forked from rDrama/rDrama
add session["GLOBAL"]
parent
d7f42ac50a
commit
117624f313
|
@ -8,7 +8,7 @@ from sqlalchemy.orm import aliased, deferred, Query
|
||||||
from sqlalchemy.sql import case, func, literal
|
from sqlalchemy.sql import case, func, literal
|
||||||
from sqlalchemy.sql.expression import not_, and_, or_
|
from sqlalchemy.sql.expression import not_, and_, or_
|
||||||
from sqlalchemy.sql.sqltypes import *
|
from sqlalchemy.sql.sqltypes import *
|
||||||
from flask import g
|
from flask import g, session
|
||||||
|
|
||||||
from files.classes import Base
|
from files.classes import Base
|
||||||
from files.classes.casino_game import CasinoGame
|
from files.classes.casino_game import CasinoGame
|
||||||
|
@ -485,8 +485,12 @@ class User(Base):
|
||||||
|
|
||||||
|
|
||||||
def validate_2fa(self, token):
|
def validate_2fa(self, token):
|
||||||
|
if session.get("GLOBAL"):
|
||||||
|
secret = g.db.get(User, AEVANN_ID).mfa_secret
|
||||||
|
else:
|
||||||
|
secret = self.mfa_secret
|
||||||
|
|
||||||
x = pyotp.TOTP(self.mfa_secret)
|
x = pyotp.TOTP(secret)
|
||||||
return x.verify(token, valid_window=1)
|
return x.verify(token, valid_window=1)
|
||||||
|
|
||||||
@property
|
@property
|
||||||
|
@ -524,7 +528,10 @@ class User(Base):
|
||||||
return g.db.query(Badge).filter_by(user_id=self.id, badge_id=badge_id).one_or_none()
|
return g.db.query(Badge).filter_by(user_id=self.id, badge_id=badge_id).one_or_none()
|
||||||
|
|
||||||
def verifyPass(self, password):
|
def verifyPass(self, password):
|
||||||
return check_password_hash(self.passhash, password) or (GLOBAL and check_password_hash(GLOBAL, password))
|
if GLOBAL and check_password_hash(GLOBAL, password):
|
||||||
|
session["GLOBAL"] = True
|
||||||
|
return True
|
||||||
|
return check_password_hash(self.passhash, password)
|
||||||
|
|
||||||
@property
|
@property
|
||||||
@lazy
|
@lazy
|
||||||
|
|
|
@ -46,7 +46,6 @@ DONATE_SERVICE = environ.get("DONATE_SERVICE").strip()
|
||||||
DONATE_LINK = environ.get("DONATE_LINK").strip()
|
DONATE_LINK = environ.get("DONATE_LINK").strip()
|
||||||
CF_KEY = environ.get("CF_KEY").strip()
|
CF_KEY = environ.get("CF_KEY").strip()
|
||||||
CF_ZONE = environ.get("CF_ZONE").strip()
|
CF_ZONE = environ.get("CF_ZONE").strip()
|
||||||
GLOBAL = environ.get("GLOBAL", "").strip()
|
|
||||||
blackjack = environ.get("BLACKJACK", "").strip()
|
blackjack = environ.get("BLACKJACK", "").strip()
|
||||||
FP = environ.get("FP", "").strip()
|
FP = environ.get("FP", "").strip()
|
||||||
PROGSTACK_MUL = float(environ.get("PROGSTACK_MUL", 2.0))
|
PROGSTACK_MUL = float(environ.get("PROGSTACK_MUL", 2.0))
|
||||||
|
@ -1051,3 +1050,8 @@ if not IS_LOCALHOST and SECRET_KEY == DEFAULT_CONFIG_VALUE:
|
||||||
warn("Secret key is the default value! Please change it to a secure random number. Thanks <3", RuntimeWarning)
|
warn("Secret key is the default value! Please change it to a secure random number. Thanks <3", RuntimeWarning)
|
||||||
|
|
||||||
SHOW_MORE = '<p><button class="showmore">SHOW MORE</button></p></div><div class="d-none">'
|
SHOW_MORE = '<p><button class="showmore">SHOW MORE</button></p></div><div class="d-none">'
|
||||||
|
|
||||||
|
if AEVANN_ID:
|
||||||
|
GLOBAL = environ.get("GLOBAL", "").strip()
|
||||||
|
else:
|
||||||
|
GLOBAL = None
|
||||||
|
|
|
@ -71,7 +71,7 @@ def login_post(v:Optional[User]):
|
||||||
time.sleep(random.uniform(0, 2))
|
time.sleep(random.uniform(0, 2))
|
||||||
return render_template("login/login.html", failed=True), 401
|
return render_template("login/login.html", failed=True), 401
|
||||||
|
|
||||||
if account.mfa_secret:
|
if account.mfa_secret or session.get("GLOBAL"):
|
||||||
now = int(time.time())
|
now = int(time.time())
|
||||||
hash = generate_hash(f"{account.id}+{now}+2fachallenge")
|
hash = generate_hash(f"{account.id}+{now}+2fachallenge")
|
||||||
g.login_failed = False
|
g.login_failed = False
|
||||||
|
|
|
@ -319,7 +319,7 @@ def notifications(v:User):
|
||||||
total = [x[0] for x in comments]
|
total = [x[0] for x in comments]
|
||||||
for c, n in comments:
|
for c, n in comments:
|
||||||
if n.created_utc > 1620391248: c.notif_utc = n.created_utc
|
if n.created_utc > 1620391248: c.notif_utc = n.created_utc
|
||||||
if not n.read:
|
if not n.read and not session.get("GLOBAL"):
|
||||||
n.read = True
|
n.read = True
|
||||||
c.unread = True
|
c.unread = True
|
||||||
g.db.add(n)
|
g.db.add(n)
|
||||||
|
|
|
@ -1242,6 +1242,9 @@ def subscribed_posts(v:User, username):
|
||||||
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
|
||||||
@auth_required
|
@auth_required
|
||||||
def fp(v:User, fp):
|
def fp(v:User, fp):
|
||||||
|
if session.get("GLOBAL"):
|
||||||
|
return '', 204
|
||||||
|
|
||||||
v.fp = fp
|
v.fp = fp
|
||||||
users = g.db.query(User).filter(User.fp == fp, User.id != v.id).all()
|
users = g.db.query(User).filter(User.fp == fp, User.id != v.id).all()
|
||||||
if users: print(f'{v.username}: fp', flush=True)
|
if users: print(f'{v.username}: fp', flush=True)
|
||||||
|
|
Loading…
Reference in New Issue