BradBot_1/FileSurva
1
0
Fork 0
Code Issues Pull requests Releases Activity

init

Browse source
This commit is contained in:
BradBot_1 2023-01-31 19:46:27 +00:00
commit e88685c294
8 changed files with 629 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored Normal file
View file

@ -0,0 +1,3 @@
data/
node_modules/
package-lock.json

24
Dockerfile Normal file
View file

@ -0,0 +1,24 @@
FROM node:16
ENV COOKIE_SECRET CHANGEME!
ENV ADMIN_KEY CHANGEME!
#ENV REDIS_HOST redis://localhost:6379
ENV HOST 0.0.0.0
ENV DISPLAY_HOST localhost
ENV INDEX_PATH "./index.html"
ENV LOGIN_PATH "./login.html"
ENV VERIFY_PATH "./verify.html"
COPY ./src/index.js index.js
COPY package.json package.json
COPY ./src/index.html index.html
COPY ./src/login.html login.html
COPY ./src/verify.html verify.html
RUN npm install
EXPOSE 80
ENTRYPOINT [ "node", "index.js" ]

27
docker-compose.yml Normal file
View file

@ -0,0 +1,27 @@
version: '3'
services:
server:
image: bradbot1/filesurva
build: .
environment:
REDIS_HOST: redis://redis:6379
COOKIE_SECRET: FumosAreCool!
ADMIN_KEY: yek_nimdA
DISPLAY_HOST: localhost
HOST: 0.0.0.0
ports:
- ":80:80"
networks:
- app-internal
depends_on:
- redis
restart: always
redis:
image: redis
networks:
- app-internal
restart: always
networks:
app-internal:

22
package.json Normal file
View file

@ -0,0 +1,22 @@
{
"name": "file-surva",
"version": "1.0.0",
"description": "",
"main": "src/index.js",
"type": "module",
"scripts": {
"start": "node ./src/index.js",
"watch": "nodemon --ext js"
},
"keywords": [],
"author": "",
"license": "ISC",
"dependencies": {
"@fastify/cookie": "^8.3.0",
"@fastify/multipart": "^7.4.0",
"@fastify/static": "^6.8.0",
"basic-ftp": "^5.0.2",
"fastify": "^4.12.0",
"redis": "^4.6.3"
}
}

135
src/index.html Normal file
View file

@ -0,0 +1,135 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
</head>
<body>
<div id="containers">
<table id="containerDisplay" border="1" style="border-collapse:collapse;">
<thead>
<tr>
<th style="padding: 1vw;">Name</th>
<th style="padding: 1vw;">Type</th>
<th style="padding: 1vw;">URL</th>
<th style="padding: 1vw;">Status</th>
<th style="padding: 1vw;">Actions</th>
</tr>
</thead>
<tbody id="containers-body">
<tr>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
</div>
<script type="text/javascript">
async function buildContainers() {
const containerBody = document.getElementById("containers-body");
containerBody.innerHTML = "";
const fetchData = await fetch("/frontend/container");
const jsonData = await fetchData.json();
for (const container of jsonData) {
const row = document.createElement("tr");
const nameColumn = document.createElement("th");
nameColumn.textContent = container.name.length > 8 ? container.name.substring(0, 8) : container.name;
nameColumn.id = "container-" + container.name;
row.appendChild(nameColumn);
const typeColumn = document.createElement("th");
typeColumn.textContent = container.type;
row.appendChild(typeColumn);
const urlColumn = document.createElement("th");
urlColumn.textContent = container.url;
row.appendChild(urlColumn);
const statusColumn = document.createElement("th");
statusColumn.textContent = container.status;
row.appendChild(statusColumn);
const actionsColumn = document.createElement("th");
const deleteAction = document.createElement("button");
deleteAction.setAttribute("type", "button");
deleteAction.textContent = "Delete";
deleteAction.addEventListener("click", async (e) => {
e.preventDefault();
if (confirm(`Are you sure you want to delete the container "${container.name}"?`)) {
const jsonData = await (await fetch("/frontend/container", {
method: "DELETE",
body: container.name
})).json();
if (jsonData.success) buildContainers();
else alert(jsonData.message);
}
})
actionsColumn.appendChild(deleteAction);
row.appendChild(actionsColumn);
containerBody.appendChild(row);
}
const row = document.createElement("tr");
const nameColumn = document.createElement("th");
const nameInputField = document.createElement("input");
nameInputField.setAttribute("type", "text");
nameInputField.setAttribute("placeholder", "optional");
nameColumn.appendChild(nameInputField);
row.appendChild(nameColumn);
const typeColumn = document.createElement("th");
const typeInputField = document.createElement("select");
const typeInputFieldOption1 = document.createElement("option");
typeInputFieldOption1.setAttribute("value", "ftp");
typeInputFieldOption1.textContent = "ftp";
typeInputField.appendChild(typeInputFieldOption1);
const typeInputFieldOption2 = document.createElement("option");
typeInputFieldOption2.setAttribute("value", "sftp");
typeInputFieldOption2.textContent = "sftp";
typeInputField.appendChild(typeInputFieldOption2);
typeColumn.appendChild(typeInputField);
row.appendChild(typeColumn);
const urlColumn = document.createElement("th");
const urlInputField = document.createElement("input");
urlInputField.setAttribute("type", "text");
urlInputField.setAttribute("placeholder", "required");
urlColumn.appendChild(urlInputField);
row.appendChild(urlColumn);
const statusColumn = document.createElement("th");
statusColumn.style.backgroundColor = "black";
row.appendChild(statusColumn);
const actionsColumn = document.createElement("th");
const createButton = document.createElement("button");
createButton.setAttribute("type", "button");
createButton.textContent = "Create";
createButton.addEventListener('click', async (e) => {
e.preventDefault();
var body = {
name: nameInputField.value == "" ? undefined : nameInputField.value,
type: typeInputField.value
};
urlInputField.value = urlInputField.value.replace(/.*:\/\//, ""); // remove protocol
if (urlInputField.value.includes("@")) {
body.url = urlInputField.value.substring(urlInputField.value.indexOf("@") + 1)
console.log(body.url);
const toCheck = urlInputField.value.substring(0, urlInputField.value.indexOf("@"));
if (toCheck.includes(":")) {
body.user = toCheck.substring(0, toCheck.indexOf(":")).replaceAll("<at>", "@")
body.password = toCheck.substring(toCheck.indexOf(":") + 1).replaceAll("<at>", "@")
} else body.user = toCheck;
} else body.url = urlInputField.value;
const jsonData = await (await fetch("/frontend/container", {
method: 'POST',
body: JSON.stringify(body)
})).json();
if (jsonData.success) buildContainers();
else alert(jsonData.message);
});
actionsColumn.appendChild(createButton);
row.appendChild(actionsColumn);
containerBody.appendChild(row);
console.log("Added " + jsonData.length + " containers");
}
buildContainers();
</script>
</body>
</html>

347
src/index.js Normal file
View file

@ -0,0 +1,347 @@
import Fastify from 'fastify';
import Static from '@fastify/static';
import Cookie from '@fastify/cookie';
import { createClient } from 'redis';
import { join } from 'path';
import { writeFileSync, readFileSync, mkdirSync, createWriteStream, unlinkSync } from 'fs';
import multipart from '@fastify/multipart';
import { Client } from 'basic-ftp';
import { pipeline } from 'stream';
import util from 'util';
/**
{
"name": "", // nickname for the container
"char": '', // char for human readable drive junk
"type": "", // think ftp, etc
"data": { // data to make the container work
"url": "",
"user": "",
password: ""
}
}
*/
const containers = [];
try {
const parsedContainers = JSON.parse(readFileSync(join(process.cwd(), "./data/containers.json"), "utf8"));
for (var container of parsedContainers)
containers.push(container);
console.log("Loaded " + parsedContainers.length + " containers");
} catch (e) {
console.error("Failed to get saved containers");
try {
mkdirSync(join(process.cwd(), "./data/"));
} catch {}
try {
mkdirSync(join(process.cwd(), "./data/uploads/"));
} catch {}
}
/**
*
* @param {*} data A representation of a container
* @returns If the container was created successfully
*/
function createContainer(data) {
var container = {
name: data.name || Buffer.from(`${Math.random() ** 51}`).toString('base64').replaceAll("=", ""),
data: {}
};
switch (data.type) {
case "sftp":
container.data.secure = true;
case "ftp":
container.type = "ftp";
container.data.host = data.url;
container.data.user = data.user || "root";
container.data.password = data.password;
break;
default:
console.error("Invalid container type provided");
return false;
}
const taken = [];
for (const cont of containers) taken.push(cont.char.charCodeAt(0));
var letter = 'a'.charCodeAt(0);
while (taken.includes(letter)) letter++;
container.char = String.fromCharCode(letter);
containers.push(container);
writeFileSync(join(process.cwd(), "./data/containers.json"), JSON.stringify(containers), "utf8");
console.log("New container: " + container.name);
return true;
}
function removeContainer(name) {
for (var i = 0; i < containers.length; i++) {
if (containers[i].name === name) {
containers.splice(i, 1);
writeFileSync(join(process.cwd(), "./data/containers.json"), JSON.stringify(containers), "utf8");
console.log("Removed container: " + name);
return true;
}
}
console.error("Failed to remove container: " + name);
return false;
}
function findContainer(containerName) {
for (var i = 0; i < containers.length; i++) {
if (containers[i].name === containerName) {
return containers[i];
}
}
console.error("Failed to find container: " + containerName);
return null;
}
async function uploadFile(containerName, fileName, fileAsStream) {
var container = findContainer(containerName);
if (container == null) return false;
switch (container.type) {
case "sftp":
case "ftp":
try {
await ftpClient.access({
host: container.data.host,
user: container.data.user,
password: container.data.password,
secure: container.data.secure
});
await ftpClient.uploadFrom(fileAsStream, fileName);
} catch (e) {
console.error(e);
}
ftpClient.close();
return true;
default:
console.error("Unkown type on container: " + containerName);
return false;
}
}
async function downloadFile(containerName, fileName, outputStream) {
var container = findContainer(containerName);
if (container == null) return false;
switch (container.type) {
case "sftp":
case "ftp":
try {
await ftpClient.access({
host: container.data.host,
user: container.data.user,
password: container.data.password,
secure: container.data.secure
});
await ftpClient.downloadTo(outputStream, fileName);
} catch (e) {
console.error(e);
}
ftpClient.close();
return true;
default:
console.error("Unkown type on container: " + containerName);
return false;
}
}
const ftpClient = new Client();
ftpClient.ftp.verbose = false
const redisClient = createClient({
url: process.env.REDIS_HOST || `redis://${process.env.HOST || 'localhost'}:6379`
});
redisClient.on('error', err => {
console.error('Redis Client Error', err);
process.exit(1);
});
await redisClient.connect();
const app = Fastify({
logger: false
})
app.register(Static, {
root: join(process.cwd(), "/")
})
app.register(Cookie, {
secret: process.env.COOKIE_SECRET || "Fumos!"
});
app.register(multipart);
const adminKey = process.env.ADMIN_KEY || "Fumo";
const indexFilePath = process.env.INDEX_PATH || './src/index.html'
const loginFilePath = process.env.LOGIN_PATH || './src/login.html'
app.get("/", (req, res) => {
const providedKey = req.cookies["ADMIN_KEY"];
if (!providedKey || req.unsignCookie(providedKey).value !== adminKey) res.sendFile(loginFilePath);
else res.sendFile(indexFilePath);
});
app.post("/frontend/validate", (req, res) => {
const provided = req.body;
console.log(provided === adminKey);
if (provided === adminKey) res.setCookie("ADMIN_KEY", provided, {
path: '/',
signed: true
})
res.send({
success: (provided === adminKey)
})
});
app.post("/frontend/container", (req, res) => {
const providedKey = req.cookies["ADMIN_KEY"];
if (!providedKey || req.unsignCookie(providedKey).value !== adminKey) {
res.callNotFound();
return;
}
var data;
try {
data = JSON.parse(req.body);
} catch (e) {
res.status(200).type("text/json").send({
result: "container_creation_fail",
message: "JSON was expected but not provided",
success: false
});
return;
}
if (createContainer(data)) res.status(200).type("text/json").send({
result: "container_creation_success",
success: true
});
else res.status(400).type("text/json").send({
result: "container_creation_fail",
message: "Unable to create container",
success: false
});
});
app.delete("/frontend/container", (req, res) => {
const providedKey = req.cookies["ADMIN_KEY"];
if (!providedKey || req.unsignCookie(providedKey).value !== adminKey) {
res.callNotFound();
return;
}
if (removeContainer(req.body)) res.status(200).type("text/json").send({
result: "container_deletion_success",
message: "Data associated with this container may still be present in uploads",
success: true
});
else res.status(400).type("text/json").send({
result: "container_deletion_fail",
message: "Unable to delete container",
success: false
});
});
app.get("/frontend/container", (req, res) => {
const providedKey = req.cookies["ADMIN_KEY"];
if (!providedKey || req.unsignCookie(providedKey).value !== adminKey) {
res.callNotFound();
return;
}
const responseData = [];
for (const container of containers) {
const current = {};
current.name = container.name;
current.type = container.type;
current.url = container.data.host;
current.status = "TODO";
responseData.push(current);
}
res.status(200).type("text/json").send(responseData);
});
app.get("/api", (req, res) => {
res.send({
about: "Magic",
name: process.env.npm_package_name,
version: process.env.npm_package_version
});
});
const pump = util.promisify(pipeline);
app.post("/api/upload", async (req, res) => {
const providedKey = req.headers.authorization;
if (!providedKey || providedKey !== adminKey) {
res.callNotFound();
return;
}
const uploadContainer = req.query["Container"];
if (!uploadContainer) {
res.status(400).type("text/json").send({
result: "file_upload_fail",
message: "Missing container to upload to",
status: false
});
return;
}
const file = await req.file();
const newFileName = `${Date.now()}-${file.filename}`;
if (await uploadFile(uploadContainer, newFileName, file.file)) {
const password = req.query["Password"];
const container = findContainer(uploadContainer);
await redisClient.set(Buffer.from(`${uploadContainer}|${file.filename}`).toString('base64'), JSON.stringify({
password: password,
actualName: newFileName
}));
res.status(200).type("text/json").send({
result: "file_upload_complete",
url: `${process.env.DISPLAY_HOST || "localhost"}/${container.char}/${file.filename}`,
password: password != null,
success: true
});
} else res.status(400).type("text/json").send({
result: "file_upload_fail",
message: "Failed to upload file",
success: false
});
});
const verifyFilePath = process.env.VERIFY_PATH || './src/verify.html'
app.get("/:char/:file", async (req, res) => {
const { char, file } = req.params;
const providedKey = req.headers.authorization;
var container;
for (const cont of containers) {
if (cont.char === char) {
container = cont;
break;
}
}
if (container == undefined || container == null) {
res.callNotFound();
return;
}
var redisData;
try {
const e = await redisClient.get(Buffer.from(`${container.name}|${file}`).toString('base64'));
if (e == null) {
res.callNotFound();
return;
}
redisData = JSON.parse(e);
} catch (e) {
res.callNotFound();
// res.status(500).type("text/json").send({
// result: "file_download_fail",
// message: "Unable to pull redis data",
// success: false
// });
return;
}
if (redisData?.password !== undefined) {
if (providedKey !== adminKey && redisData?.password !== providedKey) {
await res.status(401).sendFile(verifyFilePath);
return;
}
}
const loc = "./data/uploads/" + redisData.actualName;
await downloadFile(container.name, redisData.actualName, createWriteStream(loc));
await res.sendFile(loc);
unlinkSync(loc);
});
app.listen({ port: parseInt(process.env.PORT || '80') , host: process.env.HOST || 'localhost' }, (err, address) => {
if (err) {
console.error(err);
process.exit(1);
}
console.log(`Server has started on ${address}`);
})

31
src/login.html Normal file
View file

@ -0,0 +1,31 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
</head>
<body style="margin: 0; padding: 0; border: 0;">
<script type="text/javascript">
async function validateLogin(key) {
var fetchResult = await fetch("./frontend/validate", {
method: "POST",
body: key
});
var responseJson = await fetchResult.json();
return responseJson.success;
}
(async() => {
do {
let inputtedKey = prompt("Enter the admin key to access this page");
if (inputtedKey !== null && inputtedKey !== "") {
if (await validateLogin(inputtedKey)) break;
else alert("Please enter the correct key!");
}
} while (true);
window.location.reload(); // load into main page
})();
</script>
</body>
</html>

40
src/verify.html Normal file
View file

@ -0,0 +1,40 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Verify</title>
</head>
<body style="margin: 0; padding: 0; border: 0;">
<script type="text/javascript">
async function validateLogin(key) {
var fetchResult = await fetch("", {
method: "GET",
headers: {
"Authorization": key
}
});
if (fetchResult.status === 200) {
const blobData = await fetchResult.blob();
const link = document.createElement("a");
link.href = URL.createObjectURL(blobData);
link.setAttribute("download", window.location.href.substring(window.location.href.lastIndexOf("/") + 1));
link.click();
URL.revokeObjectURL(link.href);
return true;
}
return false;
}
(async() => {
do {
let inputtedKey = prompt("Enter the password to access this page");
if (inputtedKey !== null && inputtedKey !== "") {
if (await validateLogin(inputtedKey)) break;
else alert("Please enter the correct key!");
}
} while (true);
})();
</script>
</body>
</html>