Implementing Guest Uploads

[Kwonunn]

Plan

I'd like to work on implementing guest uploads. The way I envision this is as follows:

There is a new tab in the admin panel where the admin can view, create, and delete guest tokens.

There is a new publically accessible /guestUpload URL. This presents the user with an input field for entering the guest token they received from the admin. When a valid token is entered it presents the user with the standard upload options we also find in the admin panel. Uploads done this way end up in the same list of files as when the admin uploads something.

Problems

I've already done a little preliminary work and I've come up with some questions:

• How should authentication be handled?
  • Should the guest tokens be a special kind of API token?
  • Should the guest tokens be a whole new object in the database?
• Should the guest uploads reuse existing endpoints or should new ones be created?

Future features

If this works it would be nice to add some features like:

• A maximum number of uploads for a token
• A storage quotum for a token
• Guest token expiry

[Forceu]

Thank you very much! I was strongly considering such a feature as well, ideally similar to Dropbox's request feature. So far I haven't started implementing it, as it would require a lot of rewriting.

Regarding your questions:

• Authentication should probably only be handled with a key, provided with a GET parameter from the URL. That way you could simply share the URL in order to upload
• The project uses a key-value database, with the implementation in https://github.com/Forceu/Gokapi/blob/master/internal/configuration/database/Database.go
• A new endpoint e.g. /guestupload should definitely be used.

I know the code is not super easy to read, if you need any pointers or have questions, let me know!

[Kwonunn]

Thanks for the pointers, I'll start cobbling something together. I am busy with uni, so I'm not really sure how soon I'll have something to show.