def get(): p_id = request.args.get('id', None, type=int) p_hash = request.args.get('hash', None) password = request.args.get('password') if p_hash: paste = Paste.by_hash(p_hash) elif p_id: paste = Paste.by_id(p_id) else: return jsonify(error='no id or hash supplied'), 400 if paste is None: return jsonify(error='paste not found'), 404 elif not p_hash and paste['unlisted']: return jsonify(error='paste is unlisted'), 400 if paste['password']: if not password: return jsonify(error='paste is password protected'), 401 elif not Paste.password_match(paste['hash'], password): return jsonify(error='incorrect password'), 401 return jsonify(create_paste_dict(paste), shorturl=paste['shortlink'], url=create_paste_url(paste))
def submit_password(): form = PastePassword() if form.validate_on_submit(): p_hash = form.paste_hash.data password = form.password.data if Paste.password_match(p_hash, password): # Password correct, add paste hash to authorised_pastes authorise_viewing(p_hash) else: # Todo: log & cap number of incorrect tries flash('Incorrect password', 'error') return redirect(form.redirect.data) else: return redirect(form.redirect.data)
def submit_password(): form = PastePassword() if form.validate_on_submit(): p_hash = form.paste_hash.data password = form.password.data if Paste.password_match(p_hash, password): # Password correct, add paste hash to authorised_pastes authorise_viewing(p_hash) else: # Todo: log & cap number of incorrect tries flash("Incorrect password", "error") return redirect(form.redirect.data) else: return redirect(form.redirect.data)
def get(): p_id = request.args.get("id", None, type=int) p_hash = request.args.get("hash", None) password = request.args.get("password") if p_hash: paste = Paste.by_hash(p_hash) elif p_id: paste = Paste.by_id(p_id) else: return jsonify(error="no id or hash supplied"), 400 if paste is None: return jsonify(error="paste not found"), 404 elif not p_hash and paste["unlisted"]: return jsonify(error="paste is unlisted"), 400 if paste["password"]: if not password: return jsonify(error="paste is password protected"), 401 elif not Paste.password_match(paste["hash"], password): return jsonify(error="incorrect password"), 401 return jsonify(create_paste_dict(paste), shorturl=paste["shortlink"], url=create_paste_url(paste))