kato/warpbox-dev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dbfdacc396ee8e116ae4ece3e03eea76c61764ca
warpbox-dev/backend/libs/handlers/download.go

936 lines
31 KiB
Go
Raw Normal View History

feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
package handlers
import (
feat(storage): add S3 backend support and advanced upload limits - Introduce S3-compatible storage backend support using minio-go. - Add configuration options for local storage limits, box limits, and rate limiting. - Implement storage backend selection (local vs S3) for anonymous and registered users. - Add an `/admin/storage` management interface. - Update documentation and environment examples with the new configuration variables.
2026-05-31 02:14:10 +03:00
"bytes"
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
"encoding/json"
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
"errors"
"fmt"
feat(storage): add S3 backend support and advanced upload limits - Introduce S3-compatible storage backend support using minio-go. - Add configuration options for local storage limits, box limits, and rate limiting. - Implement storage backend selection (local vs S3) for anonymous and registered users. - Add an `/admin/storage` management interface. - Update documentation and environment examples with the new configuration variables.
2026-05-31 02:14:10 +03:00
"io"
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
"net/http"
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
"net/url"
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
"os"
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
"path/filepath"
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
"sort"
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
"strings"
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
"time"
"warpbox.dev/backend/libs/helpers"
feat(backend): implement on-demand thumbnail generation When a thumbnail is requested but not yet available, attempt to generate it synchronously on-demand instead of immediately falling back to the placeholder image. - Export thumbnail generation helpers from the jobs package. - Update the Thumbnail handler to trigger on-demand generation if the thumbnail object is missing. - Save the updated box metadata with the new thumbnail reference. - Fall back to the placeholder image only if on-demand generation fails.
2026-06-03 15:20:26 +03:00
"warpbox.dev/backend/libs/jobs"
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
"warpbox.dev/backend/libs/services"
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
"warpbox.dev/backend/libs/web"
)
type downloadPageData struct {
Box boxView
Files []fileView
ZipURL string
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
Locked bool
Obfuscated bool
CanPreview bool
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
DownloadCount int
MaxDownloads int
ExpiresLabel string
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
EmojiTabs []emojiTabView
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
}
type boxView struct {
ID string
}
type fileView struct {
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
ID string
Name string
Size string
feat(preview): add file preview page with metadata and styling Implement a rich file preview interface to allow users to view file contents directly in the browser. Changes include: - Exposing raw file size (`SizeBytes`) in the download handler's file view. - Adding comprehensive CSS styling for the preview layout and cards. - Integrating Prism.js for syntax highlighting of code files. - Updating Content Security Policy (CSP) headers to permit inline styles and frame sources required by the preview components. - Adding unit tests to ensure preview metadata attributes are correctly rendered on the download page.
2026-06-03 14:28:50 +03:00
SizeBytes int64
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
ContentType string
PreviewKind string
URL string
DownloadURL string
ThumbnailURL string
feat(backend): add video scene preview generation and endpoint - Register a new route `GET /d/{boxID}/scene/{fileID}` to serve video scene previews. - Implement the `VideoScenesPreview` handler to serve existing previews or generate them on-demand. - Add helper functions to analyze video frames (e.g., luma calculation to filter out dark frames) and render the final scene thumbnail. - Update the `fileView` struct to include scene URL and status fields.
2026-06-05 10:42:30 +03:00
SceneURL string
feat(preview): add archive listing and browser support Introduces the ability to browse and preview the contents of archive files directly within the web interface. Changes include: - Added a new API endpoint `GET /d/{boxID}/archive/{fileID}` to fetch archive listings. - Implemented on-demand archive listing generation in the backend. - Updated the frontend preview component to support rendering and navigating archive contents.
2026-06-08 03:43:43 +03:00
ArchiveURL string
feat(handlers): add file icons with standard and retro variants Introduce file icon support to the file browser. Icons are loaded on startup and mapped based on file name and content type. - Load file icon mappings in the App handler initialization. - Add `HasThumbnail`, `IconURL`, and `IconRetroURL` to the file view. - Update CSS to support displaying file icons alongside thumbnails. - Add retro theme support to swap standard icons with pixelated retro variants when the retro theme is active.
2026-06-02 13:02:51 +03:00
HasThumbnail bool
feat(backend): add video scene preview generation and endpoint - Register a new route `GET /d/{boxID}/scene/{fileID}` to serve video scene previews. - Implement the `VideoScenesPreview` handler to serve existing previews or generate them on-demand. - Add helper functions to analyze video frames (e.g., luma calculation to filter out dark frames) and render the final scene thumbnail. - Update the `fileView` struct to include scene URL and status fields.
2026-06-05 10:42:30 +03:00
HasScene bool
feat(preview): add archive listing and browser support Introduces the ability to browse and preview the contents of archive files directly within the web interface. Changes include: - Added a new API endpoint `GET /d/{boxID}/archive/{fileID}` to fetch archive listings. - Implemented on-demand archive listing generation in the backend. - Updated the frontend preview component to support rendering and navigating archive contents.
2026-06-08 03:43:43 +03:00
HasArchive bool
feat(handlers): add file icons with standard and retro variants Introduce file icon support to the file browser. Icons are loaded on startup and mapped based on file name and content type. - Load file icon mappings in the App handler initialization. - Add `HasThumbnail`, `IconURL`, and `IconRetroURL` to the file view. - Update CSS to support displaying file icons alongside thumbnails. - Add retro theme support to swap standard icons with pixelated retro variants when the retro theme is active.
2026-06-02 13:02:51 +03:00
IconURL string
IconRetroURL string
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
ReactURL string
Reactions []reactionView
feat(ui): limit visible reactions and overhaul retro theme - Limit the number of initially visible reactions per file to 2 and calculate the overflow count on the backend. - Redesign the retro theme CSS to mimic a classic Windows 98 Explorer window, including title bars, toolbars, and sunken panes. - Add local storage persistence for the file browser view preference (list vs. thumbnails).
2026-06-02 14:43:16 +03:00
ReactionMore int
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
Reacted bool
feat(upload): add resumable chunk configuration and file validation - Add `WARPBOX_RESUMABLE_CHUNK_MODE` and `WARPBOX_RESUMABLE_CHUNK_PATH` environment variables to configure temporary chunk storage. - Implement strict file validation for resuming uploads to ensure selected files match the pending session's metadata. - Add `PLANS.md` to document development stages, roadmap, and API specifications (including batching and resumable flows).
2026-06-02 22:13:54 +03:00
Processing bool
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
}
type reactionView struct {
EmojiID string `json:"emojiId"`
URL string `json:"url"`
Label string `json:"label"`
Count int `json:"count"`
feat(ui): limit visible reactions and overhaul retro theme - Limit the number of initially visible reactions per file to 2 and calculate the overflow count on the backend. - Redesign the retro theme CSS to mimic a classic Windows 98 Explorer window, including title bars, toolbars, and sunken panes. - Add local storage persistence for the file browser view preference (list vs. thumbnails).
2026-06-02 14:43:16 +03:00
Visible bool `json:"visible"`
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
}
type emojiTabView struct {
ID string
Label string
Emojis []emojiOptionView
}
type emojiOptionView struct {
ID string `json:"id"`
URL string `json:"url"`
Label string `json:"label"`
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
}
type previewPageData struct {
Box boxView
File fileView
Locked bool
DownloadURL string
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
}
func (a *App) DownloadPage(w http.ResponseWriter, r *http.Request) {
box, err := a.uploadService.GetBox(r.PathValue("boxID"))
if err != nil {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("download page missing box", withRequestLogAttrs(r, "source", "download", "severity", "warn", "code", 4040, "box_id", r.PathValue("boxID"))...)
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
http.NotFound(w, r)
return
}
if err := a.uploadService.CanDownload(box); err != nil {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("download page unavailable", withRequestLogAttrs(r, "source", "download", "severity", "warn", "code", statusForDownloadError(err), "box_id", box.ID, "error", err.Error())...)
feat: add upload policies, daily limits, and storage quotas - Add environment variables to configure anonymous uploads, daily upload caps, and default user storage limits. - Update config loader to parse and validate the new settings. - Implement backend logic to track daily usage and active storage per user. - Update README and `.env.example` to document the new settings and admin panels.
2026-05-30 17:23:20 +03:00
a.renderPage(w, r, http.StatusForbidden, "download.html", web.PageData{
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
Title: "Download unavailable",
Description: "This Warpbox link is no longer available.",
Data: downloadPageData{
Box: boxView{ID: box.ID},
ExpiresLabel: err.Error(),
},
})
return
}
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
locked := a.uploadService.IsProtected(box) && !a.isBoxUnlocked(r, box)
feat(upload): add resumable chunk configuration and file validation - Add `WARPBOX_RESUMABLE_CHUNK_MODE` and `WARPBOX_RESUMABLE_CHUNK_PATH` environment variables to configure temporary chunk storage. - Implement strict file validation for resuming uploads to ensure selected files match the pending session's metadata. - Add `PLANS.md` to document development stages, roadmap, and API specifications (including batching and resumable flows).
2026-06-02 22:13:54 +03:00
if isSocialPreviewBot(r) && !locked && len(box.Files) == 1 {
feat(backend): enhance social previews for single-file shares Implements dynamic Open Graph (OG) metadata and image generation for single-file shared boxes to improve social media previews. Changes include: - Added a new route `/d/{boxID}/f/{fileID}/og-image.jpg` for file-specific OG images. - Updated `DownloadPage` to dynamically set the page title, description, and OG image properties when a box contains only one file. - Restricted raw media inline serving for social bots to images and videos. - Added helper functions to format file share descriptions and determine appropriate social image URLs and types. - Integrated basic font rendering to support dynamic OG image generation.
2026-06-03 14:55:19 +03:00
file := box.Files[0]
if file.Processing {
feat(upload): add resumable chunk configuration and file validation - Add `WARPBOX_RESUMABLE_CHUNK_MODE` and `WARPBOX_RESUMABLE_CHUNK_PATH` environment variables to configure temporary chunk storage. - Implement strict file validation for resuming uploads to ensure selected files match the pending session's metadata. - Add `PLANS.md` to document development stages, roadmap, and API specifications (including batching and resumable flows).
2026-06-02 22:13:54 +03:00
http.Error(w, "file is still processing", http.StatusAccepted)
return
}
feat(backend): enhance social previews for single-file shares Implements dynamic Open Graph (OG) metadata and image generation for single-file shared boxes to improve social media previews. Changes include: - Added a new route `/d/{boxID}/f/{fileID}/og-image.jpg` for file-specific OG images. - Updated `DownloadPage` to dynamically set the page title, description, and OG image properties when a box contains only one file. - Restricted raw media inline serving for social bots to images and videos. - Added helper functions to format file share descriptions and determine appropriate social image URLs and types. - Integrated basic font rendering to support dynamic OG image generation.
2026-06-03 14:55:19 +03:00
if shouldServeRawSocialMedia(file) {
a.serveFileContent(w, r, box, file, false)
a.logger.Info("single-file media served inline for social preview", withRequestLogAttrs(r, "source", "download", "severity", "user_activity", "code", 2008, "box_id", box.ID, "file_id", file.ID)...)
return
}
feat(upload): add resumable chunk configuration and file validation - Add `WARPBOX_RESUMABLE_CHUNK_MODE` and `WARPBOX_RESUMABLE_CHUNK_PATH` environment variables to configure temporary chunk storage. - Implement strict file validation for resuming uploads to ensure selected files match the pending session's metadata. - Add `PLANS.md` to document development stages, roadmap, and API specifications (including batching and resumable flows).
2026-06-02 22:13:54 +03:00
}
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
visitorID := a.reactionVisitorID(w, r)
reactionsByFile, reactedByFile, err := a.reactionService.SummaryForBox(box.ID, visitorID)
if err != nil {
a.logger.Warn("failed to load file reactions", withRequestLogAttrs(r, "source", "reactions", "severity", "warn", "code", 4300, "box_id", box.ID, "error", err.Error())...)
}
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
files := make([]fileView, 0, len(box.Files))
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
if !(locked && box.Obfuscate) {
for _, file := range box.Files {
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
files = append(files, a.fileViewWithReactions(box, file, reactionsByFile[file.ID], reactedByFile[file.ID]))
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
}
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
}
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
emojiTabs, err := a.emojiTabs()
if err != nil {
a.logger.Warn("failed to load emoji tabs", withRequestLogAttrs(r, "source", "reactions", "severity", "warn", "code", 4301, "box_id", box.ID, "error", err.Error())...)
}
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
feat(policy): support unlimited values in user policies and box expiry - Update user policy and user update handlers to accept -1 as an unlimited value for MaxDays, DailyBoxes, ActiveBoxes, and ShortWindowRequests. - Introduce `optionalIntAllowUnlimited` helper and update `optionalMBAllowZero` to support -1. - Use `boxExpiryLabel` helper across admin, dashboard, and download handlers to properly format expiration dates, supporting boxes that never expire.
2026-05-31 22:40:48 +03:00
expiresLabel := boxExpiryLabel(box.ExpiresAt, "Jan 2, 2006 15:04 MST")
feat(download): add dynamic OG metadata and fix thumbnail caching - Register a new route for box Open Graph images (`/d/{boxID}/og-image.jpg`). - Dynamically set the download page title, description, and OG image URL based on box state (e.g., file count, expiration, password protection). - Introduce `servePlaceholderThumbnail` to serve fallback thumbnails with `Cache-Control: no-store, must-revalidate`. This ensures the browser requests the real thumbnail once it is generated instead of caching the placeholder.
2026-05-31 17:57:56 +03:00
title := "Shared files on Warpbox"
description := fmt.Sprintf("%d file%s shared via Warpbox · expires %s", len(box.Files), plural(len(box.Files)), expiresLabel)
feat(backend): enhance social previews for single-file shares Implements dynamic Open Graph (OG) metadata and image generation for single-file shared boxes to improve social media previews. Changes include: - Added a new route `/d/{boxID}/f/{fileID}/og-image.jpg` for file-specific OG images. - Updated `DownloadPage` to dynamically set the page title, description, and OG image properties when a box contains only one file. - Restricted raw media inline serving for social bots to images and videos. - Added helper functions to format file share descriptions and determine appropriate social image URLs and types. - Integrated basic font rendering to support dynamic OG image generation.
2026-06-03 14:55:19 +03:00
ogImage := absoluteURL(r, fmt.Sprintf("/d/%s/og-image.jpg", box.ID))
imageAlt := fmt.Sprintf("%d shared file%s on Warp Box", len(box.Files), plural(len(box.Files)))
imageType := "image/jpeg"
if !locked && len(box.Files) == 1 && !box.Files[0].Processing {
file := box.Files[0]
view := a.fileView(box, file)
fileSize := helpers.FormatBytes(file.Size)
title = file.Name
description = fileShareDescription(fileSize, file.ContentType, box.ExpiresAt)
ogImage = socialImageURL(r, box, file, view)
imageAlt = fmt.Sprintf("Download card for %s", file.Name)
imageType = socialImageType(file)
}
feat(download): add dynamic OG metadata and fix thumbnail caching - Register a new route for box Open Graph images (`/d/{boxID}/og-image.jpg`). - Dynamically set the download page title, description, and OG image URL based on box state (e.g., file count, expiration, password protection). - Introduce `servePlaceholderThumbnail` to serve fallback thumbnails with `Cache-Control: no-store, must-revalidate`. This ensures the browser requests the real thumbnail once it is generated instead of caching the placeholder.
2026-05-31 17:57:56 +03:00
if locked && box.Obfuscate {
title = "Protected Warpbox link"
description = "This shared box is password protected."
}
feat(seo): add robots.txt, sitemap, and noindex tags for downloads Register routes for robots.txt and sitemap.xml, and implement search engine indexing controls to protect user privacy. Specifically: - Set `X-Robots-Tag: noindex, nofollow, noarchive` headers on file downloads, thumbnails, and zip generation. - Configure `Robots: web.RobotsNone` on download and preview pages to prevent indexing of temporary user uploads. - Add canonical URLs, improved descriptions, and image alt tags to page metadata for better social sharing.
2026-06-03 12:15:49 +03:00
pageURL := absoluteURL(r, fmt.Sprintf("/d/%s", box.ID))
// All user uploads are private/temporary — noindex by default.
robots := web.RobotsNone
feat: add upload policies, daily limits, and storage quotas - Add environment variables to configure anonymous uploads, daily upload caps, and default user storage limits. - Update config loader to parse and validate the new settings. - Implement backend logic to track daily usage and active storage per user. - Update README and `.env.example` to document the new settings and admin panels.
2026-05-30 17:23:20 +03:00
a.renderPage(w, r, http.StatusOK, "download.html", web.PageData{
feat(seo): add robots.txt, sitemap, and noindex tags for downloads Register routes for robots.txt and sitemap.xml, and implement search engine indexing controls to protect user privacy. Specifically: - Set `X-Robots-Tag: noindex, nofollow, noarchive` headers on file downloads, thumbnails, and zip generation. - Configure `Robots: web.RobotsNone` on download and preview pages to prevent indexing of temporary user uploads. - Add canonical URLs, improved descriptions, and image alt tags to page metadata for better social sharing.
2026-06-03 12:15:49 +03:00
Title: title,
Description: description,
CanonicalURL: pageURL,
Robots: robots,
ImageURL: ogImage,
feat(backend): enhance social previews for single-file shares Implements dynamic Open Graph (OG) metadata and image generation for single-file shared boxes to improve social media previews. Changes include: - Added a new route `/d/{boxID}/f/{fileID}/og-image.jpg` for file-specific OG images. - Updated `DownloadPage` to dynamically set the page title, description, and OG image properties when a box contains only one file. - Restricted raw media inline serving for social bots to images and videos. - Added helper functions to format file share descriptions and determine appropriate social image URLs and types. - Integrated basic font rendering to support dynamic OG image generation.
2026-06-03 14:55:19 +03:00
ImageAlt: imageAlt,
ImageType: imageType,
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
Data: downloadPageData{
Box: boxView{ID: box.ID},
Files: files,
ZipURL: fmt.Sprintf("/d/%s/zip", box.ID),
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
Locked: locked,
Obfuscated: box.Obfuscate,
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
DownloadCount: box.DownloadCount,
MaxDownloads: box.MaxDownloads,
feat(download): add dynamic OG metadata and fix thumbnail caching - Register a new route for box Open Graph images (`/d/{boxID}/og-image.jpg`). - Dynamically set the download page title, description, and OG image URL based on box state (e.g., file count, expiration, password protection). - Introduce `servePlaceholderThumbnail` to serve fallback thumbnails with `Cache-Control: no-store, must-revalidate`. This ensures the browser requests the real thumbnail once it is generated instead of caching the placeholder.
2026-05-31 17:57:56 +03:00
ExpiresLabel: expiresLabel,
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
EmojiTabs: emojiTabs,
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
},
})
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Info("download page viewed", withRequestLogAttrs(r, "source", "download", "severity", "user_activity", "code", 2003, "box_id", box.ID, "locked", locked)...)
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
}
feat(download): add dynamic OG metadata and fix thumbnail caching - Register a new route for box Open Graph images (`/d/{boxID}/og-image.jpg`). - Dynamically set the download page title, description, and OG image URL based on box state (e.g., file count, expiration, password protection). - Introduce `servePlaceholderThumbnail` to serve fallback thumbnails with `Cache-Control: no-store, must-revalidate`. This ensures the browser requests the real thumbnail once it is generated instead of caching the placeholder.
2026-05-31 17:57:56 +03:00
func plural(n int) string {
if n == 1 {
return ""
}
return "s"
}
feat(backend): enhance social previews for single-file shares Implements dynamic Open Graph (OG) metadata and image generation for single-file shared boxes to improve social media previews. Changes include: - Added a new route `/d/{boxID}/f/{fileID}/og-image.jpg` for file-specific OG images. - Updated `DownloadPage` to dynamically set the page title, description, and OG image properties when a box contains only one file. - Restricted raw media inline serving for social bots to images and videos. - Added helper functions to format file share descriptions and determine appropriate social image URLs and types. - Integrated basic font rendering to support dynamic OG image generation.
2026-06-03 14:55:19 +03:00
func shouldServeRawSocialMedia(file services.File) bool {
return file.PreviewKind == "image" || file.PreviewKind == "video"
}
func fileShareDescription(size, contentType string, expiresAt time.Time) string {
if strings.TrimSpace(contentType) == "" {
contentType = "file"
}
return fmt.Sprintf("%s · %s · click to preview or download · expires %s", size, contentType, boxExpiryLabel(expiresAt, "Jan 2, 2006"))
}
func socialImageURL(r *http.Request, box services.Box, file services.File, view fileView) string {
if file.PreviewKind == "image" {
return absoluteURL(r, view.DownloadURL+"?inline=1")
}
if file.PreviewKind == "video" && view.HasThumbnail {
return absoluteURL(r, view.ThumbnailURL)
}
return absoluteURL(r, fmt.Sprintf("/d/%s/f/%s/og-image.jpg", box.ID, file.ID))
}
func socialImageType(file services.File) string {
if file.PreviewKind == "image" {
return file.ContentType
}
return "image/jpeg"
}
func socialOGType(file services.File) string {
switch file.PreviewKind {
case "video":
return "video.other"
default:
return "website"
}
}
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
func (a *App) DownloadFile(w http.ResponseWriter, r *http.Request) {
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
box, file, ok := a.loadFileForRequest(w, r)
if !ok {
return
}
locked := a.uploadService.IsProtected(box) && !a.isBoxUnlocked(r, box)
feat(upload): add resumable chunk configuration and file validation - Add `WARPBOX_RESUMABLE_CHUNK_MODE` and `WARPBOX_RESUMABLE_CHUNK_PATH` environment variables to configure temporary chunk storage. - Implement strict file validation for resuming uploads to ensure selected files match the pending session's metadata. - Add `PLANS.md` to document development stages, roadmap, and API specifications (including batching and resumable flows).
2026-06-02 22:13:54 +03:00
if isSocialPreviewBot(r) && !locked {
if file.Processing {
http.Error(w, "file is still processing", http.StatusAccepted)
return
}
feat(backend): enhance social previews for single-file shares Implements dynamic Open Graph (OG) metadata and image generation for single-file shared boxes to improve social media previews. Changes include: - Added a new route `/d/{boxID}/f/{fileID}/og-image.jpg` for file-specific OG images. - Updated `DownloadPage` to dynamically set the page title, description, and OG image properties when a box contains only one file. - Restricted raw media inline serving for social bots to images and videos. - Added helper functions to format file share descriptions and determine appropriate social image URLs and types. - Integrated basic font rendering to support dynamic OG image generation.
2026-06-03 14:55:19 +03:00
if shouldServeRawSocialMedia(file) {
a.serveFileContent(w, r, box, file, false)
a.logger.Info("media file served inline for social preview", withRequestLogAttrs(r, "source", "download", "severity", "user_activity", "code", 2009, "box_id", box.ID, "file_id", file.ID)...)
return
}
feat(upload): add resumable chunk configuration and file validation - Add `WARPBOX_RESUMABLE_CHUNK_MODE` and `WARPBOX_RESUMABLE_CHUNK_PATH` environment variables to configure temporary chunk storage. - Implement strict file validation for resuming uploads to ensure selected files match the pending session's metadata. - Add `PLANS.md` to document development stages, roadmap, and API specifications (including batching and resumable flows).
2026-06-02 22:13:54 +03:00
}
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
view := a.fileView(box, file)
feat(seo): add robots.txt, sitemap, and noindex tags for downloads Register routes for robots.txt and sitemap.xml, and implement search engine indexing controls to protect user privacy. Specifically: - Set `X-Robots-Tag: noindex, nofollow, noarchive` headers on file downloads, thumbnails, and zip generation. - Configure `Robots: web.RobotsNone` on download and preview pages to prevent indexing of temporary user uploads. - Add canonical URLs, improved descriptions, and image alt tags to page metadata for better social sharing.
2026-06-03 12:15:49 +03:00
fileSize := helpers.FormatBytes(file.Size)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
title := file.Name
feat(backend): enhance social previews for single-file shares Implements dynamic Open Graph (OG) metadata and image generation for single-file shared boxes to improve social media previews. Changes include: - Added a new route `/d/{boxID}/f/{fileID}/og-image.jpg` for file-specific OG images. - Updated `DownloadPage` to dynamically set the page title, description, and OG image properties when a box contains only one file. - Restricted raw media inline serving for social bots to images and videos. - Added helper functions to format file share descriptions and determine appropriate social image URLs and types. - Integrated basic font rendering to support dynamic OG image generation.
2026-06-03 14:55:19 +03:00
description := fileShareDescription(fileSize, file.ContentType, box.ExpiresAt)
imageURL := socialImageURL(r, box, file, view)
imageAlt := fmt.Sprintf("Download card for %s", file.Name)
ogType := socialOGType(file)
mediaURL := ""
if file.PreviewKind == "video" {
mediaURL = absoluteURL(r, view.DownloadURL+"?inline=1")
}
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
if locked && box.Obfuscate {
title = "Protected Warpbox file"
description = "This shared file is password protected."
imageURL = absoluteURL(r, "/static/img/file-placeholder.webp")
feat(seo): add robots.txt, sitemap, and noindex tags for downloads Register routes for robots.txt and sitemap.xml, and implement search engine indexing controls to protect user privacy. Specifically: - Set `X-Robots-Tag: noindex, nofollow, noarchive` headers on file downloads, thumbnails, and zip generation. - Configure `Robots: web.RobotsNone` on download and preview pages to prevent indexing of temporary user uploads. - Add canonical URLs, improved descriptions, and image alt tags to page metadata for better social sharing.
2026-06-03 12:15:49 +03:00
imageAlt = "Password protected file on Warp Box"
feat(backend): enhance social previews for single-file shares Implements dynamic Open Graph (OG) metadata and image generation for single-file shared boxes to improve social media previews. Changes include: - Added a new route `/d/{boxID}/f/{fileID}/og-image.jpg` for file-specific OG images. - Updated `DownloadPage` to dynamically set the page title, description, and OG image properties when a box contains only one file. - Restricted raw media inline serving for social bots to images and videos. - Added helper functions to format file share descriptions and determine appropriate social image URLs and types. - Integrated basic font rendering to support dynamic OG image generation.
2026-06-03 14:55:19 +03:00
ogType = "website"
mediaURL = ""
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
}
feat(seo): add robots.txt, sitemap, and noindex tags for downloads Register routes for robots.txt and sitemap.xml, and implement search engine indexing controls to protect user privacy. Specifically: - Set `X-Robots-Tag: noindex, nofollow, noarchive` headers on file downloads, thumbnails, and zip generation. - Configure `Robots: web.RobotsNone` on download and preview pages to prevent indexing of temporary user uploads. - Add canonical URLs, improved descriptions, and image alt tags to page metadata for better social sharing.
2026-06-03 12:15:49 +03:00
pageURL := absoluteURL(r, fmt.Sprintf("/d/%s/f/%s", box.ID, file.ID))
feat: add upload policies, daily limits, and storage quotas - Add environment variables to configure anonymous uploads, daily upload caps, and default user storage limits. - Update config loader to parse and validate the new settings. - Implement backend logic to track daily usage and active storage per user. - Update README and `.env.example` to document the new settings and admin panels.
2026-05-30 17:23:20 +03:00
a.renderPage(w, r, http.StatusOK, "preview.html", web.PageData{
feat(seo): add robots.txt, sitemap, and noindex tags for downloads Register routes for robots.txt and sitemap.xml, and implement search engine indexing controls to protect user privacy. Specifically: - Set `X-Robots-Tag: noindex, nofollow, noarchive` headers on file downloads, thumbnails, and zip generation. - Configure `Robots: web.RobotsNone` on download and preview pages to prevent indexing of temporary user uploads. - Add canonical URLs, improved descriptions, and image alt tags to page metadata for better social sharing.
2026-06-03 12:15:49 +03:00
Title: title,
Description: description,
CanonicalURL: pageURL,
Robots: web.RobotsNone,
feat(backend): enhance social previews for single-file shares Implements dynamic Open Graph (OG) metadata and image generation for single-file shared boxes to improve social media previews. Changes include: - Added a new route `/d/{boxID}/f/{fileID}/og-image.jpg` for file-specific OG images. - Updated `DownloadPage` to dynamically set the page title, description, and OG image properties when a box contains only one file. - Restricted raw media inline serving for social bots to images and videos. - Added helper functions to format file share descriptions and determine appropriate social image URLs and types. - Integrated basic font rendering to support dynamic OG image generation.
2026-06-03 14:55:19 +03:00
OGType: ogType,
feat(seo): add robots.txt, sitemap, and noindex tags for downloads Register routes for robots.txt and sitemap.xml, and implement search engine indexing controls to protect user privacy. Specifically: - Set `X-Robots-Tag: noindex, nofollow, noarchive` headers on file downloads, thumbnails, and zip generation. - Configure `Robots: web.RobotsNone` on download and preview pages to prevent indexing of temporary user uploads. - Add canonical URLs, improved descriptions, and image alt tags to page metadata for better social sharing.
2026-06-03 12:15:49 +03:00
ImageURL: imageURL,
ImageAlt: imageAlt,
feat(backend): enhance social previews for single-file shares Implements dynamic Open Graph (OG) metadata and image generation for single-file shared boxes to improve social media previews. Changes include: - Added a new route `/d/{boxID}/f/{fileID}/og-image.jpg` for file-specific OG images. - Updated `DownloadPage` to dynamically set the page title, description, and OG image properties when a box contains only one file. - Restricted raw media inline serving for social bots to images and videos. - Added helper functions to format file share descriptions and determine appropriate social image URLs and types. - Integrated basic font rendering to support dynamic OG image generation.
2026-06-03 14:55:19 +03:00
ImageType: socialImageType(file),
MediaURL: mediaURL,
MediaType: file.ContentType,
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
Data: previewPageData{
Box: boxView{ID: box.ID},
File: view,
Locked: locked,
DownloadURL: view.DownloadURL,
},
})
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Info("file preview page viewed", withRequestLogAttrs(r, "source", "download", "severity", "user_activity", "code", 2004, "box_id", box.ID, "file_id", file.ID)...)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
}
func (a *App) DownloadFileContent(w http.ResponseWriter, r *http.Request) {
feat(seo): add robots.txt, sitemap, and noindex tags for downloads Register routes for robots.txt and sitemap.xml, and implement search engine indexing controls to protect user privacy. Specifically: - Set `X-Robots-Tag: noindex, nofollow, noarchive` headers on file downloads, thumbnails, and zip generation. - Configure `Robots: web.RobotsNone` on download and preview pages to prevent indexing of temporary user uploads. - Add canonical URLs, improved descriptions, and image alt tags to page metadata for better social sharing.
2026-06-03 12:15:49 +03:00
w.Header().Set("X-Robots-Tag", "noindex, nofollow, noarchive")
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
box, file, ok := a.loadFileForRequest(w, r)
if !ok {
return
}
if a.uploadService.IsProtected(box) && !a.isBoxUnlocked(r, box) {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("protected file download blocked", withRequestLogAttrs(r, "source", "download", "severity", "warn", "code", 4013, "box_id", box.ID, "file_id", file.ID)...)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
http.Error(w, "password required", http.StatusUnauthorized)
return
}
feat(upload): add resumable chunk configuration and file validation - Add `WARPBOX_RESUMABLE_CHUNK_MODE` and `WARPBOX_RESUMABLE_CHUNK_PATH` environment variables to configure temporary chunk storage. - Implement strict file validation for resuming uploads to ensure selected files match the pending session's metadata. - Add `PLANS.md` to document development stages, roadmap, and API specifications (including batching and resumable flows).
2026-06-02 22:13:54 +03:00
if file.Processing {
http.Error(w, "file is still processing", http.StatusAccepted)
return
}
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
a.serveFileContent(w, r, box, file, r.URL.Query().Get("inline") != "1")
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Info("file content served", withRequestLogAttrs(r, "source", "download", "severity", "user_activity", "code", 2005, "box_id", box.ID, "file_id", file.ID, "attachment", r.URL.Query().Get("inline") != "1")...)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
}
func (a *App) Thumbnail(w http.ResponseWriter, r *http.Request) {
feat(seo): add robots.txt, sitemap, and noindex tags for downloads Register routes for robots.txt and sitemap.xml, and implement search engine indexing controls to protect user privacy. Specifically: - Set `X-Robots-Tag: noindex, nofollow, noarchive` headers on file downloads, thumbnails, and zip generation. - Configure `Robots: web.RobotsNone` on download and preview pages to prevent indexing of temporary user uploads. - Add canonical URLs, improved descriptions, and image alt tags to page metadata for better social sharing.
2026-06-03 12:15:49 +03:00
w.Header().Set("X-Robots-Tag", "noindex, nofollow, noarchive")
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
box, file, ok := a.loadFileForRequest(w, r)
if !ok {
return
}
if a.uploadService.IsProtected(box) && box.Obfuscate && !a.isBoxUnlocked(r, box) {
feat(download): add dynamic OG metadata and fix thumbnail caching - Register a new route for box Open Graph images (`/d/{boxID}/og-image.jpg`). - Dynamically set the download page title, description, and OG image URL based on box state (e.g., file count, expiration, password protection). - Introduce `servePlaceholderThumbnail` to serve fallback thumbnails with `Cache-Control: no-store, must-revalidate`. This ensures the browser requests the real thumbnail once it is generated instead of caching the placeholder.
2026-05-31 17:57:56 +03:00
a.servePlaceholderThumbnail(w, r)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
return
}
feat(storage): add S3 backend support and advanced upload limits - Introduce S3-compatible storage backend support using minio-go. - Add configuration options for local storage limits, box limits, and rate limiting. - Implement storage backend selection (local vs S3) for anonymous and registered users. - Add an `/admin/storage` management interface. - Update documentation and environment examples with the new configuration variables.
2026-05-31 02:14:10 +03:00
object, err := a.uploadService.OpenThumbnailObject(r.Context(), box, file)
if err != nil {
feat(backend): implement on-demand thumbnail generation When a thumbnail is requested but not yet available, attempt to generate it synchronously on-demand instead of immediately falling back to the placeholder image. - Export thumbnail generation helpers from the jobs package. - Update the Thumbnail handler to trigger on-demand generation if the thumbnail object is missing. - Save the updated box metadata with the new thumbnail reference. - Fall back to the placeholder image only if on-demand generation fails.
2026-06-03 15:20:26 +03:00
if thumbnail := a.generateMissingThumbnailForRequest(r, box, file); thumbnail != "" {
file.Thumbnail = thumbnail
object, err = a.uploadService.OpenThumbnailObject(r.Context(), box, file)
if err == nil {
defer object.Body.Close()
w.Header().Set("Content-Type", "image/jpeg")
w.Header().Set("Cache-Control", "public, max-age=604800, immutable")
http.ServeContent(w, r, file.ID+"-thumbnail.jpg", object.ModTime, readSeekCloser(object.Body))
return
}
}
feat(download): add dynamic OG metadata and fix thumbnail caching - Register a new route for box Open Graph images (`/d/{boxID}/og-image.jpg`). - Dynamically set the download page title, description, and OG image URL based on box state (e.g., file count, expiration, password protection). - Introduce `servePlaceholderThumbnail` to serve fallback thumbnails with `Cache-Control: no-store, must-revalidate`. This ensures the browser requests the real thumbnail once it is generated instead of caching the placeholder.
2026-05-31 17:57:56 +03:00
// The thumbnail isn't generated yet (background job pending). Serve the
// placeholder but mark it non-cacheable, otherwise the browser would
// keep showing the placeholder until a hard refresh once the real
// thumbnail lands. The real thumbnail below is content-stable, so it
// gets a long immutable cache.
a.servePlaceholderThumbnail(w, r)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
return
}
feat(storage): add S3 backend support and advanced upload limits - Introduce S3-compatible storage backend support using minio-go. - Add configuration options for local storage limits, box limits, and rate limiting. - Implement storage backend selection (local vs S3) for anonymous and registered users. - Add an `/admin/storage` management interface. - Update documentation and environment examples with the new configuration variables.
2026-05-31 02:14:10 +03:00
defer object.Body.Close()
w.Header().Set("Content-Type", "image/jpeg")
w.Header().Set("Cache-Control", "public, max-age=604800, immutable")
http.ServeContent(w, r, file.ID+"-thumbnail.jpg", object.ModTime, readSeekCloser(object.Body))
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
}
feat(backend): add video scene preview generation and endpoint - Register a new route `GET /d/{boxID}/scene/{fileID}` to serve video scene previews. - Implement the `VideoScenesPreview` handler to serve existing previews or generate them on-demand. - Add helper functions to analyze video frames (e.g., luma calculation to filter out dark frames) and render the final scene thumbnail. - Update the `fileView` struct to include scene URL and status fields.
2026-06-05 10:42:30 +03:00
func (a *App) VideoScenesPreview(w http.ResponseWriter, r *http.Request) {
w.Header().Set("X-Robots-Tag", "noindex, nofollow, noarchive")
box, file, ok := a.loadFileForRequest(w, r)
if !ok {
return
}
if !jobs.NeedsVideoScenes(file) {
http.NotFound(w, r)
return
}
if a.uploadService.IsProtected(box) && box.Obfuscate && !a.isBoxUnlocked(r, box) {
a.servePlaceholderThumbnail(w, r)
return
}
object, err := a.uploadService.OpenSceneThumbnailObject(r.Context(), box, file)
if err != nil {
if scene := a.generateMissingVideoScenesForRequest(r, box, file); scene != "" {
file.SceneThumbnail = scene
object, err = a.uploadService.OpenSceneThumbnailObject(r.Context(), box, file)
if err == nil {
defer object.Body.Close()
w.Header().Set("Content-Type", "image/jpeg")
w.Header().Set("Cache-Control", "public, max-age=604800, immutable")
http.ServeContent(w, r, file.ID+"-scenes.jpg", object.ModTime, readSeekCloser(object.Body))
return
}
}
a.servePlaceholderThumbnail(w, r)
return
}
defer object.Body.Close()
w.Header().Set("Content-Type", "image/jpeg")
w.Header().Set("Cache-Control", "public, max-age=604800, immutable")
http.ServeContent(w, r, file.ID+"-scenes.jpg", object.ModTime, readSeekCloser(object.Body))
}
feat(preview): add archive listing and browser support Introduces the ability to browse and preview the contents of archive files directly within the web interface. Changes include: - Added a new API endpoint `GET /d/{boxID}/archive/{fileID}` to fetch archive listings. - Implemented on-demand archive listing generation in the backend. - Updated the frontend preview component to support rendering and navigating archive contents.
2026-06-08 03:43:43 +03:00
func (a *App) ArchiveListing(w http.ResponseWriter, r *http.Request) {
w.Header().Set("X-Robots-Tag", "noindex, nofollow, noarchive")
box, file, ok := a.loadFileForRequest(w, r)
if !ok {
return
}
if !jobs.NeedsArchiveListing(file) {
http.NotFound(w, r)
return
}
if a.uploadService.IsProtected(box) && box.Obfuscate && !a.isBoxUnlocked(r, box) {
http.Error(w, "password required", http.StatusUnauthorized)
return
}
if strings.ToLower(filepath.Ext(file.ArchiveListing)) != ".json" {
if listing := a.generateMissingArchiveListingForRequest(r, box, file); listing != "" {
file.ArchiveListing = listing
file.ArchiveListingObjectKey = ""
}
}
object, err := a.uploadService.OpenArchiveListingObject(r.Context(), box, file)
if err != nil {
if listing := a.generateMissingArchiveListingForRequest(r, box, file); listing != "" {
file.ArchiveListing = listing
file.ArchiveListingObjectKey = ""
object, err = a.uploadService.OpenArchiveListingObject(r.Context(), box, file)
if err == nil {
defer object.Body.Close()
w.Header().Set("Content-Type", "application/json")
w.Header().Set("Cache-Control", "public, max-age=604800, immutable")
http.ServeContent(w, r, file.ID+"-archive.json", object.ModTime, readSeekCloser(object.Body))
return
}
}
http.Error(w, "archive preview unavailable", http.StatusInternalServerError)
return
}
defer object.Body.Close()
w.Header().Set("Content-Type", "application/json")
w.Header().Set("Cache-Control", "public, max-age=604800, immutable")
http.ServeContent(w, r, file.ID+"-archive.json", object.ModTime, readSeekCloser(object.Body))
}
feat(backend): implement on-demand thumbnail generation When a thumbnail is requested but not yet available, attempt to generate it synchronously on-demand instead of immediately falling back to the placeholder image. - Export thumbnail generation helpers from the jobs package. - Update the Thumbnail handler to trigger on-demand generation if the thumbnail object is missing. - Save the updated box metadata with the new thumbnail reference. - Fall back to the placeholder image only if on-demand generation fails.
2026-06-03 15:20:26 +03:00
func (a *App) generateMissingThumbnailForRequest(r *http.Request, box services.Box, file services.File) string {
if file.Thumbnail != "" || !jobs.NeedsThumbnail(file) {
return ""
}
thumbnail, err := jobs.GenerateThumbnailForFile(a.uploadService, box, file)
if err != nil || thumbnail == "" {
if err != nil {
a.logger.Warn("on-demand thumbnail generation failed", withRequestLogAttrs(r, "source", "thumbnail", "severity", "warn", "code", 4102, "box_id", box.ID, "file_id", file.ID, "error", err.Error())...)
}
return ""
}
for i := range box.Files {
if box.Files[i].ID == file.ID {
box.Files[i].Thumbnail = thumbnail
break
}
}
if err := a.uploadService.SaveBox(box); err != nil {
a.logger.Warn("on-demand thumbnail metadata save failed", withRequestLogAttrs(r, "source", "thumbnail", "severity", "warn", "code", 4103, "box_id", box.ID, "file_id", file.ID, "error", err.Error())...)
return ""
}
return thumbnail
}
feat(backend): add video scene preview generation and endpoint - Register a new route `GET /d/{boxID}/scene/{fileID}` to serve video scene previews. - Implement the `VideoScenesPreview` handler to serve existing previews or generate them on-demand. - Add helper functions to analyze video frames (e.g., luma calculation to filter out dark frames) and render the final scene thumbnail. - Update the `fileView` struct to include scene URL and status fields.
2026-06-05 10:42:30 +03:00
func (a *App) generateMissingVideoScenesForRequest(r *http.Request, box services.Box, file services.File) string {
if file.SceneThumbnail != "" || !jobs.NeedsVideoScenes(file) {
return ""
}
scene, err := jobs.GenerateVideoScenesForFile(a.uploadService, box, file)
if err != nil || scene == "" {
if err != nil {
a.logger.Warn("on-demand video scenes preview generation failed", withRequestLogAttrs(r, "source", "thumbnail", "severity", "warn", "code", 4105, "box_id", box.ID, "file_id", file.ID, "error", err.Error())...)
}
return ""
}
for i := range box.Files {
if box.Files[i].ID == file.ID {
box.Files[i].SceneThumbnail = scene
break
}
}
if err := a.uploadService.SaveBox(box); err != nil {
a.logger.Warn("on-demand video scenes preview metadata save failed", withRequestLogAttrs(r, "source", "thumbnail", "severity", "warn", "code", 4106, "box_id", box.ID, "file_id", file.ID, "error", err.Error())...)
return ""
}
return scene
}
feat(preview): add archive listing and browser support Introduces the ability to browse and preview the contents of archive files directly within the web interface. Changes include: - Added a new API endpoint `GET /d/{boxID}/archive/{fileID}` to fetch archive listings. - Implemented on-demand archive listing generation in the backend. - Updated the frontend preview component to support rendering and navigating archive contents.
2026-06-08 03:43:43 +03:00
func (a *App) generateMissingArchiveListingForRequest(r *http.Request, box services.Box, file services.File) string {
if strings.ToLower(filepath.Ext(file.ArchiveListing)) == ".json" || !jobs.NeedsArchiveListing(file) {
return ""
}
listing, err := jobs.GenerateArchiveListingForFile(a.uploadService, box, file)
if err != nil || listing == "" {
if err != nil {
a.logger.Warn("on-demand archive listing generation failed", withRequestLogAttrs(r, "source", "thumbnail", "severity", "warn", "code", 4108, "box_id", box.ID, "file_id", file.ID, "error", err.Error())...)
}
return ""
}
for i := range box.Files {
if box.Files[i].ID == file.ID {
box.Files[i].ArchiveListing = listing
box.Files[i].ArchiveListingObjectKey = ""
break
}
}
if err := a.uploadService.SaveBox(box); err != nil {
a.logger.Warn("on-demand archive listing metadata save failed", withRequestLogAttrs(r, "source", "thumbnail", "severity", "warn", "code", 4109, "box_id", box.ID, "file_id", file.ID, "error", err.Error())...)
return ""
}
return listing
}
feat(download): add dynamic OG metadata and fix thumbnail caching - Register a new route for box Open Graph images (`/d/{boxID}/og-image.jpg`). - Dynamically set the download page title, description, and OG image URL based on box state (e.g., file count, expiration, password protection). - Introduce `servePlaceholderThumbnail` to serve fallback thumbnails with `Cache-Control: no-store, must-revalidate`. This ensures the browser requests the real thumbnail once it is generated instead of caching the placeholder.
2026-05-31 17:57:56 +03:00
// servePlaceholderThumbnail serves the fallback image with no-store so the
// browser re-requests on the next load and picks up the real thumbnail as soon
// as it has been generated.
func (a *App) servePlaceholderThumbnail(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Cache-Control", "no-store, must-revalidate")
http.ServeFile(w, r, filepath.Join(a.cfg.StaticDir, "img", "file-placeholder.webp"))
}
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
func (a *App) UnlockBox(w http.ResponseWriter, r *http.Request) {
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
box, err := a.uploadService.GetBox(r.PathValue("boxID"))
if err != nil {
http.NotFound(w, r)
return
}
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
if err := r.ParseForm(); err != nil {
http.Redirect(w, r, fmt.Sprintf("/d/%s", box.ID), http.StatusSeeOther)
return
}
if !a.uploadService.VerifyPassword(box, r.FormValue("password")) {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("box unlock failed", withRequestLogAttrs(r, "source", "user_activity", "severity", "warn", "code", 4011, "box_id", box.ID)...)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
http.Redirect(w, r, fmt.Sprintf("/d/%s", box.ID), http.StatusSeeOther)
return
}
http.SetCookie(w, &http.Cookie{
Name: unlockCookieName(box.ID),
Value: a.uploadService.UnlockToken(box),
Path: "/d/" + box.ID,
HttpOnly: true,
SameSite: http.SameSiteLaxMode,
Secure: r.TLS != nil,
Expires: box.ExpiresAt,
})
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Info("box unlocked", withRequestLogAttrs(r, "source", "user_activity", "severity", "user_activity", "code", 2002, "box_id", box.ID)...)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
http.Redirect(w, r, fmt.Sprintf("/d/%s", box.ID), http.StatusSeeOther)
}
func (a *App) loadFileForRequest(w http.ResponseWriter, r *http.Request) (services.Box, services.File, bool) {
box, err := a.uploadService.GetBox(r.PathValue("boxID"))
if err != nil {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("file request missing box", withRequestLogAttrs(r, "source", "download", "severity", "warn", "code", 4041, "box_id", r.PathValue("boxID"), "file_id", r.PathValue("fileID"))...)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
http.NotFound(w, r)
return services.Box{}, services.File{}, false
}
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
if err := a.uploadService.CanDownload(box); err != nil {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("file request unavailable", withRequestLogAttrs(r, "source", "download", "severity", "warn", "code", statusForDownloadError(err), "box_id", box.ID, "file_id", r.PathValue("fileID"), "error", err.Error())...)
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
http.Error(w, err.Error(), statusForDownloadError(err))
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
return services.Box{}, services.File{}, false
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
}
file, err := a.uploadService.FindFile(box, r.PathValue("fileID"))
if err != nil {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("file request missing file", withRequestLogAttrs(r, "source", "download", "severity", "warn", "code", 4042, "box_id", box.ID, "file_id", r.PathValue("fileID"))...)
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
http.NotFound(w, r)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
return services.Box{}, services.File{}, false
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
}
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
return box, file, true
}
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
func (a *App) serveFileContent(w http.ResponseWriter, r *http.Request, box services.Box, file services.File, attachment bool) {
feat(storage): add S3 backend support and advanced upload limits - Introduce S3-compatible storage backend support using minio-go. - Add configuration options for local storage limits, box limits, and rate limiting. - Implement storage backend selection (local vs S3) for anonymous and registered users. - Add an `/admin/storage` management interface. - Update documentation and environment examples with the new configuration variables.
2026-05-31 02:14:10 +03:00
object, err := a.uploadService.OpenFileObject(r.Context(), box, file)
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
if err != nil {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("file object missing", withRequestLogAttrs(r, "source", "download", "severity", "warn", "code", 4043, "box_id", box.ID, "file_id", file.ID, "error", err.Error())...)
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
http.NotFound(w, r)
return
}
feat(storage): add S3 backend support and advanced upload limits - Introduce S3-compatible storage backend support using minio-go. - Add configuration options for local storage limits, box limits, and rate limiting. - Implement storage backend selection (local vs S3) for anonymous and registered users. - Add an `/admin/storage` management interface. - Update documentation and environment examples with the new configuration variables.
2026-05-31 02:14:10 +03:00
defer object.Body.Close()
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
w.Header().Set("Content-Type", file.ContentType)
feat(download): support UTF-8 filenames in Content-Disposition Improve the Content-Disposition header formatting for file downloads by implementing RFC 5987 compliant filename encoding. This ensures that downloaded files retain their original names, including spaces and non-ASCII characters, across different browsers. - Add `contentDisposition` helper to generate both standard ASCII fallback and UTF-8 encoded filename parameters. - Sanitize filenames to prevent path traversal and replace unsafe characters with underscores in the ASCII fallback. - Update single file and ZIP downloads to use the new formatting. - Add unit tests to verify correct header generation for various filename scenarios.
2026-06-08 10:53:20 +03:00
disposition := "inline"
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
if attachment {
feat(download): support UTF-8 filenames in Content-Disposition Improve the Content-Disposition header formatting for file downloads by implementing RFC 5987 compliant filename encoding. This ensures that downloaded files retain their original names, including spaces and non-ASCII characters, across different browsers. - Add `contentDisposition` helper to generate both standard ASCII fallback and UTF-8 encoded filename parameters. - Sanitize filenames to prevent path traversal and replace unsafe characters with underscores in the ASCII fallback. - Update single file and ZIP downloads to use the new formatting. - Add unit tests to verify correct header generation for various filename scenarios.
2026-06-08 10:53:20 +03:00
disposition = "attachment"
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
}
feat(download): support UTF-8 filenames in Content-Disposition Improve the Content-Disposition header formatting for file downloads by implementing RFC 5987 compliant filename encoding. This ensures that downloaded files retain their original names, including spaces and non-ASCII characters, across different browsers. - Add `contentDisposition` helper to generate both standard ASCII fallback and UTF-8 encoded filename parameters. - Sanitize filenames to prevent path traversal and replace unsafe characters with underscores in the ASCII fallback. - Update single file and ZIP downloads to use the new formatting. - Add unit tests to verify correct header generation for various filename scenarios.
2026-06-08 10:53:20 +03:00
w.Header().Set("Content-Disposition", contentDisposition(disposition, file.Name))
feat(storage): add S3 backend support and advanced upload limits - Introduce S3-compatible storage backend support using minio-go. - Add configuration options for local storage limits, box limits, and rate limiting. - Implement storage backend selection (local vs S3) for anonymous and registered users. - Add an `/admin/storage` management interface. - Update documentation and environment examples with the new configuration variables.
2026-05-31 02:14:10 +03:00
if seeker, ok := object.Body.(io.ReadSeeker); ok {
http.ServeContent(w, r, file.Name, object.ModTime, seeker)
} else {
if object.Size > 0 {
w.Header().Set("Content-Length", fmt.Sprintf("%d", object.Size))
}
w.WriteHeader(http.StatusOK)
_, _ = io.Copy(w, object.Body)
}
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
if err := a.uploadService.RecordDownload(box.ID); err != nil && !errors.Is(err, os.ErrNotExist) {
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
a.logger.Warn("failed to record file download", "source", "download", "severity", "warn", "code", 4002, "box_id", box.ID, "error", err.Error())
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
}
}
feat(download): support UTF-8 filenames in Content-Disposition Improve the Content-Disposition header formatting for file downloads by implementing RFC 5987 compliant filename encoding. This ensures that downloaded files retain their original names, including spaces and non-ASCII characters, across different browsers. - Add `contentDisposition` helper to generate both standard ASCII fallback and UTF-8 encoded filename parameters. - Sanitize filenames to prevent path traversal and replace unsafe characters with underscores in the ASCII fallback. - Update single file and ZIP downloads to use the new formatting. - Add unit tests to verify correct header generation for various filename scenarios.
2026-06-08 10:53:20 +03:00
func contentDisposition(disposition, name string) string {
filename := cleanDownloadFilename(name)
return fmt.Sprintf(`%s; filename="%s"; filename*=UTF-8''%s`, disposition, asciiFilenameFallback(filename), url.PathEscape(filename))
}
func cleanDownloadFilename(name string) string {
clean := strings.TrimSpace(strings.ReplaceAll(name, "\\", "/"))
clean = filepath.Base(clean)
if clean == "" || clean == "." || clean == "/" {
return "download"
}
return clean
}
func asciiFilenameFallback(name string) string {
var fallback strings.Builder
for _, char := range name {
switch {
case char < 0x20 || char == 0x7f || char == '"' || char == '\\' || char == '/' || char == ';':
fallback.WriteByte('_')
case char <= 0x7e:
fallback.WriteRune(char)
default:
fallback.WriteByte('_')
}
}
clean := strings.TrimSpace(fallback.String())
if clean == "" {
return "download"
}
return clean
}
feat(storage): add S3 backend support and advanced upload limits - Introduce S3-compatible storage backend support using minio-go. - Add configuration options for local storage limits, box limits, and rate limiting. - Implement storage backend selection (local vs S3) for anonymous and registered users. - Add an `/admin/storage` management interface. - Update documentation and environment examples with the new configuration variables.
2026-05-31 02:14:10 +03:00
func readSeekCloser(source io.ReadCloser) io.ReadSeeker {
data, err := io.ReadAll(source)
if err != nil {
return bytes.NewReader(nil)
}
return bytes.NewReader(data)
}
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
func (a *App) DownloadZip(w http.ResponseWriter, r *http.Request) {
feat(seo): add robots.txt, sitemap, and noindex tags for downloads Register routes for robots.txt and sitemap.xml, and implement search engine indexing controls to protect user privacy. Specifically: - Set `X-Robots-Tag: noindex, nofollow, noarchive` headers on file downloads, thumbnails, and zip generation. - Configure `Robots: web.RobotsNone` on download and preview pages to prevent indexing of temporary user uploads. - Add canonical URLs, improved descriptions, and image alt tags to page metadata for better social sharing.
2026-06-03 12:15:49 +03:00
w.Header().Set("X-Robots-Tag", "noindex, nofollow, noarchive")
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
box, err := a.uploadService.GetBox(r.PathValue("boxID"))
if err != nil {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("zip request missing box", withRequestLogAttrs(r, "source", "download", "severity", "warn", "code", 4044, "box_id", r.PathValue("boxID"))...)
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
http.NotFound(w, r)
return
}
if err := a.uploadService.CanDownload(box); err != nil {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("zip request unavailable", withRequestLogAttrs(r, "source", "download", "severity", "warn", "code", statusForDownloadError(err), "box_id", box.ID, "error", err.Error())...)
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
http.Error(w, err.Error(), statusForDownloadError(err))
return
}
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
if a.uploadService.IsProtected(box) && !a.isBoxUnlocked(r, box) {
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Warn("protected zip download blocked", withRequestLogAttrs(r, "source", "download", "severity", "warn", "code", 4014, "box_id", box.ID)...)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
http.Error(w, "password required", http.StatusUnauthorized)
return
}
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
w.Header().Set("Content-Type", "application/zip")
feat(download): support UTF-8 filenames in Content-Disposition Improve the Content-Disposition header formatting for file downloads by implementing RFC 5987 compliant filename encoding. This ensures that downloaded files retain their original names, including spaces and non-ASCII characters, across different browsers. - Add `contentDisposition` helper to generate both standard ASCII fallback and UTF-8 encoded filename parameters. - Sanitize filenames to prevent path traversal and replace unsafe characters with underscores in the ASCII fallback. - Update single file and ZIP downloads to use the new formatting. - Add unit tests to verify correct header generation for various filename scenarios.
2026-06-08 10:53:20 +03:00
w.Header().Set("Content-Disposition", contentDisposition("attachment", "warpbox-"+box.ID+".zip"))
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
w.Header().Set("Last-Modified", time.Now().UTC().Format(http.TimeFormat))
if err := a.uploadService.WriteZip(w, box); err != nil {
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
a.logger.Error("zip download failed", "source", "download", "severity", "error", "code", 5002, "box_id", box.ID, "error", err.Error())
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
return
}
if err := a.uploadService.RecordDownload(box.ID); err != nil && !errors.Is(err, os.ErrNotExist) {
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
a.logger.Warn("failed to record zip download", "source", "download", "severity", "warn", "code", 4003, "box_id", box.ID, "error", err.Error())
}
refactor(handlers): standardize logging using request attributes helper - Replace manual IP logging with the `withRequestLogAttrs` helper in authentication handlers. - Add user activity logging for API documentation and login page views. - Clean up log calls to use variadic expansion of request attributes.
2026-06-01 11:30:38 +03:00
a.logger.Info("zip downloaded", withRequestLogAttrs(r, "source", "download", "severity", "user_activity", "code", 2006, "box_id", box.ID, "files", len(box.Files))...)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
}
func (a *App) fileView(box services.Box, file services.File) fileView {
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
return a.fileViewWithReactions(box, file, nil, false)
}
func (a *App) fileViewWithReactions(box services.Box, file services.File, reactions []services.ReactionSummary, reacted bool) fileView {
feat(handlers): add file icons with standard and retro variants Introduce file icon support to the file browser. Icons are loaded on startup and mapped based on file name and content type. - Load file icon mappings in the App handler initialization. - Add `HasThumbnail`, `IconURL`, and `IconRetroURL` to the file view. - Update CSS to support displaying file icons alongside thumbnails. - Add retro theme support to swap standard icons with pixelated retro variants when the retro theme is active.
2026-06-02 13:02:51 +03:00
icon := a.fileIcons.lookup(file.Name, file.ContentType)
feat(ui): limit visible reactions and overhaul retro theme - Limit the number of initially visible reactions per file to 2 and calculate the overflow count on the backend. - Redesign the retro theme CSS to mimic a classic Windows 98 Explorer window, including title bars, toolbars, and sunken panes. - Add local storage persistence for the file browser view preference (list vs. thumbnails).
2026-06-02 14:43:16 +03:00
reactionViews := a.reactionViews(reactions)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
return fileView{
ID: file.ID,
Name: file.Name,
Size: helpers.FormatBytes(file.Size),
feat(preview): add file preview page with metadata and styling Implement a rich file preview interface to allow users to view file contents directly in the browser. Changes include: - Exposing raw file size (`SizeBytes`) in the download handler's file view. - Adding comprehensive CSS styling for the preview layout and cards. - Integrating Prism.js for syntax highlighting of code files. - Updating Content Security Policy (CSP) headers to permit inline styles and frame sources required by the preview components. - Adding unit tests to ensure preview metadata attributes are correctly rendered on the download page.
2026-06-03 14:28:50 +03:00
SizeBytes: file.Size,
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
ContentType: file.ContentType,
PreviewKind: file.PreviewKind,
URL: fmt.Sprintf("/d/%s/f/%s", box.ID, file.ID),
DownloadURL: fmt.Sprintf("/d/%s/f/%s/download", box.ID, file.ID),
ThumbnailURL: fmt.Sprintf("/d/%s/thumb/%s", box.ID, file.ID),
feat(backend): add video scene preview generation and endpoint - Register a new route `GET /d/{boxID}/scene/{fileID}` to serve video scene previews. - Implement the `VideoScenesPreview` handler to serve existing previews or generate them on-demand. - Add helper functions to analyze video frames (e.g., luma calculation to filter out dark frames) and render the final scene thumbnail. - Update the `fileView` struct to include scene URL and status fields.
2026-06-05 10:42:30 +03:00
SceneURL: fmt.Sprintf("/d/%s/scene/%s", box.ID, file.ID),
feat(preview): add archive listing and browser support Introduces the ability to browse and preview the contents of archive files directly within the web interface. Changes include: - Added a new API endpoint `GET /d/{boxID}/archive/{fileID}` to fetch archive listings. - Implemented on-demand archive listing generation in the backend. - Updated the frontend preview component to support rendering and navigating archive contents.
2026-06-08 03:43:43 +03:00
ArchiveURL: fmt.Sprintf("/d/%s/archive/%s", box.ID, file.ID),
fix(handlers): support thumbnail rendering for files needing thumbnails Update `HasThumbnail` in `fileViewWithReactions` to evaluate to true if the file already has a thumbnail or if it is a file type that requires one (`jobs.NeedsThumbnail`). This ensures the download page renders the thumbnail element for files that are pending thumbnail generation or support dynamic thumbnails. Additionally, update tests in `upload_stage3_test.go` to verify the thumbnail image is rendered and relax the OG image URL matching.
2026-06-03 15:22:58 +03:00
HasThumbnail: file.Thumbnail != "" || jobs.NeedsThumbnail(file),
feat(backend): add video scene preview generation and endpoint - Register a new route `GET /d/{boxID}/scene/{fileID}` to serve video scene previews. - Implement the `VideoScenesPreview` handler to serve existing previews or generate them on-demand. - Add helper functions to analyze video frames (e.g., luma calculation to filter out dark frames) and render the final scene thumbnail. - Update the `fileView` struct to include scene URL and status fields.
2026-06-05 10:42:30 +03:00
HasScene: file.SceneThumbnail != "" || jobs.NeedsVideoScenes(file),
feat(preview): add archive listing and browser support Introduces the ability to browse and preview the contents of archive files directly within the web interface. Changes include: - Added a new API endpoint `GET /d/{boxID}/archive/{fileID}` to fetch archive listings. - Implemented on-demand archive listing generation in the backend. - Updated the frontend preview component to support rendering and navigating archive contents.
2026-06-08 03:43:43 +03:00
HasArchive: file.ArchiveListing != "" || jobs.NeedsArchiveListing(file),
feat(handlers): add file icons with standard and retro variants Introduce file icon support to the file browser. Icons are loaded on startup and mapped based on file name and content type. - Load file icon mappings in the App handler initialization. - Add `HasThumbnail`, `IconURL`, and `IconRetroURL` to the file view. - Update CSS to support displaying file icons alongside thumbnails. - Add retro theme support to swap standard icons with pixelated retro variants when the retro theme is active.
2026-06-02 13:02:51 +03:00
IconURL: fileIconURL("standard", icon.Standard),
IconRetroURL: fileIconURL("retro", icon.Retro),
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
ReactURL: fmt.Sprintf("/d/%s/f/%s/react", box.ID, file.ID),
feat(ui): limit visible reactions and overhaul retro theme - Limit the number of initially visible reactions per file to 2 and calculate the overflow count on the backend. - Redesign the retro theme CSS to mimic a classic Windows 98 Explorer window, including title bars, toolbars, and sunken panes. - Add local storage persistence for the file browser view preference (list vs. thumbnails).
2026-06-02 14:43:16 +03:00
Reactions: reactionViews,
ReactionMore: reactionOverflowCount(reactionViews),
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
Reacted: reacted,
feat(upload): add resumable chunk configuration and file validation - Add `WARPBOX_RESUMABLE_CHUNK_MODE` and `WARPBOX_RESUMABLE_CHUNK_PATH` environment variables to configure temporary chunk storage. - Implement strict file validation for resuming uploads to ensure selected files match the pending session's metadata. - Add `PLANS.md` to document development stages, roadmap, and API specifications (including batching and resumable flows).
2026-06-02 22:13:54 +03:00
Processing: file.Processing,
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
}
}
func (a *App) ReactToFile(w http.ResponseWriter, r *http.Request) {
box, file, ok := a.loadFileForRequest(w, r)
if !ok {
return
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
}
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
if a.uploadService.IsProtected(box) && !a.isBoxUnlocked(r, box) {
http.Error(w, "password required", http.StatusUnauthorized)
return
}
if err := r.ParseForm(); err != nil {
http.Error(w, "invalid reaction", http.StatusBadRequest)
return
}
emojiID := strings.TrimSpace(r.FormValue("emoji_id"))
if !a.validEmojiID(emojiID) {
http.Error(w, "unknown emoji", http.StatusBadRequest)
return
}
visitorID := a.reactionVisitorID(w, r)
reactions, err := a.reactionService.Add(box.ID, file.ID, visitorID, emojiID)
if errors.Is(err, os.ErrExist) {
writeJSON(w, http.StatusConflict, map[string]any{"error": "already reacted"})
return
}
if err != nil {
a.logger.Warn("file reaction failed", withRequestLogAttrs(r, "source", "reactions", "severity", "warn", "code", 4302, "box_id", box.ID, "file_id", file.ID, "error", err.Error())...)
http.Error(w, "could not save reaction", http.StatusInternalServerError)
return
}
a.logger.Info("file reaction added", withRequestLogAttrs(r, "source", "reactions", "severity", "user_activity", "code", 2301, "box_id", box.ID, "file_id", file.ID, "emoji_id", emojiID)...)
writeJSON(w, http.StatusCreated, map[string]any{
"reactions": a.reactionViews(reactions),
"reacted": true,
})
}
func (a *App) reactionViews(reactions []services.ReactionSummary) []reactionView {
views := make([]reactionView, 0, len(reactions))
feat(ui): limit visible reactions and overhaul retro theme - Limit the number of initially visible reactions per file to 2 and calculate the overflow count on the backend. - Redesign the retro theme CSS to mimic a classic Windows 98 Explorer window, including title bars, toolbars, and sunken panes. - Add local storage persistence for the file browser view preference (list vs. thumbnails).
2026-06-02 14:43:16 +03:00
for index, reaction := range reactions {
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
views = append(views, reactionView{
EmojiID: reaction.EmojiID,
URL: emojiURL(reaction.EmojiID),
Label: emojiLabel(reaction.EmojiID),
Count: reaction.Count,
feat(ui): limit visible reactions and overhaul retro theme - Limit the number of initially visible reactions per file to 2 and calculate the overflow count on the backend. - Redesign the retro theme CSS to mimic a classic Windows 98 Explorer window, including title bars, toolbars, and sunken panes. - Add local storage persistence for the file browser view preference (list vs. thumbnails).
2026-06-02 14:43:16 +03:00
Visible: index < 2,
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
})
}
return views
}
feat(ui): limit visible reactions and overhaul retro theme - Limit the number of initially visible reactions per file to 2 and calculate the overflow count on the backend. - Redesign the retro theme CSS to mimic a classic Windows 98 Explorer window, including title bars, toolbars, and sunken panes. - Add local storage persistence for the file browser view preference (list vs. thumbnails).
2026-06-02 14:43:16 +03:00
func reactionOverflowCount(reactions []reactionView) int {
if len(reactions) <= 2 {
return 0
}
return len(reactions) - 2
}
feat: add emoji reaction support for files - Implement `ReactionService` to manage file reactions in the database. - Add `POST /d/{boxID}/f/{fileID}/react` endpoint to handle user reactions. - Add `GET /emoji/{pack}/{file}` endpoint to serve custom emoji assets. - Support loading custom emoji packs dynamically from the data directory. - Update README with instructions on configuring emoji reaction packs.
2026-06-02 11:30:33 +03:00
func (a *App) emojiTabs() ([]emojiTabView, error) {
root := a.emojiRoot()
entries, err := os.ReadDir(root)
if err != nil {
if errors.Is(err, os.ErrNotExist) {
return nil, nil
}
return nil, err
}
tabs := make([]emojiTabView, 0, len(entries))
for _, entry := range entries {
if !entry.IsDir() {
continue
}
tabID := entry.Name()
files, err := os.ReadDir(filepath.Join(root, tabID))
if err != nil {
return nil, err
}
tab := emojiTabView{ID: tabID, Label: emojiTabLabel(tabID)}
for _, file := range files {
if file.IsDir() || !isEmojiFile(file.Name()) {
continue
}
emojiID := tabID + "/" + file.Name()
tab.Emojis = append(tab.Emojis, emojiOptionView{
ID: emojiID,
URL: emojiURL(emojiID),
Label: emojiLabel(emojiID),
})
}
sort.Slice(tab.Emojis, func(i, j int) bool { return tab.Emojis[i].ID < tab.Emojis[j].ID })
if len(tab.Emojis) > 0 {
tabs = append(tabs, tab)
}
}
sort.Slice(tabs, func(i, j int) bool { return tabs[i].ID < tabs[j].ID })
return tabs, nil
}
func (a *App) validEmojiID(id string) bool {
id = strings.TrimSpace(id)
if id == "" || strings.Contains(id, "\\") || strings.Contains(id, "..") || strings.HasPrefix(id, "/") {
return false
}
parts := strings.Split(id, "/")
if len(parts) != 2 || parts[0] == "" || parts[1] == "" || !isEmojiFile(parts[1]) {
return false
}
info, err := os.Stat(filepath.Join(a.emojiRoot(), parts[0], parts[1]))
return err == nil && !info.IsDir()
}
func (a *App) emojiRoot() string {
return filepath.Join(a.cfg.DataDir, "emoji")
}
func (a *App) reactionVisitorID(w http.ResponseWriter, r *http.Request) string {
const cookieName = "warpbox_reactor"
if cookie, err := r.Cookie(cookieName); err == nil && strings.TrimSpace(cookie.Value) != "" {
return cookie.Value
}
visitorID := services.RandomPublicToken(32)
http.SetCookie(w, &http.Cookie{
Name: cookieName,
Value: visitorID,
Path: "/",
HttpOnly: true,
SameSite: http.SameSiteLaxMode,
Secure: r.TLS != nil,
Expires: time.Now().AddDate(1, 0, 0),
})
return visitorID
}
func isEmojiFile(name string) bool {
ext := strings.ToLower(filepath.Ext(name))
return ext == ".svg" || ext == ".webp" || ext == ".png" || ext == ".jpg" || ext == ".jpeg" || ext == ".gif"
}
func emojiTabLabel(id string) string {
label := strings.NewReplacer("-", " ", "_", " ").Replace(id)
if label == "" {
return "Emoji"
}
return strings.ToUpper(label[:1]) + label[1:]
}
func emojiLabel(id string) string {
base := strings.TrimSuffix(filepath.Base(id), filepath.Ext(id))
return strings.ReplaceAll(base, "-", " ")
}
func emojiURL(id string) string {
parts := strings.Split(id, "/")
if len(parts) != 2 {
return ""
}
return "/emoji/" + url.PathEscape(parts[0]) + "/" + url.PathEscape(parts[1])
}
func writeJSON(w http.ResponseWriter, status int, value any) {
w.Header().Set("Content-Type", "application/json; charset=utf-8")
w.WriteHeader(status)
_ = json.NewEncoder(w).Encode(value)
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
}
func (a *App) isBoxUnlocked(r *http.Request, box services.Box) bool {
if !a.uploadService.IsProtected(box) {
return true
}
cookie, err := r.Cookie(unlockCookieName(box.ID))
if err != nil {
return false
}
return cookie.Value == a.uploadService.UnlockToken(box)
}
func unlockCookieName(boxID string) string {
return "warpbox_unlock_" + strings.NewReplacer("-", "_", ".", "_").Replace(boxID)
}
feat(policy): support unlimited values in user policies and box expiry - Update user policy and user update handlers to accept -1 as an unlimited value for MaxDays, DailyBoxes, ActiveBoxes, and ShortWindowRequests. - Introduce `optionalIntAllowUnlimited` helper and update `optionalMBAllowZero` to support -1. - Use `boxExpiryLabel` helper across admin, dashboard, and download handlers to properly format expiration dates, supporting boxes that never expire.
2026-05-31 22:40:48 +03:00
// neverExpires reports whether a box's expiry is far enough out to be treated as
// "forever" (set via the unlimited / -1 expiry option).
func neverExpires(t time.Time) bool {
return time.Until(t) > 50*365*24*time.Hour
}
// boxExpiryLabel formats a box's expiry with the given layout, rendering
// "forever" boxes as "Never" instead of a meaningless far-future date.
func boxExpiryLabel(t time.Time, layout string) string {
if neverExpires(t) {
return "Never"
}
return t.Format(layout)
}
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
func absoluteURL(r *http.Request, path string) string {
if strings.HasPrefix(path, "http://") || strings.HasPrefix(path, "https://") {
return path
}
scheme := "http"
if r.TLS != nil || r.Header.Get("X-Forwarded-Proto") == "https" {
scheme = "https"
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
}
feat: add admin console, cleanup, and thumbnail workers - Implement a token-authenticated admin console at `/admin` with overview metrics and file management. - Add a background worker to periodically clean up expired boxes based on `WARPBOX_CLEANUP_EVERY`. - Add a background worker to generate image and video thumbnails based on `WARPBOX_THUMBNAIL_EVERY`. - Update file storage paths to use `@each@` and `@thumb@` prefixes to separate original files from thumbnails. - Add severity fields to startup logs and update configuration templates.
2026-05-25 16:52:57 +03:00
return fmt.Sprintf("%s://%s%s", scheme, r.Host, path)
feat: add configurable data directory and file-based logging Introduce the `WARPBOX_DATA_DIR` environment variable to define where runtime data is stored. This directory will house uploaded files, the bbolt metadata database, and application logs. Changes include: - Added `WARPBOX_DATA_DIR` to configuration, defaulting to `./data`. - Implemented a custom logging package that writes JSONL logs to the data directory. - Updated `.gitignore` and `.env.example` to support the new data directory. - Documented the runtime data structure in `README.md`. - Updated the frontend upload script to handle form submission and display results.
2026-05-25 16:26:47 +03:00
}
feat(upload): add resumable chunk configuration and file validation - Add `WARPBOX_RESUMABLE_CHUNK_MODE` and `WARPBOX_RESUMABLE_CHUNK_PATH` environment variables to configure temporary chunk storage. - Implement strict file validation for resuming uploads to ensure selected files match the pending session's metadata. - Add `PLANS.md` to document development stages, roadmap, and API specifications (including batching and resumable flows).
2026-06-02 22:13:54 +03:00
func isSocialPreviewBot(r *http.Request) bool {
agent := strings.ToLower(r.UserAgent())
if agent == "" {
return false
}
bots := []string{
"discordbot",
"twitterbot",
"facebookexternalhit",
"telegrambot",
"whatsapp",
"slackbot",
"linkedinbot",
"skypeuripreview",
"embedly",
"pinterest",
"vkshare",
"mattermost",
"mastodon",
}
for _, bot := range bots {
if strings.Contains(agent, bot) {
return true
}
}
return false
}
Reference in New Issue Copy Permalink