Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • morganamilo/aurweb
  • tex/aurweb
  • abitrolly/aurweb
  • muflone/aurweb
  • anthraxx/aurweb
  • jafari/aurweb
  • levitating/aurweb
  • freso/aurweb
  • okabe/aurweb
  • rafaelff/aurweb
  • zoorat/aurweb
  • auerhuhn/aurweb
  • nils/aurweb
  • antiz/aurweb
  • henry-zhr/aurweb
  • segaja/aurweb
  • som015/aurweb
  • gromit/aurweb
  • belongingtome47/aurweb
  • moson/aurweb
  • steppaa23/aurweb
  • bittin/aurweb
  • jkhsjdhjs/aurweb
  • whynothugo/aurweb
  • matt/aurweb
  • fosskers/aurweb
  • awalgarg/aurweb
  • robertoszek/aurweb
  • ainola/aurweb
  • fluix/aurweb
  • hwittenborn/aurweb
  • jocke-l/aurweb
  • eschwartz/aurweb
  • mackilanu/aurweb
  • artafinde/aurweb
  • klausenbusk/aurweb
  • felixonmars/aurweb
  • kevr/aurweb
  • hashworks/aurweb
  • freswa/aurweb
  • lahwaacz/aurweb
  • jelle/aurweb
  • ffy00/aurweb
  • archlinux/aurweb
44 results
Show changes
Commits on Source (2)
......@@ -2,6 +2,7 @@ from fastapi import Request
from aurweb import db, schema
from aurweb.models.declarative import Base
from aurweb.util import get_client_ip
class Ban(Base):
......@@ -14,6 +15,6 @@ class Ban(Base):
def is_banned(request: Request):
ip = request.client.host
ip = get_client_ip(request)
exists = db.query(Ban).filter(Ban.IPAddress == ip).exists()
return db.query(exists).scalar()
......@@ -122,7 +122,7 @@ class User(Base):
try:
with db.begin():
self.LastLogin = now_ts
self.LastLoginIPAddress = request.client.host
self.LastLoginIPAddress = util.get_client_ip(request)
if not self.session:
sid = generate_unique_sid()
self.session = db.create(
......
......@@ -4,6 +4,7 @@ from redis.client import Pipeline
from aurweb import aur_logging, config, db, time
from aurweb.aur_redis import redis_connection
from aurweb.models import ApiRateLimit
from aurweb.util import get_client_ip
logger = aur_logging.get_logger(__name__)
......@@ -13,7 +14,7 @@ def _update_ratelimit_redis(request: Request, pipeline: Pipeline):
now = time.utcnow()
time_to_delete = now - window_length
host = request.client.host
host = get_client_ip(request)
window_key = f"ratelimit-ws:{host}"
requests_key = f"ratelimit:{host}"
......@@ -55,7 +56,7 @@ def _update_ratelimit_db(request: Request):
record.Requests += 1
return record
host = request.client.host
host = get_client_ip(request)
record = db.query(ApiRateLimit, ApiRateLimit.IP == host).first()
record = retry_create(record, now, host)
......@@ -92,7 +93,7 @@ def check_ratelimit(request: Request):
record = update_ratelimit(request, pipeline)
# Get cache value, else None.
host = request.client.host
host = get_client_ip(request)
pipeline.get(f"ratelimit:{host}")
requests = pipeline.execute()[0]
......
......@@ -80,7 +80,9 @@ def open_session(request, conn, user_id):
conn.execute(
Users.update()
.where(Users.c.ID == user_id)
.values(LastLogin=int(time.time()), LastLoginIPAddress=request.client.host)
.values(
LastLogin=int(time.time()), LastLoginIPAddress=util.get_client_ip(request)
)
)
return sid
......@@ -110,7 +112,7 @@ async def authenticate(
Receive an OpenID Connect ID token, validate it, then process it to create
an new AUR session.
"""
if is_ip_banned(conn, request.client.host):
if is_ip_banned(conn, util.get_client_ip(request)):
_ = get_translator_for_request(request)
raise HTTPException(
status_code=HTTPStatus.FORBIDDEN,
......
......@@ -67,7 +67,7 @@ def invalid_password(
def is_banned(request: Request = None, **kwargs) -> None:
host = request.client.host
host = util.get_client_ip(request)
exists = db.query(models.Ban, models.Ban.IPAddress == host).exists()
if db.query(exists).scalar():
raise ValidationError(
......
......@@ -208,3 +208,11 @@ def hash_query(query: Query):
return sha1(
str(query.statement.compile(compile_kwargs={"literal_binds": True})).encode()
).hexdigest()
def get_client_ip(request: fastapi.Request) -> str:
"""
Returns the client's IP address for a Request.
Falls back to 'no-client' is request.client is None
"""
return request.client.host if request.client else "no-client"
......@@ -551,19 +551,18 @@ lua = ["lupa (>=1.14,<3.0)"]
[[package]]
name = "fastapi"
version = "0.104.1"
version = "0.109.0"
description = "FastAPI framework, high performance, easy to learn, fast to code, ready for production"
optional = false
python-versions = ">=3.8"
files = [
{file = "fastapi-0.104.1-py3-none-any.whl", hash = "sha256:752dc31160cdbd0436bb93bad51560b57e525cbb1d4bbf6f4904ceee75548241"},
{file = "fastapi-0.104.1.tar.gz", hash = "sha256:e5e4540a7c5e1dcfbbcf5b903c234feddcdcd881f191977a1c5dfd917487e7ae"},
{file = "fastapi-0.109.0-py3-none-any.whl", hash = "sha256:8c77515984cd8e8cfeb58364f8cc7a28f0692088475e2614f7bf03275eba9093"},
{file = "fastapi-0.109.0.tar.gz", hash = "sha256:b978095b9ee01a5cf49b19f4bc1ac9b8ca83aa076e770ef8fd9af09a2b88d191"},
]
[package.dependencies]
anyio = ">=3.7.1,<4.0.0"
pydantic = ">=1.7.4,<1.8 || >1.8,<1.8.1 || >1.8.1,<2.0.0 || >2.0.0,<2.0.1 || >2.0.1,<2.1.0 || >2.1.0,<3.0.0"
starlette = ">=0.27.0,<0.28.0"
starlette = ">=0.35.0,<0.36.0"
typing-extensions = ">=4.8.0"
[package.extras]
......@@ -1748,13 +1747,13 @@ parse = ">=1.19.0,<2.0.0"
[[package]]
name = "starlette"
version = "0.27.0"
version = "0.35.0"
description = "The little ASGI library that shines."
optional = false
python-versions = ">=3.7"
python-versions = ">=3.8"
files = [
{file = "starlette-0.27.0-py3-none-any.whl", hash = "sha256:918416370e846586541235ccd38a474c08b80443ed31c578a418e2209b3eef91"},
{file = "starlette-0.27.0.tar.gz", hash = "sha256:6a6b0d042acb8d469a01eba54e9cda6cbd24ac602c4cd016723117d6a7e73b75"},
{file = "starlette-0.35.0-py3-none-any.whl", hash = "sha256:521234a99a5b5a11de1d0e2e8cea775cf2eeb081ad9dec3d9cecc8aed5ea11a7"},
{file = "starlette-0.35.0.tar.gz", hash = "sha256:9948a414f77f20177d9f54ff00a5c50bc86f5048fc473e63457362ee345ae9ae"},
]
[package.dependencies]
......@@ -2007,4 +2006,4 @@ testing = ["big-O", "jaraco.functools", "jaraco.itertools", "more-itertools", "p
[metadata]
lock-version = "2.0"
python-versions = ">=3.9,<3.12"
content-hash = "3c931b9e7957fc045d5e2356688606356f730c7a814958eb64ba9d5079f670e9"
content-hash = "aae9de8c79fd967647a8a8e24dd3095f913c53e0120c7f79d5228b150c9e0e8f"
......@@ -94,7 +94,7 @@ pytest-xdist = "^3.5.0"
filelock = "^3.13.1"
posix-ipc = "^1.1.1"
pyalpm = "^0.10.6"
fastapi = "^0.104.1"
fastapi = "^0.109.0"
srcinfo = "^0.1.2"
tomlkit = "^0.12.0"
......
......@@ -391,9 +391,10 @@ def test_post_register_error_invalid_captcha(client: TestClient):
def test_post_register_error_ip_banned(client: TestClient):
# 'testclient' is used as request.client.host via FastAPI TestClient.
# 'no-client' is our fallback value in case request.client is None
# which is the case for TestClient
with db.begin():
create(Ban, IPAddress="testclient", BanTS=datetime.utcnow())
create(Ban, IPAddress="no-client", BanTS=datetime.utcnow())
with client as request:
response = post_register(request)
......
......@@ -310,10 +310,10 @@ def pipeline():
redis = redis_connection()
pipeline = redis.pipeline()
# The 'testclient' host is used when requesting the app
# via fastapi.testclient.TestClient.
pipeline.delete("ratelimit-ws:testclient")
pipeline.delete("ratelimit:testclient")
# 'no-client' is our fallback value in case request.client is None
# which is the case for TestClient
pipeline.delete("ratelimit-ws:no-client")
pipeline.delete("ratelimit:no-client")
pipeline.execute()
yield pipeline
......@@ -760,8 +760,8 @@ def test_rpc_ratelimit(
assert response.status_code == int(HTTPStatus.TOO_MANY_REQUESTS)
# Delete the cached records.
pipeline.delete("ratelimit-ws:testclient")
pipeline.delete("ratelimit:testclient")
pipeline.delete("ratelimit-ws:no-client")
pipeline.delete("ratelimit:no-client")
one, two = pipeline.execute()
assert one and two
......