anonstream/anonstream/routes/core.py

# SPDX-FileCopyrightText: 2022 n9k <https://git.076.ne.jp/ninya9k>
# SPDX-License-Identifier: AGPL-3.0-or-later

import math
import re

from quart import current_app, request, render_template, abort, make_response, redirect, url_for, send_from_directory
from werkzeug.exceptions import Forbidden, NotFound, TooManyRequests

from anonstream.access import add_failure, pop_failure
from anonstream.captcha import get_captcha_image, get_random_captcha_digest
from anonstream.locale import get_lang_and_locale_from, get_lang_from, get_locale_from
from anonstream.segments import segments, StopSendingSegments
from anonstream.stream import is_online, get_stream_uptime
from anonstream.user import watching, create_eyes, renew_eyes, EyesException, RatelimitedEyes, TooManyEyes, ensure_allowedness, Blacklisted, SecretClub
from anonstream.routes.wrappers import with_user_from, auth_required, generate_and_add_user, clean_cache_headers, etag_conditional
from anonstream.helpers.captcha import check_captcha_digest, Answer
from anonstream.utils.security import generate_csp
from anonstream.utils.user import identifying_string
from anonstream.wrappers import with_timestamp

CAPTCHA_SIGNER = current_app.captcha_signer
STATIC_DIRECTORY = current_app.root_path / 'static'
LANG = current_app.lang

@current_app.route('/')
@with_user_from(request, fallback_to_token=True, ignore_allowedness=True)
async def home(timestamp, user_or_token):
    lang, locale = get_lang_and_locale_from(request, burrow=('anonstream',))
    match user_or_token:
        case str() | None as token:
            failure_id = request.args.get('failure', type=int)
            failure = pop_failure(failure_id)
            response = await render_template(
                'captcha.html',
                csp=generate_csp(),
                token=token,
                request_lang=get_lang_from(request, validate=False),
                locale=locale['captcha'],
                digest=get_random_captcha_digest(),
                failure=locale['internal'].get(failure),
            )
        case dict() as user:
            try:
                ensure_allowedness(user, timestamp=timestamp)
            except Blacklisted:
                raise Forbidden(locale['error']['blacklisted'])
            except SecretClub:
                # TODO allow changing tripcode
                raise Forbidden(locale['error']['not_whitelisted'])
            else:
                response = await render_template(
                    'home.html',
                    csp=generate_csp(),
                    user=user,
                    lang=lang,
                    default_lang=LANG,
                    locale=locale['home'],
                    version=current_app.version,
                )
    return response

@current_app.route('/stream.mp4')
@with_user_from(request)
async def stream(timestamp, user):
    locale = get_locale_from(request)['anonstream']['error']
    if not is_online():
        raise NotFound(locale['offline'])
    else:
        try:
            eyes_id = create_eyes(user, tuple(request.headers))
        except RatelimitedEyes as e:
            retry_after, *_ = e.args
            error = TooManyRequests(locale['ratelimit'] % retry_after)
            response = await current_app.handle_http_exception(error)
            response = await make_response(response)
            response.headers['Retry-After'] = math.ceil(retry_after)
            raise abort(response)
        except TooManyEyes as e:
            n_eyes, *_ = e.args
            raise TooManyRequests(locale['limit'] % n_eyes)
        else:
            @with_timestamp(precise=True)
            def segment_read_hook(timestamp, uri):
                user['last']['seen'] = timestamp
                try:
                    renew_eyes(timestamp, user, eyes_id, just_read_new_segment=True)
                except EyesException as e:
                    raise StopSendingSegments(
                        f'eyes {eyes_id} not allowed: {e!r}'
                    ) from e
                else:
                    user['last']['watching'] = timestamp
                print(f'{uri}: \033[37m{eyes_id}\033[0m~{identifying_string(user)}')
            generator = segments(segment_read_hook, token=f'\033[35m{user["token"]}\033[0m')
            response = await make_response(generator)
            response.headers['Content-Type'] = 'video/mp4'
            response.timeout = None
    return response

@current_app.route('/login')
@auth_required
async def login():
    return redirect(url_for('home', lang=get_lang_from(request)), 303)

@current_app.route('/captcha.jpg')
@with_user_from(request, fallback_to_token=True)
async def captcha(timestamp, user_or_token):
    digest = request.args.get('digest', '')
    image = get_captcha_image(digest)
    if image is None:
        return abort(410)
    else:
        return image, {'Content-Type': 'image/jpeg'}

@current_app.post('/access')
@with_user_from(request, fallback_to_token=True, ignore_allowedness=True)
async def access(timestamp, user_or_token):
    match user_or_token:
        case str() | None as token:
            form = await request.form
            digest = form.get('digest', '')
            answer = form.get('answer', '')
            match check_captcha_digest(CAPTCHA_SIGNER, digest, answer):
                case Answer.MISSING:
                    failure_id = add_failure('captcha_required')
                case Answer.BAD:
                    failure_id = add_failure('captcha_incorrect')
                case Answer.EXPIRED:
                    failure_id = add_failure('captcha_expired')
                case Answer.OK:
                    failure_id = None
                    user = generate_and_add_user(timestamp, token, verified=True)
        case dict() as user:
            token = user['token']
            failure_id = None
    lang = get_lang_from(request, validate=failure_id is None)
    url = url_for('home', token=token, lang=lang, failure=failure_id)
    return redirect(url, 303)

@current_app.route('/static/<path:filename>')
@with_user_from(request)
@etag_conditional
@clean_cache_headers
async def static(timestamp, user, filename):
    response = await send_from_directory(STATIC_DIRECTORY, filename)
    if filename in {'style.css', 'anonstream.js'}:
        response.headers['Cache-Control'] = 'no-cache'
    return response
Licence headers formatting 2022-06-16 10:12:37 +09:00			`# SPDX-FileCopyrightText: 2022 n9k <https://git.076.ne.jp/ninya9k>`
Add licences 2022-03-07 23:51:59 +09:00			`# SPDX-License-Identifier: AGPL-3.0-or-later`

Eyes: send Retry-After header during cooldown 2022-06-14 12:33:09 +09:00			`import math`
Emotes The sheet of emotes goes in `/static/emotes.png`. Emote coordinates go in emotes.json (by default, there is a config option). 2022-07-15 01:31:11 +09:00			`import re`
Eyes: send Retry-After header during cooldown 2022-06-14 12:33:09 +09:00
Error pages: custom descriptions 2022-06-22 16:52:07 +09:00			`from quart import current_app, request, render_template, abort, make_response, redirect, url_for, send_from_directory`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`from werkzeug.exceptions import Forbidden, NotFound, TooManyRequests`
Nojs chat, store all user names/colors in js, forget about inactive users Project structure evolving a bit 2022-02-16 18:55:30 +09:00
Access captcha 2022-06-22 14:00:43 +09:00			`from anonstream.access import add_failure, pop_failure`
			`from anonstream.captcha import get_captcha_image, get_random_captcha_digest`
one giant veiny commit 2022-07-28 19:48:33 +09:00			`from anonstream.locale import get_lang_and_locale_from, get_lang_from, get_locale_from`
Eyes This commit adds the concept of eyes. One "eyes" is one instance of a response to GET /stream.mp4. Currently the number of eyes clients can have is unbounded, but this is a DoS vector. 2022-06-14 09:36:36 +09:00			`from anonstream.segments import segments, StopSendingSegments`
Segment streaming redux, accurate stream uptime 2022-02-22 12:57:48 +09:00			`from anonstream.stream import is_online, get_stream_uptime`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`from anonstream.user import watching, create_eyes, renew_eyes, EyesException, RatelimitedEyes, TooManyEyes, ensure_allowedness, Blacklisted, SecretClub`
Emotes The sheet of emotes goes in `/static/emotes.png`. Emote coordinates go in emotes.json (by default, there is a config option). 2022-07-15 01:31:11 +09:00			`from anonstream.routes.wrappers import with_user_from, auth_required, generate_and_add_user, clean_cache_headers, etag_conditional`
Access captcha 2022-06-22 14:00:43 +09:00			`from anonstream.helpers.captcha import check_captcha_digest, Answer`
Add Content Security Policy meta tags 2022-03-07 16:11:49 +09:00			`from anonstream.utils.security import generate_csp`
Debug: print colorized tag/token_hash/token 2022-06-23 12:28:32 +09:00			`from anonstream.utils.user import identifying_string`
Allowedness: check in renew_eyes 2022-06-25 13:28:13 +09:00			`from anonstream.wrappers import with_timestamp`
Nojs chat, store all user names/colors in js, forget about inactive users Project structure evolving a bit 2022-02-16 18:55:30 +09:00
Access captcha 2022-06-22 14:00:43 +09:00			`CAPTCHA_SIGNER = current_app.captcha_signer`
Manual static folder 2022-06-19 17:26:38 +09:00			`STATIC_DIRECTORY = current_app.root_path / 'static'`
one giant veiny commit 2022-07-28 19:48:33 +09:00			`LANG = current_app.lang`
Manual static folder 2022-06-19 17:26:38 +09:00
Nojs chat, store all user names/colors in js, forget about inactive users Project structure evolving a bit 2022-02-16 18:55:30 +09:00			`@current_app.route('/')`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`@with_user_from(request, fallback_to_token=True, ignore_allowedness=True)`
Access captcha 2022-06-22 14:00:43 +09:00			`async def home(timestamp, user_or_token):`
unwieldy commit 2 2022-07-29 17:04:54 +09:00			`lang, locale = get_lang_and_locale_from(request, burrow=('anonstream',))`
Access captcha 2022-06-22 14:00:43 +09:00			`match user_or_token:`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`case str() \| None as token:`
Access captcha 2022-06-22 14:00:43 +09:00			`failure_id = request.args.get('failure', type=int)`
one giant veiny commit 2022-07-28 19:48:33 +09:00			`failure = pop_failure(failure_id)`
Access captcha 2022-06-22 14:00:43 +09:00			`response = await render_template(`
			`'captcha.html',`
			`csp=generate_csp(),`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`token=token,`
unwieldy commit 2 2022-07-29 17:04:54 +09:00			`request_lang=get_lang_from(request, validate=False),`
			`locale=locale['captcha'],`
Access captcha 2022-06-22 14:00:43 +09:00			`digest=get_random_captcha_digest(),`
unwieldy commit 2 2022-07-29 17:04:54 +09:00			`failure=locale['internal'].get(failure),`
Access captcha 2022-06-22 14:00:43 +09:00			`)`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`case dict() as user:`
			`try:`
			`ensure_allowedness(user, timestamp=timestamp)`
			`except Blacklisted:`
unwieldy commit 2 2022-07-29 17:04:54 +09:00			`raise Forbidden(locale['error']['blacklisted'])`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`except SecretClub:`
			`# TODO allow changing tripcode`
unwieldy commit 2 2022-07-29 17:04:54 +09:00			`raise Forbidden(locale['error']['not_whitelisted'])`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`else:`
			`response = await render_template(`
			`'home.html',`
			`csp=generate_csp(),`
			`user=user,`
unwieldy commit 2 2022-07-29 17:04:54 +09:00			`lang=lang,`
			`default_lang=LANG,`
			`locale=locale['home'],`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`version=current_app.version,`
			`)`
Access captcha 2022-06-22 14:00:43 +09:00			`return response`
Nojs chat, store all user names/colors in js, forget about inactive users Project structure evolving a bit 2022-02-16 18:55:30 +09:00
			`@current_app.route('/stream.mp4')`
			`@with_user_from(request)`
Give timestamp to route handlers 2022-06-19 17:51:42 +09:00			`async def stream(timestamp, user):`
one giant veiny commit 2022-07-28 19:48:33 +09:00			`locale = get_locale_from(request)['anonstream']['error']`
Segment streaming redux, accurate stream uptime 2022-02-22 12:57:48 +09:00			`if not is_online():`
one giant veiny commit 2022-07-28 19:48:33 +09:00			`raise NotFound(locale['offline'])`
Error pages: custom descriptions 2022-06-22 16:52:07 +09:00			`else:`
Eyes This commit adds the concept of eyes. One "eyes" is one instance of a response to GET /stream.mp4. Currently the number of eyes clients can have is unbounded, but this is a DoS vector. 2022-06-14 09:36:36 +09:00			`try:`
Store eyes headers as tuple instead of dict This preserves duplicate keys. 2022-06-29 12:03:49 +09:00			`eyes_id = create_eyes(user, tuple(request.headers))`
Error pages: custom descriptions 2022-06-22 16:52:07 +09:00			`except RatelimitedEyes as e:`
			`retry_after, *_ = e.args`
one giant veiny commit 2022-07-28 19:48:33 +09:00			`error = TooManyRequests(locale['ratelimit'] % retry_after)`
Error pages: custom descriptions 2022-06-22 16:52:07 +09:00			`response = await current_app.handle_http_exception(error)`
			`response = await make_response(response)`
			`response.headers['Retry-After'] = math.ceil(retry_after)`
			`raise abort(response)`
			`except TooManyEyes as e:`
			`n_eyes, *_ = e.args`
one giant veiny commit 2022-07-28 19:48:33 +09:00			`raise TooManyRequests(locale['limit'] % n_eyes)`
Error pages: custom descriptions 2022-06-22 16:52:07 +09:00			`else:`
Allowedness: check in renew_eyes 2022-06-25 13:28:13 +09:00			`@with_timestamp(precise=True)`
			`def segment_read_hook(timestamp, uri):`
			`user['last']['seen'] = timestamp`
Error pages: custom descriptions 2022-06-22 16:52:07 +09:00			`try:`
Allowedness: check in renew_eyes 2022-06-25 13:28:13 +09:00			`renew_eyes(timestamp, user, eyes_id, just_read_new_segment=True)`
Error pages: custom descriptions 2022-06-22 16:52:07 +09:00			`except EyesException as e:`
			`raise StopSendingSegments(`
			`f'eyes {eyes_id} not allowed: {e!r}'`
			`) from e`
Allowedness: check in renew_eyes 2022-06-25 13:28:13 +09:00			`else:`
			`user['last']['watching'] = timestamp`
Debug: print colorized tag/token_hash/token 2022-06-23 12:28:32 +09:00			`print(f'{uri}: \033[37m{eyes_id}\033[0m~{identifying_string(user)}')`
			`generator = segments(segment_read_hook, token=f'\033[35m{user["token"]}\033[0m')`
Error pages: custom descriptions 2022-06-22 16:52:07 +09:00			`response = await make_response(generator)`
			`response.headers['Content-Type'] = 'video/mp4'`
			`response.timeout = None`
Nojs chat, store all user names/colors in js, forget about inactive users Project structure evolving a bit 2022-02-16 18:55:30 +09:00			`return response`

			`@current_app.route('/login')`
			`@auth_required`
			`async def login():`
unwieldy commit 2 2022-07-29 17:04:54 +09:00			`return redirect(url_for('home', lang=get_lang_from(request)), 303)`
Captchas, require captcha initially, generalize notices to states 2022-02-20 13:23:32 +09:00
			`@current_app.route('/captcha.jpg')`
Access captcha 2022-06-22 14:00:43 +09:00			`@with_user_from(request, fallback_to_token=True)`
			`async def captcha(timestamp, user_or_token):`
Captchas, require captcha initially, generalize notices to states 2022-02-20 13:23:32 +09:00			`digest = request.args.get('digest', '')`
			`image = get_captcha_image(digest)`
			`if image is None:`
			`return abort(410)`
			`else:`
Minor non-breaking changes to captcha Added image/jpeg content-type header to /captcha.jpg. Made unsigned digests urlsafe (as they were intended to be). 2022-02-20 18:15:10 +09:00			`return image, {'Content-Type': 'image/jpeg'}`
Manual static folder 2022-06-19 17:26:38 +09:00
Access captcha 2022-06-22 14:00:43 +09:00			`@current_app.post('/access')`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`@with_user_from(request, fallback_to_token=True, ignore_allowedness=True)`
Access captcha 2022-06-22 14:00:43 +09:00			`async def access(timestamp, user_or_token):`
			`match user_or_token:`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`case str() \| None as token:`
Access captcha 2022-06-22 14:00:43 +09:00			`form = await request.form`
			`digest = form.get('digest', '')`
			`answer = form.get('answer', '')`
			`match check_captcha_digest(CAPTCHA_SIGNER, digest, answer):`
			`case Answer.MISSING:`
one giant veiny commit 2022-07-28 19:48:33 +09:00			`failure_id = add_failure('captcha_required')`
Access captcha 2022-06-22 14:00:43 +09:00			`case Answer.BAD:`
one giant veiny commit 2022-07-28 19:48:33 +09:00			`failure_id = add_failure('captcha_incorrect')`
Access captcha 2022-06-22 14:00:43 +09:00			`case Answer.EXPIRED:`
one giant veiny commit 2022-07-28 19:48:33 +09:00			`failure_id = add_failure('captcha_expired')`
Access captcha 2022-06-22 14:00:43 +09:00			`case Answer.OK:`
			`failure_id = None`
Bypass initial chat captcha if solved access captcha 2022-06-23 11:53:38 +09:00			`user = generate_and_add_user(timestamp, token, verified=True)`
Allowedness: check in special case route handlers 2022-06-25 14:02:02 +09:00			`case dict() as user:`
unwieldy commit 2 2022-07-29 17:04:54 +09:00			`token = user['token']`
			`failure_id = None`
			`lang = get_lang_from(request, validate=failure_id is None)`
			`url = url_for('home', token=token, lang=lang, failure=failure_id)`
Access captcha 2022-06-22 14:00:43 +09:00			`return redirect(url, 303)`

Emotes: one emote, one file 2022-07-20 15:04:55 +09:00			`@current_app.route('/static/<path:filename>')`
Manual static folder 2022-06-19 17:26:38 +09:00			`@with_user_from(request)`
Emotes The sheet of emotes goes in `/static/emotes.png`. Emote coordinates go in emotes.json (by default, there is a config option). 2022-07-15 01:31:11 +09:00			`@etag_conditional`
Manual static folder 2022-06-19 17:26:38 +09:00			`@clean_cache_headers`
Give timestamp to route handlers 2022-06-19 17:51:42 +09:00			`async def static(timestamp, user, filename):`
Ensure browsers revalidate style.css & anonstream.js 2022-07-15 01:49:57 +09:00			`response = await send_from_directory(STATIC_DIRECTORY, filename)`
			`if filename in {'style.css', 'anonstream.js'}:`
			`response.headers['Cache-Control'] = 'no-cache'`
			`return response`