solve the captcha without sending a message; try really hard not to put infinities in json; don't forget about viewers if they're banned

website/chat.py

@@ -17,6 +17,8 @@ captchas = {} # captchas that have been used already
 viewers = viewership.viewers
 nonces = {}
 
+# TODO: PMs / whispers (?)
+
 def behead_chat():
     while len(messages) > CHAT_MAX_STORAGE:
         messages.pop()
@@ -55,32 +57,7 @@ def remove_expired_nonces():
             pass
 
 def _comment(text, token, c_response, c_ciphertext, nonce):
-    now = int(time.time())
-    if not token:
-        return N_TOKEN_EMPTY
-    if not text:
-        return N_MESSAGE_EMPTY
-    if len(text) >= MESSAGE_MAX_LENGTH:
-        return N_MESSAGE_LONG
-
-    viewership.setdefault(token)
-
-    # remove record of old comments
-    for t in viewers[token]['recent_comments'].copy():
-        if t < now - FLOOD_PERIOD:
-            viewers[token]['recent_comments'].remove(t)
-
-    pprint(viewers)
-
-    if viewers[token]['banned']:
-        return N_BANNED
-
-    # check that the commenter hasn't acidentally sent the same request twice
-    remove_expired_nonces()
-    try:
-        nonces.pop(nonce)
-    except KeyError:
-        return N_CONFIRM
+    # TODO: if multiple errors, give out the least annoying one, e.g. N_CAPTCHA_MISSING is far more annoying than N_MESSAGE_EMPTY
 
     # check captcha
     if not viewers[token]['verified']:
@@ -109,6 +86,38 @@ def _comment(text, token, c_response, c_ciphertext, nonce):
         else:
             return N_CAPTCHA_MISSING
 
+    now = int(time.time())
+    if not token:
+        return N_TOKEN_EMPTY
+    if not text:
+        # some people may think that you can type in the captcha first to get
+        # rid of it before sending any message; this enables that behaviour
+        if not viewers[token]['viewers']['verified']:
+            viewers[token]['viewers']['verified'] = True
+            return N_NONE
+        return N_MESSAGE_EMPTY
+    if len(text) >= MESSAGE_MAX_LENGTH:
+        return N_MESSAGE_LONG
+
+    viewership.setdefault(token)
+
+    # remove record of old comments
+    for t in viewers[token]['recent_comments'].copy():
+        if t < now - FLOOD_PERIOD:
+            viewers[token]['recent_comments'].remove(t)
+
+    pprint(viewers)
+
+    if viewers[token]['banned']:
+        return N_BANNED
+
+    # check that the commenter hasn't acidentally sent the same request twice
+    remove_expired_nonces()
+    try:
+        nonces.pop(nonce)
+    except KeyError:
+        return N_CONFIRM
+
     if secrets.randbelow(50) == 0:
         viewers[token]['verified'] = False
         return N_CAPTCHA_RANDOM

website/routes.py

@@ -374,7 +374,7 @@ def debug():
             }
         }
 
-    response = make_response(json.dumps(result, cls=JSONEncoder))
+    response = make_response(json.dumps(result, cls=JSONEncoder).replace('": -Infinity', '": null')) # this is such a horrible hack I apologise that you saw it
     response.mimetype = 'application/json'
 
     # so that you are logged in if the very first thing you do is go to /debug, then you go to /

website/viewership.py

@@ -7,11 +7,25 @@ import website.utils.tripcode as tripcode
 import website.chat as chat
 from website.constants import ANON_DEFAULT_NICKNAME, BROADCASTER_COLOUR, BROADCASTER_TOKEN, HLS_TIME, HOST_DEFAULT_NICKNAME, SEGMENTS_DIR, VIEW_COUNTING_PERIOD, VIEWER_ABSENT_THRESHOLD
 
-viewers = {} # TODO: remove viewers who haven't visited for a while, or limit the size of this dictionary somehow; otherwise this dictionary can become arbitrarily large
+viewers = {}
 segment_views = {}
 video_was_corrupted = set()
 lock = threading.Lock()
 
+# for debugging
+#class FakeLock:
+#    def __enter__(self, *args):
+#        pass
+#    def __exit__(self, *args):
+#        pass
+#    def acquire(self):
+#        pass
+#    def release(self):
+#        pass
+#
+#
+#lock = FakeLock()
+
 #When a viewer leaves a comment, they make a POST request to /comment; either
 #you can redirect back to /comment-box or you can respond there without
 #redirecting. In the second case viewers will get a confirmation dialogue when
@@ -183,7 +197,7 @@ def remove_absent_viewers():
     now = int(time.time())
     to_pop = []
     for token in viewers:
-        if viewers[token]['last_request'] < now - VIEWER_ABSENT_THRESHOLD and not chat.viewer_messages_exist(token):
+        if viewers[token]['last_request'] < now - VIEWER_ABSENT_THRESHOLD and not chat.viewer_messages_exist(token) and not viewer[token]['banned']:
             to_pop.append(token)
     for token in to_pop:
         try: