mlh-fellowship / chamberofsecrets-backend Goto Github PK

Implement the entire file upload as an API view wherein the user uploads a file, and in the backend the file gets split into horcruxes and gets uploaded to various file storage platforms like Google Drive and Dropbox.

As the title suggests, implement horcrux upload to dropbox in the file-upload POST API.

at time of sign up, first name and last name is also being received now, so we need to save it in the backend.

The current project structure is not idea for deployment, hence some restructuring is required

Implement a view/API endpoint that will allow users to delete uploaded files.

Set up the basic Django backend project structure with the required project dependencies.

The Google Drive API requires the user to be authenticated via Google OAuth. Also, the user will have to provide access to the application to access their Google Drive. For this, Google OAuth needs to be set up.

Right now, there is no error handling implemented for the case when due to some reason, a horcrux is not found on one of user's file storage services (for example in case the user deletes a horcrux by mistake).

Implement the error handling for uploads, downloads and delete API. In case the exception handling is triggered, delete the file record from the database as well, and then return a valid response in the form of {"message": "Horcrux not found on user's account. The file is no longer readable. Deleting from the chamber."}

Create a user model in Django that will require the following fields:

• user_id
• email
• username
• password
• public_key
• whether the user wants to authenticate each time a file is horcruxed/resurrected

Create RSA public-private key pair generation module in the authenticate app. This module will be required for generating the asymmetric keys at the time of user signup.

Add authentication for Dropbox so that the horcruxes can be uploaded/downloaded from the user's dropbox.

Improve the docusaurus project documentation:

• The existing contribution guidelines are very vague. You can work on the guidelines to improve them.
• Add information regarding the API endpoints and how requests can be made to them.

Create model serializers to convert DB models to JSON and vice versa. This is required for communication with the frontend.

Add templates for issue for both bug reports and feature requests.

Create a module that does the following
Encryption:
Takes a file, and encrypts it with public key
Splits the file into horcruxes

Decryption:
Merges all horcruxes to get encrypted file
Decrypts the encrypted file to get original file

Implement a GET API endpoint in the backend that gets all the files that were uploaded by the user. The user can then decide which file they want to download.

Integrate GDrive API (with OAuth) with the backend for file uploads

Add models for storing files in the database. The following should be roughly the structure (required fields) for the file model:

• user_id (foreign key to the user model)
• file_id (unique file id)
• filename
• split_links

Integrate the download file API workflow, where horcruxes are downloaded from various file storages, then recombination and decrypted into the original file, which is then sent to the client as an HTTP response.

This table stores the info such as the owner of the file, the name of the file, and the links/urls of the uploaded horcruxes.
This table should have a 1:n relationship with the User model, i.e., one user (owner) can have multiple files.

Implement server-flow OAuth for OneDrive with read-write access to the user's OneDrive storage so that the horcruxes can be uploaded, downloaded and deleted from the storage.

For this, you need to also implement the GET method to generate the authentication URI and the POST method to authenticate the user using the authentication token.

Refer to the authenticate/google_auth.py , authenticate/dropbox_auth.py and authenticate/views.py files for insights on the implementation.

Create backend APIs for user login and signup and integrate with the frontend.

Add documentation website using docusaurus to document the entire project.

Right now both the first and third horcruxes are getting uploaded to the user's Google Drive. Same with the downloads and deletes. Instead, once the OneDrive OAuth is implemented, make it so that the third horcrux goes on the user's OneDrive.