init

src/handlers.go

@@ -0,0 +1,80 @@
+package main
+
+import (
+	"fmt"
+	"path/filepath"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+)
+
+func uploadHandler(c *gin.Context) {
+	file, err := c.FormFile("file")
+	if err != nil {
+		c.JSON(400, gin.H{"error": "No file uploaded"})
+		return
+	}
+
+	id := uuid.New().String()
+	delID := uuid.New().String()
+	// Secure the filename to prevent path traversal attacks
+	cleanName := filepath.Base(file.Filename)
+	storagePath := filepath.Join("uploads", id+"_"+cleanName)
+
+	if err := c.SaveUploadedFile(file, storagePath); err != nil {
+		c.JSON(500, gin.H{"error": "Failed to save file"})
+		return
+	}
+
+	expiry := time.Now().Add(time.Hour * 24) // Default 24h
+
+	record := FileRecord{
+		ID:                  id,
+		DeletionID:          delID,
+		Filename:            cleanName,
+		Path:                storagePath,
+		ExpiresAt:           expiry,
+		DeleteAfterDownload: c.PostForm("once") == "true",
+	}
+
+	db.Create(&record)
+
+	c.JSON(200, gin.H{
+		"id":           id,
+		"deletion_id":  delID,
+		"filename":     cleanName,
+		"download_url": fmt.Sprintf("/f/%s", id),
+	})
+}
+
+func downloadHandler(c *gin.Context) {
+	var record FileRecord
+	if err := db.First(&record, "id = ? AND deleted = ?", c.Param("id"), false).Error; err != nil {
+		c.String(404, "File not found or expired")
+		return
+	}
+
+	if time.Now().After(record.ExpiresAt) {
+		performDeletion(&record)
+		c.String(410, "File has expired")
+		return
+	}
+
+	c.FileAttachment(record.Path, record.Filename)
+
+	db.Model(&record).Update("download_count", record.DownloadCount+1)
+	if record.DeleteAfterDownload {
+		performDeletion(&record)
+	}
+}
+
+func deleteHandler(c *gin.Context) {
+	var record FileRecord
+	if err := db.First(&record, "deletion_id = ?", c.Param("del_id")).Error; err != nil {
+		c.JSON(404, gin.H{"error": "Invalid deletion ID"})
+		return
+	}
+	performDeletion(&record)
+	c.JSON(200, gin.H{"message": "Deleted successfully"})
+}

src/main.go

@@ -0,0 +1,57 @@
+package main
+
+import (
+	"log"
+	"os"
+
+	"github.com/gin-gonic/gin"
+	"gorm.io/driver/sqlite"
+	"gorm.io/gorm"
+)
+
+var db *gorm.DB
+
+func main() {
+	_ = os.MkdirAll("uploads", 0755)
+
+	var err error
+	db, err = gorm.Open(sqlite.Open("files.db"), &gorm.Config{})
+	if err != nil {
+		log.Fatal("DB Connection failed:", err)
+	}
+	db.AutoMigrate(&FileRecord{})
+
+	go cleanupWorker()
+
+	router := gin.Default()
+	router.MaxMultipartMemory = 100 << 20 // 100 MiB limit
+	router.LoadHTMLGlob("templates/*")
+
+	// Public Routes
+	router.GET("/", func(c *gin.Context) { c.HTML(200, "index.html", nil) })
+	router.POST("/api/upload", uploadHandler)
+	router.GET("/f/:id", downloadHandler)
+	router.DELETE("/api/file/:del_id", deleteHandler)
+
+	// Protected Admin Routes
+	admin := router.Group("/admin", gin.BasicAuth(gin.Accounts{
+		"admin": "password123", // CHANGE THIS
+	}))
+
+	admin.GET("/", func(c *gin.Context) {
+		var files []FileRecord
+		db.Order("created_at desc").Find(&files)
+		c.HTML(200, "admin.html", gin.H{"Files": files})
+	})
+
+	admin.POST("/delete/:id", func(c *gin.Context) {
+		var record FileRecord
+		if err := db.First(&record, "id = ?", c.Param("id")).Error; err == nil {
+			performDeletion(&record)
+		}
+		c.Redirect(303, "/admin")
+	})
+
+	log.Println("Server starting at http://localhost:8080")
+	router.Run(":8080")
+}

src/models.go

@@ -0,0 +1,15 @@
+package main
+
+import "time"
+
+type FileRecord struct {
+	ID                  string    `gorm:"primaryKey" json:"id"`
+	DeletionID          string    `json:"deletion_id"`
+	Filename            string    `json:"filename"`
+	Path                string    `json:"-"`
+	ExpiresAt           time.Time `json:"expires_at"`
+	DeleteAfterDownload bool      `json:"delete_after_download"`
+	DownloadCount       int       `json:"download_count"`
+	Deleted             bool      `json:"deleted"`
+	CreatedAt           time.Time `json:"created_at"`
+}

src/utils.go

@@ -0,0 +1,23 @@
+package main
+
+import (
+	"os"
+	"time"
+)
+
+func performDeletion(r *FileRecord) {
+	r.Deleted = true
+	db.Save(r)
+	os.Remove(r.Path)
+}
+
+func cleanupWorker() {
+	for {
+		time.Sleep(10 * time.Minute)
+		var expired []FileRecord
+		db.Where("expires_at < ? AND deleted = ?", time.Now(), false).Find(&expired)
+		for _, r := range expired {
+			performDeletion(&r)
+		}
+	}
+}