GalleryNeo
Your favorite good ol' Shopify Code Challenge now comes in Kotlin!
It implements the following features:
- User registration, login with passwords securely hashed with argon2id.
- comes with a session manager!
- Upload images, handled securely (I know how vulnerable it could have been when doing CTF competitions).
- Delete images, handled securely
- Image permissions (private vs. public images).
- Elegant, efficient and easy-to-maintain code .
- Comprehensive tests
- A quick and dirty frontend so you don't have to use command lines to test its functionality.
- All written in one day (and no I didn't pull an all nighter)!
What wasn't done because of time constraints (But I could have done it if needed):
- Cache with Redis.
- Admin permissions.
- Pagination
- Checking if the uploaded file has proper image header (so users don't abuse it as a cloud drive)
- Persisting uploaded file to remote locations (e.g. Amazon S3)
- A beautiful frontend.
Written with Kotlin, Springboot, MySQL, protobuf
Deployment/Development
You need to have an SQL database (tested with MySQL 8.0) installed and change the configuration
in application.properties. Alternatively, change your environment variables MYSQL_HOST, MYSQL_USERNAME
, MYSQL_PASSWORD, MYSQL_DB. The default values are localhost:3306/gallery and localhost:3306/gallery_test with
username and password as root
Then, you can run it with ./gradlew bootRun and it will start a server
at http://localhost:8080
You can also run the tests with ./gradlew test
If you somehow really wants to use it in production, it is recommended to put it behind nginx and use the compiled jar instead.
Frontend
To run the frontend, run cd frontend/ && npm install && npm run start (or yarn if you prefer so)
Make sure it's running on http://localhost:3000 or CORS won't be working.
Spoiler: the code for FE is hacky and dirty but, hey, it works.
License
This program is licensed under AGPLv3. That said, you are discouraged from using it for your own code challenge.