From cb0795a6acbce7eac63998d57b615d37060f4377 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20Gr=C3=B6ger?= <tim@groeger-clan.de>
Date: Wed, 3 May 2023 07:46:50 +0200
Subject: [PATCH] add ua-parser to pares user-agent

---
 flaschengeist/controller/sessionController.py | 48 ++++---------------
 setup.cfg                                     |  1 +
 2 files changed, 11 insertions(+), 38 deletions(-)

diff --git a/flaschengeist/controller/sessionController.py b/flaschengeist/controller/sessionController.py
index 56ca32b..afed11e 100644
--- a/flaschengeist/controller/sessionController.py
+++ b/flaschengeist/controller/sessionController.py
@@ -2,6 +2,7 @@ import secrets
 
 from datetime import datetime, timezone
 from werkzeug.exceptions import Forbidden, Unauthorized
+from ua_parser import user_agent_parser
 
 from .. import logger
 from ..models import Session
@@ -11,33 +12,8 @@ from ..database import db
 lifetime = 1800
 
 
-def __get_user_agent_platform(ua: str):
-    if "Win" in ua:
-        return "windows"
-    if "Mac" in ua:
-        return "macintosh"
-    if "Linux" in ua:
-        return "linux"
-    if "Android" in ua:
-        return "android"
-    if "like Mac" in ua:
-        return "ios"
-    return "unknown"
-
-
-def __get_user_agent_browser(ua: str):
-    ua_str = ua.lower()
-    if "firefox" in ua_str or "fxios" in ua_str:
-        return "firefox"
-    if "safari" in ua_str:
-        return "safari"
-    if "opr/" in ua_str:
-        return "opera"
-    if "edg" in ua_str:
-        return "edge"
-    if "chrom" in ua_str or "crios" in ua_str:
-        return "chrome"
-    return "unknown"
+def get_user_agent(request_headers):
+    return user_agent_parser.Parse(request_headers.get("User-Agent", "") if request_headers else "")
 
 
 def validate_token(token, request_headers, permission):
@@ -60,13 +36,9 @@ def validate_token(token, request_headers, permission):
     session = Session.query.filter_by(token=token).one_or_none()
     if session:
         logger.debug("token found, check if expired or invalid user agent differs")
-
-        platform = request_headers.get("Sec-CH-UA-Platform", None) or __get_user_agent_platform(
-            request_headers.get("User-Agent", "")
-        )
-        browser = request_headers.get("Sec-CH-UA", None) or __get_user_agent_browser(
-            request_headers.get("User-Agent", "")
-        )
+        user_agent = get_user_agent(request_headers)
+        platform = user_agent["os"]["family"]
+        browser = user_agent["user_agent"]["family"]
 
         if session.expires >= datetime.now(timezone.utc) and (
             session.browser == browser and session.platform == platform
@@ -96,14 +68,14 @@ def create(user, request_headers=None) -> Session:
     """
     logger.debug("create access token")
     token_str = secrets.token_hex(16)
+    user_agent = get_user_agent(request_headers)
+    logger.debug(f"platform: {user_agent['os']['family']}, browser: {user_agent['user_agent']['family']}")
     session = Session(
         token=token_str,
         user_=user,
         lifetime=lifetime,
-        platform=request_headers.get("Sec-CH-UA-Platform", None)
-        or __get_user_agent_platform(request_headers.get("User-Agent", "")),
-        browser=request_headers.get("Sec-CH-UA", None)
-        or __get_user_agent_browser(request_headers.get("User-Agent", "")),
+        platform=user_agent["os"]["family"],
+        browser=user_agent["user_agent"]["family"],
     )
     session.refresh()
     db.session.add(session)
diff --git a/setup.cfg b/setup.cfg
index 3a54392..f0a30a9 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -34,6 +34,7 @@ install_requires =
     sqlalchemy >= 2.0
     toml
     werkzeug>=2.2.2
+    ua-parser>=0.16.1
 
 [options.extras_require]
 argon = argon2-cffi