[ipfire.org.git] / src / web / base.py

#!/usr/bin/python

import datetime
import dateutil.parser
import functools
import http.client
import ipaddress
import logging
import time
import tornado.locale
import tornado.web

from ..decorators import *
from .. import util

def blacklisted(method):
	@tornado.gen.coroutine
	@functools.wraps(method)
	def wrapper(self, *args, **kwargs):
		# Check if remote is blacklisted
		is_blacklisted = yield self.remote.is_blacklisted()

		# If so, redirect to the blocked page
		if is_blacklisted:
			logging.warning("%s is blacklisted" % self.remote)

			return self.redirect("https://www.ipfire.org/blocked")

		return method(self, *args, **kwargs)

	return wrapper


class BaseHandler(tornado.web.RequestHandler):
	def set_expires(self, seconds):
		# For HTTP/1.1
		self.add_header("Cache-Control", "max-age=%s, must-revalidate" % seconds)

		# For HTTP/1.0
		expires = datetime.datetime.utcnow() + datetime.timedelta(seconds=seconds)
		self.add_header("Expires", expires)

	def write_error(self, status_code, **kwargs):
		# Translate code into message
		try:
			message = http.client.responses[status_code]
		except KeyError:
			message = None

		self.render("error.html", status_code=status_code, message=message, **kwargs)

	def xsrf_form_html(self, *args, **kwargs):
		# Set Vary: Cookie header
		self.add_header("Vary", "Cookie")

		return super().xsrf_form_html(*args, **kwargs)

	@property
	def hostname(self):
		# Remove the development prefix
		return self.request.host.replace(".dev.", ".")

	def get_template_namespace(self):
		ns = tornado.web.RequestHandler.get_template_namespace(self)

		now = datetime.date.today()

		ns.update({
			"backend" : self.backend,
			"debug" : self.application.settings.get("debug", False),
			"format_size" : util.format_size,
			"format_time" : util.format_time,
			"hostname" : self.hostname,
			"now" : now,
			"year" : now.year,
		})

		return ns

	def get_remote_ip(self):
		# Fix for clients behind a proxy that sends "X-Forwarded-For".
		remote_ips = self.request.remote_ip.split(", ")

		for remote_ip in remote_ips:
			try:
				addr = ipaddress.ip_address(remote_ip)
			except ValueError:
				# Skip invalid IP addresses.
				continue

			# Check if the given IP address is from a
			# private network.
			if addr.is_private:
				continue

			return remote_ip

		# Return the last IP if nothing else worked
		return remote_ips.pop()

	@lazy_property
	def remote(self):
		address = self.get_remote_ip()

		if address:
			return self.backend.geoip.lookup(address)

	@lazy_property
	def current_country_code(self):
		remote_ip = self.get_remote_ip()

		if remote_ip:
			return self.backend.geoip.get_country(remote_ip)

	def get_remote_location(self):
		if not hasattr(self, "__remote_location"):
			remote_ip = self.get_remote_ip()

			self.__remote_location = self.geoip.get_location(remote_ip)

		return self.__remote_location

	def get_argument_int(self, *args, **kwargs):
		arg = self.get_argument(*args, **kwargs)

		if arg is None or arg == "":
			return

		try:
			return int(arg)
		except ValueError:
			raise tornado.web.HTTPError(400)

	def get_argument_date(self, arg, *args, **kwargs):
		value = self.get_argument(arg, *args, **kwargs)
		if value is None:
			return

		try:
			return dateutil.parser.parse(value)
		except ValueError:
			raise tornado.web.HTTPError(400)

	def get_file(self, name):
		try:
			file = self.request.files[name][0]

			return file["filename"], file["body"], file["content_type"]
		except KeyError:
			return None

	# Login stuff

	def get_current_user(self):
		session_id = self.get_cookie("session_id")
		if not session_id:
			return

		# Get account from the session object
		account = self.backend.accounts.get_by_session(session_id, self.request.host)

		# If the account was not found or the session was not valid
		# any more, we will remove the cookie.
		if not account:
			self.clear_cookie("session_id")

		return account

	@property
	def backend(self):
		return self.application.backend

	@property
	def db(self):
		return self.backend.db

	@property
	def accounts(self):
		return self.backend.accounts

	@property
	def downloads(self):
		return self.backend.downloads

	@property
	def fireinfo(self):
		return self.backend.fireinfo

	@property
	def iuse(self):
		return self.backend.iuse

	@property
	def mirrors(self):
		return self.backend.mirrors

	@property
	def netboot(self):
		return self.backend.netboot

	@property
	def releases(self):
		return self.backend.releases

	@property
	def geoip(self):
		return self.backend.geoip

	@property
	def talk(self):
		return self.backend.talk


class NotFoundHandler(BaseHandler):
	def prepare(self):
		# Raises 404 as soon as it is called
		raise tornado.web.HTTPError(404)


class ErrorHandler(BaseHandler):
	"""
		Raises any error we want
	"""
	def get(self, code):
		try:
			code = int(code)
		except:
			raise tornado.web.HTTPError(400)

		raise tornado.web.HTTPError(code)


class BlockedHandler(BaseHandler):
	def get(self):
		# 403 - Forbidden
		self.set_status(403)

		self.render("static/blocked.html", address=self.get_remote_ip())
Commit	Line	Data
940227cb MT	1	#!/usr/bin/python
940227cb MT	2
cc3b928d	3	import datetime
66862195	4	import dateutil.parser
cfe7d74c	5	import functools
11347e46	6	import http.client
a69e87a1	7	import ipaddress
47ed77ed	8	import logging
940227cb MT	9	import time
	10	import tornado.locale
	11	import tornado.web
	12
f110a9ff	13	from ..decorators import *
a95c2f97	14	from .. import util
60024cc8	15
cfe7d74c MT	16	def blacklisted(method):
	17	@tornado.gen.coroutine
	18	@functools.wraps(method)
	19	def wrapper(self, args, *kwargs):
	20	# Check if remote is blacklisted
	21	is_blacklisted = yield self.remote.is_blacklisted()
	22
	23	# If so, redirect to the blocked page
	24	if is_blacklisted:
	25	logging.warning("%s is blacklisted" % self.remote)
	26
	27	return self.redirect("https://www.ipfire.org/blocked")
	28
	29	return method(self, args, *kwargs)
	30
	31	return wrapper
	32
	33
940227cb	34	class BaseHandler(tornado.web.RequestHandler):
f6ed3d4d MT	35	def set_expires(self, seconds):
f6ed3d4d MT	36	# For HTTP/1.1
b592d7c8	37	self.add_header("Cache-Control", "max-age=%s, must-revalidate" % seconds)
f6ed3d4d MT	38
	39	# For HTTP/1.0
	40	expires = datetime.datetime.utcnow() + datetime.timedelta(seconds=seconds)
b592d7c8	41	self.add_header("Expires", expires)
f6ed3d4d	42
37ed7c3c MT	43	def write_error(self, status_code, **kwargs):
	44	# Translate code into message
	45	try:
11347e46	46	message = http.client.responses[status_code]
37ed7c3c MT	47	except KeyError:
	48	message = None
	49
	50	self.render("error.html", status_code=status_code, message=message, **kwargs)
	51
d3d02231 MT	52	def xsrf_form_html(self, args, *kwargs):
	53	# Set Vary: Cookie header
	54	self.add_header("Vary", "Cookie")
	55
	56	return super().xsrf_form_html(args, *kwargs)
	57
4ca1a601 MT	58	@property
	59	def hostname(self):
	60	# Remove the development prefix
	61	return self.request.host.replace(".dev.", ".")
	62
bff08cb0 MT	63	def get_template_namespace(self):
	64	ns = tornado.web.RequestHandler.get_template_namespace(self)
	65
911064cf	66	now = datetime.date.today()
cc3b928d	67
bff08cb0	68	ns.update({
6c13ca2d	69	"backend" : self.backend,
5613b94b	70	"debug" : self.application.settings.get("debug", False),
a95c2f97 MT	71	"format_size" : util.format_size,
a95c2f97 MT	72	"format_time" : util.format_time,
4ca1a601	73	"hostname" : self.hostname,
911064cf MT	74	"now" : now,
911064cf MT	75	"year" : now.year,
bff08cb0	76	})
940227cb	77
bff08cb0	78	return ns
940227cb	79
9068dba1 MT	80	def get_remote_ip(self):
9068dba1 MT	81	# Fix for clients behind a proxy that sends "X-Forwarded-For".
66862195	82	remote_ips = self.request.remote_ip.split(", ")
494d80e6	83
66862195 MT	84	for remote_ip in remote_ips:
66862195 MT	85	try:
a69e87a1	86	addr = ipaddress.ip_address(remote_ip)
66862195 MT	87	except ValueError:
	88	# Skip invalid IP addresses.
	89	continue
9068dba1	90
66862195 MT	91	# Check if the given IP address is from a
	92	# private network.
	93	if addr.is_private:
	94	continue
9068dba1	95
66862195	96	return remote_ip
9068dba1	97
494d80e6 MT	98	# Return the last IP if nothing else worked
	99	return remote_ips.pop()
	100
cfe7d74c MT	101	@lazy_property
	102	def remote(self):
	103	address = self.get_remote_ip()
	104
	105	if address:
	106	return self.backend.geoip.lookup(address)
	107
f110a9ff MT	108	@lazy_property
	109	def current_country_code(self):
	110	remote_ip = self.get_remote_ip()
	111
	112	if remote_ip:
	113	return self.backend.geoip.get_country(remote_ip)
	114
9068dba1 MT	115	def get_remote_location(self):
	116	if not hasattr(self, "__remote_location"):
	117	remote_ip = self.get_remote_ip()
	118
	119	self.__remote_location = self.geoip.get_location(remote_ip)
	120
	121	return self.__remote_location
	122
bd2723d4 MT	123	def get_argument_int(self, args, *kwargs):
	124	arg = self.get_argument(args, *kwargs)
	125
	126	if arg is None or arg == "":
	127	return
	128
	129	try:
	130	return int(arg)
	131	except ValueError:
	132	raise tornado.web.HTTPError(400)
	133
66862195 MT	134	def get_argument_date(self, arg, args, *kwargs):
	135	value = self.get_argument(arg, args, *kwargs)
	136	if value is None:
	137	return
	138
	139	try:
	140	return dateutil.parser.parse(value)
	141	except ValueError:
	142	raise tornado.web.HTTPError(400)
	143
5cc10421 MT	144	def get_file(self, name):
	145	try:
	146	file = self.request.files[name][0]
	147
	148	return file["filename"], file["body"], file["content_type"]
	149	except KeyError:
	150	return None
	151
66862195 MT	152	# Login stuff
	153
	154	def get_current_user(self):
	155	session_id = self.get_cookie("session_id")
	156	if not session_id:
	157	return
	158
	159	# Get account from the session object
	160	account = self.backend.accounts.get_by_session(session_id, self.request.host)
	161
	162	# If the account was not found or the session was not valid
	163	# any more, we will remove the cookie.
	164	if not account:
	165	self.clear_cookie("session_id")
	166
	167	return account
	168
a6dc0bad MT	169	@property
	170	def backend(self):
	171	return self.application.backend
	172
9068dba1 MT	173	@property
	174	def db(self):
	175	return self.backend.db
	176
940227cb MT	177	@property
940227cb MT	178	def accounts(self):
a6dc0bad	179	return self.backend.accounts
940227cb MT	180
940227cb MT	181	@property
9068dba1 MT	182	def downloads(self):
	183	return self.backend.downloads
	184
66862195 MT	185	@property
	186	def fireinfo(self):
	187	return self.backend.fireinfo
	188
9068dba1 MT	189	@property
	190	def iuse(self):
	191	return self.backend.iuse
940227cb MT	192
	193	@property
	194	def mirrors(self):
9068dba1 MT	195	return self.backend.mirrors
	196
	197	@property
	198	def netboot(self):
	199	return self.backend.netboot
940227cb	200
940227cb MT	201	@property
940227cb MT	202	def releases(self):
9068dba1	203	return self.backend.releases
940227cb MT	204
940227cb MT	205	@property
9068dba1 MT	206	def geoip(self):
9068dba1 MT	207	return self.backend.geoip
940227cb MT	208
940227cb MT	209	@property
66862195 MT	210	def talk(self):
66862195 MT	211	return self.backend.talk
940227cb	212
66862195	213
3403dc5e MT	214	class NotFoundHandler(BaseHandler):
	215	def prepare(self):
	216	# Raises 404 as soon as it is called
	217	raise tornado.web.HTTPError(404)
	218
3403dc5e	219
37ed7c3c MT	220	class ErrorHandler(BaseHandler):
	221	"""
	222	Raises any error we want
	223	"""
	224	def get(self, code):
	225	try:
	226	code = int(code)
	227	except:
	228	raise tornado.web.HTTPError(400)
	229
	230	raise tornado.web.HTTPError(code)
baa693a3 MT	231
	232
	233	class BlockedHandler(BaseHandler):
	234	def get(self):
	235	# 403 - Forbidden
	236	self.set_status(403)
	237
	238	self.render("static/blocked.html", address=self.get_remote_ip())