The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

PasteController.cs 8.2KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Linq;
  4. using System.Text;
  5. using Teknik.Areas.Paste.ViewModels;
  6. using Teknik.Areas.Users.Utility;
  7. using Teknik.Controllers;
  8. using Teknik.Filters;
  9. using Teknik.Utilities;
  10. using Teknik.Models;
  11. using Teknik.Attributes;
  12. using Teknik.Utilities.Cryptography;
  13. using Microsoft.Extensions.Logging;
  14. using Teknik.Configuration;
  15. using Teknik.Data;
  16. using Microsoft.AspNetCore.Authorization;
  17. using Microsoft.AspNetCore.Mvc;
  18. using Microsoft.EntityFrameworkCore;
  19. using Microsoft.AspNetCore.Http;
  20. using Teknik.Logging;
  21. namespace Teknik.Areas.Paste.Controllers
  22. {
  23. [TeknikAuthorize]
  24. [Area("Paste")]
  25. public class PasteController : DefaultController
  26. {
  27. public PasteController(ILogger<Logger> logger, Config config, TeknikEntities dbContext) : base(logger, config, dbContext) { }
  28. [AllowAnonymous]
  29. public IActionResult Index()
  30. {
  31. ViewBag.Title = "Paste - " + _config.Title;
  32. ViewBag.Description = "Paste your code or text easily and securely. Set an expiration, set a password, or leave it open for the world to see.";
  33. PasteCreateViewModel model = new PasteCreateViewModel();
  34. return View(model);
  35. }
  36. [AllowAnonymous]
  37. public IActionResult ViewPaste(string type, string url, string password)
  38. {
  39. Models.Paste paste = _dbContext.Pastes.Where(p => p.Url == url).FirstOrDefault();
  40. if (paste != null)
  41. {
  42. ViewBag.Title = ((string.IsNullOrEmpty(paste.Title)) ? string.Empty : paste.Title + " - ") + _config.Title + " Paste";
  43. ViewBag.Description = "Paste your code or text easily and securely. Set an expiration, set a password, or leave it open for the world to see.";
  44. // Increment Views
  45. paste.Views += 1;
  46. _dbContext.Entry(paste).State = EntityState.Modified;
  47. _dbContext.SaveChanges();
  48. // Check Expiration
  49. if (PasteHelper.CheckExpiration(paste))
  50. {
  51. _dbContext.Pastes.Remove(paste);
  52. _dbContext.SaveChanges();
  53. return new StatusCodeResult(StatusCodes.Status404NotFound);
  54. }
  55. PasteViewModel model = new PasteViewModel();
  56. model.Url = url;
  57. model.Content = paste.Content;
  58. model.Title = paste.Title;
  59. model.Syntax = paste.Syntax;
  60. model.DatePosted = paste.DatePosted;
  61. byte[] data = Encoding.UTF8.GetBytes(paste.Content);
  62. if (User.Identity.IsAuthenticated && type.ToLower() == "full")
  63. {
  64. Users.Models.User user = UserHelper.GetUser(_dbContext, User.Identity.Name);
  65. if (user != null)
  66. {
  67. model.Vaults = user.Vaults.ToList();
  68. }
  69. }
  70. // The paste has a password set
  71. if (!string.IsNullOrEmpty(paste.HashedPassword))
  72. {
  73. string hash = string.Empty;
  74. if (!string.IsNullOrEmpty(password))
  75. {
  76. byte[] passBytes = SHA384.Hash(paste.Key, password);
  77. hash = passBytes.ToHex();
  78. // We need to convert old pastes to the new password scheme
  79. if (paste.Transfers.ToList().Exists(t => t.Type == TransferTypes.ASCIIPassword))
  80. {
  81. hash = Encoding.ASCII.GetString(passBytes);
  82. // Remove the transfer types
  83. paste.Transfers.Clear();
  84. _dbContext.Entry(paste).State = EntityState.Modified;
  85. _dbContext.SaveChanges();
  86. }
  87. }
  88. if (string.IsNullOrEmpty(password) || hash != paste.HashedPassword)
  89. {
  90. PasswordViewModel passModel = new PasswordViewModel();
  91. passModel.Url = url;
  92. passModel.Type = type;
  93. // Redirect them to the password request page
  94. return View("~/Areas/Paste/Views/Paste/PasswordNeeded.cshtml", passModel);
  95. }
  96. data = Convert.FromBase64String(paste.Content);
  97. // Now we decrypt the content
  98. byte[] ivBytes = Encoding.Unicode.GetBytes(paste.IV);
  99. byte[] keyBytes = AesCounterManaged.CreateKey(password, ivBytes, paste.KeySize);
  100. data = AesCounterManaged.Decrypt(data, keyBytes, ivBytes);
  101. model.Content = Encoding.Unicode.GetString(data);
  102. }
  103. if (type.ToLower() == "full" || type.ToLower() == "simple")
  104. {
  105. // Transform content into HTML
  106. //if (!Highlighter.Lexers.ToList().Exists(l => l.Aliases.Contains(model.Syntax)))
  107. //{
  108. // model.Syntax = "text";
  109. //}
  110. //Highlighter highlighter = new Highlighter();
  111. // Add a space in front of the content due to bug with pygment (No idea why yet)
  112. model.Content = model.Content;//highlighter.HighlightToHtml(" " + model.Content, model.Syntax, _config.PasteConfig.SyntaxVisualStyle, generateInlineStyles: true, fragment: true);
  113. }
  114. switch (type.ToLower())
  115. {
  116. case "full":
  117. return View("~/Areas/Paste/Views/Paste/Full.cshtml", model);
  118. case "simple":
  119. return View("~/Areas/Paste/Views/Paste/Simple.cshtml", model);
  120. case "raw":
  121. return Content(model.Content, "text/plain");
  122. case "download":
  123. //Create File
  124. var cd = new System.Net.Mime.ContentDisposition
  125. {
  126. FileName = url,
  127. Inline = true
  128. };
  129. Response.Headers.Add("Content-Disposition", cd.ToString());
  130. return File(data, "application/octet-stream");
  131. default:
  132. return View("~/Areas/Paste/Views/Paste/Full.cshtml", model);
  133. }
  134. }
  135. return new StatusCodeResult(StatusCodes.Status404NotFound);
  136. }
  137. [HttpPost]
  138. [AllowAnonymous]
  139. public IActionResult Paste([Bind("Content, Title, Syntax, ExpireLength, ExpireUnit, Password, Hide")]PasteCreateViewModel model)
  140. {
  141. if (ModelState.IsValid)
  142. {
  143. if (_config.PasteConfig.Enabled)
  144. {
  145. try
  146. {
  147. Models.Paste paste = PasteHelper.CreatePaste(_config, _dbContext, model.Content, model.Title, model.Syntax, model.ExpireUnit, model.ExpireLength ?? 1, model.Password, model.Hide);
  148. if (model.ExpireUnit == "view")
  149. {
  150. paste.Views = -1;
  151. }
  152. if (User.Identity.IsAuthenticated)
  153. {
  154. Users.Models.User user = UserHelper.GetUser(_dbContext, User.Identity.Name);
  155. if (user != null)
  156. {
  157. paste.UserId = user.UserId;
  158. }
  159. }
  160. _dbContext.Pastes.Add(paste);
  161. _dbContext.SaveChanges();
  162. return Redirect(Url.SubRouteUrl("p", "Paste.View", new { type = "Full", url = paste.Url }));
  163. }
  164. catch (Exception ex)
  165. {
  166. return Redirect(Url.SubRouteUrl("error", "Error.500", new { exception = ex }));
  167. }
  168. }
  169. return new StatusCodeResult(StatusCodes.Status403Forbidden);
  170. }
  171. return View("~/Areas/Paste/Views/Paste/Index.cshtml", model);
  172. }
  173. }
  174. }