shift to subdomains

2026-05-14 22:16:54 +00:00 · 2025-02-17 13:31:24 -05:00
parent 1e827f03a5
commit 678da4dcc8
5 changed files with 339 additions and 193 deletions
@@ -17,3 +17,7 @@ logs:
 clean: stop
 	rm -f output.log app.pid
 reset: clean
 	rm -rf instance
 	rm -rf sites
@@ -1,22 +1,22 @@
 from flask import (
-    Flask,
+	Flask,
-    render_template,
+	render_template,
-    request,
+	request,
-    redirect,
+	redirect,
-    url_for,
+	url_for,
-    send_from_directory,
+	send_from_directory,
-    flash,
+	flash,
-    abort,
+	abort,
-    jsonify,
+	jsonify,
 )
 from flask_sqlalchemy import SQLAlchemy
 from flask_login import (
-    LoginManager,
+	LoginManager,
-    UserMixin,
+	UserMixin,
-    login_user,
+	login_user,
-    logout_user,
+	logout_user,
-    login_required,
+	login_required,
-    current_user,
+	current_user,
 )
 from flask_apscheduler import APScheduler
 from werkzeug.security import generate_password_hash, check_password_hash
@@ -25,35 +25,76 @@ import os
 import shutil
 from datetime import datetime, timedelta
 from waitress import serve
-
+import re
 from secrets import token_hex
 app = Flask(__name__)
-app.config["SECRET_KEY"] = "your-secret-key"
+
 try:
 	with open("instance/secret.key", "rb") as f:
 		app.config["SECRET_KEY"] = bytes.hex(f.readline())
 except FileNotFoundError as e:
 	os.mkdir('instance')
 	with open("instance/secret.key", "wb") as f:
 		newKey = token_hex(64)
 		f.write(bytearray.fromhex(newKey))
 		app.config["SECRET_KEY"] = newKey
 app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:///db.sqlite"
 app.config["UPLOAD_FOLDER"] = "sites"
 app.config["SERVER_NAME"] = "tinysite.cloud"
 app.config["SESSION_COOKIE_DOMAIN"] = ".tinysite.cloud"
 db = SQLAlchemy(app)
 RESERVED_SUBDOMAINS = {
 	"",
 	"www",
 	"api",
 	"admin",
 	"support",
 	"docs",
 	"blog",
 	"cdn",
 	"test",
 	"dev",
 	"staging",
 	"secure",
 	"mail",
 	"status",
 	"gateway"
 }
 def isDefaultRoute(subdomain):
 	return not subdomain or subdomain in RESERVED_SUBDOMAINS
 # Models
 class User(UserMixin, db.Model):
-    id = db.Column(db.Integer, primary_key=True)
+	id = db.Column(db.Integer, primary_key=True)
-    email = db.Column(db.String(100), unique=True)
+	email = db.Column(db.String(100), unique=True)
-    password_hash = db.Column(db.String(128))  # Renamed for clarity
+	password_hash = db.Column(db.String(128))  # Renamed for clarity
-    def set_password(self, password):
+	def set_password(self, password):
-        self.password_hash = generate_password_hash(password)
+		self.password_hash = generate_password_hash(password)
-    def check_password(self, password):
+	def check_password(self, password):
-        return check_password_hash(self.password_hash, password)
+		return check_password_hash(self.password_hash, password)
 class Site(db.Model):
-    id = db.Column(db.Integer, primary_key=True)
+	id = db.Column(db.Integer, primary_key=True)
-    user_id = db.Column(db.Integer)
+	user_id = db.Column(db.Integer)
-    name = db.Column(db.String(100))
+	name = db.Column(db.String(100))
-    slug = db.Column(db.String(100), unique=True)
+	subdomain = db.Column(db.String(100), unique=True)
-    last_accessed = db.Column(db.DateTime)
+	last_accessed = db.Column(db.DateTime)
-    created_at = db.Column(db.DateTime, default=datetime.utcnow)
+	created_at = db.Column(db.DateTime, default=datetime.utcnow)
@app.errorhandler(404)
 def page_not_found(_):
 	return render_template("404.html", domain=request.host), 404
 # Auth setup
@@ -64,7 +105,7 @@ login_manager.login_view = "login"
@login_manager.user_loader
 def load_user(user_id):
-    return User.query.get(int(user_id))
+	return User.query.get(int(user_id))
 # Scheduler for auto-deletion
@@ -73,241 +114,255 @@ scheduler.init_app(app)
 def delete_inactive_sites():
-    with app.app_context():
+	with app.app_context():
-        cutoff = datetime.utcnow() - timedelta(days=30)
+		cutoff = datetime.utcnow() - timedelta(days=30)
-        sites = Site.query.filter(Site.last_accessed < cutoff).all()
+		sites = Site.query.filter(Site.last_accessed < cutoff).all()
-        for site in sites:
+		for site in sites:
-            site_dir = os.path.join(
+			site_dir = os.path.join(
-                app.config["UPLOAD_FOLDER"], str(site.user_id), str(site.id)
+				app.config["UPLOAD_FOLDER"], str(site.user_id), str(site.id)
-            )
+			)
-            if os.path.exists(site_dir):
+			if os.path.exists(site_dir):
-                shutil.rmtree(site_dir)
+				shutil.rmtree(site_dir)
-            db.session.delete(site)
+			db.session.delete(site)
-        db.session.commit()
+		db.session.commit()
 if not scheduler.running:
-    scheduler.start()
+	scheduler.start()
-    scheduler.add_job(
+	scheduler.add_job(
-        id="delete_job", func=delete_inactive_sites, trigger="interval", days=1
+		id="delete_job", func=delete_inactive_sites, trigger="interval", days=1
-    )
+	)
 # Routes
@app.route("/login", methods=["GET", "POST"])
 def login():
-    if request.method == "POST":
+	if request.method == "POST":
-        email = request.form.get("email")
+		email = request.form.get("email")
-        password = request.form.get("password")
+		password = request.form.get("password")
-        user = User.query.filter_by(email=email).first()
+		user = User.query.filter_by(email=email).first()
-        if user and user.check_password(password):
+		if user and user.check_password(password):
-            login_user(user)
+			login_user(user)
-            return redirect(url_for("dashboard"))
+			return redirect(url_for("dashboard"))
-        flash("Invalid email or password")
+		flash("Invalid email or password")
-    return render_template("login.html")
+	return render_template("login.html")
@app.route("/logout")
 def logout():
-    logout_user()
+	logout_user()
-    return redirect(url_for("home"))
+	return redirect(url_for("home"))
@app.route("/register", methods=["GET", "POST"])
 def register():
-    if request.method == "POST":
+	if request.method == "POST":
-        email = request.form.get("email")
+		email = request.form.get("email")
-        password = request.form.get("password")
+		password = request.form.get("password")
-        if User.query.filter_by(email=email).first():
+		if User.query.filter_by(email=email).first():
-            flash("Email already exists")
+			flash("Email already exists")
-            return redirect(url_for("register"))
+			return redirect(url_for("register"))
-        new_user = User(email=email)
+		new_user = User(email=email)
-        new_user.set_password(password)
+		new_user.set_password(password)
-        db.session.add(new_user)
+		db.session.add(new_user)
-        db.session.commit()
+		db.session.commit()
-        login_user(new_user)
+		login_user(new_user)
-        return redirect(url_for("dashboard"))
+		return redirect(url_for("dashboard"))
-    return render_template("register.html")
+	return render_template("register.html")
@app.route("/dashboard")
@login_required
 def dashboard():
-    sites = Site.query.filter_by(user_id=current_user.id).all()
+	sites = Site.query.filter_by(user_id=current_user.id).all()
-    return render_template("dashboard.html", sites=sites)
+	return render_template("dashboard.html", sites=sites, subdomain=request.host.split('.')[0], hostname=app.config["SERVER_NAME"])
@app.route("/upload", methods=["POST"])
@login_required
 def upload_site():
-    site_name = request.form.get("name")
+	site_name = request.form.get("name")
-    slug = request.form.get("slug").strip()
+	subdomain = request.form.get("subdomain").strip().lower()  # normalize to lowercase
-    if not site_name or not slug:
+	# Subdomain validation
-        flash("Site name and URL slug are required", "error")
+	if not re.match(r"^[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?$", subdomain):
-        return redirect(url_for("dashboard"))
+		flash(
 			"Invalid subdomain. Use lowercase letters, numbers, and hyphens.", "error"
 		)
 		return redirect(url_for("dashboard"))
-    # Check slug availability
+	if not site_name or not subdomain:
-    if Site.query.filter_by(slug=slug).first():
+		flash("Site name and URL subdomain are required", "error")
-        flash("This URL is already taken", "error")
+		return redirect(url_for("dashboard"))
        return redirect(url_for("dashboard"))
-    # Check if index.html is included
+	# Check subdomain availability
-    files = request.files.getlist("files")
+	if Site.query.filter_by(subdomain=subdomain).first():
-    if not any(file.filename == "index.html" for file in files):
+		flash("This URL is already taken", "error")
-        flash("You must include an index.html file", "error")
+		return redirect(url_for("dashboard"))
        return redirect(url_for("dashboard"))
-    # Create site directory
+	# Check if index.html is included
-    site = Site(user_id=current_user.id, name=site_name, slug=slug)
+	files = request.files.getlist("files")
-    db.session.add(site)
+	if not any(file.filename == "index.html" for file in files):
-    db.session.commit()
+		flash("You must include an index.html file", "error")
 		return redirect(url_for("dashboard"))
-    site_dir = os.path.join(
+	# Create site directory
-        app.config["UPLOAD_FOLDER"], str(current_user.id), str(site.id)
+	site = Site(user_id=current_user.id, name=site_name, subdomain=subdomain)
-    )
+	db.session.add(site)
-    os.makedirs(site_dir, exist_ok=True)
+	db.session.commit()
-    # Save uploaded files
+	site_dir = os.path.join(
-    for file in files:
+		app.config["UPLOAD_FOLDER"], str(current_user.id), str(site.id)
-        if file.filename == "":
+	)
-            continue
+	os.makedirs(site_dir, exist_ok=True)
        file.save(os.path.join(site_dir, file.filename))
-    flash("Site created successfully!", "success")
+	# Save uploaded files
-    return redirect(url_for("dashboard"))
+	for file in files:
 		if file.filename == "":
 			continue
 		file.save(os.path.join(site_dir, file.filename))
 	flash("Site created successfully!", "success")
 	return redirect(url_for("dashboard"))
@app.route("/edit/<int:site_id>", methods=["GET", "POST"])
@login_required
 def edit_site(site_id):
-    site = Site.query.get_or_404(site_id)
+	site = Site.query.get_or_404(site_id)
-    if site.user_id != current_user.id:
+	if site.user_id != current_user.id:
-        return "Unauthorized", 403
+		return "Unauthorized", 403
-    site_dir = os.path.join(
+	site_dir = os.path.join(
-        app.config["UPLOAD_FOLDER"], str(current_user.id), str(site.id)
+		app.config["UPLOAD_FOLDER"], str(current_user.id), str(site.id)
-    )
+	)
-    if request.method == "POST":
+	if request.method == "POST":
-        site.name = request.form.get("name", site.name)
+		site.name = request.form.get("name", site.name)
-        db.session.commit()
+		db.session.commit()
-        for filename, content in request.form.items():
+		for filename, content in request.form.items():
-            if filename.endswith((".html", ".css", ".js")):
+			if filename.endswith((".html", ".css", ".js")):
-                filepath = os.path.join(site_dir, filename)
+				filepath = os.path.join(site_dir, filename)
-                with open(filepath, "w") as f:
+				with open(filepath, "w") as f:
-                    f.write(content)
+					f.write(content)
-        if request.headers.get("X-Requested-With") == "XMLHttpRequest":
+		if request.headers.get("X-Requested-With") == "XMLHttpRequest":
-            return jsonify({"success": True, "message": "Site updated successfully!"})
+			return jsonify({"success": True, "message": "Site updated successfully!"})
-        flash("Site updated successfully!", "success")
+		flash("Site updated successfully!", "success")
-        return redirect(url_for("edit_site", site_id=site.id))
+		return redirect(url_for("edit_site", site_id=site.id))
-    files = {}
+	files = {}
-    for file in os.listdir(site_dir):
+	for file in os.listdir(site_dir):
-        with open(os.path.join(site_dir, file), "r") as f:
+		with open(os.path.join(site_dir, file), "r") as f:
-            files[file] = f.read()
+			files[file] = f.read()
-    return render_template("edit.html", site=site, files=files)
+	return render_template("edit.html", site=site, files=files)
@app.route("/delete/<int:site_id>", methods=["POST"])
@login_required
 def delete_site(site_id):
-    site = Site.query.get_or_404(site_id)
+	site = Site.query.get_or_404(site_id)
-    if site.user_id != current_user.id:
+	if site.user_id != current_user.id:
-        return "Unauthorized", 403
+		return "Unauthorized", 403
-    site_dir = os.path.join(
+	site_dir = os.path.join(
-        app.config["UPLOAD_FOLDER"], str(current_user.id), str(site.id)
+		app.config["UPLOAD_FOLDER"], str(current_user.id), str(site.id)
-    )
+	)
-    if os.path.exists(site_dir):
+	if os.path.exists(site_dir):
-        shutil.rmtree(site_dir)
+		shutil.rmtree(site_dir)
-    db.session.delete(site)
+	db.session.delete(site)
-    db.session.commit()
+	db.session.commit()
-    return redirect(url_for("dashboard"))
+	return redirect(url_for("dashboard"))
@app.route("/delete_file/<int:site_id>/<filename>", methods=["POST"])
@login_required
 def delete_file(site_id, filename):
-    # Get the site and verify ownership
+	# Get the site and verify ownership
-    site = Site.query.get_or_404(site_id)
+	site = Site.query.get_or_404(site_id)
-    if site.user_id != current_user.id:
+	if site.user_id != current_user.id:
-        return "Unauthorized", 403
+		return "Unauthorized", 403
-    # Build the file path
+	# Build the file path
-    site_dir = os.path.join(
+	site_dir = os.path.join(
-        app.config["UPLOAD_FOLDER"], str(current_user.id), str(site.id)
+		app.config["UPLOAD_FOLDER"], str(current_user.id), str(site.id)
-    )
+	)
-    file_path = os.path.join(site_dir, filename)
+	file_path = os.path.join(site_dir, filename)
-    # Delete the file if it exists
+	# Delete the file if it exists
-    if os.path.exists(file_path):
+	if os.path.exists(file_path):
-        os.remove(file_path)
+		os.remove(file_path)
-        flash(f"File '{filename}' deleted successfully!", "success")
+		flash(f"File '{filename}' deleted successfully!", "success")
-    else:
+	else:
-        flash(f"File '{filename}' not found!", "error")
+		flash(f"File '{filename}' not found!", "error")
-    return redirect(url_for("dashboard"))
+	return redirect(url_for("dashboard"))
-@app.route("/site/<slug>/", defaults={"filename": "index.html"})
+# use subdomains
-@app.route("/site/<slug>/<path:filename>")
+@app.route("/", subdomain="<subdomain>", defaults={"filename": "index.html"})
-def serve_site_content(slug, filename):
+@app.route("/<path:filename>")
-    site = Site.query.filter_by(slug=slug).first_or_404()
+def serve_site_content(filename):
-    site.last_accessed = datetime.utcnow()
+	subdomain = request.host.split('.')[0]
    db.session.commit()
-    site_dir = os.path.join(
+	site = Site.query.filter_by(subdomain=subdomain).first_or_404()
-        app.config["UPLOAD_FOLDER"], str(site.user_id), str(site.id)
+	site.last_accessed = datetime.utcnow()
-    )
+	db.session.commit()
-    # Security check
+	site_dir = os.path.join(
-    if ".." in filename or filename.startswith("/") or not os.path.exists(site_dir):
+		app.config["UPLOAD_FOLDER"], str(site.user_id), str(site.id)
-        abort(404)
+	)
-    try:
+	# TODO: add specific page redirects here as they're added
-        # First try to serve requested file
+	if isDefaultRoute(subdomain):
-        return send_from_directory(site_dir, filename)
+		return send_from_directory("index.html")
-    except NotFound:
+
-        # Handle extensionless URLs and SPA-style routing
+	# Security check
-        if "." not in filename:
+	if ".." in filename or filename.startswith("/") or not os.path.exists(site_dir):
-            # Try with .html extension
+		return render_template("404.html"), 404
-            try:
+
-                return send_from_directory(site_dir, f"{filename}.html")
+	try:
-            except NotFound:
+		return send_from_directory(site_dir, filename)
-                # Fallback to index.html for client-side routing
+	except NotFound:
-                return send_from_directory(site_dir, "index.html")
+		if "." not in filename:
-        abort(404)
+			try:
 				return send_from_directory(site_dir, f"{filename}.html")
 			except NotFound:
 				redirect(app.config["SERVER_NAME"])
 				return send_from_directory(site_dir, "index.html")
 		abort(404)
 def list_files(directory):
-    try:
+	try:
-        return os.listdir(directory)
+		return os.listdir(directory)
-    except FileNotFoundError:
+	except FileNotFoundError:
-        return []
+		return []
@app.context_processor
 def inject_utilities():
-    return dict(list_files=list_files)
+	return dict(list_files=list_files)
@app.route("/")
 def home():
-    return render_template("home.html")
+	if isDefaultRoute(request.host):
 		return render_template("home.html")
 	else:
 		return serve_site_content('index.html')
 if __name__ == "__main__":
-    os.makedirs(app.config["UPLOAD_FOLDER"], exist_ok=True)
+	os.makedirs(app.config["UPLOAD_FOLDER"], exist_ok=True)
-    with app.app_context():
+	with app.app_context():
-        db.create_all()
+		db.create_all()
-        serve(app, host="0.0.0.0", port=5121)
+		serve(app, host="0.0.0.0", port=5121)
@@ -0,0 +1,83 @@
 {% extends "base.html" %}
 {% block content %}
 <style>
 	.error-container {
 		text-align: center;
 		padding: 100px 20px;
 		min-height: 60vh;
 	}
 	.error-emoji {
 		font-size: 4rem;
 		margin-bottom: 1rem;
 	}
 	.error-message {
 		max-width: 600px;
 		margin: 0 auto 2rem;
 	}
 	.cta-button {
 		margin-top: 2rem;
 	}
 	.alien {
 		font-size: 5rem;
 		margin: 2rem 0;
 		animation: float 3s ease-in-out infinite;
 	}
 	@keyframes float {
 		0% {
 			transform: translateY(0px);
 		}
 		50% {
 			transform: translateY(-20px);
 		}
 		100% {
 			transform: translateY(0px);
 		}
 	}
 </style>
 <script>
 	document.addEventListener("DOMContentLoaded", () => {
 		const emojis = ["👽", "🚀", "🛸", "🌌", "🌠", "🔭", "🪐", "🌍", "✨", "👾"];
 		const randomEmoji = emojis[Math.floor(Math.random() * emojis.length)];
 		const alienElement = document.querySelector(".alien");
 		if (alienElement) {
 			alienElement.textContent = randomEmoji;
 		}
 	});
 </script>
 <div class="error-container">
 	<div class="alien">👽</div>
 	<h1>Houston, We Have a Problem!</h1>
 	<div class="error-message">
 		<p>The site you're looking for doesn't exist... yet!</p>
 		<p>But don't worry, this corner of the internet is just waiting for your creativity.</p>
 	</div>
 	{% if current_user.is_authenticated %}
 	<a href="{{ url_for('dashboard') }}" class="btn cta-button">
 		🚀 Create {{ domain }}
 	</a>
 	{% else %}
 	<div class="auth-buttons">
 		<p>Start your web hosting journey today!</p>
 		<a href="{{ url_for('register') }}" class="btn">Sign Up</a>
 		<a href="{{ url_for('login') }}" class="btn">Login</a>
 	</div>
 	{% endif %}
 	<div style="margin-top: 3rem;">
 		<small>PS: If you were looking for someone else's site, maybe they forgot to launch it! 🚀</small>
 	</div>
 </div>
 {% endblock %}
@@ -12,11 +12,14 @@
 		<input type="text" name="name" required>
 	</div>
 	<!-- Add slug input -->
 	<div class="form-group">
-		<label>Custom URL Slug:</label>
+		<label>Site URL:</label>
-		<input type="text" name="slug" required pattern="[a-zA-Z0-9\-_]+"
+		<div style="display: flex; align-items: center;">
-			title="Letters, numbers, hyphens, and underscores only">
+			<input type="text" name="subdomain" required pattern="[a-zA-Z0-9\-_]+"
 				title="Letters, numbers, hyphens, and underscores only" value="{{ subdomain }}"
 				style="flex: 1;">
 			<span style="margin-left: 5px;">.{{ hostname }}</span>
 		</div>
 	</div>
 	<div class="form-group" onclick="document.querySelector('#file-input').click()">
@@ -27,7 +30,6 @@
 		</label>
 	</div>
 	<!-- File Preview Section -->
 	<div id="file-preview" class="file-preview">
 		<h5>Selected Files:</h5>
 		<div id="file-grid" class="file-grid"></div>
@@ -69,7 +71,9 @@
 		<!-- Site Actions -->
 		<div class="site-actions">
 			<a href="{{ url_for('edit_site', site_id=site.id) }}" class="btn">Edit</a>
-			<a href="{{ url_for('serve_site_content', slug=site.slug) }}" class="btn" target="_blank">View Site</a>
+			<a href="{{ url_for('serve_site_content', filename='index.html', _external=True, subdomain=site.subdomain) }}">Visit
 				{{ site.name }}
 			</a>
 			<form method="POST" action="{{ url_for('delete_site', site_id=site.id) }}" style="display: inline;">
 				<button type="submit" class="btn btn-danger">Delete Site</button>
 			</form>
@@ -4,7 +4,7 @@
 {% block content %}
 <h2>Edit {{ site.name }}</h2>
-<a href="{{ url_for('serve_site_content', slug=site.slug) }}" class="btn" target="_blank">View Site</a>
+<a href="{{ url_for('serve_site_content', subdomain=site.subdomain) }}" class="btn" target="_blank">View Site</a>
 <div style="margin-bottom: 30px;"></div>