require 'sinatra'

set :bind, '0.0.0.0'
set :port, '35257'

USERS = { 'christoffermadsen' => 'lolol', 'gre' => 'lol'}
FILENAME_GENERATOR = lambda {rand(36**6).to_s(36)}


post '/upload' do
  user = params['user']
  pass = params['pass']
  device_id = params['device_id']

  puts "Receiving data from user #{user} on device #{device_id}"
  puts "Authenticating with passphrase \"#{pass}\" on device #{device_id}"

  unless pass == USERS[user]
    return 401
  end

  puts "Authentication successful for user #{user} on device #{device_id}"

  # Prefer filename sent with the request
  impure_filename = (request['filename'] || FILENAME_GENERATOR.call) << ".png"
  filename = sanitize_filename(impure_filename)
  
  File.open filename, 'w+' do |f|
    f << request['imagedata'][:tempfile].read
  end
  
  return [200, filename]
end

def sanitize_filename(filename)
  # https://stackoverflow.com/questions/1939333/how-to-make-a-ruby-string-safe-for-a-filesystem#
  fn = filename.split /(?<=.)\.(?=[^.])(?!.*\.[^.])/m
  fn.map! { |s| s.gsub /[^a-z0-9\-]+/i, '_' }
  return fn.join '.'
end