MarseyWorld
/
MarseyWorld
10
10
Fork 0
Code Issues 2 Pull Requests Packages Releases Wiki Activity
MarseyWorld/files/helpers/wrappers.py

110 lines
2.3 KiB
Python
Raw Normal View History

fd
2021-10-15 14:08:27 +00:00
from .get import *
fdssfd
2021-12-20 20:03:59 +00:00
from .alerts import *
fd
2021-10-15 14:08:27 +00:00
from files.helpers.const import *
sfd
2021-12-24 03:15:43 +00:00
from files.__main__ import db_session
fds
2022-01-19 09:27:51 +00:00
from random import randint
fd
2021-10-15 14:08:27 +00:00
def get_logged_in_user():
fds
2021-12-24 03:07:04 +00:00
if not (hasattr(g, 'db') and g.db): g.db = db_session()
fd
2021-10-15 14:08:27 +00:00
fds
2021-12-24 03:07:04 +00:00
token = request.headers.get("Authorization","").strip()
sffsd
2021-12-17 03:25:05 +00:00
if token:
fds
2021-12-24 03:07:04 +00:00
client = g.db.query(ClientAuth).filter(ClientAuth.access_token == token).one_or_none()
fsd
2021-12-24 03:03:26 +00:00
sffsd
2021-12-17 03:25:05 +00:00
if not client: return None
fd
2021-10-15 14:08:27 +00:00
sffsd
2021-12-17 03:25:05 +00:00
v = client.user
v.client = client
fd
2021-10-15 14:08:27 +00:00
else:
sfddfs
2021-12-21 22:28:29 +00:00
lo_user = session.get("lo_user")
if not lo_user: return None
fd
2021-10-15 14:08:27 +00:00
dsfsfd
2021-12-21 20:39:43 +00:00
nonce = session.get("login_nonce", 0)
fds
2021-12-24 03:07:04 +00:00
v = g.db.query(User).filter_by(id=lo_user).one_or_none()
fdsfsd
2021-12-17 05:21:55 +00:00
sffsd
2021-12-17 03:25:05 +00:00
if not v or nonce < v.login_nonce: return None
fdsfds
2021-12-17 04:47:38 +00:00
v.client = None
under attack
2022-01-09 15:15:02 +00:00
if request.method != "GET":
submitted_key = request.values.get("formkey")
if not submitted_key: abort(401)
elif not v.validate_formkey(submitted_key): abort(401)
vxc
2022-02-03 06:39:02 +00:00
return v
fd
2021-10-15 14:08:27 +00:00
def check_ban_evade(v):
big one
2022-01-06 16:46:09 +00:00
if v and not v.patron and v.admin_level == 0 and v.ban_evade and not v.unban_utc:
fds
2022-01-19 09:27:51 +00:00
if randint(0,30) < v.ban_evade: v.shadowbanned = "AutoJanny"
sdfsfd
2021-11-16 00:05:54 +00:00
else: v.ban_evade +=1
fd
2021-10-15 14:08:27 +00:00
g.db.add(v)
sdfsfd
2021-11-16 00:05:54 +00:00
g.db.commit()
fd
2021-10-15 14:08:27 +00:00
def auth_desired(f):
def wrapper(*args, **kwargs):
v = get_logged_in_user()
sdfsfd
2021-12-13 21:37:45 +00:00
fd
2021-10-15 14:08:27 +00:00
check_ban_evade(v)
bbbb
2022-01-11 19:46:50 +00:00
g.v = v
return make_response(f(*args, v=v, **kwargs))
fd
2021-10-15 14:08:27 +00:00
wrapper.__name__ = f.__name__
return wrapper
def auth_required(f):
def wrapper(*args, **kwargs):
v = get_logged_in_user()
if not v: abort(401)
sdfsfd
2021-12-13 21:37:45 +00:00
fd
2021-10-15 14:08:27 +00:00
check_ban_evade(v)
bbbb
2022-01-11 19:46:50 +00:00
g.v = v
return make_response(f(*args, v=v, **kwargs))
fd
2021-10-15 14:08:27 +00:00
wrapper.__name__ = f.__name__
return wrapper
big one
2022-01-06 16:46:09 +00:00
def is_not_permabanned(f):
fd
2021-10-15 14:08:27 +00:00
def wrapper(*args, **kwargs):
v = get_logged_in_user()
if not v: abort(401)
fsd
2022-01-07 20:48:49 +00:00
fd
2021-10-15 14:08:27 +00:00
check_ban_evade(v)
big one
2022-01-06 16:46:09 +00:00
if v.is_banned and v.unban_utc == 0:
return {"error": "Interal server error"}, 500
fd
2021-10-15 14:08:27 +00:00
bbbb
2022-01-11 19:46:50 +00:00
g.v = v
return make_response(f(*args, v=v, **kwargs))
fd
2021-10-15 14:08:27 +00:00
wrapper.__name__ = f.__name__
return wrapper
def admin_level_required(x):
def wrapper_maker(f):
def wrapper(*args, **kwargs):
v = get_logged_in_user()
if not v: abort(401)
if v.admin_level < x: abort(403)
fsd
2022-01-07 20:48:49 +00:00
bbbb
2022-01-11 19:46:50 +00:00
g.v = v
return make_response(f(*args, v=v, **kwargs))
fd
2021-10-15 14:08:27 +00:00
wrapper.__name__ = f.__name__
return wrapper
under attack
2022-01-09 15:15:02 +00:00
return wrapper_maker