Dropping passwords.
This commit is contained in:
parent
177461812f
commit
47360a3320
|
@ -16,7 +16,6 @@ class PasteForm(ModelForm):
|
||||||
fields = [
|
fields = [
|
||||||
"language",
|
"language",
|
||||||
"title",
|
"title",
|
||||||
"password",
|
|
||||||
"content",
|
"content",
|
||||||
"lifetime",
|
"lifetime",
|
||||||
"lifecount",
|
"lifecount",
|
||||||
|
@ -28,8 +27,6 @@ class PasteForm(ModelForm):
|
||||||
paste.compute_size()
|
paste.compute_size()
|
||||||
if not self.cleaned_data["title"]:
|
if not self.cleaned_data["title"]:
|
||||||
paste.title = "no title"
|
paste.title = "no title"
|
||||||
if self.cleaned_data["password"]:
|
|
||||||
paste.set_password(self.cleaned_data["password"])
|
|
||||||
if commit:
|
if commit:
|
||||||
paste.save()
|
paste.save()
|
||||||
return paste
|
return paste
|
||||||
|
|
|
@ -6,7 +6,7 @@ msgid ""
|
||||||
msgstr ""
|
msgstr ""
|
||||||
"Project-Id-Version: PACKAGE VERSION\n"
|
"Project-Id-Version: PACKAGE VERSION\n"
|
||||||
"Report-Msgid-Bugs-To: \n"
|
"Report-Msgid-Bugs-To: \n"
|
||||||
"POT-Creation-Date: 2023-04-21 09:18+0200\n"
|
"POT-Creation-Date: 2023-04-21 09:32+0200\n"
|
||||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||||
|
@ -15,27 +15,27 @@ msgstr ""
|
||||||
"Content-Type: text/plain; charset=UTF-8\n"
|
"Content-Type: text/plain; charset=UTF-8\n"
|
||||||
"Content-Transfer-Encoding: 8bit\n"
|
"Content-Transfer-Encoding: 8bit\n"
|
||||||
|
|
||||||
#: paste/models.py:12
|
#: paste/models.py:10
|
||||||
msgid "Never expire"
|
msgid "Never expire"
|
||||||
msgstr "Jamais"
|
msgstr "Jamais"
|
||||||
|
|
||||||
#: paste/models.py:13
|
#: paste/models.py:11
|
||||||
msgid "1 hour"
|
msgid "1 hour"
|
||||||
msgstr "1 heure"
|
msgstr "1 heure"
|
||||||
|
|
||||||
#: paste/models.py:14
|
#: paste/models.py:12
|
||||||
msgid "1 day"
|
msgid "1 day"
|
||||||
msgstr "1 jour"
|
msgstr "1 jour"
|
||||||
|
|
||||||
#: paste/models.py:15
|
#: paste/models.py:13
|
||||||
msgid "1 week"
|
msgid "1 week"
|
||||||
msgstr "1 semaine"
|
msgstr "1 semaine"
|
||||||
|
|
||||||
#: paste/models.py:16
|
#: paste/models.py:14
|
||||||
msgid "1 month"
|
msgid "1 month"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: paste/models.py:17
|
#: paste/models.py:15
|
||||||
msgid "1 year"
|
msgid "1 year"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -105,17 +105,7 @@ msgstr "Protection"
|
||||||
msgid "Views"
|
msgid "Views"
|
||||||
msgstr "Vues"
|
msgstr "Vues"
|
||||||
|
|
||||||
#: paste/templates/paste/history.html:27
|
#: paste/templates/paste/history.html:31
|
||||||
#: paste/templates/paste/paste-meta.html:20
|
|
||||||
msgid "locked"
|
|
||||||
msgstr "verrouillé"
|
|
||||||
|
|
||||||
#: paste/templates/paste/history.html:27
|
|
||||||
#: paste/templates/paste/paste-meta.html:20
|
|
||||||
msgid "open"
|
|
||||||
msgstr "ouvert"
|
|
||||||
|
|
||||||
#: paste/templates/paste/history.html:32
|
|
||||||
msgid "Nothing has been pasted yet"
|
msgid "Nothing has been pasted yet"
|
||||||
msgstr "Rien n'a encore été collé"
|
msgstr "Rien n'a encore été collé"
|
||||||
|
|
||||||
|
@ -136,41 +126,42 @@ msgid "Expire allowed views"
|
||||||
msgstr "Expiration nombre d'affichages"
|
msgstr "Expiration nombre d'affichages"
|
||||||
|
|
||||||
#: paste/templates/paste/index.html:63
|
#: paste/templates/paste/index.html:63
|
||||||
msgid "Password protected"
|
|
||||||
msgstr "Protection par mot de passe"
|
|
||||||
|
|
||||||
#: paste/templates/paste/index.html:74
|
|
||||||
msgid "Paste"
|
msgid "Paste"
|
||||||
msgstr "Coller"
|
msgstr "Coller"
|
||||||
|
|
||||||
#: paste/templates/paste/locked.html:7
|
|
||||||
msgid "This paste is password protected"
|
|
||||||
msgstr "Protégé par un mot de passe"
|
|
||||||
|
|
||||||
#: paste/templates/paste/locked.html:8
|
|
||||||
msgid ""
|
|
||||||
"Please enter the password in the field below to unlock the paste and display "
|
|
||||||
"it"
|
|
||||||
msgstr ""
|
|
||||||
"Veuillez entrer le mot de passe dans le champ ci-dessous pour déverrouiller "
|
|
||||||
"le collage et l'afficher"
|
|
||||||
|
|
||||||
#: paste/templates/paste/locked.html:12
|
|
||||||
msgid "Password"
|
|
||||||
msgstr "Mot de passe"
|
|
||||||
|
|
||||||
#: paste/templates/paste/locked.html:20
|
|
||||||
msgid "Unlock"
|
|
||||||
msgstr "Déverrouiller"
|
|
||||||
|
|
||||||
#: paste/templates/paste/paste-meta.html:10
|
#: paste/templates/paste/paste-meta.html:10
|
||||||
msgid "Visibility"
|
msgid "Visibility"
|
||||||
msgstr "Visibilité"
|
msgstr "Visibilité"
|
||||||
|
|
||||||
#: paste/templates/paste/paste-meta.html:22
|
#: paste/templates/paste/paste-meta.html:21
|
||||||
msgid "None"
|
msgid "None"
|
||||||
msgstr "Aucune"
|
msgstr "Aucune"
|
||||||
|
|
||||||
|
#~ msgid "locked"
|
||||||
|
#~ msgstr "verrouillé"
|
||||||
|
|
||||||
|
#~ msgid "open"
|
||||||
|
#~ msgstr "ouvert"
|
||||||
|
|
||||||
|
#~ msgid "Password protected"
|
||||||
|
#~ msgstr "Protection par mot de passe"
|
||||||
|
|
||||||
|
#~ msgid "This paste is password protected"
|
||||||
|
#~ msgstr "Protégé par un mot de passe"
|
||||||
|
|
||||||
|
#~ msgid ""
|
||||||
|
#~ "Please enter the password in the field below to unlock the paste and "
|
||||||
|
#~ "display it"
|
||||||
|
#~ msgstr ""
|
||||||
|
#~ "Veuillez entrer le mot de passe dans le champ ci-dessous pour "
|
||||||
|
#~ "déverrouiller le collage et l'afficher"
|
||||||
|
|
||||||
|
#~ msgid "Password"
|
||||||
|
#~ msgstr "Mot de passe"
|
||||||
|
|
||||||
|
#~ msgid "Unlock"
|
||||||
|
#~ msgstr "Déverrouiller"
|
||||||
|
|
||||||
#~ msgid "Private"
|
#~ msgid "Private"
|
||||||
#~ msgstr "Privé"
|
#~ msgstr "Privé"
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,34 @@
|
||||||
|
# Generated by Django 4.2 on 2023-04-21 07:32
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
dependencies = [
|
||||||
|
("paste", "0003_remove_paste_private"),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.RemoveField(
|
||||||
|
model_name="paste",
|
||||||
|
name="password",
|
||||||
|
),
|
||||||
|
migrations.RemoveField(
|
||||||
|
model_name="paste",
|
||||||
|
name="salt",
|
||||||
|
),
|
||||||
|
migrations.AlterField(
|
||||||
|
model_name="language",
|
||||||
|
name="id",
|
||||||
|
field=models.BigAutoField(
|
||||||
|
auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
|
||||||
|
),
|
||||||
|
),
|
||||||
|
migrations.AlterField(
|
||||||
|
model_name="paste",
|
||||||
|
name="id",
|
||||||
|
field=models.BigAutoField(
|
||||||
|
auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
|
||||||
|
),
|
||||||
|
),
|
||||||
|
]
|
|
@ -4,8 +4,6 @@ from django.utils import timezone
|
||||||
from datetime import datetime, timedelta
|
from datetime import datetime, timedelta
|
||||||
from webtools import settings
|
from webtools import settings
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
import hashlib
|
|
||||||
import uuid
|
|
||||||
|
|
||||||
|
|
||||||
EXPIRE_CHOICES = (
|
EXPIRE_CHOICES = (
|
||||||
|
@ -60,8 +58,6 @@ class Paste(models.Model):
|
||||||
lifecount = models.IntegerField(default=0, blank=True)
|
lifecount = models.IntegerField(default=0, blank=True)
|
||||||
viewcount = models.IntegerField(default=0, editable=False)
|
viewcount = models.IntegerField(default=0, editable=False)
|
||||||
expired = models.BooleanField(default=False, editable=False)
|
expired = models.BooleanField(default=False, editable=False)
|
||||||
password = models.CharField(max_length=128, blank=True)
|
|
||||||
salt = models.CharField(max_length=36, blank=True)
|
|
||||||
|
|
||||||
def compute_size(self):
|
def compute_size(self):
|
||||||
"""Computes size."""
|
"""Computes size."""
|
||||||
|
@ -111,22 +107,6 @@ class Paste(models.Model):
|
||||||
return True
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def _hash(self, raw):
|
|
||||||
"""Return hashed string."""
|
|
||||||
if not self.salt:
|
|
||||||
self.salt = str(uuid.uuid1())
|
|
||||||
return hashlib.sha512((raw + self.salt).encode()).hexdigest()
|
|
||||||
|
|
||||||
def set_password(self, raw):
|
|
||||||
"""Define a hashed password."""
|
|
||||||
self.password = self._hash(raw)
|
|
||||||
|
|
||||||
def pwd_match(self, password):
|
|
||||||
"""Compare provided password to paste's one."""
|
|
||||||
if not password or not self._hash(password) == self.password:
|
|
||||||
return False
|
|
||||||
return True
|
|
||||||
|
|
||||||
def __unicode__(self):
|
def __unicode__(self):
|
||||||
"""String representation."""
|
"""String representation."""
|
||||||
return self.slug
|
return self.slug
|
||||||
|
|
|
@ -24,7 +24,6 @@
|
||||||
<td>{% trans paste.language.name %}</td>
|
<td>{% trans paste.language.name %}</td>
|
||||||
<td>{{ paste.size }}</td>
|
<td>{{ paste.size }}</td>
|
||||||
<td>{{ paste.paste_time }}</td>
|
<td>{{ paste.paste_time }}</td>
|
||||||
<td>{% if paste.password %}<i class="icon-lock"> {% trans 'locked' %}</i>{% else %}<i class="icon-unlock"> {% trans 'open' %}</i>{% endif %}</td>
|
|
||||||
<td>{{ paste.viewcount }}</td>
|
<td>{{ paste.viewcount }}</td>
|
||||||
</tr>
|
</tr>
|
||||||
{% empty %}
|
{% empty %}
|
||||||
|
|
|
@ -59,17 +59,6 @@
|
||||||
</div>
|
</div>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
<div class="col-auto">
|
|
||||||
<label class="sr-only" for="id_password">{% trans 'Password protected' %}</label>
|
|
||||||
<div class="input-group">
|
|
||||||
<div class="input-group-prepend">
|
|
||||||
<div class="input-group-text"><span class="add-on"><i class="icon-lock"></i></span></div>
|
|
||||||
</div>
|
|
||||||
{{ form.password|add_class:"form-control"|placeholder:'Password protected'}}
|
|
||||||
</div>
|
|
||||||
{{ form.password.errors }}
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="col-auto">
|
<div class="col-auto">
|
||||||
<button class="btn btn-primary btn-lg" type="submit">{% trans 'Paste' %}</button>
|
<button class="btn btn-primary btn-lg" type="submit">{% trans 'Paste' %}</button>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -1,23 +0,0 @@
|
||||||
{% extends "base.html" %}
|
|
||||||
{% load i18n %}
|
|
||||||
{% block title %}{{ title }}{% endblock %}
|
|
||||||
{% block content %}
|
|
||||||
<h1>{{ title }}</h1>
|
|
||||||
<div id="unlock">
|
|
||||||
<p><b>{% blocktrans %}This paste is password protected{% endblocktrans %}</b>.</p>
|
|
||||||
<p>{% blocktrans %}Please enter the password in the field below to unlock the paste and display it{% endblocktrans %}.</p>
|
|
||||||
<form method="post" action="">
|
|
||||||
<div class="row">
|
|
||||||
<div class="span3">
|
|
||||||
<label for="id_password">{% trans 'Password' %}</label>
|
|
||||||
<div class="input-prepend">
|
|
||||||
<span class="add-on"><i class="icon-lock"></i></span>
|
|
||||||
<input id="id_password" maxlength="128" name="password" type="text">
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
{% csrf_token %}
|
|
||||||
<button type="submit" class="btn">{% trans 'Unlock' %}</button>
|
|
||||||
</form>
|
|
||||||
</div>
|
|
||||||
{% endblock %}
|
|
|
@ -17,7 +17,6 @@
|
||||||
<td>{% trans paste.language.name %}</td>
|
<td>{% trans paste.language.name %}</td>
|
||||||
<td>{{ paste.size }}</td>
|
<td>{{ paste.size }}</td>
|
||||||
<td>{{ paste.paste_time }}</td>
|
<td>{{ paste.paste_time }}</td>
|
||||||
<td>{% if paste.password %}<i class="icon-lock"> {% trans 'locked' %}</i>{% else %}<i class="icon-unlock"> {% trans 'open' %}</i>{% endif %}</td>
|
|
||||||
<td>{{ paste.viewcount }}{% if paste.lifecount > 0 %}/{{ paste.lifecount }}{% endif %}</td>
|
<td>{{ paste.viewcount }}{% if paste.lifecount > 0 %}/{{ paste.lifecount }}{% endif %}</td>
|
||||||
<td>{% if paste.expiration_time %}{{ paste.expiration_time }}{% else %}{% trans 'None' %}{% endif %}</td>
|
<td>{% if paste.expiration_time %}{{ paste.expiration_time }}{% else %}{% trans 'None' %}{% endif %}</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
|
|
@ -58,16 +58,6 @@ def show(request, slug, renderer="pygments"):
|
||||||
# Handling expiration
|
# Handling expiration
|
||||||
if paste.is_expired():
|
if paste.is_expired():
|
||||||
return render(request, "paste/expired.html")
|
return render(request, "paste/expired.html")
|
||||||
# Handling passwords
|
|
||||||
if paste.password:
|
|
||||||
if "password" in request.POST:
|
|
||||||
password = request.POST["password"]
|
|
||||||
elif "password" in request.COOKIES:
|
|
||||||
password = request.COOKIES["password"]
|
|
||||||
else:
|
|
||||||
password = None
|
|
||||||
if not paste.pwd_match(password):
|
|
||||||
return render(request, "paste/locked.html", data)
|
|
||||||
# Before rendering actions
|
# Before rendering actions
|
||||||
paste.incr_viewcount()
|
paste.incr_viewcount()
|
||||||
# Handling rendering modes
|
# Handling rendering modes
|
||||||
|
@ -76,9 +66,4 @@ def show(request, slug, renderer="pygments"):
|
||||||
data["current_renderer"] = renderer
|
data["current_renderer"] = renderer
|
||||||
data["renderers"] = settings.PASTE["enabled_renderers"]
|
data["renderers"] = settings.PASTE["enabled_renderers"]
|
||||||
render_method = getattr(renderers, "render_%s" % renderer)
|
render_method = getattr(renderers, "render_%s" % renderer)
|
||||||
response = render_method(request, paste, data)
|
return render_method(request, paste, data)
|
||||||
|
|
||||||
# Responding
|
|
||||||
if "password" in request.POST:
|
|
||||||
response.set_cookie("password", request.POST["password"])
|
|
||||||
return response
|
|
||||||
|
|
Loading…
Reference in New Issue