Formal way to take in token for slideUtil (Issue #42)

[tanii1125]

Summary

This PR introduces a standardized, secure way to handle upload tokens in slideUtil (fixes Issue #42) and updates the SlideServer upload pipeline to properly validate chunk ordering and prevent silent corruption of uploaded slide files (addresses Issue #92).

---

Fixes / Issues Addressed

Fixes #42 — Formal token handling for slideUtil

• Introduces sanitized token input using secure_filename().
• Adds token masking in logs (e.g., AB******YZ) to avoid leaking full token IDs.
• Ensures consistent token usage across upload endpoints.

Fixes #92 — Chunked upload corruption

• Previously, uploading chunks out-of-order or in parallel could silently corrupt files.
• Browser concurrency or retry conditions could send overlapping or incorrect offsets without detection.
• The server would still return 200 OK even if the file was corrupted.

---

What this PR Changes

1. Adds strict offset validation in /upload/continue/<token>
   The server now validates:

• chunk is appended only if : offset == current_temp_file_size
• out-of-order offsets → 409 Offset mismatch
• overlapping or duplicate chunks are rejected
• prevents silent corruption entirely

2. Serializes writes using per-token locks

• Added token_locks = defaultdict(threading.Lock)
• Ensures only one chunk write happens at a time per upload token
• Prevents Chrome-style parallel chunk uploads from corrupting files
• Guarantees determinism and integrity of temp file writes

3. Optional integrity verification in /upload/finish
   If the client provides:

     {
          "sha256": "...",
          "size": 123456
        }
   
   

the server will:
- compute SHA256 of uploaded file
- match expected size
- return clear errors on mismatch
- prevent corrupted files from being accepted

4) **Added token masking for logs**
     Tokens are logged as:
     ` AB******YZ`

------------

**Test Coverage**
I added a complete test script verifying all edge cases in `test/`
- Sequential correct uploads → pass
- Out-of-order chunks → rejected with 409
- Parallel uploads → only first succeeds, rest 409
- Resumable-upload behavior → correct final SHA256

Verified using test file:
`/mnt/data/SlideServer.py`

All tests passed:

✔ Server correctly rejected out-of-order chunk
✔ Server correctly rejects parallel uploads
✔ Full upload completed with correct SHA

**Why this change is safe for SlideLoader UI**
- SlideLoader’s UI uploads chunks sequentially, never parallel.
- Therefore users will never hit a 409 during normal uploads.
- The UI continues to function unchanged and fully compatible.
- These protections only activate under abnormal/parallel/out-of-order conditions.

**File Updated**
`SlideServer.py`
✔ includes strict validation
✔ complete cleanup of old chunk-writing logic
✔ retains full compatibility with slideUtil
`/test`
✔️added test cases i used to validate out of order failure

-------

**Ready for Review**
Please let me know if you'd like:
- additional automated tests,
- a JavaScript browser-side resume handler,
- optional Redis/file-based locking for multi-worker deployments.