refactor: internals

Signed-off-by: skidoodle <contact@albert.lol>
fix: enforce max file size
2026-04-28 11:17:42 +02:00 · 2026-01-17 22:58:38 +01:00 · 2026-01-16 04:16:17 +01:00 · 2026-01-16 04:03:38 +01:00
13 changed files with 752 additions and 220 deletions
@@ -1,4 +1,4 @@
-FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder

 WORKDIR /app

@@ -1,3 +1,3 @@
 module github.com/skidoodle/safebin

-go 1.25.5
+go 1.25.6
@@ -21,36 +21,54 @@ type App struct {
 	Logger *slog.Logger
 }

-func LoadConfig() Config {
-	h := getEnv("SAFEBIN_HOST", "0.0.0.0")
-	p := getEnvInt("SAFEBIN_PORT", 8080)
-	s := getEnv("SAFEBIN_STORAGE", "./storage")
-	mDefault := int64(getEnvInt("SAFEBIN_MAX_MB", 512))
+const (
+	defaultHost = "0.0.0.0"
+	defaultPort  = 8080
+	defaultStorage = "./storage"
+	defaultMaxMB = 512
+)

-	var m int64
-	flag.StringVar(&h, "h", h, "Bind address")
-	flag.IntVar(&p, "p", p, "Port")
-	flag.StringVar(&s, "s", s, "Storage directory")
-	flag.Int64Var(&m, "m", mDefault, "Max file size in MB")
+func LoadConfig() Config {
+	hostEnv := getEnv("SAFEBIN_HOST", defaultHost)
+	portEnv := getEnvInt("SAFEBIN_PORT", defaultPort)
+	storageEnv := getEnv("SAFEBIN_STORAGE", defaultStorage)
+	maxMBEnv := int64(getEnvInt("SAFEBIN_MAX_MB", defaultMaxMB))
+
+	var host string
+	var port int
+	var storage string
+	var maxMB int64
+
+	flag.StringVar(&host, "h", hostEnv, "Bind address")
+	flag.IntVar(&port, "p", portEnv, "Port")
+	flag.StringVar(&storage, "s", storageEnv, "Storage directory")
+	flag.Int64Var(&maxMB, "m", maxMBEnv, "Max file size in MB")
 	flag.Parse()

-	return Config{Addr: fmt.Sprintf("%s:%d", h, p), StorageDir: s, MaxMB: m}
-}
-
-func getEnv(k, f string) string {
-	if v, ok := os.LookupEnv(k); ok {
-		return v
+	return Config{
+		Addr:       fmt.Sprintf("%s:%d", host, port),
+		StorageDir: storage,
+		MaxMB:      maxMB,
 	}
-	return f
 }

-func getEnvInt(k string, f int) int {
-	if v, ok := os.LookupEnv(k); ok {
-		if i, err := strconv.Atoi(v); err == nil {
+func getEnv(key, fallback string) string {
+	if value, ok := os.LookupEnv(key); ok {
+		return value
+	}
+
+	return fallback
+}
+
+func getEnvInt(key string, fallback int) int {
+	if value, ok := os.LookupEnv(key); ok {
+		i, err := strconv.Atoi(value)
+		if err == nil {
 			return i
 		}
 	}
-	return f
+
+	return fallback
 }

 func ParseTemplates() *template.Template {
@@ -2,6 +2,7 @@ package app

 import (
 	"encoding/base64"
+	"errors"
 	"fmt"
 	"io"
 	"mime"
@@ -14,106 +15,268 @@ import (
 	"github.com/skidoodle/safebin/internal/crypto"
 )

+const (
+	uploadChunkSize    = 8 << 20
+	maxRequestOverhead = 10 << 20
+	permUserRWX        = 0o700
+	slugLength         = 22
+	keyLength          = 16
+	megaByte           = 1 << 20
+	chunkSafetyMargin  = 2
+)
+
 var reUploadID = regexp.MustCompile(`^[a-zA-Z0-9]{10,50}$`)

-func (app *App) HandleHome(w http.ResponseWriter, r *http.Request) {
-	err := app.Tmpl.ExecuteTemplate(w, "base", map[string]any{
+func (app *App) HandleHome(writer http.ResponseWriter, request *http.Request) {
+	err := app.Tmpl.ExecuteTemplate(writer, "base", map[string]any{
 		"MaxMB": app.Conf.MaxMB,
-		"Host":  r.Host,
+		"Host":  request.Host,
 	})
+
 	if err != nil {
 		app.Logger.Error("Template error", "err", err)
 	}
 }

-func (app *App) HandleUpload(w http.ResponseWriter, r *http.Request) {
-	limit := (app.Conf.MaxMB << 20) + (1 << 20)
-	r.Body = http.MaxBytesReader(w, r.Body, limit)
+func (app *App) HandleUpload(writer http.ResponseWriter, request *http.Request) {
+	limit := (app.Conf.MaxMB * megaByte) + megaByte
+	request.Body = http.MaxBytesReader(writer, request.Body, limit)
+
+	file, header, err := request.FormFile("file")

-	file, header, err := r.FormFile("file")
 	if err != nil {
-		app.SendError(w, r, http.StatusBadRequest)
+		if err.Error() == "http: request body too large" {
+			app.SendError(writer, request, http.StatusRequestEntityTooLarge)
 			return
 		}
-	defer file.Close()

-	tmpPath := filepath.Join(app.Conf.StorageDir, "tmp", fmt.Sprintf("up_%d", os.Getpid()))
-	tmp, _ := os.Create(tmpPath)
-	defer os.Remove(tmpPath)
-	defer tmp.Close()
+		app.SendError(writer, request, http.StatusBadRequest)
+
+		return
+	}
+
+	defer func() {
+		if closeErr := file.Close(); closeErr != nil {
+			app.Logger.Error("Failed to close upload file", "err", closeErr)
+		}
+	}()
+
+	tmp, err := os.CreateTemp(filepath.Join(app.Conf.StorageDir, "tmp"), "up_*")
+
+	if err != nil {
+		app.Logger.Error("Failed to create temp file", "err", err)
+		app.SendError(writer, request, http.StatusInternalServerError)
+
+		return
+	}
+
+	tmpPath := tmp.Name()
+
+	defer func() {
+		if removeErr := os.Remove(tmpPath); removeErr != nil && !os.IsNotExist(removeErr) {
+			app.Logger.Error("Failed to remove temp file", "err", removeErr)
+		}
+	}()
+
+	defer func() {
+		if closeErr := tmp.Close(); closeErr != nil {
+			app.Logger.Error("Failed to close temp file", "err", closeErr)
+		}
+	}()

 	if _, err := io.Copy(tmp, file); err != nil {
-		app.SendError(w, r, http.StatusRequestEntityTooLarge)
+		app.Logger.Error("Failed to write temp file", "err", err)
+		app.SendError(writer, request, http.StatusRequestEntityTooLarge)
+
 		return
 	}

-	app.FinalizeFile(w, r, tmp, header.Filename)
+	app.FinalizeFile(writer, request, tmp, header.Filename)
 }

-func (app *App) HandleChunk(w http.ResponseWriter, r *http.Request) {
-	uid := r.FormValue("upload_id")
-	idx, _ := strconv.Atoi(r.FormValue("index"))
+func (app *App) HandleChunk(writer http.ResponseWriter, request *http.Request) {
+	request.Body = http.MaxBytesReader(writer, request.Body, maxRequestOverhead)

-	if !reUploadID.MatchString(uid) || idx > 1000 {
-		app.SendError(w, r, http.StatusBadRequest)
-		return
-	}
+	uid := request.FormValue("upload_id")

-	file, _, err := r.FormFile("chunk")
+	idx, err := strconv.Atoi(request.FormValue("index"))
 	if err != nil {
+		app.SendError(writer, request, http.StatusBadRequest)
 		return
 	}
-	defer file.Close()

-	dir := filepath.Join(app.Conf.StorageDir, "tmp", uid)
-	os.MkdirAll(dir, 0700)
+	maxChunks := int((app.Conf.MaxMB*megaByte)/uploadChunkSize) + chunkSafetyMargin

-	dest, _ := os.Create(filepath.Join(dir, strconv.Itoa(idx)))
-	defer dest.Close()
-	io.Copy(dest, file)
+	if !reUploadID.MatchString(uid) || idx > maxChunks || idx < 0 {
+		app.SendError(writer, request, http.StatusBadRequest)
+		return
+	}
+
+	file, _, err := request.FormFile("chunk")
+
+	if err != nil {
+		if err.Error() == "http: request body too large" {
+			app.SendError(writer, request, http.StatusRequestEntityTooLarge)
+			return
+		}
+
+		app.SendError(writer, request, http.StatusBadRequest)
+
+		return
+	}
+
+	defer func() {
+		if closeErr := file.Close(); closeErr != nil {
+			app.Logger.Error("Failed to close chunk file", "err", closeErr)
+		}
+	}()
+
+	if err := app.saveChunk(uid, idx, file); err != nil {
+		app.Logger.Error("Failed to save chunk", "err", err)
+		app.SendError(writer, request, http.StatusInternalServerError)
+	}
 }

-func (app *App) HandleFinish(w http.ResponseWriter, r *http.Request) {
-	uid := r.FormValue("upload_id")
-	total, _ := strconv.Atoi(r.FormValue("total"))
+func (app *App) saveChunk(uid string, idx int, src io.Reader) error {
+	dir := filepath.Join(app.Conf.StorageDir, "tmp", uid)

-	if !reUploadID.MatchString(uid) || total > 1000 {
-		app.SendError(w, r, http.StatusBadRequest)
+	if err := os.MkdirAll(dir, permUserRWX); err != nil {
+		return fmt.Errorf("create chunk dir: %w", err)
+	}
+
+	dest, err := os.Create(filepath.Join(dir, strconv.Itoa(idx)))
+	if err != nil {
+		return fmt.Errorf("create chunk file: %w", err)
+	}
+
+	defer func() {
+		if closeErr := dest.Close(); closeErr != nil {
+			app.Logger.Error("Failed to close chunk dest", "err", closeErr)
+		}
+	}()
+
+	if _, err := io.Copy(dest, src); err != nil {
+		return fmt.Errorf("copy chunk: %w", err)
+	}
+
+	return nil
+}
+
+func (app *App) HandleFinish(writer http.ResponseWriter, request *http.Request) {
+	uid := request.FormValue("upload_id")
+
+	total, err := strconv.Atoi(request.FormValue("total"))
+	if err != nil {
+		app.SendError(writer, request, http.StatusBadRequest)
 		return
 	}

+	maxChunks := int((app.Conf.MaxMB*megaByte)/uploadChunkSize) + chunkSafetyMargin
+
+	if !reUploadID.MatchString(uid) || total > maxChunks || total <= 0 {
+		app.SendError(writer, request, http.StatusBadRequest)
+		return
+	}
+
+	mergedPath, err := app.mergeChunks(uid, total)
+
+	if err != nil {
+		app.Logger.Error("Merge failed", "err", err)
+
+		if errors.Is(err, io.ErrShortWrite) {
+			app.SendError(writer, request, http.StatusRequestEntityTooLarge)
+		} else {
+			app.SendError(writer, request, http.StatusInternalServerError)
+		}
+
+		return
+	}
+
+	defer func() {
+		if removeErr := os.Remove(mergedPath); removeErr != nil && !os.IsNotExist(removeErr) {
+			app.Logger.Error("Failed to remove merged file", "err", removeErr)
+		}
+	}()
+
+	mergedRead, err := os.Open(mergedPath)
+
+	if err != nil {
+		app.Logger.Error("Failed to open merged file", "err", err)
+		app.SendError(writer, request, http.StatusInternalServerError)
+
+		return
+	}
+
+	defer func() {
+		if closeErr := mergedRead.Close(); closeErr != nil {
+			app.Logger.Error("Failed to close merged reader", "err", closeErr)
+		}
+	}()
+
+	app.FinalizeFile(writer, request, mergedRead, request.FormValue("filename"))
+
+	if err := os.RemoveAll(filepath.Join(app.Conf.StorageDir, "tmp", uid)); err != nil {
+		app.Logger.Error("Failed to remove chunk dir", "err", err)
+	}
+}
+
+func (app *App) mergeChunks(uid string, total int) (string, error) {
 	tmpPath := filepath.Join(app.Conf.StorageDir, "tmp", "m_"+uid)
-	merged, _ := os.Create(tmpPath)
-	defer os.Remove(tmpPath)
-	defer merged.Close()
+
+	merged, err := os.Create(tmpPath)
+	if err != nil {
+		return "", fmt.Errorf("create merge file: %w", err)
+	}
+
+	defer func() {
+		if closeErr := merged.Close(); closeErr != nil {
+			app.Logger.Error("Failed to close merged file", "err", closeErr)
+		}
+	}()
+
+	limit := app.Conf.MaxMB * megaByte
+	var written int64

 	for i := range total {
 		partPath := filepath.Join(app.Conf.StorageDir, "tmp", uid, strconv.Itoa(i))
+
 		part, err := os.Open(partPath)
 		if err != nil {
-			continue
-		}
-		io.Copy(merged, part)
-		part.Close()
+			return "", fmt.Errorf("open chunk %d: %w", i, err)
 		}

-	app.FinalizeFile(w, r, merged, r.FormValue("filename"))
-	os.RemoveAll(filepath.Join(app.Conf.StorageDir, "tmp", uid))
+		n, err := io.Copy(merged, part)
+
+		if closeErr := part.Close(); closeErr != nil {
+			app.Logger.Error("Failed to close chunk part", "err", closeErr)
+		}
+
+		if err != nil {
+			return "", fmt.Errorf("append chunk %d: %w", i, err)
+		}
+
+		written += n
+		if written > limit {
+			return "", io.ErrShortWrite
+		}
+	}
+
+	return tmpPath, nil
 }

-func (app *App) HandleGetFile(w http.ResponseWriter, r *http.Request) {
-	slug := r.PathValue("slug")
-	if len(slug) < 22 {
-		app.SendError(w, r, http.StatusBadRequest)
+func (app *App) HandleGetFile(writer http.ResponseWriter, request *http.Request) {
+	slug := request.PathValue("slug")
+	if len(slug) < slugLength {
+		app.SendError(writer, request, http.StatusBadRequest)
 		return
 	}

-	keyBase64 := slug[:22]
-	ext := slug[22:]
+	keyBase64 := slug[:slugLength]
+	ext := slug[slugLength:]

 	key, err := base64.RawURLEncoding.DecodeString(keyBase64)
-	if err != nil || len(key) != 16 {
-		app.SendError(w, r, http.StatusUnauthorized)
+	if err != nil || len(key) != keyLength {
+		app.SendError(writer, request, http.StatusUnauthorized)
 		return
 	}

@@ -122,53 +285,133 @@ func (app *App) HandleGetFile(w http.ResponseWriter, r *http.Request) {

 	info, err := os.Stat(path)
 	if err != nil {
-		app.SendError(w, r, http.StatusNotFound)
+		app.SendError(writer, request, http.StatusNotFound)
 		return
 	}

-	f, _ := os.Open(path)
-	defer f.Close()
+	file, err := os.Open(path)

-	streamer, _ := crypto.NewGCMStreamer(key)
-	decryptor := crypto.NewDecryptor(f, streamer.AEAD, info.Size())
+	if err != nil {
+		app.Logger.Error("Failed to open file", "path", path, "err", err)
+		app.SendError(writer, request, http.StatusInternalServerError)
+
+		return
+	}
+
+	defer func() {
+		if closeErr := file.Close(); closeErr != nil {
+			app.Logger.Error("Failed to close file", "err", closeErr)
+		}
+	}()
+
+	streamer, err := crypto.NewGCMStreamer(key)
+
+	if err != nil {
+		app.Logger.Error("Failed to create crypto streamer", "err", err)
+		app.SendError(writer, request, http.StatusInternalServerError)
+
+		return
+	}
+
+	decryptor := crypto.NewDecryptor(file, streamer.AEAD, info.Size())

 	contentType := mime.TypeByExtension(ext)
 	if contentType == "" {
 		contentType = "application/octet-stream"
 	}

-	w.Header().Set("Content-Type", contentType)
-	w.Header().Set("Content-Security-Policy", "default-src 'none'; img-src 'self' data:; media-src 'self' data:; style-src 'unsafe-inline'; sandbox allow-forms allow-scripts allow-downloads allow-same-origin")
-	w.Header().Set("X-Content-Type-Options", "nosniff")
-	w.Header().Set("Content-Disposition", fmt.Sprintf("inline; filename=%q", slug))
+	csp := "default-src 'none'; img-src 'self' data:; media-src 'self' data:; " +
+		"style-src 'unsafe-inline'; sandbox allow-forms allow-scripts allow-downloads allow-same-origin"

-	http.ServeContent(w, r, slug, info.ModTime(), decryptor)
+	writer.Header().Set("Content-Type", contentType)
+	writer.Header().Set("Content-Security-Policy", csp)
+	writer.Header().Set("X-Content-Type-Options", "nosniff")
+	writer.Header().Set("Content-Disposition", fmt.Sprintf("inline; filename=%q", slug))
+
+	http.ServeContent(writer, request, slug, info.ModTime(), decryptor)
 }

-func (app *App) FinalizeFile(w http.ResponseWriter, r *http.Request, src *os.File, filename string) {
-	src.Seek(0, 0)
-	key, _ := crypto.DeriveKey(src)
+func (app *App) FinalizeFile(writer http.ResponseWriter, request *http.Request, src *os.File, filename string) {
+	if _, err := src.Seek(0, 0); err != nil {
+		app.Logger.Error("Seek failed", "err", err)
+		app.SendError(writer, request, http.StatusInternalServerError)
+
+		return
+	}
+
+	key, err := crypto.DeriveKey(src)
+
+	if err != nil {
+		app.Logger.Error("Key derivation failed", "err", err)
+		app.SendError(writer, request, http.StatusInternalServerError)
+
+		return
+	}

 	ext := filepath.Ext(filename)
 	id := crypto.GetID(key, ext)
-
-	src.Seek(0, 0)
 	finalPath := filepath.Join(app.Conf.StorageDir, id)

 	if _, err := os.Stat(finalPath); err == nil {
-		app.RespondWithLink(w, r, key, filename)
+		app.RespondWithLink(writer, request, key, filename)
 		return
 	}

-	out, _ := os.Create(finalPath + ".tmp")
-	streamer, _ := crypto.NewGCMStreamer(key)
-	if err := streamer.EncryptStream(out, src); err != nil {
-		out.Close()
-		os.Remove(finalPath + ".tmp")
-		app.SendError(w, r, http.StatusInternalServerError)
+	if _, err := src.Seek(0, 0); err != nil {
+		app.Logger.Error("Seek failed", "err", err)
+		app.SendError(writer, request, http.StatusInternalServerError)
+
 		return
 	}
-	out.Close()
-	os.Rename(finalPath+".tmp", finalPath)
-	app.RespondWithLink(w, r, key, filename)
+
+	if err := app.encryptAndSave(src, key, finalPath); err != nil {
+		app.Logger.Error("Encryption failed", "err", err)
+		app.SendError(writer, request, http.StatusInternalServerError)
+
+		return
+	}
+
+	app.RespondWithLink(writer, request, key, filename)
+}
+
+func (app *App) encryptAndSave(src io.Reader, key []byte, finalPath string) error {
+	out, err := os.Create(finalPath + ".tmp")
+	if err != nil {
+		return fmt.Errorf("create final file: %w", err)
+	}
+
+	var closed bool
+
+	defer func() {
+		if !closed {
+			if closeErr := out.Close(); closeErr != nil {
+				app.Logger.Error("Failed to close final file", "err", closeErr)
+			}
+		}
+
+		if removeErr := os.Remove(finalPath + ".tmp"); removeErr != nil && !os.IsNotExist(removeErr) {
+			app.Logger.Error("Failed to remove temp final file", "err", removeErr)
+		}
+	}()
+
+	streamer, err := crypto.NewGCMStreamer(key)
+	if err != nil {
+		return fmt.Errorf("create streamer: %w", err)
+	}
+
+	if err := streamer.EncryptStream(out, src); err != nil {
+		return fmt.Errorf("encrypt stream: %w", err)
+	}
+
+	if err := out.Close(); err != nil {
+		return fmt.Errorf("close final file: %w", err)
+	}
+
+	closed = true
+
+	if err := os.Rename(finalPath+".tmp", finalPath); err != nil {
+		return fmt.Errorf("rename final file: %w", err)
+	}
+
+	return nil
 }
@@ -9,10 +9,9 @@ import (

 func (app *App) Routes() *http.ServeMux {
 	mux := http.NewServeMux()
+	fileServer := http.FileServer(http.Dir("./web/static"))

-    fs := http.FileServer(http.Dir("./web/static"))
-    mux.Handle("GET /static/", http.StripPrefix("/static/", fs))
-
+	mux.Handle("GET /static/", http.StripPrefix("/static/", fileServer))
 	mux.HandleFunc("GET /{$}", app.HandleHome)
 	mux.HandleFunc("POST /{$}", app.HandleUpload)
 	mux.HandleFunc("POST /upload/chunk", app.HandleChunk)
@@ -22,37 +21,60 @@ func (app *App) Routes() *http.ServeMux {
 	return mux
 }

-func (app *App) RespondWithLink(w http.ResponseWriter, r *http.Request, key []byte, originalName string) {
+func (app *App) RespondWithLink(writer http.ResponseWriter, request *http.Request, key []byte, originalName string) {
 	keySlug := base64.RawURLEncoding.EncodeToString(key)
 	ext := filepath.Ext(originalName)
+	link := fmt.Sprintf("%s/%s%s", request.Host, keySlug, ext)

-	link := fmt.Sprintf("%s/%s%s", r.Host, keySlug, ext)
-
-	if r.Header.Get("X-Requested-With") == "XMLHttpRequest" {
-		fmt.Fprintf(w, `
-			<div style="text-align: left;">
-				<div class="dim" style="margin-bottom: 8px;">Upload Complete:</div>
+	if request.Header.Get("X-Requested-With") == "XMLHttpRequest" {
+		html := `
+			<div class="result-container">
+				<div class="dim result-label">Upload Complete:</div>
 				<div class="copy-box">
 					<input type="text" value="%s" id="share-url" readonly onclick="this.select()">
 					<button onclick="copyToClipboard(this)">Copy</button>
 				</div>
+				<div class="reset-wrapper">
 					<button class="reset-btn" onclick="resetUI()">Upload another</button>
-			</div>`, link)
+				</div>
+			</div>`
+
+		if _, err := fmt.Fprintf(writer, html, link); err != nil {
+			app.Logger.Error("Failed to write response", "err", err)
+		}
+
 		return
 	}

 	scheme := "https"
-	if r.TLS == nil {
+
+	if request.TLS == nil {
 		scheme = "http"
 	}
-	fmt.Fprintf(w, "%s://%s\n", scheme, link)
+
+	if _, err := fmt.Fprintf(writer, "%s://%s\n", scheme, link); err != nil {
+		app.Logger.Error("Failed to write response", "err", err)
+	}
 }

-func (app *App) SendError(w http.ResponseWriter, r *http.Request, code int) {
-	if r.Header.Get("X-Requested-With") == "XMLHttpRequest" {
-		w.WriteHeader(code)
-		fmt.Fprintf(w, `<div class="error-text">Error %d</div><button class="reset-btn" onclick="resetUI()">Try again</button>`, code)
+func (app *App) SendError(writer http.ResponseWriter, request *http.Request, code int) {
+	if request.Header.Get("X-Requested-With") == "XMLHttpRequest" {
+		writer.WriteHeader(code)
+
+		html := `
+			<div class="result-container">
+				<div class="error-text">Error %d</div>
+				<div class="reset-wrapper">
+					<button class="reset-btn" onclick="resetUI()">Try again</button>
+				</div>
+			</div>`
+
+		if _, err := fmt.Fprintf(writer, html, code); err != nil {
+			app.Logger.Error("Failed to write error response", "err", err)
+		}
+
 		return
 	}
-	http.Error(w, http.StatusText(code), code)
+
+	http.Error(writer, http.StatusText(code), code)
 }
@@ -8,43 +8,82 @@ import (
 	"time"
 )

+const (
+	cleanupInterval = 1 * time.Hour
+	tempExpiry      = 4 * time.Hour
+	minRetention    = 24 * time.Hour
+	maxRetention    = 365 * 24 * time.Hour
+	bytesInMB       = 1 << 20
+)
+
 func (app *App) StartCleanupTask(ctx context.Context) {
-	ticker := time.NewTicker(1 * time.Hour)
+	ticker := time.NewTicker(cleanupInterval)
+
 	for {
 		select {
 		case <-ctx.Done():
+			ticker.Stop()
 			return
 		case <-ticker.C:
-			app.CleanDir(app.Conf.StorageDir, false)
-			app.CleanDir(filepath.Join(app.Conf.StorageDir, "tmp"), true)
+			app.CleanStorage(app.Conf.StorageDir)
+			app.CleanTemp(filepath.Join(app.Conf.StorageDir, "tmp"))
 		}
 	}
 }

-func (app *App) CleanDir(path string, isTmp bool) {
-	entries, _ := os.ReadDir(path)
-	for _, entry := range entries {
-		info, _ := entry.Info()
-		expiry := 4 * time.Hour
-		if !isTmp {
-			expiry = CalculateRetention(info.Size(), app.Conf.MaxMB)
+func (app *App) CleanStorage(path string) {
+	entries, err := os.ReadDir(path)
+	if err != nil {
+		app.Logger.Error("Failed to read storage dir", "err", err)
+		return
 	}

+	for _, entry := range entries {
+		info, err := entry.Info()
+		if err != nil {
+			continue
+		}
+
+		expiry := CalculateRetention(info.Size(), app.Conf.MaxMB)
+
 		if time.Since(info.ModTime()) > expiry {
-			os.RemoveAll(filepath.Join(path, entry.Name()))
+			if err := os.RemoveAll(filepath.Join(path, entry.Name())); err != nil {
+				app.Logger.Error("Failed to remove expired file", "path", entry.Name(), "err", err)
+			}
 		}
 	}
 }

-func CalculateRetention(fileSize int64, maxMB int64) time.Duration {
-	const (
-		minAge = 24 * time.Hour
-		maxAge = 365 * 24 * time.Hour
-	)
-	ratio := math.Max(0, math.Min(1, float64(fileSize)/float64(maxMB<<20)))
-	retention := float64(maxAge) * math.Pow(1.0-ratio, 3)
-	if retention < float64(minAge) {
-		return minAge
+func (app *App) CleanTemp(path string) {
+	entries, err := os.ReadDir(path)
+	if err != nil {
+		app.Logger.Error("Failed to read temp dir", "err", err)
+		return
 	}
+
+	for _, entry := range entries {
+		info, err := entry.Info()
+		if err != nil {
+			continue
+		}
+
+		if time.Since(info.ModTime()) > tempExpiry {
+			if err := os.RemoveAll(filepath.Join(path, entry.Name())); err != nil {
+				app.Logger.Error("Failed to remove expired temp file", "path", entry.Name(), "err", err)
+			}
+		}
+	}
+}
+
+func CalculateRetention(fileSize, maxMB int64) time.Duration {
+	ratio := math.Max(0, math.Min(1, float64(fileSize)/float64(maxMB*bytesInMB)))
+
+	invRatio := 1.0 - ratio
+	retention := float64(maxRetention) * (invRatio * invRatio * invRatio)
+
+	if retention < float64(minRetention) {
+		return minRetention
+	}
+
 	return time.Duration(retention)
 }
@@ -6,27 +6,34 @@ import (
 	"crypto/sha256"
 	"encoding/base64"
 	"encoding/binary"
+	"errors"
+	"fmt"
 	"io"
 )

 const (
 	GCMChunkSize = 64 * 1024
 	NonceSize    = 12
+	KeySize      = 16
+	IDSize       = 9
 )

-func DeriveKey(r io.Reader) ([]byte, error) {
-	h := sha256.New()
-	if _, err := io.Copy(h, r); err != nil {
-		return nil, err
+func DeriveKey(reader io.Reader) ([]byte, error) {
+	hasher := sha256.New()
+
+	if _, err := io.Copy(hasher, reader); err != nil {
+		return nil, fmt.Errorf("failed to copy to hasher: %w", err)
 	}
-	return h.Sum(nil)[:16], nil
+
+	return hasher.Sum(nil)[:KeySize], nil
 }

 func GetID(key []byte, ext string) string {
-	h := sha256.New()
-	h.Write(key)
-	h.Write([]byte(ext))
-	return base64.RawURLEncoding.EncodeToString(h.Sum(nil)[:9])
+	hasher := sha256.New()
+	hasher.Write(key)
+	hasher.Write([]byte(ext))
+
+	return base64.RawURLEncoding.EncodeToString(hasher.Sum(nil)[:IDSize])
 }

 type GCMStreamer struct {
@@ -34,37 +41,46 @@ type GCMStreamer struct {
 }

 func NewGCMStreamer(key []byte) (*GCMStreamer, error) {
-	b, err := aes.NewCipher(key)
+	block, err := aes.NewCipher(key)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("failed to create cipher: %w", err)
 	}
-	g, err := cipher.NewGCM(b)
+
+	gcm, err := cipher.NewGCM(block)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("failed to create GCM: %w", err)
 	}
-	return &GCMStreamer{AEAD: g}, nil
+
+	return &GCMStreamer{AEAD: gcm}, nil
 }

 func (g *GCMStreamer) EncryptStream(dst io.Writer, src io.Reader) error {
 	buf := make([]byte, GCMChunkSize)
-	var chunkIdx uint64 = 0
+	var chunkIdx uint64
+
 	for {
-		n, err := io.ReadFull(src, buf)
-		if n > 0 {
+		bytesRead, err := io.ReadFull(src, buf)
+		if bytesRead > 0 {
 			nonce := make([]byte, NonceSize)
 			binary.BigEndian.PutUint64(nonce[4:], chunkIdx)
-			ciphertext := g.AEAD.Seal(nil, nonce, buf[:n], nil)
+
+			ciphertext := g.AEAD.Seal(nil, nonce, buf[:bytesRead], nil)
+
 			if _, werr := dst.Write(ciphertext); werr != nil {
-				return werr
+				return fmt.Errorf("failed to write ciphertext: %w", werr)
 			}
+
 			chunkIdx++
 		}
-		if err == io.EOF || err == io.ErrUnexpectedEOF {
+
+		if errors.Is(err, io.EOF) || errors.Is(err, io.ErrUnexpectedEOF) {
 			break
 		}
+
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to read source: %w", err)
 		}
 	}
+
 	return nil
 }
@@ -4,34 +4,41 @@ import (
 	"crypto/cipher"
 	"encoding/binary"
 	"errors"
+	"fmt"
 	"io"
 )

+var ErrInvalidWhence = errors.New("invalid whence")
+var ErrNegativeBias = errors.New("negative bias")
+
 type Decryptor struct {
-	rs     io.ReadSeeker
+	readSeeker io.ReadSeeker
 	aead       cipher.AEAD
 	size       int64
 	offset     int64
 }

-func NewDecryptor(rs io.ReadSeeker, aead cipher.AEAD, encryptedSize int64) *Decryptor {
+func NewDecryptor(readSeeker io.ReadSeeker, aead cipher.AEAD, encryptedSize int64) *Decryptor {
 	overhead := int64(aead.Overhead())
-	fullBlocks := encryptedSize / (GCMChunkSize + overhead)
-	remainder := encryptedSize % (GCMChunkSize + overhead)
+	chunkWithOverhead := int64(GCMChunkSize) + overhead

-	plainSize := (fullBlocks * GCMChunkSize)
+	fullBlocks := encryptedSize / chunkWithOverhead
+	remainder := encryptedSize % chunkWithOverhead
+
+	plainSize := fullBlocks * GCMChunkSize
 	if remainder > overhead {
 		plainSize += (remainder - overhead)
 	}

 	return &Decryptor{
-		rs:   rs,
+		readSeeker: readSeeker,
 		aead:       aead,
 		size:       plainSize,
+		offset:     0,
 	}
 }

-func (d *Decryptor) Read(p []byte) (int, error) {
+func (d *Decryptor) Read(buf []byte) (int, error) {
 	if d.offset >= d.size {
 		return 0, io.EOF
 	}
@@ -40,25 +47,29 @@ func (d *Decryptor) Read(p []byte) (int, error) {
 	overhang := d.offset % GCMChunkSize

 	overhead := int64(d.aead.Overhead())
-	actualChunkSize := int64(GCMChunkSize + overhead)
+	actualChunkSize := int64(GCMChunkSize) + overhead

-	_, err := d.rs.Seek(chunkIdx*actualChunkSize, io.SeekStart)
+	_, err := d.readSeeker.Seek(chunkIdx*actualChunkSize, io.SeekStart)
 	if err != nil {
-		return 0, err
+		return 0, fmt.Errorf("failed to seek: %w", err)
 	}

 	encrypted := make([]byte, actualChunkSize)
-	n, err := io.ReadFull(d.rs, encrypted)
-	if err != nil && err != io.ErrUnexpectedEOF {
-		return 0, err
+
+	bytesRead, err := io.ReadFull(d.readSeeker, encrypted)
+	if err != nil && !errors.Is(err, io.ErrUnexpectedEOF) {
+		return 0, fmt.Errorf("failed to read encrypted data: %w", err)
 	}

 	nonce := make([]byte, NonceSize)
+	if chunkIdx < 0 {
+		return 0, fmt.Errorf("invalid chunk index")
+	}
 	binary.BigEndian.PutUint64(nonce[4:], uint64(chunkIdx))

-	plaintext, err := d.aead.Open(nil, nonce, encrypted[:n], nil)
+	plaintext, err := d.aead.Open(nil, nonce, encrypted[:bytesRead], nil)
 	if err != nil {
-		return 0, err
+		return 0, fmt.Errorf("failed to decrypt: %w", err)
 	}

 	if overhang >= int64(len(plaintext)) {
@@ -66,7 +77,7 @@ func (d *Decryptor) Read(p []byte) (int, error) {
 	}

 	available := plaintext[overhang:]
-	nCopied := copy(p, available)
+	nCopied := copy(buf, available)
 	d.offset += int64(nCopied)

 	return nCopied, nil
@@ -74,6 +85,7 @@ func (d *Decryptor) Read(p []byte) (int, error) {

 func (d *Decryptor) Seek(offset int64, whence int) (int64, error) {
 	var abs int64
+
 	switch whence {
 	case io.SeekStart:
 		abs = offset
@@ -82,11 +94,14 @@ func (d *Decryptor) Seek(offset int64, whence int) (int64, error) {
 	case io.SeekEnd:
 		abs = d.size + offset
 	default:
-		return 0, errors.New("invalid whence")
+		return 0, ErrInvalidWhence
 	}
+
 	if abs < 0 {
-		return 0, errors.New("negative bias")
+		return 0, ErrNegativeBias
 	}
+
 	d.offset = abs
+
 	return abs, nil
 }
@@ -2,27 +2,39 @@ package main

 import (
 	"context"
+	"errors"
 	"fmt"
 	"log/slog"
 	"net/http"
 	"os"
 	"os/signal"
+	"path/filepath"
 	"syscall"
 	"time"

 	"github.com/skidoodle/safebin/internal/app"
 )

+const (
+	permUserRWX     = 0o700
+	serverTimeout   = 10 * time.Minute
+	shutdownTimeout = 10 * time.Second
+)
+
 func main() {
 	cfg := app.LoadConfig()
-	logger := slog.New(slog.NewTextHandler(os.Stderr, &slog.HandlerOptions{Level: slog.LevelDebug}))
+	logger := slog.New(slog.NewTextHandler(os.Stderr, &slog.HandlerOptions{
+		Level:     slog.LevelDebug,
+		AddSource: true,
+	}))

 	logger.Info("Initializing Safebin Server",
 		"storage_dir", cfg.StorageDir,
 		"max_file_size", fmt.Sprintf("%dMB", cfg.MaxMB),
 	)

-	if err := os.MkdirAll(fmt.Sprintf("%s/tmp", cfg.StorageDir), 0700); err != nil {
+	tmpDir := filepath.Join(cfg.StorageDir, "tmp")
+	if err := os.MkdirAll(tmpDir, permUserRWX); err != nil {
 		logger.Error("Failed to initialize storage directory", "err", err)
 		os.Exit(1)
 	}
@@ -41,13 +53,15 @@ func main() {
 	srv := &http.Server{
 		Addr:         cfg.Addr,
 		Handler:      application.Routes(),
-		ReadTimeout:  10 * time.Minute,
-		WriteTimeout: 10 * time.Minute,
+		ReadTimeout:  serverTimeout,
+		WriteTimeout: serverTimeout,
+		IdleTimeout:  serverTimeout,
 	}

 	go func() {
 		application.Logger.Info("Server is ready and listening", "addr", cfg.Addr)
-		if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
+
+		if err := srv.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {
 			application.Logger.Error("Server failed to start", "err", err)
 			os.Exit(1)
 		}
@@ -56,10 +70,12 @@ func main() {
 	<-ctx.Done()
 	application.Logger.Info("Shutting down gracefully...")

-	shutdownCtx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+	shutdownCtx, cancel := context.WithTimeout(context.Background(), shutdownTimeout)
 	defer cancel()
+
 	if err := srv.Shutdown(shutdownCtx); err != nil {
 		application.Logger.Error("Forced shutdown", "err", err)
 	}
+
 	application.Logger.Info("Server stopped")
 }
@@ -20,7 +20,7 @@ body {

 .container {
    width: 100%;
-    max-width: 600px;
+    max-width: 800px;
    padding: 20px;
 }

@@ -28,16 +28,33 @@ body {
    margin-bottom: 30px;
    border-left: 3px solid var(--accent);
    padding-left: 16px;
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+}
+
+.header-title {
+    margin: 0;
+    color: var(--header-white);
 }

 .upload-area {
    border: 2px dashed var(--border);
    border-radius: 12px;
-    padding: 60px 20px;
+    padding: 20px;
    text-align: center;
    cursor: pointer;
    background: #161b22;
-    transition: 0.2s;
+    transition:
+        border-color 0.2s,
+        background 0.2s;
+    height: 220px;
+    display: flex;
+    flex-direction: column;
+    justify-content: center;
+    align-items: center;
+    box-sizing: border-box;
+    overflow: hidden;
 }

 .upload-area:hover,
@@ -46,6 +63,17 @@ body {
    background: #1c2128;
 }

+.upload-icon {
+    font-size: 32px;
+    color: var(--accent);
+    margin-bottom: 8px;
+}
+
+.upload-text {
+    font-weight: 500;
+    color: var(--header-white);
+}
+
 .progress-bar {
    height: 6px;
    background: var(--border);
@@ -53,6 +81,11 @@ body {
    margin: 25px 0;
    overflow: hidden;
    display: none;
+    width: 95%;
+}
+
+.progress-bar.visible {
+    display: block;
 }

 .progress-fill {
@@ -62,10 +95,37 @@ body {
    transition: width 0.3s;
 }

+#busy-state {
+    width: 100%;
+    display: flex;
+    flex-direction: column;
+    align-items: center;
+}
+
+#result-state {
+    width: 100%;
+    display: flex;
+    justify-content: center;
+}
+
+.result-container {
+    width: 100%;
+    max-width: 700px;
+    display: flex;
+    flex-direction: column;
+    padding: 0 20px;
+    box-sizing: border-box;
+}
+
+.result-label {
+    text-align: left;
+    margin-bottom: 8px;
+}
+
 .copy-box {
    display: flex;
-    margin-top: 20px;
    gap: 8px;
+    width: 100%;
 }

 input[type="text"] {
@@ -76,7 +136,10 @@ input[type="text"] {
    padding: 12px;
    border-radius: 6px;
    font-family: monospace;
+    font-size: 14px;
    outline: none;
+    min-width: 0;
+    width: 100%;
 }

 button {
@@ -87,16 +150,27 @@ button {
    border-radius: 6px;
    cursor: pointer;
    font-weight: 600;
+    white-space: nowrap;
+}
+
+.reset-wrapper {
+    margin-top: 20px;
+    display: flex;
+    justify-content: center;
 }

 .reset-btn {
    background: transparent;
    color: var(--fg);
    text-decoration: underline;
-    margin-top: 20px;
    border: none;
    cursor: pointer;
    opacity: 0.7;
+    font-size: 14px;
+}
+
+.reset-btn:hover {
+    opacity: 1;
 }

 .dim {
@@ -108,3 +182,66 @@ button {
    color: #f85149;
    margin-bottom: 10px;
 }
+
+.github-btn {
+    display: flex;
+    align-items: center;
+    gap: 8px;
+    padding: 6px 12px;
+    background: #21262d;
+    border: 1px solid var(--border);
+    border-radius: 6px;
+    color: var(--header-white);
+    text-decoration: none;
+    font-size: 13px;
+    font-weight: 500;
+    transition: 0.2s;
+}
+
+.github-btn:hover {
+    background: #30363d;
+    border-color: #8b949e;
+}
+
+.github-btn svg {
+    opacity: 0.9;
+}
+
+.cli-section {
+    margin-top: 40px;
+    padding-top: 24px;
+    border-top: 1px solid var(--border);
+}
+
+.cli-label {
+    text-transform: uppercase;
+    font-size: 11px;
+    font-weight: 700;
+    letter-spacing: 1px;
+}
+
+.cli-pre {
+    background: #161b22;
+    padding: 16px;
+    border-radius: 8px;
+    font-size: 13px;
+    overflow-x: auto;
+    border: 1px solid var(--border);
+}
+
+.status-text {
+    font-weight: 500;
+}
+
+.hidden {
+    display: none !important;
+}
+
+@media (max-width: 400px) {
+    .github-btn span {
+        display: none;
+    }
+    .github-btn {
+        padding: 6px;
+    }
+}
@@ -4,7 +4,7 @@ const fileInput = $("file-input");

 if (dropZone) {
  dropZone.onclick = () => {
-    if ($("idle-state").style.display !== "none") fileInput.click();
+    if (!$("idle-state").classList.contains("hidden")) fileInput.click();
  };

  fileInput.onchange = () => {
@@ -32,8 +32,23 @@ if (dropZone) {
 }

 async function handleUpload(file) {
-  $("idle-state").style.display = "none";
-  $("busy-state").style.display = "block";
+  const maxMB = parseInt(dropZone.dataset.maxMb);
+  if (file.size > maxMB * 1024 * 1024) {
+    $("idle-state").classList.add("hidden");
+    $("result-state").classList.remove("hidden");
+    $("result-state").innerHTML = `
+      <div class="result-container">
+        <div class="error-text">File too large (Max ${maxMB}MB)</div>
+        <div class="reset-wrapper">
+          <button class="reset-btn" onclick="resetUI()">Try again</button>
+        </div>
+      </div>`;
+    return;
+  }
+
+  $("idle-state").classList.add("hidden");
+  $("busy-state").classList.remove("hidden");
+  $("p-bar-container").classList.add("visible");

  const uploadID = Math.random().toString(36).substring(2, 15);
  const chunkSize = 1024 * 1024 * 8;
@@ -61,11 +76,19 @@ async function handleUpload(file) {
      headers: { "X-Requested-With": "XMLHttpRequest" },
    });

-    $("busy-state").style.display = "none";
+    $("busy-state").classList.add("hidden");
+    $("result-state").classList.remove("hidden");
    $("result-state").innerHTML = await res.text();
  } catch (e) {
-    $("busy-state").style.display = "none";
-    $("result-state").innerHTML = `<div class="error-text">Upload Failed</div><button class="reset-btn" onclick="resetUI()">Try again</button>`;
+    $("busy-state").classList.add("hidden");
+    $("result-state").classList.remove("hidden");
+    $("result-state").innerHTML = `
+      <div class="result-container">
+        <div class="error-text">Upload Failed</div>
+        <div class="reset-wrapper">
+          <button class="reset-btn" onclick="resetUI()">Try again</button>
+        </div>
+      </div>`;
  }
 }

@@ -10,21 +10,26 @@
    <body>
        <div class="container">
            <header class="header">
-                <h2 style="margin: 0; color: var(--header-white)">safebin</h2>
+                <div>
+                    <h2 class="header-title">safebin</h2>
                    <div class="dim">Encrypted Temporary File Storage</div>
+                </div>
+                <a href="https://github.com/skidoodle/safebin" class="github-btn" target="_blank" rel="noopener noreferrer">
+                    <svg height="16" width="16" viewBox="0 0 16 16" fill="currentColor">
+                        <path
+                            d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0016 8c0-4.42-3.58-8-8-8z"
+                        ></path>
+                    </svg>
+                    <span>GitHub</span>
+                </a>
            </header>
-
            {{template "content" .}}
-
-            <section style="margin-top: 40px; padding-top: 24px; border-top: 1px solid var(--border)">
-                <div class="dim" style="text-transform: uppercase; font-size: 11px; font-weight: 700; letter-spacing: 1px">CLI Usage</div>
-                <pre style="background: #161b22; padding: 16px; border-radius: 8px; font-size: 13px; overflow-x: auto; border: 1px solid var(--border)">
-curl -F file=@yourfile {{.Host}}</pre
-                >
+            <section class="cli-section">
+                <div class="dim cli-label">CLI Usage</div>
+                <pre class="cli-pre">curl -F file=@yourfile {{.Host}}</pre>
            </section>
        </div>
-
-        <input type="file" id="file-input" style="display: none" />
+        <input type="file" id="file-input" class="hidden" />
        <script src="/static/js/app.js"></script>
    </body>
 </html>
@@ -1,18 +1,16 @@
 {{define "content"}}
-<main class="upload-area" id="drop-zone">
+<main class="upload-area" id="drop-zone" data-max-mb="{{.MaxMB}}">
    <div id="idle-state">
-        <div style="font-size: 32px; color: var(--accent)">↑</div>
-        <div style="font-weight: 500; color: var(--header-white)">Click or drag to upload</div>
+        <div class="upload-icon">↑</div>
+        <div class="upload-text">Click or drag to upload</div>
        <div class="dim">Max size: {{.MaxMB}}MB</div>
    </div>
-
-    <div id="busy-state" style="display: none">
-        <div id="status-msg" style="font-weight: 500">Uploading...</div>
-        <div class="progress-bar" id="p-bar-container" style="display: block">
+    <div id="busy-state" class="hidden">
+        <div id="status-msg" class="status-text">Uploading...</div>
+        <div class="progress-bar" id="p-bar-container">
            <div class="progress-fill" id="p-fill"></div>
        </div>
    </div>
-
-    <div id="result-state"></div>
+    <div id="result-state" class="hidden"></div>
 </main>
 {{end}}
Author	SHA1	Message	Date
x	aca7267301	refactor: internals Signed-off-by: skidoodle <contact@albert.lol>	2026-01-17 22:58:38 +01:00
x	5bc9497fa0	fix: enforce max file size Signed-off-by: skidoodle <contact@albert.lol>	2026-01-16 04:16:17 +01:00
x	956dff48eb	fix: web responsivity Signed-off-by: skidoodle <contact@albert.lol>	2026-01-16 04:03:38 +01:00