open.source/whoogle-search
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rewrite session behavior for public instances

Browse Source 
This introduces a new approach to handling user sessions.

Previously, when a user with cookies disabled would update their config,
this would modify the app's default config file, which would in turn
cause new users to inherit these settings when visiting the app for the
first time. There was also some janky logic for determining on the
backend whether or not a user had cookies disabled, which lead to some
issues with out of control session creation by Flask.

Now, when a user visits the site, their initial request is forwarded to
a `session/<session id>` endpoint, and during that subsequent request
their current session id is matched against the one found in the url. If
the ids match, the user has cookies enabled. If not, their original
request is modified with a 'cookies_disabled' query param that tells
Flask not to bother trying to set up a new session for that user, and
instead just use the app's fallback Fernet key for encryption and the
default config.

Sessions are also now (semi)permanent and have a lifetime of 1 year.
This commit is contained in:
Ben Busby 2021-10-20 21:22:30 -06:00
parent 05c492bf82
commit 30d929f36d
No known key found for this signature in database
GPG Key ID: 339B7B7EB5333D14
6 changed files with 92 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/__init__.py
View File

@ -21,9 +21,9 @@ if os.getenv("WHOOGLE_DOTENV", ''):
dotenv_path)) dotenv_path))
app.default_key = generate_user_key() app.default_key = generate_user_key()
app.no_cookie_ips = []
app.config['SECRET_KEY'] = os.urandom(32) app.config['SECRET_KEY'] = os.urandom(32)
app.config['SESSION_TYPE'] = 'filesystem' app.config['SESSION_TYPE'] = 'filesystem'
app.config['SESSION_COOKIE_SAMESITE'] = 'strict'
app.config['VERSION_NUMBER'] = '0.6.0' app.config['VERSION_NUMBER'] = '0.6.0'
app.config['APP_ROOT'] = os.getenv( app.config['APP_ROOT'] = os.getenv(
'APP_ROOT', 'APP_ROOT',

2
app/models/config.py
View File

@ -18,7 +18,7 @@ class Config:
self.block_title = os.getenv('WHOOGLE_CONFIG_BLOCK_TITLE', '') self.block_title = os.getenv('WHOOGLE_CONFIG_BLOCK_TITLE', '')
self.block_url = os.getenv('WHOOGLE_CONFIG_BLOCK_URL', '') self.block_url = os.getenv('WHOOGLE_CONFIG_BLOCK_URL', '')
self.ctry = os.getenv('WHOOGLE_CONFIG_COUNTRY', '') self.ctry = os.getenv('WHOOGLE_CONFIG_COUNTRY', '')
self.theme = os.getenv('WHOOGLE_CONFIG_THEME', '') self.theme = os.getenv('WHOOGLE_CONFIG_THEME', 'system')
self.safe = read_config_bool('WHOOGLE_CONFIG_SAFE') self.safe = read_config_bool('WHOOGLE_CONFIG_SAFE')
self.dark = read_config_bool('WHOOGLE_CONFIG_DARK') # deprecated self.dark = read_config_bool('WHOOGLE_CONFIG_DARK') # deprecated
self.alts = read_config_bool('WHOOGLE_CONFIG_ALTS') self.alts = read_config_bool('WHOOGLE_CONFIG_ALTS')

120
app/routes.py
View File

@ -5,6 +5,7 @@ import json
import pickle import pickle
import urllib.parse as urlparse import urllib.parse as urlparse
import uuid import uuid
from datetime import timedelta
from functools import wraps from functools import wraps
import waitress import waitress
@ -20,6 +21,7 @@ from bs4 import BeautifulSoup as bsoup
from flask import jsonify, make_response, request, redirect, render_template, \ from flask import jsonify, make_response, request, redirect, render_template, \
send_file, session, url_for send_file, session, url_for
from requests import exceptions from requests import exceptions
from requests.models import PreparedRequest
# Load DDG bang json files only on init # Load DDG bang json files only on init
bang_json = json.load(open(app.config['BANG_FILE'])) bang_json = json.load(open(app.config['BANG_FILE']))
@ -45,23 +47,67 @@ def auth_required(f):
return decorated return decorated
def session_required(f):
@wraps(f)
def decorated(*args, **kwargs):
if (valid_user_session(session) and
'cookies_disabled' not in request.args):
g.session_key = session['key']
else:
invalid_sessions = []
session.pop('_permanent', None)
for user_session in os.listdir(app.config['SESSION_FILE_DIR']):
session_path = os.path.join(
app.config['SESSION_FILE_DIR'],
user_session)
with open(session_path, 'rb') as session_file:
_ = pickle.load(session_file)
data = pickle.load(session_file)
if type(data) == 'dict' and 'valid' in data:
continue
invalid_sessions.append(session_path)
for invalid_session in invalid_sessions:
os.remove(invalid_session)
g.session_key = app.default_key
return f(*args, **kwargs)
return decorated
@app.before_request @app.before_request
def before_request_func(): def before_request_func():
g.request_params = ( g.request_params = (
request.args if request.method == 'GET' else request.form request.args if request.method == 'GET' else request.form
) )
g.cookies_disabled = False
# Skip pre-request actions if verifying session
if '/session' in request.path and not valid_user_session(session):
return
default_config = json.load(open(app.config['DEFAULT_CONFIG'])) \
if os.path.exists(app.config['DEFAULT_CONFIG']) else {}
# Generate session values for user if unavailable # Generate session values for user if unavailable
if not valid_user_session(session): if (not valid_user_session(session) and
session['config'] = json.load(open(app.config['DEFAULT_CONFIG'])) \ 'cookies_disabled' not in request.args):
if os.path.exists(app.config['DEFAULT_CONFIG']) else {} session['config'] = default_config
session['uuid'] = str(uuid.uuid4()) session['uuid'] = str(uuid.uuid4())
session['key'] = generate_user_key(True) session['key'] = generate_user_key()
return redirect(url_for(
# Flag cookies as possibly disabled in order to prevent against 'session_check',
# unnecessary session directory expansion session_id=session['uuid'],
g.cookies_disabled = True follow=request.url), code=307)
elif 'cookies_disabled' not in request.args:
# Set session as permanent
session.permanent = True
app.permanent_session_lifetime = timedelta(days=365)
g.user_config = Config(**session['config'])
else:
# User has cookies disabled, fall back to immutable default config
session.pop('_permanent', None)
g.user_config = Config(**default_config)
# Handle https upgrade # Handle https upgrade
if needs_https(request.url): if needs_https(request.url):
@ -69,8 +115,6 @@ def before_request_func():
request.url.replace('http://', 'https://', 1), request.url.replace('http://', 'https://', 1),
code=308) code=308)
g.user_config = Config(**session['config'])
if not g.user_config.url: if not g.user_config.url:
g.user_config.url = request.url_root.replace( g.user_config.url = request.url_root.replace(
'http://', 'http://',
@ -86,19 +130,6 @@ def before_request_func():
@app.after_request @app.after_request
def after_request_func(resp): def after_request_func(resp):
# Check if address consistently has cookies blocked,
# in which case start removing session files after creation.
#
# Note: This is primarily done to prevent overpopulation of session
# directories, since browsers that block cookies will still trigger
# Flask's session creation routine with every request.
if g.cookies_disabled and request.remote_addr not in app.no_cookie_ips:
app.no_cookie_ips.append(request.remote_addr)
elif g.cookies_disabled and request.remote_addr in app.no_cookie_ips:
session_list = list(session.keys())
for key in session_list:
session.pop(key)
resp.headers['Content-Security-Policy'] = app.config['CSP'] resp.headers['Content-Security-Policy'] = app.config['CSP']
if os.environ.get('HTTPS_ONLY', False): if os.environ.get('HTTPS_ONLY', False):
resp.headers['Content-Security-Policy'] += 'upgrade-insecure-requests' resp.headers['Content-Security-Policy'] += 'upgrade-insecure-requests'
@ -122,12 +153,22 @@ def home():
return redirect(url_for('.index')) return redirect(url_for('.index'))
@app.route('/session/<session_id>', methods=['GET', 'PUT', 'POST'])
def session_check(session_id):
if 'uuid' in session and session['uuid'] == session_id:
session['valid'] = True
return redirect(request.args.get('follow'))
else:
follow_url = request.args.get('follow')
req = PreparedRequest()
req.prepare_url(follow_url, {'cookies_disabled': 1})
session.pop('_permanent', None)
return redirect(req.url, code=307)
@app.route('/', methods=['GET']) @app.route('/', methods=['GET'])
@auth_required @auth_required
def index(): def index():
# Reset keys
session['key'] = generate_user_key(g.cookies_disabled)
# Redirect if an error was raised # Redirect if an error was raised
if 'error_message' in session and session['error_message']: if 'error_message' in session and session['error_message']:
error_message = session['error_message'] error_message = session['error_message']
@ -144,7 +185,10 @@ def index():
logo=render_template( logo=render_template(
'logo.html', 'logo.html',
dark=g.user_config.dark), dark=g.user_config.dark),
config_disabled=app.config['CONFIG_DISABLE'], config_disabled=(
app.config['CONFIG_DISABLE'] or
not valid_user_session(session) or
'cookies_disabled' in request.args),
config=g.user_config, config=g.user_config,
tor_available=int(os.environ.get('TOR_AVAILABLE')), tor_available=int(os.environ.get('TOR_AVAILABLE')),
version_number=app.config['VERSION_NUMBER']) version_number=app.config['VERSION_NUMBER'])
@ -179,6 +223,7 @@ def search_html():
@app.route('/autocomplete', methods=['GET', 'POST']) @app.route('/autocomplete', methods=['GET', 'POST'])
@session_required
def autocomplete(): def autocomplete():
ac_var = 'WHOOGLE_AUTOCOMPLETE' ac_var = 'WHOOGLE_AUTOCOMPLETE'
if os.getenv(ac_var) and not read_config_bool(ac_var): if os.getenv(ac_var) and not read_config_bool(ac_var):
@ -212,13 +257,13 @@ def autocomplete():
@app.route('/search', methods=['GET', 'POST']) @app.route('/search', methods=['GET', 'POST'])
@session_required
@auth_required @auth_required
def search(): def search():
# Update user config if specified in search args # Update user config if specified in search args
g.user_config = g.user_config.from_params(g.request_params) g.user_config = g.user_config.from_params(g.request_params)
search_util = Search(request, g.user_config, session, search_util = Search(request, g.user_config, g.session_key)
cookies_disabled=g.cookies_disabled)
query = search_util.new_search_query() query = search_util.new_search_query()
bang = resolve_bang(query=query, bangs_dict=bang_json) bang = resolve_bang(query=query, bangs_dict=bang_json)
@ -286,9 +331,12 @@ def search():
@app.route('/config', methods=['GET', 'POST', 'PUT']) @app.route('/config', methods=['GET', 'POST', 'PUT'])
@session_required
@auth_required @auth_required
def config(): def config():
config_disabled = app.config['CONFIG_DISABLE'] config_disabled = (
app.config['CONFIG_DISABLE'] or
not valid_user_session(session))
if request.method == 'GET': if request.method == 'GET':
return json.dumps(g.user_config.__dict__) return json.dumps(g.user_config.__dict__)
elif request.method == 'PUT' and not config_disabled: elif request.method == 'PUT' and not config_disabled:
@ -315,11 +363,6 @@ def config():
app.config['CONFIG_PATH'], app.config['CONFIG_PATH'],
request.args.get('name')), 'wb')) request.args.get('name')), 'wb'))
# Overwrite default config if user has cookies disabled
if g.cookies_disabled:
open(app.config['DEFAULT_CONFIG'], 'w').write(
json.dumps(config_data, indent=4))
session['config'] = config_data session['config'] = config_data
return redirect(config_data['url']) return redirect(config_data['url'])
else: else:
@ -327,6 +370,7 @@ def config():
@app.route('/url', methods=['GET']) @app.route('/url', methods=['GET'])
@session_required
@auth_required @auth_required
def url(): def url():
if 'url' in request.args: if 'url' in request.args:
@ -342,15 +386,17 @@ def url():
@app.route('/imgres') @app.route('/imgres')
@session_required
@auth_required @auth_required
def imgres(): def imgres():
return redirect(request.args.get('imgurl')) return redirect(request.args.get('imgurl'))
@app.route('/element') @app.route('/element')
@session_required
@auth_required @auth_required
def element(): def element():
cipher_suite = Fernet(session['key']) cipher_suite = Fernet(g.session_key)
src_url = cipher_suite.decrypt(request.args.get('url').encode()).decode() src_url = cipher_suite.decrypt(request.args.get('url').encode()).decode()
src_type = request.args.get('type') src_type = request.args.get('type')

11
app/utils/search.py
View File

@ -52,16 +52,15 @@ class Search:
Attributes: Attributes:
request: the incoming flask request request: the incoming flask request
config: the current user config settings config: the current user config settings
session: the flask user session session_key: the flask user fernet key
""" """
def __init__(self, request, config, session_key, cookies_disabled=False):
def __init__(self, request, config, session, cookies_disabled=False):
method = request.method method = request.method
self.request_params = request.args if method == 'GET' else request.form self.request_params = request.args if method == 'GET' else request.form
self.user_agent = request.headers.get('User-Agent') self.user_agent = request.headers.get('User-Agent')
self.feeling_lucky = False self.feeling_lucky = False
self.config = config self.config = config
self.session = session self.session_key = session_key
self.query = '' self.query = ''
self.cookies_disabled = cookies_disabled self.cookies_disabled = cookies_disabled
self.search_type = self.request_params.get( self.search_type = self.request_params.get(
@ -96,7 +95,7 @@ class Search:
else: else:
# Attempt to decrypt if this is an internal link # Attempt to decrypt if this is an internal link
try: try:
q = Fernet(self.session['key']).decrypt(q.encode()).decode() q = Fernet(self.session_key).decrypt(q.encode()).decode()
except InvalidToken: except InvalidToken:
pass pass
@ -115,7 +114,7 @@ class Search:
""" """
mobile = 'Android' in self.user_agent or 'iPhone' in self.user_agent mobile = 'Android' in self.user_agent or 'iPhone' in self.user_agent
content_filter = Filter(self.session['key'], content_filter = Filter(self.session_key,
mobile=mobile, mobile=mobile,
config=self.config) config=self.config)
full_query = gen_query(self.query, full_query = gen_query(self.query,

5
app/utils/session.py
View File

@ -4,7 +4,7 @@ from flask import current_app as app
REQUIRED_SESSION_VALUES = ['uuid', 'config', 'key'] REQUIRED_SESSION_VALUES = ['uuid', 'config', 'key']
def generate_user_key(cookies_disabled=False) -> bytes: def generate_user_key() -> bytes:
"""Generates a key for encrypting searches and element URLs """Generates a key for encrypting searches and element URLs
Args: Args:
@ -16,9 +16,6 @@ def generate_user_key(cookies_disabled=False) -> bytes:
str: A unique Fernet key str: A unique Fernet key
""" """
if cookies_disabled:
return app.default_key
# Generate/regenerate unique key per user # Generate/regenerate unique key per user
return Fernet.generate_key() return Fernet.generate_key()

2
requirements.txt
View File

@ -7,7 +7,7 @@ chardet==3.0.4
click==8.0.3 click==8.0.3
cryptography==3.3.2 cryptography==3.3.2
Flask==1.1.1 Flask==1.1.1
Flask-Session==0.3.2 Flask-Session==0.4.0
idna==2.9 idna==2.9
itsdangerous==1.1.0 itsdangerous==1.1.0
Jinja2==2.11.3 Jinja2==2.11.3