diff options
| author | Wojtek Kosior <koszko@koszko.org> | 2022-08-18 19:18:00 +0200 |
|---|---|---|
| committer | Wojtek Kosior <koszko@koszko.org> | 2022-09-28 12:54:22 +0200 |
| commit | e1344ae7017b28a54d7714895bd54c8431a20bc6 (patch) | |
| tree | 66bfcb166a87afa10a0b45100231c102385baf08 /src/hydrilla/proxy/web_ui/root.py | |
| parent | 2579081df2a568192887d776a6965af323b7c4ee (diff) | |
| download | haketilo-hydrilla-e1344ae7017b28a54d7714895bd54c8431a20bc6.tar.gz haketilo-hydrilla-e1344ae7017b28a54d7714895bd54c8431a20bc6.zip | |
allow adding, removing and altering repositories
This commit also temporarily breaks package import from files :/
Diffstat (limited to 'src/hydrilla/proxy/web_ui/root.py')
| -rw-r--r-- | src/hydrilla/proxy/web_ui/root.py | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/src/hydrilla/proxy/web_ui/root.py b/src/hydrilla/proxy/web_ui/root.py index 64d6be1..0f42981 100644 --- a/src/hydrilla/proxy/web_ui/root.py +++ b/src/hydrilla/proxy/web_ui/root.py @@ -32,10 +32,13 @@ from __future__ import annotations import typing as t + from threading import Lock +from urllib.parse import urlparse import jinja2 import flask +import werkzeug from ...translations import translation as make_translation from ... import versions @@ -46,6 +49,17 @@ from . import packages from . import _app +def authenticate_by_referrer() -> t.Optional[werkzeug.Response]: + if flask.request.method == 'GET': + return None + + parsed_url = urlparse(flask.request.referrer) + if parsed_url.netloc == 'hkt.mitm.it': + return None + + flask.abort(403) + + class WebUIAppImpl(_app.WebUIApp): def __init__(self): super().__init__(__name__) @@ -60,6 +74,8 @@ class WebUIAppImpl(_app.WebUIApp): ] } + self.before_request(authenticate_by_referrer) + for blueprint in [repos.bp, packages.bp]: self.register_blueprint(blueprint) @@ -71,7 +87,7 @@ app_lock = Lock() @app.route('/') -def respond(): +def respond() -> str: return flask.render_template('root.html.jinja') |