downloading fixes

app/api/public/route.ts

@@ -119,6 +119,49 @@ export async function GET(request: NextRequest) {
 // Upload to public folder
 export async function POST(request: NextRequest) {
   try {
+    const contentType = request.headers.get('content-type')
+
+    // Handle JSON body (for save_file action)
+    if (contentType?.includes('application/json')) {
+      const body = await request.json()
+      const { action, fileName, content, folder = '' } = body
+
+      if (action === 'save_file') {
+        if (!fileName || content === undefined) {
+          return NextResponse.json({ error: 'fileName and content are required' }, { status: 400 })
+        }
+
+        const targetDir = path.join(PUBLIC_DIR, folder)
+
+        // Security check
+        if (!targetDir.startsWith(PUBLIC_DIR)) {
+          return NextResponse.json({ error: 'Invalid path' }, { status: 400 })
+        }
+
+        if (!fs.existsSync(targetDir)) {
+          fs.mkdirSync(targetDir, { recursive: true })
+        }
+
+        const filePath = path.join(targetDir, fileName)
+
+        // Write file (overwrite if exists)
+        fs.writeFileSync(filePath, content, 'utf-8')
+
+        // Update or create metadata
+        const metadataPath = filePath + '.meta.json'
+        const existingMetadata = fs.existsSync(metadataPath)
+          ? JSON.parse(fs.readFileSync(metadataPath, 'utf-8'))
+          : {}
+
+        fs.writeFileSync(metadataPath, JSON.stringify({
+          ...existingMetadata,
+          lastModified: new Date().toISOString()
+        }))
+
+        return NextResponse.json({ success: true })
+      }
+    }
+
     const formData = await request.formData()
     const file = formData.get('file') as File
     const folder = formData.get('folder') as string || ''

app/api/sessions/download/route.ts

@@ -0,0 +1,106 @@
+import { NextRequest, NextResponse } from 'next/server'
+import fs from 'fs'
+import path from 'path'
+
+// Use /data for Hugging Face Spaces persistent storage
+const DATA_DIR = process.env.SPACE_ID
+    ? '/data'
+    : path.join(process.cwd(), 'public', 'data')
+const PUBLIC_DIR = path.join(DATA_DIR, 'public')
+
+export async function GET(request: NextRequest) {
+    try {
+        const searchParams = request.nextUrl.searchParams
+        const fileName = searchParams.get('file')
+        const isPublic = searchParams.get('public') === 'true'
+
+        const key = searchParams.get('key')
+
+        if (!fileName) {
+            return NextResponse.json({ error: 'Filename is required' }, { status: 400 })
+        }
+
+        let filePath
+        let rootDir
+
+        if (isPublic) {
+            rootDir = PUBLIC_DIR
+            filePath = path.join(PUBLIC_DIR, fileName)
+        } else {
+            if (!key) {
+                return NextResponse.json({ error: 'Passkey is required for secure files' }, { status: 403 })
+            }
+            const sanitizedKey = key.replace(/[^a-zA-Z0-9_-]/g, '')
+            rootDir = path.join(DATA_DIR, sanitizedKey)
+            filePath = path.join(rootDir, fileName)
+        }
+
+        // Security check
+        if (!filePath.startsWith(rootDir)) {
+            return NextResponse.json({ error: 'Invalid path' }, { status: 400 })
+        }
+
+        if (!fs.existsSync(filePath)) {
+            return NextResponse.json({ error: 'File not found' }, { status: 404 })
+        }
+
+        const stats = fs.statSync(filePath)
+        if (stats.isDirectory()) {
+            return NextResponse.json({ error: 'Cannot download directory' }, { status: 400 })
+        }
+
+        const fileBuffer = fs.readFileSync(filePath)
+        const ext = path.extname(fileName).toLowerCase()
+
+        // Determine content type
+        let contentType = 'application/octet-stream'
+        const mimeTypes: Record<string, string> = {
+            '.pdf': 'application/pdf',
+            '.doc': 'application/msword',
+            '.docx': 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
+            '.xls': 'application/vnd.ms-excel',
+            '.xlsx': 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+            '.ppt': 'application/vnd.ms-powerpoint',
+            '.pptx': 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
+            '.txt': 'text/plain',
+            '.md': 'text/markdown',
+            '.json': 'application/json',
+            '.html': 'text/html',
+            '.css': 'text/css',
+            '.js': 'text/javascript',
+            '.ts': 'text/typescript',
+            '.py': 'text/x-python',
+            '.java': 'text/x-java',
+            '.cpp': 'text/x-c++',
+            '.jpg': 'image/jpeg',
+            '.jpeg': 'image/jpeg',
+            '.png': 'image/png',
+            '.gif': 'image/gif',
+            '.svg': 'image/svg+xml',
+            '.mp3': 'audio/mpeg',
+            '.mp4': 'video/mp4',
+            '.zip': 'application/zip',
+            '.rar': 'application/x-rar-compressed',
+            '.tex': 'text/x-tex',
+            '.dart': 'text/x-dart'
+        }
+
+        if (mimeTypes[ext]) {
+            contentType = mimeTypes[ext]
+        }
+
+        const headers = new Headers({
+            'Content-Type': contentType,
+            'Content-Length': fileBuffer.length.toString(),
+            'Content-Disposition': `attachment; filename="${fileName}"`
+        })
+
+        return new NextResponse(fileBuffer, { headers })
+    } catch (error) {
+        console.error('Error downloading file:', error)
+        return NextResponse.json(
+            { error: 'Failed to download file' },
+            { status: 500 }
+        )
+    }
+}

app/components/FileManager.tsx

@@ -213,16 +213,9 @@ export function FileManager({ currentPath, onNavigate, onClose, onOpenFlutterApp
 
   const handleDownload = (file: FileItem) => {
     if (sidebarSelection === 'public') {
-      window.open(`/api/sessions/download?file=${encodeURIComponent(file.name)}&public=true`, '_blank')
+      window.open(`/api/sessions/download?file=${encodeURIComponent(file.path)}&public=true`, '_blank')
     } else if (sidebarSelection === 'secure' && passkey) {
-      // For secure files, we might need a specialized download endpoint that accepts the key
-      // For now, let's assume we can't easily download via GET without exposing the key in URL
-      // We'll implement a temporary solution or just block it for now, 
-      // but the user asked for "viewing" mainly.
-      // Let's try to use the same download endpoint but we need to update it to support keys.
-      // Actually, let's just open it and see if we can pass the key.
-      // Ideally we should POST to get a temp URL, but for this hackathon:
-      alert('Direct download from Secure Data is restricted. Please view files directly.')
+      window.open(`/api/sessions/download?file=${encodeURIComponent(file.path)}&key=${encodeURIComponent(passkey)}`, '_blank')
     }
   }
 

app/components/TextEditor.tsx

@@ -41,7 +41,7 @@ export function TextEditor({
   const [saveStatus, setSaveStatus] = useState<'idle' | 'saving' | 'saved' | 'error'>('idle')
   const [lastSaved, setLastSaved] = useState<Date | null>(null)
   const [hasChanges, setHasChanges] = useState(false)
-  
+
   // Note: PDF compilation is not available in the web environment
   // Users should download .tex files and compile locally
 
@@ -102,9 +102,38 @@ export function TextEditor({
     }
   }, [code, initialContent])
 
-  // Download .tex file
+  // Download file
   const handleDownload = () => {
-    const blob = new Blob([code], { type: 'text/plain' })
+    const ext = fileName.split('.').pop()?.toLowerCase() || 'txt'
+    let mimeType = 'text/plain'
+
+    const mimeTypes: Record<string, string> = {
+      'js': 'text/javascript',
+      'ts': 'text/typescript',
+      'tsx': 'text/typescript',
+      'jsx': 'text/javascript',
+      'json': 'application/json',
+      'html': 'text/html',
+      'css': 'text/css',
+      'md': 'text/markdown',
+      'py': 'text/x-python',
+      'java': 'text/x-java',
+      'c': 'text/x-c',
+      'cpp': 'text/x-c++',
+      'dart': 'application/vnd.dart',
+      'tex': 'application/x-tex',
+      'xml': 'text/xml',
+      'yaml': 'text/yaml',
+      'yml': 'text/yaml',
+      'sh': 'application/x-sh',
+      'sql': 'application/sql'
+    }
+
+    if (mimeTypes[ext]) {
+      mimeType = mimeTypes[ext]
+    }
+
+    const blob = new Blob([code], { type: mimeType })
     const url = URL.createObjectURL(blob)
     const a = document.createElement('a')
     a.href = url
@@ -114,7 +143,12 @@ export function TextEditor({
   }
 
   const handleSave = async () => {
-    if (!passkey) {
+    // Determine if this is a public file or secure file
+    // If passkey is empty, we assume it's a public file (unless explicitly told otherwise, but we don't have an isPublic prop)
+    // Ideally, we should have an isPublic prop, but for now, empty passkey implies public context in this app structure.
+    const isPublic = !passkey
+
+    if (!passkey && !isPublic) {
       alert('Please enter your passkey first!')
       return
     }
@@ -123,12 +157,14 @@ export function TextEditor({
     setSaveStatus('saving')
 
     try {
-      const response = await fetch('/api/data', {
+      const endpoint = isPublic ? '/api/public' : '/api/data'
+
+      const response = await fetch(endpoint, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({
           action: 'save_file',
-          passkey: passkey,
+          passkey: passkey, // Optional for public
           fileName: fileName,
           content: code,
           folder: filePath
@@ -141,7 +177,7 @@ export function TextEditor({
         setSaveStatus('saved')
         setLastSaved(new Date())
         setHasChanges(false)
-        
+
         // Reset status after 3 seconds
         setTimeout(() => {
           setSaveStatus('idle')
@@ -196,18 +232,18 @@ export function TextEditor({
               <FileText size={14} className="text-blue-400" />
               <span>{fileName}</span>
             </div>
-            
+
             {hasChanges && (
               <span className="text-xs text-yellow-500">● Modified</span>
             )}
-            
+
             {saveStatus === 'saved' && (
               <div className="flex items-center gap-1 text-xs text-green-500">
                 <Check size={14} />
                 <span>Saved {lastSaved?.toLocaleTimeString()}</span>
               </div>
             )}
-            
+
             {saveStatus === 'error' && (
               <div className="flex items-center gap-1 text-xs text-red-500">
                 <WarningCircle size={14} />