pshd/server.py at main · flexpa/pshd · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!/usr/bin/env python3
"""SHLink prototype server — static files + API endpoints."""

import json
import os
import secrets
import base64
from http.server import HTTPServer, SimpleHTTPRequestHandler
from socketserver import ThreadingMixIn
from urllib.parse import urlparse, parse_qs

STORAGE = {}  # id -> {"jwe": str, "audit": [{"timestamp": str, "recipient": str}]}
WEBROOT = "/home/exedev"


class Handler(SimpleHTTPRequestHandler):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, directory=WEBROOT, **kwargs)

    def end_headers(self):
        self.send_header("Access-Control-Allow-Origin", "*")
        self.send_header("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
        self.send_header("Access-Control-Allow-Headers", "Content-Type")
        super().end_headers()

    def do_OPTIONS(self):
        self.send_response(204)
        self.end_headers()

    # --- API routes ---

    def do_POST(self):
        if self.path == "/shl":
            length = int(self.headers.get("Content-Length", 0))
            body = json.loads(self.rfile.read(length))
            sid = base64.urlsafe_b64encode(secrets.token_bytes(32)).rstrip(b"=").decode()
            STORAGE[sid] = {"jwe": body["jwe"], "audit": []}
            self.send_response(201)
            self.send_header("Content-Type", "application/json")
            self.end_headers()
            self.wfile.write(json.dumps({"id": sid}).encode())
            return
        self.send_error(404)

    def do_GET(self):
        parsed = urlparse(self.path)
        parts = parsed.path.strip("/").split("/")

        # GET /shl/{id}/audit
        if len(parts) == 3 and parts[0] == "shl" and parts[2] == "audit":
            sid = parts[1]
            if sid not in STORAGE:
                self.send_error(404, "SHLink not found")
                return
            self.send_response(200)
            self.send_header("Content-Type", "application/json")
            self.send_header("Cache-Control", "no-cache")
            self.end_headers()
            self.wfile.write(json.dumps(STORAGE[sid]["audit"]).encode())
            return

        # GET /shl/{id}?recipient=...
        if len(parts) == 2 and parts[0] == "shl":
            sid = parts[1]
            if sid not in STORAGE:
                self.send_error(404, "SHLink not found")
                return
            qs = parse_qs(parsed.query)
            recipient = qs.get("recipient", ["unknown"])[0]
            from datetime import datetime, timezone
            STORAGE[sid]["audit"].append({
                "timestamp": datetime.now(timezone.utc).isoformat(),
                "recipient": recipient,
            })
            self.send_response(200)
            self.send_header("Content-Type", "application/jose")
            self.send_header("Cache-Control", "no-cache")
            self.end_headers()
            self.wfile.write(STORAGE[sid]["jwe"].encode())
            return

        # Redirect prototype.html to /
        if parsed.path == "/prototype.html":
            self.send_response(301)
            self.send_header("Location", "/")
            self.end_headers()
            return

        # Everything else: static files
        super().do_GET()


class ThreadingHTTPServer(ThreadingMixIn, HTTPServer):
    daemon_threads = True


if __name__ == "__main__":
    server = ThreadingHTTPServer(("127.0.0.1", 3000), Handler)
    print("Serving on http://127.0.0.1:3000")
    server.serve_forever()