File size: 1,737 Bytes
f716e02 d45df14 f716e02 d45df14 f716e02 d45df14 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
from fastapi import FastAPI, HTTPException
from fastapi.middleware.cors import CORSMiddleware
from fastapi.staticfiles import StaticFiles
from fastapi.responses import FileResponse
from pydantic import BaseModel
import subprocess
import shlex
app = FastAPI()
# Add CORS middleware
app.add_middleware(
CORSMiddleware,
allow_origins=["*"], # Allows all origins
allow_credentials=True,
allow_methods=["*"], # Allows all methods
allow_headers=["*"], # Allows all headers
)
# Mount the static files directory
app.mount("/static", StaticFiles(directory="static"), name="static")
ALLOWED_COMMANDS = {
'ls', 'cd', 'pwd', 'echo', 'cat', 'grep', 'find', 'touch', 'mkdir', 'rm', 'cp', 'mv'
}
class Command(BaseModel):
command: str
@app.post("/execute")
async def execute_command(command: Command):
try:
# Parse the command to get the base command
base_command = shlex.split(command.command)[0]
# Check if the base command is allowed
if base_command not in ALLOWED_COMMANDS:
raise HTTPException(status_code=403, detail=f"Command '{base_command}' is not allowed")
# Execute the command in a controlled environment
result = subprocess.run(command.command, shell=True, capture_output=True, text=True, timeout=5)
return {
"output": result.stdout,
"error": result.stderr,
"returncode": result.returncode
}
except subprocess.TimeoutExpired:
raise HTTPException(status_code=408, detail="Command execution timed out")
except Exception as e:
raise HTTPException(status_code=500, detail=str(e))
@app.get("/")
async def root():
return FileResponse('static/index.html') |