Meck and the API responsible for storing the files on the servers It is also responsible for authenticating and validating new users.
Dealing with data sharing system where a user cannot see what other users store
-
Space management Each user has approximately 50GB of space within the server and this amount cannot be exceeded.
-
deal with, user management where it will not be possible to spy on what other users or who the other users are
-
cause users in collective not to reach the limit allowed on the server
Host = "0.0.0.0" Port = 8080
websocket will be responsible for making the communications between the client and the server where the data will be stored.
-
when the user logs in for the first time, the system automatically creates a location for him, where he will store his data within the system and based on this location it is possible to know how much space the user is spending
-
Inside the dictionary will have some keys where only the server can access it, preventing these data without the necessary credentials from being exposed
-
whenever it is necessary to upload a file and it is necessary to pass to the api where the file must be placed, inside the root directory or inside some sub folder that the user creates
end Point: /api/create/
Args: eamil and username password -> HASH
Response: sucess create
end Point: /api/login/
Args: Email and Password
Response: return JWT Token
end Point: /client/
Args: JWT Token
Response: verify your JWT token and acess Websocket
end Point: upload
name: upload, -> name for upload
media_type: image/jpeg, -> file name
total_bytes: imageBytes, -> size file
media : base64, -> decode and generation file
if size => 1000000 == 1GB not acept upload
end Point: remove
Args: name of item to be deleted
Response: return id item removed
token will be used as user registration within the dictionary so after login the user will receive a safe token and with the parameters inside the token and it is possible to identify the user
-
the token is valid for 4 weeks, after which it becomes useless and a new login is required
-
All other information is optional, and this is where the magic happens. We can inform anything in it and based on that information that authentication systems are able to identify the user. The most common is to inform the user ID.
-
The purpose of JWT is to ensure that information was generated by you, even if others can read the information, it is not possible to change it.
Only those who have the keys that generated this token can validate it and even generate other valid tokens.
we will only have a table with the following fields ID, EMAIL, USERNAME, PASSWORD, SPACE, CREATE, ACCESS
- Access and where we check if the person is part of the select group of website administrators