Add form-based storage endpoint for browser submissions

The POST /storage endpoint required Bearer token auth and JSON body, which didn't work with browser form submissions using cookies. Added new /storage/add endpoint that accepts form data and cookie auth. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-10 00:19:36 +00:00
parent fb5c46330d
commit 8bef9afb1f
1 changed files with 68 additions and 26 deletions
--- a/server.py
+++ b/server.py
@@ -27,7 +27,7 @@ logging.basicConfig(
 )
 logger = logging.getLogger(__name__)

-from fastapi import FastAPI, HTTPException, Request, Response, Depends, Cookie
+from fastapi import FastAPI, HTTPException, Request, Response, Depends, Cookie, Form
 from fastapi.responses import JSONResponse, HTMLResponse, RedirectResponse, FileResponse
 from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
 from pydantic import BaseModel
@@ -3120,6 +3120,72 @@ async def add_storage(req: AddStorageRequest, user: User = Depends(get_required_
    return {"id": storage_id, "message": f"Storage provider added: {provider_name}"}


+@app.post("/storage/add")
+async def add_storage_form(
+    request: Request,
+    provider_type: str = Form(...),
+    provider_name: Optional[str] = Form(None),
+    capacity_gb: int = Form(5),
+    api_key: Optional[str] = Form(None),
+    secret_key: Optional[str] = Form(None),
+    api_token: Optional[str] = Form(None),
+    path: Optional[str] = Form(None),
+):
+    """Add a storage provider via HTML form (cookie auth)."""
+    username = get_user_from_cookie(request)
+    if not username:
+        return HTMLResponse('<div class="text-red-400">Not authenticated</div>', status_code=401)
+
+    # Validate provider type
+    if provider_type not in ["pinata", "web3storage", "local"]:
+        return HTMLResponse(f'<div class="text-red-400">Invalid provider type: {provider_type}</div>')
+
+    # Build config based on provider type
+    config = {}
+    if provider_type == "pinata":
+        if not api_key or not secret_key:
+            return HTMLResponse('<div class="text-red-400">Pinata requires API Key and Secret Key</div>')
+        config = {"api_key": api_key, "secret_key": secret_key}
+    elif provider_type == "web3storage":
+        if not api_token:
+            return HTMLResponse('<div class="text-red-400">web3.storage requires API Token</div>')
+        config = {"api_token": api_token}
+    elif provider_type == "local":
+        if not path:
+            return HTMLResponse('<div class="text-red-400">Local storage requires a path</div>')
+        config = {"path": path}
+
+    # Test the provider connection before saving
+    provider = storage_providers.create_provider(provider_type, {
+        **config,
+        "capacity_gb": capacity_gb
+    })
+    if not provider:
+        return HTMLResponse('<div class="text-red-400">Failed to create provider with given config</div>')
+
+    success, message = await provider.test_connection()
+    if not success:
+        return HTMLResponse(f'<div class="text-red-400">Provider connection failed: {message}</div>')
+
+    # Save to database
+    name = provider_name or f"{provider_type}-{username}"
+    storage_id = await db.add_user_storage(
+        username=username,
+        provider_type=provider_type,
+        provider_name=name,
+        config=config,
+        capacity_gb=capacity_gb
+    )
+
+    if not storage_id:
+        return HTMLResponse('<div class="text-red-400">Failed to save storage provider</div>')
+
+    return HTMLResponse(f'''
+        <div class="text-green-400 mb-2">Storage provider "{name}" added successfully!</div>
+        <script>setTimeout(() => window.location.reload(), 1500);</script>
+    ''')
+
+
@app.get("/storage/{storage_id}")
 async def get_storage(storage_id: int, user: User = Depends(get_required_user)):
    """Get a specific storage provider."""
@@ -3312,7 +3378,7 @@ async def ui_storage_page(username: str, storages: list, request: Request) -> HT
            </div>

            <div id="add-form" class="hidden bg-dark-600 rounded-lg p-4">
-                <form id="storage-form" hx-post="/storage" hx-target="#add-result" hx-swap="innerHTML">
+                <form id="storage-form" hx-post="/storage/add" hx-target="#add-result" hx-swap="innerHTML">
                    <input type="hidden" name="provider_type" id="provider_type">

                    <div id="pinata-fields" class="hidden space-y-4">
@@ -3383,30 +3449,6 @@ async def ui_storage_page(username: str, storages: list, request: Request) -> HT
    function hideAddForm() {{
        document.getElementById('add-form').classList.add('hidden');
    }}
-
-    // Handle form submission to build proper JSON
-    document.getElementById('storage-form').addEventListener('htmx:configRequest', function(evt) {{
-        const formData = new FormData(evt.detail.elt);
-        const providerType = formData.get('provider_type');
-        const config = {{}};
-
-        if (providerType === 'pinata') {{
-            config.api_key = formData.get('api_key');
-            config.secret_key = formData.get('secret_key');
-        }} else if (providerType === 'web3storage') {{
-            config.api_token = formData.get('api_token');
-        }} else if (providerType === 'local') {{
-            config.path = formData.get('path');
-        }}
-
-        evt.detail.headers['Content-Type'] = 'application/json';
-        evt.detail.parameters = JSON.stringify({{
-            provider_type: providerType,
-            provider_name: formData.get('provider_name') || null,
-            config: config,
-            capacity_gb: parseInt(formData.get('capacity_gb'))
-        }});
-    }});
    </script>
    '''