feature/migrations, closes #19 #20
|
@ -25,6 +25,7 @@ def get_enabled_plugins():
|
|||
class PluginStub:
|
||||
def __init__(self, name) -> None:
|
||||
self.name = name
|
||||
self.version = "?"
|
||||
|
||||
logger.error("Could not connect to database or database not initialized! No plugins enabled!")
|
||||
logger.debug("Can not query enabled plugins", exc_info=True)
|
||||
|
|
|
@ -11,7 +11,36 @@ from ..database import db
|
|||
lifetime = 1800
|
||||
|
||||
|
||||
def validate_token(token, user_agent, permission):
|
||||
def __get_user_agent_platform(ua: str):
|
||||
if "Win" in ua:
|
||||
return "Windows"
|
||||
if "Mac" in ua:
|
||||
return "Macintosh"
|
||||
if "Linux" in ua:
|
||||
return "Linux"
|
||||
if "Android" in ua:
|
||||
return "Android"
|
||||
if "like Mac" in ua:
|
||||
return "iOS"
|
||||
return "unknown"
|
||||
|
||||
|
||||
def __get_user_agent_browser(ua: str):
|
||||
ua_str = ua.lower()
|
||||
if "firefox" in ua_str or "fxios" in ua_str:
|
||||
return "firefox"
|
||||
if "safari" in ua_str:
|
||||
return "safari"
|
||||
if "opr/" in ua_str:
|
||||
return "opera"
|
||||
if "edg" in ua_str:
|
||||
return "edge"
|
||||
if "chrom" in ua_str or "crios" in ua_str:
|
||||
return "chrome"
|
||||
return "unknown"
|
||||
|
||||
|
||||
def validate_token(token, request_headers, permission):
|
||||
"""Verify session
|
||||
|
||||
Verify a Session and Roles so if the User has permission or not.
|
||||
|
@ -19,7 +48,7 @@ def validate_token(token, user_agent, permission):
|
|||
|
||||
Args:
|
||||
token: Token to verify.
|
||||
user_agent: User agent of browser to check
|
||||
request_headers: Headers to validate user agent of browser
|
||||
permission: Permission needed to access restricted routes
|
||||
Returns:
|
||||
A Session for this given Token
|
||||
|
@ -31,8 +60,16 @@ def validate_token(token, user_agent, permission):
|
|||
session = Session.query.filter_by(token=token).one_or_none()
|
||||
if session:
|
||||
logger.debug("token found, check if expired or invalid user agent differs")
|
||||
|
||||
platform = request_headers.get("Sec-CH-UA-Platform", None) or __get_user_agent_platform(
|
||||
request_headers.get("User-Agent", "")
|
||||
)
|
||||
browser = request_headers.get("Sec-CH-UA", None) or __get_user_agent_browser(
|
||||
request_headers.get("User-Agent", "")
|
||||
)
|
||||
|
||||
if session.expires >= datetime.now(timezone.utc) and (
|
||||
session.browser == user_agent.browser and session.platform == user_agent.platform
|
||||
session.browser == browser and session.platform == platform
|
||||
):
|
||||
if not permission or session.user_.has_permission(permission):
|
||||
session.refresh()
|
||||
|
|
|
@ -20,8 +20,8 @@ class Session(db.Model, ModelSerializeMixin):
|
|||
expires: datetime = db.Column(UtcDateTime)
|
||||
token: str = db.Column(db.String(32), unique=True)
|
||||
lifetime: int = db.Column(db.Integer)
|
||||
browser: str = db.Column(db.String(30))
|
||||
platform: str = db.Column(db.String(30))
|
||||
browser: str = db.Column(db.String(127))
|
||||
platform: str = db.Column(db.String(64))
|
||||
userid: str = ""
|
||||
|
||||
_id = db.Column("id", Serial, primary_key=True)
|
||||
|
|
|
@ -14,7 +14,7 @@ def extract_session(permission=None):
|
|||
logger.debug("Missing Authorization header or ill-formed")
|
||||
raise Unauthorized
|
||||
|
||||
session = sessionController.validate_token(token, request.user_agent, permission)
|
||||
session = sessionController.validate_token(token, request.headers, permission)
|
||||
return session
|
||||
|
||||
|
||||
|
|
|
@ -22,14 +22,14 @@ include_package_data = True
|
|||
python_requires = >=3.10
|
||||
packages = find:
|
||||
install_requires =
|
||||
Flask==2.0.3
|
||||
Pillow>=9.0
|
||||
Flask>=2.2.2
|
||||
Pillow>=9.2
|
||||
flask_cors
|
||||
flask_migrate>=3.1.0
|
||||
flask_sqlalchemy>=2.5.1
|
||||
sqlalchemy>=1.4.39
|
||||
sqlalchemy>=1.4.40
|
||||
toml
|
||||
werkzeug==2.0.3
|
||||
werkzeug>=2.2.2
|
||||
|
||||
[options.extras_require]
|
||||
argon = argon2-cffi
|
||||
|
|
Loading…
Reference in New Issue