From 5890309460b7bfc70363b0d1c6d28b67e151f653 Mon Sep 17 00:00:00 2001 From: hiddify Date: Tue, 2 Jan 2024 12:45:23 +0100 Subject: [PATCH] chg: add common_bp --- hiddifypanel/base.py | 2 +- hiddifypanel/panel/__init__.py | 2 +- hiddifypanel/panel/auth.py | 21 ++++----- hiddifypanel/panel/cli.py | 6 +-- .../panel/{login => common_bp}/__init__.py | 2 +- .../panel/{login => common_bp}/login.py | 44 +++++++++++++++---- .../{login => common_bp}/templates/login.html | 0 hiddifypanel/panel/hiddify.py | 8 ++-- hiddifypanel/panel/user/user.py | 26 +---------- hiddifypanel/templates/master.html | 2 +- 10 files changed, 58 insertions(+), 55 deletions(-) rename hiddifypanel/panel/{login => common_bp}/__init__.py (56%) rename hiddifypanel/panel/{login => common_bp}/login.py (55%) rename hiddifypanel/panel/{login => common_bp}/templates/login.html (100%) diff --git a/hiddifypanel/base.py b/hiddifypanel/base.py index a2d9b7748..ee22a24cc 100644 --- a/hiddifypanel/base.py +++ b/hiddifypanel/base.py @@ -70,7 +70,7 @@ def create_app(cli=False, **config): init_db() hiddifypanel.panel.auth.init_app(app) - hiddifypanel.panel.login.init_app(app) + hiddifypanel.panel.common_bp.init_app(app) hiddifypanel.panel.common.init_app(app) hiddifypanel.panel.admin.init_app(app) hiddifypanel.panel.user.init_app(app) diff --git a/hiddifypanel/panel/__init__.py b/hiddifypanel/panel/__init__.py index 51ac0b601..da90bf6ad 100644 --- a/hiddifypanel/panel/__init__.py +++ b/hiddifypanel/panel/__init__.py @@ -6,4 +6,4 @@ from . import common from . import commercial from . import auth -from . import login +from . import common_bp diff --git a/hiddifypanel/panel/auth.py b/hiddifypanel/panel/auth.py index 82992cafe..ad4e9ae80 100644 --- a/hiddifypanel/panel/auth.py +++ b/hiddifypanel/panel/auth.py @@ -1,4 +1,4 @@ -from flask_login import LoginManager, current_user, user_accessed, user_logged_in, COOKIE_NAME, AUTH_HEADER_NAME +from flask_login import LoginManager, current_user, user_accessed, user_logged_in, COOKIE_NAME, AUTH_HEADER_NAME, logout_user from flask import g, redirect, request, session, url_for from flask_login.utils import _get_user from flask import current_app @@ -50,14 +50,14 @@ def _load_user(self): has_cookie = ( cookie_name in request.cookies and session.get("_remember") != "clear" ) - if has_cookie: - cookie = request.cookies[cookie_name] - user = self._load_user_from_remember_cookie(cookie) - elif self._request_callback: - user = self._load_user_from_request(request) - elif header_name in request.headers: + if header_name in request.headers: header = request.headers[header_name] user = self._load_user_from_header(header) + elif self._request_callback: + user = self._load_user_from_request(request) + elif has_cookie: + cookie = request.cookies[cookie_name] + user = self._load_user_from_remember_cookie(cookie) return self._update_request_context_with_user(user) @@ -160,8 +160,9 @@ def header_auth(request) -> User | AdminUser | None: g.account = account # g.account_uuid = account.uuid g.is_admin = hiddify.is_admin_role(account.role) # type: ignore - if not is_api_call: - login_user(account) + login_user(account) + else: + logout_user() return account @@ -170,7 +171,7 @@ def unauthorized(): # TODO: show the login page # return request.base_url if g.user_agent.browser: - return redirect(url_for('hlogin.LoginView:basic', force=1, next={request.path})) + return redirect(url_for('common_bp.LoginView:basic_0', force=1, next={request.path})) else: abort(401, "Unauthorized") diff --git a/hiddifypanel/panel/cli.py b/hiddifypanel/panel/cli.py index 43abc716e..5d7f97260 100644 --- a/hiddifypanel/panel/cli.py +++ b/hiddifypanel/panel/cli.py @@ -65,7 +65,7 @@ def all_configs(): configs['hconfigs']['first_setup'] = def_user != None and len(sslip_domains) > 0 - path = f'/{hconfig(ConfigEnum.proxy_path_admin)}/' + path = f'/{hconfig(ConfigEnum.proxy_path_admin)}/l' server_ip = hutils.ip.get_ip(4) configs['admin_path'] = path @@ -101,11 +101,11 @@ def admin_links(): domains = get_panel_domains() admin_links += f"Secure:\n" if not any([d for d in domains if 'sslip.io' not in d.domain]): - admin_links += f" (not signed) {hutils.utils.add_basic_auth_to_url(f'https://{server_ip}/{proxy_path}/', owner.username, owner.password)}\n" + admin_links += f" (not signed) {hutils.utils.add_basic_auth_to_url(f'https://{server_ip}/{proxy_path}/l', owner.username, owner.password)}\n" # domains=[*domains,f'{server_ip}.sslip.io'] for d in domains: - admin_links += f" {hutils.utils.add_basic_auth_to_url(f'https://{d.domain}/{proxy_path}/', owner.username, owner.password)}\n" + admin_links += f" {hutils.utils.add_basic_auth_to_url(f'https://{d.domain}/{proxy_path}/l', owner.username, owner.password)}\n" print(admin_links) return admin_links diff --git a/hiddifypanel/panel/login/__init__.py b/hiddifypanel/panel/common_bp/__init__.py similarity index 56% rename from hiddifypanel/panel/login/__init__.py rename to hiddifypanel/panel/common_bp/__init__.py index d3f84d2c2..f980deb6e 100644 --- a/hiddifypanel/panel/login/__init__.py +++ b/hiddifypanel/panel/common_bp/__init__.py @@ -1,6 +1,6 @@ from .login import LoginView from apiflask import APIBlueprint -bp = APIBlueprint("hlogin", __name__, url_prefix="//", template_folder="templates", enable_openapi=False) +bp = APIBlueprint("common_bp", __name__, url_prefix="//", template_folder="templates", enable_openapi=False) def init_app(app): diff --git a/hiddifypanel/panel/login/login.py b/hiddifypanel/panel/common_bp/login.py similarity index 55% rename from hiddifypanel/panel/login/login.py rename to hiddifypanel/panel/common_bp/login.py index 27c8adfd6..51bbbd342 100644 --- a/hiddifypanel/panel/login/login.py +++ b/hiddifypanel/panel/common_bp/login.py @@ -13,8 +13,8 @@ class LoginView(FlaskView): def index(self, force=None, next=None): force_arg = request.args.get('force') redirect_arg = request.args.get('redirect') - username_arg = request.args.get('user') - if not current_user.is_authenticated or (force_arg and not request.headers.get('Authorization')): + username_arg = request.args.get('user') or '' + if not current_user.is_authenticated: return render_template('login.html', username=username_arg) # abort(401, "Unauthorized1") @@ -31,17 +31,18 @@ def index(self, force=None, next=None): @route("/l/") @route("/l") - def basic(self, force=None, next=None): - force_arg = force or request.args.get('force') - redirect_arg = redirect or request.args.get('redirect') + def basic(self): + force_arg = request.args.get('force') + redirect_arg = request.args.get('next') if not current_user.is_authenticated or (force_arg and not request.headers.get('Authorization')): username = request.authorization.username if request.authorization else '' - nexturl = url_for('hlogin.LoginView:index', force=force, next=next, user=username) - if request.headers.get('Authorization'): + + loginurl = url_for('common_bp.LoginView:index', force=force, next=next, user=username) + if request.headers.get('Authorization') or (auth.current_user and auth.current_user != username): flash(_('Incorrect Password'), 'error') # flash(request.authorization.username, 'error') - return redirect(nexturl) - return render_template("redirect.html", url=nexturl), 401 + return redirect(loginurl) + return render_template("redirect.html", url=loginurl), 401 # abort(401, "Unauthorized1") if redirect_arg: @@ -53,3 +54,28 @@ def basic(self, force=None, next=None): return redirect(url_for('client.UserView:index')) from hiddifypanel.panel.user import UserView return UserView().auto_sub() + + @route('/manifest.webmanifest') + @login_required() + def create_pwa_manifest(self): + domain = urlparse(request.base_url).hostname + name = (domain if g.is_admin else g.user.name) + return jsonify({ + "name": f"Hiddify {name}", + "short_name": f"{name}"[:12], + "theme_color": "#f2f4fb", + "background_color": "#1a1b21", + "display": "standalone", + "scope": f"/", + "start_url": hiddify.hutils.utils.add_basic_auth_to_url(f"https://{domain}/{g.proxy_path}/?pwa=true", g.account.username, g.account.password), + "description": "Hiddify, for a free Internet", + "orientation": "any", + "icons": [ + { + "src": hiddify.static_url_for(filename='images/hiddify-dark.png'), + "sizes": "512x512", + "type": "image/png", + "purpose": "maskable any" + } + ] + }) diff --git a/hiddifypanel/panel/login/templates/login.html b/hiddifypanel/panel/common_bp/templates/login.html similarity index 100% rename from hiddifypanel/panel/login/templates/login.html rename to hiddifypanel/panel/common_bp/templates/login.html diff --git a/hiddifypanel/panel/hiddify.py b/hiddifypanel/panel/hiddify.py index 082781432..c863eccf0 100644 --- a/hiddifypanel/panel/hiddify.py +++ b/hiddifypanel/panel/hiddify.py @@ -242,12 +242,12 @@ def proxy_path_validator(proxy_path): return if proxy_path not in [admin_proxy_path, deprecated_path, client_proxy_path]: - return apiflask_abort(400, Markup(f"Invalid Proxy Path Admin Panel")) if dbg_mode else abort(400, 'invalid request') + abort(400, 'invalid request') - if is_admin_panel_call() and proxy_path not in admin_proxy_path: - return apiflask_abort(400, Markup(f"Invalid Proxy Path Admin Panel")) if dbg_mode else abort(400, 'invalid request') + if is_admin_panel_call() and proxy_path != admin_proxy_path: + abort(400, 'invalid request') if is_user_panel_call() and proxy_path != client_proxy_path: - return apiflask_abort(400, Markup(f"Invalid Proxy Path User Panel")) if dbg_mode else abort(400, 'invalid request') + abort(400, 'invalid request') if is_api_call(request.path): if is_admin_api_call() and proxy_path != admin_proxy_path: diff --git a/hiddifypanel/panel/user/user.py b/hiddifypanel/panel/user/user.py index 14fcdc07d..c5710edb7 100644 --- a/hiddifypanel/panel/user/user.py +++ b/hiddifypanel/panel/user/user.py @@ -381,31 +381,7 @@ def all_configs(self, base64=False): resp = do_base_64(resp) return add_headers(resp, c) - @ route('/manifest.webmanifest') - @login_required() - def create_pwa_manifest(self): - - domain = urlparse(request.base_url).hostname - name = (domain if g.is_admin else g.user.name) - return jsonify({ - "name": f"Hiddify {name}", - "short_name": f"{name}"[:12], - "theme_color": "#f2f4fb", - "background_color": "#1a1b21", - "display": "standalone", - "scope": f"/", - "start_url": f"https://{domain}"+url_for("admin.Dashboard:index" if g.is_admin else "client.UserView:new_1")+"?pwa=true", - "description": "Hiddify, for a free Internet", - "orientation": "any", - "icons": [ - { - "src": hiddify.static_url_for(filename='images/hiddify-dark.png'), - "sizes": "512x512", - "type": "image/png", - "purpose": "maskable any" - } - ] - }) + @login_required(roles={Role.user}) @ route("/offline.html") diff --git a/hiddifypanel/templates/master.html b/hiddifypanel/templates/master.html index 56e1eedd6..06a05080b 100644 --- a/hiddifypanel/templates/master.html +++ b/hiddifypanel/templates/master.html @@ -31,7 +31,7 @@ - +