Browse Source

Added ability to remove key from server after saving key to server.

tags/2.0.3
Teknikode 4 years ago
parent
commit
182c25d7b8

+ 21
- 2
Teknik/Areas/Upload/Controllers/UploadController.cs View File

@@ -57,13 +57,12 @@ namespace Teknik.Areas.Upload.Controllers
if (upload != null)
{
// We don't have the key, so we need to decrypt it client side
if (upload.Key == null)
if (string.IsNullOrEmpty(upload.Key))
{
DownloadViewModel model = new DownloadViewModel();
model.FileName = file;
model.ContentType = upload.ContentType;
model.ContentLength = upload.ContentLength;
model.Key = upload.Key;
model.IV = upload.IV;

return View(model);
@@ -193,5 +192,25 @@ namespace Teknik.Areas.Upload.Controllers
}
return Json(new { error = "Invalid URL" });
}

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult RemoveFileKey(string file, string key)
{
Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
if (upload != null)
{
if (upload.Key == key)
{
upload.Key = null;
db.Entry(upload).State = EntityState.Modified;
db.SaveChanges();
return Json(new { result = Url.SubRouteUrl("upload", "Upload.Download", new { file = file }) });
}
return Json(new { error = "Non-Matching Key" });
}
return Json(new { error = "Invalid URL" });
}
}
}

+ 1
- 0
Teknik/Areas/Upload/Scripts/Download.js View File

@@ -1,6 +1,7 @@
$(document).ready(downloadFile);

function downloadFile() {
var key = window.location.hash.substring(1);
var fd = new FormData();
fd.append('file', fileName);
fd.append('__RequestVerificationToken', $('#__AjaxAntiForgeryForm input[name=__RequestVerificationToken]').val());

+ 26
- 2
Teknik/Areas/Upload/Scripts/Upload.js View File

@@ -11,7 +11,31 @@ function linkSaveKey(selector, uploadID, key, fileID) {
data: AddAntiForgeryToken({ file: uploadID, key: key }),
success: function (html) {
if (html.result) {
$('#key-link-' + fileID).html('<button type="button" class="btn btn-default btn-sm" id="remove-key-link-' + fileID + '">Remove Key From Server</button>');
$('#upload-link-' + fileID).html('<p><a href="' + html.result + '" target="_blank" class="alert-link">' + html.result + '</a></p>');
linkRemoveKey('#remove-key-link-' + fileID + '', uploadID, key, fileID);
}
else {
$("#top_msg").css('display', 'inline', 'important');
$("#top_msg").html('<div class="alert alert-danger alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>' + html.error + '</div>');
}
}
});
return false;
});
}

function linkRemoveKey(selector, uploadID, key, fileID) {
$(selector).click(function () {
$.ajax({
type: "POST",
url: removeKeyFromServerURL,
data: AddAntiForgeryToken({ file: uploadID, key: key }),
success: function (html) {
if (html.result) {
$('#key-link-' + fileID).html('<button type="button" class="btn btn-default btn-sm" id="save-key-link-' + fileID + '">Save Key To Server</button>');
$('#upload-link-' + fileID).html('<p><a href="' + html.result + '#' + key + '" target="_blank" class="alert-link">' + html.result + '#' + key + '</a></p>');
linkSaveKey('#save-key-link-' + fileID + '', uploadID, key, fileID);
}
else {
$("#top_msg").css('display', 'inline', 'important');
@@ -221,13 +245,13 @@ function uploadProgress(fileID, evt) {
function uploadComplete(fileID, key, evt) {
obj = JSON.parse(evt.target.responseText);
var name = obj.result.name;
var fullName = decodeURIComponent(obj.result.url);
var fullName = obj.result.url;
$('#progress-' + fileID).children('.progress-bar').css('width', '100%');
$('#progress-' + fileID).children('.progress-bar').html('Complete');
$('#upload-link-' + fileID).html('<p><a href="' + fullName + '#' + key + '" target="_blank" class="alert-link">' + fullName + '#' + key + '</a></p>');
$('#link-footer-' + fileID).html(' \
<div class="row"> \
<div class="col-sm-4 text-center"> \
<div class="col-sm-4 text-center" id="key-link-' + fileID + '"> \
<button type="button" class="btn btn-default btn-sm" id="save-key-link-' + fileID + '">Save Key On Server</button> \
</div> \
<div class="col-sm-4 text-center"> \

+ 1
- 1
Teknik/Areas/Upload/Uploader.cs View File

@@ -44,8 +44,8 @@ namespace Teknik.Areas.Upload
upload.DateUploaded = DateTime.Now;
upload.Url = url;
upload.FileName = fileName;
upload.ContentType = (!string.IsNullOrEmpty(contentType)) ? contentType : "application/octet-stream";
upload.ContentLength = file.ContentLength;
upload.ContentType = contentType;
upload.Key = key;
upload.IV = iv;


+ 0
- 1
Teknik/Areas/Upload/ViewModels/DownloadViewModel.cs View File

@@ -11,7 +11,6 @@ namespace Teknik.Areas.Upload.ViewModels
public string FileName { get; set; }
public string ContentType { get; set; }
public int ContentLength { get; set; }
public string Key { get; set; }
public string IV { get; set; }
}
}

+ 0
- 5
Teknik/Areas/Upload/Views/Upload/Download.cshtml View File

@@ -6,11 +6,6 @@
var downloadDataUrl = '@Url.SubRouteUrl("upload", "Upload.Action", new { action = "DownloadData" })';
var fileName = '@Model.FileName';
var fileType = '@Model.ContentType';
var key = window.location.hash.substring(1);
if (key == null)
{
key = '@((Model.Key != null) ? Model.Key : string.Empty)';
}
var iv = '@Model.IV';
var chunkSize = @(Model.Config.UploadConfig.ChunkSize);
</script>

+ 5
- 8
Teknik/Areas/Upload/Views/Upload/Index.cshtml View File

@@ -5,6 +5,7 @@
var aesScriptSrc = '@Scripts.Url("~/bundles/crypto")';
var generateDeleteKeyURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action= "GenerateDeleteKey" })';
var saveKeyToServerURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action= "SaveFileKey" })';
var removeKeyFromServerURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action= "RemoveFileKey" })';
var uploadFileURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action = "Upload" })';
var maxUploadSize = @Model.Config.UploadConfig.MaxUploadSize;
var chunkSize = @Model.Config.UploadConfig.ChunkSize;
@@ -35,13 +36,6 @@
</div>
</div>
</div>
<div class="fallback text-center">
<div class="row">
<div class="col-sm-8 col-sm-offset-2">
<input name="file" type="file" class="form-control" multiple />
</div>
</div>
</div>
</div>
</div>
</div>
@@ -51,7 +45,10 @@
<br />
<div class="well text-center">
<p>
Each file is encrypted on upload using an AES-256-CTR cipher. If you wish to view the file decrypted, you must use the direct Teknik link.
Each file is encrypted on upload using an AES-256-CTR cipher.
</p>
<p>
To view the file decrypted, you must use the direct Teknik link in a javascript enabled browser or save the key to the server.
</p>
<p>
The maximum file size per upload is <b>@Utility.GetBytesReadable(Model.Config.UploadConfig.MaxUploadSize)</b>

Loading…
Cancel
Save