diff --git a/files/helpers/session.py b/files/helpers/session.py deleted file mode 100644 index 1f2202ef0..000000000 --- a/files/helpers/session.py +++ /dev/null @@ -1,20 +0,0 @@ -from flask import * -import time -from .security import * - -def make_logged_out_formkey(t): - - s = f"{t}+{session['session_id']}" - - return generate_hash(s) - - -def validate_logged_out_formkey(t, k): - - now = int(time.time()) - if now - t > 3600: - return False - - s = f"{t}+{session['session_id']}" - - return validate_hash(s, k) diff --git a/files/helpers/wrappers.py b/files/helpers/wrappers.py index 13d0ffb1d..689c91992 100644 --- a/files/helpers/wrappers.py +++ b/files/helpers/wrappers.py @@ -14,12 +14,12 @@ def get_logged_in_user(): v.client = client return v else: - logged_in_user = session.get("logged_in_user") - if not logged_in_user: return None + lo_user = session.get("lo_user") + if not lo_user: return None nonce = session.get("login_nonce", 0) try: - if g.db: v = g.db.query(User).filter_by(id=logged_in_user).one_or_none() + if g.db: v = g.db.query(User).filter_by(id=lo_user).one_or_none() else: return None except: return None diff --git a/files/routes/comments.py b/files/routes/comments.py index 8b033c54d..f173a2dd3 100644 --- a/files/routes/comments.py +++ b/files/routes/comments.py @@ -2,7 +2,6 @@ from files.helpers.wrappers import * from files.helpers.filters import * from files.helpers.alerts import * from files.helpers.images import * -from files.helpers.session import * from files.helpers.const import * from files.classes import * from files.routes.front import comment_idlist diff --git a/files/routes/errors.py b/files/routes/errors.py index 38bd37eae..4d9a76807 100644 --- a/files/routes/errors.py +++ b/files/routes/errors.py @@ -1,15 +1,11 @@ import jinja2.exceptions from files.helpers.wrappers import * -from files.helpers.session import * from flask import * from urllib.parse import quote, urlencode import time from files.__main__ import app, limiter -# Errors - - @app.errorhandler(400) @auth_desired diff --git a/files/routes/login.py b/files/routes/login.py index e2f318efa..213ca6f2a 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -134,8 +134,8 @@ def login_post(): else: abort(400) - session["session_id"] = token_hex(52) - session["logged_in_user"] = account.id + session["session_id"] = token_hex(49) + session["lo_user"] = account.id session["login_nonce"] = account.login_nonce if account.id not in (PW1_ID,PW2_ID): check_for_alts(account.id) @@ -163,7 +163,7 @@ def me(v): def logout(v): session.pop("session_id", None) - session.pop("logged_in_user", None) + session.pop("lo_user", None) return {"message": "Logout successful!"} @@ -337,8 +337,8 @@ def sign_up_post(v): if "rama" in request.host: send_notification(new_user.id, WELCOME_MSG) - session["session_id"] = token_hex(52) - session["logged_in_user"] = new_user.id + session["session_id"] = token_hex(49) + session["lo_user"] = new_user.id g.db.commit() diff --git a/files/routes/posts.py b/files/routes/posts.py index 987c44674..76e2756a3 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -6,7 +6,6 @@ from files.helpers.wrappers import * from files.helpers.sanitize import * from files.helpers.filters import * from files.helpers.markdown import * -from files.helpers.session import * from files.helpers.alerts import * from files.helpers.discord import send_message from files.helpers.const import * diff --git a/requirements.txt b/requirements.txt index c0e0aab67..eed0a0b02 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,7 +6,6 @@ Flask-Caching Flask-Compress Flask-Limiter==1.1.0 Flask-Mail==0.9.1 -Flask-Session gevent greenlet gunicorn