forked from rDrama/rDrama
dfMerge branch 'frost' of https://github.com/Aevann1/Drama into frost
commit
cc7986d675
|
@ -85,9 +85,10 @@ mail = Mail(app)
|
|||
@app.before_request
|
||||
def before_request():
|
||||
|
||||
ua = request.headers.get("User-Agent")
|
||||
if not ua: abort(403)
|
||||
ua = ua.lower()
|
||||
g.agent = request.headers.get("User-Agent")
|
||||
if not g.agent: abort(403)
|
||||
|
||||
ua = g.agent.lower()
|
||||
|
||||
with open('site_settings.json', 'r') as f:
|
||||
app.config['SETTINGS'] = json.load(f)
|
||||
|
|
|
@ -54,7 +54,7 @@ def get_logged_in_user():
|
|||
if session["session_id"] in loggedout: del loggedout[session["session_id"]]
|
||||
loggedin[v.id] = timestamp
|
||||
else:
|
||||
ua = str(user_agents.parse(request.headers.get("User-Agent")))
|
||||
ua = str(user_agents.parse(g.agent))
|
||||
if not ua.startswith('Spider'):
|
||||
loggedout[session["session_id"]] = (timestamp, ua)
|
||||
|
||||
|
|
|
@ -204,7 +204,7 @@ def sign_up_get(v):
|
|||
token = token_hex(16)
|
||||
session["signup_token"] = token
|
||||
|
||||
formkey_hashstr = str(now) + token + agent
|
||||
formkey_hashstr = str(now) + token + g.agent
|
||||
|
||||
formkey = hmac.new(key=bytes(environ.get("MASTER_KEY"), "utf-16"),
|
||||
msg=bytes(formkey_hashstr, "utf-16"),
|
||||
|
@ -237,7 +237,7 @@ def sign_up_post(v):
|
|||
submitted_token = session.get("signup_token", "")
|
||||
if not submitted_token: abort(400)
|
||||
|
||||
correct_formkey_hashstr = form_timestamp + submitted_token + agent
|
||||
correct_formkey_hashstr = form_timestamp + submitted_token + g.agent
|
||||
|
||||
correct_formkey = hmac.new(key=bytes(environ.get("MASTER_KEY"), "utf-16"),
|
||||
msg=bytes(correct_formkey_hashstr, "utf-16"),
|
||||
|
|
Loading…
Reference in New Issue