diff --git a/src/public/js/download.js b/src/public/js/download.js index f1a65f3..cbf4b14 100644 --- a/src/public/js/download.js +++ b/src/public/js/download.js @@ -22,11 +22,15 @@ const main = () => { req.onload = () => { if (req.status == 200) { // Decrypt the file + const json = JSON.parse(req.responseText); const decrypted_file = RSA_dec( - req.responseText - .slice(1, -2) - .split(",") - .map((v) => BigInt(v)), + json.file.split(",").map((v) => BigInt(v)), + pub_key + ); + + // Decrypt the filename + const decrypted_filename = RSA_dec( + json.filename.split(",").map((v) => BigInt(v)), pub_key ); @@ -35,7 +39,7 @@ const main = () => { type: "application/json", }); const url = URL.createObjectURL(blob); - download(url, "text.txt"); // Retrieve the original filename + download(url, decrypted_filename); } else { console.error("Download failed."); } diff --git a/src/public/js/index.js b/src/public/js/index.js index 7f03fcb..61d5239 100644 --- a/src/public/js/index.js +++ b/src/public/js/index.js @@ -77,9 +77,9 @@ const send = (file, element) => { gen_RSA_keypair(1024).then(([pub_key, sec_key]) => { element = update(element, "Chiffrement du fichier...", "H3"); - console.log(RSA_enc(content, sec_key)); let data = { file: RSA_enc(content, sec_key).join(","), + filename: RSA_enc(file.name, sec_key).join(","), }; element = update(element, "Téléversement...", "H3"); diff --git a/src/routes/api/download.py b/src/routes/api/download.py index 8110922..c900206 100644 --- a/src/routes/api/download.py +++ b/src/routes/api/download.py @@ -8,13 +8,16 @@ router = Blueprint("download", __name__) @router.route("", methods=["POST"]) def download() -> Response: """Download interface (send file to javascript client)""" - json = request.get_json() - if json: + hash_data = request.get_json() + if hash_data: data = "" - with open(f"{Config.uploads_dir}/{json}", 'r') as f: + with open(f"{Config.uploads_dir}/{hash_data}", 'r') as f: data = f.read() + response = Config.database.get_filename(hash_data) + response["file"] = data + # Send the encrypted file to the javascript client - return jsonify(data) + return jsonify(response) return redirect("/file") diff --git a/src/routes/api/upload.py b/src/routes/api/upload.py index 7eb6526..107acbc 100644 --- a/src/routes/api/upload.py +++ b/src/routes/api/upload.py @@ -14,12 +14,12 @@ def upload() -> Response: json = request.get_json() if json: data = "".join(json["file"]) + filename = "".join(json["filename"]) data_hash = hash_data(data.replace(",", "")) with open(f"{Config.uploads_dir}/{data_hash}", 'w') as f: f.write(data) - # Maybe add the encrypted filename ? - Config.database.add_file(data_hash, int(time())) + Config.database.add_file(data_hash, filename, int(time())) # Send the hash to the javascript client return jsonify(data_hash) diff --git a/src/utils/sqlite.py b/src/utils/sqlite.py index c9810d7..256303b 100644 --- a/src/utils/sqlite.py +++ b/src/utils/sqlite.py @@ -59,15 +59,21 @@ class FilesDB(Database): self.request( f"CREATE TABLE IF NOT EXISTS {self.table_name} \ - (filename TEXT, date INTEGER);") + (hash TEXT, filename TEXT, date INTEGER);") - def add_file(self, filename: str, date: int) -> None: + def add_file(self, hash_file: str, filename: str, date: int) -> None: """Add a file""" self.request( - f"INSERT INTO {self.table_name} (filename, date) VALUES (?, ?);", - [filename, date]) + f"INSERT INTO {self.table_name} (hash, filename, date) VALUES (?, ?, ?);", + [hash_file, filename, date]) - def remove_file(self, filename: str) -> None: + def remove_file(self, hash_file: str) -> None: """Remove a file""" self.request( - f"DELETE FROM {self.table_name} WHERE filename = ?", filename) + f"DELETE FROM {self.table_name} WHERE hash = ?", hash_file) + + def get_filename(self, hash_file: str) -> dict: + """Return the filename of a specific file""" + query = "filename" + return self.format(query, self.request( + f"SELECT {query} FROM {self.table_name} WHERE hash = ?", hash_file))