parent
c5ad3a480f
commit
27255696c8
File diff suppressed because it is too large
Load Diff
|
@ -274,7 +274,7 @@ def sanitize(sanitized, golden=True, limit_pings=0, showmore=True, count_marseys
|
|||
sanitized = reddit_regex.sub(r'\1<a href="https://old.reddit.com/\2" rel="nofollow noopener" target="_blank">/\2</a>', sanitized)
|
||||
sanitized = sub_regex.sub(r'\1<a href="/\2">/\2</a>', sanitized)
|
||||
|
||||
v = getattr(g, 'v', None)
|
||||
v = g.v
|
||||
|
||||
names = set(m.group(2) for m in mention_regex.finditer(sanitized))
|
||||
if limit_pings and len(names) > limit_pings and not v.admin_level >= PERMS['POST_COMMENT_INFINITE_PINGS']: abort(406)
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
import secrets
|
||||
from files.classes.user import LoggedOutUser
|
||||
from files.helpers.const import *
|
||||
from files.helpers.settings import get_setting
|
||||
from files.helpers.cloudflare import CLOUDFLARE_AVAILABLE
|
||||
|
@ -28,6 +29,7 @@ def before_request():
|
|||
g.webview = '; wv) ' in ua
|
||||
g.inferior_browser = 'iphone' in ua or 'ipad' in ua or 'ipod' in ua or 'mac os' in ua or ' firefox/' in ua
|
||||
g.is_tor = request.headers.get("cf-ipcountry") == "T1"
|
||||
g.v = LoggedOutUser()
|
||||
|
||||
request.path = request.path.rstrip('/')
|
||||
if not request.path: request.path = '/'
|
||||
|
@ -41,7 +43,7 @@ def before_request():
|
|||
def after_request(response):
|
||||
if response.status_code < 400:
|
||||
if CLOUDFLARE_AVAILABLE and CLOUDFLARE_COOKIE_VALUE and getattr(g, 'desires_auth', False):
|
||||
logged_in = bool(getattr(g, 'v', None))
|
||||
logged_in = bool(g.v)
|
||||
response.set_cookie("lo", CLOUDFLARE_COOKIE_VALUE if logged_in else '', max_age=60*60*24*365 if logged_in else 1)
|
||||
if getattr(g, 'db', None):
|
||||
g.db.commit()
|
||||
|
|
|
@ -33,7 +33,7 @@ def calc_users(v):
|
|||
return ''
|
||||
|
||||
def get_logged_in_user():
|
||||
if hasattr(g, 'v'): return g.v
|
||||
if g.v: return g.v
|
||||
if not getattr(g, 'db', None): g.db = db_session()
|
||||
g.desires_auth = True
|
||||
v = None
|
||||
|
@ -67,9 +67,8 @@ def get_logged_in_user():
|
|||
if request.method.lower() != "get" and get_setting('Read-only mode') and not (v and v.admin_level >= PERMS['SITE_BYPASS_READ_ONLY_MODE']):
|
||||
abort(403)
|
||||
|
||||
g.v = v
|
||||
|
||||
if v:
|
||||
g.v = v
|
||||
v.poor = session.get('poor')
|
||||
# Check against last_active + ACTIVE_TIME to reduce frequency of
|
||||
# UPDATEs in exchange for a ±ACTIVE_TIME margin of error.
|
||||
|
@ -149,7 +148,7 @@ def feature_required(x):
|
|||
def ratelimit_user(limit:Union[str, Callable[[], str]]=DEFAULT_RATELIMIT_USER):
|
||||
'''
|
||||
Ratelimits based on a user. This requires at least auth_required (or stronger) to be present,
|
||||
otherwise logged out users will receive 500s
|
||||
otherwise logged out users may receive errenous 429s
|
||||
'''
|
||||
def inner(func):
|
||||
@functools.wraps(func)
|
||||
|
|
|
@ -15,7 +15,7 @@ def worker_abort(worker):
|
|||
from flask import g, request
|
||||
if g and request:
|
||||
worker.log.warning(f"While serving {request.method} {request.url}")
|
||||
u = getattr(g, 'v', None)
|
||||
u = g.v
|
||||
if u:
|
||||
worker.log.warning(f"User: {u.username!r} id:{u.id}")
|
||||
else:
|
||||
|
|
Loading…
Reference in New Issue