MarseyWorld/files/__main__.py

import gevent.monkey
gevent.monkey.patch_all()
from os import environ
import secrets
from flask import *
from flask_caching import Cache
from flask_limiter import Limiter
from flask_compress import Compress
from flask_limiter.util import get_ipaddr
from flaskext.markdown import Markdown
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.orm import sessionmaker, scoped_session
from sqlalchemy import *
import gevent
from werkzeug.middleware.proxy_fix import ProxyFix
import redis

app = Flask(__name__, template_folder='./templates')
app.wsgi_app = ProxyFix(app.wsgi_app, x_for=3)
app.url_map.strict_slashes = False
app.jinja_env.cache = {}
import faulthandler
faulthandler.enable()

app.config["SITE_NAME"]=environ.get("SITE_NAME").strip()
app.config["COINS_NAME"]=environ.get("COINS_NAME").strip()
app.config["GUMROAD_LINK"]=environ.get("GUMROAD_LINK", "https://marsey1.gumroad.com/l/tfcvri").strip()
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['DATABASE_URL'] = environ.get("DATABASE_URL")
app.config['SECRET_KEY'] = environ.get('MASTER_KEY')
app.config["SERVER_NAME"] = environ.get("DOMAIN").strip()
app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 86400
app.config["SESSION_COOKIE_NAME"] = "session_" + environ.get("SITE_NAME").strip().lower()
app.config["VERSION"] = "1.0.0"
app.config['MAX_CONTENT_LENGTH'] = 64 * 1024 * 1024
app.config["SESSION_COOKIE_SECURE"] = bool(int(environ.get("FORCE_HTTPS", 1)))
app.config["SESSION_COOKIE_SAMESITE"] = "Lax"
app.config["PERMANENT_SESSION_LIFETIME"] = 60 * 60 * 24 * 365
app.config["SESSION_REFRESH_EACH_REQUEST"] = True
app.config["SLOGAN"] = environ.get("SLOGAN", "").strip()
app.config["DEFAULT_COLOR"] = environ.get("DEFAULT_COLOR", "ff0000").strip()
app.config["DEFAULT_THEME"] = environ.get("DEFAULT_THEME", "light").strip() + "_" + environ.get("DEFAULT_COLOR", "ff0000").strip()
app.config["FORCE_HTTPS"] = int(environ.get("FORCE_HTTPS", 1)) if ("localhost" not in app.config["SERVER_NAME"] and "127.0.0.1" not in app.config["SERVER_NAME"]) else 0
app.config["UserAgent"] = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36"
app.config["HCAPTCHA_SITEKEY"] = environ.get("HCAPTCHA_SITEKEY","").strip()
app.config["HCAPTCHA_SECRET"] = environ.get("HCAPTCHA_SECRET","").strip()
app.config["SPAM_SIMILARITY_THRESHOLD"] = float(environ.get("SPAM_SIMILARITY_THRESHOLD", 0.5))
app.config["SPAM_SIMILAR_COUNT_THRESHOLD"] = int(environ.get("SPAM_SIMILAR_COUNT_THRESHOLD", 5))
app.config["SPAM_URL_SIMILARITY_THRESHOLD"] = float(environ.get("SPAM_URL_SIMILARITY_THRESHOLD", 0.5))
app.config["COMMENT_SPAM_SIMILAR_THRESHOLD"] = float(environ.get("COMMENT_SPAM_SIMILAR_THRESHOLD", 0.5))
app.config["COMMENT_SPAM_COUNT_THRESHOLD"] = int(environ.get("COMMENT_SPAM_COUNT_THRESHOLD", 0.5))
app.config["VIDEO_COIN_REQUIREMENT"] = int(environ.get("VIDEO_COIN_REQUIREMENT", 0))
app.config["READ_ONLY"]=bool(int(environ.get("READ_ONLY", "0")))
app.config["BOT_DISABLE"]=bool(int(environ.get("BOT_DISABLE", False)))
app.config["RATELIMIT_KEY_PREFIX"] = "flask_limiting_"
app.config["RATELIMIT_ENABLED"] = True
app.config["RATELIMIT_DEFAULTS_DEDUCT_WHEN"]=lambda:True
app.config["RATELIMIT_DEFAULTS_EXEMPT_WHEN"]=lambda:False
app.config["RATELIMIT_HEADERS_ENABLED"]=True
app.config["CACHE_TYPE"] = "filesystem"
app.config["CACHE_DIR"] = "cache"
app.config["RATELIMIT_STORAGE_URL"] = environ.get("REDIS_URL", "redis://127.0.0.1")

r=redis.Redis(host=environ.get("REDIS_URL", "redis://127.0.0.1"),  decode_responses=True, ssl_cert_reqs=None)

cache = Cache(app)
Markdown(app)
Compress(app)

limiter = Limiter(
	app,
	key_func=get_ipaddr,
	default_limits=["100/minute"],
	headers_enabled=True,
	strategy="fixed-window"
)

Base = declarative_base()

engine = create_engine(app.config['DATABASE_URL'])

db_session = scoped_session(sessionmaker(bind=engine, autoflush=False))


@app.before_request
def before_request():

	if request.method.lower() != "get" and app.config["READ_ONLY"]: return {"error":f"{app.config['SITE_NAME']} is currently in read-only mode."}, 500

	if app.config["BOT_DISABLE"] and request.headers.get("X-User-Type")=="Bot": abort(503)

	g.db = db_session()

	g.timestamp = int(time.time())

	#do not access session for static files
	if not request.path.startswith("/assets"):
		session.permanent = True
		if not session.get("session_id"): session["session_id"] = secrets.token_hex(16)

	if app.config["FORCE_HTTPS"] and request.url.startswith("http://") and "localhost" not in app.config["SERVER_NAME"]:
		url = request.url.replace("http://", "https://", 1)
		return redirect(url, code=301)

	ua=request.headers.get("User-Agent","")
	if "CriOS/" in ua: g.system="ios/chrome"
	elif "Version/" in ua: g.system="android/webview"
	elif "Mobile Safari/" in ua: g.system="android/chrome"
	elif "Safari/" in ua: g.system="ios/safari"
	elif "Mobile/" in ua: g.system="ios/webview"
	else: g.system="other/other"

@app.teardown_appcontext
def teardown_request(error):
	if hasattr(g, 'db') and g.db:
		g.db.close()

@app.after_request
def after_request(response):

	response.headers.add("Strict-Transport-Security", "max-age=31536000")
	response.headers.add("Referrer-Policy", "same-origin")
	response.headers.add("Feature-Policy", "geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';")
	response.headers.add("X-Frame-Options", "deny")
	return response


from files.routes import *
sneed 2021-07-21 01:12:26 +00:00			`import gevent.monkey`
			`gevent.monkey.patch_all()`
fg 2021-08-19 15:56:18 +00:00			`from os import environ`
sneed 2021-07-21 01:12:26 +00:00			`import secrets`
			`from flask import *`
dfsf 2021-09-20 14:29:13 +00:00			`from flask_caching import Cache`
fd 2021-08-19 15:51:17 +00:00			`from flask_limiter import Limiter`
sneed 2021-07-21 01:12:26 +00:00			`from flask_compress import Compress`
fd 2021-08-19 15:51:17 +00:00			`from flask_limiter.util import get_ipaddr`
sneed 2021-07-21 01:12:26 +00:00			`from flaskext.markdown import Markdown`
fd 2021-09-14 13:53:01 +00:00			`from sqlalchemy.ext.declarative import declarative_base`
fsdfs 2021-09-20 19:43:50 +00:00			`from sqlalchemy.orm import sessionmaker, scoped_session`
sneed 2021-07-21 01:12:26 +00:00			`from sqlalchemy import *`
			`import gevent`
			`from werkzeug.middleware.proxy_fix import ProxyFix`
fdsfs 2021-09-20 14:27:38 +00:00			`import redis`
sneed 2021-07-21 01:12:26 +00:00
fd 2021-09-17 11:14:45 +00:00			`app = Flask(__name__, template_folder='./templates')`
sneed 2021-07-21 01:12:26 +00:00			`app.wsgi_app = ProxyFix(app.wsgi_app, x_for=3)`
			`app.url_map.strict_slashes = False`
fd 2021-09-14 13:50:04 +00:00			`app.jinja_env.cache = {}`
fdsfs 2021-09-21 19:06:02 +00:00			`import faulthandler`
			`faulthandler.enable()`
sneed 2021-07-21 01:12:26 +00:00
fdfd 2021-08-04 16:00:57 +00:00			`app.config["SITE_NAME"]=environ.get("SITE_NAME").strip()`
fdfd 2021-08-05 14:43:54 +00:00			`app.config["COINS_NAME"]=environ.get("COINS_NAME").strip()`
fgfg 2021-08-26 11:03:07 +00:00			`app.config["GUMROAD_LINK"]=environ.get("GUMROAD_LINK", "https://marsey1.gumroad.com/l/tfcvri").strip()`
sneed 2021-07-21 01:12:26 +00:00			`app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False`
fd 2021-09-15 17:07:03 +00:00			`app.config['DATABASE_URL'] = environ.get("DATABASE_URL")`
sneed 2021-07-21 01:12:26 +00:00			`app.config['SECRET_KEY'] = environ.get('MASTER_KEY')`
fggfgf 2021-08-05 14:41:32 +00:00			`app.config["SERVER_NAME"] = environ.get("DOMAIN").strip()`
dffd 2021-08-26 11:16:02 +00:00			`app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 86400`
fdfd 2021-08-04 16:00:57 +00:00			`app.config["SESSION_COOKIE_NAME"] = "session_" + environ.get("SITE_NAME").strip().lower()`
df 2021-07-25 21:59:20 +00:00			`app.config["VERSION"] = "1.0.0"`
sneed 2021-07-21 01:12:26 +00:00			`app.config['MAX_CONTENT_LENGTH'] = 64 * 1024 * 1024`
			`app.config["SESSION_COOKIE_SECURE"] = bool(int(environ.get("FORCE_HTTPS", 1)))`
			`app.config["SESSION_COOKIE_SAMESITE"] = "Lax"`
			`app.config["PERMANENT_SESSION_LIFETIME"] = 60 * 60 * 24 * 365`
			`app.config["SESSION_REFRESH_EACH_REQUEST"] = True`
Revert "try this" This reverts commit 6bbc0867 2021-08-23 12:16:26 +00:00			`app.config["SLOGAN"] = environ.get("SLOGAN", "").strip()`
			`app.config["DEFAULT_COLOR"] = environ.get("DEFAULT_COLOR", "ff0000").strip()`
			`app.config["DEFAULT_THEME"] = environ.get("DEFAULT_THEME", "light").strip() + "_" + environ.get("DEFAULT_COLOR", "ff0000").strip()`
sneed 2021-07-21 01:12:26 +00:00			`app.config["FORCE_HTTPS"] = int(environ.get("FORCE_HTTPS", 1)) if ("localhost" not in app.config["SERVER_NAME"] and "127.0.0.1" not in app.config["SERVER_NAME"]) else 0`
df 2021-07-25 21:59:20 +00:00			`app.config["UserAgent"] = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36"`
sneed 2021-07-21 01:12:26 +00:00			`app.config["HCAPTCHA_SITEKEY"] = environ.get("HCAPTCHA_SITEKEY","").strip()`
fdfd 2021-08-04 16:00:57 +00:00			`app.config["HCAPTCHA_SECRET"] = environ.get("HCAPTCHA_SECRET","").strip()`
sex 2021-08-11 15:15:51 +00:00			`app.config["SPAM_SIMILARITY_THRESHOLD"] = float(environ.get("SPAM_SIMILARITY_THRESHOLD", 0.5))`
			`app.config["SPAM_SIMILAR_COUNT_THRESHOLD"] = int(environ.get("SPAM_SIMILAR_COUNT_THRESHOLD", 5))`
			`app.config["SPAM_URL_SIMILARITY_THRESHOLD"] = float(environ.get("SPAM_URL_SIMILARITY_THRESHOLD", 0.5))`
			`app.config["COMMENT_SPAM_SIMILAR_THRESHOLD"] = float(environ.get("COMMENT_SPAM_SIMILAR_THRESHOLD", 0.5))`
			`app.config["COMMENT_SPAM_COUNT_THRESHOLD"] = int(environ.get("COMMENT_SPAM_COUNT_THRESHOLD", 0.5))`
jdiuehfur 2021-09-05 16:50:17 +00:00			`app.config["VIDEO_COIN_REQUIREMENT"] = int(environ.get("VIDEO_COIN_REQUIREMENT", 0))`
sex 2021-08-11 15:15:51 +00:00			`app.config["READ_ONLY"]=bool(int(environ.get("READ_ONLY", "0")))`
sneed 2021-07-21 01:12:26 +00:00			`app.config["BOT_DISABLE"]=bool(int(environ.get("BOT_DISABLE", False)))`
			`app.config["RATELIMIT_KEY_PREFIX"] = "flask_limiting_"`
			`app.config["RATELIMIT_ENABLED"] = True`
			`app.config["RATELIMIT_DEFAULTS_DEDUCT_WHEN"]=lambda:True`
			`app.config["RATELIMIT_DEFAULTS_EXEMPT_WHEN"]=lambda:False`
			`app.config["RATELIMIT_HEADERS_ENABLED"]=True`
fdsfs 2021-09-20 14:27:38 +00:00			`app.config["CACHE_TYPE"] = "filesystem"`
fdsfs 2021-09-20 14:29:46 +00:00			`app.config["CACHE_DIR"] = "cache"`
add dramacoin tax 2021-09-21 18:06:41 +00:00			`app.config["RATELIMIT_STORAGE_URL"] = environ.get("REDIS_URL", "redis://127.0.0.1")`
sneed 2021-07-21 01:12:26 +00:00
add dramacoin tax 2021-09-21 18:06:41 +00:00			`r=redis.Redis(host=environ.get("REDIS_URL", "redis://127.0.0.1"), decode_responses=True, ssl_cert_reqs=None)`
fd 2021-09-14 13:50:04 +00:00
dfsf 2021-09-20 14:29:13 +00:00			`cache = Cache(app)`
fdsfs 2021-09-20 14:29:46 +00:00			`Markdown(app)`
fd 2021-09-14 13:50:04 +00:00			`Compress(app)`
sneed 2021-07-26 14:44:52 +00:00
fd 2021-08-19 15:51:17 +00:00			`limiter = Limiter(`
sneed 2021-07-21 01:12:26 +00:00			`app,`
fd 2021-08-19 15:51:17 +00:00			`key_func=get_ipaddr,`
df 2021-09-04 01:28:50 +00:00			`default_limits=["100/minute"],`
sneed 2021-07-21 01:12:26 +00:00			`headers_enabled=True,`
			`strategy="fixed-window"`
			`)`

fd 2021-09-14 13:53:01 +00:00			`Base = declarative_base()`

fsfs 2021-09-20 19:46:09 +00:00			`engine = create_engine(app.config['DATABASE_URL'])`

fdsfs 2021-09-21 21:27:32 +00:00			`db_session = scoped_session(sessionmaker(bind=engine, autoflush=False))`
sneed 2021-07-21 01:12:26 +00:00
fd 2021-09-16 13:18:09 +00:00
sneed 2021-07-21 01:12:26 +00:00			`@app.before_request`
			`def before_request():`

fd 2021-09-16 13:18:09 +00:00			`if request.method.lower() != "get" and app.config["READ_ONLY"]: return {"error":f"{app.config['SITE_NAME']} is currently in read-only mode."}, 500`
sneed 2021-07-21 01:12:26 +00:00
fd 2021-09-16 13:18:09 +00:00			`if app.config["BOT_DISABLE"] and request.headers.get("X-User-Type")=="Bot": abort(503)`
sneed 2021-07-21 01:12:26 +00:00
fd 2021-09-15 16:59:51 +00:00			`g.db = db_session()`
sneed 2021-07-21 01:12:26 +00:00
			`g.timestamp = int(time.time())`

improve(?) caching - vary header should not contain "cookie" for assets 2021-08-13 09:13:18 +00:00			`#do not access session for static files`
re-add security-related headers from ruqqus 2021-08-13 20:58:07 +00:00			`if not request.path.startswith("/assets"):`
			`session.permanent = True`
fd 2021-09-16 13:18:09 +00:00			`if not session.get("session_id"): session["session_id"] = secrets.token_hex(16)`
improve(?) caching - vary header should not contain "cookie" for assets 2021-08-13 09:13:18 +00:00
fd 2021-09-16 13:18:09 +00:00			`if app.config["FORCE_HTTPS"] and request.url.startswith("http://") and "localhost" not in app.config["SERVER_NAME"]:`
sneed 2021-07-21 01:12:26 +00:00			`url = request.url.replace("http://", "https://", 1)`
			`return redirect(url, code=301)`

			`ua=request.headers.get("User-Agent","")`
fd 2021-09-16 13:18:09 +00:00			`if "CriOS/" in ua: g.system="ios/chrome"`
			`elif "Version/" in ua: g.system="android/webview"`
			`elif "Mobile Safari/" in ua: g.system="android/chrome"`
			`elif "Safari/" in ua: g.system="ios/safari"`
			`elif "Mobile/" in ua: g.system="ios/webview"`
			`else: g.system="other/other"`
sneed 2021-07-21 01:12:26 +00:00
fd 2021-09-16 08:10:57 +00:00			`@app.teardown_appcontext`
fd 2021-09-16 08:22:21 +00:00			`def teardown_request(error):`
fd 2021-09-15 05:51:05 +00:00			`if hasattr(g, 'db') and g.db:`
fd 2021-09-13 11:18:19 +00:00			`g.db.close()`
fd 2021-09-16 08:10:57 +00:00
			`@app.after_request`
			`def after_request(response):`
sneed 2021-07-21 01:12:26 +00:00
re-add security-related headers from ruqqus 2021-08-13 20:58:07 +00:00			`response.headers.add("Strict-Transport-Security", "max-age=31536000")`
			`response.headers.add("Referrer-Policy", "same-origin")`
			`response.headers.add("Feature-Policy", "geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';")`
Merge branch 'master' into headers 2021-08-13 21:25:16 +00:00			`response.headers.add("X-Frame-Options", "deny")`
fd 2021-09-14 13:53:01 +00:00			`return response`

fd 2021-09-16 13:18:09 +00:00
fd 2021-09-14 13:53:01 +00:00			`from files.routes import *`