diff --git a/app/routes.py b/app/routes.py index 65c6e16..d115e61 100644 --- a/app/routes.py +++ b/app/routes.py @@ -19,7 +19,7 @@ from werkzeug.datastructures import FileStorage from werkzeug.utils import secure_filename from app import app, worker, bcrypt, loginManager, csrf from app.models import User -from config import Config, Errors +from config import Config, Errors, quotes class RegistrationForm(FlaskForm): username = StringField('Username', validators=[DataRequired(), Length(min=2, max=16)]) @@ -49,8 +49,10 @@ def index(): # Check for a GET or POST request if request.method == "GET": - print(current_user.is_authenticated) - return render_template('index.html') + randomQuote = random.choice(list(quotes.items())) + author = randomQuote[0] + quote = randomQuote[1] + return render_template('index.html', author=author, quote=quote) elif request.method == "POST": diff --git a/app/templates/base.html b/app/templates/base.html index f60fbe0..1303c2b 100644 --- a/app/templates/base.html +++ b/app/templates/base.html @@ -13,6 +13,7 @@
  • FAQ
  • Contact
    • {% if current_user.is_authenticated %} +
  • Dashboard
  • Logout
    • {% else %}
  • Login
    • diff --git a/app/templates/index.html b/app/templates/index.html index afbe1d5..2da7b15 100644 --- a/app/templates/index.html +++ b/app/templates/index.html @@ -8,6 +8,10 @@
    Temporary file-hosting and URL shortening
    {% endif %}

    Welcome to xygt.cc, a no-bullshit, anonymous and temporary file-hosting and URL shortening solution, similar to the likes of pastebin and 0x0.

    +
    +

    From {{ author }}:

    +

    "{{ quote }}" - Donate more than £5 to get your own quote here!

    +

    Our default file retention is a minimum of 7 days and a maximum of 365 days, and is calculated using file size.

    How do I upload files?

    You can either use the `upload` form, or use a POST request.

    diff --git a/app/worker.py b/app/worker.py index c72fc72..3b4cc7b 100644 --- a/app/worker.py +++ b/app/worker.py @@ -27,7 +27,7 @@ def uploadFile(file, ip, userid, filename, id, retention): # Calculate retention before the file is written, we'll grab the filesize here as it's needed for the equation. file.seek(0, os.SEEK_END) - fileSize = round(float(file.tell()) / 1024, 2) + fileSize = round(float(file.tell()) / (1024 * 1024), 2) # Set the position back to 0 file.seek(0) @@ -51,11 +51,12 @@ def uploadFile(file, ip, userid, filename, id, retention): 'id': id, 'filename': filename, 'filesize': fileSize, - 'retention': round(retention * 86400), # Convert to seconds + 'mimetype': file.content_type, + 'retention': retention, 'userid': userid, 'ip': ip, 'date': date, - 'expiry': date + round(retention * 86400) + 'expiry': date + retention } # Add the data and verify its there. @@ -83,9 +84,9 @@ def shortenURL(url, ip, userid, id, retention): userid = 0 if retention == None: - retention = 14 - elif retention > 365: - retention = 365 + retention = 604800 + elif retention > 31540000: + retention = 31540000 data = { "id": id, @@ -116,6 +117,10 @@ def randomHex(): hexRand = ''.join(secrets.choice('0123456789abcdef') for _ in range(6)) return hexRand +def genIDPass(): + idpass = ''.join(secrets.choice('0123456789abcdef') for _ in range(16)) + return idpass + def registerUser(username, password): # Initialise some values try: @@ -135,7 +140,7 @@ def registerUser(username, password): def resetIDPass(userid): try: - idpass = randomHex(8) + idpass = genIDPass() hashedPass = bcrypt.generate_password_hash(idpass).decode("utf-8") Config.users.update_one({"userid": userid}, {"$set": {"idpass": hashedPass}}) return idpass diff --git a/autoclean.py b/autoclean.py new file mode 100755 index 0000000..be51573 --- /dev/null +++ b/autoclean.py @@ -0,0 +1,48 @@ +#!/usr/bin/env python + +""" +xygt.cc cleanup script + +This script will run once hourly to remove expired files and URL's from the database as well as local storage. +""" + +import datetime +import os +from pymongo import MongoClient +from config import Config + +class Config: + # MongoDB init stuff + client = MongoClient("mongodb://localhost:27017/") + db = client["xygt"] + files = db["file"] + url = db["url"] + users = db["users"] + fileDir = "./data" + +def main(): + print("Starting cleanup script...") + + # Get current time in unix timestamp + now = datetime.datetime.now() + now = now.timestamp() + + # Get all expired files + expiredFiles = Config.files.find({"expiry": {"$lt": now}}) + expiredURLs = Config.url.find({"expiry": {"$lt": now}}) + + # Delete all expired files + for file in expiredFiles: + print(f"Deleting file {file['id']}") + Config.files.delete_one({"id": file["id"]}) + os.remove(os.path.join(Config.fileDir, file["filename"])) + + # Delete all expired URL's + for url in expiredURLs: + print(f"Deleting URL {url['id']}") + Config.url.delete_one({"id": url["id"]}) + + print("Cleanup complete.") + +if __name__ == "__main__": + main() \ No newline at end of file diff --git a/config.py b/config.py index 13860da..ae740e6 100644 --- a/config.py +++ b/config.py @@ -12,8 +12,8 @@ class Config: # Basic configs maxFileSize = 256 premMaxFileSize = 512 - maxretention = 365 - minretention = 7 + maxretention = 31540000 + minretention = 604800 fileDir = "./data" ipLogEnabled = False secretKey = "CHANGEINPRODUCTION" diff --git a/wipe.py b/wipe.py index ffdfb08..72a4ae2 100755 --- a/wipe.py +++ b/wipe.py @@ -6,6 +6,7 @@ This wipes all files and DB entries for Files, URL's and users. """ import os +import subprocess from pymongo import MongoClient class Config: @@ -31,7 +32,8 @@ def main(): print("Clearing user db") Config.url.delete_many({}) print("Deleting local files") - os.remove(f"{Config.fileDir}/*") + subprocess.run(["rm", "-rf", f"{Config.fileDir}"]) + os.mkdir(f"{Config.fileDir}") print("Done. xygt.cc is ready to start clean.") exit()