@codeblock Please make sure there is also a ticket filed for FAS integration, which is ultimately what we want (ideally, soon).

s/FAS/OpenID Connect/

This really needs to happen. We're starting to get frequent DMCA notices, and I've noticed that a large percentage of traffic through our server is posting links to pirated content.

Specifically, writing a paste needs to require FAS auth. (not FPCA, just an account).

I think @codeblock is working on getting this working.

@spot the problem with requiring auth for all pastes is that the fpaste CLI stops working then. What we had talked about in the past is short expiry for unauth'd pastes, and indefinite for auth'd pastes. Right now every paste should be set to expire after a week. For the time being, we can make that shorter if we need to.

I've started on a rewrite of the fpaste client (at least for Fedora; the libs I use aren't in EPEL) a while back, and can probably incorporate auth into it, but as of right now the CLI doesn't know anything about it.

As for auth in general, this is "kind of" working in stg, but @puiterwijk wanted to test more before we push it live. It also seems that @puiterwijk's patches removes the UI that shows API keys. If we re-enable that UI, users who wish to retain their pastes with the CLI can store that in a file or environment variable somewhere. So then by default the CLI will still work, but posts will expire after say a day or two (whatever we decide on, again right now it's a week), but people with FAS accounts can store their modernpaste API key, and the client will use it, and the pastes won't expire.

@codeblock - are you still working on fpaste rewrite?

We're going to be retiring the pastebin at some point in the near future (more details will be announced soon), so I'm closing this out.