indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Merge branch 'main' of gitlab.com:bashrc2/epicyon

merge-requests/30/head
Bob Mottram 2022-08-28 15:33:53 +01:00
parent fe6c0e9098 1d77869706
commit 6d3828e93d
29 changed files with 189 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
daemon.py
View File

@ -177,6 +177,7 @@ from webapp_utils import csv_following_list
from webapp_utils import set_blog_address
from webapp_utils import html_show_share
from webapp_utils import get_pwa_theme_colors
from webapp_utils import text_mode_browser
from webapp_calendar import html_calendar_delete_confirm
from webapp_calendar import html_calendar
from webapp_about import html_about
@ -190,7 +191,6 @@ from webapp_confirm import html_confirm_unblock
from webapp_person_options import person_minimize_images
from webapp_person_options import person_undo_minimize_images
from webapp_person_options import html_person_options
from webapp_timeline import text_mode_browser
from webapp_timeline import html_shares
from webapp_timeline import html_wanted
from webapp_timeline import html_inbox
@ -1059,6 +1059,15 @@ class PubServer(BaseHTTPRequestHandler):
'This is nothing less ' +
'than an utter triumph', None)
def _401(self, post_msg: str) -> None:
if self.server.translate:
ok_str = self.server.translate[post_msg]
self._http_return_code(401, self.server.translate['Unauthorized'],
ok_str, None)
else:
self._http_return_code(401, 'Unauthorized',
post_msg, None)
def _201(self, etag: str) -> None:
if self.server.translate:
done_str = self.server.translate['It is done']
@ -2050,11 +2059,12 @@ class PubServer(BaseHTTPRequestHandler):
'epicyon=; SameSite=Strict',
calling_domain)
def _show_login_screen(self, calling_domain: str, cookie: str,
def _post_login_screen(self, calling_domain: str, cookie: str,
base_dir: str, http_prefix: str,
domain: str, domain_full: str, port: int,
onion_domain: str, i2p_domain: str) -> None:
"""Shows the login screen
onion_domain: str, i2p_domain: str,
ua_str: str, debug: bool) -> None:
"""POST to login screen, containing credentials
"""
# ensure that there is a minimum delay between failed login
# attempts, to mitigate brute force
@ -2067,8 +2077,7 @@ class PubServer(BaseHTTPRequestHandler):
length = int(self.headers['Content-length'])
if length > 512:
print('Login failed - credentials too long')
self.send_response(401)
self.end_headers()
self._401('Credentials are too long')
self.server.postreq_busy = False
return
@ -2095,7 +2104,7 @@ class PubServer(BaseHTTPRequestHandler):
html_get_login_credentials(login_params,
self.server.last_login_time,
domain)
if login_nickname:
if login_nickname and login_password:
if is_system_account(login_nickname):
print('Invalid username login: ' + login_nickname +
' (system account)')
@ -2176,7 +2185,8 @@ class PubServer(BaseHTTPRequestHandler):
self.server.postreq_busy = False
return
# login success - redirect with authorization
print('====== Login success: ' + login_nickname)
print('====== Login success: ' + login_nickname +
' ' + ua_str)
# re-activate account if needed
activate_account(base_dir, login_nickname, domain)
# This produces a deterministic token based
@ -2246,6 +2256,33 @@ class PubServer(BaseHTTPRequestHandler):
cookie_str, calling_domain)
self.server.postreq_busy = False
return
else:
print('WARN: No login credentials presented to /login')
if debug:
# be careful to avoid logging the password
login_str = login_params
if '=' in login_params:
login_params_list = login_params.split('=')
login_str = ''
skip_param = False
for login_prm in login_params_list:
if not skip_param:
login_str += login_prm + '='
else:
len_str = login_prm.split('&')[0]
if len(len_str) > 0:
login_str += login_prm + '*'
len_str = ''
if '&' in login_prm:
login_str += \
'&' + login_prm.split('&')[1] + '='
skip_param = False
if 'password' in login_prm:
skip_param = True
login_str = login_str[:len(login_str) - 1]
print(login_str)
self._401('No login credentials were posted')
self.server.postreq_busy = False
self._200()
self.server.postreq_busy = False
@ -15287,7 +15324,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.http_prefix,
self.server.domain_full,
self.server.system_language,
False).encode('utf-8')
False, ua_str).encode('utf-8')
msglen = len(msg)
self._logout_headers('text/html', msglen, calling_domain)
self._write(msg)
@ -16995,7 +17032,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.http_prefix,
self.server.domain_full,
self.server.system_language,
True).encode('utf-8')
True, ua_str).encode('utf-8')
msglen = len(msg)
self._login_headers('text/html', msglen, calling_domain)
self._write(msg)
@ -20042,16 +20079,17 @@ class PubServer(BaseHTTPRequestHandler):
'_POST', 'start',
self.server.debug)
# login screen
# POST to login screen, containing credentials
if self.path.startswith('/login'):
self._show_login_screen(calling_domain, cookie,
self._post_login_screen(calling_domain, cookie,
self.server.base_dir,
self.server.http_prefix,
self.server.domain,
self.server.domain_full,
self.server.port,
self.server.onion_domain,
self.server.i2p_domain)
self.server.i2p_domain,
ua_str, self.server.debug)
self.server.postreq_busy = False
return

5
translations/ar.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "آخر أسبوعين",
"Last month": "الشهر الماضي",
"Last 6 months": "آخر 6 أشهر",
"Last year": "العام الماضي"
"Last year": "العام الماضي",
"Unauthorized": "غير مصرح",
"No login credentials were posted": "لم يتم نشر بيانات اعتماد تسجيل الدخول",
"Credentials are too long": "أوراق الاعتماد طويلة جدًا"
}

5
translations/bn.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "গত ২ সপ্তাহ",
"Last month": "গত মাসে",
"Last 6 months": "গত ৬ মাস",
"Last year": "গত বছর"
"Last year": "গত বছর",
"Unauthorized": "অননুমোদিত",
"No login credentials were posted": "কোনো লগইন শংসাপত্র পোস্ট করা হয়নি",
"Credentials are too long": "শংসাপত্রগুলি খুব দীর্ঘ৷"
}

5
translations/ca.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Últimes 2 setmanes",
"Last month": "El mes passat",
"Last 6 months": "Últims 6 mesos",
"Last year": "L'any passat"
"Last year": "L'any passat",
"Unauthorized": "No autoritzat",
"No login credentials were posted": "No s'ha publicat cap credencial d'inici de sessió",
"Credentials are too long": "Les credencials són massa llargues"
}

5
translations/cy.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "2 wythnos diwethaf",
"Last month": "Mis diwethaf",
"Last 6 months": "6 mis diwethaf",
"Last year": "Blwyddyn diwethaf"
"Last year": "Blwyddyn diwethaf",
"Unauthorized": "Anawdurdodedig",
"No login credentials were posted": "Ni bostiwyd unrhyw fanylion mewngofnodi",
"Credentials are too long": "Mae manylion yn rhy hir"
}

5
translations/de.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Letzte 2 Wochen",
"Last month": "Im vergangenen Monat",
"Last 6 months": "Letzte 6 Monate",
"Last year": "Vergangenes Jahr"
"Last year": "Vergangenes Jahr",
"Unauthorized": "Unbefugt",
"No login credentials were posted": "Es wurden keine Zugangsdaten gepostet",
"Credentials are too long": "Anmeldeinformationen sind zu lang"
}

5
translations/el.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Τελευταίες 2 εβδομάδες",
"Last month": "Τον προηγούμενο μήνα",
"Last 6 months": "Τελευταίοι 6 μήνες",
"Last year": "Πέρυσι"
"Last year": "Πέρυσι",
"Unauthorized": "Ανεξουσιοδότητος",
"No login credentials were posted": "Δεν δημοσιεύτηκαν διαπιστευτήρια σύνδεσης",
"Credentials are too long": "Τα διαπιστευτήρια είναι πολύ μεγάλα"
}

5
translations/en.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Last 2 weeks",
"Last month": "Last month",
"Last 6 months": "Last 6 months",
"Last year": "Last year"
"Last year": "Last year",
"Unauthorized": "Unauthorized",
"No login credentials were posted": "No login credentials were posted",
"Credentials are too long": "Credentials are too long"
}

5
translations/es.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "últimas 2 semanas",
"Last month": "El mes pasado",
"Last 6 months": "últimos 6 meses",
"Last year": "El año pasado"
"Last year": "El año pasado",
"Unauthorized": "No autorizado",
"No login credentials were posted": "No se publicaron credenciales de inicio de sesión",
"Credentials are too long": "Las credenciales son demasiado largas"
}

5
translations/fr.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "2 dernières semaines",
"Last month": "Le mois dernier",
"Last 6 months": "6 derniers mois",
"Last year": "L'année dernière"
"Last year": "L'année dernière",
"Unauthorized": "Non autorisé",
"No login credentials were posted": "Aucun identifiant de connexion n'a été posté",
"Credentials are too long": "Les identifiants sont trop longs"
}

5
translations/ga.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "2 sheachtain anuas",
"Last month": "An mhí seo caite",
"Last 6 months": "6 mhí anuas",
"Last year": "Anuraidh"
"Last year": "Anuraidh",
"Unauthorized": "Neamhúdaraithe",
"No login credentials were posted": "Níor postáladh aon dintiúir logáil isteach",
"Credentials are too long": "Tá dintiúir ró-fhada"
}

5
translations/hi.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "पिछले 2 सप्ताह",
"Last month": "पिछले महीने",
"Last 6 months": "पिछले 6 महीने",
"Last year": "पिछले साल"
"Last year": "पिछले साल",
"Unauthorized": "अनधिकृत",
"No login credentials were posted": "कोई लॉगिन क्रेडेंशियल पोस्ट नहीं किया गया था",
"Credentials are too long": "क्रेडेंशियल बहुत लंबे हैं"
}

5
translations/it.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Ultime 2 settimane",
"Last month": "Lo scorso mese",
"Last 6 months": "Ultimi 6 mesi",
"Last year": "L'anno scorso"
"Last year": "L'anno scorso",
"Unauthorized": "Non autorizzato",
"No login credentials were posted": "Non sono state pubblicate credenziali di accesso",
"Credentials are too long": "Le credenziali sono troppo lunghe"
}

5
translations/ja.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "過去 2 週間",
"Last month": "先月",
"Last 6 months": "過去 6 か月",
"Last year": "去年"
"Last year": "去年",
"Unauthorized": "無許可",
"No login credentials were posted": "ログイン認証情報が投稿されていません",
"Credentials are too long": "資格情報が長すぎます"
}

5
translations/ko.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "지난 2주",
"Last month": "지난 달",
"Last 6 months": "지난 6개월",
"Last year": "작년"
"Last year": "작년",
"Unauthorized": "무단",
"No login credentials were posted": "게시된 로그인 자격 증명이 없습니다.",
"Credentials are too long": "자격 증명이 너무 깁니다."
}

5
translations/ku.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "2 hefteyên dawî",
"Last month": "meha borî",
"Last 6 months": "6 mehên dawî",
"Last year": "Sala borî"
"Last year": "Sala borî",
"Unauthorized": "Bêmaf",
"No login credentials were posted": "Tu pêbaweriyên têketinê nehatin şandin",
"Credentials are too long": "Bawernameyên pir dirêj in"
}

5
translations/nl.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Afgelopen 2 weken",
"Last month": "Vorige maand",
"Last 6 months": "Afgelopen 6 maanden",
"Last year": "Afgelopen jaar"
"Last year": "Afgelopen jaar",
"Unauthorized": "Ongeautoriseerd",
"No login credentials were posted": "Er zijn geen inloggegevens gepost",
"Credentials are too long": "Inloggegevens zijn te lang"
}

5
translations/oc.json
View File

@ -583,5 +583,8 @@
"Last 2 weeks": "Last 2 weeks",
"Last month": "Last month",
"Last 6 months": "Last 6 months",
"Last year": "Last year"
"Last year": "Last year",
"Unauthorized": "Unauthorized",
"No login credentials were posted": "No login credentials were posted",
"Credentials are too long": "Credentials are too long"
}

5
translations/pl.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Ostatnie 2 tygodnie",
"Last month": "W zeszłym miesiącu",
"Last 6 months": "Ostatnie 6 miesięcy",
"Last year": "Ostatni rok"
"Last year": "Ostatni rok",
"Unauthorized": "Nieautoryzowany",
"No login credentials were posted": "Nie opublikowano danych logowania",
"Credentials are too long": "Poświadczenia są za długie"
}

5
translations/pt.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Últimas 2 semanas",
"Last month": "Mês passado",
"Last 6 months": "Últimos 6 meses",
"Last year": "Ano passado"
"Last year": "Ano passado",
"Unauthorized": "Não autorizado",
"No login credentials were posted": "Nenhuma credencial de login foi postada",
"Credentials are too long": "As credenciais são muito longas"
}

5
translations/ru.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Последние 2 недели",
"Last month": "Прошлый месяц",
"Last 6 months": "Последние 6 месяцев",
"Last year": "Прошедший год"
"Last year": "Прошедший год",
"Unauthorized": "Неавторизованный",
"No login credentials were posted": "Учетные данные для входа не были отправлены",
"Credentials are too long": "Учетные данные слишком длинные"
}

5
translations/sw.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Wiki 2 zilizopita",
"Last month": "Mwezi uliopita",
"Last 6 months": "Miezi 6 iliyopita",
"Last year": "Mwaka jana"
"Last year": "Mwaka jana",
"Unauthorized": "Haijaidhinishwa",
"No login credentials were posted": "Hakuna kitambulisho cha kuingia kilichochapishwa",
"Credentials are too long": "Kitambulisho ni kirefu sana"
}

5
translations/tr.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Son 2 hafta",
"Last month": "Geçen ay",
"Last 6 months": "Son 6 ay",
"Last year": "Geçen yıl"
"Last year": "Geçen yıl",
"Unauthorized": "Yetkisiz",
"No login credentials were posted": "Giriş bilgileri gönderilmedi",
"Credentials are too long": "Kimlik bilgileri çok uzun"
}

5
translations/uk.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "Останні 2 тижні",
"Last month": "Минулого місяця",
"Last 6 months": "Останні 6 місяців",
"Last year": "Минулого року"
"Last year": "Минулого року",
"Unauthorized": "Несанкціонований",
"No login credentials were posted": "Облікові дані для входу не опубліковано",
"Credentials are too long": "Облікові дані задовгі"
}

5
translations/yi.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "לעצטע 2 וואָכן",
"Last month": "לעצטע מאנאט",
"Last 6 months": "לעצטע 6 חדשים",
"Last year": "לעצטע יאר"
"Last year": "לעצטע יאר",
"Unauthorized": "אַנאָטערייזד",
"No login credentials were posted": "קיין לאָגין קראַדענטשאַלז זענען אַרייַנגעשיקט",
"Credentials are too long": "קראַדענטשאַלז זענען צו לאַנג"
}

5
translations/zh.json
View File

@ -587,5 +587,8 @@
"Last 2 weeks": "过去 2 周",
"Last month": "上个月",
"Last 6 months": "过去 6 个月",
"Last year": "去年"
"Last year": "去年",
"Unauthorized": "未经授权",
"No login credentials were posted": "未发布登录凭据",
"Credentials are too long": "凭据太长"
}

40
webapp_login.py
View File

@ -17,23 +17,25 @@ from webapp_utils import set_custom_background
from webapp_utils import html_header_with_website_markup
from webapp_utils import html_footer
from webapp_utils import html_keyboard_navigation
from webapp_utils import text_mode_browser
from theme import get_text_mode_logo
def html_get_login_credentials(loginParams: str,
def html_get_login_credentials(login_params: str,
last_login_time: int,
domain: str) -> (str, str, bool):
"""Receives login credentials via HTTPServer POST
"""
if not loginParams.startswith('username='):
if not login_params.startswith('username='):
if '&username=' not in login_params:
return None, None, None
# minimum time between login attempts
curr_time = int(time.time())
if curr_time < last_login_time + 10:
return None, None, None
if '&' not in loginParams:
if '&' not in login_params:
return None, None, None
login_args = loginParams.split('&')
login_args = login_params.split('&')
nickname = None
password = None
register = False
@ -58,7 +60,8 @@ def html_login(translate: {},
base_dir: str,
http_prefix: str, domain: str,
system_language: str,
autocomplete: bool) -> str:
autocomplete: bool,
ua_str: str) -> str:
"""Shows the login screen
"""
accounts = no_of_accounts(base_dir)
@ -132,19 +135,19 @@ def html_login(translate: {},
translate[idx] + \
'</p>'
register_button_str = \
'<button type="submit" name="register">' + \
'<button type="submit" name="register" tabindex="1">' + \
translate['Register'] + '</button>'
tos_str = \
'<p class="login-text"><a href="/about">' + \
'<p class="login-text"><a href="/about" tabindex="2">' + \
translate['About this Instance'] + '</a></p>' + \
'<p class="login-text"><a href="/terms">' + \
'<p class="login-text"><a href="/terms" tabindex="2">' + \
translate['Terms of Service'] + '</a></p>'
login_button_str = ''
if accounts > 0:
login_button_str = \
'<button type="submit" name="submit">' + \
'<button type="submit" name="submit" tabindex="1">' + \
translate['Login'] + '</button>'
autocomplete_nickname_str = 'autocomplete="username"'
@ -177,18 +180,25 @@ def html_login(translate: {},
translate['Nickname'] + '</b></label>\n' + \
' <input type="text" ' + autocomplete_nickname_str + \
' placeholder="' + translate['Enter Nickname'] + '" ' + \
'pattern="' + nickname_pattern + '" name="username" ' + \
'required autofocus>\n' + \
'\n' + \
'pattern="' + nickname_pattern + '" name="username" tabindex="1" ' + \
'required autofocus>'
in_text_mode = text_mode_browser(ua_str)
if in_text_mode:
login_form += '<br>'
login_form += \
'\n\n' + \
' <label for="password"><b>' + \
translate['Password'] + '</b></label>\n' + \
' <input type="password" ' + autocomplete_password_str + \
' placeholder="' + translate['Enter Password'] + '" ' + \
'pattern="{8,256}" name="password" required>\n' + \
login_button_str + register_button_str + '\n' + \
'pattern="{8,256}" name="password" tabindex="1" required>'
if in_text_mode:
login_form += '<br><br>'
login_form += \
'\n' + login_button_str + register_button_str + '\n' + \
' </div>\n' + \
'</form>\n' + \
'<a href="https://gitlab.com/bashrc2/epicyon">' + \
'<a href="https://gitlab.com/bashrc2/epicyon" tabindex="2">' + \
'<img loading="lazy" decoding="async" class="license" title="' + \
translate['Get the source code'] + '" alt="' + \
translate['Get the source code'] + '" src="/icons/agpl.png" /></a>\n'

11
webapp_timeline.py
View File

@ -23,6 +23,7 @@ from utils import remove_eol
from follow import follower_approval_active
from person import is_person_snoozed
from markdown import markdown_to_html
from webapp_utils import text_mode_browser
from webapp_utils import html_keyboard_navigation
from webapp_utils import html_hide_from_screen_reader
from webapp_utils import html_post_separator
@ -382,16 +383,6 @@ def _html_timeline_keyboard(moderator: bool, text_mode_banner: str,
follow_approvals)
def text_mode_browser(ua_str: str) -> bool:
"""Does the user agent indicate a text mode browser?
"""
text_mode_agents = ('Lynx/', 'w3m/', 'Links (', 'Emacs/', 'ELinks')
for agent in text_mode_agents:
if agent in ua_str:
return True
return False
def _html_timeline_end(base_dir: str, nickname: str, domain_full: str,
http_prefix: str, translate: {},
moderator: bool, editor: bool,

10
webapp_utils.py
View File

@ -1887,3 +1887,13 @@ def html_common_emoji(base_dir: str, no_of_emoji: int) -> str:
ctr += 1
line_ctr += 1
return html_str
def text_mode_browser(ua_str: str) -> bool:
"""Does the user agent indicate a text mode browser?
"""
text_mode_agents = ('Lynx/', 'w3m/', 'Links (', 'Emacs/', 'ELinks')
for agent in text_mode_agents:
if agent in ua_str:
return True
return False