# Chookspace Files

A file management server over HTTP. Currently supports:

* Accounts with username and password
* Use a token to authenticate yourself
* Upload and download files
* You cannot access other people's files

## Setup (Server)

1. Install Go
2. cd to the server directory and run `go build`
3. Run the `files` binary

## Setup (Client)

Client coming soon!

## Usage

The `files` server binary takes three arguments: 

* `--storage-path`: Tells Files where to keep files that the user has uploaded. Default is `/opt/chookspace-files`
* `--db-path`: Tells Files where to keep the database that tracks user information. Default is `/opt/chookspace-files/files.db`
* `--port`: Tells Files which port to start the server on. Default is `5001`

### HTTPS

To reduce the attack surface, Files does not directly support HTTP. We recommend using a reverse proxy such as Caddy or a tunnel system like Cloudflare to allow secure access to the server.

## API

### /api/create_user

Creates a user in the database. Accepts JSON-formatted data.

Format: 

```json
{
    "username": "YOUR_USERNAME",
    "password": "YOUR_PASSWORD"
}
```

May return the following status codes:

* 200: Everything went fine
* 400: Either:
    * Bad JSON
    * A user with this username already exists
* 500: Either:
    * Error with BCrypt for password hashing
    * SQL error

### /api/create_session

Creates a token which can be used to authenticate yourself when uploading and downloading files. Accepts JSON-formatted data.

Format:

```json
{
    "username": "YOUR_USERNAME",
    "password": "YOUR_PASSWORD"
}
```

May return the following status codes:

* 200: Everything went fine. Check the JSON field "token" for your token.
* 400: Bad JSON
* 401: Either:
    * User not found
    * Incorrect password
* 500: SQL error

### /api/send_file

Sends a file to the server. Uses a token for authentication. Accepts a file and form data (files and JSON don't mix)

Format:

```
Form Data:
    token: YOUR_TOKEN
    path: WHERE_TO_STORE_FILE
```

May return the following status codes:

* 200: Everything went fine. Should return JSON with the SHA256 file hash and file size in bytes.
* 400: Either:
    * Bad form data
    * No file provided
* 401: Unknown token
* 500: Either:
    * Failed to read file
    * Failed to create storage directory
    * Failed to save file
    * Failed to save file metadata to database

### /api/get_file

Recieves a file from the server. Uses a token for authentication. Accepts JSON-formatted data.

Format:

```json
{
    "token": "YOUR_TOKEN",
    "path": "FILE_STORAGE_PATH"
}
```

May return the following status codes:

* 200: Everything went fine. The content recieved should be the content of your file.
* 400: Bad JSON
* 401: Unknown token
* 404: File not found
* 500: Either:
    * SQL error
    * File found in DB but not on disk