forked from MarseyWorld/MarseyWorld
add ip logging to WPD
parent
753eee52d9
commit
db7dbe8cf9
|
@ -57,7 +57,7 @@ app.config["CACHE_SOURCE_CHECK"] = True
|
||||||
if SITE == 'watchpeopledie.tv':
|
if SITE == 'watchpeopledie.tv':
|
||||||
app.config["SESSION_COOKIE_DOMAIN"] = SITE
|
app.config["SESSION_COOKIE_DOMAIN"] = SITE
|
||||||
|
|
||||||
def get_CF():
|
def get_IP():
|
||||||
with app.app_context():
|
with app.app_context():
|
||||||
x = request.headers.get('CF-Connecting-IP')
|
x = request.headers.get('CF-Connecting-IP')
|
||||||
if not x:
|
if not x:
|
||||||
|
@ -66,7 +66,7 @@ def get_CF():
|
||||||
|
|
||||||
limiter = Limiter(
|
limiter = Limiter(
|
||||||
app=app,
|
app=app,
|
||||||
key_func=get_CF,
|
key_func=get_IP,
|
||||||
default_limits=[DEFAULT_RATELIMIT],
|
default_limits=[DEFAULT_RATELIMIT],
|
||||||
application_limits=["10/second;200/minute;5000/hour;30000/day"],
|
application_limits=["10/second;200/minute;5000/hour;30000/day"],
|
||||||
storage_uri=app.config["CACHE_REDIS_URL"],
|
storage_uri=app.config["CACHE_REDIS_URL"],
|
||||||
|
|
|
@ -34,3 +34,6 @@ from .push_subscriptions import *
|
||||||
from .group import *
|
from .group import *
|
||||||
from .group_membership import *
|
from .group_membership import *
|
||||||
from .orgy import *
|
from .orgy import *
|
||||||
|
|
||||||
|
if FEATURES['IP_LOGGING']:
|
||||||
|
from .ip_logs import *
|
||||||
|
|
|
@ -0,0 +1,22 @@
|
||||||
|
import time
|
||||||
|
|
||||||
|
from sqlalchemy import Column, ForeignKey
|
||||||
|
from sqlalchemy.sql.sqltypes import *
|
||||||
|
|
||||||
|
from files.classes import Base
|
||||||
|
|
||||||
|
class IPLog(Base):
|
||||||
|
__tablename__ = "ip_logs"
|
||||||
|
user_id = Column(Integer, ForeignKey("users.id"), primary_key=True)
|
||||||
|
ip = Column(String, primary_key=True)
|
||||||
|
created_utc = Column(Integer)
|
||||||
|
last_used = Column(Integer)
|
||||||
|
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
if "created_utc" not in kwargs:
|
||||||
|
kwargs["created_utc"] = int(time.time())
|
||||||
|
kwargs["last_used"] = kwargs["created_utc"]
|
||||||
|
super().__init__(*args, **kwargs)
|
||||||
|
|
||||||
|
def __repr__(self):
|
||||||
|
return f"<{self.__class__.__name__}(id={self.id})>"
|
|
@ -178,6 +178,7 @@ PERMS = { # Minimum admin_level to perform action.
|
||||||
'NOTIFICATIONS_HOLE_CREATION': 1,
|
'NOTIFICATIONS_HOLE_CREATION': 1,
|
||||||
'NOTIFICATIONS_GROUP_CREATION': 1,
|
'NOTIFICATIONS_GROUP_CREATION': 1,
|
||||||
'NOTIFICATIONS_MODERATOR_ACTIONS': 1,
|
'NOTIFICATIONS_MODERATOR_ACTIONS': 1,
|
||||||
|
'EXEMPT_FROM_IP_LOGGING': 1,
|
||||||
|
|
||||||
'IS_PERMA_PROGSTACKED': 2,
|
'IS_PERMA_PROGSTACKED': 2,
|
||||||
'USER_BADGES': 2,
|
'USER_BADGES': 2,
|
||||||
|
@ -436,6 +437,7 @@ FEATURES = {
|
||||||
'NSFW_MARKING': True,
|
'NSFW_MARKING': True,
|
||||||
'PING_GROUPS': True,
|
'PING_GROUPS': True,
|
||||||
'BOTS': True,
|
'BOTS': True,
|
||||||
|
'IP_LOGGING': False,
|
||||||
}
|
}
|
||||||
HOUSES = ["Furry","Femboy","Vampire","Racist","Edgy"]
|
HOUSES = ["Furry","Femboy","Vampire","Racist","Edgy"]
|
||||||
|
|
||||||
|
@ -737,6 +739,7 @@ elif SITE == 'watchpeopledie.tv':
|
||||||
FEATURES['NSFW_MARKING'] = False
|
FEATURES['NSFW_MARKING'] = False
|
||||||
FEATURES['BOTS'] = False
|
FEATURES['BOTS'] = False
|
||||||
FEATURES['HAT_SUBMISSIONS'] = False
|
FEATURES['HAT_SUBMISSIONS'] = False
|
||||||
|
FEATURES['IP_LOGGING'] = True
|
||||||
HOUSES = ["Furry","Femboy","Vampire","Edgy"]
|
HOUSES = ["Furry","Femboy","Vampire","Edgy"]
|
||||||
|
|
||||||
PERMS['POST_COMMENT_EDITING'] = 3
|
PERMS['POST_COMMENT_EDITING'] = 3
|
||||||
|
@ -839,6 +842,7 @@ elif SITE == 'devrama.net':
|
||||||
else: # localhost or testing environment implied
|
else: # localhost or testing environment implied
|
||||||
FEATURES['PRONOUNS'] = True
|
FEATURES['PRONOUNS'] = True
|
||||||
FEATURES['USERS_PERMANENT_WORD_FILTERS'] = True
|
FEATURES['USERS_PERMANENT_WORD_FILTERS'] = True
|
||||||
|
FEATURES['IP_LOGGING'] = True
|
||||||
HOLE_BANNER_LIMIT = 69420
|
HOLE_BANNER_LIMIT = 69420
|
||||||
|
|
||||||
BOT_IDs = {AUTOJANNY_ID, SNAPPY_ID, LONGPOSTBOT_ID, ZOZBOT_ID}
|
BOT_IDs = {AUTOJANNY_ID, SNAPPY_ID, LONGPOSTBOT_ID, ZOZBOT_ID}
|
||||||
|
|
|
@ -5,7 +5,10 @@ from files.helpers.config.const import *
|
||||||
from files.helpers.settings import get_setting
|
from files.helpers.settings import get_setting
|
||||||
from files.helpers.cloudflare import CLOUDFLARE_AVAILABLE
|
from files.helpers.cloudflare import CLOUDFLARE_AVAILABLE
|
||||||
from files.routes.wrappers import *
|
from files.routes.wrappers import *
|
||||||
from files.__main__ import app, limiter, get_CF, redis_instance
|
from files.__main__ import app, limiter, get_IP, redis_instance
|
||||||
|
|
||||||
|
if FEATURES['IP_LOGGING']:
|
||||||
|
from files.classes.ip_logs import *
|
||||||
|
|
||||||
@app.before_request
|
@app.before_request
|
||||||
def before_request():
|
def before_request():
|
||||||
|
@ -66,10 +69,24 @@ def after_request(response):
|
||||||
g.v.last_active = timestamp
|
g.v.last_active = timestamp
|
||||||
g.db.add(g.v)
|
g.db.add(g.v)
|
||||||
|
|
||||||
|
if FEATURES['IP_LOGGING']:
|
||||||
|
if g.v.admin_level < PERMS['EXEMPT_FROM_IP_LOGGING'] and user_id != CARP_ID:
|
||||||
|
ip = get_IP()
|
||||||
|
existing = g.db.query(IPLog).filter_by(user_id=user_id, ip=ip).one_or_none()
|
||||||
|
if existing:
|
||||||
|
existing.last_used = time.time()
|
||||||
|
g.db.add(existing)
|
||||||
|
else:
|
||||||
|
ip_log = IPLog(
|
||||||
|
user_id=user_id,
|
||||||
|
ip=ip,
|
||||||
|
)
|
||||||
|
g.db.add(ip_log)
|
||||||
|
|
||||||
_commit_and_close_db()
|
_commit_and_close_db()
|
||||||
|
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
redis_instance.delete(f'LIMITER/{get_CF()}/{request.endpoint}:{request.path}/1/1/second')
|
redis_instance.delete(f'LIMITER/{get_IP()}/{request.endpoint}:{request.path}/1/1/second')
|
||||||
if user_id:
|
if user_id:
|
||||||
redis_instance.delete(f'LIMITER/{SITE}-{user_id}/{request.endpoint}:{request.path}/1/1/second')
|
redis_instance.delete(f'LIMITER/{SITE}-{user_id}/{request.endpoint}:{request.path}/1/1/second')
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@ import secrets
|
||||||
|
|
||||||
import requests
|
import requests
|
||||||
|
|
||||||
from files.__main__ import app, cache, get_CF, limiter
|
from files.__main__ import app, cache, get_IP, limiter
|
||||||
from files.classes.follows import Follow
|
from files.classes.follows import Follow
|
||||||
from files.helpers.actions import *
|
from files.helpers.actions import *
|
||||||
from files.helpers.config.const import *
|
from files.helpers.config.const import *
|
||||||
|
@ -106,7 +106,7 @@ def login_post(v):
|
||||||
|
|
||||||
def log_failed_admin_login_attempt(account, type):
|
def log_failed_admin_login_attempt(account, type):
|
||||||
if not account or account.admin_level < PERMS['WARN_ON_FAILED_LOGIN']: return
|
if not account or account.admin_level < PERMS['WARN_ON_FAILED_LOGIN']: return
|
||||||
ip = get_CF()
|
ip = get_IP()
|
||||||
print(f"A site admin from {ip} failed to login to account @{account.user_name} (invalid {type})")
|
print(f"A site admin from {ip} failed to login to account @{account.user_name} (invalid {type})")
|
||||||
t = time.strftime("%d/%B/%Y %H:%M:%S UTC", time.gmtime(time.time()))
|
t = time.strftime("%d/%B/%Y %H:%M:%S UTC", time.gmtime(time.time()))
|
||||||
log_file(f"{t}, {ip}, {account.username}, {type}", "admin_failed_logins.log")
|
log_file(f"{t}, {ip}, {account.username}, {type}", "admin_failed_logins.log")
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
create table ip_logs (
|
||||||
|
user_id integer not null,
|
||||||
|
ip varchar(39) not null,
|
||||||
|
created_utc integer not null,
|
||||||
|
last_used integer not null
|
||||||
|
);
|
||||||
|
|
||||||
|
alter table only ip_logs
|
||||||
|
add constraint ip_logs_pkey primary key (user_id, ip);
|
||||||
|
|
||||||
|
alter table only ip_logs
|
||||||
|
add constraint ip_logs_user_fkey foreign key (user_id) references public.users(id);
|
Loading…
Reference in New Issue