From 5577311a27367f0869b7fff8495fb59d9cd47ee4 Mon Sep 17 00:00:00 2001 From: Aevann Date: Fri, 15 Nov 2024 23:15:11 +0200 Subject: [PATCH] remove /bm --- files/routes/allroutes.py | 4 +-- files/routes/users.py | 51 --------------------------------------- 2 files changed, 2 insertions(+), 53 deletions(-) diff --git a/files/routes/allroutes.py b/files/routes/allroutes.py index 2c491c964..95f9fa496 100644 --- a/files/routes/allroutes.py +++ b/files/routes/allroutes.py @@ -17,14 +17,14 @@ def before_request(): if request.host != SITE: stop(403, "Unauthorized host provided!") - if SITE == 'marsey.world' and request.path not in {'/kofi','/bm','/av'}: + if SITE == 'marsey.world' and request.path not in {'/kofi','/av'}: stop(404) if request.headers.get("CF-Worker"): stop(403, "Cloudflare workers are not allowed to access this website!") g.agent = request.headers.get("User-Agent", "") - if not g.agent and request.path not in {'/kofi','/bm','/av'}: + if not g.agent and request.path not in {'/kofi','/av'}: stop(403, 'Please use a "User-Agent" header!') if not get_setting('bots') and request.headers.get("Authorization"): diff --git a/files/routes/users.py b/files/routes/users.py index ae5a5c4f9..57034a35b 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -1473,57 +1473,6 @@ def gumroad(): return '' -@app.post("/bm") -@limiter.exempt -def bm(): - data = json.loads(request.data) - - ip = request.headers.get('CF-Connecting-IP') - - if ip not in {'54.187.174.169','54.187.205.235','54.187.216.72'}: - print(STARS, flush=True) - print(f'/bm fail: {ip}') - print(STARS, flush=True) - stop(400) - - data = data['data']['object'] - - if data['calculated_statement_descriptor'] != 'MARSEY': - return '' - - id = data['id'] - - existing = g.db.get(Transaction, id) - if existing: return '' - - amount = data['amount']/100 - - email = data['billing_details']['email'] - if not email: return '' - email = email.strip().lower() - - created_utc = data['created'] - - if data['description'] == 'rdrama.net (@rdrama.net) - Support': - type = "one-time" - else: - type = "monthly" - - transaction = Transaction( - id=id, - created_utc=created_utc, - type=type, - amount=amount, - email=email - ) - - g.db.add(transaction) - - claim_rewards_all_users() - - return '' - - @app.post("/av") @limiter.exempt def av():