-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathserver_upload.py
More file actions
101 lines (82 loc) · 3.64 KB
/
server_upload.py
File metadata and controls
101 lines (82 loc) · 3.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
import os
import subprocess
import random
from glob import glob
from flask import Flask, flash, request, redirect, url_for, jsonify
from werkzeug.utils import secure_filename
# UPLOAD_FOLDER = '/home/kw/repo/gitlab-backup'
UPLOAD_FOLDER = '/misc/backup/gitlab'
ALLOWED_EXTENSIONS = {'txt', 'pdf', 'png', 'jpg', 'jpeg', 'gif', 'tar'}
app = Flask(__name__)
app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER
def allowed_file(filename):
return '.' in filename and \
filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS
def validate_token(token):
# Replace with your validation logic (e.g., JWT decoding)
if token == os.environ['TOKEN']:
return True
return False
@app.route('/list', methods=['GET'])
def list_files():
if request.method == 'GET':
# check if the post request has the file part
auth_header = request.headers.get('Authorization')
if not auth_header:
return jsonify({"error": "Authorization header is missing"}), 401
# Check if it starts with "Bearer "
if not auth_header.startswith("Bearer "):
return jsonify({"error": "Invalid Authorization header format"}), 401
# Extract the token
token = auth_header.split(" ")[1]
# Validate the token
if not validate_token(token):
return jsonify({"error": "Invalid or expired token"}), 403
list_of_files = glob(os.path.join(app.config['UPLOAD_FOLDER'], '*'))
return {"files": list_of_files}, 200
return {"status": "listerror"}, 400
@app.route('/upload', methods=['POST'])
def upload_file():
if request.method == 'POST':
# check if the post request has the file part
auth_header = request.headers.get('Authorization')
if not auth_header:
return jsonify({"error": "Authorization header is missing"}), 401
# Check if it starts with "Bearer "
if not auth_header.startswith("Bearer "):
return jsonify({"error": "Invalid Authorization header format"}), 401
# Extract the token
token = auth_header.split(" ")[1]
# Validate the token
if not validate_token(token):
return jsonify({"error": "Invalid or expired token"}), 403
if 'file' not in request.files:
flash('No file part')
return redirect(request.url)
file = request.files['file']
# if user does not select file, browser also
# submit an empty part without filename
if file.filename == '':
flash('No selected file')
return redirect(request.url)
if file and allowed_file(file.filename):
filename = secure_filename(file.filename)
# full_filename = os.path.join(app.config['UPLOAD_FOLDER'], filename)+str(random.randrange(1, 999999))
full_filename = os.path.join(app.config['UPLOAD_FOLDER'], filename)
print(full_filename)
try:
file.save(full_filename)
except (PermissionError, OSError):
return {"status": "save not allowed"}, 400
ret = subprocess.run(["sudo", "chattr", "+i", full_filename])
print("ret = ", ret)
if ret.returncode != 0:
return {"status":"cannot change attribute"}, 400
return {"status":"all is good"}, 200
return {"status": "error"}, 400
if __name__== '__main__':
cert_file = '/usr/local/pki/fullchain.pem'
key_file = '/usr/local/pki/privkey.pem'
app.secret_key = 'super secret key'
app.config['SESSION_TYPE'] = 'filesystem'
app.run(host='0.0.0.0', debug=True, port=18629, ssl_context=(cert_file, key_file))