stacosys/app/interface/form.py

#!/usr/bin/env python
# -*- coding: utf-8 -*-

import logging
from flask import request, jsonify, abort, redirect
from core import app
from models.site import Site
from models.comment import Comment
from helpers.hashing import md5
from core import processor

logger = logging.getLogger(__name__)

@app.route("/newcomment", methods=['POST'])
def new_form_comment():

    try:
        data = request.form

        # add client IP if provided by HTTP proxy
        clientip = ''
        if 'X-Forwarded-For' in request.headers:
            clientip = request.headers['X-Forwarded-For']
        
        # log 
        logger.info(data)

        # validate token: retrieve site entity
        token = data.get('token', '')
        site = Site.select().where(Site.token == token).get()
        if site is None:
            logger.warn('Unknown site %s' % token)
            abort(400)

        # honeypot for spammers
        captcha = data.get('captcha', '')
        if captcha:
            logger.warn('discard spam: data %s' % data)
            abort(400)

        processor.enqueue({'request': 'new_comment', 'data': data, 'clientip': clientip})

    except:
        logger.exception("new comment failure")
        abort(400)

    return redirect('/redirect/', code=302)
Add HTML form entry point 2017-11-11 07:33:21 +01:00			`#!/usr/bin/env python`
			`# -- coding: utf-8 --`

			`import logging`
redirect 2017-11-11 08:44:28 +01:00			`from flask import request, jsonify, abort, redirect`
Configuration moved to JSON and validated by JSON Schema 2018-01-20 08:57:49 +01:00			`from core import app`
			`from models.site import Site`
			`from models.comment import Comment`
			`from helpers.hashing import md5`
			`from core import processor`
Add HTML form entry point 2017-11-11 07:33:21 +01:00
			`logger = logging.getLogger(__name__)`

			`@app.route("/newcomment", methods=['POST'])`
			`def new_form_comment():`

			`try:`
			`data = request.form`
anti-spam 2018-01-28 18:12:53 +01:00
			`# add client IP if provided by HTTP proxy`
fix anti-spam 2018-01-28 18:20:42 +01:00			`clientip = ''`
anti-spam 2018-01-28 18:12:53 +01:00			`if 'X-Forwarded-For' in request.headers:`
fix anti-spam 2018-01-28 18:20:42 +01:00			`clientip = request.headers['X-Forwarded-For']`
anti-spam 2018-01-28 18:12:53 +01:00
			`# log`
Add HTML form entry point 2017-11-11 07:33:21 +01:00			`logger.info(data)`

			`# validate token: retrieve site entity`
			`token = data.get('token', '')`
			`site = Site.select().where(Site.token == token).get()`
			`if site is None:`
			`logger.warn('Unknown site %s' % token)`
			`abort(400)`

			`# honeypot for spammers`
			`captcha = data.get('captcha', '')`
			`if captcha:`
			`logger.warn('discard spam: data %s' % data)`
			`abort(400)`

fix anti-spam 2018-01-28 18:20:42 +01:00			`processor.enqueue({'request': 'new_comment', 'data': data, 'clientip': clientip})`
Add HTML form entry point 2017-11-11 07:33:21 +01:00
			`except:`
			`logger.exception("new comment failure")`
			`abort(400)`

Undo 2017-11-18 18:38:54 +01:00			`return redirect('/redirect/', code=302)`