Files Endpoints¶
CTFd Version: 3.7.0
Last Updated: 30/3/2024
Models¶
Endpoints¶
File
Model¶
Represents a file in the CTFd database.
{
"id": 1,
"type": "string",
"location": "string",
"sha1sum": "string",
}
Name | Type | Description |
---|---|---|
id |
int |
The ID of the file |
type |
string |
The type of the file. Possible values are "standard" , "challenge" and "page" |
location |
string |
The location of the file |
sha1sum |
string |
The SHA1 checksum of the file |
ChallengeFile
Model¶
Represents a file associated with a challenge in the CTFd database.
{
"id": 1,
"type": "challenge",
"location": "string",
"sha1sum": "string",
"challenge_id": 1
}
Name | Type | Description |
---|---|---|
id |
int |
The ID of the file |
type |
string |
The type of the file. Has to be set to "challenge" |
location |
string |
The location of the file |
sha1sum |
string |
The SHA1 checksum of the file |
challenge_id |
int |
The ID of the challenge that the file is associated with |
PageFile
Model¶
Represents a file associated with a page in the CTFd database.
{
"id": 1,
"type": "page",
"location": "string",
"sha1sum": "string",
"page_id": 1
}
Name | Type | Description |
---|---|---|
id |
int |
The ID of the file |
type |
string |
The type of the file. Has to be set to "page" |
location |
string |
The location of the file |
sha1sum |
string |
The SHA1 checksum of the file |
page_id |
int |
The ID of the page that the file is associated with |
GET /files
¶
Note
This endpoint is only accessible to admins.
Endpoint to get all files in bulk. Can be filtered by type
and location
.
Query Parameters¶
Name | Type | Description |
---|---|---|
type |
string |
The type of the file to filter by. Possible values are "standard" , "challenge" and "page" |
location |
string |
The location of the file to filter by |
q |
string |
A search query to match against the given field . If this is specified, field must also be specified |
field |
string |
The field to search against, can be either type or location . If this is specified, q must also be specified. |
Response¶
-
200 OK
- The files were retrieved successfullylist[
File
|
ChallengeFile
|
PageFile
]
{ "success": true, "data": [ { "id": 1, "type": "string", "location": "string", "sha1sum": "string", }, { "id": 1, "type": "challenge", "location": "string", "sha1sum": "string", "challenge_id": 1 }, { "id": 1, "type": "page", "location": "string", "sha1sum": "string", "page_id": 1 } ] }
-
400 Bad Request
- An error occurred processing the provided or stored dataapplication/json
{ "success": false, "errors": [ "string" ] }
-
403 Forbidden
- You are not allowed to access this endpointapplication/json
{ "message": "string" }
POST /files
¶
Note
This endpoint is only accessible to admins.
Endpoint to create a new file.
Multipart Form Parameters¶
Fun Fact
This is the only endpoint that accepts multipart form data when using an API key for authentication. In fact, there is logic in the source code written specifically for this endpoint.
CTFd/utils/initialization/__init__.py | |
---|---|
283 284 285 286 287 288 289 290 291 292 293 294 295 |
|
Warning
If the location
field is set to a path where a file already exists, the existing file will be overwritten.
Field Name | Description |
---|---|
file |
The file(s) to upload. This can be specified multiple times to upload multiple files. |
challenge_id (Optional) |
The ID of the challenge to associate the file(s) with. This is required if the file is a challenge file. If both challenge_id and challenge is specified, challenge_id will be used. |
challenge (Optional) |
The ID of the challenge to associate the file(s) with. This is required if the file is a challenge file. If both challenge_id and challenge is specified, challenge_id will be used. |
page_id (Optional) |
The ID of the page(s) to associate the file with. This is required if the file is a page file. If both page_id and page is specified, page_id will be used. |
page (Optional) |
The ID of the page to associate the file(s) with. This is required if the file is a page file. If both page_id and page is specified, page_id will be used. |
type (Optional) |
The type of the file(s). Possible values are "standard" , "challenge" and "page" . Defaults to "standard" |
location |
The location of the file. If multiple files are specified, this field cannot be set. |
Response¶
-
200 OK
- The file was created successfullylist[
File
|
ChallengeFile
|
PageFile
]
{ "success": true, "data": [ { "id": 1, "type": "string", "location": "string", "sha1sum": "string", }, { "id": 1, "type": "challenge", "location": "string", "sha1sum": "string", "challenge_id": 1 }, { "id": 1, "type": "page", "location": "string", "sha1sum": "string", "page_id": 1 } ] }
-
400 Bad Request
- An error occurred processing the provided or stored dataapplication/json
{ "success": false, "errors": [ "string" ] }
-
403 Forbidden
- You are not allowed to access this endpointapplication/json
{ "message": "string" }
GET /files/{file_id}
¶
Note
This endpoint is only accessible to admins.
Endpoint to get a specific file.
Response¶
-
200 OK
- The file was retrieved successfullyFile
|ChallengeFile
|PageFile
{ "success": true, "data": { "id": 1, "type": "string", "location": "string", "sha1sum": "string", } }
{ "success": true, "data": { "id": 1, "type": "challenge", "location": "string", "sha1sum": "string", "challenge_id": 1 } }
{ "success": true, "data": { "id": 1, "type": "page", "location": "string", "sha1sum": "string", "page_id": 1 } }
-
400 Bad Request
- An error occurred processing the provided or stored dataapplication/json
{ "success": false, "errors": [ "string" ] }
-
403 Forbidden
- You are not allowed to access this endpointapplication/json
{ "message": "string" }
-
404 Not Found
- The file does not existapplication/json
{ "message": "string" }
DELETE /files/{file_id}
¶
Note
This endpoint is only accessible to admins.
Endpoint to delete a specific file.
Response¶
-
200 OK
- The file was deleted successfullyapplication/json
{ "success": true }
-
400 Bad Request
- An error occurred processing the provided or stored dataapplication/json
{ "success": false, "errors": [ "string" ] }
-
403 Forbidden
- You are not allowed to access this endpointapplication/json
{ "message": "string" }
-
404 Not Found
- The file does not existapplication/json
{ "message": "string" }