NewsBlur/utils/user_functions.py

import hashlib

from django.conf import settings
from django.contrib.auth.models import User
from django.core.cache import cache
from django.http import HttpResponse, HttpResponseForbidden
from django.utils.http import urlquote
from simplejson.decoder import JSONDecodeError

from utils import json_functions as json


def ajax_login_required(function=None):
    def _dec(view_func):
        def _view(request, *args, **kwargs):
            if request.user.is_anonymous:
                return HttpResponseForbidden()
            else:
                return view_func(request, *args, **kwargs)

        _view.__name__ = view_func.__name__
        _view.__dict__ = view_func.__dict__
        _view.__doc__ = view_func.__doc__

        return _view

    if function is None:
        return _dec
    else:
        return _dec(function)


def oauth_login_required(function=None):
    def _dec(view_func):
        def _view(request, *args, **kwargs):
            if request.user.is_anonymous:
                return HttpResponse(
                    content=json.encode(
                        {
                            "message": "You must have a valid OAuth token.",
                        }
                    ),
                    status=401,
                )
            else:
                try:
                    setattr(request, "body_json", json.decode(request.body))
                except JSONDecodeError:
                    return HttpResponse(
                        content=json.encode(
                            {
                                "message": "Your JSON body is malformed.",
                            }
                        ),
                        status=400,
                    )
                return view_func(request, *args, **kwargs)

        _view.__name__ = view_func.__name__
        _view.__dict__ = view_func.__dict__
        _view.__doc__ = view_func.__doc__

        return _view

    if function is None:
        return _dec
    else:
        return _dec(function)


def admin_only(function=None):
    def _dec(view_func):
        def _view(request, *args, **kwargs):
            if not request.user.is_staff:
                return HttpResponseForbidden()
            else:
                return view_func(request, *args, **kwargs)

        _view.__name__ = view_func.__name__
        _view.__dict__ = view_func.__dict__
        _view.__doc__ = view_func.__doc__

        return _view

    if function is None:
        return _dec
    else:
        return _dec(function)


def get_user(request):
    if not hasattr(request, "user"):
        user = request
    else:
        user = request.user

    if user.is_anonymous and hasattr(request, "POST"):
        # Check secret_token parameter
        secret_token = request.POST.get("secret_token", None) or request.GET.get("secret_token", None)
        if secret_token:
            try:
                user = User.objects.get(profile__secret_token=secret_token)
                request.user = user
            except User.DoesNotExist:
                pass

    if user.is_anonymous:
        try:
            user = User.objects.get(username=settings.HOMEPAGE_USERNAME)
        except User.DoesNotExist:
            user = User.objects.create(username=settings.HOMEPAGE_USERNAME)
            user.set_password("")
            user.save()
    return user


def invalidate_template_cache(fragment_name, *variables):
    args = hashlib.md5((":".join([urlquote(var) for var in variables]).encode("utf-8")))
    cache_key = "template.cache.%s.%s" % (fragment_name, args.hexdigest())
    cache.delete(cache_key)


def generate_secret_token(phrase, size=12):
    """Generate a (SHA1) security hash from the provided info."""
    info = f"{phrase} {settings.SECRET_KEY}".encode("utf-8")
    return hashlib.sha256(info).hexdigest()[:size]


def extract_user_agent(request):
    user_agent = request.environ.get("HTTP_USER_AGENT", "").lower()
    platform = "------"
    if "ipad app" in user_agent:
        platform = "iPad"
    elif "iphone app" in user_agent:
        platform = "iPhone"
    elif "blar" in user_agent:
        platform = "Blar"
    elif "Android app" in user_agent:
        platform = "Androd"
    elif "android" in user_agent:
        platform = "androd"
    elif "pluggio" in user_agent:
        platform = "Plugio"
    elif "msie" in user_agent:
        platform = "IE"
        if "msie 9" in user_agent:
            platform += "9"
        elif "msie 10" in user_agent:
            platform += "10"
        elif "msie 8" in user_agent:
            platform += "8"
    elif "trident/7" in user_agent:
        platform = "IE11"
    elif "chrome" in user_agent:
        platform = "Chrome"
    elif "safari" in user_agent:
        platform = "Safari"
    elif "meego" in user_agent:
        platform = "MeeGo"
    elif "firefox" in user_agent:
        platform = "FF"
    elif "opera" in user_agent:
        platform = "Opera"
    elif "wp7" in user_agent:
        platform = "WP7"
    elif "wp8" in user_agent:
        platform = "WP8"
    elif "tafiti" in user_agent:
        platform = "Tafiti"
    elif "readkit" in user_agent:
        platform = "ReadKt"
    elif "reeder" in user_agent:
        platform = "Reeder"
    elif "metroblur" in user_agent:
        platform = "Metrob"
    elif "feedme" in user_agent:
        platform = "FeedMe"
    elif "theoldreader" in user_agent:
        platform = "OldRdr"
    elif "fever" in user_agent:
        platform = "Fever"
    elif "superfeedr" in user_agent:
        platform = "Suprfd"
    elif "feed reader-window" in user_agent:
        platform = "FeedRe"
    elif "feed reader-background" in user_agent:
        platform = "FeReBg"

    return platform
Upgrading django from 1.3 to 1.5. 2013-03-20 15:05:52 -07:00			`import hashlib`
Black formatting and isort 2024-04-24 09:50:42 -04:00
			`from django.conf import settings`
Initial 2009-06-16 03:08:55 +00:00			`from django.contrib.auth.models import User`
Beginnings of minor cache work. So far, only on user accounts. 2009-07-25 15:24:27 +00:00			`from django.core.cache import cache`
Black formatting and isort 2024-04-24 09:50:42 -04:00			`from django.http import HttpResponse, HttpResponseForbidden`
Refactoring a bit and marking a subscription as read when it's out of stories. 2010-07-06 16:37:49 -04:00			`from django.utils.http import urlquote`
Black formatting and isort 2024-04-24 09:50:42 -04:00			`from simplejson.decoder import JSONDecodeError`

			`from utils import json_functions as json`
Beginnings of minor cache work. So far, only on user accounts. 2009-07-25 15:24:27 +00:00
Black formatting. 2024-04-24 09:43:56 -04:00
Handling anonymous users with more grace. They will now be told that they need to signup in order to add a feed/folder/opml. The old way was to show a loading indicator forever. Yeah. 2010-07-24 15:54:25 -04:00			`def ajax_login_required(function=None):`
			`def _dec(view_func):`
			`def _view(request, args, *kwargs):`
change User.is_authenticated() and User.is_anonymous() to attributes 2020-06-11 15:13:12 -04:00			`if request.user.is_anonymous:`
Handling anonymous users with more grace. They will now be told that they need to signup in order to add a feed/folder/opml. The old way was to show a loading indicator forever. Yeah. 2010-07-24 15:54:25 -04:00			`return HttpResponseForbidden()`
			`else:`
			`return view_func(request, args, *kwargs)`

			`_view.__name__ = view_func.__name__`
			`_view.__dict__ = view_func.__dict__`
			`_view.__doc__ = view_func.__doc__`

			`return _view`

			`if function is None:`
			`return _dec`
			`else:`
			`return _dec(function)`

Black formatting. 2024-04-24 09:43:56 -04:00
Switching OAuth endpoints to return a 401 instead of a 302. Also handling mal-formed JSON in OAuth requests. 2014-02-07 12:32:44 -08:00			`def oauth_login_required(function=None):`
			`def _dec(view_func):`
			`def _view(request, args, *kwargs):`
change User.is_authenticated() and User.is_anonymous() to attributes 2020-06-11 15:13:12 -04:00			`if request.user.is_anonymous:`
Black formatting. 2024-04-24 09:43:56 -04:00			`return HttpResponse(`
			`content=json.encode(`
			`{`
			`"message": "You must have a valid OAuth token.",`
			`}`
			`),`
			`status=401,`
			`)`
Switching OAuth endpoints to return a 401 instead of a 302. Also handling mal-formed JSON in OAuth requests. 2014-02-07 12:32:44 -08:00			`else:`
			`try:`
Black formatting. 2024-04-24 09:43:56 -04:00			`setattr(request, "body_json", json.decode(request.body))`
Switching OAuth endpoints to return a 401 instead of a 302. Also handling mal-formed JSON in OAuth requests. 2014-02-07 12:32:44 -08:00			`except JSONDecodeError:`
Black formatting. 2024-04-24 09:43:56 -04:00			`return HttpResponse(`
			`content=json.encode(`
			`{`
			`"message": "Your JSON body is malformed.",`
			`}`
			`),`
			`status=400,`
			`)`
Switching OAuth endpoints to return a 401 instead of a 302. Also handling mal-formed JSON in OAuth requests. 2014-02-07 12:32:44 -08:00			`return view_func(request, args, *kwargs)`

			`_view.__name__ = view_func.__name__`
			`_view.__dict__ = view_func.__dict__`
			`_view.__doc__ = view_func.__doc__`

			`return _view`

			`if function is None:`
			`return _dec`
			`else:`
			`return _dec(function)`

Black formatting. 2024-04-24 09:43:56 -04:00
Adding moderation queue to recommended feeds (finally!) 2011-07-11 18:22:28 -07:00			`def admin_only(function=None):`
			`def _dec(view_func):`
			`def _view(request, args, *kwargs):`
			`if not request.user.is_staff:`
			`return HttpResponseForbidden()`
			`else:`
			`return view_func(request, args, *kwargs)`

			`_view.__name__ = view_func.__name__`
			`_view.__dict__ = view_func.__dict__`
			`_view.__doc__ = view_func.__doc__`

			`return _view`

			`if function is None:`
			`return _dec`
			`else:`
			`return _dec(function)`
Black formatting. 2024-04-24 09:43:56 -04:00

Initial 2009-06-16 03:08:55 +00:00			`def get_user(request):`
Black formatting. 2024-04-24 09:43:56 -04:00			`if not hasattr(request, "user"):`
Adding a subscribed note in recommended feeds. 2011-03-02 12:05:58 -05:00			`user = request`
Initial 2009-06-16 03:08:55 +00:00			`else:`
Adding a subscribed note in recommended feeds. 2011-03-02 12:05:58 -05:00			`user = request.user`
Black formatting. 2024-04-24 09:43:56 -04:00
			`if user.is_anonymous and hasattr(request, "POST"):`
Adding secret_token parameter support to every API endpoint. Built for #1162. 2019-12-16 16:59:04 -05:00			`# Check secret_token parameter`
Black formatting. 2024-04-24 09:43:56 -04:00			`secret_token = request.POST.get("secret_token", None) or request.GET.get("secret_token", None)`
Adding secret_token parameter support to every API endpoint. Built for #1162. 2019-12-16 16:59:04 -05:00			`if secret_token:`
			`try:`
			`user = User.objects.get(profile__secret_token=secret_token)`
			`request.user = user`
			`except User.DoesNotExist:`
			`pass`
Black formatting. 2024-04-24 09:43:56 -04:00
change User.is_authenticated() and User.is_anonymous() to attributes 2020-06-11 15:13:12 -04:00			`if user.is_anonymous:`
Ignoring cache for homepage user. 2020-11-13 21:43:52 -05:00			`try:`
			`user = User.objects.get(username=settings.HOMEPAGE_USERNAME)`
			`except User.DoesNotExist:`
			`user = User.objects.create(username=settings.HOMEPAGE_USERNAME)`
Black formatting. 2024-04-24 09:43:56 -04:00			`user.set_password("")`
Ignoring cache for homepage user. 2020-11-13 21:43:52 -05:00			`user.save()`
Refactoring a bit and marking a subscription as read when it's out of stories. 2010-07-06 16:37:49 -04:00			`return user`
Black formatting. 2024-04-24 09:43:56 -04:00

Refactoring a bit and marking a subscription as read when it's out of stories. 2010-07-06 16:37:49 -04:00			`def invalidate_template_cache(fragment_name, *variables):`
Black formatting. 2024-04-24 09:43:56 -04:00			`args = hashlib.md5((":".join([urlquote(var) for var in variables]).encode("utf-8")))`
			`cache_key = "template.cache.%s.%s" % (fragment_name, args.hexdigest())`
Adding bookmarklet modal. Also adding the api app, which will handle incoming bookmarklet site adds. Uses a new privacy token to generate a unique URL for each user, so only they can add sites, no login needed. 2011-01-20 09:57:23 -05:00			`cache.delete(cache_key)`
Black formatting. 2024-04-24 09:43:56 -04:00

Adding bookmarklet modal. Also adding the api app, which will handle incoming bookmarklet site adds. Uses a new privacy token to generate a unique URL for each user, so only they can add sites, no login needed. 2011-01-20 09:57:23 -05:00			`def generate_secret_token(phrase, size=12):`
			`"""Generate a (SHA1) security hash from the provided info."""`
Black formatting. 2024-04-24 09:43:56 -04:00			`info = f"{phrase} {settings.SECRET_KEY}".encode("utf-8")`
fix unnecessary encoding issue 2020-06-20 01:11:59 -04:00			`return hashlib.sha256(info).hexdigest()[:size]`
Adding new analytics collections to keep track of page loads and feed fetches. Need to start aggregating before I can tell how useful this data will be. 2012-09-06 17:16:01 -07:00
Black formatting. 2024-04-24 09:43:56 -04:00
Adding new analytics collections to keep track of page loads and feed fetches. Need to start aggregating before I can tell how useful this data will be. 2012-09-06 17:16:01 -07:00			`def extract_user_agent(request):`
Black formatting. 2024-04-24 09:43:56 -04:00			`user_agent = request.environ.get("HTTP_USER_AGENT", "").lower()`
			`platform = "------"`
			`if "ipad app" in user_agent:`
			`platform = "iPad"`
			`elif "iphone app" in user_agent:`
			`platform = "iPhone"`
			`elif "blar" in user_agent:`
			`platform = "Blar"`
			`elif "Android app" in user_agent:`
			`platform = "Androd"`
			`elif "android" in user_agent:`
			`platform = "androd"`
			`elif "pluggio" in user_agent:`
			`platform = "Plugio"`
			`elif "msie" in user_agent:`
			`platform = "IE"`
			`if "msie 9" in user_agent:`
			`platform += "9"`
			`elif "msie 10" in user_agent:`
			`platform += "10"`
			`elif "msie 8" in user_agent:`
			`platform += "8"`
			`elif "trident/7" in user_agent:`
			`platform = "IE11"`
			`elif "chrome" in user_agent:`
			`platform = "Chrome"`
			`elif "safari" in user_agent:`
			`platform = "Safari"`
			`elif "meego" in user_agent:`
			`platform = "MeeGo"`
			`elif "firefox" in user_agent:`
			`platform = "FF"`
			`elif "opera" in user_agent:`
			`platform = "Opera"`
			`elif "wp7" in user_agent:`
			`platform = "WP7"`
			`elif "wp8" in user_agent:`
			`platform = "WP8"`
			`elif "tafiti" in user_agent:`
			`platform = "Tafiti"`
			`elif "readkit" in user_agent:`
			`platform = "ReadKt"`
			`elif "reeder" in user_agent:`
			`platform = "Reeder"`
			`elif "metroblur" in user_agent:`
			`platform = "Metrob"`
			`elif "feedme" in user_agent:`
			`platform = "FeedMe"`
			`elif "theoldreader" in user_agent:`
			`platform = "OldRdr"`
			`elif "fever" in user_agent:`
			`platform = "Fever"`
			`elif "superfeedr" in user_agent:`
			`platform = "Suprfd"`
			`elif "feed reader-window" in user_agent:`
			`platform = "FeedRe"`
			`elif "feed reader-background" in user_agent:`
			`platform = "FeReBg"`

Update utils/user_functions.py Adding Pluggio user agent 2013-02-04 21:27:08 -08:00			`return platform`