commit a94e97253d8c4f34624caef22b665143265c0ca0 Author: Christoffer Müller Madsen Date: Mon Jul 31 23:19:44 2017 +0200 initial commit; works diff --git a/server.rb b/server.rb new file mode 100644 index 0000000..2a870c1 --- /dev/null +++ b/server.rb @@ -0,0 +1,40 @@ +require 'sinatra' + +set :bind, '0.0.0.0' +set :port, '35257' + +USERS = { 'christoffermadsen' => 'lolol', 'gre' => 'lol'} +FILENAME_GENERATOR = lambda {rand(36**6).to_s(36)} + + +post '/upload' do + user = params['user'] + pass = params['pass'] + device_id = params['device_id'] + + puts "Receiving data from user #{user} on device #{device_id}" + puts "Authenticating with passphrase \"#{pass}\" on device #{device_id}" + + unless pass == USERS[user] + return 401 + end + + puts "Authentication successful for user #{user} on device #{device_id}" + + # Prefer filename sent with the request + impure_filename = (request['filename'] || FILENAME_GENERATOR.call) << ".png" + filename = sanitize_filename(impure_filename) + + File.open filename, 'w+' do |f| + f << request['imagedata'][:tempfile].read + end + + return [200, filename] +end + +def sanitize_filename(filename) + # https://stackoverflow.com/questions/1939333/how-to-make-a-ruby-string-safe-for-a-filesystem# + fn = filename.split /(?<=.)\.(?=[^.])(?!.*\.[^.])/m + fn.map! { |s| s.gsub /[^a-z0-9\-]+/i, '_' } + return fn.join '.' +end