add ua-parser to pares user-agent

This commit is contained in:
Tim Gröger 2023-05-03 07:46:50 +02:00
parent f7c8ae1037
commit cb0795a6ac
2 changed files with 11 additions and 38 deletions

View File

@ -2,6 +2,7 @@ import secrets
from datetime import datetime, timezone from datetime import datetime, timezone
from werkzeug.exceptions import Forbidden, Unauthorized from werkzeug.exceptions import Forbidden, Unauthorized
from ua_parser import user_agent_parser
from .. import logger from .. import logger
from ..models import Session from ..models import Session
@ -11,33 +12,8 @@ from ..database import db
lifetime = 1800 lifetime = 1800
def __get_user_agent_platform(ua: str): def get_user_agent(request_headers):
if "Win" in ua: return user_agent_parser.Parse(request_headers.get("User-Agent", "") if request_headers else "")
return "windows"
if "Mac" in ua:
return "macintosh"
if "Linux" in ua:
return "linux"
if "Android" in ua:
return "android"
if "like Mac" in ua:
return "ios"
return "unknown"
def __get_user_agent_browser(ua: str):
ua_str = ua.lower()
if "firefox" in ua_str or "fxios" in ua_str:
return "firefox"
if "safari" in ua_str:
return "safari"
if "opr/" in ua_str:
return "opera"
if "edg" in ua_str:
return "edge"
if "chrom" in ua_str or "crios" in ua_str:
return "chrome"
return "unknown"
def validate_token(token, request_headers, permission): def validate_token(token, request_headers, permission):
@ -60,13 +36,9 @@ def validate_token(token, request_headers, permission):
session = Session.query.filter_by(token=token).one_or_none() session = Session.query.filter_by(token=token).one_or_none()
if session: if session:
logger.debug("token found, check if expired or invalid user agent differs") logger.debug("token found, check if expired or invalid user agent differs")
user_agent = get_user_agent(request_headers)
platform = request_headers.get("Sec-CH-UA-Platform", None) or __get_user_agent_platform( platform = user_agent["os"]["family"]
request_headers.get("User-Agent", "") browser = user_agent["user_agent"]["family"]
)
browser = request_headers.get("Sec-CH-UA", None) or __get_user_agent_browser(
request_headers.get("User-Agent", "")
)
if session.expires >= datetime.now(timezone.utc) and ( if session.expires >= datetime.now(timezone.utc) and (
session.browser == browser and session.platform == platform session.browser == browser and session.platform == platform
@ -96,14 +68,14 @@ def create(user, request_headers=None) -> Session:
""" """
logger.debug("create access token") logger.debug("create access token")
token_str = secrets.token_hex(16) token_str = secrets.token_hex(16)
user_agent = get_user_agent(request_headers)
logger.debug(f"platform: {user_agent['os']['family']}, browser: {user_agent['user_agent']['family']}")
session = Session( session = Session(
token=token_str, token=token_str,
user_=user, user_=user,
lifetime=lifetime, lifetime=lifetime,
platform=request_headers.get("Sec-CH-UA-Platform", None) platform=user_agent["os"]["family"],
or __get_user_agent_platform(request_headers.get("User-Agent", "")), browser=user_agent["user_agent"]["family"],
browser=request_headers.get("Sec-CH-UA", None)
or __get_user_agent_browser(request_headers.get("User-Agent", "")),
) )
session.refresh() session.refresh()
db.session.add(session) db.session.add(session)

View File

@ -34,6 +34,7 @@ install_requires =
sqlalchemy >= 2.0 sqlalchemy >= 2.0
toml toml
werkzeug>=2.2.2 werkzeug>=2.2.2
ua-parser>=0.16.1
[options.extras_require] [options.extras_require]
argon = argon2-cffi argon = argon2-cffi