8f9868f0d9
Features: - REST API for text/binary pastes with MIME detection - Client certificate auth via X-SSL-Client-SHA1 header - SQLite with WAL mode for concurrent access - Automatic paste expiry with LRU cleanup Security: - HSTS, CSP, X-Frame-Options, X-Content-Type-Options - Cache-Control: no-store for sensitive responses - X-Request-ID tracing for log correlation - X-Proxy-Secret validation for defense-in-depth - Parameterized queries, input validation - Size limits (3 MiB anon, 50 MiB auth) Includes /health endpoint, container support, and 70 tests.
33 lines
682 B
Python
33 lines
682 B
Python
"""API blueprint registration."""
|
|
|
|
import time
|
|
|
|
from flask import Blueprint, current_app
|
|
|
|
bp = Blueprint("api", __name__)
|
|
|
|
# Throttle cleanup to run at most once per hour
|
|
_last_cleanup = 0
|
|
_CLEANUP_INTERVAL = 3600 # 1 hour
|
|
|
|
|
|
@bp.before_request
|
|
def cleanup_expired():
|
|
"""Periodically clean up expired pastes."""
|
|
global _last_cleanup
|
|
|
|
now = time.time()
|
|
if now - _last_cleanup < _CLEANUP_INTERVAL:
|
|
return
|
|
|
|
_last_cleanup = now
|
|
|
|
from app.database import cleanup_expired_pastes
|
|
|
|
count = cleanup_expired_pastes()
|
|
if count > 0:
|
|
current_app.logger.info(f"Cleaned up {count} expired paste(s)")
|
|
|
|
|
|
from app.api import routes # noqa: E402, F401
|