,8 @@ def list_secrets():
                     "created_at": secret["created_at"],
                     "expires_at": secret["expire_at"],
                     "view_once": secret["view_once"],
-                    "has_file": secret.get("encrypted_file") is not None,  # MODIFIED: Check encrypted_file
-                    "file_name": secret.get("file_name"),                   # NEW: Include file name
-                    "file_type": secret.get("file_type"),                   # MODIFIED: File type from metadata
-                    "file_size": secret.get("file_size"),                   # NEW: Include file size
                     "theme": secret.get("theme", "default"),
                     "access_count": secret.get("access_count", 0),
                     "preview": secret["data"][:100] + "..." if len(secret["data"]) > 100 else secret["data"]
@@ -454,19 +459,16 @@ def get_qr_code(secret_id):
 @app.route("/api/stats")
 def get_stats():
-    """Get overall statistics with encrypted file info"""
     try:
         total_secrets = len(SECRETS)
         total_accesses = sum(len(analytics) for analytics in ANALYTICS.values())
-        # Count by file type (now from metadata, not actual files)
         file_types = {}
         for secret in SECRETS.values():
-            if secret.get("encrypted_file"):  # MODIFIED: Check for encrypted_file
-                file_type = secret.get("file_type", "unknown")
-                file_types[file_type] = file_types.get(file_type, 0) + 1
-            else:
-                file_types["text"] = file_types.get("text", 0) + 1
         # Count by theme
         themes = {}
@@ -479,8 +481,7 @@ def get_stats():
             "total_accesses": total_accesses,
             "file_types": file_types,
             "themes": themes,
-            "active_short_links": len(SHORT_LINKS),
-            "encrypted_files": sum(1 for secret in SECRETS.values() if secret.get("encrypted_file"))  # NEW
         })
     except Exception as e:
@@ -530,8 +531,8 @@ def internal_error(error):
 if __name__ == "__main__":
     print("🔐 Sharelock Backend Starting...")
     print("📊 Features enabled:")
-    print("   ✅ End-to-end encryption (messages + files)")  # MODIFIED
-    print("   ✅ Client-side file encryption (5MB max)")     # MODIFIED
     print("   ✅ QR code generation")
     print("   ✅ Analytics tracking")
     print("   ✅ Short URLs")
@@ -539,7 +540,6 @@ if __name__ == "__main__":
     print("   ✅ Multiple themes")
     print("   ✅ Password hints")
     print("   ✅ verify_only parameter support")
-    print("   🔒 Files never stored unencrypted on server")  # NEW
     print("🚀 Server running on http://0.0.0.0:7860")
     app.run(host="0.0.0.0", port=7860, debug=True)

 }
 def get_file_type(filename):
+    """Determine file type based on extension"""
     if not filename:
         return 'unknown'
 @app.route("/api/store", methods=["POST"])
 def store():
+    """Store encrypted secret with enhanced features"""
     try:
         form = request.form
         data = form.get("data")
         theme = form.get("theme", "default")
         password_hint = form.get("password_hint", "")
+        # Handle file upload
+        file_data = None
+        file_type = None
+        file_name = None
+        if 'file' in request.files:
+            file = request.files['file']
+            if file and file.filename:
+                # Check file size
+                file.seek(0, os.SEEK_END)
+                file_size = file.tell()
+                file.seek(0)
+                if file_size > MAX_FILE_SIZE:
+                    return jsonify({"error": f"File too large. Max size: {MAX_FILE_SIZE/1024/1024:.1f}MB"}), 400
+                # Process file
+                file_name = secure_filename(file.filename)
+                file_type = get_file_type(file_name)
+                if file_type == 'unknown':
+                    return jsonify({"error": "File type not supported"}), 400
+                # Read and encode file
+                file_content = file.read()
+                file_data = base64.b64encode(file_content).decode('utf-8')
         # Generate IDs
         secret_id = str(uuid.uuid4())
         while short_id in SHORT_LINKS:
             short_id = generate_short_id()
+        # Store secret
         SECRETS[secret_id] = {
             "data": data,
+            "file_data": file_data,
+            "file_type": file_type,
+            "file_name": file_name,
             "expire_at": time.time() + ttl,
             "view_once": view_once,
             "delay_seconds": delay_seconds,
             "short_url": f"{base_url}/s/{short_id}",
             "qr_code": qr_code,
             "expires_at": SECRETS[secret_id]["expire_at"],
+            "has_file": file_data is not None
         })
     except Exception as e:
 @app.route("/api/fetch/<secret_id>")
 def fetch(secret_id):
+    """Fetch and decrypt secret with analytics - MODIFIED TO HANDLE verify_only"""
     try:
         # Check if it's a short link
         if secret_id in SHORT_LINKS:
                     del SHORT_LINKS[short_id]
             return jsonify({"error": "Secret has expired"}), 410
+        # CHECK FOR verify_only PARAMETER
         verify_only = request.args.get('verify_only', 'false').lower() == 'true'
         # Only record access and increment count if NOT verify_only
             "access_count": secret["access_count"]
         }
+        # Include file data if present
+        if secret.get("file_data"):
+            response["file_data"] = secret["file_data"]
             response["file_type"] = secret.get("file_type", "unknown")
+            response["file_name"] = secret.get("file_name", "unknown")
         # Handle view-once deletion (only if not verify_only)
         if secret["view_once"] and not verify_only:
 @app.route("/api/secrets")
 def list_secrets():
+    """List all active secrets (for dashboard)"""
     try:
         current_time = time.time()
         active_secrets = []
                     "created_at": secret["created_at"],
                     "expires_at": secret["expire_at"],
                     "view_once": secret["view_once"],
+                    "has_file": secret.get("file_data") is not None,
+                    "file_type": secret.get("file_type"),
                     "theme": secret.get("theme", "default"),
                     "access_count": secret.get("access_count", 0),
                     "preview": secret["data"][:100] + "..." if len(secret["data"]) > 100 else secret["data"]
 @app.route("/api/stats")
 def get_stats():
+    """Get overall statistics"""
     try:
         total_secrets = len(SECRETS)
         total_accesses = sum(len(analytics) for analytics in ANALYTICS.values())
+        # Count by file type
         file_types = {}
         for secret in SECRETS.values():
+            file_type = secret.get("file_type", "text")
+            file_types[file_type] = file_types.get(file_type, 0) + 1
         # Count by theme
         themes = {}
             "total_accesses": total_accesses,
             "file_types": file_types,
             "themes": themes,
+            "active_short_links": len(SHORT_LINKS)
         })
     except Exception as e:
 if __name__ == "__main__":
     print("🔐 Sharelock Backend Starting...")
     print("📊 Features enabled:")
+    print("   ✅ End-to-end encryption")
+    print("   ✅ File uploads (5MB max)")
     print("   ✅ QR code generation")
     print("   ✅ Analytics tracking")
     print("   ✅ Short URLs")
     print("   ✅ Multiple themes")
     print("   ✅ Password hints")
     print("   ✅ verify_only parameter support")
     print("🚀 Server running on http://0.0.0.0:7860")
     app.run(host="0.0.0.0", port=7860, debug=True)