pyfedi/pyfedi.py

# This file is part of pyfedi, which is licensed under the GNU General Public License (GPL) version 3.0.
# You should have received a copy of the GPL along with this program. If not, see <http://www.gnu.org/licenses/>.
from datetime import datetime

from flask_babel import get_locale
from flask_login import current_user

from app import create_app, db, cli
import os, click
from flask import session, g, json, request, current_app
from app.constants import POST_TYPE_LINK, POST_TYPE_IMAGE, POST_TYPE_ARTICLE, POST_TYPE_VIDEO
from app.models import Site
from app.utils import getmtime, gibberish, shorten_string, shorten_url, digits, user_access, community_membership, \
    can_create_post, can_upvote, can_downvote, shorten_number, ap_datetime, current_theme, community_link_to_href, \
    in_sorted_list

app = create_app()
cli.register(app)


@app.context_processor
def app_context_processor():
    def getmtime(filename):
        return os.path.getmtime('app/static/' + filename)
    return dict(getmtime=getmtime, post_type_link=POST_TYPE_LINK, post_type_image=POST_TYPE_IMAGE,
                post_type_article=POST_TYPE_ARTICLE, post_type_video=POST_TYPE_VIDEO)


@app.shell_context_processor
def make_shell_context():
    return {'db': db, 'app': app}


with app.app_context():
    app.jinja_env.globals['getmtime'] = getmtime
    app.jinja_env.globals['len'] = len
    app.jinja_env.globals['digits'] = digits
    app.jinja_env.globals['str'] = str
    app.jinja_env.globals['shorten_number'] = shorten_number
    app.jinja_env.globals['community_membership'] = community_membership
    app.jinja_env.globals['json_loads'] = json.loads
    app.jinja_env.globals['user_access'] = user_access
    app.jinja_env.globals['ap_datetime'] = ap_datetime
    app.jinja_env.globals['can_create'] = can_create_post
    app.jinja_env.globals['can_upvote'] = can_upvote
    app.jinja_env.globals['can_downvote'] = can_downvote
    app.jinja_env.globals['in_sorted_list'] = in_sorted_list
    app.jinja_env.globals['theme'] = current_theme
    app.jinja_env.globals['file_exists'] = os.path.exists
    app.jinja_env.filters['community_links'] = community_link_to_href
    app.jinja_env.filters['shorten'] = shorten_string
    app.jinja_env.filters['shorten_url'] = shorten_url


@app.before_request
def before_request():
    session['nonce'] = gibberish()
    g.locale = str(get_locale())
    if request.path != '/inbox' and not request.path.startswith('/static/'):        # do not load g.site on shared inbox, to increase chance of duplicate detection working properly
        g.site = Site.query.get(1)
    if current_user.is_authenticated:
        current_user.last_seen = datetime.utcnow()
        current_user.email_unread_sent = False
    else:
        if session.get('Referer') is None and \
                request.headers.get('Referer') is not None and \
                current_app.config['SERVER_NAME'] not in request.headers.get('Referer'):
            session['Referer'] = request.headers.get('Referer')


@app.after_request
def after_request(response):
    if 'auth/register' not in request.path:
        response.headers['Content-Security-Policy'] = f"script-src 'self' https://cdnjs.cloudflare.com https://cdn.jsdelivr.net 'nonce-{session['nonce']}'"
        response.headers['Strict-Transport-Security'] = 'max-age=63072000; includeSubDomains; preload'
        response.headers['X-Content-Type-Options'] = 'nosniff'
        response.headers['X-Frame-Options'] = 'DENY'
    return response
activitypub - signatures wip 2023-08-22 21:24:11 +12:00			`# This file is part of pyfedi, which is licensed under the GNU General Public License (GPL) version 3.0.`
			`# You should have received a copy of the GPL along with this program. If not, see <http://www.gnu.org/licenses/>.`
track user last_seen more reliably 2024-02-21 20:00:22 +13:00			`from datetime import datetime`

view community, view posts in community 2023-10-02 22:16:44 +13:00			`from flask_babel import get_locale`
track user last_seen more reliably 2024-02-21 20:00:22 +13:00			`from flask_login import current_user`
activitypub - signatures wip 2023-08-22 21:24:11 +12:00
minimal flask app starting point 2023-07-28 16:22:12 +12:00			`from app import create_app, db, cli`
community list and beginning of viewing community 2023-08-29 22:01:06 +12:00			`import os, click`
email notifications fixes #18 2024-02-23 16:52:17 +13:00			`from flask import session, g, json, request, current_app`
video as a entirely separate post type 2024-04-16 20:59:58 +12:00			`from app.constants import POST_TYPE_LINK, POST_TYPE_IMAGE, POST_TYPE_ARTICLE, POST_TYPE_VIDEO`
home page, expanded admin area and domain blocking 2023-12-17 00:12:49 +13:00			`from app.models import Site`
communities that are local-only, w access control for posting and voting 2024-01-02 19:41:00 +13:00			`from app.utils import getmtime, gibberish, shorten_string, shorten_url, digits, user_access, community_membership, \`
show if a piece of content has already been voted on 2024-04-11 14:04:57 +12:00			`can_create_post, can_upvote, can_downvote, shorten_number, ap_datetime, current_theme, community_link_to_href, \`
			`in_sorted_list`
minimal flask app starting point 2023-07-28 16:22:12 +12:00
			`app = create_app()`
			`cli.register(app)`


			`@app.context_processor`
backfill old posts when a remote community is added 2023-12-21 22:14:43 +13:00			`def app_context_processor():`
minimal flask app starting point 2023-07-28 16:22:12 +12:00			`def getmtime(filename):`
			`return os.path.getmtime('app/static/' + filename)`
video as a entirely separate post type 2024-04-16 20:59:58 +12:00			`return dict(getmtime=getmtime, post_type_link=POST_TYPE_LINK, post_type_image=POST_TYPE_IMAGE,`
			`post_type_article=POST_TYPE_ARTICLE, post_type_video=POST_TYPE_VIDEO)`
minimal flask app starting point 2023-07-28 16:22:12 +12:00

			`@app.shell_context_processor`
			`def make_shell_context():`
UI to create posts 2023-09-17 21:19:51 +12:00			`return {'db': db, 'app': app}`
community list and beginning of viewing community 2023-08-29 22:01:06 +12:00

			`with app.app_context():`
			`app.jinja_env.globals['getmtime'] = getmtime`
view community, view posts in community 2023-10-02 22:16:44 +13:00			`app.jinja_env.globals['len'] = len`
show replies below posts 2023-10-10 22:25:37 +13:00			`app.jinja_env.globals['digits'] = digits`
view community, view posts in community 2023-10-02 22:16:44 +13:00			`app.jinja_env.globals['str'] = str`
display 1200 votes as 1.2k 2024-01-10 09:44:59 +13:00			`app.jinja_env.globals['shorten_number'] = shorten_number`
subscription and unsubscription to remote communities - lemmy bugs also local cache busting 2023-12-03 22:41:15 +13:00			`app.jinja_env.globals['community_membership'] = community_membership`
debug lemmy vote federation 2023-11-24 22:28:31 +13:00			`app.jinja_env.globals['json_loads'] = json.loads`
user banning and purging 2023-10-21 15:49:01 +13:00			`app.jinja_env.globals['user_access'] = user_access`
sitemap of local posts 2024-01-24 17:02:48 +13:00			`app.jinja_env.globals['ap_datetime'] = ap_datetime`
allow comments on posts in communities that are restricted to mods 2024-02-24 11:07:06 +13:00			`app.jinja_env.globals['can_create'] = can_create_post`
communities that are local-only, w access control for posting and voting 2024-01-02 19:41:00 +13:00			`app.jinja_env.globals['can_upvote'] = can_upvote`
			`app.jinja_env.globals['can_downvote'] = can_downvote`
show if a piece of content has already been voted on 2024-04-11 14:04:57 +12:00			`app.jinja_env.globals['in_sorted_list'] = in_sorted_list`
theme engine and high contrast theme fixes #27 fixes #19 2024-02-07 17:31:12 +13:00			`app.jinja_env.globals['theme'] = current_theme`
			`app.jinja_env.globals['file_exists'] = os.path.exists`
move code to standard places #125 2024-03-29 15:58:25 +13:00			`app.jinja_env.filters['community_links'] = community_link_to_href`
view community, view posts in community 2023-10-02 22:16:44 +13:00			`app.jinja_env.filters['shorten'] = shorten_string`
			`app.jinja_env.filters['shorten_url'] = shorten_url`


			`@app.before_request`
			`def before_request():`
			`session['nonce'] = gibberish()`
			`g.locale = str(get_locale())`
speed up redis-based dup detection by avoiding touching the DB in before_request() #135 2024-04-09 08:14:25 +12:00			`if request.path != '/inbox' and not request.path.startswith('/static/'): # do not load g.site on shared inbox, to increase chance of duplicate detection working properly`
			`g.site = Site.query.get(1)`
track user last_seen more reliably 2024-02-21 20:00:22 +13:00			`if current_user.is_authenticated:`
			`current_user.last_seen = datetime.utcnow()`
email notifications fixes #18 2024-02-23 16:52:17 +13:00			`current_user.email_unread_sent = False`
			`else:`
			`if session.get('Referer') is None and \`
			`request.headers.get('Referer') is not None and \`
			`current_app.config['SERVER_NAME'] not in request.headers.get('Referer'):`
			`session['Referer'] = request.headers.get('Referer')`
view community, view posts in community 2023-10-02 22:16:44 +13:00

			`@app.after_request`
			`def after_request(response):`
disable xss protection on registration form to ensure captcha works 2024-01-18 15:26:37 +13:00			`if 'auth/register' not in request.path:`
			`response.headers['Content-Security-Policy'] = f"script-src 'self' https://cdnjs.cloudflare.com https://cdn.jsdelivr.net 'nonce-{session['nonce']}'"`
			`response.headers['Strict-Transport-Security'] = 'max-age=63072000; includeSubDomains; preload'`
			`response.headers['X-Content-Type-Options'] = 'nosniff'`
			`response.headers['X-Frame-Options'] = 'DENY'`
view community, view posts in community 2023-10-02 22:16:44 +13:00			`return response`