Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
By Sarah Gooding - Sep 20, 2024
sftp-server
Advanced tools
sftp-server
A Node.js-based SFTP server with an integrated REST API for querying users / files. Provides a customizable authentication strategy. Emits various events as file changes occur, allowing you to notify third-party services.
Useful when you need to provide clients with a standardized interface for submitting files, data feeds, etc... to you.
PR's are welcome.
Example
const fs = require('fs');
const Promise = require('bluebird');
const path = require('path');
const server = require('sftp-server')({
'sftp': {
'port': 3333,
'hostKeys': [
fs.readFileSync(__dirname + '/host_rsa').toString('utf8')
],
'dataDirectory': path.resolve(__dirname, '../data'),
'auth': function(username, password) {
return Promise.resolve()
.then(() => {
if (username !== 'foo' || password !== 'bar') {
throw new Error();
}
});
}
},
'api': {
'port': 8000,
'key': 'yYNR8xeUGtcim7XYaUTsdfmkNuKxLHjw77MbPMkZzKoNdsAzyMryVLJEzjVMHpHM'
},
'log': {
'console': {
'enabled': true
},
'file': {
'enabled': true,
'filename': '/var/log/sftp-server.log'
}
}
})
.then((server) => {
server.on('listening', (data) => {
// ...
});
server.on('login', (data) => {
// ...
});
server.on('upload_complete', (data) => {
// ...
});
server.on('ready', () => {
// ...
});
server.listen();
});
REST API
Health Check
$ curl -X GET http://127.0.0.1:8000/api/ping
Fetch Users
$ curl -X GET --header "x-token: yYNR8xeUGtcim7XYaUTsdfmkNuKxLHjw77MbPMkZzKoNdsAzyMryVLJEzjVMHpHM" http://127.0.0.1:8000/api/users
Docker
$ docker build -t sftp-server:latest .
$ docker run --rm -v $(pwd)/example/server.js:/opt/sftp-server/example/server.js sftp-server:latest
To-Do
- Additional tests
- Additional logging
- Additional work on REST API
- Improved support for various SFTP commands (FSTAT, etc...)
- Support for user-specific permissions (can the user upload files / create directories / etc...?)
- Docker image
- Fix sub-directory upload bug (when uploading a file to a sub-directory the client has created, the file is always uploaded to the root folder)
Development
Launching the Example Server
Install dependencies then launch the included example instance (./example/server.js) via Nodemon:
$ npm i
$ npm run dev
Tests
$ npm run test
Related Resources
Tests
$ npm run test
FAQs
---
The npm package sftp-server receives a total of 1 weekly downloads. As such, sftp-server popularity was classified as not popular.
We found that sftp-server demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 11 Sep 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Understanding License Exceptions: What Developers Need to Know
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
By Sarah Gooding - Sep 20, 2024
Security News
Developer Accuses Tencent of Copyright Violation After Python Utility’s License Changed from GPLv3 to BSD
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.
By Sarah Gooding - Sep 18, 2024