paws | ||
.gitignore | ||
LICENSE | ||
README.md | ||
reload.cfg | ||
requirements.txt | ||
server.py |
Protection Against Web Scrapers (PAWS)
Web proxy for Mastodon that puts public profiles behind an auth layer.
How it works
PAWS sits between Mastodon and your front-facing web proxy to intercept incoming requests. If a profile, toot, or any related json is requested, it will be blocked unless authenticated. If authenticated fetches on mastodon are disabled, PAWS will check signatures instead
Note: Still very much a WIP. Currently it's just simple http auth, but I plan on adding the ability to login via oauth
Installation
Python 3.6.0+ (3.8.0 recommended)
python3 -m pip install -r requirements.txt --user
Configuration
data/production.env:
# Path to mastodon instance. Defaults to current working dir
MASTOPATH=/home/mastodon/glitch-soc
# Listen address and port for PAWS. Can safely be ignored if running on same host as web server
PAWS_HOST=127.0.0.1
PAWS_PORT=3001
# These will be phased out
PAWS_USER=admin
PAWS_PASS=password
Caddy
Append this to caddy's mastodon config:
rewrite {
if_op and
if {path} starts_with /users
if {path} not_ends_with inbox
to {path} /auth/{path}
}
rewrite {
if_op or
if {path} starts_with /@
if {path} starts_with /authorize
to {path} /auth/{path}
}
proxy /auth localhost:3001 {
without /auth
transparent
}
Nginx
Coming soon. Convert caddy's config to nginx format if you know how for now