From a94e97253d8c4f34624caef22b665143265c0ca0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christoffer=20M=C3=BCller=20Madsen?=
 <christoffer@guava.space>
Date: Mon, 31 Jul 2017 23:19:44 +0200
Subject: [PATCH] initial commit; works

---
 server.rb | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 server.rb

diff --git a/server.rb b/server.rb
new file mode 100644
index 0000000..2a870c1
--- /dev/null
+++ b/server.rb
@@ -0,0 +1,40 @@
+require 'sinatra'
+
+set :bind, '0.0.0.0'
+set :port, '35257'
+
+USERS = { 'christoffermadsen' => 'lolol', 'gre' => 'lol'}
+FILENAME_GENERATOR = lambda {rand(36**6).to_s(36)}
+
+
+post '/upload' do
+  user = params['user']
+  pass = params['pass']
+  device_id = params['device_id']
+
+  puts "Receiving data from user #{user} on device #{device_id}"
+  puts "Authenticating with passphrase \"#{pass}\" on device #{device_id}"
+
+  unless pass == USERS[user]
+    return 401
+  end
+
+  puts "Authentication successful for user #{user} on device #{device_id}"
+
+  # Prefer filename sent with the request
+  impure_filename = (request['filename'] || FILENAME_GENERATOR.call) << ".png"
+  filename = sanitize_filename(impure_filename)
+  
+  File.open filename, 'w+' do |f|
+    f << request['imagedata'][:tempfile].read
+  end
+  
+  return [200, filename]
+end
+
+def sanitize_filename(filename)
+  # https://stackoverflow.com/questions/1939333/how-to-make-a-ruby-string-safe-for-a-filesystem#
+  fn = filename.split /(?<=.)\.(?=[^.])(?!.*\.[^.])/m
+  fn.map! { |s| s.gsub /[^a-z0-9\-]+/i, '_' }
+  return fn.join '.'
+end