2022-07-29 22:07:08 +00:00
|
|
|
import time
|
2022-11-15 09:19:08 +00:00
|
|
|
from flask import g, request, session
|
|
|
|
|
|
|
|
from files.classes.clients import ClientAuth
|
|
|
|
from files.helpers.alerts import *
|
2022-12-11 23:44:34 +00:00
|
|
|
from files.helpers.config.const import *
|
2022-11-15 09:19:08 +00:00
|
|
|
from files.helpers.get import get_account
|
2022-11-30 18:09:31 +00:00
|
|
|
from files.helpers.logging import log_file
|
2022-11-15 09:19:08 +00:00
|
|
|
from files.helpers.settings import get_setting
|
|
|
|
from files.routes.routehelpers import validate_formkey
|
2022-11-29 23:50:32 +00:00
|
|
|
from files.__main__ import app, db_session, limiter
|
2022-10-15 07:31:24 +00:00
|
|
|
|
2023-01-21 04:39:46 +00:00
|
|
|
def get_ID():
|
|
|
|
if request.headers.get("Authorization"):
|
|
|
|
x = request.headers.get("Authorization")
|
|
|
|
elif session.get("lo_user"):
|
|
|
|
x = session.get("lo_user")
|
|
|
|
else:
|
|
|
|
x = "logged_out"
|
|
|
|
|
|
|
|
return f'{SITE}-{x}'
|
|
|
|
|
2022-05-04 23:09:46 +00:00
|
|
|
def get_logged_in_user():
|
2022-05-26 00:54:05 +00:00
|
|
|
if hasattr(g, 'v'): return g.v
|
2022-11-15 09:19:08 +00:00
|
|
|
if not getattr(g, 'db', None): g.db = db_session()
|
2022-11-09 05:35:24 +00:00
|
|
|
g.desires_auth = True
|
2022-05-04 23:09:46 +00:00
|
|
|
v = None
|
|
|
|
token = request.headers.get("Authorization","").strip()
|
|
|
|
if token:
|
|
|
|
client = g.db.query(ClientAuth).filter(ClientAuth.access_token == token).one_or_none()
|
2023-01-01 11:36:20 +00:00
|
|
|
if client:
|
2022-05-04 23:09:46 +00:00
|
|
|
v = client.user
|
|
|
|
v.client = client
|
|
|
|
else:
|
|
|
|
lo_user = session.get("lo_user")
|
|
|
|
if lo_user:
|
|
|
|
id = int(lo_user)
|
2022-09-05 20:37:38 +00:00
|
|
|
v = get_account(id, graceful=True)
|
2022-11-28 01:48:53 +00:00
|
|
|
if v:
|
2022-11-28 19:41:08 +00:00
|
|
|
v.client = None
|
2022-05-04 23:09:46 +00:00
|
|
|
nonce = session.get("login_nonce", 0)
|
2022-10-29 01:07:39 +00:00
|
|
|
if nonce < v.login_nonce or v.id != id:
|
2022-11-27 16:59:36 +00:00
|
|
|
session.pop("lo_user")
|
|
|
|
v = None
|
2022-05-04 23:09:46 +00:00
|
|
|
|
2022-11-27 16:59:36 +00:00
|
|
|
if v and request.method != "GET":
|
2022-11-27 01:01:02 +00:00
|
|
|
submitted_key = request.values.get("formkey")
|
2022-11-28 19:41:08 +00:00
|
|
|
if not validate_formkey(v, submitted_key):
|
|
|
|
v = None
|
2022-11-28 01:48:53 +00:00
|
|
|
else:
|
|
|
|
session.pop("lo_user")
|
|
|
|
|
2022-12-27 04:35:25 +00:00
|
|
|
# if SITE == 'devrama.net' and not (v and v.id == 7):
|
|
|
|
# abort(403, "Only Aevann can access devrama for now!")
|
2022-12-27 04:17:16 +00:00
|
|
|
|
2022-11-30 18:26:07 +00:00
|
|
|
if request.method.lower() != "get" and get_setting('read_only_mode') and not (v and v.admin_level >= PERMS['SITE_BYPASS_READ_ONLY_MODE']):
|
2022-05-04 23:09:46 +00:00
|
|
|
abort(403)
|
|
|
|
|
2022-05-26 00:54:05 +00:00
|
|
|
g.v = v
|
2022-05-25 18:59:24 +00:00
|
|
|
|
2022-10-15 10:08:14 +00:00
|
|
|
if v:
|
|
|
|
v.poor = session.get('poor')
|
|
|
|
# Check against last_active + ACTIVE_TIME to reduce frequency of
|
|
|
|
# UPDATEs in exchange for a ±ACTIVE_TIME margin of error.
|
|
|
|
timestamp = int(time.time())
|
|
|
|
if (v.last_active + LOGGEDIN_ACTIVE_TIME) < timestamp:
|
|
|
|
v.last_active = timestamp
|
|
|
|
g.db.add(v)
|
2022-06-27 03:46:32 +00:00
|
|
|
|
2022-09-13 07:23:23 +00:00
|
|
|
if AEVANN_ID and request.headers.get("Cf-Ipcountry") == 'EG':
|
2022-12-05 14:06:11 +00:00
|
|
|
if v and v.id != AEVANN_ID and not v.username.startswith('Aev') and v.truescore > 0:
|
2022-12-02 20:34:51 +00:00
|
|
|
with open(f"{LOG_DIRECTORY}/eg.log", "a+", encoding="utf-8") as f:
|
|
|
|
f.seek(0)
|
2022-09-13 07:23:23 +00:00
|
|
|
ip = request.headers.get('CF-Connecting-IP')
|
|
|
|
if f'@{v.username}, ' not in f.read():
|
2022-11-29 20:29:27 +00:00
|
|
|
t = time.strftime("%d/%B/%Y %H:%M:%S UTC", time.gmtime(time.time()))
|
2022-11-30 18:09:31 +00:00
|
|
|
log_file(f'@{v.username}, {v.truescore}, {ip}, {t}\n', 'eg.log')
|
2023-01-01 11:36:20 +00:00
|
|
|
|
2022-12-27 03:00:15 +00:00
|
|
|
g.is_api_or_xhr = bool((v and v.client) or request.headers.get("xhr"))
|
|
|
|
|
2022-05-04 23:09:46 +00:00
|
|
|
return v
|
|
|
|
|
|
|
|
def auth_desired(f):
|
|
|
|
def wrapper(*args, **kwargs):
|
2022-10-11 13:19:55 +00:00
|
|
|
v = get_logged_in_user()
|
2022-05-04 23:09:46 +00:00
|
|
|
return make_response(f(*args, v=v, **kwargs))
|
|
|
|
wrapper.__name__ = f.__name__
|
|
|
|
return wrapper
|
|
|
|
|
2022-08-05 20:40:48 +00:00
|
|
|
def auth_desired_with_logingate(f):
|
|
|
|
def wrapper(*args, **kwargs):
|
2022-10-11 13:19:55 +00:00
|
|
|
v = get_logged_in_user()
|
2022-11-15 09:19:08 +00:00
|
|
|
if get_setting('login_required') and not v: abort(401)
|
2022-05-04 23:09:46 +00:00
|
|
|
|
2022-11-09 05:35:24 +00:00
|
|
|
if request.path.startswith('/logged_out'):
|
2022-09-20 00:51:01 +00:00
|
|
|
redir = request.full_path.replace('/logged_out','')
|
|
|
|
if not redir: redir = '/'
|
|
|
|
return redirect(redir)
|
|
|
|
|
2022-08-05 20:40:48 +00:00
|
|
|
return make_response(f(*args, v=v, **kwargs))
|
|
|
|
wrapper.__name__ = f.__name__
|
|
|
|
return wrapper
|
|
|
|
|
|
|
|
def auth_required(f):
|
2022-05-04 23:09:46 +00:00
|
|
|
def wrapper(*args, **kwargs):
|
2022-10-11 13:19:55 +00:00
|
|
|
v = get_logged_in_user()
|
2022-05-04 23:09:46 +00:00
|
|
|
if not v: abort(401)
|
|
|
|
return make_response(f(*args, v=v, **kwargs))
|
|
|
|
wrapper.__name__ = f.__name__
|
|
|
|
return wrapper
|
|
|
|
|
|
|
|
def is_not_permabanned(f):
|
|
|
|
def wrapper(*args, **kwargs):
|
2022-10-11 13:19:55 +00:00
|
|
|
v = get_logged_in_user()
|
2022-05-04 23:09:46 +00:00
|
|
|
if not v: abort(401)
|
2022-10-11 06:15:09 +00:00
|
|
|
if v.is_suspended_permanently: abort(403)
|
2022-05-04 23:09:46 +00:00
|
|
|
return make_response(f(*args, v=v, **kwargs))
|
|
|
|
wrapper.__name__ = f.__name__
|
|
|
|
return wrapper
|
|
|
|
|
|
|
|
def admin_level_required(x):
|
|
|
|
def wrapper_maker(f):
|
|
|
|
def wrapper(*args, **kwargs):
|
2022-10-11 13:19:55 +00:00
|
|
|
v = get_logged_in_user()
|
2022-05-04 23:09:46 +00:00
|
|
|
if not v: abort(401)
|
2022-12-25 20:13:29 +00:00
|
|
|
if v.admin_level < x: abort(403)
|
2022-12-27 01:54:19 +00:00
|
|
|
if x and SITE != 'devrama.net' and not IS_LOCALHOST and not v.mfa_secret:
|
2022-12-19 21:27:56 +00:00
|
|
|
abort(403, "You need to enable 2FA to use admin features!")
|
2022-10-11 13:43:57 +00:00
|
|
|
return make_response(f(*args, v=v, **kwargs))
|
2022-05-04 23:09:46 +00:00
|
|
|
|
|
|
|
wrapper.__name__ = f.__name__
|
|
|
|
return wrapper
|
2022-05-30 01:43:16 +00:00
|
|
|
return wrapper_maker
|
|
|
|
|
2022-10-11 07:17:54 +00:00
|
|
|
def feature_required(x):
|
|
|
|
def wrapper_maker(f):
|
|
|
|
def wrapper(*args, **kwargs):
|
|
|
|
if not FEATURES[x]: abort(404)
|
2022-10-11 13:19:55 +00:00
|
|
|
return make_response(f(*args, **kwargs))
|
2022-10-11 07:17:54 +00:00
|
|
|
wrapper.__name__ = f.__name__
|
|
|
|
return wrapper
|
2022-10-11 07:29:24 +00:00
|
|
|
return wrapper_maker
|