Implement wisp: async encrypted single-retrieval file drop
All checks were successful
Docker / build-and-push (push) Successful in 3m33s

Client-side libsodium encryption with the key in the URL fragment, an
Express/SQLite server holding ciphertext until a confirm-token round trip
proves successful decrypt (avoiding the delete-on-first-byte race), TTL
sweep for unclaimed drops, and a password-gated upload UI styled to match
flit. Dockerized to match the project family's conventions, with a named
volume so the DB/blobs survive redeploys, and a Gitea Actions workflow to
build and push the image.
This commit is contained in:
explewd
2026-07-09 19:14:54 +02:00
parent 8fd73155bd
commit 22619ebd11
30 changed files with 4412 additions and 0 deletions

View File

@@ -134,6 +134,8 @@ disk space per upload:
(Ed25519 pubkey signs the upload request) to unlock a larger size limit
or bypass rate limits — reuses identity infra that already exists rather
than building new auth. Optional, not required for v1.
- For first version - require a password before showing upload screen. Configurable in .env
## Open questions