ansible/flaskpaste
1
0
Fork 0
forked from claw/flaskpaste
Code Pull Requests Activity

docs: update for tiered expiry, admin features, batch delete

Browse Source
This commit is contained in:
Username
2025-12-21 22:16:51 +01:00
parent 916a09f595
commit e2e2039903
3 changed files with 75 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
documentation/api.md
View File

@@ -159,6 +159,7 @@ X-SSL-Client-SHA1: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
| `type` | string | Filter by MIME type (glob pattern, e.g., `image/*`) |
| `after` | int | Created after timestamp (Unix epoch) |
| `before` | int | Created before timestamp (Unix epoch) |
| `all` | int | List all pastes (admin only, set to 1) |
**Response (200 OK):**
```json
@@ -171,7 +172,8 @@ X-SSL-Client-SHA1: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
"created_at": "2024-12-20T10:30:00Z",
"expires_at": "2024-12-25T10:30:00Z",
"burn_after_read": false,
"password_protected": false
"password_protected": false,
"owner": "a1b2c3d4..."
}
],
"total": 42,
@@ -187,6 +189,18 @@ X-SSL-Client-SHA1: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
}
```
**Response (403 Forbidden - non-admin using `all=1`):**
```json
{
"error": "Admin access required"
}
```
**Notes:**
- Only admin users can use `all=1` to list all pastes
- The `owner` field shows the certificate fingerprint (truncated)
- First user to register via PKI becomes admin
---
### POST /
@@ -382,7 +396,7 @@ Content-Disposition: inline
```http
DELETE /abc12345 HTTP/1.1
Host: localhost:5000
X-SSL-Client-SHA1: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
X-SSL-Client-SHA1: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
```
**Response (200 OK):**
@@ -403,9 +417,13 @@ X-SSL-Client-SHA1: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
**Notes:**
- Admin users can delete any paste, not just their own
- First user to register via PKI becomes admin
---
## MIME Type Detection
FlaskPaste automatically detects MIME types using:
1. **Magic byte signatures** (highest priority)
- PNG: `\x89PNG\r\n\x1a\n`
- JPEG: `\xff\xd8\xff`
@@ -431,11 +449,16 @@ FlaskPaste automatically detects MIME types using:
|-------------|----------------|-------------|
| Anonymous | 1 day | No certificate provided |
| Untrusted | 7 days | Certificate not registered via PKI |
**Custom Expiry:**
| Trusted | 30 days | Certificate registered via `/register` |
- Every `GET /{id}` or `GET /{id}/raw` updates the last access timestamp
- Cleanup runs automatically (hourly, throttled)
**Custom Expiry:**
Pastes can have custom expiry times using the `X-Expiry` header:
```bash
```bash
# Paste expires in 1 hour
curl -H "X-Expiry: 3600" --data-binary @file.txt http://host/
```
@@ -448,14 +471,16 @@ curl -H "X-Expiry: 3600" --data-binary @file.txt http://host/
export FLASKPASTE_MAX_EXPIRY=7776000 # Max custom expiry: 90 days
```
- Invalid or negative values are ignored (uses default)
- Response includes `expires_at` timestamp when custom expiry is set
**Notes:**
- Custom expiry is capped at `FLASKPASTE_MAX_EXPIRY`
- Invalid or negative values use the default for the user's trust level
- All pastes now include `expires_at` timestamp in responses
---
## Burn-After-Read
Single-access pastes that delete themselves after first retrieval.
Single-access pastes that delete themselves after first retrieval.
**How it works:**
- Set `X-Burn-After-Read: true` header on creation