diff --git a/files/helpers/settings.py b/files/helpers/settings.py index a34de577f..242b45538 100644 --- a/files/helpers/settings.py +++ b/files/helpers/settings.py @@ -7,15 +7,16 @@ import gevent_inotifyx as inotify from files.helpers.config.const import * _SETTINGS = { + "login_required": False, + "under_attack": False, "bots": True, "fart_mode": False, "read_only_mode": False, "offline_mode": False, "signups": True, - "login_required": False, "under_siege": False, "dm_images": True, - "under_attack": False + "ddos_detected": False } def get_setting(setting:str): diff --git a/files/routes/jinja2.py b/files/routes/jinja2.py index c4e6aa33b..8964c2bf0 100644 --- a/files/routes/jinja2.py +++ b/files/routes/jinja2.py @@ -81,16 +81,12 @@ def calc_users(): else: mul = 1 if loggedout_counter > (loggedin_counter * mul): - if not get_setting('login_required'): - toggle_setting('login_required') - if not get_setting('under_attack'): - toggle_setting('under_attack') + if not get_setting('ddos_detected'): + toggle_setting('ddos_detected') set_security_level('under_attack') else: - if get_setting('login_required'): - toggle_setting('login_required') - if get_setting('under_attack'): - toggle_setting('under_attack') + if get_setting('ddos_detected'): + toggle_setting('ddos_detected') set_security_level('high') diff --git a/files/routes/wrappers.py b/files/routes/wrappers.py index 094d34f50..e644275e0 100644 --- a/files/routes/wrappers.py +++ b/files/routes/wrappers.py @@ -99,7 +99,8 @@ def auth_desired(f): def auth_desired_with_logingate(f): def wrapper(*args, **kwargs): v = get_logged_in_user() - if get_setting('login_required') and not v: abort(401) + if not v and (get_setting('login_required') or get_setting('ddos_detected')): + abort(401) if request.path.startswith('/logged_out'): redir = request.full_path.replace('/logged_out','') diff --git a/files/templates/admin/admin_home.html b/files/templates/admin/admin_home.html index e9ce11322..9c7d34d45 100644 --- a/files/templates/admin/admin_home.html +++ b/files/templates/admin/admin_home.html @@ -120,9 +120,10 @@ {% if v.admin_level >= PERMS['SITE_SETTINGS'] %} {% for setting in SITE_SETTINGS.keys() %} - {% if not (setting == "offline_mode" and v.admin_level < PERMS["SITE_OFFLINE_MODE"]) %} + {% if not (setting == "offline_mode" and v.admin_level < PERMS["SITE_OFFLINE_MODE"]) and setting !="ddos_detected" %}
@@ -46,7 +50,7 @@ xoxo carp 💋
@@ -103,7 +107,7 @@ Already have an account? Log in
* okay so it's actually whenever I feel like hitting that Login Required button. I'm really sorry, but you have to understand: WE WANT TO BE YOUR FRIEND. And we can't do that unless you join. There's really no reason not to. Like I said, 8 seconds at most to register. What are you worried about? Your email being sold? I don't even know what that means and you don't either. Go ahead, tell me what you'd do if someone said like, "alright bud, go sell your email address to someone." WHAT DOES THAT MEAN? And, again, you really don't even need an email. Just a username and some stupid password. That's all. Come on. Peer pressure.
diff --git a/files/templates/submit.html b/files/templates/submit.html index ab871dde7..75064342c 100644 --- a/files/templates/submit.html +++ b/files/templates/submit.html @@ -12,7 +12,7 @@ {% block content %} {% block form %}