From 0681af1633fc531cfec29360f4249b5ee162a2c7 Mon Sep 17 00:00:00 2001
From: G2-Games <ke0bhogsg@gmail.com>
Date: Mon, 21 Oct 2024 13:48:06 -0500
Subject: [PATCH] Added blake3 hashing of uploaded files
---
Cargo.lock | 189 ++++++++++++++++++++++++++++++++++++++++++++
Cargo.toml | 3 +
src/main.rs | 82 +++++++++++++------
src/static/main.css | 10 ++-
4 files changed, 258 insertions(+), 26 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
index 31cced0..b80020c 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -26,6 +26,33 @@ dependencies = [
"memchr",
]
+[[package]]
+name = "android-tzdata"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e999941b234f3131b00bc13c22d06e8c5ff726d1b6318ac7eb276997bbb4fef0"
+
+[[package]]
+name = "android_system_properties"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "arrayref"
+version = "0.3.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "76a2e8124351fda1ef8aaaa3bbd7ebbcb486bbcd4225aca0aa0d84bb2db8fecb"
+
+[[package]]
+name = "arrayvec"
+version = "0.7.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50"
+
[[package]]
name = "async-stream"
version = "0.3.6"
@@ -107,6 +134,25 @@ version = "2.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de"
+[[package]]
+name = "blake3"
+version = "1.5.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d82033247fd8e890df8f740e407ad4d038debb9eb1f40533fffb32e7d17dc6f7"
+dependencies = [
+ "arrayref",
+ "arrayvec",
+ "cc",
+ "cfg-if",
+ "constant_time_eq",
+]
+
+[[package]]
+name = "bumpalo"
+version = "3.16.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c"
+
[[package]]
name = "bytemuck"
version = "1.19.0"
@@ -140,6 +186,26 @@ version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
+[[package]]
+name = "chrono"
+version = "0.4.38"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a21f936df1771bf62b77f047b726c4625ff2e8aa607c01ec06e5a05bd8463401"
+dependencies = [
+ "android-tzdata",
+ "iana-time-zone",
+ "js-sys",
+ "num-traits",
+ "wasm-bindgen",
+ "windows-targets 0.52.6",
+]
+
+[[package]]
+name = "constant_time_eq"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7c74b8349d32d297c9134b8c88677813a227df8f779daa29bfc29c183fe3dca6"
+
[[package]]
name = "cookie"
version = "0.18.1"
@@ -151,6 +217,12 @@ dependencies = [
"version_check",
]
+[[package]]
+name = "core-foundation-sys"
+version = "0.8.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b"
+
[[package]]
name = "deranged"
version = "0.3.11"
@@ -457,6 +529,29 @@ dependencies = [
"want",
]
+[[package]]
+name = "iana-time-zone"
+version = "0.1.61"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "235e081f3925a06703c2d0117ea8b91f042756fd6e7a6e5d901e8ca1a996b220"
+dependencies = [
+ "android_system_properties",
+ "core-foundation-sys",
+ "iana-time-zone-haiku",
+ "js-sys",
+ "wasm-bindgen",
+ "windows-core",
+]
+
+[[package]]
+name = "iana-time-zone-haiku"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f"
+dependencies = [
+ "cc",
+]
+
[[package]]
name = "indexmap"
version = "2.6.0"
@@ -491,6 +586,15 @@ version = "1.0.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b"
+[[package]]
+name = "js-sys"
+version = "0.3.72"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6a88f1bda2bd75b0452a14784937d796722fdebfe50df998aeb3f0b7603019a9"
+dependencies = [
+ "wasm-bindgen",
+]
+
[[package]]
name = "lazy_static"
version = "1.5.0"
@@ -609,9 +713,12 @@ dependencies = [
name = "mochihost"
version = "0.1.0"
dependencies = [
+ "blake3",
+ "chrono",
"maud",
"rand",
"rocket",
+ "uuid",
]
[[package]]
@@ -649,6 +756,15 @@ version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9"
+[[package]]
+name = "num-traits"
+version = "0.2.19"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841"
+dependencies = [
+ "autocfg",
+]
+
[[package]]
name = "num_cpus"
version = "1.16.0"
@@ -1409,6 +1525,15 @@ version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853"
+[[package]]
+name = "uuid"
+version = "1.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f8c5f0a0af699448548ad1a2fbf920fb4bee257eae39953ba95cb84891a0446a"
+dependencies = [
+ "getrandom",
+]
+
[[package]]
name = "valuable"
version = "0.1.0"
@@ -1436,6 +1561,61 @@ version = "0.11.0+wasi-snapshot-preview1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
+[[package]]
+name = "wasm-bindgen"
+version = "0.2.95"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "128d1e363af62632b8eb57219c8fd7877144af57558fb2ef0368d0087bddeb2e"
+dependencies = [
+ "cfg-if",
+ "once_cell",
+ "wasm-bindgen-macro",
+]
+
+[[package]]
+name = "wasm-bindgen-backend"
+version = "0.2.95"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cb6dd4d3ca0ddffd1dd1c9c04f94b868c37ff5fac97c30b97cff2d74fce3a358"
+dependencies = [
+ "bumpalo",
+ "log",
+ "once_cell",
+ "proc-macro2",
+ "quote",
+ "syn",
+ "wasm-bindgen-shared",
+]
+
+[[package]]
+name = "wasm-bindgen-macro"
+version = "0.2.95"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e79384be7f8f5a9dd5d7167216f022090cf1f9ec128e6e6a482a2cb5c5422c56"
+dependencies = [
+ "quote",
+ "wasm-bindgen-macro-support",
+]
+
+[[package]]
+name = "wasm-bindgen-macro-support"
+version = "0.2.95"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+ "wasm-bindgen-backend",
+ "wasm-bindgen-shared",
+]
+
+[[package]]
+name = "wasm-bindgen-shared"
+version = "0.2.95"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "65fc09f10666a9f147042251e0dda9c18f166ff7de300607007e96bdebc1068d"
+
[[package]]
name = "winapi"
version = "0.3.9"
@@ -1467,6 +1647,15 @@ dependencies = [
"windows-targets 0.48.5",
]
+[[package]]
+name = "windows-core"
+version = "0.52.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9"
+dependencies = [
+ "windows-targets 0.52.6",
+]
+
[[package]]
name = "windows-sys"
version = "0.52.0"
diff --git a/Cargo.toml b/Cargo.toml
index 1544876..6e9dd22 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -4,6 +4,9 @@ version = "0.1.0"
edition = "2021"
[dependencies]
+blake3 = "1.5.4"
+chrono = "0.4.38"
maud = { version = "0.26", features = ["rocket"] }
rand = "0.8"
rocket = "0.5"
+uuid = { version = "1.11.0", features = ["v4"] }
diff --git a/src/main.rs b/src/main.rs
index a1e1af7..9091040 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,16 +1,15 @@
-use std::path::PathBuf;
-
+use std::path::{Path, PathBuf};
+use blake3::Hash;
use maud::{html, Markup, DOCTYPE, PreEscaped};
-
-use rand::Rng;
use rocket::{
- form::Form, fs::{FileServer, Options, TempFile}, get, post, routes, FromForm
+ form::Form, fs::{FileServer, Options, TempFile}, get, post, routes, tokio::{fs::File, io::AsyncReadExt}, FromForm
};
+use uuid::Uuid;
fn head(page_title: &str) -> Markup {
html! {
(DOCTYPE)
- meta charset="utf-8";
+ meta charset="UTF-8";
title { (page_title) }
// Javascript stuff for client side handling
script { (PreEscaped(include_str!("static/form_handler.js"))) }
@@ -24,21 +23,33 @@ fn home() -> Markup {
html! {
(head("Mochi"))
body {
- h1 { "File Hosting!" }
- form id="uploadForm" {
- label for="fileUpload" class="file-upload" onclick="document.getElementById('fileInput').click()" {
- "Upload File"
+ div class="main-wrapper" {
+ form id="uploadForm" {
+ label for="fileUpload" class="file-upload" onclick="document.getElementById('fileInput').click()" {
+ "Upload File"
+ }
+ input id="fileInput" type="file" name="fileUpload" onchange="formSubmit(this.parentNode)" style="display:none;";
+ }
+ div class="progress-box" {
+ progress id="uploadProgress" value="0" max="100" {}
+ p id="uploadProgressValue" class="progress-value" { "0%" }
}
- input id="fileInput" type="file" name="fileUpload" onchange="formSubmit(this.parentNode)" style="display:none;";
- }
- div class="progress-box" {
- progress id="uploadProgress" value="0" max="100" {}
- p id="uploadProgressValue" class="progress-value" { "0%" }
}
}
}
}
+struct Database {
+ files: Vec<File>
+}
+
+struct MochiFile {
+ /// The original name of the file
+ name: String,
+ /// The hashed contents of the file as a Blake3 hash
+ hash: Hash,
+}
+
#[derive(FromForm)]
struct Upload<'r> {
#[field(name = "fileUpload")]
@@ -49,21 +60,42 @@ struct Upload<'r> {
#[post("/upload", data = "<file_data>")]
async fn handle_upload(mut file_data: Form<Upload<'_>>) -> Result<(), std::io::Error> {
let mut out_path = PathBuf::from("files/");
- out_path.push(get_filename(file_data.file.name().unwrap()));
- file_data.file.persist_to(out_path).await?;
+
+ // Get temp path and hash it
+ let temp_filename = "temp_files/".to_owned() + &Uuid::new_v4().to_string();
+ file_data.file.persist_to(&temp_filename).await?;
+ let hash = hash_file(&temp_filename).await?;
+
+ out_path.push(get_filename(
+ // TODO: Properly sanitize this...
+ file_data.file.raw_name().unwrap().dangerous_unsafe_unsanitized_raw().as_str(),
+ hash
+ ));
+
+ // Move it to the new proper place
+ std::fs::rename(temp_filename, out_path)?;
Ok(())
}
-/// Get a random filename for use as the uploaded file's name
-fn get_filename(name: &str) -> String {
- let rand_string: String = rand::thread_rng()
- .sample_iter(&rand::distributions::Alphanumeric)
- .take(8)
- .map(char::from)
- .collect();
+async fn hash_file<P: AsRef<Path>>(input: &P) -> Result<Hash, std::io::Error> {
+ let mut file = File::open(input).await?;
+ let mut buf = vec![0; 5000000];
+ let mut hasher = blake3::Hasher::new();
- let uuid = rand_string + "_" + name;
+ let mut bytes_read = None;
+ while bytes_read != Some(0) {
+ bytes_read = Some(file.read(&mut buf).await?);
+ hasher.update(&buf[..bytes_read.unwrap()]);
+ dbg!(bytes_read);
+ }
+
+ Ok(hasher.finalize())
+}
+
+/// Get a random filename for use as the uploaded file's name
+fn get_filename(name: &str, hash: Hash) -> String {
+ let uuid = hash.to_hex()[0..10].to_string() + "_" + name;
uuid
}
diff --git a/src/static/main.css b/src/static/main.css
index 26cc835..d2fe2dc 100644
--- a/src/static/main.css
+++ b/src/static/main.css
@@ -1,6 +1,10 @@
@import url('https://g2games.dev/assets/fonts/fonts.css');
@import url('https://g2games.dev/assets/main-style.css');
+.main-wrapper {
+ margin: auto;
+}
+
.file-upload {
padding: 20px;
position: relative;
@@ -20,7 +24,6 @@
progress[value] {
border-radius: 5px;
- /* Reset the default appearance */
-webkit-appearance: none;
appearance: none;
@@ -33,6 +36,11 @@ progress[value]::-webkit-progress-bar, progress[value]::-moz-progress-bar {
border-radius: 5px;
}
+progress[value]::-webkit-progress-value {
+ background-color: #a6e3a1;
+ border-radius: 5px;
+}
+
.progress-box {
display: flex;
position: relative;