sachet/sachet-server
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: sachet:71683662eaef3ced8f41c95b3fe019b185aae3b0
Branches Tags
sachet:main
sachet:dev
sachet:wip-apidocs
..
compare: sachet:a14a516f41455fdd868fdd3cd298705f190a6d23
Branches Tags
sachet:main
sachet:dev
sachet:wip-apidocs

No commits in common. "71683662eaef3ced8f41c95b3fe019b185aae3b0" and "a14a516f41455fdd868fdd3cd298705f190a6d23" have entirely different histories.
71683662ea ... a14a516f41

11 changed files with 0 additions and 276 deletions
Show Stats Expand all files Collapse all files

1
.gitignore vendored
View File

@ -5,4 +5,3 @@ __pycache__/
config.yml config.yml
instance/ instance/
.coverage .coverage
docs/_build

20
docs/Makefile
View File

@ -1,20 +0,0 @@
# Minimal makefile for Sphinx documentation
#
# You can set these variables from the command line, and also
# from the environment for the first two.
SPHINXOPTS ?=
SPHINXBUILD ?= sphinx-build
SOURCEDIR = .
BUILDDIR = _build
# Put it first so that "make" without argument is like "make help".
help:
@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
.PHONY: help Makefile
# Catch-all target: route all unknown targets to Sphinx using the new
# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
%: Makefile
@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)

2
docs/admin.rst
View File

@ -1,2 +0,0 @@
Admin API
=========

89
docs/authentication.rst
View File

@ -1,89 +0,0 @@
Authentication
==============
Authentication is done via the ``Authorization`` HTTP header using a JSON Web Token (JWT).
As a client, there is no need to understand or parse JWTs; they can be considered as strings.
Signing in
----------
Signing in is done via ``POST /users/login``.
Use the following request body:
.. code-block:: json
{
"username": "your_username_here",
"password": "your_password_here"
}
The server will respond like this:
.. code-block:: json
{
"auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODUwNTgwNDcsImlhdCI6MTY4NDQ1MzI0Nywic3ViIjoidXNlciIsImp0aSI6bnVsbH0.nfJ06gLClROeS5rKg90pqaVikcr_-y00VbCTE3yK3fk",
"message": "Logged in.",
"status": "success",
"username": "user"
}
Save the token in ``auth_token``.
.. _authentication_usage:
Using the token
---------------
On any request that requires authentication, send this token via the ``Authorization`` HTTP header.
Use the following format:
.. code-block:: http
GET /users/user HTTP/1.1
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODUwNTg0MzMsImlhdCI6MTY4NDQ1MzYzMywic3ViIjoidXNlciIsImp0aSI6bnVsbH0.PBs_YWpIkorTghzTBDHVd3oKer9Vo_YNsgu-yIkG1Cg
Do note that based on server settings, some endpoints may allow access without authenticating.
Renewal
-------
By default, the tokens issued by the server expire after 7 days.
Getting a new token by the end of that period via the normal login API is cumbersome,
as it requires having the user's password.
To solve this problem, Sachet has a renewal API that takes your API token and renews it for you.
Make a ``POST /users/extend`` request with the authentication described in :ref:`authentication_usage`.
The server will respond like this:
.. code-block:: json
{
"auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODUwNTk1MDUsImlhdCI6MTY4NDQ1NDcwNSwic3ViIjoidXNlciIsImp0aSI6InJlbmV3In0.cf4T6U0IJL-ePvYC28QOYHODPi_vkDlaSjA1AdAGDUo",
"message": "Renewed token.",
"status": "success",
"username": "user"
}
You can now use the new token in ``auth_token`` for future authentication.
This does not revoke your old token.
See :ref:`authentication_log_out` for information on revoking tokens.
.. note::
Remember to use the ``POST`` HTTP method and not ``GET``.
If you use ``GET`` by accident, the server will assume you're trying to read the information of a user called 'extend'.
This will result in a "not authorized" error.
.. _authentication_log_out:
Signing out
-----------
To revoke a token before expiry, request ``POST /users/logout``.
Use the following request body:
.. code-block:: json
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODUwNTk3NjIsImlhdCI6MTY4NDQ1NDk2Miwic3ViIjoidXNlciIsImp0aSI6InJlbmV3In0.ZITIK8L5FzLtm-ASwIf6TkTb69z4bsZ8FF0mWee4YI4"
}

27
docs/conf.py
View File

@ -1,27 +0,0 @@
# Configuration file for the Sphinx documentation builder.
#
# For the full list of built-in configuration values, see the documentation:
# https://www.sphinx-doc.org/en/master/usage/configuration.html
# -- Project information -----------------------------------------------------
# https://www.sphinx-doc.org/en/master/usage/configuration.html#project-information
project = 'sachet-server'
copyright = '2023, dogeystamp'
author = 'dogeystamp'
# -- General configuration ---------------------------------------------------
# https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration
extensions = ["sphinx_rtd_theme"]
templates_path = ['_templates']
exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store']
# -- Options for HTML output -------------------------------------------------
# https://www.sphinx-doc.org/en/master/usage/configuration.html#options-for-html-output
html_theme = 'sphinx_rtd_theme'
html_static_path = ['_static']

2
docs/files.rst
View File

@ -1,2 +0,0 @@
Files API
=========

76
docs/index.rst
View File

@ -1,76 +0,0 @@
.. Sachet documentation master file, created by
sphinx-quickstart on Wed May 17 20:46:47 2023.
You can adapt this file completely to your liking, but it should at least
contain the root `toctree` directive.
Welcome to Sachet's documentation!
==================================
.. toctree::
:maxdepth: 2
:caption: Contents:
authentication
permissions
user
admin
files
Sachet is a small file-sharing server.
development
-----------
To start sachet in dev mode:
Clone the repo::
git clone https://github.com/dogeystamp/sachet
cd sachet
Create a venv with required dependencies::
python -m venv venv
source venv/bin/activate
python -m pip3 install -r requirements.txt
Create a configuration file (and set the secret key!)::
cp config.yml.example config.yml
vim config.yml
Start Flask in development mode::
flask --debug --app sachet.server run
tests
^^^^^
Run tests with pytest::
pytest --cov --cov-report term-missing
linting
^^^^^^^
Please use the linter before submitting code::
black .
database maintenance
--------------------
To clean up the database (remove stale entries)::
flask --app sachet.server cleanup
Otherwise, to upgrade the database after a schema change::
flask --app sachet.server db upgrade
Indices and tables
==================
* :ref:`genindex`
* :ref:`modindex`
* :ref:`search`

35
docs/make.bat
View File

@ -1,35 +0,0 @@
@ECHO OFF
pushd %~dp0
REM Command file for Sphinx documentation
if "%SPHINXBUILD%" == "" (
set SPHINXBUILD=sphinx-build
)
set SOURCEDIR=.
set BUILDDIR=_build
%SPHINXBUILD% >NUL 2>NUL
if errorlevel 9009 (
echo.
echo.The 'sphinx-build' command was not found. Make sure you have Sphinx
echo.installed, then set the SPHINXBUILD environment variable to point
echo.to the full path of the 'sphinx-build' executable. Alternatively you
echo.may add the Sphinx directory to PATH.
echo.
echo.If you don't have Sphinx installed, grab it from
echo.https://www.sphinx-doc.org/
exit /b 1
)
if "%1" == "" goto help
%SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O%
goto end
:help
%SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O%
:end
popd

2
docs/permissions.rst
View File

@ -1,2 +0,0 @@
Permissions
===========

2
docs/user.rst
View File

@ -1,2 +0,0 @@
User API
========

20
requirements.txt
View File

@ -1,15 +1,10 @@
alabaster==0.7.13
alembic==1.10.4 alembic==1.10.4
attrs==22.2.0 attrs==22.2.0
Babel==2.12.1
bcrypt==4.0.1 bcrypt==4.0.1
bitmask @ git+https://github.com/dogeystamp/bitmask@e3726f069c24f1db6ecb2e3d3143c9c930c83fa5 bitmask @ git+https://github.com/dogeystamp/bitmask@e3726f069c24f1db6ecb2e3d3143c9c930c83fa5
black==23.3.0 black==23.3.0
certifi==2023.5.7
charset-normalizer==3.1.0
click==8.1.3 click==8.1.3
coverage==7.2.1 coverage==7.2.1
docutils==0.18.1
exceptiongroup==1.1.0 exceptiongroup==1.1.0
Flask==2.2.3 Flask==2.2.3
Flask-Bcrypt==1.0.1 Flask-Bcrypt==1.0.1
@ -20,8 +15,6 @@ Flask-Script==2.0.6
Flask-SQLAlchemy==3.0.3 Flask-SQLAlchemy==3.0.3
Flask-Testing==0.8.1 Flask-Testing==0.8.1
greenlet==2.0.2 greenlet==2.0.2
idna==3.4
imagesize==1.4.1
iniconfig==2.0.0 iniconfig==2.0.0
itsdangerous==2.1.2 itsdangerous==2.1.2
Jinja2==3.1.2 Jinja2==3.1.2
@ -34,27 +27,14 @@ packaging==23.0
pathspec==0.11.1 pathspec==0.11.1
platformdirs==3.2.0 platformdirs==3.2.0
pluggy==1.0.0 pluggy==1.0.0
Pygments==2.15.1
PyJWT==2.6.0 PyJWT==2.6.0
pytest==7.2.2 pytest==7.2.2
pytest-cov==4.0.0 pytest-cov==4.0.0
pytest-env==0.8.1 pytest-env==0.8.1
PyYAML==6.0 PyYAML==6.0
requests==2.30.0
six==1.16.0 six==1.16.0
snowballstemmer==2.2.0
Sphinx==6.2.1
sphinx-rtd-theme==1.2.0
sphinxcontrib-applehelp==1.0.4
sphinxcontrib-devhelp==1.0.2
sphinxcontrib-htmlhelp==2.0.1
sphinxcontrib-jquery==4.1
sphinxcontrib-jsmath==1.0.1
sphinxcontrib-qthelp==1.0.3
sphinxcontrib-serializinghtml==1.1.5
SQLAlchemy==2.0.5.post1 SQLAlchemy==2.0.5.post1
SQLAlchemy-Utils==0.40.0 SQLAlchemy-Utils==0.40.0
tomli==2.0.1 tomli==2.0.1
typing_extensions==4.5.0 typing_extensions==4.5.0
urllib3==2.0.2
Werkzeug==2.2.3 Werkzeug==2.2.3