From cb0795a6acbce7eac63998d57b615d37060f4377 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20Gr=C3=B6ger?= Date: Wed, 3 May 2023 07:46:50 +0200 Subject: [PATCH] add ua-parser to pares user-agent --- flaschengeist/controller/sessionController.py | 48 ++++--------------- setup.cfg | 1 + 2 files changed, 11 insertions(+), 38 deletions(-) diff --git a/flaschengeist/controller/sessionController.py b/flaschengeist/controller/sessionController.py index 56ca32b..afed11e 100644 --- a/flaschengeist/controller/sessionController.py +++ b/flaschengeist/controller/sessionController.py @@ -2,6 +2,7 @@ import secrets from datetime import datetime, timezone from werkzeug.exceptions import Forbidden, Unauthorized +from ua_parser import user_agent_parser from .. import logger from ..models import Session @@ -11,33 +12,8 @@ from ..database import db lifetime = 1800 -def __get_user_agent_platform(ua: str): - if "Win" in ua: - return "windows" - if "Mac" in ua: - return "macintosh" - if "Linux" in ua: - return "linux" - if "Android" in ua: - return "android" - if "like Mac" in ua: - return "ios" - return "unknown" - - -def __get_user_agent_browser(ua: str): - ua_str = ua.lower() - if "firefox" in ua_str or "fxios" in ua_str: - return "firefox" - if "safari" in ua_str: - return "safari" - if "opr/" in ua_str: - return "opera" - if "edg" in ua_str: - return "edge" - if "chrom" in ua_str or "crios" in ua_str: - return "chrome" - return "unknown" +def get_user_agent(request_headers): + return user_agent_parser.Parse(request_headers.get("User-Agent", "") if request_headers else "") def validate_token(token, request_headers, permission): @@ -60,13 +36,9 @@ def validate_token(token, request_headers, permission): session = Session.query.filter_by(token=token).one_or_none() if session: logger.debug("token found, check if expired or invalid user agent differs") - - platform = request_headers.get("Sec-CH-UA-Platform", None) or __get_user_agent_platform( - request_headers.get("User-Agent", "") - ) - browser = request_headers.get("Sec-CH-UA", None) or __get_user_agent_browser( - request_headers.get("User-Agent", "") - ) + user_agent = get_user_agent(request_headers) + platform = user_agent["os"]["family"] + browser = user_agent["user_agent"]["family"] if session.expires >= datetime.now(timezone.utc) and ( session.browser == browser and session.platform == platform @@ -96,14 +68,14 @@ def create(user, request_headers=None) -> Session: """ logger.debug("create access token") token_str = secrets.token_hex(16) + user_agent = get_user_agent(request_headers) + logger.debug(f"platform: {user_agent['os']['family']}, browser: {user_agent['user_agent']['family']}") session = Session( token=token_str, user_=user, lifetime=lifetime, - platform=request_headers.get("Sec-CH-UA-Platform", None) - or __get_user_agent_platform(request_headers.get("User-Agent", "")), - browser=request_headers.get("Sec-CH-UA", None) - or __get_user_agent_browser(request_headers.get("User-Agent", "")), + platform=user_agent["os"]["family"], + browser=user_agent["user_agent"]["family"], ) session.refresh() db.session.add(session) diff --git a/setup.cfg b/setup.cfg index 3a54392..f0a30a9 100644 --- a/setup.cfg +++ b/setup.cfg @@ -34,6 +34,7 @@ install_requires = sqlalchemy >= 2.0 toml werkzeug>=2.2.2 + ua-parser>=0.16.1 [options.extras_require] argon = argon2-cffi