backend/libs/handlers/upload.go

package handlers

import (
	"errors"
	"fmt"
	"mime/multipart"
	"net/http"
	"strconv"
	"strings"

	"warpbox.dev/backend/libs/helpers"
	"warpbox.dev/backend/libs/jobs"
	"warpbox.dev/backend/libs/services"
)

func (a *App) Upload(w http.ResponseWriter, r *http.Request) {
	r.Body = http.MaxBytesReader(w, r.Body, a.uploadService.MaxUploadSize()*8)
	if err := r.ParseMultipartForm(a.uploadService.MaxUploadSize() * 8); err != nil {
		helpers.WriteJSONError(w, http.StatusBadRequest, "upload form could not be read")
		return
	}

	files := uploadFiles(r)
	result, err := a.uploadService.CreateBox(files, services.UploadOptions{
		MaxDays:           parseInt(r.FormValue("max_days")),
		MaxDownloads:      parseInt(r.FormValue("max_downloads")),
		Password:          r.FormValue("password"),
		ObfuscateMetadata: r.FormValue("obfuscate_metadata") == "on",
	})
	if err != nil {
		a.logger.Warn("upload failed", "source", "user-upload", "severity", "warn", "code", 4001, "error", err.Error())
		helpers.WriteJSONError(w, http.StatusBadRequest, err.Error())
		return
	}
	jobs.GenerateThumbnailsForBoxAsync(a.uploadService, a.logger, result.BoxID)

	if wantsJSON(r) {
		helpers.WriteJSON(w, http.StatusCreated, result)
		return
	}

	w.Header().Set("Content-Type", "text/plain; charset=utf-8")
	w.WriteHeader(http.StatusCreated)
	_, _ = fmt.Fprintln(w, result.BoxURL)
}

func parseInt(value string) int {
	if value == "" {
		return 0
	}
	parsed, err := strconv.Atoi(value)
	if err != nil {
		return 0
	}
	return parsed
}

func statusForDownloadError(err error) int {
	if errors.Is(err, http.ErrMissingFile) {
		return http.StatusNotFound
	}
	return http.StatusForbidden
}

func uploadFiles(r *http.Request) []*multipart.FileHeader {
	if r.MultipartForm == nil {
		return nil
	}
	files := make([]*multipart.FileHeader, 0)
	files = append(files, r.MultipartForm.File["file"]...)
	files = append(files, r.MultipartForm.File["sharex"]...)
	return files
}

func wantsJSON(r *http.Request) bool {
	return strings.Contains(strings.ToLower(r.Header.Get("Accept")), "application/json")
}
feat: initialize warpbox.dev project structure and backend Initialize the repository with the core Go backend architecture and a frontend mockup for warpbox.dev, a self-hosted file-sharing application. - Set up Go backend modules for configuration, HTTP server, middleware, handlers, and templates. - Add local development scripts, environment templates, and basic project configuration. - Include a React-based frontend mockup under the docs directory. 2026-05-25 15:36:49 +03:00			`package handlers`

			`import (`
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results. 2026-05-25 16:26:47 +03:00			`"errors"`
feat(api): add API documentation and ShareX integration - Add an API documentation page with curl and ShareX examples. - Implement a dynamic ShareX configuration endpoint (`/api/v1/sharex/warpbox-anonymous.sxcu`) that generates a `.sxcu` file pre-configured with the instance's base URL. - Update anonymous uploads to return a private management link (`manageUrl`) and a deletion link (`deleteUrl`) in JSON responses. - Update README with details on Stage 3 Anonymous Integrations. - Add styling for the new API documentation view and management details. 2026-05-29 23:44:05 +03:00			`"fmt"`
			`"mime/multipart"`
feat: initialize warpbox.dev project structure and backend Initialize the repository with the core Go backend architecture and a frontend mockup for warpbox.dev, a self-hosted file-sharing application. - Set up Go backend modules for configuration, HTTP server, middleware, handlers, and templates. - Add local development scripts, environment templates, and basic project configuration. - Include a React-based frontend mockup under the docs directory. 2026-05-25 15:36:49 +03:00			`"net/http"`
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results. 2026-05-25 16:26:47 +03:00			`"strconv"`
feat(api): add API documentation and ShareX integration - Add an API documentation page with curl and ShareX examples. - Implement a dynamic ShareX configuration endpoint (`/api/v1/sharex/warpbox-anonymous.sxcu`) that generates a `.sxcu` file pre-configured with the instance's base URL. - Update anonymous uploads to return a private management link (`manageUrl`) and a deletion link (`deleteUrl`) in JSON responses. - Update README with details on Stage 3 Anonymous Integrations. - Add styling for the new API documentation view and management details. 2026-05-29 23:44:05 +03:00			`"strings"`
feat: initialize warpbox.dev project structure and backend Initialize the repository with the core Go backend architecture and a frontend mockup for warpbox.dev, a self-hosted file-sharing application. - Set up Go backend modules for configuration, HTTP server, middleware, handlers, and templates. - Add local development scripts, environment templates, and basic project configuration. - Include a React-based frontend mockup under the docs directory. 2026-05-25 15:36:49 +03:00
			`"warpbox.dev/backend/libs/helpers"`
feat(api): add API documentation and ShareX integration - Add an API documentation page with curl and ShareX examples. - Implement a dynamic ShareX configuration endpoint (`/api/v1/sharex/warpbox-anonymous.sxcu`) that generates a `.sxcu` file pre-configured with the instance's base URL. - Update anonymous uploads to return a private management link (`manageUrl`) and a deletion link (`deleteUrl`) in JSON responses. - Update README with details on Stage 3 Anonymous Integrations. - Add styling for the new API documentation view and management details. 2026-05-29 23:44:05 +03:00			`"warpbox.dev/backend/libs/jobs"`
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results. 2026-05-25 16:26:47 +03:00			`"warpbox.dev/backend/libs/services"`
feat: initialize warpbox.dev project structure and backend Initialize the repository with the core Go backend architecture and a frontend mockup for warpbox.dev, a self-hosted file-sharing application. - Set up Go backend modules for configuration, HTTP server, middleware, handlers, and templates. - Add local development scripts, environment templates, and basic project configuration. - Include a React-based frontend mockup under the docs directory. 2026-05-25 15:36:49 +03:00			`)`

feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results. 2026-05-25 16:26:47 +03:00			`func (a App) Upload(w http.ResponseWriter, r http.Request) {`
			`r.Body = http.MaxBytesReader(w, r.Body, a.uploadService.MaxUploadSize()*8)`
			`if err := r.ParseMultipartForm(a.uploadService.MaxUploadSize() * 8); err != nil {`
			`helpers.WriteJSONError(w, http.StatusBadRequest, "upload form could not be read")`
			`return`
			`}`
feat: initialize warpbox.dev project structure and backend Initialize the repository with the core Go backend architecture and a frontend mockup for warpbox.dev, a self-hosted file-sharing application. - Set up Go backend modules for configuration, HTTP server, middleware, handlers, and templates. - Add local development scripts, environment templates, and basic project configuration. - Include a React-based frontend mockup under the docs directory. 2026-05-25 15:36:49 +03:00
feat(api): add API documentation and ShareX integration - Add an API documentation page with curl and ShareX examples. - Implement a dynamic ShareX configuration endpoint (`/api/v1/sharex/warpbox-anonymous.sxcu`) that generates a `.sxcu` file pre-configured with the instance's base URL. - Update anonymous uploads to return a private management link (`manageUrl`) and a deletion link (`deleteUrl`) in JSON responses. - Update README with details on Stage 3 Anonymous Integrations. - Add styling for the new API documentation view and management details. 2026-05-29 23:44:05 +03:00			`files := uploadFiles(r)`
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results. 2026-05-25 16:26:47 +03:00			`result, err := a.uploadService.CreateBox(files, services.UploadOptions{`
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates. 2026-05-25 16:52:57 +03:00			`MaxDays: parseInt(r.FormValue("max_days")),`
			`MaxDownloads: parseInt(r.FormValue("max_downloads")),`
			`Password: r.FormValue("password"),`
			`ObfuscateMetadata: r.FormValue("obfuscate_metadata") == "on",`
feat: initialize warpbox.dev project structure and backend Initialize the repository with the core Go backend architecture and a frontend mockup for warpbox.dev, a self-hosted file-sharing application. - Set up Go backend modules for configuration, HTTP server, middleware, handlers, and templates. - Add local development scripts, environment templates, and basic project configuration. - Include a React-based frontend mockup under the docs directory. 2026-05-25 15:36:49 +03:00			`})`
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results. 2026-05-25 16:26:47 +03:00			`if err != nil {`
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates. 2026-05-25 16:52:57 +03:00			`a.logger.Warn("upload failed", "source", "user-upload", "severity", "warn", "code", 4001, "error", err.Error())`
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results. 2026-05-25 16:26:47 +03:00			`helpers.WriteJSONError(w, http.StatusBadRequest, err.Error())`
			`return`
			`}`
feat(api): add API documentation and ShareX integration - Add an API documentation page with curl and ShareX examples. - Implement a dynamic ShareX configuration endpoint (`/api/v1/sharex/warpbox-anonymous.sxcu`) that generates a `.sxcu` file pre-configured with the instance's base URL. - Update anonymous uploads to return a private management link (`manageUrl`) and a deletion link (`deleteUrl`) in JSON responses. - Update README with details on Stage 3 Anonymous Integrations. - Add styling for the new API documentation view and management details. 2026-05-29 23:44:05 +03:00			`jobs.GenerateThumbnailsForBoxAsync(a.uploadService, a.logger, result.BoxID)`
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results. 2026-05-25 16:26:47 +03:00
feat(api): add API documentation and ShareX integration - Add an API documentation page with curl and ShareX examples. - Implement a dynamic ShareX configuration endpoint (`/api/v1/sharex/warpbox-anonymous.sxcu`) that generates a `.sxcu` file pre-configured with the instance's base URL. - Update anonymous uploads to return a private management link (`manageUrl`) and a deletion link (`deleteUrl`) in JSON responses. - Update README with details on Stage 3 Anonymous Integrations. - Add styling for the new API documentation view and management details. 2026-05-29 23:44:05 +03:00			`if wantsJSON(r) {`
			`helpers.WriteJSON(w, http.StatusCreated, result)`
			`return`
			`}`

			`w.Header().Set("Content-Type", "text/plain; charset=utf-8")`
			`w.WriteHeader(http.StatusCreated)`
			`_, _ = fmt.Fprintln(w, result.BoxURL)`
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results. 2026-05-25 16:26:47 +03:00			`}`

			`func parseInt(value string) int {`
			`if value == "" {`
			`return 0`
			`}`
			`parsed, err := strconv.Atoi(value)`
			`if err != nil {`
			`return 0`
			`}`
			`return parsed`
			`}`

			`func statusForDownloadError(err error) int {`
			`if errors.Is(err, http.ErrMissingFile) {`
			`return http.StatusNotFound`
			`}`
			`return http.StatusForbidden`
feat: initialize warpbox.dev project structure and backend Initialize the repository with the core Go backend architecture and a frontend mockup for warpbox.dev, a self-hosted file-sharing application. - Set up Go backend modules for configuration, HTTP server, middleware, handlers, and templates. - Add local development scripts, environment templates, and basic project configuration. - Include a React-based frontend mockup under the docs directory. 2026-05-25 15:36:49 +03:00			`}`
feat(api): add API documentation and ShareX integration - Add an API documentation page with curl and ShareX examples. - Implement a dynamic ShareX configuration endpoint (`/api/v1/sharex/warpbox-anonymous.sxcu`) that generates a `.sxcu` file pre-configured with the instance's base URL. - Update anonymous uploads to return a private management link (`manageUrl`) and a deletion link (`deleteUrl`) in JSON responses. - Update README with details on Stage 3 Anonymous Integrations. - Add styling for the new API documentation view and management details. 2026-05-29 23:44:05 +03:00
			`func uploadFiles(r http.Request) []multipart.FileHeader {`
			`if r.MultipartForm == nil {`
			`return nil`
			`}`
			`files := make([]*multipart.FileHeader, 0)`
			`files = append(files, r.MultipartForm.File["file"]...)`
			`files = append(files, r.MultipartForm.File["sharex"]...)`
			`return files`
			`}`

			`func wantsJSON(r *http.Request) bool {`
			`return strings.Contains(strings.ToLower(r.Header.Get("Accept")), "application/json")`
			`}`