fix user-agent parsing and remove jinja2
This commit is contained in:
parent
6c3f53f177
commit
ee565667f0
21
README.md
21
README.md
|
@ -17,3 +17,24 @@ Python 3.6.0+ (3.8.0 recommended)
|
|||
## Configuration
|
||||
|
||||
(eventually)
|
||||
|
||||
### Caddy
|
||||
|
||||
'''
|
||||
rewrite {
|
||||
if_op and
|
||||
if {path} starts_with /users
|
||||
if {path} not_ends_with inbox
|
||||
to {path} /auth/{path}
|
||||
}
|
||||
|
||||
rewrite {
|
||||
if {path} starts_with /@
|
||||
to {path} /auth/{path}
|
||||
}
|
||||
|
||||
proxy /auth localhost:3001 {
|
||||
without /auth
|
||||
transparent
|
||||
}
|
||||
'''
|
||||
|
|
|
@ -52,7 +52,9 @@ else:
|
|||
|
||||
PAWSCONFIG = {
|
||||
'host': env.get('PAWS_HOST', '127.0.0.1'),
|
||||
'port': env.get('PAWS_PORT', 3001),
|
||||
'port': int(env.get('PAWS_PORT', 3001)),
|
||||
'user': env.get('PAWS_USER', 'admin'),
|
||||
'pass': env.get('PAWS_PASS', 'password'),
|
||||
'mastopath': env.get('MASTOPATH', os.getcwd())
|
||||
}
|
||||
|
||||
|
|
|
@ -3,8 +3,6 @@ import re
|
|||
import json
|
||||
import logging
|
||||
|
||||
from colour import Color
|
||||
|
||||
|
||||
error_codes = {
|
||||
400: 'BadRequest',
|
||||
|
@ -58,54 +56,3 @@ def user_check(path):
|
|||
|
||||
return False
|
||||
|
||||
|
||||
|
||||
class color:
|
||||
def __init__(self):
|
||||
self.check = lambda color: Color(f'#{str(color)}' if re.search(r'^(?:[0-9a-fA-F]{3}){1,2}$', color) else color)
|
||||
|
||||
def multi(self, multiplier):
|
||||
if multiplier >= 1:
|
||||
return 1
|
||||
|
||||
elif multiplier <= 0:
|
||||
return 0
|
||||
|
||||
return multiplier
|
||||
|
||||
def lighten(self, color, multiplier):
|
||||
col = self.check(color)
|
||||
col.luminance += ((1 - col.luminance) * self.multi(multiplier))
|
||||
|
||||
return col.hex_l
|
||||
|
||||
def darken(self, color, multiplier):
|
||||
col = self.check(color)
|
||||
col.luminance -= (col.luminance * self.multi(multiplier))
|
||||
|
||||
return col.hex_l
|
||||
|
||||
|
||||
def saturate(self, color, multiplier):
|
||||
col = self.check(color)
|
||||
col.saturation += ((1 - col.saturation) * self.multi(multiplier))
|
||||
|
||||
return col.hex_l
|
||||
|
||||
|
||||
def desaturate(self, color, multiplier):
|
||||
col = self.check(color)
|
||||
col.saturation -= (col.saturation * self.multi(multiplier))
|
||||
|
||||
return col.hex_l
|
||||
|
||||
|
||||
def rgba(self, color, transparency):
|
||||
col = self.check(color)
|
||||
|
||||
red = col.red*255
|
||||
green = col.green*255
|
||||
blue = col.blue*255
|
||||
trans = self.multi(transparency)
|
||||
|
||||
return f'rgba({red:0.2f}, {green:0.2f}, {blue:0.2f}, {trans:0.2f})'
|
||||
|
|
|
@ -50,12 +50,19 @@ def parse_ua(agent):
|
|||
if not agent:
|
||||
return
|
||||
|
||||
ua1 = agent.split('+https://')
|
||||
ua1 = agent.split('https://')
|
||||
|
||||
if len(ua1) < 2:
|
||||
return
|
||||
|
||||
ua2 = ua1[1].split('/')
|
||||
if 'Mastodon' in agent:
|
||||
ua2 = ua1[1].split('/')
|
||||
|
||||
elif 'Pleroma' in agent:
|
||||
ua2 = ua1[1].split(' <')
|
||||
|
||||
elif 'Misskey' in agent:
|
||||
ua2 = ua1[1].split(')')
|
||||
|
||||
if len(ua2) > 1:
|
||||
return ua2[0]
|
||||
|
@ -128,8 +135,6 @@ async def http_signatures(app, handler):
|
|||
if 'signature' in request.headers:
|
||||
data = await request.json()
|
||||
|
||||
#print(json.dumps(data, indent=' '))
|
||||
|
||||
if 'actor' not in data:
|
||||
logging.info('signature check failed, no actor in message')
|
||||
raise json_error(401, 'signature check failed, no actor in message')
|
||||
|
@ -161,8 +166,8 @@ async def http_signatures(app, handler):
|
|||
raise json_error(401, 'signature check failed, signature did not match key')
|
||||
|
||||
else:
|
||||
auth_username = 'admin'
|
||||
auth_password = 'doubleheck'
|
||||
auth_username = PAWSCONFIG['user']
|
||||
auth_password = PAWSCONFIG['pass']
|
||||
auth_realm = 'Nope'
|
||||
|
||||
auth_header = request.headers.get(aiohttp.hdrs.AUTHORIZATION)
|
||||
|
@ -193,18 +198,22 @@ async def http_signatures(app, handler):
|
|||
|
||||
async def http_filter(app, handler):
|
||||
async def http_filter_handler(request):
|
||||
domain = parse_ua(request.headers.get('user-agent'))
|
||||
ua = request.headers.get('user-agent')
|
||||
|
||||
if not domain:
|
||||
raise json_error(401, 'Missing User-Agent')
|
||||
if 'Mozilla/5.0' not in ua and 'aiohttp/3.3.2' not in ua:
|
||||
domain = parse_ua(ua)
|
||||
|
||||
if [agent for agent in blocked_agents if agent in request.headers.get('User-Agent', '').lower()]:
|
||||
logging.info(f'Blocked garbage: {domain}')
|
||||
raise HTTPTeapot(body='418 This teapot kills fascists', content_type='text/plain')
|
||||
if not domain:
|
||||
logging.info('Missing user-agent')
|
||||
raise json_error(401, 'Missing User-Agent')
|
||||
|
||||
if db.ban_check(domain):
|
||||
logging.info(f'Blocked instance: {domain}')
|
||||
raise json_error(403, 'Forbidden')
|
||||
if [agent for agent in blocked_agents if agent in request.headers.get('User-Agent', '').lower()]:
|
||||
logging.info(f'Blocked garbage: {domain}')
|
||||
raise HTTPTeapot(body='418 This teapot kills fascists', content_type='text/plain')
|
||||
|
||||
if db.ban_check(domain):
|
||||
logging.info(f'Blocked instance: {domain}')
|
||||
raise json_error(403, 'Forbidden')
|
||||
|
||||
return (await handler(request))
|
||||
return http_filter_handler
|
||||
|
|
|
@ -2,15 +2,11 @@ import os
|
|||
import sys
|
||||
import asyncio
|
||||
import aiohttp
|
||||
import aiohttp_jinja2
|
||||
import jinja2_markdown
|
||||
|
||||
from jinja2 import select_autoescape, FileSystemLoader
|
||||
from ipaddress import ip_address as address
|
||||
from urllib.parse import urlparse
|
||||
|
||||
from .config import PAWSCONFIG, VERSION, script_path, logging
|
||||
from .functions import color
|
||||
from . import middleware
|
||||
|
||||
|
||||
|
@ -23,28 +19,6 @@ def webserver():
|
|||
middleware.http_redirect
|
||||
])
|
||||
|
||||
async def global_vars(request):
|
||||
return {
|
||||
'VERSION': VERSION,
|
||||
'len': len,
|
||||
'urlparse': urlparse,
|
||||
'lighten': color().lighten,
|
||||
'darken': color().darken,
|
||||
'saturate': color().saturate,
|
||||
'desaturate': color().desaturate,
|
||||
'rgba': color().rgba
|
||||
}
|
||||
|
||||
|
||||
aiohttp_jinja2.setup(web,
|
||||
loader=FileSystemLoader(script_path),
|
||||
autoescape=select_autoescape(['html', 'css']),
|
||||
extensions=[jinja2_markdown.MarkdownExtension],
|
||||
context_processors=[global_vars],
|
||||
lstrip_blocks=True,
|
||||
trim_blocks=True
|
||||
)
|
||||
|
||||
web.add_routes([
|
||||
aiohttp.web.route('*', '/', views.heck),
|
||||
aiohttp.web.route('*', '/@{user}', views.heck),
|
||||
|
|
|
@ -153,5 +153,5 @@ async def validate(actor, request):
|
|||
|
||||
request['validated'] = result
|
||||
|
||||
logging.debug(f'validates? {result}')
|
||||
logging.info(f'validates? {result}')
|
||||
return result
|
||||
|
|
Loading…
Reference in a new issue