more fixessssss

This commit is contained in:
Jack Eilles 2024-02-28 22:08:01 +00:00
parent 59e9250b15
commit 39c084ea00
3 changed files with 78 additions and 50 deletions

View file

@ -164,8 +164,11 @@ def getData(id):
return random.choice(Errors.file404) return random.choice(Errors.file404)
@csrf.exempt @csrf.exempt
@app.route('/<id>/delete') @app.route('/<id>/delete', methods=["GET", "POST"])
def delete(id): def delete(id):
if request.method == "GET":
return "You're not very smart, are you? GET request on a DELETE endpoint LMAOOO\n\n"
elif request.method == "POST":
if Config.files.find_one({"id": id}) is not None: if Config.files.find_one({"id": id}) is not None:
data = Config.files.find_one({"id": id}) data = Config.files.find_one({"id": id})
@ -261,22 +264,36 @@ def resetidpass():
return f"Your new IDPass is \n {idpass}\n This will only be shown once, please save it somewhere safe." return f"Your new IDPass is \n {idpass}\n This will only be shown once, please save it somewhere safe."
### API Endpoints ### ### API Endpoints ###
@csrf.exempt
@app.route('/api') @app.route('/api', methods=["GET", "POST"])
def api(): def api():
return {"error": "Specify an API version."} return {"error": "Specify an API version."}
@app.route('/api/v1') @csrf.exempt
@app.route('/api/v1', methods=["GET", "POST"])
def v3(): def v3():
return {"status": "ok"} return {"status": "ok"}
@app.route('/api/v1/user/<id>') @csrf.exempt
@app.route('/api/v1/user/<id>', methods=["GET", "POST"])
def getUser(id): def getUser(id):
data = Config.users.find_one({"userid": id})
if data["userid"] == request.form.get("userid") and bcrypt.check_password_hash(Config.users.find_one({"userid": data["userid"]})["idpass"], request.form.get("idpass")):
return worker.userInfo(id) return worker.userInfo(id)
else:
return "Incorrect userID or IDPass", 401
@app.route('/api/v1/file/<id>') @csrf.exempt
@app.route('/api/v1/file/<id>', methods=["GET", "POST"])
def getInfo(id): def getInfo(id):
return worker.idInfo(id) data = Config.files.find_one({"id": id})
if data["userid"] == request.form.get("userid") and bcrypt.check_password_hash(Config.users.find_one({"userid": data["userid"]})["idpass"], request.form.get("idpass")):
cred = True
else:
cred = False
return worker.idInfo(id, cred)
### Error Handlers ### ### Error Handlers ###

View file

@ -17,7 +17,6 @@
<table> <table>
<tr> <tr>
<th>ID</th> <th>ID</th>
<th>Filename</th> <th>Filename</th>
<th>Size</th> <th>Size</th>
<th>Retention</th> <th>Retention</th>

View file

@ -108,16 +108,28 @@ def shortenURL(url, ip, userid, id, retention):
return f"https://xygt.cc/{id}", 200 return f"https://xygt.cc/{id}", 200
def idInfo(id): def idInfo(id, cred):
# Check if cred is true
if cred:
# Check files and url for the ID # Check files and url for the ID
if Config.files.find_one({"id": id}) is not None: if Config.files.find_one({"id": id}) is not None:
check = Config.files.find_one({"id": id}, {'_id': False, "ip": False}) check = Config.files.find_one({"id": id}, {'_id': False})
# "ip": False removes the IP from the returned data.
# If it's not there then check url # If it's not there then check url
elif Config.url.find_one({"id": id}) is not None: elif Config.url.find_one({"id": id}) is not None:
check = Config.url.find_one({"id": id}, {'_id': False, "ip": False}) check = Config.url.find_one({"id": id}, {'_id': False})
# Return the mongodb info about the file, removing IP if its present # Return the mongodb info about the file
return check
else:
# Check files and url for the ID
if Config.files.find_one({"id": id}) is not None:
check = Config.files.find_one({"id": id}, {'_id': False, "ip": False, "userid": False})
# If it's not there then check url
elif Config.url.find_one({"id": id}) is not None:
check = Config.url.find_one({"id": id}, {'_id': False, "ip": False, "userid": False})
# Return the mongodb info about the file
return check return check
def userInfo(id): def userInfo(id):