glitchy/notes
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

no bad boi UAs

Browse source
This commit is contained in:
i-am-called-glitchy 2025-06-03 15:51:21 +00:00
parent f2ddb16216
commit 2ca8cc2a14
1 changed files with 13 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
app.py
View file

@ -1,4 +1,4 @@
from flask import Flask, request, session, redirect, url_for, render_template, jsonify from flask import Flask, request, session, redirect, url_for, render_template, jsonify, abort
from werkzeug.security import generate_password_hash, check_password_hash from werkzeug.security import generate_password_hash, check_password_hash
from cryptography.fernet import Fernet from cryptography.fernet import Fernet
import os import os
@ -45,6 +45,18 @@ def get_key_for_user(user, password):
key = hashlib.pbkdf2_hmac("sha256", password.encode(), salt + user.encode(), 100_000) key = hashlib.pbkdf2_hmac("sha256", password.encode(), salt + user.encode(), 100_000)
return base64.urlsafe_b64encode(key[:32]) return base64.urlsafe_b64encode(key[:32])
banned_user_agent_patterns = [
re.compile(r'curl/\d+\.\d+(\.\d+)?'),
re.compile(r'python-requests/\d+\.\d+(\.\d+)?'),
]
@app.before_request
def block_banned_user_agents():
ua = request.headers.get("User-Agent", "")
for pattern in banned_user_agent_patterns:
if pattern.search(ua):
abort(403)
# === ROUTES === # === ROUTES ===