def challenge(self, error):
ip = Ip.get(request.remote_addr)
if request_wants_json():
response = jsonify(dict(status='fail',
error='Authentication required'))
else:
response = make_response(error.get_body(request.environ))
# create nonce. the client should return the request with the
# authentication data and the same nonce
ip.nonce = os.urandom(8).encode('hex')
db.session.commit()
# set digest response
response.www_authenticate.set_digest(realm=current_app.config['REALM'],
nonce=ip.nonce, qop=['auth'],
algorithm='MD5')
response.status_code = 401
return response
def get(self, paste_id=None, action=None):
# paste listing
if paste_id is None:
page = int(request.args.get('page', 1))
per_page = current_app.config['PER_PAGE']
# private mode
if request.args.get('private', '0') == '1':
self.auth.required()
query = Paste.all(hide_private=False)
# normal mode
else:
query = Paste.all()
pagination = query.paginate(page or 1, per_page)
kwargs = dict(page=pagination.page, pages=pagination.pages,
per_page=pagination.per_page, total=pagination.total)
# json api
if request_wants_json():
return jsonify(dict(pastes=[i.to_json(True) \
for i in pagination.items],
**kwargs))
# html output
return render_template('pastes.html', pagination=pagination)
# paste rendering
else:
paste = Paste.get(paste_id)
# if private ask for authentication
#if paste.private and paste_id.isdigit():
# self.auth.required()
# guess output by browser's accept header
if action is None:
# json api
if request_wants_json():
return jsonify(paste.to_json())
# html output
return render_template('paste.html', paste=paste)
# browser goodies
# plain text output
if action == 'raw':
response = make_response(paste.file_content)
response.headers['Content-type'] = 'text/plain; charset=utf-8'
return response
# force download
if action == 'download':
content_type = 'application/octet-stream'
if len(paste.lexer.mimetypes):
content_type = paste.lexer.mimetypes[0]
file_name = 'untitled.txt'
if paste.file_name is not None:
file_name = os.path.basename(paste.file_name)
response = make_response(paste.file_content)
response.headers['Content-Type'] = content_type
response.headers['Content-Disposition'] = \
'attachment; filename=%s' % file_name
return response
# no render found
abort(404)
def home():
if request_wants_json():
return jsonify(dict(version=ownpaste.__version__, api_version=ownpaste.api_version, languages=LANGUAGES))
return render_template(
"base.html", version=ownpaste.__version__, api_version=ownpaste.api_version, languages=LANGUAGES.iteritems()
)
