[Release] v3.2.5-beta (#320)

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: danielalves96 <62755605+danielalves96@users.noreply.github.com>

.github/copilot-instructions.md

@@ -0,0 +1,259 @@
+# GitHub Copilot Instructions for Palmr
+
+This file contains instructions for GitHub Copilot to help contributors work effectively with the Palmr codebase.
+
+## Project Overview
+
+Palmr is a flexible and open-source alternative to file transfer services like WeTransfer and SendGB. It's built with:
+
+- **Backend**: Fastify (Node.js) with TypeScript, SQLite database, and filesystem/S3 storage
+- **Frontend**: Next.js 15 + React + TypeScript + Shadcn/ui
+- **Documentation**: Next.js + Fumadocs + MDX
+- **Package Manager**: pnpm (v10.6.0)
+- **Monorepo Structure**: Three main apps (web, server, docs) in the `apps/` directory
+
+## Architecture and Structure
+
+### Monorepo Layout
+
+```
+apps/
+├── docs/       # Documentation site (Next.js + Fumadocs)
+├── server/     # Backend API (Fastify + TypeScript)
+└── web/        # Frontend application (Next.js 15)
+```
+
+### Key Technologies
+
+- **TypeScript**: Primary language for all applications
+- **Database**: Prisma ORM with SQLite (optional S3-compatible storage)
+- **Authentication**: Multiple OAuth providers (Google, GitHub, Discord, etc.)
+- **Internationalization**: Multi-language support with translation scripts
+- **Validation**: Husky pre-push hooks for linting and type checking
+
+## Development Workflow
+
+### Base Branch
+
+Always create new branches from and submit PRs to the `next` branch, not `main`.
+
+### Commit Convention
+
+Use Conventional Commits format for all commits:
+
+```
+<type>(<scope>): <description>
+
+Types:
+- feat: New feature
+- fix: Bug fix
+- docs: Documentation changes
+- test: Adding or updating tests
+- refactor: Code refactoring
+- style: Code formatting
+- chore: Maintenance tasks
+```
+
+Examples:
+
+- `feat(web): add user authentication system`
+- `fix(api): resolve null pointer exception in user service`
+- `docs: update installation instructions in README`
+- `test(server): add unit tests for user validation`
+
+### Code Quality Standards
+
+1. **Linting**: All apps use ESLint. Run `pnpm lint` before committing
+2. **Formatting**: Use Prettier for code formatting. Run `pnpm format`
+3. **Type Checking**: Run `pnpm type-check` to validate TypeScript
+4. **Validation**: Run `pnpm validate` to run both linting and type checking
+5. **Pre-push Hook**: Automatically validates all apps before pushing
+
+### Testing Changes
+
+- Test incrementally during development
+- Run validation locally before pushing: `pnpm validate` in each app directory
+- Keep changes focused on a single issue or feature
+- Review your work before committing
+
+## Application-Specific Guidelines
+
+### Web App (`apps/web/`)
+
+- Framework: Next.js 15 with App Router
+- Port: 3000 (development)
+- Scripts:
+  - `pnpm dev`: Start development server
+  - `pnpm build`: Build for production
+  - `pnpm validate`: Run linting and type checking
+- Translations: Use Python scripts in `scripts/` directory
+  - `pnpm translations:check`: Check translation status
+  - `pnpm translations:sync`: Synchronize translations
+
+### Server App (`apps/server/`)
+
+- Framework: Fastify with TypeScript
+- Port: 3333 (default)
+- Scripts:
+  - `pnpm dev`: Start development server with watch mode
+  - `pnpm build`: Build TypeScript to JavaScript
+  - `pnpm validate`: Run linting and type checking
+  - `pnpm db:seed`: Seed database
+- Database: Prisma ORM with SQLite
+
+### Docs App (`apps/docs/`)
+
+- Framework: Next.js with Fumadocs
+- Port: 3001 (development)
+- Content: MDX files in `content/docs/`
+- Scripts:
+  - `pnpm dev`: Start development server
+  - `pnpm build`: Build documentation site
+  - `pnpm validate`: Run linting and type checking
+
+## Code Style and Best Practices
+
+### General Guidelines
+
+1. **Follow Style Guidelines**: Ensure code adheres to ESLint and Prettier configurations
+2. **TypeScript First**: Always use TypeScript, avoid `any` types when possible
+3. **Component Organization**: Keep components focused and single-purpose
+4. **Error Handling**: Implement proper error handling and logging
+5. **Comments**: Add comments only when necessary to explain complex logic
+6. **Imports**: Use absolute imports where configured, keep imports organized
+
+### API Development (Server)
+
+- Use Fastify's schema validation for all routes
+- Follow REST principles for endpoint design
+- Implement proper authentication and authorization
+- Handle errors gracefully with appropriate status codes
+- Document API endpoints in the docs app
+
+### Frontend Development (Web)
+
+- Use React Server Components where appropriate
+- Implement proper loading and error states
+- Follow accessibility best practices (WCAG guidelines)
+- Optimize performance (lazy loading, code splitting)
+- Use Shadcn/ui components for consistent UI
+
+### Documentation
+
+- Write clear, concise documentation
+- Include code examples where helpful
+- Update documentation when changing functionality
+- Use MDX features for interactive documentation
+- Follow the existing documentation structure
+
+## Translation and Internationalization
+
+- All user-facing strings should be translatable
+- Use the Next.js internationalization system
+- Translation files are in `apps/web/messages/`
+- Reference file: `en-US.json`
+- Run `pnpm translations:check` to verify translations
+- Mark untranslated strings with `[TO_TRANSLATE]` prefix
+
+## Common Patterns
+
+### Authentication Providers
+
+- Provider configurations in `apps/server/src/modules/auth-providers/providers.config.ts`
+- Support for OAuth2 and OIDC protocols
+- Field mappings for user data normalization
+- Special handling for providers like GitHub that require additional API calls
+
+### File Storage
+
+- Default: Filesystem storage
+- Optional: S3-compatible object storage
+- File metadata stored in SQLite database
+
+### Environment Variables
+
+- Configure via `.env` files (not committed to repository)
+- Required variables documented in README or docs
+- Use environment-specific configurations
+
+## Contributing Guidelines
+
+### Pull Request Process
+
+1. Fork the repository
+2. Create a branch from `next`: `git checkout -b feature/your-feature upstream/next`
+3. Make focused changes addressing a single issue/feature
+4. Write or update tests as needed
+5. Update documentation to reflect changes
+6. Ensure all validations pass: `pnpm validate` in each app
+7. Commit using Conventional Commits
+8. Push to your fork
+9. Create Pull Request targeting the `next` branch
+
+### Code Review
+
+- Be responsive to feedback
+- Keep discussions constructive and professional
+- Make requested changes promptly
+- Ask questions if requirements are unclear
+
+### What to Avoid
+
+- Don't mix unrelated changes in a single PR
+- Don't skip linting or type checking
+- Don't commit directly to `main` or `next` branches
+- Don't add unnecessary dependencies
+- Don't ignore existing code style and patterns
+- Don't remove or modify tests without good reason
+
+## Helpful Commands
+
+### Root Level
+
+```bash
+pnpm install          # Install all dependencies
+git config core.hooksPath .husky  # Configure Git hooks
+```
+
+### Per App (web/server/docs)
+
+```bash
+pnpm dev              # Start development server
+pnpm build            # Build for production
+pnpm lint             # Run ESLint
+pnpm lint:fix         # Fix ESLint issues automatically
+pnpm format           # Format code with Prettier
+pnpm format:check     # Check code formatting
+pnpm type-check       # Run TypeScript type checking
+pnpm validate         # Run lint + type-check
+```
+
+### Docker
+
+```bash
+docker-compose up     # Start all services
+docker-compose down   # Stop all services
+```
+
+## Resources
+
+- **Documentation**: [https://palmr.kyantech.com.br](https://palmr.kyantech.com.br)
+- **Contributing Guide**: [CONTRIBUTING.md](../CONTRIBUTING.md)
+- **Issue Tracker**: GitHub Issues
+- **License**: Apache-2.0
+
+## Getting Help
+
+- Review existing documentation in `apps/docs/content/docs/`
+- Check contribution guide in `CONTRIBUTING.md`
+- Review existing code for patterns and examples
+- Ask questions in PR discussions or issues
+- Read error messages and logs carefully
+
+## Important Notes
+
+- **Beta Status**: This project is in beta; expect changes and improvements
+- **Focus on Quality**: Prioritize code quality and maintainability over speed
+- **Test Locally**: Always test your changes locally before submitting
+- **Documentation Matters**: Keep documentation synchronized with code
+- **Community First**: Be respectful, patient, and constructive with all contributors

.gitignore

@@ -33,4 +33,5 @@ apps/server/dist/*
 .steering
 data/
 
-node_modules/
+node_modules/
+screenshots/

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:20-alpine AS base
+FROM node:24-alpine AS base
 
 # Install system dependencies
 RUN apk add --no-cache \

apps/docs/content/docs/3.2-beta/cleanup-orphan-files.mdx

@@ -0,0 +1,374 @@
+---
+title: Cleanup Orphan Files
+icon: Trash2
+---
+
+This guide provides detailed instructions on how to identify and remove orphan file records from your Palmr database. Orphan files are database entries that reference files that no longer exist in the storage system, typically resulting from failed uploads or interrupted transfers.
+
+## When and why to use this tool
+
+The orphan file cleanup script is designed to maintain database integrity by removing stale file records. Consider using this tool if:
+
+- Users are experiencing "File not found" errors when attempting to download files that appear in the UI
+- You've identified failed uploads that left incomplete database records
+- You're performing routine database maintenance
+- You've migrated storage systems and need to verify file consistency
+- You need to free up quota space occupied by phantom file records
+
+> **Note:** This script only removes **database records** for files that don't exist in storage. It does not delete physical files. Files that exist in storage will remain untouched.
+
+## How the cleanup works
+
+Palmr provides a maintenance script that scans all file records in the database and verifies their existence in the storage system (either filesystem or S3). The script operates in two modes:
+
+- **Dry-run mode (default):** Identifies orphan files and displays what would be deleted without making any changes
+- **Confirmation mode:** Actually removes the orphan database records after explicit confirmation
+
+The script maintains safety by:
+- Checking file existence before marking as orphan
+- Providing detailed statistics and file listings
+- Requiring explicit `--confirm` flag to delete records
+- Working with both filesystem and S3 storage providers
+- Preserving all files that exist in storage
+
+## Understanding orphan files
+
+### What are orphan files?
+
+Orphan files occur when:
+
+1. **Failed chunked uploads:** A large file upload starts, creates a database record, but the upload fails before completion
+2. **Interrupted transfers:** Network issues or server restarts interrupt file transfers mid-process
+3. **Manual deletions:** Files are manually deleted from storage without removing the database record
+4. **Storage migrations:** Files are moved or lost during storage system changes
+
+### Why they cause problems
+
+When orphan records exist in the database:
+- Users see files in the UI that cannot be downloaded
+- Download attempts result in "ENOENT: no such file or directory" errors
+- Storage quota calculations become inaccurate
+- The system returns 500 errors instead of proper 404 responses (in older versions)
+
+### Renamed files with suffixes
+
+Files with duplicate names are automatically renamed with suffixes (e.g., `file (1).png`, `file (2).png`). Sometimes the upload fails after the database record is created but before the physical file is saved, creating an orphan record with a suffix.
+
+**Example:**
+```
+Database record: photo (1).png → objectName: user123/1758805195682-Rjn9at692HdR.png
+Physical file: Does not exist ❌
+```
+
+## Step-by-step instructions
+
+### 1. Access the server environment
+
+**For Docker installations:**
+
+```bash
+docker exec -it <container_name> /bin/sh
+cd /app/palmr-app
+```
+
+**For bare-metal installations:**
+
+```bash
+cd /path/to/palmr/apps/server
+```
+
+### 2. Run the cleanup script in dry-run mode
+
+First, run the script without the `--confirm` flag to see what would be deleted:
+
+```bash
+pnpm cleanup:orphan-files
+```
+
+This will:
+- Scan all file records in the database
+- Check if each file exists in storage
+- Display a summary of orphan files
+- Show what would be deleted (without actually deleting)
+
+### 3. Review the output
+
+The script will provide detailed information about orphan files:
+
+```text
+Starting orphan file cleanup...
+Storage mode: Filesystem
+Found 7 files in database
+❌ Orphan: photo(1).png (cmddjchw80000gmiimqnxga2g/1758805195682-Rjn9at692HdR.png)
+❌ Orphan: document.pdf (cmddjchw80000gmiimqnxga2g/1758803757558-JQxlvF816UVo.pdf)
+
+📊 Summary:
+  Total files in DB: 7
+  ✅ Files with storage: 5
+  ❌ Orphan files: 2
+
+🗑️  Orphan files to be deleted:
+  - photo(1).png (0.76 MB) - cmddjchw80000gmiimqnxga2g/1758805195682-Rjn9at692HdR.png
+  - document.pdf (2.45 MB) - cmddjchw80000gmiimqnxga2g/1758803757558-JQxlvF816UVo.pdf
+
+⚠️  Dry run mode. To actually delete orphan records, run with --confirm flag:
+   pnpm cleanup:orphan-files:confirm
+```
+
+### 4. Confirm and execute the cleanup
+
+If you're satisfied with the results and want to proceed with the deletion:
+
+```bash
+pnpm cleanup:orphan-files:confirm
+```
+
+This will remove the orphan database records and display a confirmation:
+
+```text
+🗑️  Deleting orphan file records...
+  ✓ Deleted: photo(1).png
+  ✓ Deleted: document.pdf
+
+✅ Cleanup complete!
+   Deleted 2 orphan file records
+```
+
+## Example session
+
+Below is a complete example of running the cleanup script:
+
+```bash
+$ pnpm cleanup:orphan-files
+
+> palmr-api@3.2.3-beta cleanup:orphan-files
+> tsx src/scripts/cleanup-orphan-files.ts
+
+Starting orphan file cleanup...
+Storage mode: Filesystem
+Found 15 files in database
+❌ Orphan: video.mp4 (user123/1758803869037-1WhtnrQioeFQ.mp4)
+❌ Orphan: image(1).png (user123/1758805195682-Rjn9at692HdR.png)
+❌ Orphan: image(2).png (user123/1758803757558-JQxlvF816UVo.png)
+
+📊 Summary:
+  Total files in DB: 15
+  ✅ Files with storage: 12
+  ❌ Orphan files: 3
+
+🗑️  Orphan files to be deleted:
+  - video.mp4 (97.09 MB) - user123/1758803869037-1WhtnrQioeFQ.mp4
+  - image(1).png (0.01 MB) - user123/1758805195682-Rjn9at692HdR.png
+  - image(2).png (0.76 MB) - user123/1758803757558-JQxlvF816UVo.png
+
+⚠️  Dry run mode. To actually delete orphan records, run with --confirm flag:
+   pnpm cleanup:orphan-files:confirm
+
+$ pnpm cleanup:orphan-files:confirm
+
+> palmr-api@3.2.3-beta cleanup:orphan-files:confirm
+> tsx src/scripts/cleanup-orphan-files.ts --confirm
+
+Starting orphan file cleanup...
+Storage mode: Filesystem
+Found 15 files in database
+❌ Orphan: video.mp4 (user123/1758803869037-1WhtnrQioeFQ.mp4)
+❌ Orphan: image(1).png (user123/1758805195682-Rjn9at692HdR.png)
+❌ Orphan: image(2).png (user123/1758803757558-JQxlvF816UVo.png)
+
+📊 Summary:
+  Total files in DB: 15
+  ✅ Files with storage: 12
+  ❌ Orphan files: 3
+
+🗑️  Orphan files to be deleted:
+  - video.mp4 (97.09 MB) - user123/1758803869037-1WhtnrQioeFQ.mp4
+  - image(1).png (0.01 MB) - user123/1758805195682-Rjn9at692HdR.png
+  - image(2).png (0.76 MB) - user123/1758803757558-JQxlvF816UVo.png
+
+🗑️  Deleting orphan file records...
+  ✓ Deleted: video.mp4
+  ✓ Deleted: image(1).png
+  ✓ Deleted: image(2).png
+
+✅ Cleanup complete!
+   Deleted 3 orphan file records
+
+Script completed successfully
+```
+
+## Troubleshooting common issues
+
+### No orphan files found
+
+```text
+📊 Summary:
+  Total files in DB: 10
+  ✅ Files with storage: 10
+  ❌ Orphan files: 0
+
+✨ No orphan files found!
+```
+
+**This is good!** It means your database is in sync with your storage system.
+
+### Script cannot connect to database
+
+If you see database connection errors:
+
+1. Verify the database file exists:
+   ```bash
+   ls -la prisma/palmr.db
+   ```
+
+2. Check database permissions:
+   ```bash
+   chmod 644 prisma/palmr.db
+   ```
+
+3. Ensure you're in the correct directory:
+   ```bash
+   pwd  # Should show .../palmr/apps/server
+   ```
+
+### Storage provider errors
+
+For **S3 storage:**
+- Verify your S3 credentials are configured correctly
+- Check that the bucket is accessible
+- Ensure network connectivity to S3
+
+For **Filesystem storage:**
+- Verify the uploads directory exists and is readable
+- Check file system permissions
+- Ensure sufficient disk space
+
+### Script fails to delete records
+
+If deletion fails for specific files:
+- Check database locks (close other connections)
+- Verify you have write permissions to the database
+- Review the error message for specific details
+
+## Understanding the output
+
+### File statistics
+
+The script provides several key metrics:
+
+- **Total files in DB:** All file records in your database
+- **Files with storage:** Records where the physical file exists
+- **Orphan files:** Records where the physical file is missing
+
+### File information
+
+For each orphan file, you'll see:
+
+- **Name:** Display name in the UI
+- **Size:** File size as recorded in the database
+- **Object name:** Internal storage path
+
+Example: `photo(1).png (0.76 MB) - user123/1758805195682-Rjn9at692HdR.png`
+
+## Prevention and best practices
+
+### Prevent orphan files from occurring
+
+1. **Monitor upload failures:** Check server logs for upload errors
+2. **Stable network:** Ensure reliable network connectivity for large uploads
+3. **Adequate resources:** Provide sufficient disk space and memory
+4. **Regular maintenance:** Run this script periodically as part of maintenance
+
+### When to run cleanup
+
+Consider running the cleanup script:
+
+- **Monthly:** As part of routine database maintenance
+- **After incidents:** Following server crashes or storage issues
+- **Before migrations:** Before moving to new storage systems
+- **When users report errors:** If download failures are reported
+
+### Safe cleanup practices
+
+1. **Always run dry-run first:** Review what will be deleted before confirming
+2. **Backup your database:** Create a backup before running with `--confirm`
+3. **Check during low usage:** Run during off-peak hours to minimize disruption
+4. **Document the cleanup:** Keep records of when and why cleanup was performed
+5. **Verify after cleanup:** Check that file counts match expectations
+
+## Technical details
+
+### How files are stored
+
+When files are uploaded to Palmr:
+
+1. Frontend generates a safe object name using random identifiers
+2. Backend creates the final `objectName` as: `${userId}/${timestamp}-${randomId}.${extension}`
+3. If a duplicate name exists, the **display name** gets a suffix, but `objectName` remains unique
+4. Physical file is stored using `objectName`, display name is stored separately in database
+
+### Storage providers
+
+The script works with both storage providers:
+
+- **FilesystemStorageProvider:** Uses `fs.promises.access()` to check file existence
+- **S3StorageProvider:** Uses `HeadObjectCommand` to verify objects in S3 bucket
+
+### Database schema
+
+Files table structure:
+```typescript
+{
+  name: string           // Display name (can have suffixes like "file (1).png")
+  objectName: string     // Physical storage path (always unique)
+  size: bigint          // File size in bytes
+  extension: string     // File extension
+  userId: string        // Owner of the file
+  folderId: string?     // Parent folder (null for root)
+}
+```
+
+## Related improvements
+
+### Download validation (v3.2.3-beta+)
+
+Starting from version 3.2.3-beta, Palmr includes enhanced download validation:
+
+- Files are checked for existence **before** attempting download
+- Returns proper 404 error if file is missing (instead of 500)
+- Provides helpful error message to users
+
+This prevents errors when trying to download orphan files that haven't been cleaned up yet.
+
+## Security considerations
+
+- **Read-only by default:** Dry-run mode is safe and doesn't modify data
+- **Explicit confirmation:** Requires `--confirm` flag to delete records
+- **No file deletion:** Only removes database records, never deletes physical files
+- **Audit trail:** All actions are logged to console
+- **Permission-based:** Only users with server access can run the script
+
+> **Important:** This script does not delete physical files from storage. It only removes database records for files that don't exist. This is intentional to prevent accidental data loss.
+
+## FAQ
+
+**Q: Will this delete my files?**  
+A: No. The script only removes database records for files that are already missing from storage. Physical files are never deleted.
+
+**Q: Can I undo the cleanup?**  
+A: No. Once orphan records are deleted, they cannot be recovered. Always run dry-run mode first and backup your database.
+
+**Q: Why do orphan files have suffixes like (1), (2)?**  
+A: When duplicate files are uploaded, Palmr renames them with suffixes. If the upload fails after creating the database record, an orphan with a suffix remains.
+
+**Q: How often should I run this script?**  
+A: Monthly maintenance is usually sufficient. Run more frequently if you experience many upload failures.
+
+**Q: Does this work with S3 storage?**  
+A: Yes! The script automatically detects your storage provider (filesystem or S3) and works with both.
+
+**Q: What if I have thousands of orphan files?**  
+A: The script handles large numbers efficiently. Consider running during off-peak hours for very large cleanups.
+
+**Q: Can this fix "File not found" errors?**  
+A: Yes, if the errors are caused by orphan database records. The script removes those records, preventing future errors.

apps/docs/content/docs/3.2-beta/meta.json

@@ -16,6 +16,7 @@
     "reverse-proxy-configuration",
     "download-memory-management",
     "password-reset-without-smtp",
+    "cleanup-orphan-files",
     "oidc-authentication",
     "troubleshooting",
     "---Developers---",

apps/docs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "palmr-docs",
-  "version": "3.2.3-beta",
+  "version": "3.2.5-beta",
   "description": "Docs for Palmr",
   "private": true,
   "author": "Daniel Luiz Alves <daniel@kyantech.com.br>",
@@ -13,7 +13,7 @@
     "react",
     "typescript"
   ],
-  "license": "BSD-2-Clause",
+  "license": "Apache-2.0",
   "packageManager": "pnpm@10.6.0",
   "scripts": {
     "build": "next build",

apps/server/.gitignore

@@ -4,3 +4,4 @@ dist/*
 uploads/*
 temp-uploads/*
 prisma/*.db
+tsconfig.tsbuildinfo

apps/server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "palmr-api",
-  "version": "3.2.3-beta",
+  "version": "3.2.5-beta",
   "description": "API for Palmr",
   "private": true,
   "author": "Daniel Luiz Alves <daniel@kyantech.com.br>",
@@ -12,7 +12,7 @@
     "nodejs",
     "typescript"
   ],
-  "license": "BSD-2-Clause",
+  "license": "Apache-2.0",
   "packageManager": "pnpm@10.6.0",
   "main": "index.js",
   "scripts": {
@@ -25,7 +25,9 @@
     "format:check": "prettier . --check",
     "type-check": "npx tsc --noEmit",
     "validate": "pnpm lint && pnpm type-check",
-    "db:seed": "ts-node prisma/seed.js"
+    "db:seed": "ts-node prisma/seed.js",
+    "cleanup:orphan-files": "tsx src/scripts/cleanup-orphan-files.ts",
+    "cleanup:orphan-files:confirm": "tsx src/scripts/cleanup-orphan-files.ts --confirm"
   },
   "prisma": {
     "seed": "node prisma/seed.js"

apps/server/prisma/schema.prisma

@@ -59,7 +59,6 @@ model File {
   shares Share[] @relation("ShareFiles")
 
   @@index([folderId])
-
   @@map("files")
 }
 
@@ -278,40 +277,40 @@ enum PageLayout {
 }
 
 model TrustedDevice {
-  id           String   @id @default(cuid())
-  userId       String
-  user         User     @relation(fields: [userId], references: [id], onDelete: Cascade)
-  deviceHash   String   @unique
-  deviceName   String?
-  userAgent    String?
-  ipAddress    String?
-  lastUsedAt   DateTime @default(now())
-  expiresAt    DateTime
-  createdAt    DateTime @default(now())
-  updatedAt    DateTime @updatedAt
+  id         String   @id @default(cuid())
+  userId     String
+  user       User     @relation(fields: [userId], references: [id], onDelete: Cascade)
+  deviceHash String   @unique
+  deviceName String?
+  userAgent  String?
+  ipAddress  String?
+  lastUsedAt DateTime @default(now())
+  expiresAt  DateTime
+  createdAt  DateTime @default(now())
+  updatedAt  DateTime @updatedAt
 
   @@map("trusted_devices")
 }
 
 model Folder {
-  id          String   @id @default(cuid())
+  id          String  @id @default(cuid())
   name        String
   description String?
   objectName  String
 
-  parentId    String?
-  parent      Folder?  @relation("FolderHierarchy", fields: [parentId], references: [id], onDelete: Cascade)
-  children    Folder[] @relation("FolderHierarchy")
+  parentId String?
+  parent   Folder?  @relation("FolderHierarchy", fields: [parentId], references: [id], onDelete: Cascade)
+  children Folder[] @relation("FolderHierarchy")
 
-  userId      String
-  user        User     @relation(fields: [userId], references: [id], onDelete: Cascade)
+  userId String
+  user   User   @relation(fields: [userId], references: [id], onDelete: Cascade)
 
-  files       File[]
+  files File[]
 
-  shares      Share[]  @relation("ShareFolders")
+  shares Share[] @relation("ShareFolders")
 
-  createdAt   DateTime @default(now())
-  updatedAt   DateTime @updatedAt
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
 
   @@index([userId])
   @@index([parentId])

apps/server/prisma/seed.js

@@ -17,6 +17,12 @@ const defaultConfigs = [
     type: "boolean",
     group: "general",
   },
+  {
+    key: "hideVersion",
+    value: "false",
+    type: "boolean",
+    group: "general",
+  },
   {
     key: "appDescription",
     value: "Secure and simple file sharing - Your personal cloud",

apps/server/src/modules/auth-providers/service.ts

@@ -617,6 +617,11 @@ export class AuthProvidersService {
       return await this.linkProviderToExistingUser(existingUser, provider.id, String(externalId), userInfo);
     }
 
+    // Check if auto-registration is disabled
+    if (provider.autoRegister === false) {
+      throw new Error(`User registration via ${provider.displayName || provider.name} is disabled`);
+    }
+
     return await this.createNewUserWithProvider(userInfo, provider.id, String(externalId));
   }
 

apps/server/src/modules/file/controller.ts

@@ -1,8 +1,15 @@
+import * as fs from "fs";
 import bcrypt from "bcryptjs";
 import { FastifyReply, FastifyRequest } from "fastify";
 
 import { env } from "../../env";
 import { prisma } from "../../shared/prisma";
+import {
+  generateUniqueFileName,
+  generateUniqueFileNameForRename,
+  parseFileName,
+} from "../../utils/file-name-generator";
+import { getContentType } from "../../utils/mime-types";
 import { ConfigService } from "../config/service";
 import {
   CheckFileInput,
@@ -93,9 +100,13 @@ export class FileController {
         }
       }
 
+      // Parse the filename and generate a unique name if there's a duplicate
+      const { baseName, extension } = parseFileName(input.name);
+      const uniqueName = await generateUniqueFileName(baseName, extension, userId, input.folderId);
+
       const fileRecord = await prisma.file.create({
         data: {
-          name: input.name,
+          name: uniqueName,
           description: input.description,
           extension: input.extension,
           size: BigInt(input.size),
@@ -169,9 +180,20 @@ export class FileController {
         });
       }
 
-      return reply.status(201).send({
+      // Check for duplicate filename and provide the suggested unique name
+      const { baseName, extension } = parseFileName(input.name);
+      const uniqueName = await generateUniqueFileName(baseName, extension, userId, input.folderId);
+
+      // Include suggestedName in response if the name was changed
+      const response: any = {
         message: "File checks succeeded.",
-      });
+      };
+
+      if (uniqueName !== input.name) {
+        response.suggestedName = uniqueName;
+      }
+
+      return reply.status(201).send(response);
     } catch (error: any) {
       console.error("Error in checkFile:", error);
       return reply.status(400).send({ error: error.message });
@@ -180,11 +202,10 @@ export class FileController {
 
   async getDownloadUrl(request: FastifyRequest, reply: FastifyReply) {
     try {
-      const { objectName: encodedObjectName } = request.params as {
+      const { objectName, password } = request.query as {
         objectName: string;
+        password?: string;
       };
-      const objectName = decodeURIComponent(encodedObjectName);
-      const { password } = request.query as { password?: string };
 
       if (!objectName) {
         return reply.status(400).send({ error: "The 'objectName' parameter is required." });
@@ -198,7 +219,8 @@ export class FileController {
 
       let hasAccess = false;
 
-      console.log("Requested file with password " + password);
+      // Don't log raw passwords. Log only whether a password was provided (for debugging access flow).
+      console.log(`Requested file access for object="${objectName}" passwordProvided=${password ? true : false}`);
 
       const shares = await prisma.share.findMany({
         where: {
@@ -250,6 +272,118 @@ export class FileController {
     }
   }
 
+  async downloadFile(request: FastifyRequest, reply: FastifyReply) {
+    try {
+      const { objectName, password } = request.query as {
+        objectName: string;
+        password?: string;
+      };
+
+      if (!objectName) {
+        return reply.status(400).send({ error: "The 'objectName' parameter is required." });
+      }
+
+      const fileRecord = await prisma.file.findFirst({ where: { objectName } });
+
+      if (!fileRecord) {
+        if (objectName.startsWith("reverse-shares/")) {
+          const reverseShareFile = await prisma.reverseShareFile.findFirst({
+            where: { objectName },
+            include: {
+              reverseShare: true,
+            },
+          });
+
+          if (!reverseShareFile) {
+            return reply.status(404).send({ error: "File not found." });
+          }
+
+          try {
+            await request.jwtVerify();
+            const userId = (request as any).user?.userId;
+
+            if (!userId || reverseShareFile.reverseShare.creatorId !== userId) {
+              return reply.status(401).send({ error: "Unauthorized access to file." });
+            }
+          } catch (err) {
+            return reply.status(401).send({ error: "Unauthorized access to file." });
+          }
+
+          const storageProvider = (this.fileService as any).storageProvider;
+          const filePath = storageProvider.getFilePath(objectName);
+
+          const contentType = getContentType(reverseShareFile.name);
+          const fileName = reverseShareFile.name;
+
+          reply.header("Content-Type", contentType);
+          reply.header("Content-Disposition", `inline; filename="${encodeURIComponent(fileName)}"`);
+
+          const stream = fs.createReadStream(filePath);
+          return reply.send(stream);
+        }
+
+        return reply.status(404).send({ error: "File not found." });
+      }
+
+      let hasAccess = false;
+
+      const shares = await prisma.share.findMany({
+        where: {
+          files: {
+            some: {
+              id: fileRecord.id,
+            },
+          },
+        },
+        include: {
+          security: true,
+        },
+      });
+
+      for (const share of shares) {
+        if (!share.security.password) {
+          hasAccess = true;
+          break;
+        } else if (password) {
+          const isPasswordValid = await bcrypt.compare(password, share.security.password);
+          if (isPasswordValid) {
+            hasAccess = true;
+            break;
+          }
+        }
+      }
+
+      if (!hasAccess) {
+        try {
+          await request.jwtVerify();
+          const userId = (request as any).user?.userId;
+          if (userId && fileRecord.userId === userId) {
+            hasAccess = true;
+          }
+        } catch (err) {}
+      }
+
+      if (!hasAccess) {
+        return reply.status(401).send({ error: "Unauthorized access to file." });
+      }
+
+      const storageProvider = (this.fileService as any).storageProvider;
+      const filePath = storageProvider.getFilePath(objectName);
+
+      const contentType = getContentType(fileRecord.name);
+      const fileName = fileRecord.name;
+
+      reply.header("Content-Type", contentType);
+      reply.header("Content-Disposition", `inline; filename="${encodeURIComponent(fileName)}"`);
+
+      const stream = fs.createReadStream(filePath);
+      return reply.send(stream);
+    } catch (error) {
+      console.error("Error in downloadFile:", error);
+      return reply.status(500).send({ error: "Internal server error." });
+    }
+  }
+
   async listFiles(request: FastifyRequest, reply: FastifyReply) {
     try {
       await request.jwtVerify();
@@ -359,6 +493,13 @@ export class FileController {
         return reply.status(403).send({ error: "Access denied." });
       }
 
+      // If renaming the file, check for duplicates and auto-rename if necessary
+      if (updateData.name && updateData.name !== fileRecord.name) {
+        const { baseName, extension } = parseFileName(updateData.name);
+        const uniqueName = await generateUniqueFileNameForRename(baseName, extension, userId, fileRecord.folderId, id);
+        updateData.name = uniqueName;
+      }
+
       const updatedFile = await prisma.file.update({
         where: { id },
         data: updateData,
@@ -444,6 +585,51 @@ export class FileController {
     }
   }
 
+  async embedFile(request: FastifyRequest, reply: FastifyReply) {
+    try {
+      const { id } = request.params as { id: string };
+
+      if (!id) {
+        return reply.status(400).send({ error: "File ID is required." });
+      }
+
+      const fileRecord = await prisma.file.findUnique({ where: { id } });
+
+      if (!fileRecord) {
+        return reply.status(404).send({ error: "File not found." });
+      }
+
+      const extension = fileRecord.extension.toLowerCase();
+      const imageExts = ["jpg", "jpeg", "png", "gif", "webp", "svg", "bmp", "ico", "avif"];
+      const videoExts = ["mp4", "webm", "ogg", "mov", "avi", "mkv", "flv", "wmv"];
+      const audioExts = ["mp3", "wav", "ogg", "m4a", "flac", "aac", "wma"];
+
+      const isMedia = imageExts.includes(extension) || videoExts.includes(extension) || audioExts.includes(extension);
+
+      if (!isMedia) {
+        return reply.status(403).send({
+          error: "Embed is only allowed for images, videos, and audio files.",
+        });
+      }
+
+      const storageProvider = (this.fileService as any).storageProvider;
+      const filePath = storageProvider.getFilePath(fileRecord.objectName);
+
+      const contentType = getContentType(fileRecord.name);
+      const fileName = fileRecord.name;
+
+      reply.header("Content-Type", contentType);
+      reply.header("Content-Disposition", `inline; filename="${encodeURIComponent(fileName)}"`);
+      reply.header("Cache-Control", "public, max-age=31536000"); // Cache por 1 ano
+
+      const stream = fs.createReadStream(filePath);
+      return reply.send(stream);
+    } catch (error) {
+      console.error("Error in embedFile:", error);
+      return reply.status(500).send({ error: "Internal server error." });
+    }
+  }
+
   private async getAllUserFilesRecursively(userId: string): Promise<any[]> {
     const rootFiles = await prisma.file.findMany({
       where: { userId, folderId: null },

apps/server/src/modules/file/routes.ts

@@ -106,17 +106,15 @@ export async function fileRoutes(app: FastifyInstance) {
   );
 
   app.get(
-    "/files/:objectName/download",
+    "/files/download-url",
     {
       schema: {
         tags: ["File"],
         operationId: "getDownloadUrl",
         summary: "Get Download URL",
         description: "Generates a pre-signed URL for downloading a file",
-        params: z.object({
-          objectName: z.string().min(1, "The objectName is required"),
-        }),
         querystring: z.object({
+          objectName: z.string().min(1, "The objectName is required"),
           password: z.string().optional().describe("Share password if required"),
         }),
         response: {
@@ -133,6 +131,46 @@ export async function fileRoutes(app: FastifyInstance) {
     fileController.getDownloadUrl.bind(fileController)
   );
 
+  app.get(
+    "/embed/:id",
+    {
+      schema: {
+        tags: ["File"],
+        operationId: "embedFile",
+        summary: "Embed File (Public Access)",
+        description:
+          "Returns a media file (image/video/audio) for public embedding without authentication. Only works for media files.",
+        params: z.object({
+          id: z.string().min(1, "File ID is required").describe("The file ID"),
+        }),
+        response: {
+          400: z.object({ error: z.string().describe("Error message") }),
+          403: z.object({ error: z.string().describe("Error message - not a media file") }),
+          404: z.object({ error: z.string().describe("Error message") }),
+          500: z.object({ error: z.string().describe("Error message") }),
+        },
+      },
+    },
+    fileController.embedFile.bind(fileController)
+  );
+
+  app.get(
+    "/files/download",
+    {
+      schema: {
+        tags: ["File"],
+        operationId: "downloadFile",
+        summary: "Download File",
+        description: "Downloads a file directly (returns file content)",
+        querystring: z.object({
+          objectName: z.string().min(1, "The objectName is required"),
+          password: z.string().optional().describe("Share password if required"),
+        }),
+      },
+    },
+    fileController.downloadFile.bind(fileController)
+  );
+
   app.get(
     "/files",
     {

apps/server/src/modules/filesystem/controller.ts

@@ -12,6 +12,20 @@ export class FilesystemController {
   private chunkManager = ChunkManager.getInstance();
   private memoryManager = DownloadMemoryManager.getInstance();
 
+  /**
+   * Check if a character is valid in an HTTP token (RFC 2616)
+   * Tokens can contain: alphanumeric and !#$%&'*+-.^_`|~
+   * Must exclude separators: ()<>@,;:\"/[]?={} and space/tab
+   */
+  private isTokenChar(char: string): boolean {
+    const code = char.charCodeAt(0);
+    // Basic ASCII range check
+    if (code < 33 || code > 126) return false;
+    // Exclude separator characters per RFC 2616
+    const separators = '()<>@,;:\\"/[]?={} \t';
+    return !separators.includes(char);
+  }
+
   private encodeFilenameForHeader(filename: string): string {
     if (!filename || filename.trim() === "") {
       return 'attachment; filename="download"';
@@ -36,12 +50,10 @@ export class FilesystemController {
       return 'attachment; filename="download"';
     }
 
+    // Create ASCII-safe version with only valid token characters
     const asciiSafe = sanitized
       .split("")
-      .filter((char) => {
-        const code = char.charCodeAt(0);
-        return code >= 32 && code <= 126;
-      })
+      .filter((char) => this.isTokenChar(char))
       .join("");
 
     if (asciiSafe && asciiSafe.trim()) {
@@ -72,7 +84,6 @@ export class FilesystemController {
           const result = await this.handleChunkedUpload(request, chunkMetadata, tokenData.objectName);
 
           if (result.isComplete) {
-            provider.consumeUploadToken(token);
             reply.status(200).send({
               message: "File uploaded successfully",
               objectName: result.finalPath,
@@ -92,7 +103,6 @@ export class FilesystemController {
         }
       } else {
         await this.uploadFileStream(request, provider, tokenData.objectName);
-        provider.consumeUploadToken(token);
         reply.status(200).send({ message: "File uploaded successfully" });
       }
     } catch (error) {
@@ -110,13 +120,22 @@ export class FilesystemController {
     const totalChunks = request.headers["x-total-chunks"] as string;
     const chunkSize = request.headers["x-chunk-size"] as string;
     const totalSize = request.headers["x-total-size"] as string;
-    const fileName = request.headers["x-file-name"] as string;
+    const encodedFileName = request.headers["x-file-name"] as string;
     const isLastChunk = request.headers["x-is-last-chunk"] as string;
 
-    if (!fileId || !chunkIndex || !totalChunks || !chunkSize || !totalSize || !fileName) {
+    if (!fileId || !chunkIndex || !totalChunks || !chunkSize || !totalSize || !encodedFileName) {
       return null;
     }
 
+    // Decode the base64-encoded filename to handle UTF-8 characters
+    let fileName: string;
+    try {
+      fileName = decodeURIComponent(escape(Buffer.from(encodedFileName, "base64").toString("binary")));
+    } catch (error) {
+      // Fallback to the encoded value if decoding fails (for backward compatibility)
+      fileName = encodedFileName;
+    }
+
     const metadata = {
       fileId,
       chunkIndex: parseInt(chunkIndex, 10),
@@ -182,6 +201,17 @@ export class FilesystemController {
       }
 
       const filePath = provider.getFilePath(tokenData.objectName);
+
+      const fileExists = await provider.fileExists(tokenData.objectName);
+      if (!fileExists) {
+        console.error(`[DOWNLOAD] File not found: ${tokenData.objectName}`);
+        return reply.status(404).send({
+          error: "File not found",
+          message:
+            "The requested file does not exist on the server. It may have been deleted or the upload was incomplete.",
+        });
+      }
+
       const stats = await fs.promises.stat(filePath);
       const fileSize = stats.size;
       const fileName = tokenData.fileName || "download";
@@ -239,8 +269,6 @@ export class FilesystemController {
           reply.header("Content-Length", fileSize);
           await this.downloadFileStream(reply, provider, tokenData.objectName, downloadId);
         }
-
-        provider.consumeDownloadToken(token);
       } finally {
         this.memoryManager.endDownload(downloadId);
       }

apps/server/src/modules/folder/controller.ts

@@ -35,21 +35,13 @@ export class FolderController {
         }
       }
 
-      const existingFolder = await prisma.folder.findFirst({
-        where: {
-          name: input.name,
-          parentId: input.parentId || null,
-          userId,
-        },
-      });
-
-      if (existingFolder) {
-        return reply.status(400).send({ error: "A folder with this name already exists in this location" });
-      }
+      // Check for duplicates and auto-rename if necessary
+      const { generateUniqueFolderName } = await import("../../utils/file-name-generator.js");
+      const uniqueName = await generateUniqueFolderName(input.name, userId, input.parentId);
 
       const folderRecord = await prisma.folder.create({
         data: {
-          name: input.name,
+          name: uniqueName,
           description: input.description,
           objectName: input.objectName,
           parentId: input.parentId,
@@ -231,19 +223,11 @@ export class FolderController {
         return reply.status(403).send({ error: "Access denied." });
       }
 
+      // If renaming the folder, check for duplicates and auto-rename if necessary
       if (updateData.name && updateData.name !== folderRecord.name) {
-        const duplicateFolder = await prisma.folder.findFirst({
-          where: {
-            name: updateData.name,
-            parentId: folderRecord.parentId,
-            userId,
-            id: { not: id },
-          },
-        });
-
-        if (duplicateFolder) {
-          return reply.status(400).send({ error: "A folder with this name already exists in this location" });
-        }
+        const { generateUniqueFolderName } = await import("../../utils/file-name-generator.js");
+        const uniqueName = await generateUniqueFolderName(updateData.name, userId, folderRecord.parentId, id);
+        updateData.name = uniqueName;
       }
 
       const updatedFolder = await prisma.folder.update({

apps/server/src/modules/reverse-share/controller.ts

@@ -536,4 +536,17 @@ export class ReverseShareController {
       return reply.status(500).send({ error: "Internal server error" });
     }
   }
+
+  async getReverseShareMetadataByAlias(request: FastifyRequest, reply: FastifyReply) {
+    try {
+      const { alias } = request.params as { alias: string };
+      const metadata = await this.reverseShareService.getReverseShareMetadataByAlias(alias);
+      return reply.send(metadata);
+    } catch (error: any) {
+      if (error.message === "Reverse share not found") {
+        return reply.status(404).send({ error: error.message });
+      }
+      return reply.status(400).send({ error: error.message });
+    }
+  }
 }

apps/server/src/modules/reverse-share/routes.ts

@@ -592,4 +592,32 @@ export async function reverseShareRoutes(app: FastifyInstance) {
     },
     reverseShareController.copyFileToUserFiles.bind(reverseShareController)
   );
+
+  app.get(
+    "/reverse-shares/alias/:alias/metadata",
+    {
+      schema: {
+        tags: ["Reverse Share"],
+        operationId: "getReverseShareMetadataByAlias",
+        summary: "Get reverse share metadata by alias for Open Graph",
+        description: "Get lightweight metadata for a reverse share by alias, used for social media previews",
+        params: z.object({
+          alias: z.string().describe("Alias of the reverse share"),
+        }),
+        response: {
+          200: z.object({
+            name: z.string().nullable(),
+            description: z.string().nullable(),
+            totalFiles: z.number(),
+            hasPassword: z.boolean(),
+            isExpired: z.boolean(),
+            isInactive: z.boolean(),
+            maxFiles: z.number().nullable(),
+          }),
+          404: z.object({ error: z.string() }),
+        },
+      },
+    },
+    reverseShareController.getReverseShareMetadataByAlias.bind(reverseShareController)
+  );
 }

apps/server/src/modules/reverse-share/service.ts

@@ -773,4 +773,30 @@ export class ReverseShareService {
       updatedAt: file.updatedAt.toISOString(),
     };
   }
+
+  async getReverseShareMetadataByAlias(alias: string) {
+    const reverseShare = await this.reverseShareRepository.findByAlias(alias);
+    if (!reverseShare) {
+      throw new Error("Reverse share not found");
+    }
+
+    // Check if reverse share is expired
+    const isExpired = reverseShare.expiration && new Date(reverseShare.expiration) < new Date();
+
+    // Check if inactive
+    const isInactive = !reverseShare.isActive;
+
+    const totalFiles = reverseShare.files?.length || 0;
+    const hasPassword = !!reverseShare.password;
+
+    return {
+      name: reverseShare.name,
+      description: reverseShare.description,
+      totalFiles,
+      hasPassword,
+      isExpired,
+      isInactive,
+      maxFiles: reverseShare.maxFiles,
+    };
+  }
 }

apps/server/src/modules/share/controller.ts

@@ -295,4 +295,17 @@ export class ShareController {
       return reply.status(400).send({ error: error.message });
     }
   }
+
+  async getShareMetadataByAlias(request: FastifyRequest, reply: FastifyReply) {
+    try {
+      const { alias } = request.params as { alias: string };
+      const metadata = await this.shareService.getShareMetadataByAlias(alias);
+      return reply.send(metadata);
+    } catch (error: any) {
+      if (error.message === "Share not found") {
+        return reply.status(404).send({ error: error.message });
+      }
+      return reply.status(400).send({ error: error.message });
+    }
+  }
 }

apps/server/src/modules/share/repository.ts

@@ -17,6 +17,9 @@ export interface IShareRepository {
   findShareBySecurityId(
     securityId: string
   ): Promise<(Share & { security: ShareSecurity; files: any[]; folders: any[] }) | null>;
+  findShareByAlias(
+    alias: string
+  ): Promise<(Share & { security: ShareSecurity; files: any[]; folders: any[]; recipients: any[] }) | null>;
   updateShare(id: string, data: Partial<Share>): Promise<Share>;
   updateShareSecurity(id: string, data: Partial<ShareSecurity>): Promise<ShareSecurity>;
   deleteShare(id: string): Promise<Share>;
@@ -130,6 +133,41 @@ export class PrismaShareRepository implements IShareRepository {
     });
   }
 
+  async findShareByAlias(alias: string) {
+    const shareAlias = await prisma.shareAlias.findUnique({
+      where: { alias },
+      include: {
+        share: {
+          include: {
+            security: true,
+            files: true,
+            folders: {
+              select: {
+                id: true,
+                name: true,
+                description: true,
+                objectName: true,
+                parentId: true,
+                userId: true,
+                createdAt: true,
+                updatedAt: true,
+                _count: {
+                  select: {
+                    files: true,
+                    children: true,
+                  },
+                },
+              },
+            },
+            recipients: true,
+          },
+        },
+      },
+    });
+
+    return shareAlias?.share || null;
+  }
+
   async updateShare(id: string, data: Partial<Share>): Promise<Share> {
     return prisma.share.update({
       where: { id },

apps/server/src/modules/share/routes.ts

@@ -347,4 +347,32 @@ export async function shareRoutes(app: FastifyInstance) {
     },
     shareController.notifyRecipients.bind(shareController)
   );
+
+  app.get(
+    "/shares/alias/:alias/metadata",
+    {
+      schema: {
+        tags: ["Share"],
+        operationId: "getShareMetadataByAlias",
+        summary: "Get share metadata by alias for Open Graph",
+        description: "Get lightweight metadata for a share by alias, used for social media previews",
+        params: z.object({
+          alias: z.string().describe("The share alias"),
+        }),
+        response: {
+          200: z.object({
+            name: z.string().nullable(),
+            description: z.string().nullable(),
+            totalFiles: z.number(),
+            totalFolders: z.number(),
+            hasPassword: z.boolean(),
+            isExpired: z.boolean(),
+            isMaxViewsReached: z.boolean(),
+          }),
+          404: z.object({ error: z.string() }),
+        },
+      },
+    },
+    shareController.getShareMetadataByAlias.bind(shareController)
+  );
 }

apps/server/src/modules/share/service.ts

@@ -440,4 +440,31 @@ export class ShareService {
       notifiedRecipients,
     };
   }
+
+  async getShareMetadataByAlias(alias: string) {
+    const share = await this.shareRepository.findShareByAlias(alias);
+    if (!share) {
+      throw new Error("Share not found");
+    }
+
+    // Check if share is expired
+    const isExpired = share.expiration && new Date(share.expiration) < new Date();
+
+    // Check if max views reached
+    const isMaxViewsReached = share.security.maxViews !== null && share.views >= share.security.maxViews;
+
+    const totalFiles = share.files?.length || 0;
+    const totalFolders = share.folders?.length || 0;
+    const hasPassword = !!share.security.password;
+
+    return {
+      name: share.name,
+      description: share.description,
+      totalFiles,
+      totalFolders,
+      hasPassword,
+      isExpired,
+      isMaxViewsReached,
+    };
+  }
 }

apps/server/src/providers/filesystem-storage.provider.ts

@@ -192,13 +192,9 @@ export class FilesystemStorageProvider implements StorageProvider {
     return `/api/filesystem/upload/${token}`;
   }
 
-  async getPresignedGetUrl(objectName: string, expires: number, fileName?: string): Promise<string> {
-    const token = crypto.randomBytes(32).toString("hex");
-    const expiresAt = Date.now() + expires * 1000;
-
-    this.downloadTokens.set(token, { objectName, expiresAt, fileName });
-
-    return `/api/filesystem/download/${token}`;
+  async getPresignedGetUrl(objectName: string): Promise<string> {
+    const encodedObjectName = encodeURIComponent(objectName);
+    return `/api/files/download?objectName=${encodedObjectName}`;
   }
 
   async deleteObject(objectName: string): Promise<void> {
@@ -636,13 +632,8 @@ export class FilesystemStorageProvider implements StorageProvider {
     return { objectName: data.objectName, fileName: data.fileName };
   }
 
-  consumeUploadToken(token: string): void {
-    this.uploadTokens.delete(token);
-  }
-
-  consumeDownloadToken(token: string): void {
-    this.downloadTokens.delete(token);
-  }
+  // Tokens are automatically cleaned up by cleanExpiredTokens() every 5 minutes
+  // No need to manually consume tokens - allows reuse for previews, range requests, etc.
 
   private async cleanupTempFile(tempPath: string): Promise<void> {
     try {

apps/server/src/providers/s3-storage.provider.ts

@@ -1,4 +1,4 @@
-import { DeleteObjectCommand, GetObjectCommand, PutObjectCommand } from "@aws-sdk/client-s3";
+import { DeleteObjectCommand, GetObjectCommand, HeadObjectCommand, PutObjectCommand } from "@aws-sdk/client-s3";
 import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
 
 import { bucketName, s3Client } from "../config/storage.config";
@@ -14,6 +14,20 @@ export class S3StorageProvider implements StorageProvider {
     }
   }
 
+  /**
+   * Check if a character is valid in an HTTP token (RFC 2616)
+   * Tokens can contain: alphanumeric and !#$%&'*+-.^_`|~
+   * Must exclude separators: ()<>@,;:\"/[]?={} and space/tab
+   */
+  private isTokenChar(char: string): boolean {
+    const code = char.charCodeAt(0);
+    // Basic ASCII range check
+    if (code < 33 || code > 126) return false;
+    // Exclude separator characters per RFC 2616
+    const separators = '()<>@,;:\\"/[]?={} \t';
+    return !separators.includes(char);
+  }
+
   /**
    * Safely encode filename for Content-Disposition header
    */
@@ -41,12 +55,10 @@ export class S3StorageProvider implements StorageProvider {
       return 'attachment; filename="download"';
     }
 
+    // Create ASCII-safe version with only valid token characters
     const asciiSafe = sanitized
       .split("")
-      .filter((char) => {
-        const code = char.charCodeAt(0);
-        return code >= 32 && code <= 126;
-      })
+      .filter((char) => this.isTokenChar(char))
       .join("");
 
     if (asciiSafe && asciiSafe.trim()) {
@@ -110,4 +122,25 @@ export class S3StorageProvider implements StorageProvider {
 
     await s3Client.send(command);
   }
+
+  async fileExists(objectName: string): Promise<boolean> {
+    if (!s3Client) {
+      throw new Error("S3 client is not available");
+    }
+
+    try {
+      const command = new HeadObjectCommand({
+        Bucket: bucketName,
+        Key: objectName,
+      });
+
+      await s3Client.send(command);
+      return true;
+    } catch (error: any) {
+      if (error.name === "NotFound" || error.$metadata?.httpStatusCode === 404) {
+        return false;
+      }
+      throw error;
+    }
+  }
 }

apps/server/src/scripts/cleanup-orphan-files.ts

@@ -0,0 +1,102 @@
+import { isS3Enabled } from "../config/storage.config";
+import { FilesystemStorageProvider } from "../providers/filesystem-storage.provider";
+import { S3StorageProvider } from "../providers/s3-storage.provider";
+import { prisma } from "../shared/prisma";
+import { StorageProvider } from "../types/storage";
+
+/**
+ * Script to clean up orphan file records in the database
+ * (files that are registered in DB but don't exist in storage)
+ */
+async function cleanupOrphanFiles() {
+  console.log("Starting orphan file cleanup...");
+  console.log(`Storage mode: ${isS3Enabled ? "S3" : "Filesystem"}`);
+
+  let storageProvider: StorageProvider;
+  if (isS3Enabled) {
+    storageProvider = new S3StorageProvider();
+  } else {
+    storageProvider = FilesystemStorageProvider.getInstance();
+  }
+
+  // Get all files from database
+  const allFiles = await prisma.file.findMany({
+    select: {
+      id: true,
+      name: true,
+      objectName: true,
+      userId: true,
+      size: true,
+    },
+  });
+
+  console.log(`Found ${allFiles.length} files in database`);
+
+  const orphanFiles: typeof allFiles = [];
+  const existingFiles: typeof allFiles = [];
+
+  // Check each file
+  for (const file of allFiles) {
+    const exists = await storageProvider.fileExists(file.objectName);
+    if (!exists) {
+      orphanFiles.push(file);
+      console.log(`❌ Orphan: ${file.name} (${file.objectName})`);
+    } else {
+      existingFiles.push(file);
+    }
+  }
+
+  console.log(`\n📊 Summary:`);
+  console.log(`  Total files in DB: ${allFiles.length}`);
+  console.log(`  ✅ Files with storage: ${existingFiles.length}`);
+  console.log(`  ❌ Orphan files: ${orphanFiles.length}`);
+
+  if (orphanFiles.length === 0) {
+    console.log("\n✨ No orphan files found!");
+    return;
+  }
+
+  console.log(`\n🗑️  Orphan files to be deleted:`);
+  orphanFiles.forEach((file) => {
+    const sizeMB = Number(file.size) / (1024 * 1024);
+    console.log(`  - ${file.name} (${sizeMB.toFixed(2)} MB) - ${file.objectName}`);
+  });
+
+  // Ask for confirmation (if running interactively)
+  const shouldDelete = process.argv.includes("--confirm");
+
+  if (!shouldDelete) {
+    console.log(`\n⚠️  Dry run mode. To actually delete orphan records, run with --confirm flag:`);
+    console.log(`   node dist/scripts/cleanup-orphan-files.js --confirm`);
+    return;
+  }
+
+  console.log(`\n🗑️  Deleting orphan file records...`);
+
+  let deletedCount = 0;
+  for (const file of orphanFiles) {
+    try {
+      await prisma.file.delete({
+        where: { id: file.id },
+      });
+      deletedCount++;
+      console.log(`  ✓ Deleted: ${file.name}`);
+    } catch (error) {
+      console.error(`  ✗ Failed to delete ${file.name}:`, error);
+    }
+  }
+
+  console.log(`\n✅ Cleanup complete!`);
+  console.log(`   Deleted ${deletedCount} orphan file records`);
+}
+
+// Run the cleanup
+cleanupOrphanFiles()
+  .then(() => {
+    console.log("\nScript completed successfully");
+    process.exit(0);
+  })
+  .catch((error) => {
+    console.error("\n❌ Script failed:", error);
+    process.exit(1);
+  });

apps/server/src/types/storage.ts

@@ -2,6 +2,7 @@ export interface StorageProvider {
   getPresignedPutUrl(objectName: string, expires: number): Promise<string>;
   getPresignedGetUrl(objectName: string, expires: number, fileName?: string): Promise<string>;
   deleteObject(objectName: string): Promise<void>;
+  fileExists(objectName: string): Promise<boolean>;
 }
 
 export interface StorageConfig {

apps/server/src/utils/file-name-generator.ts

@@ -0,0 +1,206 @@
+import { prisma } from "../shared/prisma";
+
+/**
+ * Generates a unique filename by checking for duplicates in the database
+ * and appending a numeric suffix if necessary (e.g., file (1).txt, file (2).txt)
+ *
+ * @param baseName - The original filename without extension
+ * @param extension - The file extension
+ * @param userId - The user ID who owns the file
+ * @param folderId - The folder ID where the file will be stored (null for root)
+ * @returns A unique filename with extension
+ */
+export async function generateUniqueFileName(
+  baseName: string,
+  extension: string,
+  userId: string,
+  folderId: string | null | undefined
+): Promise<string> {
+  const fullName = `${baseName}.${extension}`;
+  const targetFolderId = folderId || null;
+
+  // Check if the original filename exists in the target folder
+  const existingFile = await prisma.file.findFirst({
+    where: {
+      name: fullName,
+      userId,
+      folderId: targetFolderId,
+    },
+  });
+
+  // If no duplicate, return the original name
+  if (!existingFile) {
+    return fullName;
+  }
+
+  // Find the next available suffix number
+  let suffix = 1;
+  let uniqueName = `${baseName} (${suffix}).${extension}`;
+
+  while (true) {
+    const duplicateFile = await prisma.file.findFirst({
+      where: {
+        name: uniqueName,
+        userId,
+        folderId: targetFolderId,
+      },
+    });
+
+    if (!duplicateFile) {
+      return uniqueName;
+    }
+
+    suffix++;
+    uniqueName = `${baseName} (${suffix}).${extension}`;
+  }
+}
+
+/**
+ * Generates a unique filename for rename operations by checking for duplicates
+ * and appending a numeric suffix if necessary (e.g., file (1).txt, file (2).txt)
+ *
+ * @param baseName - The original filename without extension
+ * @param extension - The file extension
+ * @param userId - The user ID who owns the file
+ * @param folderId - The folder ID where the file will be stored (null for root)
+ * @param excludeFileId - The ID of the file being renamed (to exclude from duplicate check)
+ * @returns A unique filename with extension
+ */
+export async function generateUniqueFileNameForRename(
+  baseName: string,
+  extension: string,
+  userId: string,
+  folderId: string | null | undefined,
+  excludeFileId: string
+): Promise<string> {
+  const fullName = `${baseName}.${extension}`;
+  const targetFolderId = folderId || null;
+
+  // Check if the original filename exists in the target folder (excluding current file)
+  const existingFile = await prisma.file.findFirst({
+    where: {
+      name: fullName,
+      userId,
+      folderId: targetFolderId,
+      id: { not: excludeFileId },
+    },
+  });
+
+  // If no duplicate, return the original name
+  if (!existingFile) {
+    return fullName;
+  }
+
+  // Find the next available suffix number
+  let suffix = 1;
+  let uniqueName = `${baseName} (${suffix}).${extension}`;
+
+  while (true) {
+    const duplicateFile = await prisma.file.findFirst({
+      where: {
+        name: uniqueName,
+        userId,
+        folderId: targetFolderId,
+        id: { not: excludeFileId },
+      },
+    });
+
+    if (!duplicateFile) {
+      return uniqueName;
+    }
+
+    suffix++;
+    uniqueName = `${baseName} (${suffix}).${extension}`;
+  }
+}
+
+/**
+ * Generates a unique folder name by checking for duplicates in the database
+ * and appending a numeric suffix if necessary (e.g., folder (1), folder (2))
+ *
+ * @param name - The original folder name
+ * @param userId - The user ID who owns the folder
+ * @param parentId - The parent folder ID (null for root)
+ * @param excludeFolderId - The ID of the folder being renamed (to exclude from duplicate check)
+ * @returns A unique folder name
+ */
+export async function generateUniqueFolderName(
+  name: string,
+  userId: string,
+  parentId: string | null | undefined,
+  excludeFolderId?: string
+): Promise<string> {
+  const targetParentId = parentId || null;
+
+  // Build the where clause
+  const whereClause: any = {
+    name,
+    userId,
+    parentId: targetParentId,
+  };
+
+  // Exclude the current folder if this is a rename operation
+  if (excludeFolderId) {
+    whereClause.id = { not: excludeFolderId };
+  }
+
+  // Check if the original folder name exists in the target location
+  const existingFolder = await prisma.folder.findFirst({
+    where: whereClause,
+  });
+
+  // If no duplicate, return the original name
+  if (!existingFolder) {
+    return name;
+  }
+
+  // Find the next available suffix number
+  let suffix = 1;
+  let uniqueName = `${name} (${suffix})`;
+
+  while (true) {
+    const whereClauseForSuffix: any = {
+      name: uniqueName,
+      userId,
+      parentId: targetParentId,
+    };
+
+    if (excludeFolderId) {
+      whereClauseForSuffix.id = { not: excludeFolderId };
+    }
+
+    const duplicateFolder = await prisma.folder.findFirst({
+      where: whereClauseForSuffix,
+    });
+
+    if (!duplicateFolder) {
+      return uniqueName;
+    }
+
+    suffix++;
+    uniqueName = `${name} (${suffix})`;
+  }
+}
+
+/**
+ * Parses a filename into base name and extension
+ *
+ * @param filename - The full filename with extension
+ * @returns Object with baseName and extension
+ */
+export function parseFileName(filename: string): { baseName: string; extension: string } {
+  const lastDotIndex = filename.lastIndexOf(".");
+
+  if (lastDotIndex === -1 || lastDotIndex === 0) {
+    // No extension or hidden file with no name before dot
+    return {
+      baseName: filename,
+      extension: "",
+    };
+  }
+
+  return {
+    baseName: filename.substring(0, lastDotIndex),
+    extension: filename.substring(lastDotIndex + 1),
+  };
+}

apps/web/messages/ar-SA.json

@@ -150,7 +150,9 @@
     "move": "نقل",
     "rename": "إعادة تسمية",
     "search": "بحث",
-    "share": "مشاركة"
+    "share": "مشاركة",
+    "copied": "تم النسخ",
+    "copy": "نسخ"
   },
   "createShare": {
     "title": "إنشاء مشاركة",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "معاينة الملف",
+    "description": "معاينة وتنزيل الملف",
     "loading": "جاري التحميل...",
     "notAvailable": "المعاينة غير متاحة لهذا النوع من الملفات.",
     "downloadToView": "استخدم زر التحميل لتنزيل الملف.",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "رفع الملفات - Palmr",
-        "description": "رفع الملفات عبر الرابط المشترك"
+        "description": "رفع الملفات عبر الرابط المشترك",
+        "descriptionWithLimit": "تحميل الملفات (الحد الأقصى {limit} ملفات)"
       },
       "layout": {
         "defaultTitle": "رفع الملفات",
@@ -1300,6 +1304,10 @@
       "passwordAuthEnabled": {
         "title": "المصادقة بالكلمة السرية",
         "description": "تمكين أو تعطيل المصادقة بالكلمة السرية"
+      },
+      "hideVersion": {
+        "title": "إخفاء الإصدار",
+        "description": "إخفاء إصدار Palmr في تذييل جميع الصفحات"
       }
     },
     "buttons": {
@@ -1361,7 +1369,11 @@
       "description": "قد يكون تم حذف هذه المشاركة أو انتهت صلاحيتها."
     },
     "pageTitle": "المشاركة",
-    "downloadAll": "تحميل الكل"
+    "downloadAll": "تحميل الكل",
+    "metadata": {
+      "defaultDescription": "مشاركة الملفات بشكل آمن",
+      "filesShared": "{count, plural, =1 {ملف واحد تمت مشاركته} other {# ملفات تمت مشاركتها}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "حذف المشاركة",
@@ -1923,5 +1935,17 @@
     "passwordRequired": "كلمة المرور مطلوبة",
     "nameRequired": "الاسم مطلوب",
     "required": "هذا الحقل مطلوب"
+  },
+  "embedCode": {
+    "title": "تضمين الصورة",
+    "description": "استخدم هذه الأكواد لتضمين هذه الصورة في المنتديات أو المواقع الإلكترونية أو المنصات الأخرى",
+    "tabs": {
+      "directLink": "رابط مباشر",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "عنوان URL مباشر لملف الصورة",
+    "htmlDescription": "استخدم هذا الكود لتضمين الصورة في صفحات HTML",
+    "bbcodeDescription": "استخدم هذا الكود لتضمين الصورة في المنتديات التي تدعم BBCode"
   }
-}
+}

apps/web/messages/de-DE.json

@@ -150,7 +150,9 @@
     "move": "Verschieben",
     "rename": "Umbenennen",
     "search": "Suchen",
-    "share": "Teilen"
+    "share": "Teilen",
+    "copied": "Kopiert",
+    "copy": "Kopieren"
   },
   "createShare": {
     "title": "Freigabe Erstellen",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "Datei-Vorschau",
+    "description": "Vorschau und Download der Datei",
     "loading": "Laden...",
     "notAvailable": "Vorschau für diesen Dateityp nicht verfügbar.",
     "downloadToView": "Verwenden Sie die Download-Schaltfläche, um die Datei herunterzuladen.",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "Dateien senden - Palmr",
-        "description": "Senden Sie Dateien über den geteilten Link"
+        "description": "Senden Sie Dateien über den geteilten Link",
+        "descriptionWithLimit": "Dateien hochladen (max. {limit} Dateien)"
       },
       "layout": {
         "defaultTitle": "Dateien senden",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "Passwort-Authentifizierung",
         "description": "Passwort-basierte Authentifizierung aktivieren oder deaktivieren"
+      },
+      "hideVersion": {
+        "title": "Version Ausblenden",
+        "description": "Die Palmr-Version in der Fußzeile aller Seiten ausblenden"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "Diese Freigabe wurde möglicherweise gelöscht oder ist abgelaufen."
     },
     "pageTitle": "Freigabe",
-    "downloadAll": "Alle herunterladen"
+    "downloadAll": "Alle herunterladen",
+    "metadata": {
+      "defaultDescription": "Dateien sicher teilen",
+      "filesShared": "{count, plural, =1 {1 Datei geteilt} other {# Dateien geteilt}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "Freigabe Löschen",
@@ -1921,5 +1933,17 @@
     "passwordRequired": "Passwort ist erforderlich",
     "nameRequired": "Name ist erforderlich",
     "required": "Dieses Feld ist erforderlich"
+  },
+  "embedCode": {
+    "title": "Bild einbetten",
+    "description": "Verwenden Sie diese Codes, um dieses Bild in Foren, Websites oder anderen Plattformen einzubetten",
+    "tabs": {
+      "directLink": "Direkter Link",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "Direkte URL zur Bilddatei",
+    "htmlDescription": "Verwenden Sie diesen Code, um das Bild in HTML-Seiten einzubetten",
+    "bbcodeDescription": "Verwenden Sie diesen Code, um das Bild in Foren einzubetten, die BBCode unterstützen"
   }
-}
+}

apps/web/messages/en-US.json

@@ -150,7 +150,9 @@
     "rename": "Rename",
     "move": "Move",
     "share": "Share",
-    "search": "Search"
+    "search": "Search",
+    "copy": "Copy",
+    "copied": "Copied"
   },
   "createShare": {
     "title": "Create Share",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "Preview File",
+    "description": "Preview and download file",
     "loading": "Loading...",
     "notAvailable": "Preview not available for this file type",
     "downloadToView": "Use the download button to view this file",
@@ -1057,7 +1060,8 @@
     "upload": {
       "metadata": {
         "title": "Send Files - Palmr",
-        "description": "Send files through the shared link"
+        "description": "Send files through the shared link",
+        "descriptionWithLimit": "Upload files (max {limit} files)"
       },
       "layout": {
         "defaultTitle": "Send Files",
@@ -1211,6 +1215,10 @@
         "title": "Show Home Page",
         "description": "Show Home Page after installation"
       },
+      "hideVersion": {
+        "title": "Hide Version",
+        "description": "Hide the Palmr version from the footer on all pages"
+      },
       "smtpEnabled": {
         "title": "SMTP Enabled",
         "description": "Enable or disable SMTP email functionality"
@@ -1357,7 +1365,11 @@
       "title": "Share Not Found",
       "description": "This share may have been deleted or expired."
     },
-    "pageTitle": "Share"
+    "pageTitle": "Share",
+    "metadata": {
+      "defaultDescription": "Share files securely",
+      "filesShared": "{count, plural, =1 {1 file shared} other {# files shared}}"
+    }
   },
   "shareActions": {
     "fileTitle": "Share File",
@@ -1872,6 +1884,18 @@
       "userr": "User"
     }
   },
+  "embedCode": {
+    "title": "Embed Image",
+    "description": "Use these codes to embed this image in forums, websites, or other platforms",
+    "tabs": {
+      "directLink": "Direct Link",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "Direct URL to the image file",
+    "htmlDescription": "Use this code to embed the image in HTML pages",
+    "bbcodeDescription": "Use this code to embed the image in forums that support BBCode"
+  },
   "validation": {
     "firstNameRequired": "First name is required",
     "lastNameRequired": "Last name is required",
@@ -1887,4 +1911,4 @@
     "nameRequired": "Name is required",
     "required": "This field is required"
   }
-}
+}

apps/web/messages/es-ES.json

@@ -150,7 +150,9 @@
     "move": "Mover",
     "rename": "Renombrar",
     "search": "Buscar",
-    "share": "Compartir"
+    "share": "Compartir",
+    "copied": "Copiado",
+    "copy": "Copiar"
   },
   "createShare": {
     "title": "Crear Compartir",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "Vista Previa del Archivo",
+    "description": "Vista previa y descarga de archivo",
     "loading": "Cargando...",
     "notAvailable": "Vista previa no disponible para este tipo de archivo.",
     "downloadToView": "Use el botón de descarga para descargar el archivo.",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "Enviar Archivos - Palmr",
-        "description": "Envía archivos a través del enlace compartido"
+        "description": "Envía archivos a través del enlace compartido",
+        "descriptionWithLimit": "Subir archivos (máx. {limit} archivos)"
       },
       "layout": {
         "defaultTitle": "Enviar Archivos",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "Autenticación por Contraseña",
         "description": "Habilitar o deshabilitar la autenticación basada en contraseña"
+      },
+      "hideVersion": {
+        "title": "Ocultar Versión",
+        "description": "Ocultar la versión de Palmr en el pie de página de todas las páginas"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "Esta compartición puede haber sido eliminada o haber expirado."
     },
     "pageTitle": "Compartición",
-    "downloadAll": "Descargar Todo"
+    "downloadAll": "Descargar Todo",
+    "metadata": {
+      "defaultDescription": "Compartir archivos de forma segura",
+      "filesShared": "{count, plural, =1 {1 archivo compartido} other {# archivos compartidos}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "Eliminar Compartir",
@@ -1921,5 +1933,17 @@
     "passwordRequired": "Se requiere la contraseña",
     "nameRequired": "El nombre es obligatorio",
     "required": "Este campo es obligatorio"
+  },
+  "embedCode": {
+    "title": "Insertar imagen",
+    "description": "Utiliza estos códigos para insertar esta imagen en foros, sitios web u otras plataformas",
+    "tabs": {
+      "directLink": "Enlace directo",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "URL directa al archivo de imagen",
+    "htmlDescription": "Utiliza este código para insertar la imagen en páginas HTML",
+    "bbcodeDescription": "Utiliza este código para insertar la imagen en foros que admiten BBCode"
   }
-}
+}

apps/web/messages/fr-FR.json

@@ -150,7 +150,9 @@
     "move": "Déplacer",
     "rename": "Renommer",
     "search": "Rechercher",
-    "share": "Partager"
+    "share": "Partager",
+    "copied": "Copié",
+    "copy": "Copier"
   },
   "createShare": {
     "title": "Créer un Partage",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "Aperçu du Fichier",
+    "description": "Aperçu et téléchargement du fichier",
     "loading": "Chargement...",
     "notAvailable": "Aperçu non disponible pour ce type de fichier.",
     "downloadToView": "Utilisez le bouton de téléchargement pour télécharger le fichier.",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "Envoyer des Fichiers - Palmr",
-        "description": "Envoyez des fichiers via le lien partagé"
+        "description": "Envoyez des fichiers via le lien partagé",
+        "descriptionWithLimit": "Télécharger des fichiers (max {limit} fichiers)"
       },
       "layout": {
         "defaultTitle": "Envoyer des Fichiers",
@@ -1301,6 +1305,10 @@
       "passwordAuthEnabled": {
         "title": "Authentification par Mot de Passe",
         "description": "Activer ou désactiver l'authentification basée sur mot de passe"
+      },
+      "hideVersion": {
+        "title": "Masquer la Version",
+        "description": "Masquer la version de Palmr dans le pied de page de toutes les pages"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "Ce partage a peut-être été supprimé ou a expiré."
     },
     "pageTitle": "Partage",
-    "downloadAll": "Tout Télécharger"
+    "downloadAll": "Tout Télécharger",
+    "metadata": {
+      "defaultDescription": "Partager des fichiers en toute sécurité",
+      "filesShared": "{count, plural, =1 {1 fichier partagé} other {# fichiers partagés}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "Supprimer le Partage",
@@ -1921,5 +1933,17 @@
     "passwordRequired": "Le mot de passe est requis",
     "nameRequired": "Nome é obrigatório",
     "required": "Este campo é obrigatório"
+  },
+  "embedCode": {
+    "title": "Intégrer l'image",
+    "description": "Utilisez ces codes pour intégrer cette image dans des forums, sites web ou autres plateformes",
+    "tabs": {
+      "directLink": "Lien direct",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "URL directe vers le fichier image",
+    "htmlDescription": "Utilisez ce code pour intégrer l'image dans des pages HTML",
+    "bbcodeDescription": "Utilisez ce code pour intégrer l'image dans des forums prenant en charge BBCode"
   }
-}
+}

apps/web/messages/hi-IN.json

@@ -150,7 +150,9 @@
     "move": "स्थानांतरित करें",
     "rename": "नाम बदलें",
     "search": "खोजें",
-    "share": "साझा करें"
+    "share": "साझा करें",
+    "copied": "कॉपी किया गया",
+    "copy": "कॉपी करें"
   },
   "createShare": {
     "title": "साझाकरण बनाएं",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "फ़ाइल पूर्वावलोकन",
+    "description": "फ़ाइल पूर्वावलोकन और डाउनलोड",
     "loading": "लोड हो रहा है...",
     "notAvailable": "इस फ़ाइल प्रकार के लिए पूर्वावलोकन उपलब्ध नहीं है।",
     "downloadToView": "फ़ाइल डाउनलोड करने के लिए डाउनलोड बटन का उपयोग करें।",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "फ़ाइलें भेजें - पाल्मर",
-        "description": "साझा किए गए लिंक के माध्यम से फ़ाइलें भेजें"
+        "description": "साझा किए गए लिंक के माध्यम से फ़ाइलें भेजें",
+        "descriptionWithLimit": "फ़ाइलें अपलोड करें (अधिकतम {limit} फ़ाइलें)"
       },
       "layout": {
         "defaultTitle": "फ़ाइलें भेजें",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "पासवर्ड प्रमाणीकरण",
         "description": "पासवर्ड आधारित प्रमाणीकरण सक्षम या अक्षम करें"
+      },
+      "hideVersion": {
+        "title": "संस्करण छुपाएं",
+        "description": "सभी पृष्ठों के फुटर में Palmr संस्करण छुपाएं"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "यह साझाकरण हटा दिया गया हो सकता है या समाप्त हो चुका है।"
     },
     "pageTitle": "साझाकरण",
-    "downloadAll": "सभी डाउनलोड करें"
+    "downloadAll": "सभी डाउनलोड करें",
+    "metadata": {
+      "defaultDescription": "फाइलों को सुरक्षित रूप से साझा करें",
+      "filesShared": "{count, plural, =1 {1 फ़ाइल साझा की गई} other {# फ़ाइलें साझा की गईं}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "साझाकरण हटाएं",
@@ -1921,5 +1933,17 @@
     "passwordRequired": "पासवर्ड आवश्यक है",
     "nameRequired": "नाम आवश्यक है",
     "required": "यह फ़ील्ड आवश्यक है"
+  },
+  "embedCode": {
+    "title": "छवि एम्बेड करें",
+    "description": "इस छवि को मंचों, वेबसाइटों या अन्य प्लेटफार्मों में एम्बेड करने के लिए इन कोड का उपयोग करें",
+    "tabs": {
+      "directLink": "सीधा लिंक",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "छवि फ़ाइल का सीधा URL",
+    "htmlDescription": "HTML पेजों में छवि एम्बेड करने के लिए इस कोड का उपयोग करें",
+    "bbcodeDescription": "BBCode का समर्थन करने वाले मंचों में छवि एम्बेड करने के लिए इस कोड का उपयोग करें"
   }
-}
+}

apps/web/messages/it-IT.json

@@ -150,7 +150,9 @@
     "move": "Sposta",
     "rename": "Rinomina",
     "search": "Cerca",
-    "share": "Condividi"
+    "share": "Condividi",
+    "copied": "Copiato",
+    "copy": "Copia"
   },
   "createShare": {
     "title": "Crea Condivisione",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "Anteprima File",
+    "description": "Anteprima e download del file",
     "loading": "Caricamento...",
     "notAvailable": "Anteprima non disponibile per questo tipo di file.",
     "downloadToView": "Utilizzare il pulsante di download per scaricare il file.",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "Invia File - Palmr",
-        "description": "Invia file attraverso il link condiviso"
+        "description": "Invia file attraverso il link condiviso",
+        "descriptionWithLimit": "Carica file (max {limit} file)"
       },
       "layout": {
         "defaultTitle": "Invia File",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "Autenticazione Password",
         "description": "Abilita o disabilita l'autenticazione basata su password"
+      },
+      "hideVersion": {
+        "title": "Nascondi Versione",
+        "description": "Nascondi la versione di Palmr nel piè di pagina di tutte le pagine"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "Questa condivisione potrebbe essere stata eliminata o è scaduta."
     },
     "pageTitle": "Condivisione",
-    "downloadAll": "Scarica Tutto"
+    "downloadAll": "Scarica Tutto",
+    "metadata": {
+      "defaultDescription": "Condividi file in modo sicuro",
+      "filesShared": "{count, plural, =1 {1 file condiviso} other {# file condivisi}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "Elimina Condivisione",
@@ -1921,5 +1933,17 @@
     "passwordMinLength": "La password deve contenere almeno 6 caratteri",
     "nameRequired": "Il nome è obbligatorio",
     "required": "Questo campo è obbligatorio"
+  },
+  "embedCode": {
+    "title": "Incorpora immagine",
+    "description": "Usa questi codici per incorporare questa immagine in forum, siti web o altre piattaforme",
+    "tabs": {
+      "directLink": "Link diretto",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "URL diretto al file immagine",
+    "htmlDescription": "Usa questo codice per incorporare l'immagine nelle pagine HTML",
+    "bbcodeDescription": "Usa questo codice per incorporare l'immagine nei forum che supportano BBCode"
   }
-}
+}

apps/web/messages/ja-JP.json

@@ -150,7 +150,9 @@
     "move": "移動",
     "rename": "名前を変更",
     "search": "検索",
-    "share": "共有"
+    "share": "共有",
+    "copied": "コピーしました",
+    "copy": "コピー"
   },
   "createShare": {
     "title": "共有を作成",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "ファイルプレビュー",
+    "description": "ファイルをプレビューしてダウンロード",
     "loading": "読み込み中...",
     "notAvailable": "このファイルタイプのプレビューは利用できません。",
     "downloadToView": "ダウンロードボタンを使用してファイルをダウンロードしてください。",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "ファイルを送信 - Palmr",
-        "description": "共有リンクを通じてファイルを送信"
+        "description": "共有リンクを通じてファイルを送信",
+        "descriptionWithLimit": "ファイルをアップロード（最大{limit}ファイル）"
       },
       "layout": {
         "defaultTitle": "ファイルを送信",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "パスワード認証",
         "description": "パスワード認証を有効または無効にする"
+      },
+      "hideVersion": {
+        "title": "バージョンを非表示",
+        "description": "すべてのページのフッターにあるPalmrバージョンを非表示にする"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "この共有は削除されたか、期限が切れている可能性があります。"
     },
     "pageTitle": "共有",
-    "downloadAll": "すべてダウンロード"
+    "downloadAll": "すべてダウンロード",
+    "metadata": {
+      "defaultDescription": "ファイルを安全に共有",
+      "filesShared": "{count, plural, =1 {1 ファイルが共有されました} other {# ファイルが共有されました}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "共有を削除",
@@ -1921,5 +1933,17 @@
     "passwordRequired": "パスワードは必須です",
     "nameRequired": "名前は必須です",
     "required": "このフィールドは必須です"
+  },
+  "embedCode": {
+    "title": "画像を埋め込む",
+    "description": "これらのコードを使用して、この画像をフォーラム、ウェブサイト、またはその他のプラットフォームに埋め込みます",
+    "tabs": {
+      "directLink": "直接リンク",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "画像ファイルへの直接URL",
+    "htmlDescription": "このコードを使用してHTMLページに画像を埋め込みます",
+    "bbcodeDescription": "BBCodeをサポートするフォーラムに画像を埋め込むには、このコードを使用します"
   }
-}
+}

apps/web/messages/ko-KR.json

@@ -150,7 +150,9 @@
     "move": "이동",
     "rename": "이름 변경",
     "search": "검색",
-    "share": "공유"
+    "share": "공유",
+    "copied": "복사됨",
+    "copy": "복사"
   },
   "createShare": {
     "title": "공유 생성",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "파일 미리보기",
+    "description": "파일 미리보기 및 다운로드",
     "loading": "로딩 중...",
     "notAvailable": "이 파일 유형에 대한 미리보기를 사용할 수 없습니다.",
     "downloadToView": "다운로드 버튼을 사용하여 파일을 다운로드하세요.",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "파일 보내기 - Palmr",
-        "description": "공유된 링크를 통해 파일 보내기"
+        "description": "공유된 링크를 통해 파일 보내기",
+        "descriptionWithLimit": "파일 업로드 (최대 {limit}개 파일)"
       },
       "layout": {
         "defaultTitle": "파일 보내기",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "비밀번호 인증",
         "description": "비밀번호 기반 인증 활성화 또는 비활성화"
+      },
+      "hideVersion": {
+        "title": "버전 숨기기",
+        "description": "모든 페이지의 바닥글에서 Palmr 버전 숨기기"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "이 공유는 삭제되었거나 만료되었을 수 있습니다."
     },
     "pageTitle": "공유",
-    "downloadAll": "모두 다운로드"
+    "downloadAll": "모두 다운로드",
+    "metadata": {
+      "defaultDescription": "파일을 안전하게 공유",
+      "filesShared": "{count, plural, =1 {1개 파일 공유됨} other {#개 파일 공유됨}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "공유 삭제",
@@ -1921,5 +1933,17 @@
     "passwordRequired": "비밀번호는 필수입니다",
     "nameRequired": "이름은 필수입니다",
     "required": "이 필드는 필수입니다"
+  },
+  "embedCode": {
+    "title": "이미지 삽입",
+    "description": "이 코드를 사용하여 포럼, 웹사이트 또는 기타 플랫폼에 이 이미지를 삽입하세요",
+    "tabs": {
+      "directLink": "직접 링크",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "이미지 파일에 대한 직접 URL",
+    "htmlDescription": "이 코드를 사용하여 HTML 페이지에 이미지를 삽입하세요",
+    "bbcodeDescription": "BBCode를 지원하는 포럼에 이미지를 삽입하려면 이 코드를 사용하세요"
   }
-}
+}

apps/web/messages/nl-NL.json

@@ -150,7 +150,9 @@
     "move": "Verplaatsen",
     "rename": "Hernoemen",
     "search": "Zoeken",
-    "share": "Delen"
+    "share": "Delen",
+    "copied": "Gekopieerd",
+    "copy": "Kopiëren"
   },
   "createShare": {
     "title": "Delen Maken",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "Bestandsvoorbeeld",
+    "description": "Bestand bekijken en downloaden",
     "loading": "Laden...",
     "notAvailable": "Voorbeeld niet beschikbaar voor dit bestandstype.",
     "downloadToView": "Gebruik de downloadknop om het bestand te downloaden.",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "Bestanden Verzenden - Palmr",
-        "description": "Verzend bestanden via de gedeelde link"
+        "description": "Verzend bestanden via de gedeelde link",
+        "descriptionWithLimit": "Upload bestanden (max {limit} bestanden)"
       },
       "layout": {
         "defaultTitle": "Bestanden Verzenden",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "Wachtwoord Authenticatie",
         "description": "Wachtwoord-gebaseerde authenticatie inschakelen of uitschakelen"
+      },
+      "hideVersion": {
+        "title": "Versie Verbergen",
+        "description": "Verberg de Palmr-versie in de voettekst van alle pagina's"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "Dit delen is mogelijk verwijderd of verlopen."
     },
     "pageTitle": "Delen",
-    "downloadAll": "Alles Downloaden"
+    "downloadAll": "Alles Downloaden",
+    "metadata": {
+      "defaultDescription": "Bestanden veilig delen",
+      "filesShared": "{count, plural, =1 {1 bestand gedeeld} other {# bestanden gedeeld}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "Delen Verwijderen",
@@ -1921,5 +1933,17 @@
     "passwordMinLength": "Wachtwoord moet minimaal 6 tekens bevatten",
     "nameRequired": "Naam is verplicht",
     "required": "Dit veld is verplicht"
+  },
+  "embedCode": {
+    "title": "Afbeelding insluiten",
+    "description": "Gebruik deze codes om deze afbeelding in te sluiten in forums, websites of andere platforms",
+    "tabs": {
+      "directLink": "Directe link",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "Directe URL naar het afbeeldingsbestand",
+    "htmlDescription": "Gebruik deze code om de afbeelding in te sluiten in HTML-pagina's",
+    "bbcodeDescription": "Gebruik deze code om de afbeelding in te sluiten in forums die BBCode ondersteunen"
   }
-}
+}

apps/web/messages/pl-PL.json

@@ -150,7 +150,9 @@
     "move": "Przenieś",
     "rename": "Zmień nazwę",
     "search": "Szukaj",
-    "share": "Udostępnij"
+    "share": "Udostępnij",
+    "copied": "Skopiowano",
+    "copy": "Kopiuj"
   },
   "createShare": {
     "title": "Utwórz Udostępnienie",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "Podgląd pliku",
+    "description": "Podgląd i pobieranie pliku",
     "loading": "Ładowanie...",
     "notAvailable": "Podgląd niedostępny dla tego typu pliku",
     "downloadToView": "Użyj przycisku pobierania, aby wyświetlić ten plik",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "Wyślij pliki - Palmr",
-        "description": "Wysyłaj pliki za pośrednictwem udostępnionego linku"
+        "description": "Wysyłaj pliki za pośrednictwem udostępnionego linku",
+        "descriptionWithLimit": "Prześlij pliki (maks. {limit} plików)"
       },
       "layout": {
         "defaultTitle": "Wyślij pliki",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "Uwierzytelnianie hasłem",
         "description": "Włącz lub wyłącz uwierzytelnianie oparte na haśle"
+      },
+      "hideVersion": {
+        "title": "Ukryj Wersję",
+        "description": "Ukryj wersję Palmr w stopce wszystkich stron"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "To udostępnienie mogło zostać usunięte lub wygasło."
     },
     "pageTitle": "Udostępnij",
-    "downloadAll": "Pobierz wszystkie"
+    "downloadAll": "Pobierz wszystkie",
+    "metadata": {
+      "defaultDescription": "Bezpiecznie udostępniaj pliki",
+      "filesShared": "{count, plural, =1 {1 plik udostępniony} other {# plików udostępnionych}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "Usuń udostępnienie",
@@ -1921,5 +1933,17 @@
     "passwordMinLength": "Hasło musi mieć co najmniej 6 znaków",
     "nameRequired": "Nazwa jest wymagana",
     "required": "To pole jest wymagane"
+  },
+  "embedCode": {
+    "title": "Osadź obraz",
+    "description": "Użyj tych kodów, aby osadzić ten obraz na forach, stronach internetowych lub innych platformach",
+    "tabs": {
+      "directLink": "Link bezpośredni",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "Bezpośredni adres URL pliku obrazu",
+    "htmlDescription": "Użyj tego kodu, aby osadzić obraz na stronach HTML",
+    "bbcodeDescription": "Użyj tego kodu, aby osadzić obraz na forach obsługujących BBCode"
   }
-}
+}

apps/web/messages/pt-BR.json

@@ -150,7 +150,9 @@
     "move": "Mover",
     "rename": "Renomear",
     "search": "Pesquisar",
-    "share": "Compartilhar"
+    "share": "Compartilhar",
+    "copied": "Copiado",
+    "copy": "Copiar"
   },
   "createShare": {
     "title": "Criar compartilhamento",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "Visualizar Arquivo",
+    "description": "Visualizar e baixar arquivo",
     "loading": "Carregando...",
     "notAvailable": "Preview não disponível para este tipo de arquivo.",
     "downloadToView": "Use o botão de download para baixar o arquivo.",
@@ -1057,7 +1060,8 @@
     "upload": {
       "metadata": {
         "title": "Enviar Arquivos - Palmr",
-        "description": "Envie arquivos através do link compartilhado"
+        "description": "Envie arquivos através do link compartilhado",
+        "descriptionWithLimit": "Enviar arquivos (máx. {limit} arquivos)"
       },
       "layout": {
         "defaultTitle": "Enviar Arquivos",
@@ -1307,6 +1311,10 @@
       "passwordAuthEnabled": {
         "title": "Autenticação por Senha",
         "description": "Ative ou desative a autenticação baseada em senha"
+      },
+      "hideVersion": {
+        "title": "Ocultar Versão",
+        "description": "Ocultar a versão do Palmr no rodapé de todas as páginas"
       }
     },
     "buttons": {
@@ -1360,7 +1368,11 @@
       "description": "Este compartilhamento pode ter sido excluído ou expirado."
     },
     "pageTitle": "Compartilhamento",
-    "downloadAll": "Baixar todos"
+    "downloadAll": "Baixar todos",
+    "metadata": {
+      "defaultDescription": "Compartilhar arquivos com segurança",
+      "filesShared": "{count, plural, =1 {1 arquivo compartilhado} other {# arquivos compartilhados}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "Excluir Compartilhamento",
@@ -1922,5 +1934,17 @@
     "lastNameRequired": "O sobrenome é necessário",
     "usernameLength": "O nome de usuário deve ter pelo menos 3 caracteres",
     "usernameSpaces": "O nome de usuário não pode conter espaços"
+  },
+  "embedCode": {
+    "title": "Incorporar imagem",
+    "description": "Use estes códigos para incorporar esta imagem em fóruns, sites ou outras plataformas",
+    "tabs": {
+      "directLink": "Link direto",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "URL direto para o arquivo de imagem",
+    "htmlDescription": "Use este código para incorporar a imagem em páginas HTML",
+    "bbcodeDescription": "Use este código para incorporar a imagem em fóruns que suportam BBCode"
   }
-}
+}

apps/web/messages/ru-RU.json

@@ -150,7 +150,9 @@
     "move": "Переместить",
     "rename": "Переименовать",
     "search": "Поиск",
-    "share": "Поделиться"
+    "share": "Поделиться",
+    "copied": "Скопировано",
+    "copy": "Копировать"
   },
   "createShare": {
     "title": "Создать общий доступ",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "Предварительный просмотр файла",
+    "description": "Просмотр и загрузка файла",
     "loading": "Загрузка...",
     "notAvailable": "Предварительный просмотр недоступен для этого типа файла.",
     "downloadToView": "Используйте кнопку загрузки для скачивания файла.",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "Отправка файлов - Palmr",
-        "description": "Отправка файлов через общую ссылку"
+        "description": "Отправка файлов через общую ссылку",
+        "descriptionWithLimit": "Загрузить файлы (макс. {limit} файлов)"
       },
       "layout": {
         "defaultTitle": "Отправка файлов",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "Парольная аутентификация",
         "description": "Включить или отключить парольную аутентификацию"
+      },
+      "hideVersion": {
+        "title": "Скрыть Версию",
+        "description": "Скрыть версию Palmr в нижнем колонтитуле всех страниц"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "Этот общий доступ может быть удален или истек."
     },
     "pageTitle": "Общий доступ",
-    "downloadAll": "Скачать все"
+    "downloadAll": "Скачать все",
+    "metadata": {
+      "defaultDescription": "Безопасный обмен файлами",
+      "filesShared": "{count, plural, =1 {1 файл отправлен} other {# файлов отправлено}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "Удалить Общий Доступ",
@@ -1921,5 +1933,17 @@
     "passwordRequired": "Требуется пароль",
     "nameRequired": "Требуется имя",
     "required": "Это поле обязательно"
+  },
+  "embedCode": {
+    "title": "Встроить изображение",
+    "description": "Используйте эти коды для встраивания этого изображения на форумах, веб-сайтах или других платформах",
+    "tabs": {
+      "directLink": "Прямая ссылка",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "Прямой URL-адрес файла изображения",
+    "htmlDescription": "Используйте этот код для встраивания изображения в HTML-страницы",
+    "bbcodeDescription": "Используйте этот код для встраивания изображения на форумах, поддерживающих BBCode"
   }
-}
+}

apps/web/messages/tr-TR.json

@@ -150,7 +150,9 @@
     "move": "Taşı",
     "rename": "Yeniden Adlandır",
     "search": "Ara",
-    "share": "Paylaş"
+    "share": "Paylaş",
+    "copied": "Kopyalandı",
+    "copy": "Kopyala"
   },
   "createShare": {
     "title": "Paylaşım Oluştur",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "Dosya Önizleme",
+    "description": "Dosyayı önizleyin ve indirin",
     "loading": "Yükleniyor...",
     "notAvailable": "Bu dosya türü için önizleme mevcut değil.",
     "downloadToView": "Dosyayı indirmek için indirme düğmesini kullanın.",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "Dosya Gönder - Palmr",
-        "description": "Paylaşılan bağlantı üzerinden dosya gönderin"
+        "description": "Paylaşılan bağlantı üzerinden dosya gönderin",
+        "descriptionWithLimit": "Dosya yükle (maks. {limit} dosya)"
       },
       "layout": {
         "defaultTitle": "Dosya Gönder",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "Şifre Doğrulama",
         "description": "Şifre tabanlı doğrulamayı etkinleştirme veya devre dışı bırakma"
+      },
+      "hideVersion": {
+        "title": "Sürümü Gizle",
+        "description": "Tüm sayfaların alt bilgisinde Palmr sürümünü gizle"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "Bu paylaşım silinmiş veya süresi dolmuş olabilir."
     },
     "pageTitle": "Paylaşım",
-    "downloadAll": "Tümünü İndir"
+    "downloadAll": "Tümünü İndir",
+    "metadata": {
+      "defaultDescription": "Dosyaları güvenli bir şekilde paylaşın",
+      "filesShared": "{count, plural, =1 {1 dosya paylaşıldı} other {# dosya paylaşıldı}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "Paylaşımı Sil",
@@ -1921,5 +1933,17 @@
     "passwordRequired": "Şifre gerekli",
     "nameRequired": "İsim gereklidir",
     "required": "Bu alan zorunludur"
+  },
+  "embedCode": {
+    "title": "Resmi Yerleştir",
+    "description": "Bu görüntüyü forumlara, web sitelerine veya diğer platformlara yerleştirmek için bu kodları kullanın",
+    "tabs": {
+      "directLink": "Doğrudan Bağlantı",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "Resim dosyasının doğrudan URL'si",
+    "htmlDescription": "Resmi HTML sayfalarına yerleştirmek için bu kodu kullanın",
+    "bbcodeDescription": "BBCode destekleyen forumlara resmi yerleştirmek için bu kodu kullanın"
   }
-}
+}

apps/web/messages/zh-CN.json

@@ -150,7 +150,9 @@
     "move": "移动",
     "rename": "重命名",
     "search": "搜索",
-    "share": "分享"
+    "share": "分享",
+    "copied": "已复制",
+    "copy": "复制"
   },
   "createShare": {
     "title": "创建分享",
@@ -302,6 +304,7 @@
   },
   "filePreview": {
     "title": "文件预览",
+    "description": "预览和下载文件",
     "loading": "加载中...",
     "notAvailable": "此文件类型不支持预览。",
     "downloadToView": "使用下载按钮下载文件。",
@@ -1056,7 +1059,8 @@
     "upload": {
       "metadata": {
         "title": "上传文件 - Palmr",
-        "description": "通过共享链接上传文件"
+        "description": "通过共享链接上传文件",
+        "descriptionWithLimit": "上传文件（最多 {limit} 个文件）"
       },
       "layout": {
         "defaultTitle": "上传文件",
@@ -1298,6 +1302,10 @@
       "passwordAuthEnabled": {
         "title": "密码认证",
         "description": "启用或禁用基于密码的认证"
+      },
+      "hideVersion": {
+        "title": "隐藏版本",
+        "description": "在所有页面的页脚中隐藏Palmr版本"
       }
     },
     "buttons": {
@@ -1359,7 +1367,11 @@
       "description": "该共享可能已被删除或已过期。"
     },
     "pageTitle": "共享",
-    "downloadAll": "下载所有"
+    "downloadAll": "下载所有",
+    "metadata": {
+      "defaultDescription": "安全共享文件",
+      "filesShared": "{count, plural, =1 {已共享 1 个文件} other {已共享 # 个文件}}"
+    }
   },
   "shareActions": {
     "deleteTitle": "删除共享",
@@ -1684,7 +1696,11 @@
       "copyToClipboard": "复制到剪贴板",
       "savedMessage": "我已保存备用码",
       "available": "可用备用码：{count}个",
-      "instructions": ["• 将这些代码保存在安全的位置", "• 每个备用码只能使用一次", "• 您可以随时生成新的备用码"]
+      "instructions": [
+        "• 将这些代码保存在安全的位置",
+        "• 每个备用码只能使用一次",
+        "• 您可以随时生成新的备用码"
+      ]
     },
     "verification": {
       "title": "双重认证",
@@ -1917,5 +1933,17 @@
     "passwordRequired": "密码为必填项",
     "nameRequired": "名称为必填项",
     "required": "此字段为必填项"
+  },
+  "embedCode": {
+    "title": "嵌入图片",
+    "description": "使用这些代码将此图片嵌入到论坛、网站或其他平台中",
+    "tabs": {
+      "directLink": "直接链接",
+      "html": "HTML",
+      "bbcode": "BBCode"
+    },
+    "directLinkDescription": "图片文件的直接URL",
+    "htmlDescription": "使用此代码将图片嵌入HTML页面",
+    "bbcodeDescription": "使用此代码将图片嵌入支持BBCode的论坛"
   }
-}
+}

apps/web/package.json

@@ -1,6 +1,6 @@
 {
   "name": "palmr-web",
-  "version": "3.2.3-beta",
+  "version": "3.2.5-beta",
   "description": "Frontend for Palmr",
   "private": true,
   "author": "Daniel Luiz Alves <daniel@kyantech.com.br>",
@@ -11,7 +11,7 @@
     "react",
     "typescript"
   ],
-  "license": "BSD-2-Clause Copyright 2023 Kyantech",
+  "license": "Apache-2.0",
   "packageManager": "pnpm@10.6.0",
   "scripts": {
     "dev": "next dev -p 3000",

apps/web/src/app/(shares)/r/[alias]/components/transparent-footer.tsx

@@ -1,12 +1,18 @@
+"use client";
+
 import Link from "next/link";
 import { useTranslations } from "next-intl";
 
+import { useSecureConfigValue } from "@/hooks/use-secure-configs";
 import packageJson from "../../../../../../package.json";
 
 const { version } = packageJson;
 
 export function TransparentFooter() {
   const t = useTranslations();
+  const { value: hideVersion } = useSecureConfigValue("hideVersion");
+
+  const shouldHideVersion = hideVersion === "true";
 
   return (
     <footer className="absolute bottom-0 left-0 right-0 z-50 w-full flex items-center justify-center py-3 h-16 pointer-events-none">
@@ -22,7 +28,7 @@ export function TransparentFooter() {
             Kyantech Solutions
           </p>
         </Link>
-        <span className="text-white text-[11px] mt-1">v{version}</span>
+        {!shouldHideVersion && <span className="text-white text-[11px] mt-1">v{version}</span>}
       </div>
     </footer>
   );

apps/web/src/app/(shares)/r/[alias]/layout.tsx

@@ -1,12 +1,91 @@
 import type { Metadata } from "next";
+import { headers } from "next/headers";
 import { getTranslations } from "next-intl/server";
 
-export async function generateMetadata(): Promise<Metadata> {
+async function getReverseShareMetadata(alias: string) {
+  try {
+    const API_BASE_URL = process.env.API_BASE_URL || "http://localhost:3333";
+    const response = await fetch(`${API_BASE_URL}/reverse-shares/alias/${alias}/metadata`, {
+      cache: "no-store",
+    });
+
+    if (!response.ok) {
+      return null;
+    }
+
+    return await response.json();
+  } catch (error) {
+    console.error("Error fetching reverse share metadata:", error);
+    return null;
+  }
+}
+
+async function getAppInfo() {
+  try {
+    const API_BASE_URL = process.env.API_BASE_URL || "http://localhost:3333";
+    const response = await fetch(`${API_BASE_URL}/app/info`, {
+      cache: "no-store",
+    });
+
+    if (!response.ok) {
+      return { appName: "Palmr", appDescription: "File sharing platform", appLogo: null };
+    }
+
+    return await response.json();
+  } catch (error) {
+    console.error("Error fetching app info:", error);
+    return { appName: "Palmr", appDescription: "File sharing platform", appLogo: null };
+  }
+}
+
+async function getBaseUrl(): Promise<string> {
+  const headersList = await headers();
+  const protocol = headersList.get("x-forwarded-proto") || "http";
+  const host = headersList.get("x-forwarded-host") || headersList.get("host") || "localhost:3000";
+  return `${protocol}://${host}`;
+}
+
+export async function generateMetadata({ params }: { params: { alias: string } }): Promise<Metadata> {
   const t = await getTranslations();
+  const metadata = await getReverseShareMetadata(params.alias);
+  const appInfo = await getAppInfo();
+
+  const title = metadata?.name || t("reverseShares.upload.metadata.title");
+  const description =
+    metadata?.description ||
+    (metadata?.maxFiles
+      ? t("reverseShares.upload.metadata.descriptionWithLimit", { limit: metadata.maxFiles })
+      : t("reverseShares.upload.metadata.description"));
+
+  const baseUrl = await getBaseUrl();
+  const shareUrl = `${baseUrl}/r/${params.alias}`;
 
   return {
-    title: t("reverseShares.upload.metadata.title"),
-    description: t("reverseShares.upload.metadata.description"),
+    title,
+    description,
+    openGraph: {
+      title,
+      description,
+      url: shareUrl,
+      siteName: appInfo.appName || "Palmr",
+      type: "website",
+      images: appInfo.appLogo
+        ? [
+            {
+              url: appInfo.appLogo,
+              width: 1200,
+              height: 630,
+              alt: appInfo.appName || "Palmr",
+            },
+          ]
+        : [],
+    },
+    twitter: {
+      card: "summary_large_image",
+      title,
+      description,
+      images: appInfo.appLogo ? [appInfo.appLogo] : [],
+    },
   };
 }
 

apps/web/src/app/(shares)/reverse-shares/components/received-files-modal.tsx

@@ -900,16 +900,7 @@ export function ReceivedFilesModal({
       </Dialog>
 
       {previewFile && (
-        <ReverseShareFilePreviewModal
-          isOpen={!!previewFile}
-          onClose={() => setPreviewFile(null)}
-          file={{
-            id: previewFile.id,
-            name: previewFile.name,
-            objectName: previewFile.objectName,
-            extension: previewFile.extension,
-          }}
-        />
+        <ReverseShareFilePreviewModal isOpen={!!previewFile} onClose={() => setPreviewFile(null)} file={previewFile} />
       )}
     </>
   );

apps/web/src/app/(shares)/reverse-shares/components/received-files-section.tsx

@@ -7,23 +7,11 @@ import { toast } from "sonner";
 
 import { Button } from "@/components/ui/button";
 import { deleteReverseShareFile } from "@/http/endpoints/reverse-shares";
+import type { ReverseShareFile } from "@/http/endpoints/reverse-shares/types";
 import { downloadReverseShareWithQueue } from "@/utils/download-queue-utils";
 import { getFileIcon } from "@/utils/file-icons";
 import { ReverseShareFilePreviewModal } from "./reverse-share-file-preview-modal";
 
-interface ReverseShareFile {
-  id: string;
-  name: string;
-  description: string | null;
-  extension: string;
-  size: string;
-  objectName: string;
-  uploaderEmail: string | null;
-  uploaderName: string | null;
-  createdAt: string;
-  updatedAt: string;
-}
-
 interface ReceivedFilesSectionProps {
   files: ReverseShareFile[];
   onFileDeleted?: () => void;
@@ -159,16 +147,7 @@ export function ReceivedFilesSection({ files, onFileDeleted }: ReceivedFilesSect
       </div>
 
       {previewFile && (
-        <ReverseShareFilePreviewModal
-          isOpen={!!previewFile}
-          onClose={() => setPreviewFile(null)}
-          file={{
-            id: previewFile.id,
-            name: previewFile.name,
-            objectName: previewFile.objectName,
-            extension: previewFile.extension,
-          }}
-        />
+        <ReverseShareFilePreviewModal isOpen={!!previewFile} onClose={() => setPreviewFile(null)} file={previewFile} />
       )}
     </>
   );

apps/web/src/app/(shares)/reverse-shares/components/reverse-share-file-preview-modal.tsx

@@ -1,26 +1,20 @@
 "use client";
 
 import { FilePreviewModal } from "@/components/modals/file-preview-modal";
+import type { ReverseShareFile } from "@/http/endpoints/reverse-shares/types";
 
 interface ReverseShareFilePreviewModalProps {
   isOpen: boolean;
   onClose: () => void;
-  file: {
-    id: string;
-    name: string;
-    objectName: string;
-    extension?: string;
-  } | null;
+  file: ReverseShareFile | null;
 }
 
 export function ReverseShareFilePreviewModal({ isOpen, onClose, file }: ReverseShareFilePreviewModalProps) {
   if (!file) return null;
 
   const adaptedFile = {
-    name: file.name,
-    objectName: file.objectName,
-    type: file.extension,
-    id: file.id,
+    ...file,
+    description: file.description ?? undefined,
   };
 
   return <FilePreviewModal isOpen={isOpen} onClose={onClose} file={adaptedFile} isReverseShare={true} />;

apps/web/src/app/(shares)/reverse-shares/components/reverse-shares-search.tsx

@@ -27,13 +27,13 @@ export function ReverseSharesSearch({
 
   return (
     <div className="flex flex-col gap-6">
-      <div className="flex justify-between items-center">
+      <div className="flex flex-col sm:flex-row justify-between sm:items-center gap-4">
         <h2 className="text-xl font-semibold">{t("reverseShares.search.title")}</h2>
-        <div className="flex items-center gap-2">
+        <div className="flex flex-col sm:flex-row items-stretch sm:items-center gap-2">
           <Button variant="outline" size="icon" onClick={onRefresh} disabled={isRefreshing}>
             <IconRefresh className={`h-4 w-4 ${isRefreshing ? "animate-spin" : ""}`} />
           </Button>
-          <Button onClick={onCreateReverseShare}>
+          <Button onClick={onCreateReverseShare} className="w-full sm:w-auto">
             <IconPlus className="h-4 w-4" />
             {t("reverseShares.search.createButton")}
           </Button>

apps/web/src/app/(shares)/s/[alias]/components/share-details.tsx

@@ -91,13 +91,13 @@ export function ShareDetails({
         <CardContent>
           <div className="flex flex-col gap-6">
             <div className="flex flex-col gap-2">
-              <div className="flex items-center justify-between">
+              <div className="flex flex-col sm:flex-row sm:items-center sm:justify-between gap-4">
                 <div className="flex items-center gap-2">
                   <IconShare className="w-6 h-6 text-muted-foreground" />
                   <h1 className="text-2xl font-semibold">{share.name || t("share.details.untitled")}</h1>
                 </div>
                 {shareHasItems && hasMultipleFiles && (
-                  <Button onClick={onBulkDownload} className="flex items-center gap-2">
+                  <Button onClick={onBulkDownload} className="flex items-center gap-2 w-full sm:w-auto">
                     <IconDownload className="w-4 h-4" />
                     {t("share.downloadAll")}
                   </Button>

apps/web/src/app/(shares)/s/[alias]/layout.tsx

@@ -1,15 +1,96 @@
 import { Metadata } from "next";
+import { headers } from "next/headers";
 import { getTranslations } from "next-intl/server";
 
 interface LayoutProps {
   children: React.ReactNode;
+  params: { alias: string };
 }
 
-export async function generateMetadata(): Promise<Metadata> {
+async function getShareMetadata(alias: string) {
+  try {
+    const API_BASE_URL = process.env.API_BASE_URL || "http://localhost:3333";
+    const response = await fetch(`${API_BASE_URL}/shares/alias/${alias}/metadata`, {
+      cache: "no-store",
+    });
+
+    if (!response.ok) {
+      return null;
+    }
+
+    return await response.json();
+  } catch (error) {
+    console.error("Error fetching share metadata:", error);
+    return null;
+  }
+}
+
+async function getAppInfo() {
+  try {
+    const API_BASE_URL = process.env.API_BASE_URL || "http://localhost:3333";
+    const response = await fetch(`${API_BASE_URL}/app/info`, {
+      cache: "no-store",
+    });
+
+    if (!response.ok) {
+      return { appName: "Palmr", appDescription: "File sharing platform", appLogo: null };
+    }
+
+    return await response.json();
+  } catch (error) {
+    console.error("Error fetching app info:", error);
+    return { appName: "Palmr", appDescription: "File sharing platform", appLogo: null };
+  }
+}
+
+async function getBaseUrl(): Promise<string> {
+  const headersList = await headers();
+  const protocol = headersList.get("x-forwarded-proto") || "http";
+  const host = headersList.get("x-forwarded-host") || headersList.get("host") || "localhost:3000";
+  return `${protocol}://${host}`;
+}
+
+export async function generateMetadata({ params }: { params: { alias: string } }): Promise<Metadata> {
   const t = await getTranslations();
+  const metadata = await getShareMetadata(params.alias);
+  const appInfo = await getAppInfo();
+
+  const title = metadata?.name || t("share.pageTitle");
+  const description =
+    metadata?.description ||
+    (metadata?.totalFiles
+      ? t("share.metadata.filesShared", { count: metadata.totalFiles + (metadata.totalFolders || 0) })
+      : appInfo.appDescription || t("share.metadata.defaultDescription"));
+
+  const baseUrl = await getBaseUrl();
+  const shareUrl = `${baseUrl}/s/${params.alias}`;
 
   return {
-    title: `${t("share.pageTitle")}`,
+    title,
+    description,
+    openGraph: {
+      title,
+      description,
+      url: shareUrl,
+      siteName: appInfo.appName || "Palmr",
+      type: "website",
+      images: appInfo.appLogo
+        ? [
+            {
+              url: appInfo.appLogo,
+              width: 1200,
+              height: 630,
+              alt: appInfo.appName || "Palmr",
+            },
+          ]
+        : [],
+    },
+    twitter: {
+      card: "summary_large_image",
+      title,
+      description,
+      images: appInfo.appLogo ? [appInfo.appLogo] : [],
+    },
   };
 }
 

apps/web/src/app/(shares)/shares/components/shares-search.tsx

@@ -16,9 +16,9 @@ export function SharesSearch({
 
   return (
     <div className="flex flex-col gap-6">
-      <div className="flex justify-between items-center">
+      <div className="flex flex-col sm:flex-row justify-between sm:items-center gap-4">
         <h2 className="text-xl font-semibold">{t("shares.search.title")}</h2>
-        <Button onClick={onCreateShare}>
+        <Button onClick={onCreateShare} className="w-full sm:w-auto">
           <IconPlus className="h-4 w-4" />
           {t("shares.search.createButton")}
         </Button>

apps/web/src/app/api/(proxy)/files/download-url/route.ts

@@ -0,0 +1,38 @@
+import { NextRequest, NextResponse } from "next/server";
+
+const API_BASE_URL = process.env.API_BASE_URL || "http://localhost:3333";
+
+export async function GET(req: NextRequest) {
+  const cookieHeader = req.headers.get("cookie");
+  const searchParams = req.nextUrl.searchParams;
+  const objectName = searchParams.get("objectName");
+
+  if (!objectName) {
+    return new NextResponse(JSON.stringify({ error: "objectName parameter is required" }), {
+      status: 400,
+      headers: {
+        "Content-Type": "application/json",
+      },
+    });
+  }
+
+  // Forward all query params to backend
+  const queryString = searchParams.toString();
+  const url = `${API_BASE_URL}/files/download-url?${queryString}`;
+
+  const apiRes = await fetch(url, {
+    method: "GET",
+    headers: {
+      cookie: cookieHeader || "",
+    },
+  });
+
+  const data = await apiRes.json();
+
+  return new NextResponse(JSON.stringify(data), {
+    status: apiRes.status,
+    headers: {
+      "Content-Type": "application/json",
+    },
+  });
+}

apps/web/src/app/api/(proxy)/files/download/route.ts

@@ -4,13 +4,22 @@ import { detectMimeTypeWithFallback } from "@/utils/mime-types";
 
 const API_BASE_URL = process.env.API_BASE_URL || "http://localhost:3333";
 
-export async function GET(req: NextRequest, { params }: { params: Promise<{ objectPath: string[] }> }) {
-  const { objectPath } = await params;
+export async function GET(req: NextRequest) {
   const cookieHeader = req.headers.get("cookie");
-  const objectName = objectPath.join("/");
   const searchParams = req.nextUrl.searchParams;
+  const objectName = searchParams.get("objectName");
+
+  if (!objectName) {
+    return new NextResponse(JSON.stringify({ error: "objectName parameter is required" }), {
+      status: 400,
+      headers: {
+        "Content-Type": "application/json",
+      },
+    });
+  }
+
   const queryString = searchParams.toString();
-  const url = `${API_BASE_URL}/files/${encodeURIComponent(objectName)}/download${queryString ? `?${queryString}` : ""}`;
+  const url = `${API_BASE_URL}/files/download?${queryString}`;
 
   const apiRes = await fetch(url, {
     method: "GET",

apps/web/src/app/dashboard/components/recent-files.tsx

@@ -15,13 +15,13 @@ export function RecentFiles({ files, fileManager, onOpenUploadModal }: RecentFil
   return (
     <Card>
       <CardHeader>
-        <div className="flex justify-between items-center">
+        <div className="flex flex-col sm:flex-row justify-between sm:items-center gap-4">
           <CardTitle className="text-xl font-semibold flex items-center gap-2">
             <IconCloudUpload className="text-xl text-gray-500" />
             {t("recentFiles.title")}
           </CardTitle>
 
-          <div className="flex items-center gap-2">
+          <div className="flex flex-col sm:flex-row items-stretch sm:items-center gap-2">
             <Button
               className="font-semibold text-sm cursor-pointer"
               variant="outline"

apps/web/src/app/dashboard/components/recent-shares.tsx

@@ -16,13 +16,13 @@ export function RecentShares({ shares, shareManager, onOpenCreateModal, onCopyLi
     <Card>
       <CardContent>
         <div className="flex flex-col gap-6">
-          <div className="flex justify-between items-center">
+          <div className="flex flex-col sm:flex-row justify-between sm:items-center gap-4">
             <h2 className="text-xl font-semibold flex items-center gap-2">
               <IconShare className="text-xl text-gray-500" />
               {t("recentShares.title")}
             </h2>
 
-            <div className="flex items-center gap-2">
+            <div className="flex flex-col sm:flex-row items-stretch sm:items-center gap-2">
               <Button
                 className="font-semibold text-sm cursor-pointer"
                 variant="outline"

apps/web/src/app/e/[id]/route.ts

@@ -0,0 +1,71 @@
+import { NextRequest, NextResponse } from "next/server";
+
+const API_BASE_URL = process.env.API_BASE_URL || "http://localhost:3333";
+
+/**
+ * Short public embed endpoint: /e/{id}
+ * No authentication required
+ * Only works for media files (images, videos, audio)
+ */
+export async function GET(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
+  const { id } = await params;
+
+  if (!id) {
+    return new NextResponse(JSON.stringify({ error: "File ID is required" }), {
+      status: 400,
+      headers: { "Content-Type": "application/json" },
+    });
+  }
+
+  const url = `${API_BASE_URL}/embed/${id}`;
+
+  try {
+    const apiRes = await fetch(url, {
+      method: "GET",
+      redirect: "manual",
+    });
+
+    if (!apiRes.ok) {
+      const errorText = await apiRes.text();
+      return new NextResponse(errorText, {
+        status: apiRes.status,
+        headers: {
+          "Content-Type": "application/json",
+        },
+      });
+    }
+
+    const blob = await apiRes.blob();
+
+    const contentType = apiRes.headers.get("content-type") || "application/octet-stream";
+    const contentDisposition = apiRes.headers.get("content-disposition");
+    const cacheControl = apiRes.headers.get("cache-control");
+
+    const res = new NextResponse(blob, {
+      status: apiRes.status,
+      headers: {
+        "Content-Type": contentType,
+      },
+    });
+
+    if (contentDisposition) {
+      res.headers.set("Content-Disposition", contentDisposition);
+    }
+
+    if (cacheControl) {
+      res.headers.set("Cache-Control", cacheControl);
+    } else {
+      res.headers.set("Cache-Control", "public, max-age=31536000");
+    }
+
+    return res;
+  } catch (error) {
+    console.error("Error proxying embed request:", error);
+    return new NextResponse(JSON.stringify({ error: "Failed to fetch file" }), {
+      status: 500,
+      headers: {
+        "Content-Type": "application/json",
+      },
+    });
+  }
+}

apps/web/src/app/files/components/header.tsx

@@ -8,16 +8,16 @@ export function Header({ onUpload, onCreateFolder }: HeaderProps) {
   const t = useTranslations();
 
   return (
-    <div className="flex justify-between items-center">
+    <div className="flex flex-col sm:flex-row justify-between sm:items-center gap-4">
       <h2 className="text-xl font-semibold">{t("files.title")}</h2>
-      <div className="flex items-center gap-2">
+      <div className="flex flex-col sm:flex-row items-stretch sm:items-center gap-2">
         {onCreateFolder && (
-          <Button variant="outline" onClick={onCreateFolder}>
+          <Button variant="outline" onClick={onCreateFolder} className="w-full sm:w-auto">
             <IconFolderPlus className="h-4 w-4" />
             {t("folderActions.createFolder")}
           </Button>
         )}
-        <Button variant="default" onClick={onUpload}>
+        <Button variant="default" onClick={onUpload} className="w-full sm:w-auto">
           <IconCloudUpload className="h-4 w-4" />
           {t("files.uploadFile")}
         </Button>

apps/web/src/app/files/page.tsx

@@ -114,7 +114,10 @@ export default function FilesPage() {
 
   return (
     <ProtectedRoute>
-      <GlobalDropZone onSuccess={loadFiles}>
+      <GlobalDropZone
+        onSuccess={loadFiles}
+        currentFolderId={currentPath.length > 0 ? currentPath[currentPath.length - 1].id : null}
+      >
         <FileManagerLayout
           breadcrumbLabel={t("files.breadcrumb")}
           icon={<IconFolderOpen size={20} />}

apps/web/src/app/settings/constants.ts

@@ -35,6 +35,7 @@ export const createFieldDescriptions = (t: ReturnType<typeof createTranslator>)
   appName: t("settings.fields.appName.description"),
   appDescription: t("settings.fields.appDescription.description"),
   showHomePage: t("settings.fields.showHomePage.description"),
+  hideVersion: t("settings.fields.hideVersion.description"),
   firstUserAccess: t("settings.fields.firstUserAccess.description"),
   serverUrl: t("settings.fields.serverUrl.description"),
 
@@ -70,6 +71,7 @@ export const createFieldTitles = (t: ReturnType<typeof createTranslator>) => ({
   appName: t("settings.fields.appName.title"),
   appDescription: t("settings.fields.appDescription.title"),
   showHomePage: t("settings.fields.showHomePage.title"),
+  hideVersion: t("settings.fields.hideVersion.title"),
   firstUserAccess: t("settings.fields.firstUserAccess.title"),
   serverUrl: t("settings.fields.serverUrl.title"),
 

apps/web/src/components/files/embed-code-display.tsx

@@ -0,0 +1,151 @@
+"use client";
+
+import { useEffect, useState } from "react";
+import { IconCheck, IconCopy } from "@tabler/icons-react";
+import { useTranslations } from "next-intl";
+
+import { Button } from "@/components/ui/button";
+import { Card, CardContent } from "@/components/ui/card";
+import { Label } from "@/components/ui/label";
+import { Tabs, TabsContent, TabsList, TabsTrigger } from "@/components/ui/tabs";
+
+interface EmbedCodeDisplayProps {
+  imageUrl: string;
+  fileName: string;
+  fileId: string;
+}
+
+export function EmbedCodeDisplay({ imageUrl, fileName, fileId }: EmbedCodeDisplayProps) {
+  const t = useTranslations();
+  const [copiedType, setCopiedType] = useState<string | null>(null);
+  const [fullUrl, setFullUrl] = useState<string>("");
+
+  useEffect(() => {
+    if (typeof window !== "undefined") {
+      const origin = window.location.origin;
+      const embedUrl = `${origin}/e/${fileId}`;
+      setFullUrl(embedUrl);
+    }
+  }, [fileId]);
+
+  const directLink = fullUrl || imageUrl;
+  const htmlCode = `<img src="${directLink}" alt="${fileName}" />`;
+  const bbCode = `[img]${directLink}[/img]`;
+
+  const copyToClipboard = async (text: string, type: string) => {
+    try {
+      await navigator.clipboard.writeText(text);
+      setCopiedType(type);
+      setTimeout(() => setCopiedType(null), 2000);
+    } catch (error) {
+      console.error("Failed to copy:", error);
+    }
+  };
+
+  return (
+    <Card>
+      <CardContent>
+        <div className="space-y-4">
+          <div>
+            <Label className="text-sm font-semibold">{t("embedCode.title")}</Label>
+            <p className="text-xs text-muted-foreground mt-1">{t("embedCode.description")}</p>
+          </div>
+
+          <Tabs defaultValue="direct" className="w-full">
+            <TabsList className="grid w-full grid-cols-3">
+              <TabsTrigger value="direct" className="cursor-pointer">
+                {t("embedCode.tabs.directLink")}
+              </TabsTrigger>
+              <TabsTrigger value="html" className="cursor-pointer">
+                {t("embedCode.tabs.html")}
+              </TabsTrigger>
+              <TabsTrigger value="bbcode" className="cursor-pointer">
+                {t("embedCode.tabs.bbcode")}
+              </TabsTrigger>
+            </TabsList>
+
+            <TabsContent value="direct" className="space-y-2">
+              <div className="flex gap-2">
+                <input
+                  type="text"
+                  readOnly
+                  value={directLink}
+                  className="flex-1 px-3 py-2 text-sm border rounded-md bg-muted/50 font-mono"
+                />
+                <Button
+                  size="default"
+                  variant="outline"
+                  onClick={() => copyToClipboard(directLink, "direct")}
+                  className="shrink-0 h-full"
+                >
+                  {copiedType === "direct" ? (
+                    <>
+                      <IconCheck className="h-4 w-4 mr-1" />
+                      {t("common.copied")}
+                    </>
+                  ) : (
+                    <>
+                      <IconCopy className="h-4 w-4 mr-1" />
+                      {t("common.copy")}
+                    </>
+                  )}
+                </Button>
+              </div>
+              <p className="text-xs text-muted-foreground">{t("embedCode.directLinkDescription")}</p>
+            </TabsContent>
+
+            <TabsContent value="html" className="space-y-2">
+              <div className="flex gap-2">
+                <input
+                  type="text"
+                  readOnly
+                  value={htmlCode}
+                  className="flex-1 px-3 py-2 text-sm border rounded-md bg-muted/50 font-mono"
+                />
+                <Button variant="outline" onClick={() => copyToClipboard(htmlCode, "html")} className="shrink-0 h-full">
+                  {copiedType === "html" ? (
+                    <>
+                      <IconCheck className="h-4 w-4 mr-1" />
+                      {t("common.copied")}
+                    </>
+                  ) : (
+                    <>
+                      <IconCopy className="h-4 w-4 mr-1" />
+                      {t("common.copy")}
+                    </>
+                  )}
+                </Button>
+              </div>
+              <p className="text-xs text-muted-foreground">{t("embedCode.htmlDescription")}</p>
+            </TabsContent>
+
+            <TabsContent value="bbcode" className="space-y-2">
+              <div className="flex gap-2">
+                <input
+                  type="text"
+                  readOnly
+                  value={bbCode}
+                  className="flex-1 px-3 py-2 text-sm border rounded-md bg-muted/50 font-mono"
+                />
+                <Button variant="outline" onClick={() => copyToClipboard(bbCode, "bbcode")} className="shrink-0 h-full">
+                  {copiedType === "bbcode" ? (
+                    <>
+                      <IconCheck className="h-4 w-4 mr-1" />
+                      {t("common.copied")}
+                    </>
+                  ) : (
+                    <>
+                      <IconCopy className="h-4 w-4 mr-1" />
+                      {t("common.copy")}
+                    </>
+                  )}
+                </Button>
+              </div>
+              <p className="text-xs text-muted-foreground">{t("embedCode.bbcodeDescription")}</p>
+            </TabsContent>
+          </Tabs>
+        </div>
+      </CardContent>
+    </Card>
+  );
+}

apps/web/src/components/files/media-embed-link.tsx

@@ -0,0 +1,72 @@
+"use client";
+
+import { useEffect, useState } from "react";
+import { IconCheck, IconCopy } from "@tabler/icons-react";
+import { useTranslations } from "next-intl";
+
+import { Button } from "@/components/ui/button";
+import { Card, CardContent } from "@/components/ui/card";
+import { Label } from "@/components/ui/label";
+
+interface MediaEmbedLinkProps {
+  fileId: string;
+}
+
+export function MediaEmbedLink({ fileId }: MediaEmbedLinkProps) {
+  const t = useTranslations();
+  const [copied, setCopied] = useState(false);
+  const [embedUrl, setEmbedUrl] = useState<string>("");
+
+  useEffect(() => {
+    if (typeof window !== "undefined") {
+      const origin = window.location.origin;
+      const url = `${origin}/e/${fileId}`;
+      setEmbedUrl(url);
+    }
+  }, [fileId]);
+
+  const copyToClipboard = async () => {
+    try {
+      await navigator.clipboard.writeText(embedUrl);
+      setCopied(true);
+      setTimeout(() => setCopied(false), 2000);
+    } catch (error) {
+      console.error("Failed to copy:", error);
+    }
+  };
+
+  return (
+    <Card>
+      <CardContent>
+        <div className="space-y-3">
+          <div>
+            <Label className="text-sm font-semibold">{t("embedCode.title")}</Label>
+            <p className="text-xs text-muted-foreground mt-1">{t("embedCode.directLinkDescription")}</p>
+          </div>
+
+          <div className="flex gap-2">
+            <input
+              type="text"
+              readOnly
+              value={embedUrl}
+              className="flex-1 px-3 py-2 text-sm border rounded-md bg-muted/50 font-mono"
+            />
+            <Button size="default" variant="outline" onClick={copyToClipboard} className="shrink-0 h-full">
+              {copied ? (
+                <>
+                  <IconCheck className="h-4 w-4 mr-1" />
+                  {t("common.copied")}
+                </>
+              ) : (
+                <>
+                  <IconCopy className="h-4 w-4 mr-1" />
+                  {t("common.copy")}
+                </>
+              )}
+            </Button>
+          </div>
+        </div>
+      </CardContent>
+    </Card>
+  );
+}

apps/web/src/components/general/global-drop-zone.tsx

@@ -243,8 +243,13 @@ export function GlobalDropZone({ onSuccess, children, currentFolderId }: GlobalD
 
   const handlePaste = useCallback(
     (event: ClipboardEvent) => {
-      event.preventDefault();
-      event.stopPropagation();
+      const target = event.target as HTMLElement;
+      const isInput = target.tagName === "INPUT" || target.tagName === "TEXTAREA";
+      const isPasswordInput = target.tagName === "INPUT" && (target as HTMLInputElement).type === "password";
+
+      if (isInput && !isPasswordInput) {
+        return;
+      }
 
       const items = event.clipboardData?.items;
       if (!items) return;
@@ -253,6 +258,9 @@ export function GlobalDropZone({ onSuccess, children, currentFolderId }: GlobalD
 
       if (imageItems.length === 0) return;
 
+      event.preventDefault();
+      event.stopPropagation();
+
       const newUploads: FileUpload[] = [];
 
       imageItems.forEach((item) => {

apps/web/src/components/modals/file-preview-modal.tsx

@@ -3,10 +3,20 @@
 import { IconDownload } from "@tabler/icons-react";
 import { useTranslations } from "next-intl";
 
+import { EmbedCodeDisplay } from "@/components/files/embed-code-display";
+import { MediaEmbedLink } from "@/components/files/media-embed-link";
 import { Button } from "@/components/ui/button";
-import { Dialog, DialogContent, DialogFooter, DialogHeader, DialogTitle } from "@/components/ui/dialog";
+import {
+  Dialog,
+  DialogContent,
+  DialogDescription,
+  DialogFooter,
+  DialogHeader,
+  DialogTitle,
+} from "@/components/ui/dialog";
 import { useFilePreview } from "@/hooks/use-file-preview";
 import { getFileIcon } from "@/utils/file-icons";
+import { getFileType } from "@/utils/file-types";
 import { FilePreviewRenderer } from "./previews";
 
 interface FilePreviewModalProps {
@@ -32,6 +42,10 @@ export function FilePreviewModal({
 }: FilePreviewModalProps) {
   const t = useTranslations();
   const previewState = useFilePreview({ file, isOpen, isReverseShare, sharePassword });
+  const fileType = getFileType(file.name);
+  const isImage = fileType === "image";
+  const isVideo = fileType === "video";
+  const isAudio = fileType === "audio";
 
   return (
     <Dialog open={isOpen} onOpenChange={onClose}>
@@ -44,6 +58,7 @@ export function FilePreviewModal({
             })()}
             <span className="truncate">{file.name}</span>
           </DialogTitle>
+          <DialogDescription className="sr-only">{t("filePreview.description")}</DialogDescription>
         </DialogHeader>
         <div className="flex-1 overflow-auto">
           <FilePreviewRenderer
@@ -59,6 +74,16 @@ export function FilePreviewModal({
             description={file.description}
             onDownload={previewState.handleDownload}
           />
+          {isImage && previewState.previewUrl && !previewState.isLoading && file.id && (
+            <div className="mt-4 mb-2">
+              <EmbedCodeDisplay imageUrl={previewState.previewUrl} fileName={file.name} fileId={file.id} />
+            </div>
+          )}
+          {(isVideo || isAudio) && !previewState.isLoading && file.id && (
+            <div className="mt-4 mb-2">
+              <MediaEmbedLink fileId={file.id} />
+            </div>
+          )}
         </div>
         <DialogFooter>
           <Button variant="outline" onClick={onClose}>

apps/web/src/components/tables/files-grid.tsx

@@ -163,8 +163,7 @@ export function FilesGrid({
 
         try {
           loadingUrls.current.add(file.objectName);
-          const encodedObjectName = encodeURIComponent(file.objectName);
-          const response = await getDownloadUrl(encodedObjectName);
+          const response = await getDownloadUrl(file.objectName);
 
           if (!componentMounted.current) break;
 

apps/web/src/components/ui/default-footer.tsx

@@ -1,12 +1,19 @@
+"use client";
+
 import Link from "next/link";
 import { useTranslations } from "next-intl";
 
+import { useSecureConfigValue } from "@/hooks/use-secure-configs";
+
 import packageJson from "../../../package.json";
 
 const { version } = packageJson;
 
 export function DefaultFooter() {
   const t = useTranslations();
+  const { value: hideVersion } = useSecureConfigValue("hideVersion");
+
+  const shouldHideVersion = hideVersion === "true";
 
   return (
     <footer className="w-full flex items-center justify-center py-3 h-16">
@@ -20,7 +27,7 @@ export function DefaultFooter() {
           <span className="text-default-600 text-xs sm:text-sm">{t("footer.poweredBy")}</span>
           <p className="text-primary text-xs sm:text-sm">Kyantech Solutions</p>
         </Link>
-        <span className="text-default-500 text-[11px] mt-1">v{version}</span>
+        {!shouldHideVersion && <span className="text-default-500 text-[11px] mt-1">v{version}</span>}
       </div>
     </footer>
   );

apps/web/src/hooks/use-enhanced-file-manager.ts

@@ -187,8 +187,7 @@ export function useEnhancedFileManager(onRefresh: () => Promise<void>, clearSele
 
       let url = downloadUrl;
       if (!url) {
-        const encodedObjectName = encodeURIComponent(objectName);
-        const response = await getDownloadUrl(encodedObjectName);
+        const response = await getDownloadUrl(objectName);
         url = response.data.url;
       }
 

apps/web/src/hooks/use-file-preview.ts

@@ -181,12 +181,11 @@ export function useFilePreview({ file, isOpen, isReverseShare = false, sharePass
         const response = await downloadReverseShareFile(file.id!);
         url = response.data.url;
       } else {
-        const encodedObjectName = encodeURIComponent(file.objectName);
         const params: Record<string, string> = {};
         if (sharePassword) params.password = sharePassword;
 
         const response = await getDownloadUrl(
-          encodedObjectName,
+          file.objectName,
           Object.keys(params).length > 0
             ? {
                 params: { ...params },

apps/web/src/http/endpoints/files/index.ts

@@ -80,7 +80,8 @@ export const getDownloadUrl = <TData = GetDownloadUrlResult>(
   objectName: string,
   options?: AxiosRequestConfig
 ): Promise<TData> => {
-  return apiInstance.get(`/api/files/download/${objectName}`, options);
+  const encodedObjectName = encodeURIComponent(objectName);
+  return apiInstance.get(`/api/files/download-url?objectName=${encodedObjectName}`, options);
 };
 
 /**

apps/web/src/utils/chunked-upload.ts

@@ -157,6 +157,10 @@ export class ChunkedUploader {
     url: string;
     signal?: AbortSignal;
   }): Promise<any> {
+    // Encode filename as base64 to handle UTF-8 characters in HTTP headers
+    // This prevents errors when setting headers with non-ASCII characters
+    const encodedFileName = btoa(unescape(encodeURIComponent(fileName)));
+
     const headers = {
       "Content-Type": "application/octet-stream",
       "X-File-Id": fileId,
@@ -164,7 +168,7 @@ export class ChunkedUploader {
       "X-Total-Chunks": totalChunks.toString(),
       "X-Chunk-Size": chunkSize.toString(),
       "X-Total-Size": totalSize.toString(),
-      "X-File-Name": fileName,
+      "X-File-Name": encodedFileName,
       "X-Is-Last-Chunk": isLastChunk.toString(),
     };
 

apps/web/src/utils/download-queue-utils.ts

@@ -21,8 +21,7 @@ async function waitForDownloadReady(objectName: string, fileName: string): Promi
 
   while (attempts < maxAttempts) {
     try {
-      const encodedObjectName = encodeURIComponent(objectName);
-      const response = await getDownloadUrl(encodedObjectName);
+      const response = await getDownloadUrl(objectName);
 
       if (response.status !== 202) {
         return response.data.url;
@@ -98,13 +97,12 @@ export async function downloadFileWithQueue(
       options.onStart?.(downloadId);
     }
 
-    const encodedObjectName = encodeURIComponent(objectName);
-
+    // getDownloadUrl already handles encoding
     const params: Record<string, string> = {};
     if (sharePassword) params.password = sharePassword;
 
     const response = await getDownloadUrl(
-      encodedObjectName,
+      objectName,
       Object.keys(params).length > 0
         ? {
             params: { ...params },
@@ -208,13 +206,12 @@ export async function downloadFileAsBlobWithQueue(
         downloadUrl = response.data.url;
       }
     } else {
-      const encodedObjectName = encodeURIComponent(objectName);
-
+      // getDownloadUrl already handles encoding
       const params: Record<string, string> = {};
       if (sharePassword) params.password = sharePassword;
 
       const response = await getDownloadUrl(
-        encodedObjectName,
+        objectName,
         Object.keys(params).length > 0
           ? {
               params: { ...params },
@@ -451,7 +448,13 @@ export async function bulkDownloadWithQueue(
     const folders = items.filter((item) => item.type === "folder");
 
     // eslint-disable-next-line prefer-const
-    let allFilesToDownload: Array<{ objectName: string; name: string; zipPath: string }> = [];
+    let allFilesToDownload: Array<{
+      objectName: string;
+      name: string;
+      zipPath: string;
+      isReverseShare?: boolean;
+      fileId?: string;
+    }> = [];
     // eslint-disable-next-line prefer-const
     let allEmptyFolders: string[] = [];
 
@@ -484,6 +487,8 @@ export async function bulkDownloadWithQueue(
             objectName: file.objectName || file.name,
             name: file.name,
             zipPath: wrapperPath + file.name,
+            isReverseShare: file.isReverseShare,
+            fileId: file.id,
           });
         }
       }
@@ -494,6 +499,8 @@ export async function bulkDownloadWithQueue(
           objectName: file.objectName || file.name,
           name: file.name,
           zipPath: wrapperPath + file.name,
+          isReverseShare: file.isReverseShare,
+          fileId: file.id,
         });
       }
     }
@@ -505,7 +512,12 @@ export async function bulkDownloadWithQueue(
     for (let i = 0; i < allFilesToDownload.length; i++) {
       const file = allFilesToDownload[i];
       try {
-        const blob = await downloadFileAsBlobWithQueue(file.objectName, file.name);
+        const blob = await downloadFileAsBlobWithQueue(
+          file.objectName,
+          file.name,
+          file.isReverseShare || false,
+          file.fileId
+        );
         zip.file(file.zipPath, blob);
         onProgress?.(i + 1, allFilesToDownload.length);
       } catch (error) {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "palmr-monorepo",
-  "version": "3.2.3-beta",
+  "version": "3.2.5-beta",
   "description": "Palmr monorepo with Husky configuration",
   "private": true,
   "packageManager": "pnpm@10.6.0",