def change_unauthenticated_username(): username = request.form['username'] guild_id = request.form['guild_id'] ip_address = get_client_ipaddr() username = username.strip() if len(username) < 2 or len(username) > 32: abort(406) if not all(x.isalnum() or x.isspace() or "-" == x or "_" == x for x in username): abort(406) if not check_guild_existance(guild_id): abort(404) if not guild_query_unauth_users_bool(guild_id): abort(401) if not checkUserBanned(guild_id, ip_address): if 'user_keys' not in session or guild_id not in session[ 'user_keys'] or not session['unauthenticated']: abort(424) session['username'] = username if 'user_id' not in session or len(str(session["user_id"])) > 4: session['user_id'] = random.randint(0, 9999) user = UnauthenticatedUsers(guild_id, username, session['user_id'], ip_address) db.session.add(user) db.session.commit() key = user.user_key session['user_keys'][guild_id] = key status = update_user_status(guild_id, username, key) return jsonify(status=status) else: status = {'banned': True} response = jsonify(status=status) response.status_code = 403 return response
def on_identify(self, data): guild_id = data["guild_id"] if not guild_accepts_visitors(guild_id) and not check_user_in_guild(guild_id): disconnect() return session["socket_guild_id"] = guild_id channels = [] if guild_accepts_visitors(guild_id) and not check_user_in_guild(guild_id): channels = get_guild_channels(guild_id, force_everyone=True) else: channels = get_guild_channels(guild_id) join_room("GUILD_"+guild_id) for chan in channels: if chan["read"]: join_room("CHANNEL_"+chan["channel"]["id"]) if session.get("unauthenticated", True) and guild_id in session.get("user_keys", {}): join_room("IP_"+get_client_ipaddr()) elif not session.get("unauthenticated", True): join_room("USER_"+str(session["user_id"])) visitor_mode = data["visitor_mode"] if not visitor_mode: if session["unauthenticated"]: emit("embed_user_connect", {"unauthenticated": True, "username": session["username"], "discriminator": session["user_id"]}, room="GUILD_"+guild_id) else: nickname = db.session.query(GuildMembers).filter(GuildMembers.guild_id == guild_id, GuildMembers.user_id == session["user_id"]).first().nickname emit("embed_user_connect", {"unauthenticated": False, "id": str(session["user_id"]), "nickname": nickname, "username": session["username"],"discriminator": session["discriminator"], "avatar_url": session["avatar"]}, room="GUILD_"+guild_id) emit("identified") self.teardown_db_session()
def on_identify(self, data): authorization = data.get("session", None) if authorization: try: data = serializer.loads(authorization) session.update(data) except: pass guild_id = data["guild_id"] if not guild_accepts_visitors(guild_id) and not check_user_in_guild( guild_id): disconnect() self.teardown_db_session() return session["socket_guild_id"] = guild_id channels = [] forced_role = get_forced_role(guild_id) if guild_accepts_visitors( guild_id) and not check_user_in_guild(guild_id): channels = get_guild_channels(guild_id, force_everyone=True, forced_role=forced_role) else: channels = get_guild_channels(guild_id, forced_role=forced_role) join_room("GUILD_" + guild_id) for chan in channels: if chan["read"]: join_room("CHANNEL_" + chan["channel"]["id"]) if session.get("unauthenticated", True) and guild_id in session.get( "user_keys", {}): join_room("IP_" + get_client_ipaddr()) elif not session.get("unauthenticated", True): join_room("USER_" + str(session["user_id"])) visitor_mode = data["visitor_mode"] if not visitor_mode: if session["unauthenticated"]: emit("embed_user_connect", { "unauthenticated": True, "username": session["username"], "discriminator": session["user_id"] }, room="GUILD_" + guild_id) else: nickname = redisqueue.get_guild_member( guild_id, session["user_id"]).get("nickname") emit("embed_user_connect", { "unauthenticated": False, "id": str(session["user_id"]), "nickname": nickname, "username": session["username"], "discriminator": session["discriminator"], "avatar_url": session["avatar"] }, room="GUILD_" + guild_id) emit("identified") self.teardown_db_session()
def update_user_status(guild_id, username, user_key=None): if user_unauthenticated(): ip_address = get_client_ipaddr() status = { 'authenticated': False, 'avatar': None, 'manage_embed': False, 'ip_address': ip_address, 'username': username, 'nickname': None, 'user_key': user_key, 'guild_id': guild_id, 'user_id': session['user_id'], 'banned': checkUserBanned(guild_id, ip_address), 'revoked': checkUserRevoke(guild_id, user_key), } if status['banned'] or status['revoked']: session['user_keys'].pop(guild_id, None) return status dbUser = UnauthenticatedUsers.query.filter( and_(UnauthenticatedUsers.guild_id == guild_id, UnauthenticatedUsers.user_key == user_key)).first() dbUser.bumpTimestamp() if dbUser.username != username or dbUser.ip_address != ip_address: dbUser.username = username dbUser.ip_address = ip_address db.session.commit() else: status = { 'authenticated': True, 'avatar': session["avatar"], 'manage_embed': check_user_can_administrate_guild(guild_id), 'username': username, 'nickname': None, 'discriminator': session['discriminator'], 'guild_id': guild_id, 'user_id': session['user_id'], 'banned': checkUserBanned(guild_id), 'revoked': checkUserRevoke(guild_id) } if status['banned'] or status['revoked']: return status dbMember = get_guild_member(guild_id, status["user_id"]) if dbMember: status["nickname"] = dbMember.nickname dbUser = db.session.query(AuthenticatedUsers).filter( and_(AuthenticatedUsers.guild_id == guild_id, AuthenticatedUsers.client_id == status['user_id'])).first() dbUser.bumpTimestamp() return status
def change_unauthenticated_username(): username = request.form['username'] guild_id = request.form['guild_id'] ip_address = get_client_ipaddr() username = username.strip() if len(username) < 2 or len(username) > 32: abort(406) if not all(x.isalnum() or x.isspace() or "-" == x or "_" == x for x in username): abort(406) if not check_guild_existance(guild_id): abort(404) if not guild_query_unauth_users_bool(guild_id): abort(401) final_response = None if not checkUserBanned(guild_id, ip_address): if 'user_keys' not in session or guild_id not in session[ 'user_keys'] or not session['unauthenticated']: abort(424) emitmsg = { "unauthenticated": True, "username": session["username"], "discriminator": session["user_id"] } session['username'] = username if 'user_id' not in session or len(str(session["user_id"])) > 4: session['user_id'] = random.randint(0, 9999) user = UnauthenticatedUsers(guild_id, username, session['user_id'], ip_address) db.session.add(user) key = user.user_key session['user_keys'][guild_id] = key status = update_user_status(guild_id, username, key) emit("embed_user_disconnect", emitmsg, room="GUILD_" + guild_id, namespace="/gateway") final_response = jsonify(status=status) else: status = {'banned': True} response = jsonify(status=status) response.status_code = 403 final_response = response db.session.commit() return final_response
def create_unauthenticated_user(): session['unauthenticated'] = True username = request.form['username'] guild_id = request.form['guild_id'] ip_address = get_client_ipaddr() username = username.strip() if len(username) < 2 or len(username) > 32: abort(406) if not all(x.isalnum() or x.isspace() or "-" == x or "_" == x for x in username): abort(406) if not check_guild_existance(guild_id): abort(404) if not guild_query_unauth_users_bool(guild_id): abort(401) if guild_unauthcaptcha_enabled(guild_id): captcha_response = request.form['captcha_response'] if not verify_captcha_request(captcha_response, request.remote_addr): abort(412) final_response = None if not checkUserBanned(guild_id, ip_address): session['username'] = username if 'user_id' not in session or len(str(session["user_id"])) > 4: session['user_id'] = random.randint(0, 9999) user = UnauthenticatedUsers(guild_id, username, session['user_id'], ip_address) db.session.add(user) key = user.user_key if 'user_keys' not in session: session['user_keys'] = {guild_id: key} else: session['user_keys'][guild_id] = key session.permanent = False status = update_user_status(guild_id, username, key) final_response = jsonify(status=status) else: status = {'banned': True} response = jsonify(status=status) response.status_code = 403 final_response = response db.session.commit() return final_response