##// END OF EJS Templates
u » bodqhrohro » swineboard
RSS
Use password-hash tripcodes
neko259 -
r1299:d2cb2722 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,8 +1,3 b''
1 import uuid
2
3 import boards
4 from boards.abstracts.tripcode import Tripcode
5
6 1 from boards.models import Tag
7 2
8 3 MAX_TRIPCODE_COLLISIONS = 50
@@ -123,27 +118,6 b' class SettingsManager:'
123 118 tags.remove(tag.name)
124 119 self.set_setting(SETTING_HIDDEN_TAGS, tags)
125 120
126 def get_tripcode(self):
127 tripcode = self.get_setting(SETTING_TRIPCODE)
128 if tripcode is None:
129 self.reset_tripcode()
130 tripcode = self.get_setting(SETTING_TRIPCODE)
131 return tripcode
132
133 def reset_tripcode(self):
134 tripcode = Tripcode(str(uuid.uuid4()))
135
136 # If we cannot find a collision-free tripcode, then let the collision
137 # be destiny
138 collision_counter = 0
139 while boards.models.Post.objects.filter(
140 tripcode__startswith=tripcode.get_short_text()).exists()\
141 and collision_counter < MAX_TRIPCODE_COLLISIONS:
142 tripcode = Tripcode(str(uuid.uuid4()))
143 collision_counter += 1
144 print('Tripcode collision detected') # FIXME Use proper logging
145 self.set_setting(SETTING_TRIPCODE, tripcode.get_full_text())
146
147 121
148 122 class SessionSettingsManager(SettingsManager):
149 123 """
Show file before | Show file after | Hide comments
@@ -1,3 +1,4 b''
1 import hashlib
1 2 import re
2 3 import time
3 4
@@ -9,12 +10,12 b' from django.forms.util import ErrorList'
9 10 from django.utils.translation import ugettext_lazy as _
10 11 import requests
11 12
12 from boards.abstracts.settingsmanager import SessionSettingsManager
13 13 from boards.mdx_neboard import formatters
14 14 from boards.models.post import TITLE_MAX_LENGTH
15 15 from boards.models import Tag, Post
16 16 from neboard import settings
17 17 import boards.settings as board_settings
18 import neboard
18 19
19 20 HEADER_CONTENT_LENGTH = 'content-length'
20 21 HEADER_CONTENT_TYPE = 'content-type'
@@ -130,7 +131,10 b' class NeboardForm(forms.Form):'
130 131 class PostForm(NeboardForm):
131 132
132 133 title = forms.CharField(max_length=TITLE_MAX_LENGTH, required=False,
133 label=LABEL_TITLE)
134 label=LABEL_TITLE,
135 widget=forms.TextInput(
136 attrs={ATTRIBUTE_PLACEHOLDER:
137 'test#tripcode'}))
134 138 text = forms.CharField(
135 139 widget=FormatPanel(attrs={
136 140 ATTRIBUTE_PLACEHOLDER: TEXT_PLACEHOLDER,
@@ -152,7 +156,6 b' class PostForm(NeboardForm):'
152 156 threads = forms.CharField(required=False, label=_('Additional threads'),
153 157 widget=forms.TextInput(attrs={ATTRIBUTE_PLACEHOLDER:
154 158 '123 456 789'}))
155 tripcode = forms.BooleanField(label=_('Tripcode'), required=False)
156 159
157 160 session = None
158 161 need_to_ban = False
@@ -240,8 +243,17 b' class PostForm(NeboardForm):'
240 243 return file or self.cleaned_data['file_url']
241 244
242 245 def get_tripcode(self):
243 if self.cleaned_data['tripcode']:
244 return SessionSettingsManager(self.session).get_tripcode()
246 title = self.cleaned_data['title']
247 if title is not None and '#' in title:
248 code = title.split('#', maxsplit=1)[1] + neboard.settings.SECRET_KEY
249 return hashlib.md5(code.encode()).hexdigest()
250
251 def get_title(self):
252 title = self.cleaned_data['title']
253 if title is not None and '#' in title:
254 return title.split('#', maxsplit=1)[0]
255 else:
256 return title
245 257
246 258 def _clean_text_file(self):
247 259 text = self.cleaned_data.get('text')
Show file before | Show file after | Hide comments
@@ -26,11 +26,6 b''
26 26 {% else %}
27 27 <p>{% trans 'No hidden tags.' %}</p>
28 28 {% endif %}
29 <div>{% trans "Tripcode:" %} {% autoescape off %}{{ tripcode.get_view }}{% endautoescape %}
30 <form method="post" class="post-button-form">
31 (<button name="reset_tripcode" value="0">{% trans "reset" %}</button>)
32 </form>
33 </div>
34 29 </div>
35 30
36 31 <div class="post-form-w">
Show file before | Show file after | Hide comments
@@ -139,7 +139,7 b' class AllThreadsView(PostMixin, BaseBoar'
139 139
140 140 data = form.cleaned_data
141 141
142 title = data[FORM_TITLE]
142 title = form.get_title()
143 143 text = data[FORM_TEXT]
144 144 file = form.get_file()
145 145 threads = data[FORM_THREADS]
Show file before | Show file after | Hide comments
@@ -4,21 +4,17 b' from django.utils import timezone'
4 4
5 5 from boards.abstracts.settingsmanager import get_settings_manager, \
6 6 SETTING_USERNAME, SETTING_LAST_NOTIFICATION_ID, SETTING_IMAGE_VIEWER
7 from boards.abstracts.tripcode import Tripcode
8 7 from boards.middlewares import SESSION_TIMEZONE
9 8 from boards.views.base import BaseBoardView, CONTEXT_FORM
10 9 from boards.forms import SettingsForm, PlainErrorList
11 10 from boards import settings
12 11
13 PARAM_RESET_TRIPCODE = 'reset_tripcode'
14
15 12 FORM_THEME = 'theme'
16 13 FORM_USERNAME = 'username'
17 14 FORM_TIMEZONE = 'timezone'
18 15 FORM_IMAGE_VIEWER = 'image_viewer'
19 16
20 17 CONTEXT_HIDDEN_TAGS = 'hidden_tags'
21 CONTEXT_TRIPCODE = 'tripcode'
22 18
23 19 TEMPLATE = 'boards/settings.html'
24 20
@@ -45,17 +41,12 b' class SettingsView(BaseBoardView):'
45 41
46 42 params[CONTEXT_FORM] = form
47 43 params[CONTEXT_HIDDEN_TAGS] = settings_manager.get_hidden_tags()
48 params[CONTEXT_TRIPCODE] = Tripcode(settings_manager.get_tripcode())
49 44
50 45 return render(request, TEMPLATE, params)
51 46
52 47 def post(self, request):
53 48 settings_manager = get_settings_manager(request)
54 49
55 if PARAM_RESET_TRIPCODE in request.POST:
56 settings_manager.reset_tripcode()
57 return self.get(request)
58
59 50 with transaction.atomic():
60 51 form = SettingsForm(request.POST, error_class=PlainErrorList)
61 52
Show file before | Show file after | Hide comments
@@ -101,7 +101,7 b' class ThreadView(BaseBoardView, PostMixi'
101 101
102 102 data = form.cleaned_data
103 103
104 title = data[FORM_TITLE]
104 title = form.get_title()
105 105 text = data[FORM_TEXT]
106 106 file = form.get_file()
107 107 threads = data[FORM_THREADS]
General Comments 0
You need to be logged in to leave comments. Login now