Update app.py

app.py

@@ -12,9 +12,17 @@ import time
 app = Flask(__name__)
 CORS(app)
 
-# In-memory store: { id: { data, image (optional), expire_at, view_once } }
+# In-memory store: { id: { data, file (optional), expire_at, view_once, views, created_at, ip } }
 SECRETS = {}
-MAX_IMAGE_SIZE = 300 * 1024  # 300 KB
+MAX_FILE_SIZE = 5 * 1024 * 1024  # 5MB
+MAX_IMAGE_SIZE = 300 * 1024  # 300KB
+
+def compress_image(img_bytes):
+    image = Image.open(io.BytesIO(img_bytes))
+    image.thumbnail((1024, 1024))
+    output = io.BytesIO()
+    image.save(output, format="JPEG", optimize=True, quality=70)
+    return output.getvalue()
 
 @app.route("/api/store", methods=["POST"])
 def store():
@@ -22,28 +30,28 @@ def store():
     data = form.get("data")
     ttl = int(form.get("ttl", 300))
     view_once = form.get("view_once") == "true"
+    uploaded_file = request.files.get("image")
 
-    # Handle image if present
-    image_file = request.files.get("image")
-    image_data = None
-
-    if image_file:
-        img_bytes = image_file.read()
-        if len(img_bytes) > MAX_IMAGE_SIZE:
-            image = Image.open(io.BytesIO(img_bytes))
-            image.thumbnail((1024, 1024))  # Resize for safety
-            output = io.BytesIO()
-            image.save(output, format="JPEG", optimize=True, quality=70)
-            image_data = base64.b64encode(output.getvalue()).decode("utf-8")
-        else:
-            image_data = base64.b64encode(img_bytes).decode("utf-8")
+    file_data = None
+    file_type = None
+    if uploaded_file:
+        file_bytes = uploaded_file.read()
+        if len(file_bytes) > MAX_FILE_SIZE:
+            return jsonify({"error": "File too large (5MB max)"}), 400
+        if uploaded_file.mimetype.startswith("image/") and len(file_bytes) > MAX_IMAGE_SIZE:
+            file_bytes = compress_image(file_bytes)
+        file_data = base64.b64encode(file_bytes).decode("utf-8")
+        file_type = uploaded_file.mimetype
 
     sid = str(uuid.uuid4())
     SECRETS[sid] = {
         "data": data,
-        "image": image_data,
+        "file": file_data,
+        "file_type": file_type,
         "expire_at": time.time() + ttl,
-        "view_once": view_once
+        "view_once": view_once,
+        "created_at": time.time(),
+        "views": [],
     }
     return jsonify({"id": sid})
 
@@ -56,18 +64,28 @@ def fetch(sid):
         del SECRETS[sid]
         return jsonify({"error": "Expired"}), 410
 
-    response = {"data": secret["data"]}
-    if secret.get("image"):
-        response["image"] = secret["image"]
+    client_ip = request.remote_addr
+    secret["views"].append({"ip": client_ip, "ts": time.time()})
+    response = {"data": secret["data"], "created_at": secret["created_at"], "views": secret["views"]}
+    if secret.get("file"):
+        response["file"] = secret["file"]
+        response["file_type"] = secret["file_type"]
 
     if secret["view_once"]:
         del SECRETS[sid]
 
     return jsonify(response)
 
+@app.route("/api/burn/<sid>", methods=["DELETE"])
+def burn(sid):
+    if sid in SECRETS:
+        del SECRETS[sid]
+        return jsonify({"status": "burned"})
+    return jsonify({"error": "Not found"}), 404
+
 @app.route("/")
 def index():
     return "Sharelock Flask backend is running."
 
 if __name__ == "__main__":
-    app.run(host="0.0.0.0", port=7860)
+    app.run(host="0.0.0.0", port=7860)