forked from rDrama/rDrama
remove logged out routes (#433)
* remove /logged_out/ routes * update sitemap, remove users route, and update header * cloudflare cookie * only mess with the cookie whenever we desire auth * sitemap: (small) improvements sitemap: fix little bug i introduced sitemap: fix login redirects for /id/ routes * sitemap: remove duplicate entry * contact is auth desired * imports: don't import what we don't need and bind late to the db * praying to god this works * keep yourself safe * oh i actually need to commit and push lol * import Sub * t * refix cache purgermaster
parent
39297b7c22
commit
26549a6e66
|
@ -2,6 +2,7 @@ import gevent.monkey
|
|||
gevent.monkey.patch_all()
|
||||
from os import environ, path
|
||||
import secrets
|
||||
from files.helpers.cloudflare import CLOUDFLARE_AVAILABLE
|
||||
from flask import *
|
||||
from flask_caching import Cache
|
||||
from flask_limiter import Limiter
|
||||
|
@ -103,7 +104,6 @@ def before_request():
|
|||
if not request.path: request.path = '/'
|
||||
request.full_path = request.full_path.rstrip('?').rstrip('/')
|
||||
if not request.full_path: request.full_path = '/'
|
||||
|
||||
if not session.get("session_id"):
|
||||
session.permanent = True
|
||||
session["session_id"] = secrets.token_hex(49)
|
||||
|
@ -111,6 +111,9 @@ def before_request():
|
|||
@app.after_request
|
||||
def after_request(response):
|
||||
if response.status_code < 400:
|
||||
if CLOUDFLARE_AVAILABLE and CLOUDFLARE_COOKIE_VALUE and getattr(g, 'desires_auth', False):
|
||||
logged_in = bool(getattr(g, 'v', None))
|
||||
response.set_cookie("lo", CLOUDFLARE_COOKIE_VALUE if logged_in else '', max_age=60*60*24*365 if logged_in else 1)
|
||||
g.db.commit()
|
||||
g.db.close()
|
||||
del g.db
|
||||
|
@ -118,7 +121,7 @@ def after_request(response):
|
|||
|
||||
@app.teardown_appcontext
|
||||
def teardown_request(error):
|
||||
if hasattr(g, 'db') and g.db:
|
||||
if getattr(g, 'db', None):
|
||||
g.db.rollback()
|
||||
g.db.close()
|
||||
del g.db
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -2,6 +2,7 @@ from sqlalchemy.orm import deferred, aliased
|
|||
from sqlalchemy.sql import func
|
||||
from secrets import token_hex
|
||||
import pyotp
|
||||
from files.classes.sub import Sub
|
||||
from files.helpers.media import *
|
||||
from files.helpers.const import *
|
||||
from files.classes.casino_game import Casino_Game
|
||||
|
|
|
@ -9,6 +9,15 @@ from urllib.parse import quote
|
|||
|
||||
headers = {'User-Agent': 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)'}
|
||||
|
||||
SNAPPY_MARSEYS = []
|
||||
if SITE_NAME != 'PCM':
|
||||
SNAPPY_MARSEYS = [f':#{x}:' for x in marseys_const2]
|
||||
|
||||
SNAPPY_QUOTES = []
|
||||
if path.isfile(f'snappy_{SITE_NAME}.txt'):
|
||||
with open(f'snappy_{SITE_NAME}.txt', "r", encoding="utf-8") as f:
|
||||
SNAPPY_QUOTES = f.read().split("\n{[para]}\n")
|
||||
|
||||
def archiveorg(url):
|
||||
try: requests.get(f'https://web.archive.org/save/{url}', headers=headers, timeout=10, proxies=proxies)
|
||||
except: pass
|
||||
|
|
|
@ -1,14 +1,16 @@
|
|||
import json
|
||||
from typing import List, Union, Optional
|
||||
from files.helpers.const import *
|
||||
from files.helpers.const import CF_HEADERS, CF_ZONE
|
||||
import requests
|
||||
|
||||
CLOUDFLARE_API_URL = "https://api.cloudflare.com/client/v4"
|
||||
CLOUDFLARE_REQUEST_TIMEOUT_SECS = 5
|
||||
DEFAULT_CLOUDFLARE_ZONE = 'blahblahblah'
|
||||
|
||||
CLOUDFLARE_AVAILABLE = CF_ZONE and CF_ZONE != DEFAULT_CLOUDFLARE_ZONE
|
||||
|
||||
def _request_from_cloudflare(url:str, method:str, post_data_str) -> bool:
|
||||
if CF_ZONE == DEFAULT_CLOUDFLARE_ZONE: return False
|
||||
if not CLOUDFLARE_AVAILABLE: return False
|
||||
try:
|
||||
res = str(requests.request(method, f"{CLOUDFLARE_API_URL}/zones/{CF_ZONE}/{url}", headers=CF_HEADERS, data=post_data_str, timeout=CLOUDFLARE_REQUEST_TIMEOUT_SECS))
|
||||
except:
|
||||
|
@ -26,11 +28,11 @@ def get_security_level() -> Optional[str]:
|
|||
def set_security_level(under_attack="high") -> bool:
|
||||
return _request_from_cloudflare("settings/security_level", "PATCH", f'{{"value":"{under_attack}"}}')
|
||||
|
||||
def clear_cloudflare_cache() -> bool:
|
||||
def clear_entire_cache() -> bool:
|
||||
return _request_from_cloudflare("purge_cache", "POST", '{"purge_everything":true}')
|
||||
|
||||
def purge_files_in_cache(files:Union[List[str],str]) -> bool:
|
||||
if CF_ZONE == DEFAULT_CLOUDFLARE_ZONE: return False
|
||||
if not CLOUDFLARE_AVAILABLE: return False
|
||||
if isinstance(files, str):
|
||||
files = [files]
|
||||
post_data = {"files": files}
|
||||
|
|
|
@ -2,9 +2,6 @@ from os import environ
|
|||
import re
|
||||
from copy import deepcopy
|
||||
from json import loads
|
||||
from files.__main__ import db_session
|
||||
from files.classes.sub import Sub
|
||||
from files.classes.marsey import Marsey
|
||||
from flask import request
|
||||
import tldextract
|
||||
from os import path
|
||||
|
@ -54,6 +51,8 @@ if PUSHER_ID != "blahblahblah":
|
|||
CONTENT_SECURITY_POLICY_DEFAULT = "script-src 'self' 'unsafe-inline' ajax.cloudflare.com; connect-src 'self'; object-src 'none';"
|
||||
CONTENT_SECURITY_POLICY_HOME = f"script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' tls-use1.fpapi.io api.fpjs.io{PUSHER_ID_CSP}; object-src 'none';"
|
||||
|
||||
CLOUDFLARE_COOKIE_VALUE = "yes."
|
||||
|
||||
if SITE == "localhost": SITE_FULL = 'http://' + SITE
|
||||
else: SITE_FULL = 'https://' + SITE
|
||||
|
||||
|
@ -1407,34 +1406,10 @@ christian_emojis = [':#marseyjesus:',':#marseyimmaculate:',':#marseymothermary:'
|
|||
':#marseycrucified:',':#chadjesus:',':#marseyandjesus:',':#marseyjesus2:',
|
||||
':#marseyorthodoxsmug:',':#marseypastor:',':#marseypope:',]
|
||||
|
||||
db = db_session()
|
||||
marseys_const = [x[0] for x in db.query(Marsey.name).filter(Marsey.submitter_id==None, Marsey.name!='chudsey').all()]
|
||||
marseys_const2 = marseys_const + ['chudsey','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7','8','9','exclamationpoint','period','questionmark']
|
||||
|
||||
marseys = db.query(Marsey).filter(Marsey.submitter_id==None).all()
|
||||
marsey_mappings = {}
|
||||
for marsey in marseys:
|
||||
for tag in marsey.tags.split():
|
||||
if tag in marsey_mappings:
|
||||
marsey_mappings[tag].append(marsey.name)
|
||||
else:
|
||||
marsey_mappings[tag] = [marsey.name]
|
||||
db.close()
|
||||
|
||||
SNAPPY_MARSEYS = []
|
||||
if SITE_NAME != 'PCM':
|
||||
SNAPPY_MARSEYS = [f':#{x}:' for x in marseys_const2]
|
||||
|
||||
SNAPPY_QUOTES = []
|
||||
if path.isfile(f'snappy_{SITE_NAME}.txt'):
|
||||
with open(f'snappy_{SITE_NAME}.txt', "r", encoding="utf-8") as f:
|
||||
SNAPPY_QUOTES = f.read().split("\n{[para]}\n")
|
||||
|
||||
ADMIGGER_THREADS = {SIDEBAR_THREAD, BANNER_THREAD, BADGE_THREAD, SNAPPY_THREAD}
|
||||
|
||||
proxies = {"http":PROXY_URL,"https":PROXY_URL}
|
||||
|
||||
|
||||
approved_embed_hosts = {
|
||||
SITE,
|
||||
'rdrama.net',
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
from .const import marsey_mappings
|
||||
from .sanitize import marsey_mappings
|
||||
from random import choice
|
||||
|
||||
def marsify(text):
|
||||
|
|
|
@ -5,14 +5,27 @@ from bleach.css_sanitizer import CSSSanitizer
|
|||
from bleach.linkifier import LinkifyFilter
|
||||
from functools import partial
|
||||
from .get import *
|
||||
from os import path, environ
|
||||
from os import path
|
||||
import re
|
||||
from mistletoe import markdown
|
||||
from json import loads, dump
|
||||
from random import random, choice
|
||||
import signal
|
||||
import time
|
||||
import requests
|
||||
from files.__main__ import db_session
|
||||
from files.classes.marsey import Marsey
|
||||
|
||||
db = db_session()
|
||||
marseys_const = [x[0] for x in db.query(Marsey.name).filter(Marsey.submitter_id==None, Marsey.name!='chudsey').all()]
|
||||
marseys_const2 = marseys_const + ['chudsey','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7','8','9','exclamationpoint','period','questionmark']
|
||||
|
||||
marseys = db.query(Marsey).filter(Marsey.submitter_id==None).all()
|
||||
marsey_mappings = {}
|
||||
for marsey in marseys:
|
||||
for tag in marsey.tags.split():
|
||||
if tag in marsey_mappings:
|
||||
marsey_mappings[tag].append(marsey.name)
|
||||
else:
|
||||
marsey_mappings[tag] = [marsey.name]
|
||||
db.close()
|
||||
|
||||
TLDS = ( # Original gTLDs and ccTLDs
|
||||
'ac','ad','ae','aero','af','ag','ai','al','am','an','ao','aq','ar','arpa','as','asia','at',
|
||||
|
|
|
@ -3,6 +3,7 @@ from .alerts import *
|
|||
from files.helpers.const import *
|
||||
from files.helpers.get import *
|
||||
from files.__main__ import db_session, limiter
|
||||
from flask import g, request
|
||||
from random import randint
|
||||
import functools
|
||||
import user_agents
|
||||
|
@ -32,6 +33,7 @@ def calc_users(v):
|
|||
def get_logged_in_user():
|
||||
if hasattr(g, 'v'): return g.v
|
||||
if not (hasattr(g, 'db') and g.db): g.db = db_session()
|
||||
g.desires_auth = True
|
||||
v = None
|
||||
token = request.headers.get("Authorization","").strip()
|
||||
if token:
|
||||
|
@ -64,7 +66,6 @@ def get_logged_in_user():
|
|||
if request.method.lower() != "get" and app.config['SETTINGS']['Read-only mode'] and not (v and v.admin_level >= PERMS['SITE_BYPASS_READ_ONLY_MODE']):
|
||||
abort(403)
|
||||
|
||||
|
||||
g.v = v
|
||||
|
||||
if v:
|
||||
|
@ -98,21 +99,12 @@ def auth_desired_with_logingate(f):
|
|||
v = get_logged_in_user()
|
||||
if app.config['SETTINGS']['login_required'] and not v: abort(401)
|
||||
|
||||
#### WPD TEMP #### disable this /logged_out thing on .co
|
||||
if SITE == 'watchpeopledie.co':
|
||||
return make_response(f(*args, v=v, **kwargs))
|
||||
#### END WPD TEMP ####
|
||||
|
||||
if not v and not request.path.startswith('/logged_out'):
|
||||
return redirect(f"/logged_out{request.full_path}")
|
||||
|
||||
if v and request.path.startswith('/logged_out'):
|
||||
if request.path.startswith('/logged_out'):
|
||||
redir = request.full_path.replace('/logged_out','')
|
||||
if not redir: redir = '/'
|
||||
return redirect(redir)
|
||||
|
||||
return make_response(f(*args, v=v, **kwargs))
|
||||
|
||||
wrapper.__name__ = f.__name__
|
||||
return wrapper
|
||||
|
||||
|
@ -120,9 +112,7 @@ def auth_required(f):
|
|||
def wrapper(*args, **kwargs):
|
||||
v = get_logged_in_user()
|
||||
if not v: abort(401)
|
||||
|
||||
return make_response(f(*args, v=v, **kwargs))
|
||||
|
||||
wrapper.__name__ = f.__name__
|
||||
return wrapper
|
||||
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
# import classes then...
|
||||
from files.classes.sub import Sub
|
||||
|
||||
# import routes
|
||||
from .admin import *
|
||||
from .comments import *
|
||||
from .errors import *
|
||||
|
|
|
@ -478,7 +478,7 @@ def change_settings(v, setting):
|
|||
@app.post("/admin/clear_cloudflare_cache")
|
||||
@admin_level_required(PERMS['SITE_CACHE_PURGE_CDN'])
|
||||
def clear_cloudflare_cache(v):
|
||||
if not cloudflare.clear_cloudflare_cache():
|
||||
if not cloudflare.clear_entire_cache():
|
||||
abort(400, 'Failed to clear cloudflare cache!')
|
||||
ma = ModAction(
|
||||
kind="clear_cloudflare_cache",
|
||||
|
@ -1150,7 +1150,7 @@ def remove_post(post_id, v):
|
|||
|
||||
v.coins += 1
|
||||
g.db.add(v)
|
||||
cloudflare.purge_files_in_cache(f"https://{SITE}/logged_out")
|
||||
cloudflare.purge_files_in_cache(f"https://{SITE}/")
|
||||
return {"message": "Post removed!"}
|
||||
|
||||
|
||||
|
|
|
@ -28,10 +28,6 @@ WORDLE_COLOR_MAPPINGS = {-1: "🟥", 0: "🟨", 1: "🟩"}
|
|||
@app.get("/post/<pid>/<anything>/<cid>")
|
||||
@app.get("/h/<sub>/comment/<cid>")
|
||||
@app.get("/h/<sub>/post/<pid>/<anything>/<cid>")
|
||||
@app.get("/logged_out/comment/<cid>")
|
||||
@app.get("/logged_out/post/<pid>/<anything>/<cid>")
|
||||
@app.get("/logged_out/h/<sub>/comment/<cid>")
|
||||
@app.get("/logged_out/h/<sub>/post/<pid>/<anything>/<cid>")
|
||||
@auth_desired_with_logingate
|
||||
def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None):
|
||||
comment = get_comment(cid, v=v)
|
||||
|
|
|
@ -9,9 +9,6 @@ from files.helpers.awards import award_timers
|
|||
@app.get("/")
|
||||
@app.get("/h/<sub>")
|
||||
@app.get("/s/<sub>")
|
||||
@app.get("/logged_out")
|
||||
@app.get("/logged_out/h/<sub>")
|
||||
@app.get("/logged_out/s/<sub>")
|
||||
@limiter.limit("3/second;30/minute;5000/hour;10000/day")
|
||||
@auth_desired_with_logingate
|
||||
def front_all(v, sub=None, subdomain=None):
|
||||
|
@ -22,9 +19,9 @@ def front_all(v, sub=None, subdomain=None):
|
|||
if SITE == 'watchpeopledie.co':
|
||||
if v and not v.admin_level and not v.id <= 9: # security: don't auto login admins or bots
|
||||
hash = generate_hash(f'{v.id}+{now.year}+{now.month}+{now.day}+{now.hour}+WPDusermigration')
|
||||
return redirect(f'https://watchpeopledie.tv/logged_out?user={v.id}&code={hash}', 301)
|
||||
return redirect(f'https://watchpeopledie.tv/?user={v.id}&code={hash}', 301)
|
||||
else:
|
||||
return redirect('https://watchpeopledie.tv/logged_out', 301)
|
||||
return redirect('https://watchpeopledie.tv/', 301)
|
||||
elif SITE == 'watchpeopledie.tv' and not v: # security: don't try to login people into accounts more than once
|
||||
req_user = request.values.get('user')
|
||||
req_code = request.values.get('code')
|
||||
|
@ -37,8 +34,7 @@ def front_all(v, sub=None, subdomain=None):
|
|||
else:
|
||||
if validate_hash(f'{user.id}+{now.year}+{now.month}+{now.day}+{now.hour}+WPDusermigration', req_code):
|
||||
on_login(user)
|
||||
return redirect('/')
|
||||
return redirect('/logged_out')
|
||||
return redirect('/')
|
||||
#### WPD TEMP #### end special front logic
|
||||
if sub:
|
||||
sub = sub.strip().lower()
|
||||
|
|
|
@ -12,9 +12,8 @@ import secrets
|
|||
@auth_desired
|
||||
def login_get(v):
|
||||
|
||||
redir = request.values.get("redirect", "/")
|
||||
redir = request.values.get("redirect", "/").strip().rstrip('?')
|
||||
if redir:
|
||||
redir = redir.replace("/logged_out", "").strip().rstrip('?')
|
||||
if not is_site_url(redir): redir = "/"
|
||||
if v: return redirect(redir)
|
||||
|
||||
|
@ -149,9 +148,8 @@ def login_post():
|
|||
g.login_failed = False
|
||||
on_login(account)
|
||||
|
||||
redir = request.values.get("redirect")
|
||||
redir = request.values.get("redirect", "").strip().rstrip('?')
|
||||
if redir:
|
||||
redir = redir.replace("/logged_out", "").strip().rstrip('?')
|
||||
if is_site_url(redir): return redirect(redir)
|
||||
return redirect('/')
|
||||
|
||||
|
@ -229,9 +227,8 @@ def sign_up_get(v):
|
|||
|
||||
error = request.values.get("error")
|
||||
|
||||
redir = request.values.get("redirect", "/")
|
||||
redir = request.values.get("redirect", "/").strip().rstrip('?')
|
||||
if redir:
|
||||
redir = redir.replace("/logged_out", "").strip().rstrip('?')
|
||||
if not is_site_url(redir): redir = "/"
|
||||
|
||||
return render_template("sign_up.html",
|
||||
|
@ -388,9 +385,8 @@ def sign_up_post(v):
|
|||
elif CARP_ID:
|
||||
send_notification(CARP_ID, f"A new user - @{new_user.username} - has signed up!")
|
||||
|
||||
redir = request.values.get("redirect")
|
||||
redir = request.values.get("redirect", "").strip().rstrip('?')
|
||||
if redir:
|
||||
redir = redir.replace("/logged_out", "").strip().rstrip('?')
|
||||
if is_site_url(redir): return redirect(redir)
|
||||
return redirect('/')
|
||||
|
||||
|
|
|
@ -130,10 +130,6 @@ def submit_get(v, sub=None):
|
|||
@app.get("/post/<pid>/<anything>")
|
||||
@app.get("/h/<sub>/post/<pid>")
|
||||
@app.get("/h/<sub>/post/<pid>/<anything>")
|
||||
@app.get("/logged_out/post/<pid>")
|
||||
@app.get("/logged_out/post/<pid>/<anything>")
|
||||
@app.get("/logged_out/h/<sub>/post/<pid>")
|
||||
@app.get("/logged_out/h/<sub>/post/<pid>/<anything>")
|
||||
@auth_desired_with_logingate
|
||||
def post_id(pid, anything=None, v=None, sub=None):
|
||||
post = get_post(pid, v=v)
|
||||
|
|
|
@ -401,7 +401,6 @@ if not os.path.exists(f'files/templates/donate_{SITE_NAME}.html'):
|
|||
copyfile(f'files/templates/donate_rDrama.html', f'files/templates/donate_{SITE_NAME}.html')
|
||||
|
||||
@app.get('/donate')
|
||||
@app.get('/logged_out/donate')
|
||||
@auth_desired_with_logingate
|
||||
def donate(v):
|
||||
return render_template(f'donate_{SITE_NAME}.html', v=v)
|
||||
|
@ -507,7 +506,6 @@ if SITE == 'pcmemes.net':
|
|||
|
||||
|
||||
@app.get('/live')
|
||||
@app.get('/logged_out/live')
|
||||
@auth_desired_with_logingate
|
||||
def live_list(v):
|
||||
live = cache.get('live') or []
|
||||
|
|
|
@ -666,7 +666,6 @@ def visitors(v):
|
|||
|
||||
@app.get("/@<username>")
|
||||
@app.get("/@<username>.json")
|
||||
@app.get("/logged_out/@<username>")
|
||||
@auth_desired_with_logingate
|
||||
def u_username(username, v=None):
|
||||
u = get_user(username, v=v, include_blocks=True, include_shadowbanned=False)
|
||||
|
@ -747,7 +746,6 @@ def u_username(username, v=None):
|
|||
|
||||
@app.get("/@<username>/comments")
|
||||
@app.get("/@<username>/comments.json")
|
||||
@app.get("/logged_out/@<username>/comments")
|
||||
@auth_desired_with_logingate
|
||||
def u_username_comments(username, v=None):
|
||||
u = get_user(username, v=v, include_blocks=True, include_shadowbanned=False)
|
||||
|
@ -915,9 +913,6 @@ def remove_follow(username, v):
|
|||
@app.get("/pp/<id>")
|
||||
@app.get("/uid/<id>/pic")
|
||||
@app.get("/uid/<id>/pic/profile")
|
||||
@app.get("/logged_out/pp/<id>")
|
||||
@app.get("/logged_out/uid/<id>/pic")
|
||||
@app.get("/logged_out/uid/<id>/pic/profile")
|
||||
@cache.memoize(timeout=86400)
|
||||
@limiter.exempt
|
||||
def user_profile_uid(id):
|
||||
|
|
|
@ -268,7 +268,7 @@
|
|||
</li>
|
||||
{% else %}
|
||||
<li class="nav-item d-flex align-items-center justify-content-center mx-1 mr-2">
|
||||
<a class="btn btn-primary" href="/logged_out/donate">Donate</a>
|
||||
<a class="btn btn-primary" href="/donate">Donate</a>
|
||||
</li>
|
||||
<li class="nav-item d-flex align-items-center justify-content-center mx-1 mr-2">
|
||||
<a class="btn btn-primary" href="/contact">Contact us</a>
|
||||
|
@ -336,7 +336,7 @@
|
|||
</li>
|
||||
{% else %}
|
||||
<li class="nav-item d-flex align-items-center justify-content-center pb-3">
|
||||
<a class="btn btn-primary btn-block" href="/logged_out/donate">Donate</a>
|
||||
<a class="btn btn-primary btn-block" href="/donate">Donate</a>
|
||||
</li>
|
||||
<li class="nav-item d-flex align-items-center justify-content-center pb-3">
|
||||
<a class="btn btn-primary btn-block" href="/contact">Contact us</a>
|
||||
|
|
|
@ -184,7 +184,7 @@
|
|||
</script>
|
||||
{% endif %}
|
||||
|
||||
{% if request.path in ('/','/logged_out') and time.time() > session.get('tooltip_last_dismissed',0)+60*60*24*30 and not g.webview %}
|
||||
{% if request.path == '/' and time.time() > session.get('tooltip_last_dismissed',0)+60*60*24*30 and not g.webview %}
|
||||
<style>
|
||||
.beg-icon {
|
||||
color: #919191;
|
||||
|
|
Loading…
Reference in New Issue