daemonclient 1.0.0__tar.gz

daemonclient-1.0.0/.gitignore

@@ -0,0 +1,71 @@
+# =========================================
+# SENSITIVE & SECRET FILES
+# =========================================
+# Ignore environment variables files
+.env
+.env.*
+!.env.example
+
+# Ignore Google Cloud service account keys
+serviceAccountsKey.json
+
+
+# Ignore Telethon session files, which contain login credentials
+*.session
+*.session-journal
+
+
+# =========================================
+# PYTHON
+# =========================================
+# Ignore virtual environments
+venv/
+.venv/
+env/
+ENV/
+
+# Ignore Python cache files and compiled files
+__pycache__/
+*.pyc
+*.pyo
+*.pyd
+
+# Ignore package distribution folders
+build/
+dist/
+*.egg-info/
+
+
+# =========================================
+# NODE.JS / FIREBASE FUNCTIONS
+# =========================================
+# Ignore dependency folders
+node_modules/
+
+# Ignore log files
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+
+# Ignore build output
+lib/
+lib-es6/
+
+
+# =========================================
+# OPERATING SYSTEM & EDITOR FILES
+# =========================================
+# macOS
+.DS_Store
+
+# Windows
+Thumbs.db
+
+# VSCode
+.vscode/
+
+# Ignore the environment file for Cloud Functions
+functions/.env
+
+daemonclient-desktop/node_modules

daemonclient-1.0.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 myrosama
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

daemonclient-1.0.0/PKG-INFO

@@ -0,0 +1,80 @@
+Metadata-Version: 2.4
+Name: daemonclient
+Version: 1.0.0
+Summary: CLI for DaemonClient — unlimited encrypted cloud storage powered by Telegram
+Project-URL: Homepage, https://daemonclient.uz
+Project-URL: Repository, https://github.com/myrosama/DaemonClient
+Author: myrosama
+License-Expression: MIT
+License-File: LICENSE
+Keywords: cli,cloud,encryption,storage,telegram
+Classifier: Development Status :: 4 - Beta
+Classifier: Environment :: Console
+Classifier: Intended Audience :: End Users/Desktop
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Topic :: Security :: Cryptography
+Classifier: Topic :: System :: Archiving :: Backup
+Requires-Python: >=3.9
+Requires-Dist: cryptography>=41.0.0
+Requires-Dist: requests>=2.28.0
+Requires-Dist: rich>=13.0.0
+Requires-Dist: typer[all]>=0.9.0
+Provides-Extra: dev
+Requires-Dist: build; extra == 'dev'
+Requires-Dist: pytest; extra == 'dev'
+Requires-Dist: twine; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# DaemonClient CLI
+
+**Unlimited, encrypted cloud storage — from your terminal.**
+
+DaemonClient uses Telegram as a free, unlimited storage backend and encrypts everything client-side with AES-256-GCM (Zero-Knowledge Encryption).
+
+## Install
+
+```bash
+pip install daemonclient
+```
+
+## Quick Start
+
+```bash
+# 1. Login with your DaemonClient account
+daemon login
+
+# 2. See your files
+daemon list
+
+# 3. Upload a file (auto-encrypted if ZKE is enabled)
+daemon upload myfile.zip
+
+# 4. Download a file
+daemon download <file-id>
+
+# 5. Delete a file
+daemon delete <file-id>
+```
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `daemon login` | Sign in with email & password |
+| `daemon logout` | Clear saved session |
+| `daemon whoami` | Show current user |
+| `daemon list` | List all files (add `--json` for scripts) |
+| `daemon upload <path>` | Upload a file |
+| `daemon download <id>` | Download a file |
+| `daemon delete <id>` | Delete a file |
+| `daemon config set-url <url>` | Set backend API URL |
+
+## Encryption
+
+Files are encrypted with **AES-256-GCM** using a key derived via **PBKDF2** (100,000 iterations). Your password never leaves your device — the server only stores encrypted blobs.
+
+## Links
+
+- **Web App:** [daemonclient.uz](https://daemonclient.uz)
+- **GitHub:** [github.com/myrosama/DaemonClient](https://github.com/myrosama/DaemonClient)

daemonclient-1.0.0/README.md

@@ -0,0 +1,52 @@
+# DaemonClient CLI
+
+**Unlimited, encrypted cloud storage — from your terminal.**
+
+DaemonClient uses Telegram as a free, unlimited storage backend and encrypts everything client-side with AES-256-GCM (Zero-Knowledge Encryption).
+
+## Install
+
+```bash
+pip install daemonclient
+```
+
+## Quick Start
+
+```bash
+# 1. Login with your DaemonClient account
+daemon login
+
+# 2. See your files
+daemon list
+
+# 3. Upload a file (auto-encrypted if ZKE is enabled)
+daemon upload myfile.zip
+
+# 4. Download a file
+daemon download <file-id>
+
+# 5. Delete a file
+daemon delete <file-id>
+```
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `daemon login` | Sign in with email & password |
+| `daemon logout` | Clear saved session |
+| `daemon whoami` | Show current user |
+| `daemon list` | List all files (add `--json` for scripts) |
+| `daemon upload <path>` | Upload a file |
+| `daemon download <id>` | Download a file |
+| `daemon delete <id>` | Delete a file |
+| `daemon config set-url <url>` | Set backend API URL |
+
+## Encryption
+
+Files are encrypted with **AES-256-GCM** using a key derived via **PBKDF2** (100,000 iterations). Your password never leaves your device — the server only stores encrypted blobs.
+
+## Links
+
+- **Web App:** [daemonclient.uz](https://daemonclient.uz)
+- **GitHub:** [github.com/myrosama/DaemonClient](https://github.com/myrosama/DaemonClient)

daemonclient-1.0.0/daemon.py

@@ -0,0 +1,363 @@
+# daemon-cli/daemon.py
+
+import typer
+import requests
+import json
+import os
+from rich.console import Console
+from rich.table import Table
+import math
+from concurrent.futures import ThreadPoolExecutor, as_completed
+
+# Remove the 'import pyrebase' line!
+
+app = typer.Typer()
+console = Console()
+
+# --- CONFIGURATION ---
+# We only need the API Key for the REST API
+API_KEY = "AIzaSyBH5diC5M7MnOIuOWaNPmOB1AV6uJVZyS8"  # From your firebaseConfig
+AUTH_URL = f"https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key={API_KEY}"
+
+# Your Flask Server URL
+API_URL = "http://127.0.0.1:8080/api"
+TOKEN_FILE = os.path.expanduser("~/.daemonclient_token")
+
+def get_auth_token():
+    """Reads the saved token from the local file."""
+    if not os.path.exists(TOKEN_FILE):
+        console.print("[red]Not logged in. Run 'daemon login' first.[/red]")
+        raise typer.Exit(code=1)
+    with open(TOKEN_FILE, "r") as f:
+        data = json.load(f)
+        return data['idToken']
+
+@app.command()
+def login(email: str = typer.Option(..., prompt=True), password: str = typer.Option(..., prompt=True, hide_input=True)):
+    """Interactive login to save your session (Zero-Dependency Version)."""
+    
+    payload = {
+        "email": email,
+        "password": password,
+        "returnSecureToken": True
+    }
+    
+    try:
+        response = requests.post(AUTH_URL, json=payload)
+        data = response.json()
+        
+        if "error" in data:
+            console.print(f"[red]Login failed:[/red] {data['error']['message']}")
+            raise typer.Exit(code=1)
+            
+        # Save the token locally
+        with open(TOKEN_FILE, "w") as f:
+            json.dump(data, f)
+            
+        console.print(f"[green]Success! Logged in as {email}.[/green]")
+        
+    except Exception as e:
+        console.print(f"[red]System Error:[/red] {e}")
+
+
+@app.command()
+def list(json_output: bool = typer.Option(False, "--json", help="Output raw JSON for scripting")):
+    """List all files in your cloud."""
+    token = get_auth_token()
+    headers = {"Authorization": f"Bearer {token}"}
+    
+    try:
+        response = requests.get(f"{API_URL}/list", headers=headers)
+        if response.status_code != 200:
+            console.print(f"[red]Error:[/red] {response.text}")
+            raise typer.Exit(code=1)
+            
+        files = response.json().get('files', [])
+        
+        if json_output:
+            # Scripting Mode: Print pure JSON
+            print(json.dumps(files))
+        else:
+            # Human Mode: Print a pretty table
+            table = Table(title="DaemonClient Files")
+            table.add_column("ID", style="cyan", no_wrap=True)
+            table.add_column("Name", style="magenta")
+            table.add_column("Size", style="green")
+            
+            for f in files:
+                size_mb = f"{int(f.get('fileSize', 0)) / 1024 / 1024:.2f} MB"
+                table.add_row(f['id'], f.get('fileName', 'Unknown'), size_mb)
+            
+            console.print(table)
+
+    except Exception as e:
+        console.print(f"[red]Connection Error:[/red] {e}")
+
+# ... (Previous code remains the same) ...
+
+# --- CONSTANTS ---
+CHUNK_SIZE = 19 * 1024 * 1024  # 19MB (Matches web app)
+MAX_RETRIES = 5
+
+@app.command()
+def upload(file_path: str):
+    """Upload a local file to the cloud (Zero-Cost Direct Transfer)."""
+    if not os.path.exists(file_path):
+        console.print(f"[red]File not found:[/red] {file_path}")
+        raise typer.Exit(code=1)
+
+    # 1. Get Config (Bot Token & Channel ID)
+    token = get_auth_token()
+    headers = {"Authorization": f"Bearer {token}"}
+    
+    try:
+        # Fetch credentials from your API, NOT the file content
+        config_res = requests.get(f"{API_URL}/config", headers=headers)
+        if config_res.status_code != 200:
+            console.print(f"[red]Failed to get upload config:[/red] {config_res.text}")
+            raise typer.Exit(code=1)
+            
+        config = config_res.json()
+        bot_token = config['bot_token']
+        channel_id = config['channel_id']
+        
+    except Exception as e:
+        console.print(f"[red]Connection Error:[/red] {e}")
+        raise typer.Exit(code=1)
+
+    # 2. Prepare File
+    file_name = os.path.basename(file_path)
+    file_size = os.path.getsize(file_path)
+    total_parts = math.ceil(file_size / CHUNK_SIZE)
+    
+    console.print(f"🚀 Uploading [bold cyan]{file_name}[/bold cyan] ({file_size/1024/1024:.2f} MB)")
+    console.print(f"📦 Chunks: {total_parts} | Target Channel: {channel_id}")
+
+    # 3. Upload Chunks Directly to Telegram
+    uploaded_messages = []
+    
+    # We define a helper function for uploading a single chunk
+    def upload_chunk(part_index):
+        start = part_index * CHUNK_SIZE
+        
+        # Retry logic
+        for attempt in range(MAX_RETRIES):
+            try:
+                with open(file_path, "rb") as f:
+                    f.seek(start)
+                    chunk_data = f.read(CHUNK_SIZE)
+                
+                files = {
+                    'document': (f"{file_name}.part{part_index+1:03d}", chunk_data)
+                }
+                data = {'chat_id': channel_id}
+                
+                # DIRECT TO TELEGRAM (Bypasses your backend!)
+                res = requests.post(
+                    f"https://api.telegram.org/bot{bot_token}/sendDocument",
+                    data=data,
+                    files=files,
+                    timeout=300
+                )
+                
+                if res.status_code == 429:
+                    # Rate limit handling
+                    retry_after = res.json()['parameters']['retry_after']
+                    time.sleep(retry_after + 1)
+                    continue
+                    
+                if res.status_code != 200:
+                    raise Exception(f"Telegram Error: {res.text}")
+                    
+                result = res.json()
+                return {
+                    "index": part_index,
+                    "message_id": result['result']['message_id'],
+                    "file_id": result['result']['document']['file_id']
+                }
+
+            except Exception as e:
+                if attempt == MAX_RETRIES - 1:
+                    raise e
+                time.sleep(2)
+
+    # Execute uploads (Sequential for now to be safe, can be threaded later)
+    # Using a simple loop to ensure order and handle errors gracefully
+    with typer.progressbar(length=total_parts, label="Uploading") as progress:
+        for i in range(total_parts):
+            try:
+                msg_data = upload_chunk(i)
+                uploaded_messages.append(msg_data)
+                progress.update(1)
+            except Exception as e:
+                console.print(f"\n[red]Failed to upload part {i+1}:[/red] {e}")
+                raise typer.Exit(code=1)
+
+    # 4. Register File in Firestore
+    # Now we tell your backend: "Hey, I'm done. Here is the metadata."
+    register_payload = {
+        "fileName": file_name,
+        "fileSize": file_size,
+        "fileType": "application/octet-stream", # Simplified for CLI
+        "parentId": "root", # Default to root for now
+        "type": "file",
+        "messages": [ 
+            {"message_id": m["message_id"], "file_id": m["file_id"]} 
+            for m in sorted(uploaded_messages, key=lambda x: x['index']) 
+        ]
+    }
+    
+    try:
+        # We need a new endpoint for this! Let's call it /api/register
+        # For now, we can't finish this step until we update the backend.
+        # console.print(f"[yellow]Upload complete! (Metadata registration pending)[/yellow]")
+        
+        # Let's assume we added this endpoint
+        reg_res = requests.post(f"{API_URL}/register", headers=headers, json=register_payload)
+        if reg_res.status_code == 200:
+            console.print(f"[green]✨ Upload Successful! File registered.[/green]")
+        else:
+             console.print(f"[red]Upload worked, but registration failed:[/red] {reg_res.text}")
+
+    except Exception as e:
+        console.print(f"[red]Registration Error:[/red] {e}")
+
+@app.command()
+def download(file_id: str, output_path: str = typer.Option(None, help="Custom output path")):
+    """Download a file from the cloud (Direct from Telegram)."""
+    
+    # 1. Get Auth & Config
+    token = get_auth_token()
+    headers = {"Authorization": f"Bearer {token}"}
+    
+    # We need the Bot Token to download
+    try:
+        config_res = requests.get(f"{API_URL}/config", headers=headers)
+        bot_token = config_res.json()['bot_token']
+    except Exception:
+        console.print("[red]Failed to get bot configuration.[/red]")
+        raise typer.Exit(1)
+
+    # 2. Get File Metadata (We need the message IDs to find the file paths)
+    # We can reuse the /api/list endpoint, or it's better to make a specific /api/file/<id> endpoint.
+    # For now, let's filtering the list (Simple but inefficient for huge lists)
+    # A better way is to fetch the specific file doc.
+    
+    # Let's iterate the list for now as it's easiest without changing backend
+    console.print(f"[dim]Fetching metadata for {file_id}...[/dim]")
+    list_res = requests.get(f"{API_URL}/list", headers=headers)
+    files = list_res.json()['files']
+    
+    target_file = next((f for f in files if f['id'] == file_id), None)
+    
+    if not target_file:
+        console.print(f"[red]File ID {file_id} not found.[/red]")
+        raise typer.Exit(1)
+
+    file_name = target_file['fileName']
+    final_path = output_path or file_name
+    
+    # 3. Download Logic
+    console.print(f"⬇️  Downloading [cyan]{file_name}[/cyan]...")
+    
+    # Sort messages by index to ensure order
+    # (The web app stores them in order, but good to be safe)
+    # Note: The CLI upload stored them as a list of dicts. 
+    # We assume they are in order or have an index. 
+    # If your `messages` array doesn't have 'index', we trust the list order.
+    
+    with open(final_path, "wb") as f_out:
+        with typer.progressbar(target_file['messages'], label="Downloading") as progress:
+            for msg in target_file['messages']:
+                # Get the path for this chunk
+                # We call Telegram's getFile method
+                file_info_res = requests.get(f"https://api.telegram.org/bot{bot_token}/getFile?file_id={msg['file_id']}")
+                if file_info_res.status_code != 200:
+                     console.print(f"[red]Telegram Error:[/red] {file_info_res.text}")
+                     continue
+                
+                file_path_tg = file_info_res.json()['result']['file_path']
+                download_url = f"https://api.telegram.org/file/bot{bot_token}/{file_path_tg}"
+                
+                # Stream the download
+                chunk_res = requests.get(download_url, stream=True)
+                for chunk in chunk_res.iter_content(chunk_size=8192):
+                    f_out.write(chunk)
+                
+                progress.update(1)
+
+    console.print(f"[green]✅ Download complete: {final_path}[/green]")
+
+@app.command()
+def delete(file_id: str, yes: bool = typer.Option(False, "--yes", "-y", help="Skip confirmation (for scripts)")):
+    """Delete a file (Removes from Telegram & Registry)."""
+    
+    # 1. Setup Auth
+    token = get_auth_token()
+    headers = {"Authorization": f"Bearer {token}"}
+    
+    # 2. Get Config (We need Bot Token & Channel ID to delete messages)
+    try:
+        config_res = requests.get(f"{API_URL}/config", headers=headers)
+        if config_res.status_code != 200:
+            console.print("[red]Failed to get config.[/red]")
+            raise typer.Exit(1)
+        config = config_res.json()
+        bot_token = config['bot_token']
+        channel_id = config['channel_id']
+    except Exception as e:
+        console.print(f"[red]Connection Error:[/red] {e}")
+        raise typer.Exit(1)
+
+    # 3. Get Metadata (We need the list of message_ids to delete)
+    # Since we don't have a specific GET /file/<id> endpoint yet, we search the list.
+    try:
+        files_res = requests.get(f"{API_URL}/list", headers=headers)
+        files = files_res.json().get('files', [])
+        target_file = next((f for f in files if f['id'] == file_id), None)
+        
+        if not target_file:
+            console.print(f"[red]File ID {file_id} not found.[/red]")
+            raise typer.Exit(1)
+            
+    except Exception as e:
+        console.print(f"[red]Error fetching metadata:[/red] {e}")
+        raise typer.Exit(1)
+
+    # 4. Confirmation (Skipped if --yes is passed)
+    if not yes:
+        confirm = typer.confirm(f"Are you sure you want to delete '{target_file.get('fileName')}'?")
+        if not confirm:
+            console.print("[yellow]Operation cancelled.[/yellow]")
+            raise typer.Abort()
+
+    # 5. Delete Chunks from Telegram (Client-Side)
+    messages = target_file.get('messages', [])
+    console.print(f"[yellow]Deleting {len(messages)} chunks from Telegram...[/yellow]")
+    
+    with typer.progressbar(messages, label="Cleaning Up") as progress:
+        for msg in messages:
+            try:
+                # Direct call to Telegram API
+                del_res = requests.post(f"https://api.telegram.org/bot{bot_token}/deleteMessage", json={
+                    "chat_id": channel_id,
+                    "message_id": msg['message_id']
+                })
+                # We don't stop on error, we try to delete as much as possible
+                progress.update(1)
+            except Exception as e:
+                console.print(f"[dim]Failed to delete chunk {msg['message_id']}: {e}[/dim]")
+
+    # 6. Delete from Firestore Registry (Server-Side)
+    try:
+        res = requests.post(f"{API_URL}/delete", headers=headers, json={"file_id": file_id})
+        if res.status_code == 200:
+            console.print(f"[green]🗑️  File '{target_file.get('fileName')}' deleted successfully.[/green]")
+        else:
+            console.print(f"[red]Registry delete failed:[/red] {res.text}")
+            
+    except Exception as e:
+        console.print(f"[red]API Error:[/red] {e}")
+
+if __name__ == "__main__":
+    app()

daemonclient-1.0.0/pyproject.toml

@@ -0,0 +1,44 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "daemonclient"
+version = "1.0.0"
+description = "CLI for DaemonClient — unlimited encrypted cloud storage powered by Telegram"
+readme = "README.md"
+license = "MIT"
+requires-python = ">=3.9"
+authors = [
+    { name = "myrosama" },
+]
+keywords = ["cloud", "storage", "telegram", "encryption", "cli"]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Environment :: Console",
+    "Intended Audience :: End Users/Desktop",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Topic :: System :: Archiving :: Backup",
+    "Topic :: Security :: Cryptography",
+]
+dependencies = [
+    "typer[all]>=0.9.0",
+    "requests>=2.28.0",
+    "rich>=13.0.0",
+    "cryptography>=41.0.0",
+]
+
+[project.optional-dependencies]
+dev = [
+    "build",
+    "twine",
+    "pytest",
+]
+
+[project.scripts]
+daemon = "daemonclient.cli:app"
+
+[project.urls]
+Homepage = "https://daemonclient.uz"
+Repository = "https://github.com/myrosama/DaemonClient"

daemonclient-1.0.0/requirements.txt

@@ -0,0 +1,6 @@
+typer
+requests
+rich
+python-dotenv
+firebase-admin
+pyrebase4

daemonclient-1.0.0/src/daemonclient/__init__.py

@@ -0,0 +1,3 @@
+"""DaemonClient CLI — Unlimited encrypted cloud storage from your terminal."""
+
+__version__ = "1.0.0"

daemonclient-1.0.0/src/daemonclient/auth.py

@@ -0,0 +1,79 @@
+# daemonclient/auth.py
+"""Authentication module — login, logout, token management."""
+
+import json
+import os
+
+import requests
+import typer
+from rich.console import Console
+
+from .config import AUTH_URL, TOKEN_FILE
+
+console = Console()
+
+
+def login(email: str, password: str) -> None:
+    """Authenticate with Firebase REST API and save the token locally."""
+    payload = {
+        "email": email,
+        "password": password,
+        "returnSecureToken": True,
+    }
+
+    try:
+        response = requests.post(AUTH_URL, json=payload, timeout=15)
+        data = response.json()
+
+        if "error" in data:
+            console.print(f"[red]Login failed:[/red] {data['error']['message']}")
+            raise typer.Exit(code=1)
+
+        # Save the full token response
+        with open(TOKEN_FILE, "w") as f:
+            json.dump(data, f)
+
+        console.print(f"[green]✅ Logged in as {email}[/green]")
+
+    except requests.ConnectionError:
+        console.print("[red]Connection error — is the internet available?[/red]")
+        raise typer.Exit(code=1)
+
+
+def logout() -> None:
+    """Remove saved session."""
+    if os.path.exists(TOKEN_FILE):
+        os.remove(TOKEN_FILE)
+        console.print("[green]Logged out.[/green]")
+    else:
+        console.print("[yellow]Not logged in.[/yellow]")
+
+
+def whoami() -> None:
+    """Print the current user's email."""
+    token_data = _load_token_data()
+    if token_data:
+        console.print(f"[cyan]{token_data.get('email', 'Unknown')}[/cyan]")
+    else:
+        console.print("[yellow]Not logged in.[/yellow]")
+
+
+def get_auth_token() -> str:
+    """Read the saved ID token, or exit if not logged in."""
+    token_data = _load_token_data()
+    if not token_data:
+        console.print("[red]Not logged in. Run 'daemon login' first.[/red]")
+        raise typer.Exit(code=1)
+    return token_data["idToken"]
+
+
+def get_auth_headers() -> dict:
+    """Convenience: returns {'Authorization': 'Bearer <token>'}."""
+    return {"Authorization": f"Bearer {get_auth_token()}"}
+
+
+def _load_token_data() -> dict | None:
+    if not os.path.exists(TOKEN_FILE):
+        return None
+    with open(TOKEN_FILE, "r") as f:
+        return json.load(f)

daemonclient-1.0.0/src/daemonclient/cli.py

@@ -0,0 +1,139 @@
+# daemonclient/cli.py
+"""Typer CLI application — the `daemon` command."""
+
+import json
+
+import typer
+from rich.console import Console
+from rich.table import Table
+
+from . import __version__
+from .auth import login as _login, logout as _logout, whoami as _whoami, get_auth_headers
+from .config import get_api_url, set_api_url
+from .transfer import upload_file, download_file, delete_file
+
+app = typer.Typer(
+    name="daemon",
+    help="DaemonClient CLI — unlimited encrypted cloud storage from your terminal.",
+    add_completion=False,
+)
+console = Console()
+
+# ── Config sub-command group ─────────────────────────────────────────
+config_app = typer.Typer(help="Manage CLI configuration.")
+app.add_typer(config_app, name="config")
+
+
+@config_app.command("set-url")
+def config_set_url(url: str = typer.Argument(..., help="Backend API URL")):
+    """Set the backend API URL (e.g. https://yourserver.com/api)."""
+    set_api_url(url)
+    console.print(f"[green]API URL set to:[/green] {url}")
+
+
+@config_app.command("show")
+def config_show():
+    """Show current configuration."""
+    console.print(f"[cyan]API URL:[/cyan] {get_api_url()}")
+
+
+# ── Auth commands ────────────────────────────────────────────────────
+
+@app.command()
+def login(
+    email: str = typer.Option(..., prompt=True),
+    password: str = typer.Option(..., prompt=True, hide_input=True),
+):
+    """Sign in with your DaemonClient email and password."""
+    _login(email, password)
+
+
+@app.command()
+def logout():
+    """Clear your saved session."""
+    _logout()
+
+
+@app.command()
+def whoami():
+    """Show the currently logged-in user."""
+    _whoami()
+
+
+# ── File commands ────────────────────────────────────────────────────
+
+@app.command("list")
+def list_files(
+    json_out: bool = typer.Option(False, "--json", help="Output raw JSON for scripting"),
+):
+    """List all files in your cloud."""
+    import requests
+
+    try:
+        res = requests.get(f"{get_api_url()}/list", headers=get_auth_headers(), timeout=15)
+        if res.status_code != 200:
+            console.print(f"[red]Error:[/red] {res.text}")
+            raise typer.Exit(1)
+
+        files = res.json().get("files", [])
+
+        if json_out:
+            print(json.dumps(files, indent=2))
+        else:
+            table = Table(title="☁️  DaemonClient Files")
+            table.add_column("ID", style="cyan", no_wrap=True)
+            table.add_column("Name", style="magenta")
+            table.add_column("Type", style="dim")
+            table.add_column("Size", style="green", justify="right")
+
+            for f in files:
+                ftype = f.get("type", "file")
+                if ftype == "folder":
+                    size_str = "—"
+                else:
+                    size_str = f"{int(f.get('fileSize', 0)) / 1024 / 1024:.2f} MB"
+                table.add_row(f["id"], f.get("fileName", "?"), ftype, size_str)
+
+            console.print(table)
+
+    except Exception as e:
+        console.print(f"[red]Connection error:[/red] {e}")
+        raise typer.Exit(1)
+
+
+@app.command()
+def upload(
+    file_path: str = typer.Argument(..., help="Path to the file to upload"),
+    folder: str = typer.Option("root", "--folder", "-f", help="Target folder ID"),
+    no_encrypt: bool = typer.Option(False, "--no-encrypt", help="Skip ZKE encryption"),
+):
+    """Upload a local file to the cloud."""
+    upload_file(file_path, folder_id=folder, no_encrypt=no_encrypt)
+
+
+@app.command()
+def download(
+    file_id: str = typer.Argument(..., help="File ID to download"),
+    output: str = typer.Option(None, "--output", "-o", help="Custom output path"),
+):
+    """Download a file from the cloud."""
+    download_file(file_id, output_path=output)
+
+
+@app.command()
+def delete(
+    file_id: str = typer.Argument(..., help="File ID to delete"),
+    yes: bool = typer.Option(False, "--yes", "-y", help="Skip confirmation"),
+):
+    """Delete a file from the cloud."""
+    delete_file(file_id, skip_confirm=yes)
+
+
+@app.command()
+def version():
+    """Show the CLI version."""
+    console.print(f"[bold cyan]daemonclient[/bold cyan] v{__version__}")
+
+
+if __name__ == "__main__":
+    app()

daemonclient-1.0.0/src/daemonclient/config.py

@@ -0,0 +1,43 @@
+# daemonclient/config.py
+"""Configuration management for DaemonClient CLI."""
+
+import json
+import os
+
+# --- Paths ---
+TOKEN_FILE = os.path.expanduser("~/.daemonclient_token")
+CONFIG_FILE = os.path.expanduser("~/.daemonclient.json")
+
+# --- Defaults ---
+DEFAULT_API_URL = "http://127.0.0.1:8080/api"
+FIREBASE_API_KEY = "AIzaSyBH5diC5M7MnOIuOWaNPmOB1AV6uJVZyS8"
+AUTH_URL = f"https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key={FIREBASE_API_KEY}"
+
+# --- Upload Constants ---
+CHUNK_SIZE = 19 * 1024 * 1024  # 19 MB (matches web app)
+MAX_RETRIES = 5
+
+
+def get_api_url() -> str:
+    """Returns the configured API URL, falling back to default."""
+    cfg = _load_config()
+    return cfg.get("api_url", DEFAULT_API_URL)
+
+
+def set_api_url(url: str) -> None:
+    """Persists a custom API URL."""
+    cfg = _load_config()
+    cfg["api_url"] = url.rstrip("/")
+    _save_config(cfg)
+
+
+def _load_config() -> dict:
+    if os.path.exists(CONFIG_FILE):
+        with open(CONFIG_FILE, "r") as f:
+            return json.load(f)
+    return {}
+
+
+def _save_config(cfg: dict) -> None:
+    with open(CONFIG_FILE, "w") as f:
+        json.dump(cfg, f, indent=2)

daemonclient-1.0.0/src/daemonclient/crypto.py

@@ -0,0 +1,69 @@
+# daemonclient/crypto.py
+"""
+ZKE (Zero-Knowledge Encryption) module.
+
+Byte-compatible with the web app's crypto.js:
+  - AES-256-GCM
+  - PBKDF2 key derivation (SHA-256, 100 000 iterations)
+  - Chunk format: [IV 12 bytes][ciphertext + GCM tag]
+"""
+
+import base64
+import os
+
+from cryptography.hazmat.primitives.ciphers.aead import AESGCM
+from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
+from cryptography.hazmat.primitives import hashes
+
+# Must match crypto.js constants exactly
+SALT_LENGTH = 16       # 128 bits
+IV_LENGTH = 12         # 96 bits (recommended for GCM)
+KEY_LENGTH_BYTES = 32  # 256 bits
+PBKDF2_ITERATIONS = 100_000
+
+
+def derive_key(password: str, salt: bytes) -> bytes:
+    """Derive a 256-bit AES key from a password and salt (PBKDF2-SHA256).
+
+    Produces the same raw key bytes as the JS ``deriveKey()`` function.
+    """
+    kdf = PBKDF2HMAC(
+        algorithm=hashes.SHA256(),
+        length=KEY_LENGTH_BYTES,
+        salt=salt,
+        iterations=PBKDF2_ITERATIONS,
+    )
+    return kdf.derive(password.encode("utf-8"))
+
+
+def encrypt_chunk(plaintext: bytes, key: bytes) -> bytes:
+    """Encrypt a chunk with AES-256-GCM.
+
+    Returns ``iv || ciphertext_with_tag`` — identical layout to the JS
+    ``encryptChunk()`` function.
+    """
+    iv = os.urandom(IV_LENGTH)
+    aesgcm = AESGCM(key)
+    ct = aesgcm.encrypt(iv, plaintext, None)  # ct includes GCM tag
+    return iv + ct
+
+
+def decrypt_chunk(data: bytes, key: bytes) -> bytes:
+    """Decrypt a chunk produced by ``encrypt_chunk`` (or the JS equivalent).
+
+    Expects ``iv || ciphertext_with_tag``.
+    """
+    iv = data[:IV_LENGTH]
+    ct = data[IV_LENGTH:]
+    aesgcm = AESGCM(key)
+    return aesgcm.decrypt(iv, ct, None)
+
+
+# --- base64 helpers (match JS bytesToBase64 / base64ToBytes) ---
+
+def bytes_to_base64(b: bytes) -> str:
+    return base64.b64encode(b).decode("ascii")
+
+
+def base64_to_bytes(s: str) -> bytes:
+    return base64.b64decode(s)

daemonclient-1.0.0/src/daemonclient/transfer.py

@@ -0,0 +1,312 @@
+# daemonclient/transfer.py
+"""Upload and download logic — chunking, encryption, Telegram transport."""
+
+import math
+import os
+import time
+
+import requests
+import typer
+from rich.console import Console
+from rich.progress import Progress, SpinnerColumn, BarColumn, TextColumn, TimeRemainingColumn
+
+from .auth import get_auth_headers
+from .config import CHUNK_SIZE, MAX_RETRIES, get_api_url
+from .crypto import encrypt_chunk, decrypt_chunk
+
+console = Console()
+
+
+# ── helpers ──────────────────────────────────────────────────────────
+
+def _get_tg_config() -> dict:
+    """Fetch bot_token + channel_id from the backend."""
+    res = requests.get(f"{get_api_url()}/config", headers=get_auth_headers(), timeout=15)
+    if res.status_code != 200:
+        console.print(f"[red]Failed to get config:[/red] {res.text}")
+        raise typer.Exit(1)
+    return res.json()
+
+
+def _get_zke_config() -> dict | None:
+    """Fetch ZKE config (password, salt, enabled) from the backend.
+    
+    Returns None if ZKE is disabled or the endpoint doesn't exist yet.
+    """
+    try:
+        res = requests.get(f"{get_api_url()}/zke-config", headers=get_auth_headers(), timeout=15)
+        if res.status_code == 200:
+            return res.json()
+    except Exception:
+        pass
+    return None
+
+
+def _derive_key_from_config(zke_cfg: dict):
+    """Derive AES key from the ZKE config fetched from the server."""
+    from .crypto import derive_key, base64_to_bytes
+    salt = base64_to_bytes(zke_cfg["salt"])
+    return derive_key(zke_cfg["password"], salt)
+
+
+def _send_chunk_to_telegram(
+    chunk_data: bytes,
+    part_name: str,
+    bot_token: str,
+    channel_id: str,
+) -> dict:
+    """Upload a single chunk to Telegram with retry logic.
+    
+    Returns {"message_id": ..., "file_id": ...}.
+    """
+    for attempt in range(MAX_RETRIES):
+        try:
+            files = {"document": (part_name, chunk_data)}
+            data = {"chat_id": channel_id}
+
+            res = requests.post(
+                f"https://api.telegram.org/bot{bot_token}/sendDocument",
+                data=data,
+                files=files,
+                timeout=300,
+            )
+
+            if res.status_code == 429:
+                retry_after = res.json().get("parameters", {}).get("retry_after", 5)
+                time.sleep(retry_after + 1)
+                continue
+
+            if res.status_code != 200:
+                raise Exception(f"Telegram Error {res.status_code}: {res.text}")
+
+            result = res.json()["result"]
+            return {
+                "message_id": result["message_id"],
+                "file_id": result["document"]["file_id"],
+            }
+
+        except Exception as e:
+            if attempt == MAX_RETRIES - 1:
+                raise
+            time.sleep(2 ** attempt)  # exponential backoff
+
+    raise Exception("Max retries exhausted")
+
+
+# ── public API ───────────────────────────────────────────────────────
+
+def upload_file(
+    file_path: str,
+    folder_id: str = "root",
+    no_encrypt: bool = False,
+) -> None:
+    """Upload a local file to DaemonClient storage."""
+    if not os.path.exists(file_path):
+        console.print(f"[red]File not found:[/red] {file_path}")
+        raise typer.Exit(1)
+
+    file_name = os.path.basename(file_path)
+    file_size = os.path.getsize(file_path)
+    total_parts = math.ceil(file_size / CHUNK_SIZE)
+
+    # Fetch Telegram credentials
+    tg = _get_tg_config()
+    bot_token = tg["bot_token"]
+    channel_id = tg["channel_id"]
+
+    # Fetch ZKE key (if enabled)
+    zke_key = None
+    if not no_encrypt:
+        zke_cfg = _get_zke_config()
+        if zke_cfg and zke_cfg.get("enabled"):
+            zke_key = _derive_key_from_config(zke_cfg)
+            console.print("[dim]🔐 ZKE encryption enabled[/dim]")
+
+    console.print(
+        f"🚀 Uploading [bold cyan]{file_name}[/bold cyan] "
+        f"({file_size / 1024 / 1024:.2f} MB, {total_parts} chunk{'s' if total_parts != 1 else ''})"
+    )
+
+    uploaded_messages = []
+
+    with Progress(
+        SpinnerColumn(),
+        TextColumn("[progress.description]{task.description}"),
+        BarColumn(),
+        TextColumn("[progress.percentage]{task.percentage:>3.0f}%"),
+        TimeRemainingColumn(),
+        console=console,
+    ) as progress:
+        task = progress.add_task("Uploading", total=total_parts)
+
+        for i in range(total_parts):
+            start = i * CHUNK_SIZE
+            with open(file_path, "rb") as f:
+                f.seek(start)
+                chunk = f.read(CHUNK_SIZE)
+
+            # Encrypt if ZKE is active
+            if zke_key:
+                chunk = encrypt_chunk(chunk, zke_key)
+
+            part_name = f"{file_name}.part{i + 1:03d}"
+            msg = _send_chunk_to_telegram(chunk, part_name, bot_token, channel_id)
+            uploaded_messages.append({"index": i, **msg})
+            progress.update(task, advance=1)
+
+    # Register in Firestore
+    register_payload = {
+        "fileName": file_name,
+        "fileSize": file_size,
+        "fileType": "application/octet-stream",
+        "parentId": folder_id,
+        "type": "file",
+        "messages": [
+            {"message_id": m["message_id"], "file_id": m["file_id"]}
+            for m in sorted(uploaded_messages, key=lambda x: x["index"])
+        ],
+    }
+
+    try:
+        res = requests.post(
+            f"{get_api_url()}/register",
+            headers=get_auth_headers(),
+            json=register_payload,
+            timeout=15,
+        )
+        if res.status_code == 200:
+            console.print(f"[green]✨ Upload complete! '{file_name}' registered.[/green]")
+        else:
+            console.print(f"[red]Upload worked but registration failed:[/red] {res.text}")
+    except Exception as e:
+        console.print(f"[red]Registration error:[/red] {e}")
+
+
+def download_file(file_id: str, output_path: str | None = None) -> None:
+    """Download a file from DaemonClient storage."""
+    tg = _get_tg_config()
+    bot_token = tg["bot_token"]
+
+    # Fetch ZKE key
+    zke_key = None
+    zke_cfg = _get_zke_config()
+    if zke_cfg and zke_cfg.get("enabled"):
+        zke_key = _derive_key_from_config(zke_cfg)
+
+    # Find the file in the list
+    console.print(f"[dim]Fetching metadata for {file_id}...[/dim]")
+    list_res = requests.get(f"{get_api_url()}/list", headers=get_auth_headers(), timeout=15)
+    if list_res.status_code != 200:
+        console.print(f"[red]Failed to list files:[/red] {list_res.text}")
+        raise typer.Exit(1)
+
+    files = list_res.json().get("files", [])
+    target = next((f for f in files if f["id"] == file_id), None)
+    if not target:
+        console.print(f"[red]File ID '{file_id}' not found.[/red]")
+        raise typer.Exit(1)
+
+    file_name = target["fileName"]
+    final_path = output_path or file_name
+    messages = target.get("messages", [])
+
+    console.print(
+        f"⬇️  Downloading [cyan]{file_name}[/cyan] "
+        f"({len(messages)} chunk{'s' if len(messages) != 1 else ''})"
+    )
+
+    with Progress(
+        SpinnerColumn(),
+        TextColumn("[progress.description]{task.description}"),
+        BarColumn(),
+        TextColumn("[progress.percentage]{task.percentage:>3.0f}%"),
+        TimeRemainingColumn(),
+        console=console,
+    ) as progress:
+        task = progress.add_task("Downloading", total=len(messages))
+
+        with open(final_path, "wb") as f_out:
+            for msg in messages:
+                # Get Telegram file path
+                info_res = requests.get(
+                    f"https://api.telegram.org/bot{bot_token}/getFile",
+                    params={"file_id": msg["file_id"]},
+                    timeout=30,
+                )
+                if info_res.status_code != 200:
+                    console.print(f"[red]Telegram error:[/red] {info_res.text}")
+                    raise typer.Exit(1)
+
+                tg_path = info_res.json()["result"]["file_path"]
+                download_url = f"https://api.telegram.org/file/bot{bot_token}/{tg_path}"
+
+                # Stream download
+                chunk_res = requests.get(download_url, stream=True, timeout=300)
+                chunk_data = b""
+                for piece in chunk_res.iter_content(chunk_size=8192):
+                    chunk_data += piece
+
+                # Decrypt if ZKE is active
+                if zke_key:
+                    chunk_data = decrypt_chunk(chunk_data, zke_key)
+
+                f_out.write(chunk_data)
+                progress.update(task, advance=1)
+
+    console.print(f"[green]✅ Downloaded: {final_path}[/green]")
+
+
+def delete_file(file_id: str, skip_confirm: bool = False) -> None:
+    """Delete a file from Telegram and Firestore."""
+    tg = _get_tg_config()
+    bot_token = tg["bot_token"]
+    channel_id = tg["channel_id"]
+
+    # Find the file
+    list_res = requests.get(f"{get_api_url()}/list", headers=get_auth_headers(), timeout=15)
+    files = list_res.json().get("files", [])
+    target = next((f for f in files if f["id"] == file_id), None)
+
+    if not target:
+        console.print(f"[red]File ID '{file_id}' not found.[/red]")
+        raise typer.Exit(1)
+
+    file_name = target.get("fileName", "Unknown")
+
+    if not skip_confirm:
+        confirm = typer.confirm(f"Delete '{file_name}'?")
+        if not confirm:
+            console.print("[yellow]Cancelled.[/yellow]")
+            raise typer.Abort()
+
+    # Delete chunks from Telegram
+    messages = target.get("messages", [])
+    console.print(f"[yellow]Deleting {len(messages)} chunks...[/yellow]")
+
+    with Progress(SpinnerColumn(), TextColumn("{task.description}"), BarColumn(), console=console) as progress:
+        task = progress.add_task("Cleaning up", total=len(messages))
+        for msg in messages:
+            try:
+                requests.post(
+                    f"https://api.telegram.org/bot{bot_token}/deleteMessage",
+                    json={"chat_id": channel_id, "message_id": msg["message_id"]},
+                    timeout=15,
+                )
+            except Exception:
+                pass  # best-effort
+            progress.update(task, advance=1)
+
+    # Delete from Firestore
+    try:
+        res = requests.post(
+            f"{get_api_url()}/delete",
+            headers=get_auth_headers(),
+            json={"file_id": file_id},
+            timeout=15,
+        )
+        if res.status_code == 200:
+            console.print(f"[green]🗑️  '{file_name}' deleted.[/green]")
+        else:
+            console.print(f"[red]Registry delete failed:[/red] {res.text}")
+    except Exception as e:
+        console.print(f"[red]API error:[/red] {e}")