{"id":26577941,"url":"https://github.com/isrofilov/secure-file-hub","last_synced_at":"2026-04-10T04:58:30.499Z","repository":{"id":283857336,"uuid":"953125735","full_name":"Isrofilov/secure-file-hub","owner":"Isrofilov","description":"SecureFileHub: A lightweight, secure file manager built with Python/Flask featuring two-factor authentication, brute force protection, multilingual support (EN/RU), and responsive UI. Includes image/PDF preview, optimized performance, security headers, Docker support, and Cloudflare upload limit bypass for files over 100MB.","archived":false,"fork":false,"pushed_at":"2025-03-22T16:22:13.000Z","size":0,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-22T16:36:59.189Z","etag":null,"topics":["cloudflare","docker","file-manager","file-storage","flask","multilingual","python","totp","two-factor-authentication"],"latest_commit_sha":null,"homepage":"","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Isrofilov.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-22T16:18:49.000Z","updated_at":"2025-03-22T16:22:24.000Z","dependencies_parsed_at":"2025-03-22T16:48:28.615Z","dependency_job_id":null,"html_url":"https://github.com/Isrofilov/secure-file-hub","commit_stats":null,"previous_names":["isrofilov/secure-file-hub"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Isrofilov%2Fsecure-file-hub","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Isrofilov%2Fsecure-file-hub/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Isrofilov%2Fsecure-file-hub/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Isrofilov%2Fsecure-file-hub/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Isrofilov","download_url":"https://codeload.github.com/Isrofilov/secure-file-hub/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245052889,"owners_count":20553220,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudflare","docker","file-manager","file-storage","flask","multilingual","python","totp","two-factor-authentication"],"created_at":"2025-03-23T04:18:10.260Z","updated_at":"2025-10-18T10:25:20.926Z","avatar_url":"https://github.com/Isrofilov.png","language":"HTML","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🔐 SecureFileHub\n\nSecureFileHub is a lightweight, secure file manager built with Python/Flask, featuring two-factor authentication and a user-friendly interface.\n\n![License](https://img.shields.io/badge/license-AGPL--3.0-blue.svg) ![Python](https://img.shields.io/badge/python-3.13-green.svg) ![Flask](https://img.shields.io/badge/flask-3-green.svg) ![Bootstrap](https://img.shields.io/badge/bootstrap-5-green.svg)\n\n*[Русская версия](README.ru.md)*\n\n## 🔑 Features\n\n- **Secure Authentication**: Two-factor authentication with TOTP and backup codes for emergency access\n- **Brute Force Protection**: Limited login attempts from a single IP address\n- **Multilingual Support**: English and Russian language support\n- **Modern Interface**: Responsive design with options to switch between table and tile views\n- **Built-in Preview**: View images and PDF files directly in the interface\n- **Optimized Performance**: HTML minification and page load optimization\n- **Security**: Configured security headers, secure filename handling\n- **Docker Support**: Ready to run in a container\n- **Cloudflare Upload Limit Bypass**: Solution for uploading files larger than 100MB on Cloudflare's free tier\n\n## 📋 Requirements\n\n- Python 3.11 or higher\n- Docker (optional)\n\n## 🚀 Installation and Setup\n\n### Using Docker\n\n#### Option 1: Using pre-built image from DockerHub\n\n1. Pull the latest image:\n\n```bash\ndocker pull isrofilov/secure-file-hub:latest\n```\n\n2. Create a docker-compose.yml file:\n\n```yaml\nversion: '3'\n\nservices:\n  file-manager:\n    image: isrofilov/secure-file-hub:latest\n    ports:\n      - \"8000:8000\"\n    volumes:\n      - ./uploads:/app/uploads\n    environment:\n      - TOTP_SECRET=your_secure_totp_secret_here # Optional, will be generated on startup\n      - BACKUP_CODES=123456,234567,345678,456789 # Optional\n      - LOG_LEVEL=INFO # Optional\n      - TIMEZONE=Europe/London # Optional\n      - IMAGE_PREVIEW_ENABLED=true # Optional\n      - DOMAIN=yourdomain.com # Optional\n      - UPLOAD_DOMAIN=upload.yourdomain.com # Optional\n    restart: unless-stopped\n```\n\n3. Launch with Docker Compose:\n\n```bash\ndocker-compose up -d\n```\n\n#### Option 2: Building from source\n\n1. Clone the repository:\n\n```bash\ngit clone https://github.com/Isrofilov/secure-file-hub.git\ncd secure-file-hub\n```\n\n2. Configure environment variables in docker-compose.yml:\n\n```yaml\nenvironment:\n  - TOTP_SECRET=your_secure_totp_secret_here # Optional, will be generated on startup\n  - BACKUP_CODES=123456,234567,345678,456789 # Optional\n  - LOG_LEVEL=INFO # Optional\n  - TIMEZONE=Europe/London # Optional\n  - IMAGE_PREVIEW_ENABLED=true # Optional\n  - DOMAIN=yourdomain.com # Optional\n  - UPLOAD_DOMAIN=upload.yourdomain.com # Optional\n```\n\n3. Launch with Docker Compose:\n\n```bash\ndocker-compose up -d\n```\n\n4. The application will be available at http://localhost:8000\n\n### Local Installation\n\n1. Clone the repository:\n\n```bash\ngit clone https://github.com/Isrofilov/secure-file-hub.git\ncd secure-file-hub\n```\n\n2. Create and activate a virtual environment:\n\n```bash\npython -m venv venv\nsource venv/bin/activate  # on Windows: venv\\Scripts\\activate\n```\n\n3. Install dependencies:\n\n```bash\npip install -r requirements.txt\n```\n\n4. Create an .env file (all parameters are optional):\n\n```\nTOTP_SECRET=your_secure_totp_secret_here\nBACKUP_CODES=123456,234567,345678,456789\nTIMEZONE=Europe/London\nIMAGE_PREVIEW_ENABLED=true\nLOG_LEVEL=INFO\n```\n\n5. Run the application:\n\n```bash\npython app.py\n```\n\n6. For running with Gunicorn (recommended for production):\n\n```bash\ngunicorn --bind 0.0.0.0:8000 app:app\n```\n\n## 🔐 Setting Up Two-Factor Authentication\n\n### Generating TOTP_SECRET\n\nTo set up two-factor authentication, you need a TOTP secret key:\n\n1. **Option 1**: Use an online generator:\n   - [Base32 Generator](https://www.grc.com/passwords.htm)\n\n2. **Option 2**: Use automatic generation:\n   If TOTP_SECRET is not specified in .env or docker-compose.yml, the application will automatically generate a random key at startup. The startup logs will show the generated key as both a text string and a QR code for convenient scanning:\n   ```\n   Temporary TOTP_SECRET generated: XXXXXXXXXXXXXXXXXXXX\n   [QR code for scanning]\n   ```\n   \n   **Important**: An automatically generated key will change with each restart unless you save it in your configuration!\n\n### Setting Up a TOTP App\n\nAfter obtaining your TOTP_SECRET:\n\n1. Install a TOTP code generation app (Google Authenticator, Authy, or similar)\n2. Scan the QR code from the logs or add the key manually\n3. Use the temporary codes from the app to log into SecureFileHub\n\n### Backup Codes\n\nBackup codes are designed for emergency access to the system when you don't have access to your primary device with the TOTP app. They provide an alternative authentication method in emergency situations.\n\n**Recommendations for using backup codes**:\n- Use backup codes only on trusted devices\n- Store backup codes in a secure location separate from your TOTP app device\n- For untrusted devices or when providing temporary access to third parties, use only TOTP\n- It's strongly recommended to configure backup codes in .env or docker-compose.yml to ensure access to the application if you lose your TOTP device\n\n## 🛡️ Brute Force Protection\n\nThe system includes built-in protection against password brute force attempts:\n- Limits the number of failed attempts (default 5) from a single IP address\n- Temporary login block for 5 minutes after exceeding the limit\n- Automatic counter reset after successful login\n\n## 🌐 Multilingual Support\n\nThe application supports two languages:\n- English (default)\n- Russian\n\nUsers can switch the language in the interface, and the choice is saved in the session.\n\n## ⚙️ Configuring Cloudflare Limit Bypass\n\nTo bypass Cloudflare's limitation on uploading files larger than 100MB on the free tier:\n\n1. Create a subdomain for file uploads (e.g., upload.yourdomain.com)\n2. Set up a DNS record for this subdomain but **do not enable** proxying through Cloudflare\n3. Specify both domains in the configuration:\n\n```\nDOMAIN=yourdomain.com\nUPLOAD_DOMAIN=upload.yourdomain.com\n```\n\nThe system will automatically use different domains for regular operations and for uploading large files.\n\n## ✨ Usage\n\n1. Open the application in your browser: http://localhost:8000 (or your configured domain)\n2. Log in using a TOTP code or one of the backup codes (on trusted devices)\n3. Manage files through the user-friendly web interface\n4. Switch the interface language in the settings menu\n\n## 📊 Screenshots\n\n_[Interface screenshots will be added later]_\n\n## 🧩 Architecture\n\n- **Flask 3**: Web framework\n- **Bootstrap 5**: Frontend framework for responsive design\n- **Blueprint**: Modular code organization\n- **Flask-Babel**: Internationalization and localization\n- **Docker**: Containerization for easy deployment\n\n## 📜 License\n\nThis project is licensed under the [GNU AFFERO GENERAL PUBLIC LICENSE](https://github.com/Isrofilov/secure-file-hub/blob/main/LICENSE).\n\n---\n\n_Thank you for your interest in SecureFileHub!_\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fisrofilov%2Fsecure-file-hub","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fisrofilov%2Fsecure-file-hub","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fisrofilov%2Fsecure-file-hub/lists"}