224 lines
9.9 KiB
Python
224 lines
9.9 KiB
Python
import io
|
|
import json
|
|
import yaml
|
|
import random
|
|
import mistune
|
|
from pathlib import Path
|
|
from bs4 import BeautifulSoup
|
|
from markitdown import MarkItDown
|
|
from datetime import datetime, timezone
|
|
from fastapi import FastAPI, Request, Response
|
|
from fastapi.templating import Jinja2Templates
|
|
from fastapi.responses import PlainTextResponse, JSONResponse, FileResponse, RedirectResponse
|
|
from jinja2.exceptions import TemplateNotFound
|
|
from .error import error_page
|
|
from .database import AccessCounter
|
|
from .middleware import Middleware, server_version, onion_hostname
|
|
|
|
app = FastAPI(docs_url=None, redoc_url=None, openapi_url=None)
|
|
app.add_middleware(Middleware)
|
|
templates = Jinja2Templates(directory=Path.cwd().joinpath("public"))
|
|
markitdown = MarkItDown()
|
|
accesscounter = AccessCounter()
|
|
templates.env.globals["get_access_count"] = accesscounter.get
|
|
templates.env.globals["server_version"] = server_version
|
|
templates.env.globals["onion_site_url"] = f"http://{onion_hostname}/"
|
|
|
|
class CustomHTMLRenderer(mistune.HTMLRenderer):
|
|
def block_code(self, code, **attrs):
|
|
return f'<pre>{mistune.escape(code)}</pre>\n'
|
|
htmlitdown = mistune.create_markdown(renderer=CustomHTMLRenderer(escape=False))
|
|
|
|
def get_daily_quote() -> str:
|
|
seed = str(datetime.now(timezone.utc).date())
|
|
with Path.cwd().joinpath("public", "quotes.txt").open("r") as f:
|
|
quotes = f.read().strip().split("\n")
|
|
return random.Random(seed).choice(quotes)
|
|
templates.env.globals["get_daily_quote"] = get_daily_quote
|
|
|
|
def resolve_static_file(full_path: str) -> Path | None:
|
|
base_dir = Path.cwd().joinpath("public")
|
|
target_path = (base_dir / full_path.lstrip('/')).resolve()
|
|
if not str(target_path).startswith(str(base_dir.resolve())):
|
|
raise PermissionError()
|
|
return target_path if target_path.is_file() else None
|
|
|
|
def resolve_shorturl(shorturls: dict, full_path: str) -> str | None:
|
|
current_id = full_path.strip().rstrip("/")
|
|
visited = set()
|
|
for _ in range(10):
|
|
if current_id in visited or current_id not in shorturls:
|
|
return None
|
|
visited.add(current_id)
|
|
entry = shorturls[current_id]
|
|
if entry["type"] in ["redirect", "alias"]:
|
|
if entry["type"] == "redirect":
|
|
return entry["content"]
|
|
current_id = entry["content"]
|
|
return None
|
|
|
|
@app.api_route("/ping", methods=["GET"])
|
|
async def ping(request: Request):
|
|
return PlainTextResponse("pong!", status_code=200)
|
|
|
|
@app.api_route("/echo", methods=["GET"])
|
|
async def echo(request: Request):
|
|
return JSONResponse(request.scope["log"], status_code=200)
|
|
|
|
@app.api_route("/status", methods=["GET"])
|
|
async def status(request: Request):
|
|
return JSONResponse(
|
|
{
|
|
"status": "ok",
|
|
"version": server_version,
|
|
"daily_quote": get_daily_quote(),
|
|
"access_count": accesscounter.get()
|
|
},
|
|
status_code=200
|
|
)
|
|
|
|
@app.api_route("/welcome", methods=["GET"])
|
|
async def ping(request: Request):
|
|
return PlainTextResponse(
|
|
f"""
|
|
■ ■ ■■■■■ ■■■■ ■■■■ ■■■ ■ ■ ■■■■■
|
|
■■ ■ ■ ■ ■ ■ ■ ■ ■■ ■ ■
|
|
■■ ■ ■ ■ ■ ■ ■ ■ ■■ ■ ■
|
|
■ ■ ■ ■■■■ ■■■■ ■ ■ ■ ■ ■ ■ ■■■■
|
|
■ ■■ ■ ■ ■ ■ ■ ■ ■ ■■ ■
|
|
■ ■■ ■ ■ ■ ■ ■ ■ ■ ■■ ■
|
|
■ ■ ■■■■■ ■ ■ ■■■■ ■■■ ■ ■ ■■■■■
|
|
|
|
nercone.dev ({server_version})
|
|
welcome to nercone.dev!
|
|
""".strip() + "\n",
|
|
status_code=200
|
|
)
|
|
|
|
@app.api_route("/error/{code}", methods=["GET", "POST", "HEAD"])
|
|
async def fake_error_page(request: Request, code: str):
|
|
return error_page(templates=templates, request=request, status_code=int(code))
|
|
|
|
@app.api_route("/{full_path:path}", methods=["GET", "POST", "HEAD"])
|
|
async def default_response(request: Request, full_path: str) -> Response:
|
|
if not full_path.endswith(".html") and not full_path.endswith(".md"):
|
|
try:
|
|
if static := resolve_static_file(full_path):
|
|
return FileResponse(static)
|
|
except PermissionError:
|
|
return error_page(templates, request, 403, "何をしてるんです?脆弱性報告のためならいいのですが、データ盗んで悪用するためなら今すぐにやめてくださいね?", "ディレクトリトラバーサルね、知ってる。公開してないところ覗きたいの?えっt")
|
|
|
|
markdown_mode = False
|
|
if "curl" in request.headers.get("user-agent", "").lower():
|
|
markdown_mode = True
|
|
|
|
original_path = full_path
|
|
if full_path.endswith(".md"):
|
|
markdown_mode = True
|
|
full_path = full_path[:-3] + ".html"
|
|
|
|
lightweight_query = request.query_params.get("lightweight", "").lower()
|
|
lightweight_header = request.headers.get("lightweight", "").lower()
|
|
lightweight_signal = lightweight_query or lightweight_header
|
|
|
|
if lightweight_signal in ["1", "y", "yes", "true"]:
|
|
lightweight_mode = True
|
|
elif lightweight_signal in ["0", "n", "no", "false"]:
|
|
lightweight_mode = False
|
|
else:
|
|
lightweight_mode = request.cookies.get("lightweight_mode", "") == "true"
|
|
|
|
if full_path in ["", "/"]:
|
|
template_candidates = ["index.html"]
|
|
elif full_path.endswith(".html"):
|
|
template_candidates = [full_path.lstrip('/')]
|
|
else:
|
|
template_candidates = [f"{full_path.strip('/')}.html", f"{full_path.strip('/')}/index.html"]
|
|
|
|
for name in template_candidates:
|
|
try:
|
|
if markdown_mode:
|
|
content = templates.env.get_template(name).render(request=request)
|
|
soup = BeautifulSoup(content, "html.parser")
|
|
main = str(soup.find("main")) if soup.find("main") else content
|
|
markdown = markitdown.convert_stream(io.BytesIO(main.encode("utf-8")), file_extension=".html")
|
|
response = PlainTextResponse(markdown.text_content, status_code=200, media_type="text/markdown")
|
|
else:
|
|
if lightweight_mode:
|
|
source = templates.env.loader.get_source(templates.env, name)[0]
|
|
source = source.replace('{% extends "/base.html" %}', '{% extends "/base-light.html" %}')
|
|
content = templates.env.from_string(source).render(request=request)
|
|
response = Response(content=content, status_code=200, media_type="text/html")
|
|
response.set_cookie("lightweight_mode", "true", samesite="lax")
|
|
else:
|
|
response = templates.TemplateResponse(status_code=200, request=request, name=name)
|
|
if request.cookies.get("lightweight_mode", "") == "true":
|
|
response.set_cookie("lightweight_mode", "false", samesite="lax")
|
|
|
|
accesscounter.increase()
|
|
return response
|
|
except TemplateNotFound:
|
|
continue
|
|
|
|
if original_path in ["", "/"]:
|
|
markdown_candidates = ["index.md"]
|
|
elif original_path.endswith(".md"):
|
|
markdown_candidates = [original_path.lstrip('/')]
|
|
else:
|
|
markdown_candidates = [f"{original_path.strip('/')}.md", f"{original_path.strip('/')}/index.md"]
|
|
|
|
for name in markdown_candidates:
|
|
try:
|
|
markdown_path = Path.cwd().joinpath("public", name)
|
|
if not markdown_path.is_relative_to(Path.cwd().joinpath("public")):
|
|
continue
|
|
with markdown_path.open("r") as f:
|
|
markdown = f.read()
|
|
|
|
if markdown_mode:
|
|
response = PlainTextResponse(markdown, status_code=200, media_type="text/markdown")
|
|
else:
|
|
if not markdown.startswith("---"):
|
|
front = {}
|
|
body = markdown
|
|
else:
|
|
end = markdown.find("\n---", 3)
|
|
if end == -1:
|
|
front = {}
|
|
body = markdown
|
|
else:
|
|
front = yaml.safe_load(markdown[3:end]) or {}
|
|
body = markdown[end+4:].lstrip("\n")
|
|
|
|
html = htmlitdown(body)
|
|
source = f'{{% extends "{"/base-light.html" if lightweight_mode else "/base.html"}" %}}\n'
|
|
for block in front:
|
|
source += f'{{% block {block} %}}{front[block]}{{% endblock %}}\n'
|
|
source += f'{{% block content %}}\n{html}\n{{% endblock %}}\n'
|
|
|
|
content = templates.env.from_string(source).render(request=request)
|
|
response = Response(content=content, status_code=200, media_type="text/html")
|
|
|
|
if lightweight_mode:
|
|
response.set_cookie("lightweight_mode", "true", samesite="lax")
|
|
elif request.cookies.get("lightweight_mode", "") == "true":
|
|
response.set_cookie("lightweight_mode", "false", samesite="lax")
|
|
|
|
accesscounter.increase()
|
|
return response
|
|
except FileNotFoundError:
|
|
continue
|
|
|
|
try:
|
|
path = Path.cwd().joinpath("public", "shorturls.json")
|
|
if not path.exists():
|
|
return error_page(templates, request, 500, "短縮URLの処理のためのJSONファイルがありません。", "設定ファイルぐらい用意しておけよ!")
|
|
shorturls = json.load(path.open("r", encoding="utf-8"))
|
|
except Exception:
|
|
return error_page(templates, request, 500, "短縮URLの処理のためのJSONファイルを正常に読み込めませんでした。", "なにこの設定ファイル読めないじゃない!")
|
|
|
|
if result := resolve_shorturl(shorturls, full_path):
|
|
return RedirectResponse(url=result)
|
|
|
|
return error_page(templates, request, 404, "リクエストしたページは現在ご利用になれません。削除/移動されたか、URLが間違っている可能性があります。", "そんなページ知らないっ!")
|