2022-05-04 23:09:46 +00:00
|
|
|
import gevent.monkey
|
|
|
|
gevent.monkey.patch_all()
|
|
|
|
from os import environ, path
|
|
|
|
import secrets
|
|
|
|
from flask import *
|
|
|
|
from flask_caching import Cache
|
|
|
|
from flask_limiter import Limiter
|
|
|
|
from flask_compress import Compress
|
|
|
|
from sqlalchemy.ext.declarative import declarative_base
|
|
|
|
from sqlalchemy.orm import sessionmaker, scoped_session
|
|
|
|
from sqlalchemy import *
|
|
|
|
import gevent
|
|
|
|
import redis
|
|
|
|
import time
|
|
|
|
from sys import stdout, argv
|
|
|
|
import faulthandler
|
|
|
|
import json
|
2022-08-05 17:22:17 +00:00
|
|
|
import random
|
2022-05-04 23:09:46 +00:00
|
|
|
|
|
|
|
app = Flask(__name__, template_folder='templates')
|
|
|
|
app.url_map.strict_slashes = False
|
|
|
|
app.jinja_env.cache = {}
|
|
|
|
app.jinja_env.auto_reload = True
|
2022-07-09 10:38:45 +00:00
|
|
|
app.jinja_env.add_extension('jinja2.ext.do')
|
2022-05-04 23:09:46 +00:00
|
|
|
faulthandler.enable()
|
|
|
|
|
2022-10-21 11:15:26 +00:00
|
|
|
SITE = environ.get("SITE").strip()
|
2022-10-21 23:12:36 +00:00
|
|
|
SITE_HOSTS = environ.get("SITE_HOSTS").split(',')
|
|
|
|
|
|
|
|
app.config['SECRET_KEY'] = environ.get('SECRET_KEY').strip()
|
2022-05-04 23:09:46 +00:00
|
|
|
app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 3153600
|
|
|
|
app.config["SESSION_COOKIE_NAME"] = "session_" + environ.get("SITE_NAME").strip().lower()
|
2022-05-07 06:04:14 +00:00
|
|
|
app.config['MAX_CONTENT_LENGTH'] = 100 * 1024 * 1024
|
2022-05-04 23:09:46 +00:00
|
|
|
app.config["SESSION_COOKIE_SECURE"] = True
|
|
|
|
app.config["SESSION_COOKIE_SAMESITE"] = "Lax"
|
2022-05-27 21:28:10 +00:00
|
|
|
app.config["PERMANENT_SESSION_LIFETIME"] = 60 * 60 * 24 * 365
|
2022-05-19 17:58:18 +00:00
|
|
|
app.config['SESSION_REFRESH_EACH_REQUEST'] = False
|
2022-06-24 15:08:57 +00:00
|
|
|
|
|
|
|
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
|
2022-10-10 09:06:27 +00:00
|
|
|
app.config['SQLALCHEMY_DATABASE_URL'] = environ.get("DATABASE_URL").strip()
|
2022-06-24 15:08:57 +00:00
|
|
|
|
2022-05-04 23:09:46 +00:00
|
|
|
app.config["CACHE_TYPE"] = "RedisCache"
|
2022-10-10 09:06:27 +00:00
|
|
|
app.config["CACHE_REDIS_URL"] = environ.get("REDIS_URL").strip()
|
2022-06-24 15:08:57 +00:00
|
|
|
|
2022-06-10 21:52:32 +00:00
|
|
|
app.config['SETTINGS'] = {}
|
2022-05-04 23:09:46 +00:00
|
|
|
|
2022-10-10 09:06:27 +00:00
|
|
|
r=redis.Redis(host=environ.get("REDIS_URL").strip(), decode_responses=True, ssl_cert_reqs=None)
|
2022-05-04 23:09:46 +00:00
|
|
|
|
|
|
|
def get_CF():
|
|
|
|
with app.app_context():
|
|
|
|
return request.headers.get('CF-Connecting-IP')
|
|
|
|
|
|
|
|
limiter = Limiter(
|
|
|
|
app,
|
|
|
|
key_func=get_CF,
|
|
|
|
default_limits=["3/second;30/minute;200/hour;1000/day"],
|
|
|
|
application_limits=["10/second;200/minute;5000/hour;10000/day"],
|
|
|
|
storage_uri=environ.get("REDIS_URL", "redis://localhost")
|
|
|
|
)
|
|
|
|
|
|
|
|
Base = declarative_base()
|
|
|
|
|
2022-06-24 15:08:57 +00:00
|
|
|
engine = create_engine(app.config['SQLALCHEMY_DATABASE_URL'])
|
2022-05-04 23:09:46 +00:00
|
|
|
|
2022-08-25 15:04:33 +00:00
|
|
|
db_session = scoped_session(sessionmaker(bind=engine, autoflush=False))
|
2022-05-04 23:09:46 +00:00
|
|
|
|
|
|
|
cache = Cache(app)
|
|
|
|
Compress(app)
|
|
|
|
|
2022-07-29 22:14:25 +00:00
|
|
|
if not path.isfile(f'/site_settings.json'):
|
|
|
|
with open('/site_settings.json', 'w', encoding='utf_8') as f:
|
2022-08-05 20:40:48 +00:00
|
|
|
f.write(
|
|
|
|
'{"Bots": true, "Fart mode": false, "Read-only mode": false, ' + \
|
|
|
|
'"Signups": true, "login_required": false}')
|
2022-07-29 22:14:25 +00:00
|
|
|
|
2022-05-04 23:09:46 +00:00
|
|
|
@app.before_request
|
|
|
|
def before_request():
|
2022-10-22 15:26:39 +00:00
|
|
|
if SITE != 'localhost':
|
|
|
|
app.config['SESSION_COOKIE_DOMAIN'] = f'.{request.host}'
|
2022-10-21 23:33:43 +00:00
|
|
|
if request.host == 'marsey.world' and request.path != '/kofi':
|
2022-10-21 14:32:23 +00:00
|
|
|
abort(404)
|
|
|
|
|
2022-05-26 20:53:24 +00:00
|
|
|
g.agent = request.headers.get("User-Agent")
|
2022-09-13 16:53:19 +00:00
|
|
|
if not g.agent and request.path != '/kofi':
|
|
|
|
return 'Please use a "User-Agent" header!', 403
|
2022-05-26 20:53:24 +00:00
|
|
|
|
2022-09-13 16:53:19 +00:00
|
|
|
ua = g.agent or ''
|
|
|
|
ua = ua.lower()
|
2022-05-26 20:49:36 +00:00
|
|
|
|
2022-07-29 22:14:25 +00:00
|
|
|
with open('/site_settings.json', 'r', encoding='utf_8') as f:
|
2022-06-10 21:52:32 +00:00
|
|
|
app.config['SETTINGS'] = json.load(f)
|
2022-10-21 15:11:12 +00:00
|
|
|
|
2022-10-21 23:12:36 +00:00
|
|
|
if request.host not in SITE_HOSTS:
|
2022-10-18 11:23:59 +00:00
|
|
|
return {"error": "Unauthorized host provided"}, 403
|
2022-10-21 15:11:12 +00:00
|
|
|
|
2022-10-12 16:01:43 +00:00
|
|
|
if request.headers.get("CF-Worker"): return {"error": "Cloudflare workers are not allowed to access this website."}, 403
|
2022-05-04 23:09:46 +00:00
|
|
|
|
2022-09-13 16:53:19 +00:00
|
|
|
if not app.config['SETTINGS']['Bots'] and request.headers.get("Authorization"): abort(403)
|
2022-05-04 23:09:46 +00:00
|
|
|
|
|
|
|
g.db = db_session()
|
2022-05-29 01:55:36 +00:00
|
|
|
g.webview = '; wv) ' in ua
|
2022-06-16 00:31:14 +00:00
|
|
|
g.inferior_browser = 'iphone' in ua or 'ipad' in ua or 'ipod' in ua or 'mac os' in ua or ' firefox/' in ua
|
2022-05-04 23:09:46 +00:00
|
|
|
|
2022-08-01 18:03:29 +00:00
|
|
|
request.path = request.path.rstrip('/')
|
2022-09-04 23:37:01 +00:00
|
|
|
if not request.path: request.path = '/'
|
2022-09-04 23:37:39 +00:00
|
|
|
request.full_path = request.full_path.rstrip('?').rstrip('/')
|
|
|
|
if not request.full_path: request.full_path = '/'
|
2022-07-08 18:06:54 +00:00
|
|
|
|
2022-10-19 22:28:07 +00:00
|
|
|
if not session.get("session_id"):
|
|
|
|
session.permanent = True
|
|
|
|
session["session_id"] = secrets.token_hex(49)
|
|
|
|
|
2022-05-04 23:09:46 +00:00
|
|
|
@app.after_request
|
|
|
|
def after_request(response):
|
|
|
|
response.headers.add("Strict-Transport-Security", "max-age=31536000")
|
|
|
|
response.headers.add("X-Frame-Options", "deny")
|
2022-06-27 05:24:11 +00:00
|
|
|
if response.status_code < 400:
|
|
|
|
g.db.commit()
|
|
|
|
g.db.close()
|
|
|
|
del g.db
|
2022-05-04 23:09:46 +00:00
|
|
|
return response
|
|
|
|
|
2022-06-26 06:33:08 +00:00
|
|
|
@app.teardown_appcontext
|
|
|
|
def teardown_request(error):
|
|
|
|
if hasattr(g, 'db') and g.db:
|
2022-06-27 05:24:11 +00:00
|
|
|
g.db.rollback()
|
2022-06-26 06:33:08 +00:00
|
|
|
g.db.close()
|
2022-06-27 05:24:11 +00:00
|
|
|
del g.db
|
2022-06-26 06:33:08 +00:00
|
|
|
stdout.flush()
|
|
|
|
|
2022-10-04 19:48:52 +00:00
|
|
|
if "load_chat" in argv:
|
2022-05-04 23:09:46 +00:00
|
|
|
from files.routes.chat import *
|
|
|
|
else:
|
2022-05-29 01:55:36 +00:00
|
|
|
from files.routes import *
|
2022-07-17 19:17:46 +00:00
|
|
|
|
2022-09-29 05:43:29 +00:00
|
|
|
stdout.flush()
|