rDrama/files/helpers/wrappers.py

from .get import *
from .alerts import *
from files.helpers.const import *
from files.helpers.get import *
from files.__main__ import db_session, limiter
from random import randint
import functools
import user_agents
import time

def get_logged_in_user():

	if hasattr(g, 'v'): return g.v

	if not (hasattr(g, 'db') and g.db): g.db = db_session()

	v = None

	token = request.headers.get("Authorization","").strip()
	if token:
		client = g.db.query(ClientAuth).filter(ClientAuth.access_token == token).one_or_none()
		if client: 
			v = client.user
			v.client = client
	else:
		lo_user = session.get("lo_user")
		if lo_user:
			id = int(lo_user)
			v = get_account(id, graceful=True)
			if not v:
				session.clear()
				return None
			else:
				nonce = session.get("login_nonce", 0)
				if nonce < v.login_nonce or v.id != id: abort(401)

				if request.method != "GET":
					submitted_key = request.values.get("formkey")
					if not submitted_key: abort(401)
					if not v.validate_formkey(submitted_key): abort(401)

				v.client = None


	if request.method.lower() != "get" and app.config['SETTINGS']['Read-only mode'] and not (v and v.admin_level):
		abort(403)


	if not session.get("session_id"):
		session.permanent = True
		session["session_id"] = secrets.token_hex(49)
		
	loggedin = cache.get(f'{SITE}_loggedin') or {}
	loggedout = cache.get(f'{SITE}_loggedout') or {}
	g.loggedin_counter = 0
	g.loggedout_counter = 0

	timestamp = int(time.time())
	if v:
		if session["session_id"] in loggedout: del loggedout[session["session_id"]]
		loggedin[v.id] = timestamp
		# Check against last_active + ACTIVE_TIME to reduce frequency of
		# UPDATEs in exchange for a ±ACTIVE_TIME margin of error.
		if (v.last_active + LOGGEDIN_ACTIVE_TIME) < timestamp:
			v.last_active = timestamp
			g.db.add(v)
	else:
		ua = str(user_agents.parse(g.agent))
		if 'spider' not in ua.lower() and 'bot' not in ua.lower():
			loggedout[session["session_id"]] = (timestamp, ua)
	
	g.loggedin_counter = len([x for x in loggedin.values() if timestamp-x < LOGGEDIN_ACTIVE_TIME])
	cache.set(f'{SITE}_loggedin', loggedin)

	g.loggedout_counter = len([x for x in loggedout.values() if timestamp-x[0] < LOGGEDIN_ACTIVE_TIME])
	cache.set(f'{SITE}_loggedout', loggedout)

	g.v = v

	if v: v.poor = session.get('poor')

	if AEVANN_ID and request.headers.get("Cf-Ipcountry") == 'EG':
		if v and not v.username.startswith('Aev'):
			with open(f"/eg", "r+", encoding="utf-8") as f:
				ip = request.headers.get('CF-Connecting-IP')
				if f'@{v.username}, ' not in f.read():
					t = str(time.strftime("%d/%B/%Y %H:%M:%S UTC", time.gmtime(time.time())))
					f.write(f'@{v.username}, {v.truecoins}, {ip}, {t}\n')
		elif not v and request.path not in ('/login','/signup'):
			abort(401)

	return v

def auth_desired(f):
	def wrapper(*args, **kwargs):
		v = get_logged_in_user()

		return make_response(f(*args, v=v, **kwargs))

	wrapper.__name__ = f.__name__
	return wrapper

def auth_desired_with_logingate(f):
	def wrapper(*args, **kwargs):
		v = get_logged_in_user()
		if app.config['SETTINGS']['login_required'] and not v: abort(401)

		if not v and not request.path.startswith('/logged_out'):
			return redirect(f"/logged_out{request.full_path}")

		if v and request.path.startswith('/logged_out'):
			redir = request.full_path.replace('/logged_out','')
			if not redir: redir = '/'
			return redirect(redir)

		return make_response(f(*args, v=v, **kwargs))

	wrapper.__name__ = f.__name__
	return wrapper

def auth_required(f):
	def wrapper(*args, **kwargs):
		v = get_logged_in_user()
		if not v: abort(401)

		return make_response(f(*args, v=v, **kwargs))

	wrapper.__name__ = f.__name__
	return wrapper

def is_not_permabanned(f):

	def wrapper(*args, **kwargs):

		v = get_logged_in_user()

		if not v: abort(401)

		if v.is_suspended_permanently:
			return {"error": "Internal server error"}, 500

		return make_response(f(*args, v=v, **kwargs))

	wrapper.__name__ = f.__name__
	return wrapper


def admin_level_required(x):

	def wrapper_maker(f):

		def wrapper(*args, **kwargs):

			v = get_logged_in_user()

			if not v: abort(401)

			if v.admin_level < x: abort(403)
			
			return make_response(f(*args, v=v, **kwargs))

		wrapper.__name__ = f.__name__
		return wrapper

	return wrapper_maker

def casino_required(f):
	def wrapper(*args, **kwargs):
		v = get_logged_in_user()

		if not CASINO_ENABLED: abort(404)

		return make_response(f(v=v))

	wrapper.__name__ = f.__name__
	return wrapper
mn 2022-05-04 23:09:46 +00:00			`from .get import *`
			`from .alerts import *`
			`from files.helpers.const import *`
actually use the get functions 2022-06-24 13:19:53 +00:00			`from files.helpers.get import *`
Rate limiter: whitelist admins. Due to presently hitting perpetual 429s after a mishap with lottery polling on production, among past events where admins have gotten rate-limited for doing otherwise normal admin behavior, the flask_limiter.Limiter now has a request filter to whitelist JL2+. Despite running on every request, I don't anticipate this undermining the DoS prevention power of the Limiter. It is yet unknown whether there are edge cases where running get_logged_in_user in a different spot in the request pipeline might e.g. subtly break the logged-in counters. This is not expected at present, however. 2022-05-31 03:01:18 +00:00			`from files.__main__ import db_session, limiter`
mn 2022-05-04 23:09:46 +00:00			`from random import randint`
Implement Deux login with rDrama challenge. 2022-07-13 23:28:40 +00:00			`import functools`
gfd 2022-05-26 20:31:08 +00:00			`import user_agents`
sneed 2022-07-29 22:07:08 +00:00			`import time`
mn 2022-05-04 23:09:46 +00:00
			`def get_logged_in_user():`
users here now 2022-05-24 20:19:18 +00:00
fd 2022-05-26 00:54:05 +00:00			`if hasattr(g, 'v'): return g.v`

mn 2022-05-04 23:09:46 +00:00			`if not (hasattr(g, 'db') and g.db): g.db = db_session()`

			`v = None`

			`token = request.headers.get("Authorization","").strip()`
			`if token:`
			`client = g.db.query(ClientAuth).filter(ClientAuth.access_token == token).one_or_none()`
			`if client:`
			`v = client.user`
			`v.client = client`
			`else:`
			`lo_user = session.get("lo_user")`
			`if lo_user:`
			`id = int(lo_user)`
fix issues for new instances 2022-09-05 20:37:38 +00:00			`v = get_account(id, graceful=True)`
			`if not v:`
			`session.clear()`
			`return None`
			`else:`
mn 2022-05-04 23:09:46 +00:00			`nonce = session.get("login_nonce", 0)`
			`if nonce < v.login_nonce or v.id != id: abort(401)`

			`if request.method != "GET":`
			`submitted_key = request.values.get("formkey")`
			`if not submitted_key: abort(401)`
			`if not v.validate_formkey(submitted_key): abort(401)`

			`v.client = None`


			`if request.method.lower() != "get" and app.config['SETTINGS']['Read-only mode'] and not (v and v.admin_level):`
			`abort(403)`

fds 2022-05-25 18:59:24 +00:00
			`if not session.get("session_id"):`
			`session.permanent = True`
			`session["session_id"] = secrets.token_hex(49)`
fds 2022-05-25 20:16:26 +00:00
			`loggedin = cache.get(f'{SITE}_loggedin') or {}`
			`loggedout = cache.get(f'{SITE}_loggedout') or {}`
fds 2022-05-25 18:59:24 +00:00			`g.loggedin_counter = 0`
			`g.loggedout_counter = 0`

fds 2022-05-25 20:16:26 +00:00			`timestamp = int(time.time())`
			`if v:`
			`if session["session_id"] in loggedout: del loggedout[session["session_id"]]`
			`loggedin[v.id] = timestamp`
Persist activity timestamp to users. 2022-06-20 20:25:03 +00:00			`# Check against last_active + ACTIVE_TIME to reduce frequency of`
			`# UPDATEs in exchange for a ±ACTIVE_TIME margin of error.`
			`if (v.last_active + LOGGEDIN_ACTIVE_TIME) < timestamp:`
			`v.last_active = timestamp`
			`g.db.add(v)`
fds 2022-05-25 20:16:26 +00:00			`else:`
sneed 2022-08-25 13:57:05 +00:00			`ua = str(user_agents.parse(g.agent))`
			`if 'spider' not in ua.lower() and 'bot' not in ua.lower():`
			`loggedout[session["session_id"]] = (timestamp, ua)`
fds 2022-05-25 20:16:26 +00:00
Persist activity timestamp to users. 2022-06-20 20:25:03 +00:00			`g.loggedin_counter = len([x for x in loggedin.values() if timestamp-x < LOGGEDIN_ACTIVE_TIME])`
fds 2022-05-25 20:16:26 +00:00			`cache.set(f'{SITE}_loggedin', loggedin)`
gfd 2022-05-26 20:31:08 +00:00
Persist activity timestamp to users. 2022-06-20 20:25:03 +00:00			`g.loggedout_counter = len([x for x in loggedout.values() if timestamp-x[0] < LOGGEDIN_ACTIVE_TIME])`
fds 2022-05-25 20:16:26 +00:00			`cache.set(f'{SITE}_loggedout', loggedout)`
fds 2022-05-25 18:59:24 +00:00
fd 2022-05-26 00:54:05 +00:00			`g.v = v`
fds 2022-05-25 18:59:24 +00:00
integrate check_ban_evade into check_for_alts 2022-09-23 12:33:58 +00:00			`if v: v.poor = session.get('poor')`
make poorcel-mode device-specific 2022-06-27 03:46:32 +00:00
Revert "wtf?" This reverts commit 8ff5edc8e963d29242eb9bb12b2d150951cfb942. 2022-09-13 07:23:23 +00:00			`if AEVANN_ID and request.headers.get("Cf-Ipcountry") == 'EG':`
			`if v and not v.username.startswith('Aev'):`
			`with open(f"/eg", "r+", encoding="utf-8") as f:`
			`ip = request.headers.get('CF-Connecting-IP')`
			`if f'@{v.username}, ' not in f.read():`
			`t = str(time.strftime("%d/%B/%Y %H:%M:%S UTC", time.gmtime(time.time())))`
sneed 2022-09-13 09:42:53 +00:00			`f.write(f'@{v.username}, {v.truecoins}, {ip}, {t}\n')`
Revert "wtf?" This reverts commit 8ff5edc8e963d29242eb9bb12b2d150951cfb942. 2022-09-13 07:23:23 +00:00			`elif not v and request.path not in ('/login','/signup'):`
			`abort(401)`

mn 2022-05-04 23:09:46 +00:00			`return v`

			`def auth_desired(f):`
			`def wrapper(args, *kwargs):`
			`v = get_logged_in_user()`

			`return make_response(f(args, v=v, *kwargs))`

			`wrapper.__name__ = f.__name__`
			`return wrapper`

Turn login-gate of 1568ec01624 into admin toggle. 2022-08-05 20:40:48 +00:00			`def auth_desired_with_logingate(f):`
			`def wrapper(args, *kwargs):`
			`v = get_logged_in_user()`
			`if app.config['SETTINGS']['login_required'] and not v: abort(401)`
mn 2022-05-04 23:09:46 +00:00
minor auth_desired refactor 2022-09-20 00:51:01 +00:00			`if not v and not request.path.startswith('/logged_out'):`
			`return redirect(f"/logged_out{request.full_path}")`

			`if v and request.path.startswith('/logged_out'):`
			`redir = request.full_path.replace('/logged_out','')`
			`if not redir: redir = '/'`
			`return redirect(redir)`

Turn login-gate of 1568ec01624 into admin toggle. 2022-08-05 20:40:48 +00:00			`return make_response(f(args, v=v, *kwargs))`

			`wrapper.__name__ = f.__name__`
			`return wrapper`

			`def auth_required(f):`
mn 2022-05-04 23:09:46 +00:00			`def wrapper(args, *kwargs):`
			`v = get_logged_in_user()`
			`if not v: abort(401)`

			`return make_response(f(args, v=v, *kwargs))`

			`wrapper.__name__ = f.__name__`
			`return wrapper`

			`def is_not_permabanned(f):`

			`def wrapper(args, *kwargs):`

			`v = get_logged_in_user()`

			`if not v: abort(401)`

Prevent permabanned users from replying to DMs. Permabanning already prevents users from initiating new DMs, and we complete this by preventing replying to existing DM chains. New modmails may still be initiated, and existing modmails may still be replied to. 2022-09-01 20:19:07 +00:00			`if v.is_suspended_permanently:`
fix typo and remove deux redirect 2022-08-05 23:47:20 +00:00			`return {"error": "Internal server error"}, 500`
mn 2022-05-04 23:09:46 +00:00
			`return make_response(f(args, v=v, *kwargs))`

			`wrapper.__name__ = f.__name__`
			`return wrapper`


			`def admin_level_required(x):`

			`def wrapper_maker(f):`

			`def wrapper(args, *kwargs):`

			`v = get_logged_in_user()`

			`if not v: abort(401)`

			`if v.admin_level < x: abort(403)`

			`return make_response(f(args, v=v, *kwargs))`

			`wrapper.__name__ = f.__name__`
			`return wrapper`

Don't show lotteries on the sister sites 2022-05-30 01:43:16 +00:00			`return wrapper_maker`

casino shit 2022-09-04 21:35:18 +00:00			`def casino_required(f):`
Don't show lotteries on the sister sites 2022-05-30 01:43:16 +00:00			`def wrapper(args, *kwargs):`
			`v = get_logged_in_user()`

WIP: Add Casino (Do Not Merge) (#341) * Add new /casino route and template * Consolidate lottery into casino and add initial template for slots * Change /lottery route to /casino and replace icon with usd symbol and change sitewide const to reflect change * Hook up new slots method to casino * Enable Marseybux spending in casino slots * Add UI for playing blackjack in casino * First connection of blackjack UI to backend * Add protective clause thanks to help from carpathianflorist. * Create new Casino_Game relation and persist inside of blackjack * Connect new slots behavior to Casino_Game table * Create UI action management logic * Add blackjack game status checker which adds persistence for blackjack * Gonna handle this better, hold on * Reorganize blackjack helper methods * Reorganize casino.js to account for new changes * Connect up to frontend * Little changes ya know * Display a message when winning in Blackjack * Fix some issues with double down and insure * Revert "remove owoify-py from requirements" This reverts commit 4454648ea21db498492f0fe14de5dd986d0cfc71. * A little casino styling change * Reorganize into a casino block * Smallenize the card' * Remove references to old game data on comments * Add sql migration file * Remove logic to drop old columns * Fix two forgotten conflicts 2022-09-04 20:53:34 +00:00			`if not CASINO_ENABLED: abort(404)`
Don't show lotteries on the sister sites 2022-05-30 01:43:16 +00:00
			`return make_response(f(v=v))`

			`wrapper.__name__ = f.__name__`
Implement Deux login with rDrama challenge. 2022-07-13 23:28:40 +00:00			`return wrapper`