Commit Graph

428 Commits (dd1d4001118482d9785a6ba179626fa0ba5b2c76)

Author SHA1 Message Date
Aevann 79d8bb7d2c allow session cookie to work on videos.watchpeopledie.tv 2023-07-14 18:45:49 +03:00
Aevann ff67e30949 dont count failed requests towards ratelimit 2023-07-13 16:50:46 +03:00
Aevann 52959cec63 remove unnecessary lines 2023-07-08 18:30:12 +03:00
Aevann 3964a27281 fix worker timeouts 2023-07-08 17:03:58 +03:00
Aevann cce4f2346c same as last commit + remove now-unnecessary scoped_session imports 2023-07-08 02:12:59 +03:00
Aevann 6dacba53b6 tinker with cache to stop insane cpu usage by redis-server 2023-07-07 22:08:23 +03:00
Aevann 4aedec05d1 increase session age 2023-07-03 00:21:35 +03:00
Aevann 7493722457 redis cache frontpage 2023-06-27 23:03:14 +03:00
Aevann 96330210e8 use SITE as a prefix for flask_cache 2023-03-25 22:57:27 +02:00
Aevann a88fb10455 restore autoflush 2023-03-18 15:11:30 +02:00
Aevann 57765f0776 revert sqlalchemy changes 2023-03-16 08:27:58 +02:00
Aevann f768d81103 keep db sessions open 2023-03-15 05:58:00 +02:00
Aevann ca1b25783f redup redis url 2023-03-01 21:49:17 +02:00
Aevann 8c495c914a default ratelimit doesnt apply implicitly if theres other @limiter.limit before the function, so add it explicity before all functions 2023-02-26 10:41:04 +02:00
Aevann d217b3e843 fix ratelimiting in wpd 2023-02-09 10:11:34 +02:00
Aevann 6250a75f00 same as last commit 2023-02-09 10:00:01 +02:00
Aevann c8dea2b4b3 print debugging 2023-02-09 09:56:48 +02:00
Aevann 66f859b71e fix 2023-02-09 08:05:07 +02:00
Aevann 921b9b1a2e re-enable autocheck for ratelimiting 2023-01-23 04:38:39 +02:00
Aevann 6c965d1c06 make ratelimiting work when not-proxied by cloudflare 2023-01-23 04:37:43 +02:00
Aevann 57d1c870e8 fix newest version of flask-limiter not working 2023-01-21 05:01:17 +02:00
Aevann db6db63836 change event structure 2023-01-01 07:33:09 +02:00
Aevann 03fb84e618 fix HOLIDAY_EVENT check 2023-01-01 04:50:11 +02:00
Aevann1 b64ea2e21e remove no_step_on_jc 2022-12-21 15:04:53 +02:00
Aevann1 9b7c0a674b fix /stats 2022-12-21 01:44:53 +02:00
justcool393 ab41db22b7 [DO NOT MERGE] multiple sub banners (#59)
allows multiple sub banners

Snakes note: By request of Carp, especially for WPD.

Co-authored-by: justcool393 <justcool393@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Reviewed-on: rDrama/rDrama#59
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
justcool393 6dbad04f08 band-aid fix for frozen session issue on signup (#50)
through some reason or another, people are somehow getting cookies that aren't prepended with a dot.

this is a problem because both sessions at, as best as I can tell, mix so it tries to read from a different cookie than we write to. this essentially "freezes" the session in place. users are unable to login, logout, signup, toggle poor mode, toggle NSFW, etc.

~~this attempts to delete bad session cookies (i.e. cookies with a domain that don't start with a dot).~~

~~we don't do this on "dotless" domains (and by extension localhost) because browser support for setting cookies on FQDNs that only have one dot has tenuous support among browsers anyway).~~

~~this *may* log some people out, but... their days of being able to do stuff on the site were numbered anyway.~~

**edit: as amazing as this thought was, browsers just wipe the entire cookies completely and there's no way to specifically target dotless cookies. for an issue that affects a few users, better to just tell them to clear their cookies. if *this* doesn't work, delete service-worker.js and be done with the whole service worker crap. forever. permanently. this PR also includes some QOL improvements.**

Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#50
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 22:07:12 +00:00
justcool393 db31fc17de ratelimits: turn off autocheck so we can init
required app context globals
2022-11-29 19:29:06 -06:00
geese_suck a3fa96242c holiday event manager (actually works now edition) (#22)
Co-authored-by: Snakes <duolsm@outlook.com>
Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#22
Co-authored-by: geese_suck <deandre.williams@geese-suck.us>
Co-committed-by: geese_suck <deandre.williams@geese-suck.us>
2022-11-29 20:20:26 +00:00
justcool393 2383608718 Revert "fsdfsd"
This reverts commit b0c0c76eef.
2022-11-23 10:29:20 -06:00
justcool393 b0c0c76eef fsdfsd 2022-11-23 10:28:17 -06:00
geese-suck 63fd0bd6ba
make login/signup work on local 2022-11-20 18:28:05 -08:00
Aevann1 f5f40689a1 remove unnecessary line 2022-11-21 00:22:14 +02:00
Aevann1 caabaf0c6f expand IS_LOCALHOST 2022-11-21 00:16:49 +02:00
justcool393 57b4d586ad don't explicitly set cookies for localhost 2022-11-15 16:22:50 -06:00
justcool393 8f2f48d6d1
[DO NOT MERGE] import detanglation (#442)
* move Base definition to files.classes.__init__.py

* fix ImportError

* move userpage listing to users.py

* don't import the app from classes

* consts: set default values to avoid crashes
consts: warn if the secret key is the default config value

* card view: sneed (user db schema)

* cloudflare: use DEFAULT_CONFIG_VALUE

* const: set default values

* decouple media.py from __main__

* pass database to avoid imports

* import cleanup and import request not in const, but in the requests mega import

* move asset_submissions site check to __init__

* asset submissions feature flag

* flag

* g.is_tor

* don't import request where it's not needed

* i think this is fine

* mail: move to own routes and helper

* wrappers

* required wrappers move

* unfuck wrappers a bit

* move snappy quotes and marseys to stateful consts

* marsify

* :pepodrool:

* fix missing import

* import cache

* ...and settings.py

* and static.py

* static needs cache

* route

* lmao all of the jinja shit was in feeds.py amazing

* classes should only import what they need from flask

* import Response

* hdjbjdhbhjf

* ...

* dfdfdfdf

* make get a non-required import

* isort imports (mostly)

* but actually

* configs

* reload config on import

* fgfgfgfg

* config

* config

* initialize snappy and test

* cookie of doom debug

* edfjnkf

* xikscdfd

* debug config

* set session cookie domain, i think this fixes the can't login bug

* sdfbgnhvfdsghbnjfbdvvfghnn

* hrsfxgf

* dump the entire config on a request

* kyskyskyskyskyskyskyskyskys

* duifhdskfjdfd

* dfdfdfdfdfdfdfdfdfdfdfdf

* dfdfdfdf

* imoprt all of the consts beacuse fuck it

* 😭

* dfdfdfdfdfdfsdasdf

* print the entire session

* rffdfdfjkfksj

* fgbhffh

* not the secret keys

* minor bug fixes

* be helpful in the warning

* gfgfgfg

* move warning lower

* isort main imports (i hope this doesn't fuck something up)

* test

* session cookie domain redux

* dfdfdfd

* try only importing Flask

* formkeys fix

* y

* :pepodrool:

* route helper

* remove before flight

* dfdfdfdfdf

* isort classes

* isort helpers

* move check_for_alts to routehelpers and also sort imports and get rid of unused ones

* that previous commit but actkally

* readd the cache in a dozen places they were implicitly imported

* use g.is_tor instead of request.headers. bla bla bla

* upgrade streamers to their own route file

* get rid of unused imports in __main__

* fgfgf

* don't pull in the entire ORM where we don't need it

* features

* explicit imports for the get helper

* explicit imports for the get helper redux

* testing allroutes

* remove unused import

* decouple flask from classes

* syntax fix also remember these have side fx for some reason (why?)

* move side effects out of the class

* posts

* testing on devrama

* settings

* reloading

* settingssdsdsds

* streamer features

* site settings

* testing settings on devrama

* import

* fix modlog

* remove debug stuff

* revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6

* archiveorg to _archiveorg

* skhudkfkjfd

* fix cron for PCM

* fix bugs that snekky wants me to

* Fix call to realbody passing db, standardize kwarg

* test

* import check_for_alts from the right place

* cloudflare

* testing on devrama

* fix cron i think

* shadow properly

* tasks

* Remove print which will surely be annoying in prod.

* v and create new session

* use files.classes

* make errors import little and fix rare 500 in /allow_nsfw

* Revert "use files.classes"

This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6.

* pass v to media functions rather than using g

* fix

* dfdfdfdfd

* cleanup, py type checking is dumb so don't use it where it causes issues

* Fix some merge bugs, add DEFAULT_RATELIMIT to main.

* Fix imports on sqlalchemy expressions.

* `from random import random` is an error.

* Fix replies db param.

* errors: fix missing import

* fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text

* Fix signup formkey.

* fix 2 500s

* propagate db to submissions

* fix replies

* dfdfdfdf

* Fix verifiedcolor.

* is_manual

* can't use getters outside of an app context

* don't attempt to do gumroad on sites where it's not enabled

* don't attempt to do gumraod on sites's where it's unnecessary

* Revert "don't attempt to do gumroad on sites where it's not enabled"

This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3.

* fix 500

* validate media type

Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 03:19:08 -06:00
justcool393 775f0d0717 no step on jc 2022-11-13 01:02:25 -06:00
justcool393 26549a6e66
remove logged out routes (#433)
* remove /logged_out/ routes

* update sitemap, remove users route, and update header

* cloudflare cookie

* only mess with the cookie whenever we desire auth

* sitemap: (small) improvements
sitemap: fix little bug i introduced
sitemap: fix login redirects for /id/ routes

* sitemap: remove duplicate entry

* contact is auth desired

* imports: don't import what we don't need and bind late to the db

* praying to god this works

* keep yourself safe

* oh i actually need to commit and push lol

* import Sub

* t

* refix cache purger
2022-11-09 00:35:24 -05:00
Aevann1 684bd24326 move 2 headers from python to nginx 2022-10-30 02:46:50 +02:00
justcool393 8bbcb9902e HTTP referer: move setting it to nginx from python 2022-10-29 16:50:33 -05:00
justcool393 3ac5fad2d8 referer: only send for same-origin requests 2022-10-29 16:33:17 -05:00
Aevann1 ad358650e1 remove retarded bullshit I wasn't consulted about 2022-10-27 19:53:08 +02:00
Aevann1 07228a2708 fix cookies on localhost 2022-10-22 17:26:39 +02:00
justcool393 49b12f220c sessions: set cookie domain properly 2022-10-21 23:39:23 -05:00
Snakes e9b648dcb5
Support for multiple WPD sites on one master. 2022-10-21 19:33:43 -04:00
Snakes 45ff9d80e5
Permit serving multiple hosts from one instance.
In service of tidying up WPD application servers. Also includes a
closely related change of letting nginx do the redirects to root.
2022-10-21 19:12:36 -04:00
justcool393 2e087dc09f set session cookie domain to SITE 2022-10-21 14:00:41 -05:00
Aevann1 360aa99fe1 small adjustments 2022-10-21 17:11:12 +02:00
Aevann1 26e2143514 marsey.world 2022-10-21 16:32:23 +02:00
Aevann1 05e8dec716 allow multiple hosts (thanks JC I love you) 2022-10-21 13:15:29 +02:00