greylist mostly done
This commit is contained in:
parent
2c621d266e
commit
383cbf1423
|
@ -141,7 +141,7 @@ def ban_check(url):
|
|||
banlist = get_bans()
|
||||
|
||||
for ban in banlist:
|
||||
if ban in [instance, parsed]:
|
||||
if parsed in ban or parsed == ban:
|
||||
return True
|
||||
|
||||
logging.debug(f'{parsed} not in blocklist')
|
||||
|
|
|
@ -153,9 +153,6 @@ async def http_filter(app, handler):
|
|||
real_ip = request.headers.get('X-Real-Ip', request.remote)
|
||||
ua_ip = dig(ua_domain)
|
||||
|
||||
nodeinfo = get_nodeinfo(domain)
|
||||
software = nodeinfo.get('name') if nodeinfo else None
|
||||
|
||||
instance = domain if domain != 'unknown' else user[1]
|
||||
allow = instance_check(instance)
|
||||
request['jsonreq'] = True if 'json' in request.headers.get('Accept', '') or request.path.endswith('.json') else False
|
||||
|
@ -196,32 +193,33 @@ async def http_filter(app, handler):
|
|||
return aiohttp.web.HTTPFound('/paws/login')
|
||||
|
||||
if any(map(request.path.startswith, auth_paths)) and request.method == 'GET':
|
||||
if PAWSCONFIG['require_approval'] and not allow:
|
||||
if allow != False:
|
||||
status, message = (401, 'Instance awaiting approval or rejection')
|
||||
instances('add', instance)
|
||||
|
||||
else:
|
||||
status, message = (403, 'Rejected')
|
||||
|
||||
return error(request, status, message)
|
||||
|
||||
# Check signatures if auth fetches are off
|
||||
if not user_check(request.path) and not MASTOCONFIG['auth_fetch']:
|
||||
if signature:
|
||||
actor = parse_sig(signature)
|
||||
if not user_check(request.path):
|
||||
if PAWSCONFIG['require_approval'] and not allow:
|
||||
if allow != False:
|
||||
status, message = (401, 'Instance awaiting approval or rejection')
|
||||
instances('add', instance)
|
||||
|
||||
if not (await validate(actor, request)):
|
||||
logging.warning(f'Signature validation failed for: {actor}')
|
||||
return error(request, 401, 'signature check failed, signature did not match key')
|
||||
else:
|
||||
status, message = (403, 'Rejected')
|
||||
|
||||
elif real_ip == ua_ip and wl_check(domain):
|
||||
logging.info(f'Letting {domain} through')
|
||||
return error(request, status, message)
|
||||
|
||||
else:
|
||||
msg = 'missing signature'
|
||||
logging.warning(msg)
|
||||
return error(request, 401, msg)
|
||||
if not MASTOCONFIG['auth_fetch']:
|
||||
if signature:
|
||||
actor = parse_sig(signature)
|
||||
|
||||
if not (await validate(actor, request)):
|
||||
logging.warning(f'Signature validation failed for: {actor}')
|
||||
return error(request, 401, 'signature check failed, signature did not match key')
|
||||
|
||||
elif real_ip == ua_ip and wl_check(domain):
|
||||
logging.info(f'Letting {domain} through')
|
||||
|
||||
else:
|
||||
msg = 'missing signature'
|
||||
logging.warning(msg)
|
||||
return error(request, 401, msg)
|
||||
|
||||
if not request['jsonreq']:
|
||||
if not token or not user_data:
|
||||
|
|
|
@ -159,11 +159,14 @@ input[type=text]:focus {
|
|||
text-align: left;
|
||||
}
|
||||
|
||||
.list .col2 {
|
||||
.list .button {
|
||||
text-align: center;
|
||||
width: 75px;
|
||||
}
|
||||
|
||||
.list .button input {
|
||||
width: calc(100% - 10px);
|
||||
}
|
||||
|
||||
/* Errors */
|
||||
#error .msg {
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
%tr{'class': 'instance'}
|
||||
%td{'class': 'col1'}
|
||||
%a{'href': 'https://{{instance}}/about', 'target': '_new'}= instance
|
||||
%td{'class': 'col2'}
|
||||
%td{'class': 'col2 button'}
|
||||
%form{'action': '/paws/action/remove', 'method': 'post'}
|
||||
%input{'name': 'name', 'value': '{{instance}}', 'hidden': None}
|
||||
%input{'type': 'submit', 'value': 'Remove'}
|
||||
|
@ -48,14 +48,16 @@
|
|||
%tr{'class': 'instance'}
|
||||
%td{'class': 'col1'}
|
||||
%a{'href': 'https://{{instance.domain}}/about', 'target': '_new'}= instance.domain
|
||||
%td{'class': 'col2'}
|
||||
%form{'action': '/paws/action/add', 'method': 'post'}
|
||||
%input{'name': 'name', 'value': '{{instance.domain}}', 'hidden': None}
|
||||
%input{'type': 'submit', 'name': 'action', 'value': 'Deny'}
|
||||
%form{'action': '/paws/action/add?list=={listtype}', 'method': 'post'}
|
||||
%input{'name': 'name', 'value': '{{instance.domain}}', 'hidden': None}
|
||||
%td{'class': 'button'}
|
||||
%input{'type': 'submit', 'name': 'action', 'value': 'Accept'}
|
||||
%td{'class': 'button'}
|
||||
%input{'type': 'submit', 'name': 'action', 'value': 'Deny'}
|
||||
|
||||
%form{'action': '/paws/action/remove', 'method': 'post'}
|
||||
%input{'name': 'name', 'value': '{{instance.domain}}', 'hidden': None}
|
||||
%form{'action': '/paws/action/remove?list=={listtype}', 'method': 'post'}
|
||||
%input{'name': 'name', 'value': '{{instance.domain}}', 'hidden': None}
|
||||
%td{'class': 'col2 button'}
|
||||
%input{'type': 'submit', 'value': 'Remove'}
|
||||
|
||||
-else
|
||||
|
@ -77,18 +79,18 @@
|
|||
%tr{'class': 'instance'}
|
||||
%td{'class': 'col1'}
|
||||
%a{'href': 'https://{{instance.domain}}/about', 'target': '_new'}= instance.domain
|
||||
%td{'class': 'col2'}
|
||||
%form{'action': '/paws/action/add', 'method': 'post'}
|
||||
%input{'name': 'name', 'value': '{{instance.domain}}', 'hidden': None}
|
||||
|
||||
%form{'action': '/paws/action/add?list=={listtype}', 'method': 'post'}
|
||||
%input{'name': 'name', 'value': '{{instance.domain}}', 'hidden': None}
|
||||
%td{'class': 'button'}
|
||||
-if instance.state == 'accept'
|
||||
%input{'type': 'submit', 'name': 'action', 'value': 'Deny'}
|
||||
|
||||
-elif instance.state == 'deny'
|
||||
%input{'type': 'submit', 'name': 'action', 'value': 'Accept'}
|
||||
|
||||
%form{'action': '/paws/action/remove', 'method': 'post'}
|
||||
%input{'name': 'name', 'value': '{{instance.domain}}', 'hidden': None}
|
||||
%form{'action': '/paws/action/remove?list=={listtype}', 'method': 'post'}
|
||||
%input{'name': 'name', 'value': '{{instance.domain}}', 'hidden': None}
|
||||
%td{'class': 'col2 button'}
|
||||
%input{'type': 'submit', 'value': 'Remove'}
|
||||
|
||||
-else
|
||||
|
@ -100,7 +102,8 @@
|
|||
%form{'action': '/paws/action/add', 'method': 'post'}
|
||||
%td{'class': 'col1'}
|
||||
%input{'type': 'text', 'name': 'name', 'placeholder': 'mastodon.social'}
|
||||
%td{'class': 'col2'}
|
||||
%td{'class': 'button'}
|
||||
%input{'type': 'submit', 'name': 'action', 'value': 'Accept'}
|
||||
%td{'class': 'col2 button'}
|
||||
%input{'type': 'submit', 'name': 'action', 'value': 'Deny'}
|
||||
|
||||
|
|
|
@ -2,6 +2,8 @@ import aiohttp
|
|||
import random
|
||||
import traceback
|
||||
|
||||
from operator import itemgetter
|
||||
|
||||
from IzzyLib import logging
|
||||
from IzzyLib.cache import TTLCache
|
||||
from IzzyLib.template import aiohttpTemplate
|
||||
|
@ -79,11 +81,15 @@ class lists(aiohttp.web.View):
|
|||
listtype = request.match_info['list']
|
||||
|
||||
if request['admin']:
|
||||
requests = pawsdb.instances.search(query.state == 'request')
|
||||
instances = pawsdb.instances.search(query.state != 'request')
|
||||
signlist = [line['domain'] for line in pawsdb.whitelist.all()]
|
||||
signlist.sort()
|
||||
data = {
|
||||
'listtype': listtype,
|
||||
'signlist': [line['domain'] for line in pawsdb.whitelist.all()],
|
||||
'requests': pawsdb.instances.search(query.state == 'request'),
|
||||
'instances': pawsdb.instances.search(query.state != 'request')
|
||||
'signlist': signlist,
|
||||
'requests': sorted(requests, key=lambda k: k['domain']),
|
||||
'instances': sorted(instances, key=lambda k: k['domain'])
|
||||
}
|
||||
|
||||
else:
|
||||
|
@ -114,6 +120,7 @@ async def post_paws(request):
|
|||
action = request.match_info['action'].lower()
|
||||
action = 'add' if action == 'update' else action
|
||||
admin = admin_check(user_data['handle']) if user_data else None
|
||||
page = request.query.get('list', 'instances')
|
||||
|
||||
if not admin:
|
||||
return error(request, 403, 'Not an admin')
|
||||
|
@ -130,7 +137,7 @@ async def post_paws(request):
|
|||
result = instances(action, parsed_domain, data.get('action', 'request'))
|
||||
print(result)
|
||||
|
||||
return aiohttp.web.HTTPFound('/paws/list/instances')
|
||||
return aiohttp.web.HTTPFound(f'/paws/list/{page}')
|
||||
|
||||
|
||||
async def get_auth(request):
|
||||
|
|
Loading…
Reference in a new issue