From d85637afcb76a9aed34fa1cf9408ae1af1fb0dab Mon Sep 17 00:00:00 2001 From: CronyAkatsuki Date: Wed, 1 Nov 2023 16:32:47 +0100 Subject: [PATCH] Add the upload only option. --- main.py | 46 +++++++++++++++++++++++++++----------- requirements.txt | 2 ++ templates/files.html | 52 +++++++++++++++++++++++-------------------- templates/index.html | 53 +++++++++++++++++++++++++++++++++----------- 4 files changed, 103 insertions(+), 50 deletions(-) diff --git a/main.py b/main.py index 97d8ade..8d505ae 100644 --- a/main.py +++ b/main.py @@ -6,6 +6,14 @@ from fastapi import FastAPI, Request, UploadFile, File, Header from fastapi.responses import HTMLResponse, PlainTextResponse, RedirectResponse from fastapi.staticfiles import StaticFiles from fastapi.templating import Jinja2Templates +from pydantic_settings import BaseSettings, SettingsConfigDict + + +# Settings +class Settings(BaseSettings): + upload_only: bool = True + + model_config = SettingsConfigDict(env_file=".env") # file class @@ -43,6 +51,8 @@ def file_list_generator(path: str, file_list: list[str]): templates = Jinja2Templates(directory="templates") +# Create settings +settings = Settings() # Create fastapi template app = FastAPI() @@ -63,7 +73,11 @@ async def index( if re.search("^curl/.*", str(user_agent)): return PlainTextResponse("It fucking works!\n") else: - context = {"request": request, "user_agent": user_agent} + context = { + "request": request, + "user_agent": user_agent, + "upload_only": settings.upload_only, + } return templates.TemplateResponse("index.html", context) @@ -98,12 +112,12 @@ async def files( path = f"{dirname(abspath(__file__))}/upload/" file_list = listdir(path) files = file_list_generator(path, file_list) - context = {"request": request, "files": files} + context = {"request": request, "files": files, "upload_only": settings.upload_only} if re.search("^curl/.*", str(user_agent)): - context = "" + response = "" for file in files: - context += f"{request.url._url}/{file.name}\n" - return PlainTextResponse(f"{context}") + response += f"{request.url._url}/{file.name}\n" + return PlainTextResponse(f"{response}") else: return templates.TemplateResponse("files.html", context) @@ -115,14 +129,20 @@ async def delete( file: str, user_agent: Annotated[Union[str, None], Header()] = None, ): - file_path = f"{dirname(abspath(__file__))}/upload/{file}" - if exists(file_path): - remove(file_path) + if settings.upload_only: + return PlainTextResponse( + "This api endpoint is not available on upload only instance. \ +If you wan't to delete a file ask the hoster of the instance!!" + ) + else: + file_path = f"{dirname(abspath(__file__))}/upload/{file}" + if exists(file_path): + remove(file_path) + if re.search("^curl/.*", str(user_agent)): + return PlainTextResponse(f"file {file} deleted from the server\n") + else: + return RedirectResponse(request.url_for("files")) if re.search("^curl/.*", str(user_agent)): - return PlainTextResponse(f"file {file} deleted from the server\n") + return PlainTextResponse(f"file {file} doesn't exist on the server\n") else: return RedirectResponse(request.url_for("files")) - if re.search("^curl/.*", str(user_agent)): - return PlainTextResponse(f"file {file} doesn't exist on the server\n") - else: - return RedirectResponse(request.url_for("files")) diff --git a/requirements.txt b/requirements.txt index ee4105a..eae2b1e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,7 +7,9 @@ idna==3.4 Jinja2==3.1.2 MarkupSafe==2.1.3 pydantic==2.4.2 +pydantic-settings==2.0.3 pydantic_core==2.10.1 +python-dotenv==1.0.0 python-magic==0.4.27 python-multipart==0.0.6 sniffio==1.3.0 diff --git a/templates/files.html b/templates/files.html index 437e992..a013762 100644 --- a/templates/files.html +++ b/templates/files.html @@ -1,31 +1,35 @@ - + + - - - - - UpFast: File List + + + + + UpFast: File List + -

File List

- - {% for file in files %} -
-
- {% if file.fileType == "image" %} - - {% elif file.fileType == "video" %} - - {% elif file.fileType == "text" %} - 
{{ file.content }}
- {% endif %} -
- {{ file.name }} - delete! -
-
- {% endfor %} +

File List

+ {% for file in files %} +
+
+ {% if file.fileType == "image" %} + + {% elif file.fileType == "video" %} + + {% elif file.fileType == "text" %} + 
{{ file.content }}
+ {% endif %} +
+ {{ file.name }} + {% if not upload_only %} + delete! + {% endif %} +
+
+ {% endfor %} + diff --git a/templates/index.html b/templates/index.html index d7439ee..42cc636 100644 --- a/templates/index.html +++ b/templates/index.html @@ -1,26 +1,53 @@ - + + - - - - - UpFast + + + + + UpFast + -

UpFast: Minimal file upload and sharing tool

+

UpFast: Minimal file upload and sharing tool

-

0x0.st Influenced file upload and sharing tool

+

+ 0x0.st Influenced file upload and sharing + tool +

-

To upload files use curl: curl -F "file=@/path/to/file" "{{ request.url }}"

+

+ To upload files use curl: + curl -F "file=@/path/to/file" "{{ request.url }}" +

-

To delete a file using curl: curl "{{ request.url }}delete/file_name"

+

+ To delete a file using curl: + curl "{{ request.url }}delete/file_name" +

-

To get of all files hosted on the instance check files

+ {% if upload_only %} +

+ NOTE: This is an upload only instance, if you wan't a file on the instance + deleted ask the hoster to delete the file. +

+ {% endif %} -

Created and maintained by Crony Akatsuki

+

+ To get of all files hosted on the instance check + files +

-

Code is hosted on https://code.cronyakatsuki.xyz/crony/upfast

+

+ Created and maintained by + Crony Akatsuki +

+

+ Code is hosted on + https://code.cronyakatsuki.xyz/crony/upfast +

+