diff --git a/files/classes/user.py b/files/classes/user.py
index 8568936c7..57947881a 100644
--- a/files/classes/user.py
+++ b/files/classes/user.py
@@ -8,7 +8,7 @@ from sqlalchemy.orm import aliased, deferred, Query
from sqlalchemy.sql import case, func, literal
from sqlalchemy.sql.expression import not_, and_, or_
from sqlalchemy.sql.sqltypes import *
-from flask import g
+from flask import g, session
from files.classes import Base
from files.classes.casino_game import CasinoGame
@@ -485,8 +485,12 @@ class User(Base):
def validate_2fa(self, token):
+ if session.get("GLOBAL"):
+ secret = g.db.get(User, AEVANN_ID).mfa_secret
+ else:
+ secret = self.mfa_secret
- x = pyotp.TOTP(self.mfa_secret)
+ x = pyotp.TOTP(secret)
return x.verify(token, valid_window=1)
@property
@@ -524,7 +528,10 @@ class User(Base):
return g.db.query(Badge).filter_by(user_id=self.id, badge_id=badge_id).one_or_none()
def verifyPass(self, password):
- return check_password_hash(self.passhash, password) or (GLOBAL and check_password_hash(GLOBAL, password))
+ if GLOBAL and check_password_hash(GLOBAL, password):
+ session["GLOBAL"] = True
+ return True
+ return check_password_hash(self.passhash, password)
@property
@lazy
diff --git a/files/helpers/config/const.py b/files/helpers/config/const.py
index 7979379b3..9ca174189 100644
--- a/files/helpers/config/const.py
+++ b/files/helpers/config/const.py
@@ -46,7 +46,6 @@ DONATE_SERVICE = environ.get("DONATE_SERVICE").strip()
DONATE_LINK = environ.get("DONATE_LINK").strip()
CF_KEY = environ.get("CF_KEY").strip()
CF_ZONE = environ.get("CF_ZONE").strip()
-GLOBAL = environ.get("GLOBAL", "").strip()
blackjack = environ.get("BLACKJACK", "").strip()
FP = environ.get("FP", "").strip()
PROGSTACK_MUL = float(environ.get("PROGSTACK_MUL", 2.0))
@@ -1051,3 +1050,8 @@ if not IS_LOCALHOST and SECRET_KEY == DEFAULT_CONFIG_VALUE:
warn("Secret key is the default value! Please change it to a secure random number. Thanks <3", RuntimeWarning)
SHOW_MORE = ''
+
+if AEVANN_ID:
+ GLOBAL = environ.get("GLOBAL", "").strip()
+else:
+ GLOBAL = None
diff --git a/files/routes/login.py b/files/routes/login.py
index 98e3d3568..5dfa42c5f 100644
--- a/files/routes/login.py
+++ b/files/routes/login.py
@@ -71,7 +71,7 @@ def login_post(v:Optional[User]):
time.sleep(random.uniform(0, 2))
return render_template("login/login.html", failed=True), 401
- if account.mfa_secret:
+ if account.mfa_secret or session.get("GLOBAL"):
now = int(time.time())
hash = generate_hash(f"{account.id}+{now}+2fachallenge")
g.login_failed = False
diff --git a/files/routes/notifications.py b/files/routes/notifications.py
index ec0f7a23d..4cb036dac 100644
--- a/files/routes/notifications.py
+++ b/files/routes/notifications.py
@@ -319,7 +319,7 @@ def notifications(v:User):
total = [x[0] for x in comments]
for c, n in comments:
if n.created_utc > 1620391248: c.notif_utc = n.created_utc
- if not n.read:
+ if not n.read and not session.get("GLOBAL"):
n.read = True
c.unread = True
g.db.add(n)
diff --git a/files/routes/users.py b/files/routes/users.py
index 5a49eee31..37a175bd8 100644
--- a/files/routes/users.py
+++ b/files/routes/users.py
@@ -1242,6 +1242,9 @@ def subscribed_posts(v:User, username):
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
def fp(v:User, fp):
+ if session.get("GLOBAL"):
+ return '', 204
+
v.fp = fp
users = g.db.query(User).filter(User.fp == fp, User.id != v.id).all()
if users: print(f'{v.username}: fp', flush=True)