Skip to content

Angel-del-dev/Filenest-V2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
cmd/core
cmd/core
 
 
config
config
 
 
internal
internal
 
 
schema
schema
 
 
scripts
scripts
 
 
.env-example
.env-example
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
docker-compose.yml
docker-compose.yml
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
readme.md
readme.md
 
 

Repository files navigation

Filenest V2

A robust self-hosted API written in Go, created to centralize file storage/serve.

Features

  • Security: JWT Auth.
  • Scalability: Rate Limiting.
  • Encrypted Local Storage: Encrypted physical files for simple/secure backup/restore.
  • Modularity: Clear responsability separation between domains.
  • Non Trivial storage Each file stored generates a storage key which decides where the file is located

Instalation and configuration

git clone https://github.com/Angel-del-dev/Filenest-V2.git filenest-v2
cd filenest-v2
go mod download
cp .env-example .env
# Database schema can be found in
/schema/db.sql
--psql
|> insert into users(email, password, role) values ('...', '...', 'admin');

Structure and execution

Dependencies

  • github.com/gofiber/fiber/v3: Go Web framework.
  • github.com/jackc/pgx/v5: PostgreSQL driver.
  • golang.org/x/crypto/bcrypt: Secure hash creation/validation.
  • crypto/aes: Encryption
  • crypto/cipher: Encryption
  • crypto/hmac: Encryption
  • crypto/rand: Encryption
  • crypto/sha256: Encryption
  • ncoding/hex: Encryption

Server startup

cd scripts
./runbuild.sh

Prerequisites

  • Go (Versión 1.20+, preferably 1.25)
  • PostgreSQL engine.

Environment variables (.env)

Project startup depends on .env variables.

Var Description Type Required Domain
DB_HOST Database host. string true DB
DB_NAME Database name. string true DB
DB_USER Database username. string true DB
DB_PASSWORD Database password. string true DB
DB_PORT Database port. int true DB
DB_SSLMODE Database sslmode. string true DB
JWT_SECRET Secret string to authenticate/create tokens(Random). string true JWT
ENCRYPTION_KEY Generated for file encryption(Random). string true ENCRYPTION
HMAC_KEY Generated for file encryption(Random). string true ENCRYPTION
MAX_REQUESTSPERMINUTE Rate limiting. int true RATE_LIMIT

API Endpoints

1. Authentication (/auth)

Endpoint:

Obtains a JWT token

  • Method: POST
  • Endpoint: /auth
  • Middleware: ContentTypeAllowed("application/json")
  • Request body: 
    {
    "user": "<string>", 
    "password": "<string>"
}
  • Response (200 OK): Returns auth token and expiration date 
    {
    "access_token": "<string>", 
    "expires_at": "<string>", 
    "expires_in": "<integer>" 
}
  • Errors:
    • 400 Bad Request: Invalid or insufficient parameters.
    • 401 Unauthorized: Invalid or credentials.
    • 403 Forbidden: User blocked(After 5 consecutive attempts to login with a wrong password).
    • 500 Internal Server Error: Serverside error.

2. User management (/users)

User creation

Creates a new user.

  • Method: POST
  • Route: /users
  • Middleware: JWT Middleware (SecretJWT), Content Type JSON, JWT Role is admin.
  • Request body: 
    {
    "user": "<string>",
    "password": "<string>"
}
  • Response (200 OK): {} (Success)
  • Errors:
    • 400 Bad Request: Invalid request.
    • 401 Unauthorized: Expired or invalid JWT Token.
    • 409 Conflict: User already exists.
    • 500 Internal Server Error: Serverside Error.

Endpoint: Remove

Removes a user.

  • Method: DELETE
  • Route: /users
  • Middleware: JWT Middleware (SecretJWT), Content Type JSON, JWT Role is admin.
  • Request body: 
    {
    "user": "<string>"
}
  • Response (200 OK): {} (Success)
  • Errors:
    • 400 Bad Request: Invalid request.
    • 404 Not Found: User not found.
    • 500 Internal Server Error: Serverside error.

3. Resources (/resources)

File Storage

Locally stores an encrypted file.

  • Method: POST
  • Route: /resources
  • Middleware: JWT Middleware (SecretJWT), Content Type multipart/form-data, JWT Role is NOT admin.
  • Request body: 
    {
    "protected": "<string>", // This parameter is optional and must be either 'false', 'true', '0' or '1'
    "file": "<file>"
}
  • Response (200 OK): {} (Success)
  • Errors:
    • 400 Bad Request: Invalid request.
    • 401 Unauthorized: Expired or invalid JWT Token.
    • 500 Internal Server Error: Serverside Error.

File Deletion

Removes a stored file.

  • Method: DELETE
  • Route: /resources/{file_id}
  • Middleware: JWT Middleware (SecretJWT), JWT Role is NOT admin.
  • Response (200 OK): {} (Success)
  • Errors:
    • 400 Bad Request: Invalid request.
    • 401 Unauthorized: Expired or invalid JWT Token.
    • 404 Not found: Resource linked to the user is not found.
    • 500 Internal Server Error: Serverside Error.

File Serve

Serves a stored file.

  • Method: GET
  • Route: /resources/{file_id}
  • Middleware: JWT Middleware(Only if the file was created with PROTECTED), JWT Role is NOT admin.
  • Response (200 OK): <file> (Success)
  • Errors:
    • 400 Bad Request: Invalid request.
    • 401 Unauthorized: Expired or invalid JWT Token.
    • 404 Not found: Resource linked to the user is not found.
    • 500 Internal Server Error: Serverside Error.

About

Self hosted, S3 inspired file storage API

filenest.dev/

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages