[core] UA parsing: Add backwards compatibility for platform names

Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
2022-08-25 14:55:49 +02:00 · 2022-08-25 14:55:49 +02:00 · 973b4527df
parent 4248825af0
commit 973b4527df
2 changed files with 12 additions and 10 deletions
--- a/flaschengeist/controller/sessionController.py
+++ b/flaschengeist/controller/sessionController.py
@ -13,15 +13,15 @@ lifetime = 1800

 def __get_user_agent_platform(ua: str):
    if "Win" in ua:
-        return "Windows"
+        return "windows"
    if "Mac" in ua:
-        return "Macintosh"
+        return "macintosh"
    if "Linux" in ua:
-        return "Linux"
+        return "linux"
    if "Android" in ua:
-        return "Android"
+        return "android"
    if "like Mac" in ua:
-        return "iOS"
+        return "ios"
    return "unknown"


@ -84,12 +84,12 @@ def validate_token(token, request_headers, permission):
    raise Unauthorized


-def create(user, user_agent=None) -> Session:
+def create(user, request_headers=None) -> Session:
    """Create a Session

    Args:
        user: For which User is to create a Session
-        user_agent: User agent to identify session
+        request_headers: Headers to validate user agent of browser

    Returns:
            Session: A created Token for User
@ -100,8 +100,10 @@ def create(user, user_agent=None) -> Session:
        token=token_str,
        user_=user,
        lifetime=lifetime,
-        browser=user_agent.browser,
-        platform=user_agent.platform,
+        platform=request_headers.get("Sec-CH-UA-Platform", None)
+        or __get_user_agent_platform(request_headers.get("User-Agent", "")),
+        browser=request_headers.get("Sec-CH-UA", None)
+        or __get_user_agent_browser(request_headers.get("User-Agent", "")),
    )
    session.refresh()
    db.session.add(session)
--- a/flaschengeist/plugins/auth/init.py
+++ b/flaschengeist/plugins/auth/init.py
@ -40,7 +40,7 @@ def login():
    user = userController.login_user(userid, password)
    if not user:
        raise Unauthorized
-    session = sessionController.create(user, user_agent=request.user_agent)
+    session = sessionController.create(user, request_headers=request.headers)
    logger.debug(f"token is {session.token}")
    logger.info(f"User {userid} logged in.")