import os import re import uuid from flask import Flask, request, jsonify, send_from_directory import datetime app = Flask(__name__) app.config['UPLOAD_DIRECTORY'] = os.environ.get('UPLOAD_DIRECTORY', '/uploads') app.config['MAX_CONTENT_LENGTH'] = int(os.environ.get('MAX_CONTENT_LENGTH', '5')) * 1024 * 1024 # in MB VALID_FILENAME_REGEX = r'^[a-zA-Z0-9\-_\.]+$' AUTH_TOKEN = os.environ.get('AUTH_TOKEN', 'myuploadtoken') def is_valid_filename(filename): return bool(re.match(VALID_FILENAME_REGEX, filename)) @app.route('/health', methods=['GET']) def health_check(): return 'OK' @app.route('/upload', methods=['POST']) def upload_file(): if 'file' not in request.files: return jsonify({'error': 'No file part in the request'}), 400 if 'token' not in request.headers: return jsonify({'error': 'No token supplied'}), 401 if request.headers['token'] != AUTH_TOKEN: return jsonify({'error': 'Invalid token supplied'}), 401 file = request.files['file'] if file.filename == '': return jsonify({'error': 'No file selected for upload'}), 400 if not is_valid_filename(file.filename): return jsonify({'error': 'Invalid filename. Only alphanumeric characters, hyphens, underscores, and periods are allowed.'}), 400 filename = file.filename file.save(os.path.join(app.config['UPLOAD_DIRECTORY'], filename)) return jsonify({'success': 'File \'{}\' successfully uploaded'.format(filename)}) @app.route('/download/', methods=['GET']) def download_file(filename): try: return send_from_directory(app.config['UPLOAD_DIRECTORY'], filename) except FileNotFoundError: return jsonify({'error': 'File \'{}\' not found'}), 404 @app.route('/delete/', methods=['DELETE']) def delete_file(filename): if 'token' not in request.headers: return jsonify({'error': 'No token supplied'}), 401 if request.headers['token'] != AUTH_TOKEN: return jsonify({'error': 'Invalid token supplied'}), 401 file_path = os.path.join(app.config['UPLOAD_DIRECTORY'], filename) if not os.path.isfile(file_path): return jsonify({'error': 'File not found'}), 404 os.remove(file_path) return jsonify({'success': 'File \'{}\' successfully deleted'.format(filename)}) @app.route('/list', methods=['GET']) def list_files(): if 'token' not in request.headers: return jsonify({'error': 'No token supplied'}), 401 if request.headers['token'] != AUTH_TOKEN: return jsonify({'error': 'Invalid token supplied'}), 401 files = [] for filename in os.listdir(app.config['UPLOAD_DIRECTORY']): file_path = os.path.join(app.config['UPLOAD_DIRECTORY'], filename) if os.path.isfile(file_path): stats = os.stat(file_path) size = stats.st_size last_modified = datetime.datetime.fromtimestamp(stats.st_mtime).strftime('%Y-%m-%d %H:%M:%S') files.append({ 'name': filename, 'size': size, 'last_modified': last_modified }) return jsonify({'files': files}) if __name__ == '__main__': app.run(debug=True, host='0.0.0.0', port=int(os.environ.get('PORT', 5000)))