It's time to ditch Medium for good! 🌈⚡️

Introducing Devblog by Hashnode. Blog on your domain for FREE. Highly customizable and optimized for developers.

Learn more

My website allows guest/anonymous users to upload content. What is a way that I can allow them to edit this content without having to create a account?


No need to collect anything from users instead, hash the things as discussed here. Let users upload the content no strings attached, now generate a very long id lets say its the private key to the user, now make sure you have your very own secret key with you that you will be using for all the requests. Now to store the file, ask them to give some name/generate something random yourself, using your secret key and the users private key, create a permanent hash and append it with the file name and store it.

Lets say, User's private key = DDA22E18DA54C1494E90324ADE71400C48DEC72AEE5C25B2A0A63CD497398052 ( this is SHA256 of "hashnode") Your private key = 2F183A4E64493AF3F377F745EDA502363CD3E7EF6E4D266D444758DE0A85FCC8 (SHA256 of "anonymous")

Now to store the file : SHA256(SHA256(user's private key) + SHA256(your private key)) 7433BACE002F1403E6AFCFF8A5FE8FBAE55192682992802E160C2A388E0FA1F4 + 2C9A303023DEF128C4FBC1FBF1C70BE6A1F9739A3D765DFC4F24DA9AD6D725A7

The final hash : E954EA3B3AE1B245C2B6C664D88582887ED986613F6CD18A5E1166AD9BFFBF85

Now create a directory with the final hash and store the files inside that directory with some random name/number/name given by user into that folder.

To retrieve the files. Just take in the user's private key SHA256 it, SHA256 your secret key and then SHA256 the whole appended hash, you have the directory name. Lookup the directory, if its present list the files else the user has no files yet. If looking up files/ reading a huge directory is not a good idea. Instead, you can use a database to verify if files are present or not.

You can modify this to give particular links to every file as per other discussions done here.

To make it user-friendly store the user's private key in local storage and then retrieve it next time automatically when the page loads.

Disadvantage: If the user loses his so-called private key, everything is gone.

Reply to this…

(7 answers) Take me to the question