Giter Site home page Giter Site logo

anarcroth / sfpipo Goto Github PK

View Code? Open in Web Editor NEW
0.0 2.0 0.0 113 KB

Simple File Ping-Pong: a web server used to ping-pong a couple of files.

License: GNU General Public License v3.0

Clojure 93.47% CSS 4.35% HTML 2.19%
web-server ring clojure clojure-ring file-server heroku curl

sfpipo's Introduction

SFPIPO

Simple File Ping-Pong: a web server used to ping-pong a couple of files.


Problem to solve: I often get into a situation where I need to send myself some files and none of the technologies I have around me really do what I want them to do. They are either too clunky, or not fast enough, or would get backed up with a lot of redundant junk. Can't use Slack or Skype, because I will just backup all of my history with files and it will get confusing. Cant' use Google Drive, because Google is evil. If I use a flash drive, I'll just forget it somewhere. Can't setup a home server, because the damn ISP doesn't want to cooperate with me.

What I really needed is some remote storage, where I can upload/download files, the ones I need to share with myself, in an easy and fast fashion. This is the real purpose of SFPIPO - to ping-pong myself files on a day-to-day basis.


Running

Remote

It's very simple to setup this project for yourself. All you need is to either have a hosting provider that can run Clojure (such as Heroku), or have your own server where you can deploy the app for yourself.

Heroku has a simple tutorial on how to deploy your app to them.

Localhost (or self-host)

To run the app locally is as simple as

# clone project
git clone https://github.com/Anarcroth/sfpipo.git

# move to project dir
cd sfpipo

# run with leiningen
lein run

Alternatively, you can build yourself an uberjar and run it with Java.

# create uberjar
lein uberjar

# run
java $JVM_OPTS -cp target/sfpipo.jar clojure.main -m sfpipo.core

Usage

Using sfpipo is very easy. Just throw curl at it. This allows you to quickly and painlessly upload/get files from your remote. No GUI, no clicking, no nothing.

Currently, the server supports:

  • Getting files.
# Get file from server
curl -u username:password -XGET "https://<your address>/file/<filename>" -o <filename>
  • Uploading files.
# Upload file to server
curl -u username:password -XPOST "https://<your address>/upload" -F file=@<yourfile>
  • Deleting files.
# Delete file from server
curl -u username:password -XDELETE "https://<your address>/file/<filename>"
  • Listing uploaded files.
# List uploaded files to server
curl -u username:password -XGET "https://<your address>/list-files"

NOTE: What you are seeing in the examples is not secure. For sending credentials over curl, check this out.

Security

SFPIPO is not secure. If you upload something over http or upload a file that has sensitive data, you should be responsible for managing the safety of that data.

If you want to upload data that is secured, then encrypt the data beforehand with gpg or something else. If you upload encrypted information, even if it gets stolen, cracking gpg is a challenge on its own, so don't worry it will get compromised.

WARNING NOTE: If you use a remote service, like Heroku, then people who know the address of your app can get your files. The risks are smaller for this if you have a self-host, but keep in mind that currently, there is no legitimate authentication on sfpipo.

The authentication that is used now in sfpipo is the following: Each time the app is deployed, a random username and password are generated, thus you'll be able to see these things in the first lines of the initial log. These are the credentials to authenticate against. The problem here is that sending creds over curl is a very bad idea. There are ways around it, but future work must be done to make the connection to the server more secure.

License

Copyright © 2020 Martin Nestorov

Author: Martin Nestorov [email protected]

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

sfpipo's People

Contributors

anarcroth avatar

Watchers

 avatar  avatar

sfpipo's Issues

Add per-running-session random password and name generation

It makes sense to put some form of security into this app. One thing that can be done is, instead of having a database, just generate each time the app is run, a random password and a random name to authenticate to.
Why?
Because each time the server starts, it's going to spit out the password and name, they will be logged on the machine, thus not easily visible if the machine is secure (a big if by the way) and then the password and username are a responsibility of the client to remember.
After that, these two things will be used to generate against to when reaching the app.
If remote host get's compromised, many things are in danger, so this simple security measure is enough to keep most people away.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.