From c6888c739cdf4bf85f66fcf2b74feae0830c5195 Mon Sep 17 00:00:00 2001 From: helloplhm-qwq Date: Sun, 17 Dec 2023 14:17:30 +0800 Subject: [PATCH] =?UTF-8?q?revert:=20fix:=20#1=EF=BC=88=E5=AD=98=E5=9C=A8n?= =?UTF-8?q?ginx=E5=8F=8D=E4=BB=A3=E6=97=B6=E6=8A=A5=E9=94=99=E7=9A=84?= =?UTF-8?q?=E9=97=AE=E9=A2=98=E3=80=81flask=E7=AB=AF=E6=97=A0=E6=B3=95?= =?UTF-8?q?=E4=BD=BF=E7=94=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- main-flask.py | 4 ++-- main.py | 65 ++++++++++++++++++++++++++------------------------- 2 files changed, 35 insertions(+), 34 deletions(-) diff --git a/main-flask.py b/main-flask.py index d1c08d9..5d98a46 100644 --- a/main-flask.py +++ b/main-flask.py @@ -27,11 +27,11 @@ logger = log.log("main") from common import lxsecurity from common import Httpx -from modules import handleApiRequest from flask import Response import threading import ujson as json import traceback +import modules import time threading.Thread(target=Httpx.checkcn).start() @@ -58,7 +58,7 @@ async def handle(method, source, songId, quality): if method == 'url': try: - return handleResult(await handleApiRequest(source, songId, quality)) + return handleResult(await getattr(modules, method)(source, songId, quality)) except Exception as e: logger.error(traceback.format_exc()) return handleResult({'code': 4, 'msg': '内部服务器错误', 'data': None}), 500 diff --git a/main.py b/main.py index dde82ad..c286743 100644 --- a/main.py +++ b/main.py @@ -35,37 +35,38 @@ def start_checkcn_thread(): # check request info before start async def handle_before_request(app, handler): async def handle_request(request): - # nginx proxy header - if (request.headers.get("X-Real-IP")): - request.remote_addr = request.headers.get("X-Real-IP") - else: - request.remote_addr = request.remote - # check ip - if (config.check_ip_banned(request.remote_addr)): - return handleResult({"code": 1, "msg": "您的IP已被封禁", "data": None}, 403) - # check global rate limit - if ( - (time.time() - config.getRequestTime('global')) - < - (config.read_config("security.rate_limit.global")) - ): - return handleResult({"code": 5, "msg": "全局限速", "data": None}, 429) - if ( - (time.time() - config.getRequestTime(request.remote_addr)) - < - (config.read_config("security.rate_limit.ip")) - ): - return handleResult({"code": 5, "msg": "IP限速", "data": None}, 429) - # update request time - config.updateRequestTime('global') - config.updateRequestTime(request.remote_addr) - # check host - if (config.read_config("security.allowed_host.enable")): - if request.remote_host.split(":")[0] not in config.read_config("security.allowed_host.list"): - if config.read_config("security.allowed_host.blacklist.enable"): - config.ban_ip(request.remote_addr, int(config.read_config("security.allowed_host.blacklist.length"))) - return handleResult({'code': 6, 'msg': '未找到您所请求的资源', 'data': None}, 404) try: + # nginx proxy header + if (request.headers.get("X-Real-IP")): + request.remote_addr = request.headers.get("X-Real-IP") + else: + request.remote_addr = request.remote + # check ip + if (config.check_ip_banned(request.remote_addr)): + return handleResult({"code": 1, "msg": "您的IP已被封禁", "data": None}, 403) + # check global rate limit + if ( + (time.time() - config.getRequestTime('global')) + < + (config.read_config("security.rate_limit.global")) + ): + return handleResult({"code": 5, "msg": "全局限速", "data": None}, 429) + if ( + (time.time() - config.getRequestTime(request.remote_addr)) + < + (config.read_config("security.rate_limit.ip")) + ): + return handleResult({"code": 5, "msg": "IP限速", "data": None}, 429) + # update request time + config.updateRequestTime('global') + config.updateRequestTime(request.remote_addr) + # check host + if (config.read_config("security.allowed_host.enable")): + if request.remote_host.split(":")[0] not in config.read_config("security.allowed_host.list"): + if config.read_config("security.allowed_host.blacklist.enable"): + config.ban_ip(request.remote_addr, int(config.read_config("security.allowed_host.blacklist.length"))) + return handleResult({'code': 6, 'msg': '未找到您所请求的资源', 'data': None}, 404) + resp = await handler(request) aiologger.info(f'{request.remote_addr} - {request.method} "{request.path}", {resp.status}') return resp @@ -86,13 +87,13 @@ async def handle(request): if (config.read_config("security.key.enable") and request.host.split(':')[0] not in config.read_config('security.whitelist_host')): if (request.headers.get("X-Request-Key")) != config.read_config("security.key.value"): if (config.read_config("security.key.ban")): - config.ban_ip(request.remote) + config.ban_ip(request.remote_addr) return handleResult({"code": 1, "msg": "key验证失败", "data": None}, 403) if (config.read_config('security.check_lxm.enable') and request.host.split(':')[0] not in config.read_config('security.whitelist_host')): lxm = request.headers.get('lxm') if (not lxsecurity.checklxmheader(lxm, request.url)): if (config.read_config('security.lxm_ban.enable')): - config.ban_ip(request.remote) + config.ban_ip(request.remote_addr) return handleResult({"code": 1, "msg": "lxm请求头验证失败", "data": None}, 403) try: