2022-05-04 23:09:46 +00:00
|
|
|
import gevent.monkey
|
2022-11-15 09:19:08 +00:00
|
|
|
|
2022-05-04 23:09:46 +00:00
|
|
|
gevent.monkey.patch_all()
|
2022-11-15 09:19:08 +00:00
|
|
|
|
|
|
|
import faulthandler
|
|
|
|
from os import environ
|
|
|
|
from sys import argv, stdout
|
|
|
|
|
|
|
|
import gevent
|
|
|
|
from flask import Flask
|
2022-05-04 23:09:46 +00:00
|
|
|
from flask_caching import Cache
|
|
|
|
from flask_compress import Compress
|
2022-11-15 09:19:08 +00:00
|
|
|
from flask_limiter import Limiter
|
2022-05-04 23:09:46 +00:00
|
|
|
from sqlalchemy import *
|
2023-03-16 06:27:58 +00:00
|
|
|
from sqlalchemy.orm import scoped_session, sessionmaker
|
2022-11-15 09:19:08 +00:00
|
|
|
|
2022-12-11 23:44:34 +00:00
|
|
|
from files.helpers.config.const import *
|
2023-03-16 06:27:58 +00:00
|
|
|
from files.helpers.const_stateful import const_initialize
|
2022-11-15 09:19:08 +00:00
|
|
|
from files.helpers.settings import reload_settings, start_watching_settings
|
2022-05-04 23:09:46 +00:00
|
|
|
|
|
|
|
app = Flask(__name__, template_folder='templates')
|
|
|
|
app.url_map.strict_slashes = False
|
|
|
|
app.jinja_env.cache = {}
|
|
|
|
app.jinja_env.auto_reload = True
|
2022-07-09 10:38:45 +00:00
|
|
|
app.jinja_env.add_extension('jinja2.ext.do')
|
2022-05-04 23:09:46 +00:00
|
|
|
faulthandler.enable()
|
|
|
|
|
band-aid fix for frozen session issue on signup (#50)
through some reason or another, people are somehow getting cookies that aren't prepended with a dot.
this is a problem because both sessions at, as best as I can tell, mix so it tries to read from a different cookie than we write to. this essentially "freezes" the session in place. users are unable to login, logout, signup, toggle poor mode, toggle NSFW, etc.
~~this attempts to delete bad session cookies (i.e. cookies with a domain that don't start with a dot).~~
~~we don't do this on "dotless" domains (and by extension localhost) because browser support for setting cookies on FQDNs that only have one dot has tenuous support among browsers anyway).~~
~~this *may* log some people out, but... their days of being able to do stuff on the site were numbered anyway.~~
**edit: as amazing as this thought was, browsers just wipe the entire cookies completely and there's no way to specifically target dotless cookies. for an issue that affects a few users, better to just tell them to clear their cookies. if *this* doesn't work, delete service-worker.js and be done with the whole service worker crap. forever. permanently. this PR also includes some QOL improvements.**
Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/50
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 22:07:12 +00:00
|
|
|
def _startup_check():
|
|
|
|
'''
|
|
|
|
Performs some sanity checks on startup to make sure we aren't attempting
|
|
|
|
to startup with obviously invalid values that won't work anyway
|
|
|
|
'''
|
|
|
|
if not SITE: raise TypeError("SITE environment variable must exist and not be None")
|
|
|
|
if SITE.startswith('.'): raise ValueError("Domain must not start with a dot")
|
|
|
|
|
2022-10-27 17:53:08 +00:00
|
|
|
app.config['SERVER_NAME'] = SITE
|
2022-10-21 23:12:36 +00:00
|
|
|
app.config['SECRET_KEY'] = environ.get('SECRET_KEY').strip()
|
2022-05-04 23:09:46 +00:00
|
|
|
app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 3153600
|
band-aid fix for frozen session issue on signup (#50)
through some reason or another, people are somehow getting cookies that aren't prepended with a dot.
this is a problem because both sessions at, as best as I can tell, mix so it tries to read from a different cookie than we write to. this essentially "freezes" the session in place. users are unable to login, logout, signup, toggle poor mode, toggle NSFW, etc.
~~this attempts to delete bad session cookies (i.e. cookies with a domain that don't start with a dot).~~
~~we don't do this on "dotless" domains (and by extension localhost) because browser support for setting cookies on FQDNs that only have one dot has tenuous support among browsers anyway).~~
~~this *may* log some people out, but... their days of being able to do stuff on the site were numbered anyway.~~
**edit: as amazing as this thought was, browsers just wipe the entire cookies completely and there's no way to specifically target dotless cookies. for an issue that affects a few users, better to just tell them to clear their cookies. if *this* doesn't work, delete service-worker.js and be done with the whole service worker crap. forever. permanently. this PR also includes some QOL improvements.**
Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/50
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 22:07:12 +00:00
|
|
|
_startup_check()
|
2022-11-20 22:16:49 +00:00
|
|
|
if not IS_LOCALHOST:
|
2022-11-21 02:28:05 +00:00
|
|
|
app.config["SESSION_COOKIE_SECURE"] = True
|
band-aid fix for frozen session issue on signup (#50)
through some reason or another, people are somehow getting cookies that aren't prepended with a dot.
this is a problem because both sessions at, as best as I can tell, mix so it tries to read from a different cookie than we write to. this essentially "freezes" the session in place. users are unable to login, logout, signup, toggle poor mode, toggle NSFW, etc.
~~this attempts to delete bad session cookies (i.e. cookies with a domain that don't start with a dot).~~
~~we don't do this on "dotless" domains (and by extension localhost) because browser support for setting cookies on FQDNs that only have one dot has tenuous support among browsers anyway).~~
~~this *may* log some people out, but... their days of being able to do stuff on the site were numbered anyway.~~
**edit: as amazing as this thought was, browsers just wipe the entire cookies completely and there's no way to specifically target dotless cookies. for an issue that affects a few users, better to just tell them to clear their cookies. if *this* doesn't work, delete service-worker.js and be done with the whole service worker crap. forever. permanently. this PR also includes some QOL improvements.**
Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/50
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 22:07:12 +00:00
|
|
|
|
2022-05-04 23:09:46 +00:00
|
|
|
app.config["SESSION_COOKIE_NAME"] = "session_" + environ.get("SITE_NAME").strip().lower()
|
2023-02-09 06:05:07 +00:00
|
|
|
app.config['MAX_CONTENT_LENGTH'] = 500 * 1024 * 1024 if SITE == 'watchpeopledie.tv' else 100 * 1024 * 1024
|
2022-05-04 23:09:46 +00:00
|
|
|
app.config["SESSION_COOKIE_SAMESITE"] = "Lax"
|
band-aid fix for frozen session issue on signup (#50)
through some reason or another, people are somehow getting cookies that aren't prepended with a dot.
this is a problem because both sessions at, as best as I can tell, mix so it tries to read from a different cookie than we write to. this essentially "freezes" the session in place. users are unable to login, logout, signup, toggle poor mode, toggle NSFW, etc.
~~this attempts to delete bad session cookies (i.e. cookies with a domain that don't start with a dot).~~
~~we don't do this on "dotless" domains (and by extension localhost) because browser support for setting cookies on FQDNs that only have one dot has tenuous support among browsers anyway).~~
~~this *may* log some people out, but... their days of being able to do stuff on the site were numbered anyway.~~
**edit: as amazing as this thought was, browsers just wipe the entire cookies completely and there's no way to specifically target dotless cookies. for an issue that affects a few users, better to just tell them to clear their cookies. if *this* doesn't work, delete service-worker.js and be done with the whole service worker crap. forever. permanently. this PR also includes some QOL improvements.**
Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/50
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 22:07:12 +00:00
|
|
|
app.config["PERMANENT_SESSION_LIFETIME"] = SESSION_LIFETIME
|
2022-05-19 17:58:18 +00:00
|
|
|
app.config['SESSION_REFRESH_EACH_REQUEST'] = False
|
2022-06-24 15:08:57 +00:00
|
|
|
|
|
|
|
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
|
2023-03-16 06:27:58 +00:00
|
|
|
app.config['SQLALCHEMY_DATABASE_URL'] = environ.get("DATABASE_URL").strip()
|
2022-06-24 15:08:57 +00:00
|
|
|
|
2023-03-25 20:57:27 +00:00
|
|
|
app.config["CACHE_KEY_PREFIX"] = f"{SITE}_flask_cache_"
|
2022-05-04 23:09:46 +00:00
|
|
|
app.config["CACHE_TYPE"] = "RedisCache"
|
2022-10-10 09:06:27 +00:00
|
|
|
app.config["CACHE_REDIS_URL"] = environ.get("REDIS_URL").strip()
|
2022-12-20 23:44:53 +00:00
|
|
|
app.config["CACHE_DEFAULT_TIMEOUT"] = 604800
|
2022-06-24 15:08:57 +00:00
|
|
|
|
2022-11-29 20:20:26 +00:00
|
|
|
app.config['SERVICE'] = Service.RDRAMA
|
|
|
|
if "load_chat" in argv:
|
|
|
|
app.config['SERVICE'] = Service.CHAT
|
2022-05-04 23:09:46 +00:00
|
|
|
|
|
|
|
def get_CF():
|
|
|
|
with app.app_context():
|
2023-01-23 02:37:43 +00:00
|
|
|
x = request.headers.get('CF-Connecting-IP')
|
2023-02-26 08:41:04 +00:00
|
|
|
if not x:
|
|
|
|
x = request.headers.get('X-Forwarded-For')
|
|
|
|
return x
|
2022-05-04 23:09:46 +00:00
|
|
|
|
|
|
|
limiter = Limiter(
|
2023-01-21 03:01:17 +00:00
|
|
|
app=app,
|
2022-05-04 23:09:46 +00:00
|
|
|
key_func=get_CF,
|
2022-11-15 09:19:08 +00:00
|
|
|
default_limits=[DEFAULT_RATELIMIT],
|
2022-05-04 23:09:46 +00:00
|
|
|
application_limits=["10/second;200/minute;5000/hour;10000/day"],
|
2023-03-01 19:49:17 +00:00
|
|
|
storage_uri=app.config["CACHE_REDIS_URL"],
|
2022-05-04 23:09:46 +00:00
|
|
|
)
|
|
|
|
|
2023-03-16 06:27:58 +00:00
|
|
|
engine = create_engine(app.config['SQLALCHEMY_DATABASE_URL'])
|
|
|
|
|
2023-03-18 13:11:30 +00:00
|
|
|
db_session = scoped_session(sessionmaker(bind=engine))
|
2023-03-16 06:27:58 +00:00
|
|
|
|
|
|
|
const_initialize(db_session)
|
|
|
|
|
2022-11-15 09:19:08 +00:00
|
|
|
reload_settings()
|
|
|
|
start_watching_settings()
|
|
|
|
|
2022-05-04 23:09:46 +00:00
|
|
|
cache = Cache(app)
|
|
|
|
Compress(app)
|
|
|
|
|
2022-11-15 09:19:08 +00:00
|
|
|
from files.routes.allroutes import *
|
2022-06-26 06:33:08 +00:00
|
|
|
|
2022-11-29 20:20:26 +00:00
|
|
|
if app.config['SERVICE'] == Service.RDRAMA:
|
2022-05-29 01:55:36 +00:00
|
|
|
from files.routes import *
|
2022-07-17 19:17:46 +00:00
|
|
|
|
2022-11-29 20:20:26 +00:00
|
|
|
elif app.config['SERVICE'] == Service.CHAT:
|
|
|
|
from files.routes.chat import *
|
|
|
|
|
2022-09-29 05:43:29 +00:00
|
|
|
stdout.flush()
|