🔐 WindCloud - Secure Cloud Storage & Dashboard Platform

WindCloud is a modern Flask-based web application built for secure file storage, efficient sharing, and an interactive dashboard experience. With advanced authentication features including two-factor authentication (2FA), a flexible card system, and intuitive file management, WindCloud is designed for both individual users and collaborative teams.

---

🌟 Key Features

Security & Authentication

• Secure Password Storage: Uses bcrypt for hashed passwords.
• Two-Factor Authentication (2FA): Integrated TOTP via Google Authenticator. Scan the QR code during registration and login.
• Session Management & CSRF Protection: Secure sessions and tokens.
• Rate Limiting: Prevents brute-force attacks.
• Input Validation & Sanitization: Ensures data integrity.

Modern Dashboard

• Responsive UI: Designed with both grid and list views.
• Dark/Light Mode: User preference stored locally.
• Drag & Drop File Upload: Supports multiple file types and image previews.
• Interactive Card System: Create, edit, delete, and share cards.
• Real-Time Updates & Search: Quickly filter and sort your cards.

File Management & Sharing

• File & Image Galleries: View and manage files via dedicated sections.
• Granular Sharing Options: Share cards with read-only or edit permissions.
• Secure File Serving: Files are stored and served securely from the uploads directory.

---

🚀 Installation

Prerequisites

• Python 3.8+
• pip
• Git
• SQLite3

Setup Steps

1. Clone Repository

   git clone https://github.com/MarsgameJu/WindCloud.git
   cd WindCloud

2. Create Virtual Environment

   python -m venv venv
   # Windows:
   venv\Scripts\activate
   # macOS/Linux:
   source venv/bin/activate

3. Install Dependencies

   pip install -r requirements.txt

4. Configuration Create a .env file and update config.py with your settings:

   MAIL_SERVER=smtp.example.com
   MAIL_PORT=587
   MAIL_USE_TLS=True
   MAIL_USERNAME=your-email@example.com
   MAIL_PASSWORD=your-email-password

   How to Create the App-password

   Alternatively, modify config.py accordingly.

5. Database Initialization The application automatically creates necessary tables. For a fresh start, remove existing databases and run:

   python app.py

6. Start the Application

   python app.py

   Visit http://127.0.0.1:5000

---

📁 Project Structure

WindCloud/
├── .github/   
│   ├── ISSUE_TEMPLATE/           # Templates for GitHub issue reporting
│   └── SECURITY.md               # Security policy and vulnerability reporting guidelines
├── database/                     # SQLite database 
├── static/                       # Static assets
│   ├── assets/                   # Images for Landing Page
│   ├── css/ 
│   |    ├── dashboard.css        # Dashboard-specific Styling
│   |    ├── style.css            # Global styles
│   |    ├── index.css            # Style for index.html
│   ├── js/     
│   |    ├── script.js            # General JS functions
│   |    ├── dashboard.js         # Dashboard interactivity (cards, modals, uploads)
│   |    ├── flash-message.js     # Flash messages handler
│   |    ├── password-check.js    # Password validation and strength checking                  
│   └── index.html                # Landing page
├── templates/                    # Jinja2 HTML templates
│   ├── login.html                # User login
│   ├── register.html             # User registration
│   ├── 2fa.html                  # Two-factor authentication
│   ├── error.html                # Custom error page templates
│   └── dashboard.html            # Main dashboard with card System
├── uploads/                      # User-uploaded files
├── utils/                        # Helper functions for database & security operations
│   ├── database.py               # Structure and Init Database
│   ├── error_handler.py          # Custom error handling and logging
│   └── security.py               # Ensures security for Web application
├── app.py                        # Main Flask application
├── config.py                     # App configuration settings
├── requirements.txt              # Python dependencies
├── .gitignore                    # Specifies which files Git should ignore
├── CODE_OF_CONDUCT.md            # Project community guidelines and behavior
├── CONTRIBUTING.md               # Guidelines for contributing to the project
├── LICENSE                       # MIT License terms and conditions
├── Schema.sql                    # Database schema definitions
└── README.md                     # Project documentation

---

📜 API Endpoints

Authentication

• POST /login
  • Parameters: email, password
  • Flow: Validates credentials and proceeds to 2FA.
• POST /register
  • Parameters: username, email, password, confirm-password
  • Flow: Registers user and prompts for 2FA setup.
• POST /verify-2fa
  • Parameters: code
  • Flow: Validates the TOTP code.

Cards Management

• POST /api/cards
  • Payload: title, description
  • Creates a new card.
• PUT /api/cards/
  • Payload: title, description
  • Updates an existing card. Requires owner or 'write' permission.
• DELETE /api/cards/
  • Deletes the specified card. Associated files are also removed.

File Handling

• POST /api/cards//files
  • Multipart form data for file(s).
  • Supports drag & drop file uploads.
• DELETE /api/cards/<card_id>/files/<file_id>
  • Deletes a file from a card.

Card Sharing

• POST /api/cards//share
  • Payload: email, permission (read/write)
  • Grants the specified user permission to the card.

---

🤝 Contributing

We welcome enhancements and bug fixes!

1. Fork the Repository
2. Create a Feature/Issue Branch

   git checkout -b feature/your-feature-name

3. Make Changes & Add Tests
4. Commit & Push

   git add .
   git commit -m "Describe your change"
   git push origin feature/your-feature-name

5. Submit a Pull Request

Please follow PEP 8 guidelines and write clear commit messages.

---

📜 Other important things

This project is licensed under the MIT License. See the LICENSE file for details.

• Code of Conduct
• Contributing Guidelines
• License
• Security Policy
• Changelog
• HowTo Email PW

---

🆘 Support & Documentation

• FAQ & Issues: Check our GitHub issues or discussions for common problems.
• Contact: Raise an issue for bug reports or feature requests.
• Documentation: More detailed guides and API references are coming soon.

---

Built by Marsgame. Enjoy a secure and seamless cloud storage experience!