diff options
| author | Wojtek Kosior <koszko@koszko.org> | 2022-08-18 19:18:00 +0200 |
|---|---|---|
| committer | Wojtek Kosior <koszko@koszko.org> | 2022-09-09 13:50:35 +0200 |
| commit | 12ff72506af9b3c8cb1ce604d86232600a26e2c2 (patch) | |
| tree | 456cfda6465679c4356c571075471a6e95432286 /src/hydrilla/proxy/web_ui/root.py | |
| parent | 46ac94463bf42c6a071c258a37b2a58e88e0dfaa (diff) | |
| download | haketilo-hydrilla-12ff72506af9b3c8cb1ce604d86232600a26e2c2.tar.gz haketilo-hydrilla-12ff72506af9b3c8cb1ce604d86232600a26e2c2.zip | |
allow adding, removing and altering repositories
This commit also temporarily breaks package import from files :/
Diffstat (limited to 'src/hydrilla/proxy/web_ui/root.py')
| -rw-r--r-- | src/hydrilla/proxy/web_ui/root.py | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/src/hydrilla/proxy/web_ui/root.py b/src/hydrilla/proxy/web_ui/root.py index 64d6be1..0f42981 100644 --- a/src/hydrilla/proxy/web_ui/root.py +++ b/src/hydrilla/proxy/web_ui/root.py @@ -32,10 +32,13 @@ from __future__ import annotations import typing as t + from threading import Lock +from urllib.parse import urlparse import jinja2 import flask +import werkzeug from ...translations import translation as make_translation from ... import versions @@ -46,6 +49,17 @@ from . import packages from . import _app +def authenticate_by_referrer() -> t.Optional[werkzeug.Response]: + if flask.request.method == 'GET': + return None + + parsed_url = urlparse(flask.request.referrer) + if parsed_url.netloc == 'hkt.mitm.it': + return None + + flask.abort(403) + + class WebUIAppImpl(_app.WebUIApp): def __init__(self): super().__init__(__name__) @@ -60,6 +74,8 @@ class WebUIAppImpl(_app.WebUIApp): ] } + self.before_request(authenticate_by_referrer) + for blueprint in [repos.bp, packages.bp]: self.register_blueprint(blueprint) @@ -71,7 +87,7 @@ app_lock = Lock() @app.route('/') -def respond(): +def respond() -> str: return flask.render_template('root.html.jinja') |