fix retention issue and add wipe / autoclean

This commit is contained in:
Jack Eilles 2024-01-05 11:17:46 +00:00
parent 4aaf68c1be
commit b26327627d
7 changed files with 75 additions and 13 deletions

View file

@ -19,7 +19,7 @@ from werkzeug.datastructures import FileStorage
from werkzeug.utils import secure_filename
from app import app, worker, bcrypt, loginManager, csrf
from app.models import User
from config import Config, Errors
from config import Config, Errors, quotes
class RegistrationForm(FlaskForm):
username = StringField('Username', validators=[DataRequired(), Length(min=2, max=16)])
@ -49,8 +49,10 @@ def index():
# Check for a GET or POST request
if request.method == "GET":
print(current_user.is_authenticated)
return render_template('index.html')
randomQuote = random.choice(list(quotes.items()))
author = randomQuote[0]
quote = randomQuote[1]
return render_template('index.html', author=author, quote=quote)
elif request.method == "POST":

View file

@ -13,6 +13,7 @@
<li class="nav-item"><a href="{{ url_for('faq') }}">FAQ</a></li>
<li class="nav-item"><a href="{{ url_for('contact') }}">Contact</a></li>
{% if current_user.is_authenticated %}
<li class="nav-item"><a href="{{ url_for('dashboard') }}">Dashboard</a></li>
<li class="nav-item"><a href="{{ url_for('logout') }}">Logout</a></li>
{% else %}
<li class="nav-item"><a href="{{ url_for('login') }}">Login</a></li>

View file

@ -8,6 +8,10 @@
<h5>Temporary file-hosting and URL shortening</h5>
{% endif %}
<p>Welcome to xygt.cc, a no-bullshit, anonymous and temporary file-hosting and URL shortening solution, similar to the likes of pastebin and 0x0.</p>
<hr>
<p>From {{ author }}:</p>
<p><i>"{{ quote }}" - Donate more than £5 to get your own quote here!</i></p>
<hr>
<p>Our default file retention is a minimum of 7 days and a maximum of 365 days, and is calculated using file size.</p>
<h3>How do I upload files?</h3>
<p>You can either use the `upload` form, or use a POST request.</p>

View file

@ -27,7 +27,7 @@ def uploadFile(file, ip, userid, filename, id, retention):
# Calculate retention before the file is written, we'll grab the filesize here as it's needed for the equation.
file.seek(0, os.SEEK_END)
fileSize = round(float(file.tell()) / 1024, 2)
fileSize = round(float(file.tell()) / (1024 * 1024), 2)
# Set the position back to 0
file.seek(0)
@ -51,11 +51,12 @@ def uploadFile(file, ip, userid, filename, id, retention):
'id': id,
'filename': filename,
'filesize': fileSize,
'retention': round(retention * 86400), # Convert to seconds
'mimetype': file.content_type,
'retention': retention,
'userid': userid,
'ip': ip,
'date': date,
'expiry': date + round(retention * 86400)
'expiry': date + retention
}
# Add the data and verify its there.
@ -83,9 +84,9 @@ def shortenURL(url, ip, userid, id, retention):
userid = 0
if retention == None:
retention = 14
elif retention > 365:
retention = 365
retention = 604800
elif retention > 31540000:
retention = 31540000
data = {
"id": id,
@ -116,6 +117,10 @@ def randomHex():
hexRand = ''.join(secrets.choice('0123456789abcdef') for _ in range(6))
return hexRand
def genIDPass():
idpass = ''.join(secrets.choice('0123456789abcdef') for _ in range(16))
return idpass
def registerUser(username, password):
# Initialise some values
try:
@ -135,7 +140,7 @@ def registerUser(username, password):
def resetIDPass(userid):
try:
idpass = randomHex(8)
idpass = genIDPass()
hashedPass = bcrypt.generate_password_hash(idpass).decode("utf-8")
Config.users.update_one({"userid": userid}, {"$set": {"idpass": hashedPass}})
return idpass

48
autoclean.py Executable file
View file

@ -0,0 +1,48 @@
#!/usr/bin/env python
"""
xygt.cc cleanup script
This script will run once hourly to remove expired files and URL's from the database as well as local storage.
"""
import datetime
import os
from pymongo import MongoClient
from config import Config
class Config:
# MongoDB init stuff
client = MongoClient("mongodb://localhost:27017/")
db = client["xygt"]
files = db["file"]
url = db["url"]
users = db["users"]
fileDir = "./data"
def main():
print("Starting cleanup script...")
# Get current time in unix timestamp
now = datetime.datetime.now()
now = now.timestamp()
# Get all expired files
expiredFiles = Config.files.find({"expiry": {"$lt": now}})
expiredURLs = Config.url.find({"expiry": {"$lt": now}})
# Delete all expired files
for file in expiredFiles:
print(f"Deleting file {file['id']}")
Config.files.delete_one({"id": file["id"]})
os.remove(os.path.join(Config.fileDir, file["filename"]))
# Delete all expired URL's
for url in expiredURLs:
print(f"Deleting URL {url['id']}")
Config.url.delete_one({"id": url["id"]})
print("Cleanup complete.")
if __name__ == "__main__":
main()

View file

@ -12,8 +12,8 @@ class Config:
# Basic configs
maxFileSize = 256
premMaxFileSize = 512
maxretention = 365
minretention = 7
maxretention = 31540000
minretention = 604800
fileDir = "./data"
ipLogEnabled = False
secretKey = "CHANGEINPRODUCTION"

View file

@ -6,6 +6,7 @@ This wipes all files and DB entries for Files, URL's and users.
"""
import os
import subprocess
from pymongo import MongoClient
class Config:
@ -31,7 +32,8 @@ def main():
print("Clearing user db")
Config.url.delete_many({})
print("Deleting local files")
os.remove(f"{Config.fileDir}/*")
subprocess.run(["rm", "-rf", f"{Config.fileDir}"])
os.mkdir(f"{Config.fileDir}")
print("Done. xygt.cc is ready to start clean.")
exit()