sfddfs

2021-12-22 00:28:29 +02:00 · 2021-12-22 00:28:29 +02:00 · 9bb18f1c83
parent da0d620864
commit 9bb18f1c83
7 changed files with 8 additions and 35 deletions
--- a/files/helpers/session.py
+++ b/files/helpers/session.py
@ -1,20 +0,0 @@
-from flask import *
-import time
-from .security import *
-
-def make_logged_out_formkey(t):
-
-	s = f"{t}+{session['session_id']}"
-
-	return generate_hash(s)
-
-
-def validate_logged_out_formkey(t, k):
-
-	now = int(time.time())
-	if now - t > 3600:
-		return False
-
-	s = f"{t}+{session['session_id']}"
-
-	return validate_hash(s, k)
--- a/files/helpers/wrappers.py
+++ b/files/helpers/wrappers.py
@ -14,12 +14,12 @@ def get_logged_in_user():
 		v.client = client
 		return v
 	else:
-		logged_in_user = session.get("logged_in_user")
-		if not logged_in_user: return None
+		lo_user = session.get("lo_user")
+		if not lo_user: return None

 		nonce = session.get("login_nonce", 0)
 		try:
-			if g.db: v = g.db.query(User).filter_by(id=logged_in_user).one_or_none()
+			if g.db: v = g.db.query(User).filter_by(id=lo_user).one_or_none()
 			else: return None
 		except: return None

--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@ -2,7 +2,6 @@ from files.helpers.wrappers import *
 from files.helpers.filters import *
 from files.helpers.alerts import *
 from files.helpers.images import *
-from files.helpers.session import *
 from files.helpers.const import *
 from files.classes import *
 from files.routes.front import comment_idlist
--- a/files/routes/errors.py
+++ b/files/routes/errors.py
@ -1,15 +1,11 @@
 import jinja2.exceptions

 from files.helpers.wrappers import *
-from files.helpers.session import *
 from flask import *
 from urllib.parse import quote, urlencode
 import time
 from files.__main__ import app, limiter

-# Errors
-
-

@app.errorhandler(400)
@auth_desired
--- a/files/routes/login.py
+++ b/files/routes/login.py
@ -134,8 +134,8 @@ def login_post():
 	else:
 		abort(400)

-	session["session_id"] = token_hex(52)
-	session["logged_in_user"] = account.id
+	session["session_id"] = token_hex(49)
+	session["lo_user"] = account.id
 	session["login_nonce"] = account.login_nonce

 	if account.id not in (PW1_ID,PW2_ID): check_for_alts(account.id)
@ -163,7 +163,7 @@ def me(v):
 def logout(v):

 	session.pop("session_id", None)
-	session.pop("logged_in_user", None)
+	session.pop("lo_user", None)

 	return {"message": "Logout successful!"}

@ -337,8 +337,8 @@ def sign_up_post(v):

 	if "rama" in request.host: send_notification(new_user.id, WELCOME_MSG)

-	session["session_id"] = token_hex(52)
-	session["logged_in_user"] = new_user.id
+	session["session_id"] = token_hex(49)
+	session["lo_user"] = new_user.id

 	g.db.commit()

--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -6,7 +6,6 @@ from files.helpers.wrappers import *
 from files.helpers.sanitize import *
 from files.helpers.filters import *
 from files.helpers.markdown import *
-from files.helpers.session import *
 from files.helpers.alerts import *
 from files.helpers.discord import send_message
 from files.helpers.const import *
--- a/requirements.txt
+++ b/requirements.txt
@ -6,7 +6,6 @@ Flask-Caching
 Flask-Compress
 Flask-Limiter==1.1.0
 Flask-Mail==0.9.1
-Flask-Session
 gevent
 greenlet
 gunicorn