def check_device_id_num():
try:
if request.view_args['id_number'] != None:
return request.view_args['id_number']
else:
return get_remote_address()
except:
return get_remote_address()
def get():
print(get_remote_address())
icon_path = os.path.join(app.root_path, "static/images")
mimetype = "image/vnd.microsoft.icon"
icon_name = "favicon.ico"
return send_from_directory(icon_path, icon_name, mimetype=mimetype)
def _login_rate_limit() -> t.Tuple[str, str]:
try:
username = request.get_json()['username'].lower()
except: # pylint: disable=bare-except
username = '******'
return (username, get_remote_address())
def get(self):
# feeds get large need to force some cleanup
gc.collect()
if get_remote_address() != request.access_route[-1]:
return jsonify_unauth()
if not HTTPD_TOKEN:
return jsonify_success()
remote = ROUTER_ADDR
if current_app.config.get('CIF_ROUTER_ADDR'):
remote = current_app.config['CIF_ROUTER_ADDR']
try:
r = Client(remote, HTTPD_TOKEN).ping()
r = Client(remote, HTTPD_TOKEN).indicators_search({'indicator': 'example.com', 'nolog': '1'})
r = True
except TimeoutError:
return jsonify_unknown(msg='timeout', code=408)
except AuthError:
return jsonify_unauth()
if not r:
return jsonify_unknown(503)
return jsonify_success()
def get(self):
dbm.sqla.session.add(dbm.PredictReqs(sha1(get_remote_address().encode()).hexdigest(), session.get("act_id"),
session.get("session_id"), session['file_hash'], session.get("req_start_t"),
datetime.now(), session.get('error'), self.response, session.get("ext_ver")))
dbm.sqla.session.commit()
if self.response is not None:
self.response['session_id'] = session.get("session_id")
return {'response': self.response, 'error': self.error}
def limiter_key_func() -> str:
"""The Flask-Limiter key function. We delimit by remote address
if the user isn't logged in, otherwise we delimit by their
current user id number."""
if current_user.is_anonymous:
return get_remote_address()
else:
return str(current_user.id)
def ratelimit_handler(e):
return make_response(
jsonify(
error=str(e),
method=request.method,
path=request.path,
remote_addr=get_remote_address()
), 429)
def limit_exceeded(err):
''' Rate limit message'''
remote_ip = get_remote_address()
logger.error('IP {} exceeded rate limit'
'with request {} {}'.format(remote_ip,
request.method,
request.path))
return make_response('Rate limit exceeded!', 429)
def vote_limiter(request):
content = request.get_json(silent=True)
if ((u'b' in content) and (u'c' in content)):
down = False
if (u'downvote' in content):
down = content.get('downvote')
c = content.get('c')
b = content.get('b')
return (get_remote_address() + b + c + str(down))
def download():
filename = request.form.get('file_name')
url = request.form.get('download_url')
if not (url and filename):
return jsonify({'message': 'Illegal input fields'})
temp_link = download_file(url, filename)
send_email(message='Generated file_link: %s' % temp_link,
ip_address=get_remote_address())
return jsonify({'file_link': temp_link})
def make_limiter(app):
limiter = Limiter(
app,
key_func=lambda: current_user.id
if hasattr(current_user, "id")
else get_remote_address(),
default_limits=["1000 per day", "30 per minute"],
)
limiter.enabled = QuerybookSettings.PRODUCTION
for handler in app.logger.handlers:
limiter.logger.addHandler(handler)
return limiter
def load_user(user_id):
#put it here to prevent recursive import with models.py
from server.api.models import User
user = User.query.get_or_404(user_id)
# FIXME: works, but not able to redirect frontend page to 403, only output 403 in console
if user.banned:
return None
#update last active timestamp
user.timestamp = datetime.utcnow()
#update ip address
user.ip_addr = get_remote_address()
#print("----remote address: ", get_remote_address())
db.session.commit()
return user
def add_log(operation, description):
"""
:param operation 操作
:param description 描述
:return: None
"""
try:
log = MisOperationLog(administrator_id=g.administrator_id,
ip=get_remote_address(),
operation=operation,
description=description)
db.session.add(log)
db.session.commit()
except Exception:
db.session.rollback()
current_app.logger.error(traceback.format_exc())
raise ValueError('db error.')
def login():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password, escape(form.password.data)):
login_user(user, remember=form.remember.data, duration=timedelta(days=30))
user.last_login_at = datetime.now()
user.last_login_ip = get_remote_address()
user.active = True
db.session.commit()
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(url_for('main.home'))
else:
flash('Login Unsuccessful. Please check email and password.','error')
session.permanent = True
return render_template('login.html', title='Login', form=form)
def scope_func(endpoint_name):
"""
Returns the key with which to track the user's requests
for the purposes of ratelimiting
"""
# If the request is oauth-authenticated, return email:client
if hasattr(request, 'oauth') and request.oauth.client:
return "{email}:{client}".format(
email=request.oauth.user.email,
client=request.oauth.client.client_id,
)
# Check if we have a user authenticated via a session cookie
elif hasattr(current_user, 'email') and \
'BOOTSTRAP_USER_EMAIL' in current_app.config and \
current_user.email != current_app.config['BOOTSTRAP_USER_EMAIL']:
return "{email}".format(email=current_user.email)
# If request doesn't have oauth-identifying information, fall back to
# the request's IP address.
else:
return get_remote_address()
def scope_func(endpoint_name):
"""
Returns the key with which to track the user's requests
for the purposes of ratelimiting
"""
# If the request is oauth-authenticated, return email:client
if hasattr(request, 'oauth') and request.oauth.client:
return "{email}:{client}".format(
email=request.oauth.user.email,
client=request.oauth.client.client_id,
)
# Check if we have a user authenticated via a session cookie
elif hasattr(current_user, 'email') and \
'BOOTSTRAP_USER_EMAIL' in current_app.config and \
current_user.email != current_app.config['BOOTSTRAP_USER_EMAIL']:
return "{email}".format(email=current_user.email)
# If request doesn't have oauth-identifying information, fall back to
# the request's IP address.
else:
return get_remote_address()
def userip(self, request):
return str(util.get_remote_address())
def clientIpFilter() -> str:
clientIp = get_remote_address()
clientIpHeader = request.headers.getlist("X-Forwarded-For")
print('Remote IP: {} or {}'.format(clientIp, clientIpHeader))
return clientIpHeader
def exemptFuction():
currentIP = get_remote_address()
if currentIP in exemptedIPs:
return True
return False
def get_identifier():
if current_user.is_authenticated:
return current_user.username
return get_remote_address()
def index():
print(get_remote_address())
return render_template('index.jinja')
def proxy_get_remote_address():
if HTTPD_PROXY in ['1', 1]:
return request.access_route[-1]
return get_remote_address()
def generate_limit_key():
"""Generate key for request rate limiting."""
# use authenticated user if specified, otherwise use ip by default
if limit_by == 'user' and flask.g.get('user') is not None:
return flask.g.get('user')
return util.get_remote_address()
def before():
current_app.logger.info("Handling " + request.method +
" Request for endpoint " + request.path +
" from API user '" + get_api_user_id() +
"' from address " + util.get_remote_address())
pass
def limiter_filter():
dont_filter = get_remote_address() in (current_app.config.get('WHITE_LIST')
or ())
if not current_app.config['DEBUG'] or dont_filter:
return True
def limiter_key_func():
from flask_login import current_user
if hasattr(current_user, "id"):
return current_user.id
return get_remote_address()
def get_form_email_or_ip():
return request.form.get('email', get_remote_address())
@app.route('/index2')
@limiter.limit("100/day;10/hour;1/minute") # 与index()同功效
def index2():
return jsonify({'response': 'Are we rated limited?'})
@app.route('/index3')
@limiter.exempt
def index3():
return jsonify({'response': 'We are not rate limited'})
@app.route("/expensive") # exempt_when=callable 当满足给定条件时,可以免除限制
@limiter.limit("1/day",
exempt_when=lambda: get_remote_address() == "172.16.4.120")
def expensive_route():
return jsonify({'response': 'you are wellcome!'})
# 多个路由应共享速率限制的情况(例如,访问有限速率的相同资源保护路由时)
mysql_limit = limiter.shared_limit("2/hour", scope="mysql_flag")
# 3) "LIMITER/172.16.4.120/mysql_flag/2/1/hour"
@app.route('/index4')
@mysql_limit
def index4():
return jsonify({'response': 'mysql_limit'})
def proxy_get_remote_address():
if HTTPD_PROXY in ['1', 1]:
return request.access_route[-1]
return get_remote_address()
def get_request_ip():
return request.headers.get('X-Real-Ip') or get_remote_address()
from flask_cors import CORS
from flask_compress import Compress
from flaskr.db.connect_db import connect
from flaskr.utils.helpers import compareJSONdate, convertJST
from bson.json_util import dumps as json
from json import dumps
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address
app = Flask(__name__)
app.config["COMPRESS_ALGORITHM"] = "br"
# rate limiter for everyone excluding AnimeAndromeda and localhost (for testing)
limiter = Limiter(app,
key_func=lambda: ""
if get_remote_address() == "127.0.0.1" or get_remote_address(
) == "76.76.21.21" else get_remote_address(),
default_limits=["25 per minute"])
BASE_URL = "/api/v2/anime/"
client = connect()
db = client["andromeda_dev"]
db_report = client["andromeda"]
collection = db["anime_docs"]
report_collection = db_report["reports"]
# Access-Control-Allow-Origin: *
CORS(app)
# Use brotli compression
Compress(app)
