brammie15/ReSendit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Init

Browse Source
This commit is contained in:
Bram
2026-03-20 12:33:37 +01:00
commit ce3925423f
44 changed files with 3143 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
internal/api/middleware/auth.go Normal file
View File

@@ -0,0 +1,116 @@
package middleware
import (
"net/http"
"os"
"strings"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v4"
)
var jwtSecret = []byte(os.Getenv("JWT_SECRET"))
type Claims struct {
UserID string `json:"user_id"`
Role string `json:"role"`
jwt.RegisteredClaims
}
func AuthMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
var tokenString string
// 🔥 1. Try cookie first (NEW)
cookie, err := c.Cookie("auth_token")
if err == nil && cookie != "" {
tokenString = cookie
}
// 🔥 2. Fallback to Authorization header (for API tools / future SPA)
if tokenString == "" {
authHeader := c.GetHeader("Authorization")
if authHeader != "" {
parts := strings.Split(authHeader, " ")
if len(parts) == 2 && parts[0] == "Bearer" {
tokenString = parts[1]
}
}
}
// ❌ No token at all
if tokenString == "" {
abortUnauthorized(c)
return
}
// 🔐 Parse JWT
claims := &Claims{}
token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, jwt.ErrTokenSignatureInvalid
}
return jwtSecret, nil
})
if err != nil || !token.Valid {
abortUnauthorized(c)
return
}
c.Set("user_id", claims.UserID)
c.Set("role", claims.Role)
c.Next()
}
}
func abortUnauthorized(c *gin.Context) {
if strings.Contains(c.GetHeader("Accept"), "text/html") {
c.Redirect(http.StatusFound, "/login")
} else {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
"error": "unauthorized",
})
}
c.Abort()
}
func RequireRole(roles ...string) gin.HandlerFunc {
return func(c *gin.Context) {
roleValue, exists := c.Get("role")
if !exists {
abortForbidden(c)
return
}
userRole, ok := roleValue.(string)
if !ok {
abortForbidden(c)
return
}
for _, allowed := range roles {
if userRole == allowed {
c.Next()
return
}
}
abortForbidden(c)
}
}
func abortForbidden(c *gin.Context) {
if strings.Contains(c.GetHeader("Accept"), "text/html") {
c.Redirect(http.StatusFound, "/")
} else {
c.AbortWithStatusJSON(http.StatusForbidden, gin.H{
"error": "forbidden",
})
}
c.Abort()
}

1
internal/api/middleware/logging.go Normal file
View File

@@ -0,0 +1 @@
package middleware

5
internal/auth/errors.go Normal file
View File

@@ -0,0 +1,5 @@
package auth
import "errors"
var ErrInvalidCredentials = errors.New("invalid credentials")

63
internal/auth/handler.go Normal file
View File

@@ -0,0 +1,63 @@
package auth
import (
"os"
"github.com/gin-gonic/gin"
)
type Handler struct {
service *Service
}
func NewHandler(s *Service) *Handler {
return &Handler{service: s}
}
func (h *Handler) Me(c *gin.Context) {
userID, _ := c.Get("user_id")
role, _ := c.Get("role")
c.JSON(200, gin.H{
"user_id": userID,
"role": role,
})
}
func (h *Handler) AdminCheck(c *gin.Context) {
c.JSON(200, gin.H{
"message": "you are an admin",
})
}
func (h *Handler) Login(c *gin.Context) {
var req struct {
Username string `json:"username" binding:"required"`
Password string `json:"password" binding:"required"`
}
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(400, gin.H{"error": "Invalid request body"})
return
}
token, err := h.service.Login(req.Username, req.Password)
if err != nil {
c.JSON(401, gin.H{"error": "Invalid credentials"})
return
}
isSecure := os.Getenv("USE_HTTPS") == "true"
c.SetCookie(
"auth_token",
token,
3600*24,
"/",
os.Getenv("DOMAIN"),
isSecure,
true, // httpOnly (IMPORTANT)
)
c.JSON(200, gin.H{"token": token})
}

31
internal/auth/jwt.go Normal file
View File

@@ -0,0 +1,31 @@
package auth
import (
"os"
"time"
"github.com/golang-jwt/jwt/v4"
)
var jwtSecret = []byte(os.Getenv("JWT_SECRET"))
type Claims struct {
Username string `json:"username"`
Role string `json:"role"`
jwt.RegisteredClaims
}
func GenerateJWT(username string, role string) (string, error) {
claims := Claims{
Username: username,
Role: role,
RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(time.Now().Add(24 * time.Hour)), // 24h expiration
IssuedAt: jwt.NewNumericDate(time.Now()),
NotBefore: jwt.NewNumericDate(time.Now()),
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
return token.SignedString(jwtSecret)
}

27
internal/auth/repository.go Normal file
View File

@@ -0,0 +1,27 @@
package auth
import (
"ResendIt/internal/user"
"errors"
"gorm.io/gorm"
)
type Repository struct {
db *gorm.DB
}
func NewRepository(db *gorm.DB) *Repository {
return &Repository{db}
}
func (r *Repository) FindByUsername(username string) (*user.User, error) {
var u user.User
if err := r.db.Where("username = ?", username).First(&u).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return nil, user.ErrUserNotFound
}
return nil, err
}
return &u, nil
}

23
internal/auth/routes.go Normal file
View File

@@ -0,0 +1,23 @@
package auth
import (
"ResendIt/internal/api/middleware"
"github.com/gin-gonic/gin"
)
func RegisterRoutes(r *gin.RouterGroup, h *Handler) {
auth := r.Group("/auth")
auth.POST("/login", h.Login)
protected := auth.Group("/")
protected.Use(middleware.AuthMiddleware())
protected.GET("/me", h.Me)
admin := protected.Group("/")
admin.Use(middleware.RequireRole("admin"))
admin.GET("/admin-check", h.AdminCheck)
}

32
internal/auth/service.go Normal file
View File

@@ -0,0 +1,32 @@
package auth
import (
"ResendIt/internal/security"
"ResendIt/internal/user"
"errors"
)
type Service struct {
repo *Repository
}
func NewService(r *Repository) *Service {
return &Service{repo: r}
}
func (s *Service) Login(username, password string) (string, error) {
u, err := s.repo.FindByUsername(username)
if errors.Is(err, user.ErrUserNotFound) {
// Prevent user enumeration by returning a generic error message
return "", ErrInvalidCredentials
} else if err != nil {
return "", err
}
if !security.CheckPassword(password, u.PasswordHash) {
return "", ErrInvalidCredentials
}
return GenerateJWT(u.Username, u.Role)
}

75
internal/db/db.go Normal file
View File

@@ -0,0 +1,75 @@
package db
import (
"fmt"
"os"
"path/filepath"
"gorm.io/driver/mysql"
"gorm.io/driver/postgres"
"gorm.io/driver/sqlite"
"gorm.io/gorm"
)
func Connect() (*gorm.DB, error) {
dbType := os.Getenv("DB_TYPE")
dsn := os.Getenv("DATABASE_URL")
switch dbType {
case "sqlite":
return connectSQLite(dsn)
case "postgres":
return connectPostgres(dsn)
case "mysql":
return connectMySQL(dsn)
default:
return nil, fmt.Errorf("unsupported DB_TYPE: %s", dbType)
}
}
func connectSQLite(filePath string) (*gorm.DB, error) {
if filePath == "" {
filePath = "./data.db"
}
dir := filepath.Dir(filePath)
if err := os.MkdirAll(dir, 0755); err != nil {
return nil, fmt.Errorf("failed to create directory %s: %w", dir, err)
}
db, err := gorm.Open(sqlite.Open(filePath), &gorm.Config{})
if err != nil {
return nil, fmt.Errorf("failed to open SQLite database: %w", err)
}
return db, nil
}
func connectPostgres(dsn string) (*gorm.DB, error) {
if dsn == "" {
return nil, fmt.Errorf("DATABASE_URL is required for postgres")
}
db, err := gorm.Open(postgres.Open(dsn), &gorm.Config{})
if err != nil {
return nil, fmt.Errorf("failed to connect to Postgres: %w", err)
}
return db, nil
}
func connectMySQL(dsn string) (*gorm.DB, error) {
if dsn == "" {
return nil, fmt.Errorf("DATABASE_URL is required for mysql")
}
db, err := gorm.Open(mysql.Open(dsn), &gorm.Config{})
if err != nil {
return nil, fmt.Errorf("failed to connect to MySQL: %w", err)
}
return db, nil
}

144
internal/file/handlers.go Normal file
View File

@@ -0,0 +1,144 @@
package file
import (
"fmt"
"net/http"
"strconv"
"time"
"github.com/gin-gonic/gin"
)
type Handler struct {
service *Service
}
func NewHandler(s *Service) *Handler {
return &Handler{service: s}
}
func (h *Handler) Upload(c *gin.Context) {
err := c.Request.ParseMultipartForm(0)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
file, err := c.FormFile("file")
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "missing file"})
return
}
f, err := file.Open()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "cannot open file"})
return
}
defer f.Close()
once := c.PostForm("once") == "true"
durationStr := c.PostForm("duration")
hours, err := strconv.Atoi(durationStr)
if err != nil || hours <= 0 {
hours = 24 // default
}
duration := time.Duration(hours) * time.Hour
record, err := h.service.UploadFile(
file.Filename,
f,
once,
duration,
)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
c.JSON(http.StatusOK, gin.H{
"id": record.ID,
"deletion_id": record.DeletionID,
"filename": record.Filename,
"size": record.Size,
"expires_at": record.ExpiresAt,
})
}
func (h *Handler) Download(c *gin.Context) {
id := c.Param("id")
record, err := h.service.DownloadFile(id)
if err != nil {
c.HTML(http.StatusOK, "fileNotFound.html", nil)
return
}
c.Header("Content-Disposition", fmt.Sprintf(`inline; filename="%s"`, record.Filename))
c.File(record.Path)
}
func (h *Handler) Delete(c *gin.Context) {
id := c.Param("del_id")
_, err := h.service.DeleteFileByDeletionID(id)
if err != nil {
c.HTML(http.StatusOK, "fileNotFound.html", nil)
return
}
//c.JSON(http.StatusOK, gin.H{"status": "deleted"})
c.HTML(http.StatusOK, "deleted.html", nil)
}
func (h *Handler) AdminList(c *gin.Context) {
records, err := h.service.repo.GetAll()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
c.JSON(http.StatusOK, records)
}
func (h *Handler) AdminGet(c *gin.Context) {
id := c.Param("id")
record, err := h.service.repo.GetByID(id)
if err != nil {
c.JSON(http.StatusNotFound, gin.H{"error": "file not found"})
return
}
c.File(record.Path)
}
func (h *Handler) AdminDelete(c *gin.Context) {
id := c.Param("id")
_, err := h.service.DeleteFileByID(id)
if err != nil {
c.JSON(http.StatusNotFound, gin.H{"error": "file not found"})
return
}
c.Redirect(301, "/admin")
}
func (h *Handler) AdminForceDelete(c *gin.Context) {
id := c.Param("id")
_, err := h.service.GetFileByID(id)
if err != nil {
c.JSON(http.StatusNotFound, gin.H{"error": "file not found"})
return
}
if _, err := h.service.ForceDelete(id); err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
c.Redirect(301, "/admin")
}

18
internal/file/model.go Normal file
View File

@@ -0,0 +1,18 @@
package file
import (
"time"
)
type FileRecord struct {
ID string `gorm:"primaryKey" json:"id"`
DeletionID string `json:"deletion_id"`
Filename string `json:"filename"`
Path string `json:"-"` // file path on disk (not exposed via JSON)
ExpiresAt time.Time `json:"expires_at"`
DeleteAfterDownload bool `json:"delete_after_download"`
Size int64 `json:"size"`
DownloadCount int `json:"download_count"`
Deleted bool `json:"deleted"`
CreatedAt time.Time `json:"created_at"`
}

86
internal/file/repository.go Normal file
View File

@@ -0,0 +1,86 @@
package file
import (
"errors"
"gorm.io/gorm"
)
var ErrFileNotFound = errors.New("file not found")
type Repository struct {
db *gorm.DB
}
func NewRepository(db *gorm.DB) *Repository {
return &Repository{db: db}
}
func (r *Repository) Create(f *FileRecord) error {
return r.db.Create(f).Error
}
func (r *Repository) GetAll() ([]FileRecord, error) {
var files []FileRecord
if err := r.db.Find(&files).Error; err != nil {
return nil, err
}
return files, nil
}
func (r *Repository) GetByID(id string) (*FileRecord, error) {
var f FileRecord
if err := r.db.First(&f, "id = ?", id).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return nil, ErrFileNotFound
}
return nil, err
}
return &f, nil
}
func (r *Repository) GetPaginated(limit, offset int) ([]FileRecord, int, error) {
var files []FileRecord
var count int64
if err := r.db.Model(&FileRecord{}).Count(&count).Error; err != nil {
return nil, 0, err
}
if err := r.db.
Order("created_at DESC").
Limit(limit).
Offset(offset).
Find(&files).Error; err != nil {
return nil, 0, err
}
return files, int(count), nil
}
func (r *Repository) GetByDeletionID(delID string) (*FileRecord, error) {
var f FileRecord
if err := r.db.First(&f, "deletion_id = ?", delID).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return nil, ErrFileNotFound
}
return nil, err
}
return &f, nil
}
func (r *Repository) IncrementDownload(f *FileRecord) error {
f.DownloadCount++
return r.db.Save(f).Error
}
// MarkDeleted Soft delete the record by setting Deleted to true
func (r *Repository) MarkDeleted(f *FileRecord) error {
f.Deleted = true
return r.db.Save(f).Error
}
// Delete Permanently delete the record from the database
func (r *Repository) Delete(f *FileRecord) error {
return r.db.Delete(f).Error
}

28
internal/file/routes.go Normal file
View File

@@ -0,0 +1,28 @@
package file
import (
"ResendIt/internal/api/middleware"
"github.com/gin-gonic/gin"
)
func RegisterRoutes(r *gin.RouterGroup, h *Handler) {
files := r.Group("/files")
files.POST("/upload", h.Upload)
files.GET("/download/:id", h.Download)
files.GET("/delete/:del_id", h.Delete)
adminRoutes := files.Group("/")
adminRoutes.Use(middleware.AuthMiddleware())
adminRoutes.Use(middleware.RequireRole("admin"))
adminRoutes.GET("/admin", h.AdminList)
adminRoutes.GET("/admin/:id", h.AdminGet)
adminRoutes.GET("/admin/download/:id", h.AdminGet)
adminRoutes.GET("/admin/delete/:id", h.AdminDelete)
adminRoutes.GET("/admin/delete/fr/:id", h.AdminForceDelete)
}

144
internal/file/service.go Normal file
View File

@@ -0,0 +1,144 @@
package file
import (
"io"
"os"
"time"
"github.com/google/uuid"
)
type Service struct {
repo *Repository
storageDir string
}
func NewService(r *Repository, storageDir string) *Service {
if _, err := os.Stat(storageDir); os.IsNotExist(err) {
os.MkdirAll(storageDir, os.ModePerm)
}
return &Service{repo: r, storageDir: storageDir}
}
func (s *Service) UploadFile(filename string, data io.Reader, deleteAfterDownload bool, expiresAfter time.Duration) (*FileRecord, error) {
folderID := uuid.NewString()
folderPath := s.storageDir + "/" + folderID
if err := os.MkdirAll(folderPath, os.ModePerm); err != nil {
return nil, err
}
path := folderPath + "/" + filename
out, err := os.Create(path)
if err != nil {
return nil, err
}
defer out.Close()
size, err := io.Copy(out, data)
if err != nil {
return nil, err
}
f := &FileRecord{
ID: folderID,
DeletionID: uuid.NewString(),
Filename: filename,
Path: path,
Size: size,
CreatedAt: time.Now(),
ExpiresAt: time.Now().Add(expiresAfter),
DeleteAfterDownload: deleteAfterDownload,
}
if err := s.repo.Create(f); err != nil {
return nil, err
}
return f, nil
}
// DownloadFile Download a file
func (s *Service) DownloadFile(id string) (*FileRecord, error) {
f, err := s.repo.GetByID(id)
if err != nil {
return nil, err
}
if f.Deleted || time.Now().After(f.ExpiresAt) {
return nil, ErrFileNotFound
}
_ = s.repo.IncrementDownload(f)
if f.DeleteAfterDownload {
_ = s.repo.MarkDeleted(f)
}
return f, nil
}
func (s *Service) DeleteFileByID(id string) (*FileRecord, error) {
f, err := s.repo.GetByID(id)
if err != nil {
return nil, err
}
if f.Deleted {
return nil, ErrFileNotFound
}
if err := s.repo.MarkDeleted(f); err != nil {
return nil, err
}
return f, nil
}
func (s *Service) DeleteFileByDeletionID(delID string) (*FileRecord, error) {
f, err := s.repo.GetByDeletionID(delID)
if err != nil {
return nil, err
}
if f.Deleted {
return nil, ErrFileNotFound
}
if err := s.repo.MarkDeleted(f); err != nil {
return nil, err
}
return f, nil
}
func (s *Service) ForceDelete(id string) (*FileRecord, error) {
f, err := s.repo.GetByID(id)
if err != nil {
return nil, err
}
if err := os.RemoveAll(s.storageDir + "/" + f.ID); err != nil {
return nil, err
}
if err := s.repo.Delete(f); err != nil {
return nil, err
}
return f, nil
}
func (s *Service) GetPaginatedFiles(limit, offset int) ([]FileRecord, int, error) {
return s.repo.GetPaginated(limit, offset)
}
func (s *Service) GetFileByID(id string) (*FileRecord, error) {
return s.repo.GetByID(id)
}
func (s *Service) GetFileByDeletionID(delID string) (*FileRecord, error) {
return s.repo.GetByDeletionID(delID)
}

13
internal/security/password.go Normal file
View File

@@ -0,0 +1,13 @@
package security
import "golang.org/x/crypto/bcrypt"
func HashPassword(password string) (string, error) {
bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
return string(bytes), err
}
func CheckPassword(password, hash string) bool {
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
return err == nil
}

35
internal/static/TOS.txt Normal file
View File

@@ -0,0 +1,35 @@
Terms of Service (TOS) Send.it
Effective Date: March 2026
Welcome to Send.it. By using our service, you agree to the following terms:
1. No Ownership of Uploaded Files
You retain full ownership and responsibility for any files you upload.
We do not claim ownership of your content.
2. Access to Files
While we may technically have the ability to view the files you upload,
we will not access them without a valid reason. Your privacy is important,
but absolute confidentiality cannot be guaranteed.
3. User Responsibility
You are fully responsible for the content you upload. Send.it is not
responsible for any consequences arising from your uploaded files,
including legal or personal liability.
4. File Availability and Deletion
Files may be deleted automatically based on the settings you choose
(expiration time or “burn after read”). Send.it does not guarantee
permanent storage of files.
5. Prohibited Content
You may not upload content that is illegal, harmful, or violates the rights
of others. Send.it reserves the right to remove files that violate
applicable laws or these Terms.
6. Disclaimer of Liability
Send.it provides the service “as-is.” We make no warranties regarding file
availability, security, or content. We are not liable for any damages,
loss, or issues arising from your use of the service.
By uploading files, you acknowledge that you have read and agree to these Terms.

BIN
internal/static/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 361 KiB

BIN
internal/static/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 261 KiB

219
internal/templates/admin.html Normal file
View File

@@ -0,0 +1,219 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Admin Console</title>
<script src="https://cdn.tailwindcss.com"></script>
<link rel="icon" type="image/x-icon" href="/static/favicon.ico">
<style>
* { border-radius: 0 !important; }
body { font-family: ui-monospace, 'Cascadia Code', 'Source Code Pro', monospace; background: #fff; color: #000; padding: 20px; }
.box { border: 3px solid #000; background: #fff; }
table { width: 100%; border-collapse: collapse; }
th { background: #000; color: #fff; text-align: left; padding: 10px; font-size: 12px; text-transform: uppercase; border: 1px solid #000; }
td { border: 1px solid #000; padding: 10px; font-size: 13px; font-weight: 500; }
tr:hover { background: #ffff00; }
/* Harsh Status Tags */
.status-tag { font-weight: 900; font-size: 11px; padding: 3px 6px; border: 2px solid #000; display: inline-block; text-transform: uppercase; }
.status-deleted { background: #000; color: #ff0000; }
.status-no { background: #eee; color: #666; }
.status-active { background: #00ff00; color: #000; }
.status-yes { background: #ff00ff; color: #fff; }
/* Chunky Buttons */
.btn-group { display: flex; gap: 5px; }
button, .button {
border: 2px solid #000;
background: #fff;
padding: 4px 10px;
cursor: pointer;
font-size: 11px;
font-weight: 900;
text-decoration: none;
text-transform: uppercase;
box-shadow: 3px 3px 0px #000;
}
button:hover, .button:hover { background: #000; color: #fff; box-shadow: none; transform: translate(2px, 2px); }
button:active { background: #ff0000; color: #fff; }
.nav-link { font-weight: 900; text-decoration: underline; text-transform: uppercase; font-size: 12px; }
.nav-link:hover { background: #000; color: #fff; }
/* --- CUSTOM MODAL STYLES --- */
#modal-overlay {
display: none;
position: fixed;
top: 0; left: 0; width: 100%; height: 100%;
background: rgba(255, 255, 255, 0.9);
backdrop-filter: blur(4px);
z-index: 1000;
align-items: center;
justify-content: center;
}
.modal-box {
border: 8px solid #000;
background: #fff;
padding: 30px;
max-width: 480px;
width: 90%;
box-shadow: 20px 20px 0px #000;
}
#modal-confirm-btn:hover {
background: #ff0000;
color: white;
animation: pulse 0.4s infinite;
}
@keyframes pulse {
0% { transform: scale(1); }
50% { transform: scale(1.03); }
100% { transform: scale(1); }
}
</style>
</head>
<body>
<div id="modal-overlay">
<div class="modal-box">
<h2 id="modal-title" class="text-4xl font-black uppercase tracking-tighter mb-4">CONFIRM_WIPE</h2>
<div id="modal-message" class="text-sm font-bold mb-8 border-l-8 border-black pl-4 py-2 italic bg-gray-50">
Awaiting system confirmation for permanent data erasure.
</div>
<div class="flex gap-4">
<button id="modal-confirm-btn" class="flex-1 py-4 text-xl border-4 border-black font-black uppercase bg-yellow-400">EXECUTE</button>
<button onclick="closeModal()" class="flex-1 py-4 text-xl border-4 border-black font-black uppercase hover:bg-black hover:text-white">ABORT</button>
</div>
</div>
</div>
<div class="max-w-7xl mx-auto">
<header class="mb-6 border-b-8 border-black pb-4 flex justify-between items-start">
<div>
<h1 class="text-4xl font-black uppercase tracking-tighter leading-none">System_Admin</h1>
</div>
<div class="flex flex-col items-end gap-2">
<a href="/" class="nav-link">← BACK_TO_UPLOADER</a>
<a href="/logout" class="nav-link text-red-600">LOGOUT_SESSION</a>
</div>
</header>
<div class="box overflow-x-auto">
<table>
<thead>
<tr>
<th>File_Identifier</th>
<th>Size</th>
<th>Timeline (In/Out)</th>
<th>Hits</th>
<th>Burn</th>
<th>Status</th>
<th>System_Actions</th>
</tr>
</thead>
<tbody>
{{if not .Files}}
<tr><td colspan="7" class="text-center py-10 font-bold uppercase italic">Zero files in buffer</td></tr>
{{end}}
{{range .Files}}
<tr>
<td class="font-bold">
<a href="/api/files/admin/download/{{.ID}}" target="_blank" class="underline hover:bg-black hover:text-white">{{.Filename}}</a>
</td>
<td class="whitespace-nowrap italic text-gray-600">{{humanSize .Size}}</td>
<td class="text-[11px] leading-tight">
<span class="block"><strong>CRT:</strong> {{.CreatedAt.Format "02/01/06 15:04"}}</span>
<span class="block text-red-600"><strong>EXP:</strong> {{.ExpiresAt.Format "02/01/06 15:04"}}</span>
</td>
<td class="text-center font-black text-lg">{{.DownloadCount}}</td>
<td>
{{if .DeleteAfterDownload}}
<span class="status-tag status-yes">YES</span>
{{else}}
<span class="status-tag status-no">NO</span>
{{end}}
</td>
<td>
{{if .Deleted}}
<span class="status-tag status-deleted">REMOVED</span>
{{else}}
<span class="status-tag status-active">LIVE</span>
{{end}}
</td>
<td>
<div class="btn-group">
{{if not .Deleted}}
<form action="/api/files/admin/delete/{{.ID}}" method="GET" onsubmit="return openConfirm(event, 'TERMINATE', 'Kill this file? It will be removed from active storage.')">
<button type="submit" style="background: #ffcccc;">Terminate</button>
</form>
{{end}}
<form action="/api/files/admin/delete/fr/{{.ID}}" method="GET" onsubmit="return openConfirm(event, 'FULL_WIPE', 'Wiping file and purging record? This is a permanent database scrub.')">
<button type="submit">Full_Wipe</button>
</form>
</div>
</td>
</tr>
{{end}}
</tbody>
</table>
</div>
<div class="mt-6 flex justify-between items-center border-t-8 border-black pt-4">
<div class="flex gap-4">
{{if gt .Page 1}}
<a href="?page={{sub .Page 1}}" class="button">Prev_Page</a>
{{end}}
{{if lt .Page .TotalPages}}
<a href="?page={{add .Page 1}}" class="button">Next_Page</a>
{{end}}
</div>
<footer class="text-right">
<div class="text-[12px] font-black uppercase">
Data_Density: {{len .Files}} records | Page: {{.Page}}/{{.TotalPages}}
</div>
</footer>
</div>
</div>
<script>
let currentForm = null;
function openConfirm(e, title, msg) {
e.preventDefault(); // Stop form from submitting immediately
currentForm = e.target;
document.getElementById('modal-title').innerText = title;
document.getElementById('modal-message').innerText = msg;
document.getElementById('modal-overlay').style.display = 'flex';
return false;
}
function closeModal() {
document.getElementById('modal-overlay').style.display = 'none';
currentForm = null;
}
document.getElementById('modal-confirm-btn').addEventListener('click', () => {
if (currentForm) {
currentForm.submit();
}
});
// Close if clicking outside the box
window.onclick = function(event) {
const overlay = document.getElementById('modal-overlay');
if (event.target == overlay) closeModal();
}
</script>
</body>
</html>

94
internal/templates/deleted.html Normal file
View File

@@ -0,0 +1,94 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>File Deleted sucessfull</title>
<script src="https://cdn.tailwindcss.com"></script>
<link rel="icon" type="image/x-icon" href="/static/favicon.ico">
<style>
* { border-radius: 0 !important; transition: none !important; }
body { font-family: sans-serif; background: #fff; color: #000; }
.box {
border: 3px solid #000;
padding: 20px;
background: #fff;
width: 100%;
}
.title {
font-size: 28px;
font-weight: 900;
border-bottom: 3px solid #000;
padding-bottom: 6px;
margin-bottom: 12px;
text-transform: uppercase;
}
.subtitle {
font-size: 12px;
font-weight: bold;
text-transform: uppercase;
margin-bottom: 16px;
}
.button {
border: 2px solid #000;
background: #eee;
padding: 6px 12px;
font-weight: bold;
text-decoration: none;
display: inline-block;
}
.button:hover {
background: #000;
color: #fff;
}
.ascii {
font-family: monospace;
font-size: 11px;
border: 2px dashed #000;
padding: 10px;
margin: 10px 0;
text-align: left;
white-space: pre;
}
</style>
</head>
<body class="min-h-screen flex items-center justify-center p-4">
<div class="w-full max-w-[520px]">
<div class="box text-center">
<div class="title">
FILE DELETED SUCESSFULL
</div>
<div class="subtitle">
The file has been absolutely obliterated.
</div>
<!-- <div class="ascii">-->
<!-- [ OK ] locating file...-->
<!-- [ OK ] emotionally detaching...-->
<!-- [ OK ] pressing the big red button...-->
<!-- [ OK ] file screaming detected...-->
<!-- [ OK ] scream ignored...-->
<!-- [ OK ] file is now gone forever™-->
<!-- (there is no undo)-->
<!-- </div>-->
<!-- <div class="text-xs font-bold uppercase mb-4">-->
<!-- Congratulations. The electrons have been freed.-->
<!-- </div>-->
<div class="flex flex-col gap-2">
<a href="/" class="button w-full">Pretend Nothing Happened</a>
</div>
</div>
</div>
</body>
</html>

99
internal/templates/error.html Normal file
View File

@@ -0,0 +1,99 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Nothing to see here</title>
<script src="https://cdn.tailwindcss.com"></script>
<link rel="icon" type="image/x-icon" href="/static/favicon.ico">
<style>
* {
border-radius: 0 !important;
transition: none !important;
}
body {
font-family: sans-serif;
background: #fff;
color: #000;
}
.box {
border: 2px solid #000;
padding: 20px;
background: #fff;
width: 100%;
}
.button {
border: 2px solid #000;
background: #eee;
padding: 4px 12px;
font-weight: bold;
cursor: pointer;
text-decoration: none;
display: inline-block;
}
.button:hover {
background: #ccc;
}
.button:active {
background: #000;
color: #fff;
}
.title {
font-size: 28px;
font-weight: 900;
border-bottom: 2px solid #000;
margin-bottom: 10px;
padding-bottom: 4px;
}
.subtitle {
font-size: 12px;
font-weight: bold;
text-transform: uppercase;
margin-bottom: 16px;
}
.text {
font-size: 12px;
text-transform: uppercase;
margin-bottom: 20px;
}
</style>
</head>
<body class="min-h-screen flex items-center justify-center p-4">
<div class="w-full max-w-[493px] flex flex-col items-center">
<div class="box text-center">
<div class="title">
NOTHING TO SEE HERE
</div>
<div class="subtitle">
MOVE ALONG
</div>
<div class="text">
This page is empty,<br>
unavailable, private,<br>
or intentionally left blank.
</div>
<div class="flex flex-col gap-2">
<a href="/" class="button w-full">GO BACK</a>
</div>
</div>
</div>
</body>
</html>

89
internal/templates/fileNotFound.html Normal file
View File

@@ -0,0 +1,89 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>404 — File Not Found</title>
<link rel="icon" type="image/x-icon" href="/static/favicon.ico">
<script src="https://cdn.tailwindcss.com"></script>
<style>
* {
border-radius: 0 !important;
transition: none !important;
}
body {
font-family: sans-serif;
background: #fff;
color: #000;
}
.box {
border: 2px solid #000;
padding: 20px;
background: #fff;
width: 100%;
}
button, .button {
border: 2px solid #000;
background: #eee;
padding: 4px 12px;
font-weight: bold;
cursor: pointer;
text-decoration: none;
display: inline-block;
}
button:hover, .button:hover {
background: #ccc;
}
button:active, .button:active {
background: #000;
color: #fff;
}
.error-code {
font-size: 64px;
font-weight: 900;
border-bottom: 2px solid #000;
margin-bottom: 10px;
}
.error-text {
font-size: 14px;
font-weight: bold;
text-transform: uppercase;
}
</style>
</head>
<body class="min-h-screen flex items-center justify-center p-4">
<div class="w-full max-w-[493px] flex flex-col items-center">
<div class="box text-center">
<div class="error-code">404</div>
<div class="error-text mb-4">
FILE NOT FOUND 💀
</div>
<div class="text-xs mb-6 uppercase">
The requested file does not exist,<br>
has expired, or was obliterated,<br>or my db is fucked.
We'll never know :D
</div>
<div class="flex flex-col gap-2">
<a href="/" class="button w-full">RETURN TO UPLOADER</a>
</div>
</div>
</div>
</body>
</html>

343
internal/templates/index.html Normal file
View File

@@ -0,0 +1,343 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Send.it</title>
<script src="https://cdn.tailwindcss.com"></script>
<link rel="icon" type="image/x-icon" href="/static/favicon.ico">
<style>
/* The "No-Design" Design */
* {
border-radius: 0 !important;
transition: none !important;
}
body {
font-family: sans-serif;
background: #fff;
color: #000;
}
.box {
border: 2px solid #000;
padding: 20px;
background: #fff;
width: 100%;
}
.input-text {
border: 1px solid #000;
padding: 4px 8px;
background: #fff;
width: 100%;
}
button {
border: 2px solid #000;
background: #eee;
padding: 4px 12px;
font-weight: bold;
cursor: pointer;
}
button:hover {
background: #ccc;
}
button:active {
background: #000;
color: #fff;
}
button:disabled {
background: #f0f0f0;
color: #999;
border-color: #ccc;
cursor: not-allowed;
}
.btn-cancel {
background: #fff;
color: #cc0000;
border-color: #cc0000;
margin-top: 8px;
width: 100%;
font-size: 10px;
}
.btn-cancel:hover {
background: #fee2e2;
}
.drop-zone {
border: 2px dashed #000;
padding: 80px;
text-align: center;
background: #f9f9f9;
cursor: pointer;
}
.drop-zone.active {
background: #eee;
border-style: solid;
}
.burn-option {
color: #cc0000;
font-weight: bold;
font-size: 12px;
}
</style>
</head>
<body class="min-h-screen flex items-center justify-center p-4">
<!--<div class="w-full max-w-[493px] flex flex-col items-end">-->
<div class="w-full max-w-[493px] flex flex-col items-center">
<img src="/static/logo.png" alt="Send.it logo" style="width:50%;" class="mb-2 border-black">
<div class="box">
<header class="mb-6 border-b-2 border-black pb-2 text-center">
<h1 class="text-xl font-bold uppercase">Send it</h1>
</header>
<div id="upload-ui">
<div id="drop-zone" class="drop-zone mb-4">
<input type="file" id="fileInput" class="hidden">
<div id="dz-content">
<span id="dz-text" class="text-sm">Click to select or drop file</span>
</div>
<div id="progress-container" class="hidden mt-3 border border-black h-4">
<div id="progress-bar" class="h-full bg-black" style="width:0%"></div>
</div>
<div class="flex justify-between items-center mt-1">
<div id="progress-text" class="text-[10px] font-bold hidden">0%</div>
<div id="stats-text" class="text-[10px] font-bold hidden uppercase">
<span id="speed-text">0 KB/S</span>
<span class="mx-1 opacity-30">|</span>
<span id="eta-text">--:--</span>
</div>
</div>
</div>
<div class="space-y-4">
<div class="flex items-center justify-between border-b border-black pb-2">
<label class="text-xs font-bold uppercase">Expire In:</label>
<select id="duration" class="border border-black text-xs p-1">
<option value="1">1 Hour</option>
<option value="24">24 Hours</option>
<option value="168">7 Days</option>
<option value="730" selected>1 Month</option>
</select>
</div>
<div class="flex items-center gap-2">
<input type="checkbox" id="once" class="w-4 h-4 border-black">
<label for="once" class="burn-option uppercase">Burn after</label>
</div>
<button id="uploadBtn" class="w-full" disabled>UPLOAD</button>
<button id="cancelBtn" class="btn-cancel hidden">CANCEL UPLOAD</button>
</div>
</div>
<div id="success-ui" class="hidden space-y-4">
<div class="bg-black text-white p-2 text-xs font-bold">
UPLOAD COMPLETE
</div>
<div>
<label class="text-[10px] font-bold block">DOWNLOAD LINK</label>
<div class="flex">
<input id="res-url" readonly class="input-text text-sm">
<button onclick="copy('res-url')" class="border-l-0">COPY</button>
</div>
</div>
<div>
<label class="text-[10px] font-bold block">DELETION LINK (PRIVATE)</label>
<div class="flex">
<input id="res-del" readonly class="input-text text-sm text-red-600">
<button onclick="copy('res-del')" class="border-l-0">COPY</button>
</div>
</div>
<div class="pt-4 flex justify-between">
<button onclick="location.reload()" class="text-xs">NEW UPLOAD</button>
</div>
</div>
</div>
<p class="mt-1 text-[10px] uppercase font-bold text-gray-400">A service by Brammie15</p>
</div>
<script>
const zone = document.getElementById('drop-zone');
const input = document.getElementById('fileInput');
const uploadBtn = document.getElementById('uploadBtn');
const cancelBtn = document.getElementById('cancelBtn');
const progressText = document.getElementById("progress-text");
const statsText = document.getElementById("stats-text");
const speedText = document.getElementById("speed-text");
const etaText = document.getElementById("eta-text");
const progressBar = document.getElementById("progress-bar");
const progressContainer = document.getElementById("progress-container");
let currentXhr = null;
// Helper: Human Readable Size
function formatBytes(bytes, decimals = 2) {
if (bytes === 0) return '0 Bytes';
const k = 1024;
const dm = decimals < 0 ? 0 : decimals;
const sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB'];
const i = Math.floor(Math.log(bytes) / Math.log(k));
return parseFloat((bytes / Math.pow(k, i)).toFixed(dm)) + ' ' + sizes[i];
}
// Helper: Human Readable Time
function formatTime(seconds) {
if (!isFinite(seconds) || seconds < 0) return "--:--";
const h = Math.floor(seconds / 3600);
const m = Math.floor((seconds % 3600) / 60);
const s = Math.floor(seconds % 60);
return [
h > 0 ? h : null,
(h > 0 ? m.toString().padStart(2, '0') : m),
s.toString().padStart(2, '0')
].filter(x => x !== null).join(':');
}
zone.onclick = () => input.click();
zone.ondragover = (e) => {
e.preventDefault();
zone.classList.add('active');
};
zone.ondragleave = () => zone.classList.remove('active');
zone.ondrop = (e) => {
e.preventDefault();
zone.classList.remove('active');
if (e.dataTransfer.files.length) {
input.files = e.dataTransfer.files;
input.dispatchEvent(new Event('change'));
}
};
input.onchange = () => {
if (input.files.length) {
showFile(input.files[0]);
uploadBtn.disabled = false;
} else {
uploadBtn.disabled = true;
}
};
function showFile(file) {
document.getElementById('dz-text').innerText =
`${file.name} (${formatBytes(file.size)})`;
}
uploadBtn.onclick = () => {
if (input.files.length) handleUpload(input.files[0]);
};
cancelBtn.onclick = (e) => {
e.stopPropagation();
if (currentXhr) {
currentXhr.abort();
alert("Upload cancelled.");
location.reload();
}
};
function handleUpload(file) {
uploadBtn.disabled = true;
uploadBtn.innerText = "UPLOADING...";
cancelBtn.classList.remove('hidden');
progressContainer.classList.remove("hidden");
progressText.classList.remove("hidden");
statsText.classList.remove("hidden");
const fd = new FormData();
fd.append("file", file);
fd.append("once", document.getElementById("once").checked ? "true" : "false");
const hours = parseInt(document.getElementById("duration").value, 10);
fd.append("duration", hours);
const xhr = new XMLHttpRequest();
currentXhr = xhr;
let startTime = Date.now();
xhr.upload.onprogress = (e) => {
if (e.lengthComputable) {
const percent = Math.round((e.loaded / e.total) * 100);
progressBar.style.width = percent + "%";
progressText.innerText = percent + "%";
const elapsedSeconds = (Date.now() - startTime) / 1000;
if (elapsedSeconds > 0) {
const bytesPerSecond = e.loaded / elapsedSeconds;
const remainingBytes = e.total - e.loaded;
const secondsRemaining = remainingBytes / bytesPerSecond;
speedText.innerText = formatBytes(bytesPerSecond) + "/S";
etaText.innerText = formatTime(secondsRemaining);
}
}
};
xhr.onload = () => {
if (xhr.status >= 200 && xhr.status < 300) {
try {
const data = JSON.parse(xhr.responseText);
if (data.error) throw new Error(data.error);
document.getElementById('upload-ui').classList.add('hidden');
document.getElementById('success-ui').classList.remove('hidden');
const dlUrl = window.location.origin + "/api/files/download/" + data.id;
const delUrl = window.location.origin + "/api/files/delete/" + data.deletion_id;
document.getElementById('res-url').value = dlUrl;
document.getElementById('res-del').value = delUrl;
} catch (err) {
console.error("JSON Parse Error. Server sent:", xhr.responseText);
alert("Server returned an invalid response");
}
} else {
console.error("Server Error:", xhr.status, xhr.responseText);
alert(`Upload failed with status ${xhr.status}. Check console.`);
}
};
xhr.onerror = () => {
if (xhr.statusText !== "abort") {
alert("Upload failed");
location.reload();
}
};
xhr.open("POST", "/api/files/upload");
xhr.send(fd);
}
function copy(id) {
const el = document.getElementById(id);
el.select();
document.execCommand('copy');
}
</script>
<a href="/admin" class="fixed bottom-1 right-1 text-[10px] underline">SUDO</a>
<a href="/static/TOS.txt" class="fixed bottom-1 left-1 text-[10px] underline">TOS</a>
</body>
</html>

169
internal/templates/login.html Normal file
View File

@@ -0,0 +1,169 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
<script src="https://cdn.tailwindcss.com"></script>
<link rel="icon" type="image/x-icon" href="/static/favicon.ico">
<style>
* { border-radius: 0 !important; }
body {
font-family: sans-serif;
background: #fff;
color: #000;
padding: 20px;
}
.box {
border: 2px solid #000;
background: #fff;
}
input {
border: 1px solid #000;
padding: 6px;
font-size: 13px;
width: 100%;
background: #fff;
}
input:focus {
outline: none;
background: #f9f9f9;
}
button {
border: 1px solid #000;
background: #eee;
padding: 4px 10px;
cursor: pointer;
font-size: 12px;
font-weight: bold;
}
button:hover {
background: #000;
color: #fff;
}
.nav-link {
font-weight: bold;
text-decoration: underline;
font-size: 11px;
}
.label {
font-size: 10px;
font-weight: bold;
text-transform: uppercase;
margin-bottom: 2px;
}
.error {
border: 1px solid #000;
background: #ffcccc;
font-size: 11px;
padding: 4px;
margin-bottom: 10px;
font-weight: bold;
}
</style>
</head>
<body>
<div class="max-w-md mx-auto">
<header class="mb-8 border-b-4 border-black pb-2 flex justify-between items-end">
<h1 class="text-3xl font-black uppercase tracking-tighter">
System Access
</h1>
<a href="/" class="nav-link">
← BACK
</a>
</header>
<div class="box p-4">
{{if .Error}}
<div class="error">
ACCESS DENIED
</div>
{{end}}
<form id="login-form" class="space-y-3">
<div>
<div class="label">Username</div>
<input id="username" required autocomplete="username">
</div>
<div>
<div class="label">Password</div>
<input id="password" type="password" required autocomplete="current-password">
</div>
<div class="pt-2">
<button type="submit">
AUTHENTICATE
</button>
</div>
</form>
</div>
</div>
<script>
const form = document.getElementById("login-form");
form.addEventListener("submit", async (e) => {
e.preventDefault();
const username = document.getElementById("username").value;
const password = document.getElementById("password").value;
try {
const res = await fetch("/api/auth/login", {
method: "POST",
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify({
username: username,
password: password
})
});
const data = await res.json();
if (!res.ok) {
showError();
return;
}
// Redirect to admin
window.location.href = "/admin";
} catch (err) {
showError();
}
});
function showError() {
let err = document.getElementById("error-box");
if (!err) {
err = document.createElement("div");
err.id = "error-box";
err.className = "error";
err.innerText = "ACCESS DENIED";
form.prepend(err);
}
}
</script>
</body>
</html>

118
internal/templates/old/admin.html Normal file
View File

@@ -0,0 +1,118 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Admin</title>
<script src="https://cdn.tailwindcss.com"></script>
<style>
* { border-radius: 0 !important; }
body { font-family: sans-serif; background: #fff; color: #000; padding: 20px; }
.box { border: 2px solid #000; background: #fff; }
table { width: 100%; border-collapse: collapse; }
th { background: #000; color: #fff; text-align: left; padding: 8px; font-size: 12px; text-transform: uppercase; }
td { border-bottom: 1px solid #000; padding: 8px; font-size: 13px; }
tr:hover { background: #f9f9f9; }
.status-tag { font-weight: bold; font-size: 10px; padding: 2px 4px; border: 1px solid #000; }
.status-deleted { background: #ffcccc; text-decoration: line-through; }
.status-no{ background: #ffcccc; }
.status-active { background: #ccffcc; }
button, .button { border: 1px solid #000; background: #eee; padding: 2px 8px; cursor: pointer; font-size: 11px; font-weight: bold; text-decoration: none; }
button:hover, .button:hover { background: #000; color: #fff; }
.nav-link { font-weight: bold; text-decoration: underline; margin-bottom: 20px; display: inline-block; }
.pagination a { margin: 0 2px; }
</style>
</head>
<body>
<div class="max-w-6xl mx-auto">
<header class="mb-8 border-b-4 border-black pb-2 flex justify-between items-end">
<h1 class="text-3xl font-black uppercase tracking-tighter">System Console</h1>
<div>
<a href="/" class="nav-link text-xs">← BACK TO UPLOADER</a>
<a href="/logout" class="nav-link text-xs">LOGOUT</a>
</div>
</header>
<div class="box overflow-x-auto">
<table>
<thead>
<tr>
<th>Filename</th>
<th>Size</th>
<th>Created</th>
<th>Expires</th>
<th>Hits</th>
<th>Burn after</th>
<th>Status</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
{{if not .Files}}
<tr><td colspan="8">No files found</td></tr>
{{end}}
{{range .Files}}
<tr>
<td class="font-mono">
<a href="/api/files/admin/download/{{.ID}}" target="_blank">{{.Filename}}</a>
</td>
<td>{{humanSize .Size}}</td>
<td>{{.CreatedAt.Format "Jan 02, 2006 15:04"}}</td>
<td>{{.ExpiresAt.Format "Jan 02, 2006 15:04"}}</td>
<td>{{.DownloadCount}}</td>
<td>
{{if .DeleteAfterDownload}}
<span class="status-tag status-active">YES</span>
{{else}}
<span class="status-tag status-no">NO</span>
{{end}}
</td>
<td>
{{if .Deleted}}
<span class="status-tag status-deleted">REMOVED</span>
{{else}}
<span class="status-tag status-active">LIVE</span>
{{end}}
</td>
<td>
{{if not .Deleted}}
<form action="/api/files/admin/delete/{{.ID}}" method="GET" onsubmit="return confirm('Kill this file?')">
<button type="submit">TERMINATE</button>
</form>
{{end}}
<form action="/api/files/admin/delete/fr/{{.ID}}" method="GET" onsubmit="return confirm('Kill this file and the record?')">
<button type="submit">TERMINATE RECORD</button>
</form>
</td>
</tr>
{{end}}
</tbody>
</table>
</div>
<div class="mt-4 flex justify-between items-center">
<div class="space-x-2">
{{if gt .Page 1}}
<a href="?page={{sub .Page 1}}" class="button">← Prev</a>
{{end}}
{{if lt .Page .TotalPages}}
<a href="?page={{add .Page 1}}" class="button">Next →</a>
{{end}}
</div>
</div>
<footer class="mt-4 text-[10px] text-gray-500 uppercase font-bold">
Showing {{len .Files}} records — Page {{.Page}} of {{.TotalPages}} — Total Pages: {{.TotalPages}}
</footer>
</div>
</body>
</html>

342
internal/templates/old/index.html Normal file
View File

@@ -0,0 +1,342 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Send.it</title>
<script src="https://cdn.tailwindcss.com"></script>
<style>
/* The "No-Design" Design */
* {
border-radius: 0 !important;
transition: none !important;
}
body {
font-family: sans-serif;
background: #fff;
color: #000;
}
.box {
border: 2px solid #000;
padding: 20px;
background: #fff;
width: 100%;
}
.input-text {
border: 1px solid #000;
padding: 4px 8px;
background: #fff;
width: 100%;
}
button {
border: 2px solid #000;
background: #eee;
padding: 4px 12px;
font-weight: bold;
cursor: pointer;
}
button:hover {
background: #ccc;
}
button:active {
background: #000;
color: #fff;
}
button:disabled {
background: #f0f0f0;
color: #999;
border-color: #ccc;
cursor: not-allowed;
}
.btn-cancel {
background: #fff;
color: #cc0000;
border-color: #cc0000;
margin-top: 8px;
width: 100%;
font-size: 10px;
}
.btn-cancel:hover {
background: #fee2e2;
}
.drop-zone {
border: 2px dashed #000;
padding: 80px;
text-align: center;
background: #f9f9f9;
cursor: pointer;
}
.drop-zone.active {
background: #eee;
border-style: solid;
}
.burn-option {
color: #cc0000;
font-weight: bold;
font-size: 12px;
}
</style>
</head>
<body class="min-h-screen flex items-center justify-center p-4">
<!--<div class="w-full max-w-[493px] flex flex-col items-end">-->
<div class="w-full max-w-[493px] flex flex-col items-center">
<img src="/static/logo.png" alt="Send.it logo" style="width:50%;" class="mb-2 border-black">
<div class="box">
<header class="mb-6 border-b-2 border-black pb-2 text-center">
<h1 class="text-xl font-bold uppercase">Send it</h1>
</header>
<div id="upload-ui">
<div id="drop-zone" class="drop-zone mb-4">
<input type="file" id="fileInput" class="hidden">
<div id="dz-content">
<span id="dz-text" class="text-sm">Click to select or drop file</span>
</div>
<div id="progress-container" class="hidden mt-3 border border-black h-4">
<div id="progress-bar" class="h-full bg-black" style="width:0%"></div>
</div>
<div class="flex justify-between items-center mt-1">
<div id="progress-text" class="text-[10px] font-bold hidden">0%</div>
<div id="stats-text" class="text-[10px] font-bold hidden uppercase">
<span id="speed-text">0 KB/S</span>
<span class="mx-1 opacity-30">|</span>
<span id="eta-text">--:--</span>
</div>
</div>
</div>
<div class="space-y-4">
<div class="flex items-center justify-between border-b border-black pb-2">
<label class="text-xs font-bold uppercase">Expire In:</label>
<select id="duration" class="border border-black text-xs p-1">
<option value="1">1 Hour</option>
<option value="24">24 Hours</option>
<option value="168">7 Days</option>
<option value="730" selected>1 Month</option>
</select>
</div>
<div class="flex items-center gap-2">
<input type="checkbox" id="once" class="w-4 h-4 border-black">
<label for="once" class="burn-option uppercase">Burn after</label>
</div>
<button id="uploadBtn" class="w-full" disabled>UPLOAD</button>
<button id="cancelBtn" class="btn-cancel hidden">CANCEL UPLOAD</button>
</div>
</div>
<div id="success-ui" class="hidden space-y-4">
<div class="bg-black text-white p-2 text-xs font-bold">
UPLOAD COMPLETE
</div>
<div>
<label class="text-[10px] font-bold block">DOWNLOAD LINK</label>
<div class="flex">
<input id="res-url" readonly class="input-text text-sm">
<button onclick="copy('res-url')" class="border-l-0">COPY</button>
</div>
</div>
<div>
<label class="text-[10px] font-bold block">DELETION LINK (PRIVATE)</label>
<div class="flex">
<input id="res-del" readonly class="input-text text-sm text-red-600">
<button onclick="copy('res-del')" class="border-l-0">COPY</button>
</div>
</div>
<div class="pt-4 flex justify-between">
<button onclick="location.reload()" class="text-xs">NEW UPLOAD</button>
</div>
</div>
</div>
<p class="mt-1 text-[10px] uppercase font-bold text-gray-400">A service by Brammie15</p>
</div>
<script>
const zone = document.getElementById('drop-zone');
const input = document.getElementById('fileInput');
const uploadBtn = document.getElementById('uploadBtn');
const cancelBtn = document.getElementById('cancelBtn');
const progressText = document.getElementById("progress-text");
const statsText = document.getElementById("stats-text");
const speedText = document.getElementById("speed-text");
const etaText = document.getElementById("eta-text");
const progressBar = document.getElementById("progress-bar");
const progressContainer = document.getElementById("progress-container");
let currentXhr = null;
// Helper: Human Readable Size
function formatBytes(bytes, decimals = 2) {
if (bytes === 0) return '0 Bytes';
const k = 1024;
const dm = decimals < 0 ? 0 : decimals;
const sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB'];
const i = Math.floor(Math.log(bytes) / Math.log(k));
return parseFloat((bytes / Math.pow(k, i)).toFixed(dm)) + ' ' + sizes[i];
}
// Helper: Human Readable Time
function formatTime(seconds) {
if (!isFinite(seconds) || seconds < 0) return "--:--";
const h = Math.floor(seconds / 3600);
const m = Math.floor((seconds % 3600) / 60);
const s = Math.floor(seconds % 60);
return [
h > 0 ? h : null,
(h > 0 ? m.toString().padStart(2, '0') : m),
s.toString().padStart(2, '0')
].filter(x => x !== null).join(':');
}
zone.onclick = () => input.click();
zone.ondragover = (e) => {
e.preventDefault();
zone.classList.add('active');
};
zone.ondragleave = () => zone.classList.remove('active');
zone.ondrop = (e) => {
e.preventDefault();
zone.classList.remove('active');
if (e.dataTransfer.files.length) {
input.files = e.dataTransfer.files;
input.dispatchEvent(new Event('change'));
}
};
input.onchange = () => {
if (input.files.length) {
showFile(input.files[0]);
uploadBtn.disabled = false;
} else {
uploadBtn.disabled = true;
}
};
function showFile(file) {
document.getElementById('dz-text').innerText =
`${file.name} (${formatBytes(file.size)})`;
}
uploadBtn.onclick = () => {
if (input.files.length) handleUpload(input.files[0]);
};
cancelBtn.onclick = (e) => {
e.stopPropagation();
if (currentXhr) {
currentXhr.abort();
alert("Upload cancelled.");
location.reload();
}
};
function handleUpload(file) {
uploadBtn.disabled = true;
uploadBtn.innerText = "UPLOADING...";
cancelBtn.classList.remove('hidden');
progressContainer.classList.remove("hidden");
progressText.classList.remove("hidden");
statsText.classList.remove("hidden");
const fd = new FormData();
fd.append("file", file);
fd.append("once", document.getElementById("once").checked ? "true" : "false");
const hours = parseInt(document.getElementById("duration").value, 10);
fd.append("duration", hours);
const xhr = new XMLHttpRequest();
currentXhr = xhr;
let startTime = Date.now();
xhr.upload.onprogress = (e) => {
if (e.lengthComputable) {
const percent = Math.round((e.loaded / e.total) * 100);
progressBar.style.width = percent + "%";
progressText.innerText = percent + "%";
const elapsedSeconds = (Date.now() - startTime) / 1000;
if (elapsedSeconds > 0) {
const bytesPerSecond = e.loaded / elapsedSeconds;
const remainingBytes = e.total - e.loaded;
const secondsRemaining = remainingBytes / bytesPerSecond;
speedText.innerText = formatBytes(bytesPerSecond) + "/S";
etaText.innerText = formatTime(secondsRemaining);
}
}
};
xhr.onload = () => {
if (xhr.status >= 200 && xhr.status < 300) {
try {
const data = JSON.parse(xhr.responseText);
if (data.error) throw new Error(data.error);
document.getElementById('upload-ui').classList.add('hidden');
document.getElementById('success-ui').classList.remove('hidden');
const dlUrl = window.location.origin + "/api/files/download/" + data.id;
const delUrl = window.location.origin + "/api/files/delete/" + data.deletion_id;
document.getElementById('res-url').value = dlUrl;
document.getElementById('res-del').value = delUrl;
} catch (err) {
console.error("JSON Parse Error. Server sent:", xhr.responseText);
alert("Server returned an invalid response");
}
} else {
console.error("Server Error:", xhr.status, xhr.responseText);
alert(`Upload failed with status ${xhr.status}. Check console.`);
}
};
xhr.onerror = () => {
if (xhr.statusText !== "abort") {
alert("Upload failed");
location.reload();
}
};
xhr.open("POST", "/api/files/upload");
xhr.send(fd);
}
function copy(id) {
const el = document.getElementById(id);
el.select();
document.execCommand('copy');
}
</script>
<a href="/admin" class="fixed bottom-1 right-1 text-[10px] underline">SUDO</a>
<a href="/static/TOS.txt" class="fixed bottom-1 left-1 text-[10px] underline">TOS</a>
</body>
</html>

202
internal/templates/old/login.html Normal file
View File

@@ -0,0 +1,202 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login // System_Access</title>
<script src="https://cdn.tailwindcss.com"></script>
<style>
* { border-radius: 0 !important; transition: none !important; }
body {
font-family: ui-monospace, 'Cascadia Code', monospace;
background: #fff;
color: #000;
padding: 40px 20px;
}
.box {
border: 3px solid #000;
background: #fff;
box-shadow: 6px 6px 0px #000;
}
input {
border: 2px solid #000;
padding: 8px;
font-size: 14px;
width: 100%;
background: #fff;
font-weight: bold;
}
input:focus {
outline: none;
background: #ffff00; /* Yellow highlight on focus */
}
button {
border: 2px solid #000;
background: #fff;
padding: 8px 16px;
cursor: pointer;
font-size: 13px;
font-weight: 900;
text-transform: uppercase;
box-shadow: 4px 4px 0px #000;
}
button:hover {
background: #00ff00; /* Neon green hover */
transform: translate(-1px, -1px);
box-shadow: 5px 5px 0px #000;
}
button:active {
background: #000;
color: #fff;
transform: translate(2px, 2px);
box-shadow: none;
}
.nav-link {
font-weight: 900;
text-decoration: underline;
font-size: 11px;
text-transform: uppercase;
}
.nav-link:hover {
background: #000;
color: #fff;
}
.label {
font-size: 11px;
font-weight: 900;
text-transform: uppercase;
margin-bottom: 4px;
letter-spacing: -0.5px;
}
.error {
border: 3px solid #000;
background: #ff0000;
color: #fff;
font-size: 12px;
padding: 8px;
margin-bottom: 15px;
font-weight: 900;
text-align: center;
text-transform: uppercase;
}
</style>
</head>
<body class="min-h-screen flex flex-col items-center justify-center">
<div class="w-full max-w-[400px]">
<header class="mb-6 border-b-8 border-black pb-2 flex justify-between items-end">
<h1 class="text-3xl font-black uppercase tracking-tighter italic">
Access
</h1>
<a href="/" class="nav-link mb-1">
← RETREAT
</a>
</header>
<div class="box p-6">
<div id="error-container">
{{if .Error}}
<div class="error">
CRITICAL_AUTH_FAILURE
</div>
{{end}}
</div>
<form id="login-form" class="space-y-5">
<div>
<div class="label">User_Identity</div>
<input id="username" required autocomplete="username" placeholder="ID_01">
</div>
<div>
<div class="label">Secure_Passphrase</div>
<input id="password" type="password" required autocomplete="current-password" placeholder="********">
</div>
<div class="pt-2">
<button type="submit" class="w-full">
INITIALIZE_AUTHENTICATION
</button>
</div>
</form>
</div>
<p class="mt-6 text-[10px] uppercase font-black text-gray-400 text-center tracking-widest">
Session_Log: 0.0.0.0 // Node: Auth_Main
</p>
</div>
<script>
const form = document.getElementById("login-form");
const errorContainer = document.getElementById("error-container");
form.addEventListener("submit", async (e) => {
e.preventDefault();
const username = document.getElementById("username").value;
const password = document.getElementById("password").value;
// Visual feedback
const btn = form.querySelector('button');
btn.innerText = "VERIFYING...";
btn.disabled = true;
try {
const res = await fetch("/api/auth/login", {
method: "POST",
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify({
username: username,
password: password
})
});
if (!res.ok) {
showError();
btn.innerText = "AUTHENTICATE";
btn.disabled = false;
return;
}
window.location.href = "/admin";
} catch (err) {
showError();
btn.innerText = "AUTHENTICATE";
btn.disabled = false;
}
});
function showError() {
errorContainer.innerHTML = `<div class="error">ACCESS_DENIED_BY_SYSTEM</div>`;
// Shake the box for UX effect
const box = document.querySelector('.box');
box.style.transform = "translateX(5px)";
setTimeout(() => box.style.transform = "translateX(-5px)", 50);
setTimeout(() => box.style.transform = "translateX(0)", 100);
}
</script>
</body>
</html>

15
internal/templates/upload.html Normal file
View File

@@ -0,0 +1,15 @@
<!DOCTYPE html>
<html>
<head>
<title>Upload</title>
</head>
<body>
<h1>Upload File</h1>
<form action="/api/files/upload" method="post" enctype="multipart/form-data">
<input type="file" name="file" />
<button type="submit">Upload</button>
</form>
</body>
</html>

5
internal/user/errors.go Normal file
View File

@@ -0,0 +1,5 @@
package user
import "errors"
var ErrUserNotFound = errors.New("user not found")

32
internal/user/handler.go Normal file
View File

@@ -0,0 +1,32 @@
package user
import "github.com/gin-gonic/gin"
type Handler struct {
service *Service
}
func NewHandler(service *Service) *Handler {
return &Handler{service: service}
}
func (h *Handler) Register(c *gin.Context) {
var req struct {
Username string `json:"username"`
Password string `json:"password"`
Role string `json:"role"`
}
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(400, gin.H{"error": "invalid request"})
return
}
user, err := h.service.CreateUser(req.Username, req.Password, req.Role)
if err != nil {
c.JSON(500, gin.H{"error": err.Error()})
return
}
c.JSON(201, gin.H{"id": user.ID, "username": user.Username, "role": user.Role})
}

10
internal/user/model.go Normal file
View File

@@ -0,0 +1,10 @@
package user
import "gorm.io/gorm"
type User struct {
gorm.Model
Username string `gorm:"uniqueIndex;not null"`
PasswordHash string `gorm:"not null"`
Role string `gorm:"not null"`
}

42
internal/user/repository.go Normal file
View File

@@ -0,0 +1,42 @@
package user
import (
"errors"
"gorm.io/gorm"
)
type Repository struct {
db *gorm.DB
}
func NewRepository(db *gorm.DB) *Repository {
return &Repository{db: db}
}
func (r *Repository) FindByUsername(username string) (*User, error) {
var u User
if err := r.db.Where("username = ?", username).First(&u).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return nil, ErrUserNotFound
}
return nil, err
}
return &u, nil
}
func (r *Repository) Create(u *User) error {
return r.db.Create(u).Error
}
func (r *Repository) GetAll() ([]User, error) {
var users []User
if err := r.db.Find(&users).Error; err != nil {
return nil, err
}
return users, nil
}
func (r *Repository) Delete(id uint) error {
return r.db.Delete(&User{}, id).Error
}

11
internal/user/routes.go Normal file
View File

@@ -0,0 +1,11 @@
package user
import (
"github.com/gin-gonic/gin"
)
func RegisterRoutes(r *gin.RouterGroup, h *Handler) {
//auth := r.Group("/user")
//auth.POST("/register", h.Register)
}

55
internal/user/service.go Normal file
View File

@@ -0,0 +1,55 @@
package user
import (
"ResendIt/internal/security"
"errors"
)
var ErrCannotDeleteSelf = errors.New("cannot delete yourself")
type Service struct {
repo *Repository
}
func NewService(r *Repository) *Service {
return &Service{repo: r}
}
// CreateUser creates a new user with the given username, password, and role
func (s *Service) CreateUser(username, password, role string) (*User, error) {
hash, err := security.HashPassword(password)
if err != nil {
return nil, err
}
u := &User{
Username: username,
PasswordHash: hash,
Role: role,
}
if err := s.repo.Create(u); err != nil {
return nil, err
}
return u, nil
}
// GetAllUsers returns all users
func (s *Service) GetAllUsers() ([]User, error) {
return s.repo.GetAll()
}
// DeleteUser deletes a user by ID
func (s *Service) DeleteUser(requesterID, targetID uint) error {
if requesterID == targetID {
return ErrCannotDeleteSelf
}
return s.repo.Delete(targetID)
}
// FindByUsername returns a user by username
func (s *Service) FindByUsername(username string) (*User, error) {
return s.repo.FindByUsername(username)
}

19
internal/util/util.go Normal file
View File

@@ -0,0 +1,19 @@
package util
import "fmt"
func HumanSize(size int64) string {
const unit = 1024
if size < unit {
return fmt.Sprintf("%d B", size)
}
div, exp := int64(unit), 0
for n := size / unit; n >= unit; n /= unit {
div *= unit
exp++
}
return fmt.Sprintf("%.1f %cB",
float64(size)/float64(div),
"KMGTPE"[exp],
)
}

66
internal/web/handler.go Normal file
View File

@@ -0,0 +1,66 @@
package web
import (
"ResendIt/internal/file"
"strconv"
"github.com/gin-gonic/gin"
)
type Handler struct {
fileService *file.Service
}
func NewHandler(fileService *file.Service) *Handler {
return &Handler{
fileService: fileService,
}
}
// Homepage
func (h *Handler) Index(c *gin.Context) {
c.HTML(200, "index.html", gin.H{
"title": "Home",
})
}
// Upload page
func (h *Handler) UploadPage(c *gin.Context) {
c.HTML(200, "upload.html", nil)
}
func (h *Handler) LoginPage(c *gin.Context) {
c.HTML(200, "login.html", nil)
}
func (h *Handler) AdminPage(c *gin.Context) {
pageStr := c.Query("page")
page, err := strconv.Atoi(pageStr)
if err != nil || page < 1 {
page = 1
}
limit := 10
offset := (page - 1) * limit
files, totalCount, err := h.fileService.GetPaginatedFiles(limit, offset)
if err != nil {
c.HTML(500, "admin.html", gin.H{
"error": err.Error(),
})
return
}
totalPages := (totalCount + limit - 1) / limit
c.HTML(200, "admin.html", gin.H{
"Files": files,
"Page": page,
"TotalPages": totalPages,
})
}
func (h *Handler) Logout(c *gin.Context) {
c.SetCookie("auth_token", "", -1, "/", "", false, true)
c.Redirect(302, "/")
}

20
internal/web/routes.go Normal file
View File

@@ -0,0 +1,20 @@
package web
import (
"ResendIt/internal/api/middleware"
"github.com/gin-gonic/gin"
)
func RegisterRoutes(r *gin.Engine, h *Handler) {
r.GET("/", h.Index)
r.GET("/upload", h.UploadPage)
r.GET("/login", h.LoginPage)
adminRoutes := r.Group("/")
adminRoutes.Use(middleware.AuthMiddleware())
adminRoutes.Use(middleware.RequireRole("admin"))
adminRoutes.GET("/admin", h.AdminPage)
adminRoutes.GET("/logout", h.Logout)
}