# sniph-bank
This is a super duper simple web server written in Python (ew) that was done primarily to showcase the difference between HTTP and HTTPS.

`main-doc.py` is a heavily documented, entire yap-sesh dedicated version of `main.py` that tries to explain the code line-by-line. It assumes you have a little knowledge of the underlying syntax of the language, and outside of the `ServerThread` class, is more focused on HTTP servers and networking than the program specifics.
`website/account.html` also has some brief insight into some basic HTML, but nothing much.

## Running the Program
Ideally, you can run the program on Linux or Windows, and streamline the dependency process with [uv](https://docs.astral.sh/uv/).

Note that the servers bind to the default, well known ports for HTTP (80) and HTTPS (443).
(443).
This can be problematic as you sometimes need permissions in order to bind to these ports.
When I do the demonstration, I temporarily disable the Linux kernel's restriction to only allow root user to bind to ports below 1024 with `sudo sysctl net.ipv4.ip_unprivileged_port_start=0`. This way, the restrictive behavior is reverted on restart.



This way, when I visit http://sniphbank.com, the web browser resolves 'sniphbank.com' to `127.0.0.1`, and connects to
`127.0.0.1:80`, where the server is listening.
This is the way that all 'websites' work, except the records are usually stored on a DNS server somewhere else, and we use Cloudflare's (`1.1.1.1-3`) or Google's (`8.8.8.8` and `8.8.4.4`) DNS resolver to resolve something like `google.com` to it's actual IP address.
Since, at least without registering the domain, we aren't able to store the records on a server that a big name Nameserver will look at or respect, we just store the record locally, so our local host can resolve it.

##### Bypassing Port restriction
On Windows using Podman, you will need to run `wsl -d podman-machine-default sudo sysctl net.ipv4.ip_unprivileged_port_start=80` if you want the container to be able to listen on the defaults.

You can edit the constants in `main.py` by setting the HTTP_PORT and HTTPS_PORT to something like 8080 and 4443 respectively.

If you have Podman/Docker, you can change the contents of `docker-compose.yml` to be like this instead:
```yaml
      # Example for unprivileged:
      # - 127.0.0.1:8080:80
      # - 127.0.0.1:4443:443
```

Then when you visit it in the web browser, you have to add the port number, Ex:
"http://127.0.0.1:8080" and "https://127.0.0.1:4443"

### Native Python
This assumes you have Python (and Git) installed.
Although there's a likelihood you don't even need Python if you use `uv`

If you don't have `uv` installed, first install it with:

##### Windows:
```powershell
powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"
```

##### Linux/macOS:
```bash
curl -LsSf https://astral.sh/uv/install.sh | sh
```

Then you can clone the Git repo using
```bash
git clone {repo_url_here} && cd sniph-bank
```
> [!TIP]
> Alternatively, if you don't have Git installed, you can download the code as a ZIP or tar.gz from the "CODE" button at the top of this repository.
> Unzip it and open the terminal in the folder containing all the code.

From there you can run the program using
`uv run main.py`

`uv` will download the packages within a virtual environment and run the program there too.

### Podman/Docker
[Podman](https://podman.io/) and [Docker](https://www.docker.com/) are both containerization platforms, where Docker is the easier to get installed and more well known, and Podman is the most secure and performant option, while also being compatible with the Docker cli and open-source.
These can be used if you want to temporarily run the script within an isolated environment and not on your base system, and will allow you to change the IP address and port the script is listening on by editing the `docker-compose.yml` file rather than the `main.py` file.

However, I do not offer a simple run-and-done image for this app, so you have to clone the source code either way, and I additionally mount this directory to the container when you run it, so all the files are still stored on your system.
To top things off, if you don't have podman-compose installed, you can install it with `uv tool install podman-compose`, so you'd want to have `uv` installed anyway.
I might change this before I publish.

Assuming you have Podman and the [podman-compose](https://github.com/containers/podman-compose) script installed on your system:
```bash
git clone https://git.foreverpyrite.com/ForeverPyrite/sniph-bank && cd sniph-bank
podman compose up -d
```

If you have Docker, you can just run
```bash
git clone https://git.foreverpyrite.com/ForeverPyrite/sniph-bank && cd sniph-bank
docker compose up -d
```

### I went to sniphbank.com and got an error?
This is because sniphbank.com is not a real website, and isn't a registered domain.

I was able to do this by altering the `/etc/hosts` file (or `C:\Windows\System32\drivers\etc\hosts` on Windows) to automatically resolve the domain 'sniphbank.com' to a loopback IPv4 address, `127.0.0.1`

The following snippet is an example of the file on Windows
```hosts
# localhost name resolution is handled within DNS itself.
127.0.0.1       localhost sniphbank.com
#	::1             localhost
```

## Why is the repo so large?
I still have the `tailwindcss` binary in the `website/css/` directory.
I could've got rid of it or put it in .gitignore or ignored it locally or something but nah.
There is a very low chance that someone wants to tinker, and in that case (assuming you are in the root of the repo), you can rebuild the CSS with
```bash
./tw-css/tailwindcss -i tw-css/input.css -o website/css/style.css -w
```
But you have to be on 64-bit AMD Linux/WSL. Otherwise you gotta download your own.

## Contact me.
ForeverPyrite. I use Discord btw.
Feel free to talk to me about whatever (preferably computer and/or networking related.)