## Project Prompt: Secure File Hosting Platform (Nextcloud-like)

### Overview

Build a full-stack web application that mimics the core features of Nextcloud with secure file upload, download, and sharing functionality. The stack should be:

- **Frontend**: Flutter Web
- **Backend**: Rust (Axum framework)
- **Database**: PostgreSQL
- **Storage**: Encrypted file storage on local disk
- **Deployment**: Docker (two-container setup: web + db)

### Required Features

#### Core Features

- Users can upload and download files
- Files are encrypted at rest using AES-256 (server-side encryption)
- Users can generate public shareable links to download files
- File upload limits per user (configurable)
- Support for shared folders among users (with permissions)
- Serve Flutter web UI and backend API from the same container

#### Authentication and User Management

- User registration and login using email + password
- Passwords must be securely hashed using Argon2 or bcrypt
- JWT-based session handling for API authentication
- Role-based permission system:
  - Owner, editor, viewer roles for shared folders
  - Users can only access files and folders they own or are shared with them

#### File Handling

- Store files in `/data` directory, encrypted using a per-file key
- Save metadata and encryption keys in PostgreSQL (keys encrypted with a master key)
- Expose REST endpoints:
  - POST `/api/upload`
  - GET `/api/download/:id`
  - POST `/api/share`
  - GET `/api/shared/:token`
- Limit file uploads per user (configurable max size)
- Maintain a file tree (directories, nested folders)

### Infrastructure

- Use Docker Compose to define:
  - `web`: Rust backend and Flutter frontend in a single container
  - `db`: PostgreSQL container
- Only expose one public port (80), used by the web container
- Use Docker volume for persistent file storage (`./data`)

### Project Structure

```
project-root/
├── docker-compose.yml
├── Dockerfile (multi-stage for Flutter + Rust)
├── backend/         # Rust API
├── frontend/        # Flutter Web app
├── data/            # Mounted volume for encrypted files
```

### Libraries and Tools

- **Rust Backend**:

  - `axum` for HTTP server
  - `tokio` for async runtime
  - `sqlx` for PostgreSQL
  - `jsonwebtoken` for JWT
  - `argon2` or `bcrypt` for password hashing
  - `aes-gcm` or `ring` for file encryption
  - `uuid` for file and share link identifiers
  - `dotenvy` to manage environment variables
- **Flutter Frontend**:

  - File upload UI
  - Folder navigation
  - Login/Register screens
  - Share file dialog with permission settings

### Goals

Generate:

- Docker Compose config and Dockerfile
- Flutter web UI skeleton with login/upload functionality
- Rust backend with user authentication, file handling, and share APIs
- PostgreSQL schema with users, files, shares, and permissions