renil/lx-music-api-server
1
0
Fork 0
mirror of https://github.com/MeoProject/lx-music-api-server.git synced 2025-05-23 19:17:41 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: Merge

Browse Source
This commit is contained in:
helloplhm-qwq 2023-12-17 16:41:18 +08:00
commit 73a039ce94
No known key found for this signature in database
GPG Key ID: B7542212855B2C26
2 changed files with 35 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
main-flask.py
View File

@ -27,11 +27,11 @@ logger = log.log("main")
from common import lxsecurity from common import lxsecurity
from common import Httpx from common import Httpx
from modules import handleApiRequest
from flask import Response from flask import Response
import threading import threading
import ujson as json import ujson as json
import traceback import traceback
import modules
import time import time
threading.Thread(target=Httpx.checkcn).start() threading.Thread(target=Httpx.checkcn).start()
@ -58,7 +58,7 @@ async def handle(method, source, songId, quality):
if method == 'url': if method == 'url':
try: try:
return handleResult(await handleApiRequest(source, songId, quality)) return handleResult(await getattr(modules, method)(source, songId, quality))
except Exception as e: except Exception as e:
logger.error(traceback.format_exc()) logger.error(traceback.format_exc())
return handleResult({'code': 4, 'msg': '内部服务器错误', 'data': None}), 500 return handleResult({'code': 4, 'msg': '内部服务器错误', 'data': None}), 500

65
main.py
View File

@ -35,37 +35,38 @@ def start_checkcn_thread():
# check request info before start # check request info before start
async def handle_before_request(app, handler): async def handle_before_request(app, handler):
async def handle_request(request): async def handle_request(request):
# nginx proxy header
if (request.headers.get("X-Real-IP")):
request.remote_addr = request.headers.get("X-Real-IP")
else:
request.remote_addr = request.remote
# check ip
if (config.check_ip_banned(request.remote_addr)):
return handleResult({"code": 1, "msg": "您的IP已被封禁", "data": None}, 403)
# check global rate limit
if (
(time.time() - config.getRequestTime('global'))
<
(config.read_config("security.rate_limit.global"))
):
return handleResult({"code": 5, "msg": "全局限速", "data": None}, 429)
if (
(time.time() - config.getRequestTime(request.remote_addr))
<
(config.read_config("security.rate_limit.ip"))
):
return handleResult({"code": 5, "msg": "IP限速", "data": None}, 429)
# update request time
config.updateRequestTime('global')
config.updateRequestTime(request.remote_addr)
# check host
if (config.read_config("security.allowed_host.enable")):
if request.remote_host.split(":")[0] not in config.read_config("security.allowed_host.list"):
if config.read_config("security.allowed_host.blacklist.enable"):
config.ban_ip(request.remote_addr, int(config.read_config("security.allowed_host.blacklist.length")))
return handleResult({'code': 6, 'msg': '未找到您所请求的资源', 'data': None}, 404)
try: try:
# nginx proxy header
if (request.headers.get("X-Real-IP")):
request.remote_addr = request.headers.get("X-Real-IP")
else:
request.remote_addr = request.remote
# check ip
if (config.check_ip_banned(request.remote_addr)):
return handleResult({"code": 1, "msg": "您的IP已被封禁", "data": None}, 403)
# check global rate limit
if (
(time.time() - config.getRequestTime('global'))
<
(config.read_config("security.rate_limit.global"))
):
return handleResult({"code": 5, "msg": "全局限速", "data": None}, 429)
if (
(time.time() - config.getRequestTime(request.remote_addr))
<
(config.read_config("security.rate_limit.ip"))
):
return handleResult({"code": 5, "msg": "IP限速", "data": None}, 429)
# update request time
config.updateRequestTime('global')
config.updateRequestTime(request.remote_addr)
# check host
if (config.read_config("security.allowed_host.enable")):
if request.remote_host.split(":")[0] not in config.read_config("security.allowed_host.list"):
if config.read_config("security.allowed_host.blacklist.enable"):
config.ban_ip(request.remote_addr, int(config.read_config("security.allowed_host.blacklist.length")))
return handleResult({'code': 6, 'msg': '未找到您所请求的资源', 'data': None}, 404)
resp = await handler(request) resp = await handler(request)
aiologger.info(f'{request.remote_addr} - {request.method} "{request.path}", {resp.status}') aiologger.info(f'{request.remote_addr} - {request.method} "{request.path}", {resp.status}')
return resp return resp
@ -86,13 +87,13 @@ async def handle(request):
if (config.read_config("security.key.enable") and request.host.split(':')[0] not in config.read_config('security.whitelist_host')): if (config.read_config("security.key.enable") and request.host.split(':')[0] not in config.read_config('security.whitelist_host')):
if (request.headers.get("X-Request-Key")) != config.read_config("security.key.value"): if (request.headers.get("X-Request-Key")) != config.read_config("security.key.value"):
if (config.read_config("security.key.ban")): if (config.read_config("security.key.ban")):
config.ban_ip(request.remote) config.ban_ip(request.remote_addr)
return handleResult({"code": 1, "msg": "key验证失败", "data": None}, 403) return handleResult({"code": 1, "msg": "key验证失败", "data": None}, 403)
if (config.read_config('security.check_lxm.enable') and request.host.split(':')[0] not in config.read_config('security.whitelist_host')): if (config.read_config('security.check_lxm.enable') and request.host.split(':')[0] not in config.read_config('security.whitelist_host')):
lxm = request.headers.get('lxm') lxm = request.headers.get('lxm')
if (not lxsecurity.checklxmheader(lxm, request.url)): if (not lxsecurity.checklxmheader(lxm, request.url)):
if (config.read_config('security.lxm_ban.enable')): if (config.read_config('security.lxm_ban.enable')):
config.ban_ip(request.remote) config.ban_ip(request.remote_addr)
return handleResult({"code": 1, "msg": "lxm请求头验证失败", "data": None}, 403) return handleResult({"code": 1, "msg": "lxm请求头验证失败", "data": None}, 403)
try: try: