aboutsummaryrefslogtreecommitdiffstats
path: root/backend/zmusic/endpoints/stats.py
diff options
context:
space:
mode:
Diffstat (limited to 'backend/zmusic/endpoints/stats.py')
-rw-r--r--backend/zmusic/endpoints/stats.py27
1 files changed, 20 insertions, 7 deletions
diff --git a/backend/zmusic/endpoints/stats.py b/backend/zmusic/endpoints/stats.py
index 13149ca..3ae4ca9 100644
--- a/backend/zmusic/endpoints/stats.py
+++ b/backend/zmusic/endpoints/stats.py
@@ -1,29 +1,42 @@
from zmusic import app, db
from zmusic.database import Download
-from zmusic.login import admin_required
-from flask import jsonify
+from zmusic.login import login_required, is_admin
+from flask import jsonify, request, abort
import socket
+def clean_ip():
+ ip = request.remote_addr
+ if (ip.find('::ffff:') == 0 and len(ip) > len('::ffff:')):
+ ip = ip[len('::ffff:'):]
+ return ip
+
@app.route('/stats')
@app.route('/stats/')
-@admin_required
+@login_required
def stats_all_ips():
ips = []
socket.setdefaulttimeout(2)
- for ip in db.session.query(Download.ip).group_by(Download.ip).order_by(db.desc(db.func.max(Download.time))):
+ if is_admin():
+ iterations = [a.ip for a in db.session.query(Download.ip).group_by(Download.ip).order_by(db.desc(db.func.max(Download.time)))]
+ else:
+ iterations = [clean_ip()]
+
+ for ip in iterations:
try:
- host = socket.gethostbyaddr(ip.ip)[0]
+ host = socket.gethostbyaddr(ip)[0]
except:
host = None
- ips.append({ "ip": ip.ip, "host": host })
+ ips.append({ "ip": ip, "host": host })
response = jsonify(downloaders=ips)
response.cache_control.no_cache = True
return response
@app.route('/stats/<ip>')
-@admin_required
+@login_required
def stats_for_ip(ip):
+ if not is_admin() and ip != clean_ip():
+ return abort(403)
songlist = []
for song in Download.query.filter((Download.ip == ip) & (Download.leader_id == None)).order_by(Download.leader_id).order_by(db.desc(Download.time)):
if song.is_zip:
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.