simple-nanoshare/my_modules/middleware.py

from routes.handeling.errorsAndBots import maybe_a_hacker

from my_modules.app.constens import THE_IP_BOT_MANAGER
from my_modules.app.logger import logger
from my_modules.functions import get_ip
from my_modules.app.setup import app

from quart import request, render_template, current_app, session
from datetime import datetime

@app.before_request
async def custom_middleware():
  if session.get('user'):  # only if session already has data, update redis expire time
    session.permanent = True

  client_ip = get_ip()
  path = request.path
  method = request.method

  db_whitelisted_or_blocked = await current_app.convex.is_ip_address_whitelisted_or_blocked(ip_address=client_ip)

  # Skip allowed IPs or non-critical assets
  if (
    db_whitelisted_or_blocked['whiteliste']
    or THE_IP_BOT_MANAGER.is_client_ip_always_allowed(client_ip)
    or "static" in path
    or "favicon" in path
    or "storage" in path
  ):
    return

  # 2. If IP is already blocked
  if db_whitelisted_or_blocked['blocked']:
    await logger.error(f"[BLOCKED] {method} | {client_ip} tried {method} {path}")
    await current_app.convex.increment_blocked_ip_address_access(ip_address=client_ip, method=method, path=path)
    return await render_template("views/basics/blocked_access.htm", remote_addr=client_ip), 403

  # 3. If path contains honeypot targets
  if await current_app.convex.is_path_blocked(path=path):
    await logger.warning(f"[HONEYPOT] {method} | {client_ip} accessed {path}")
    await current_app.convex.increment_blocked_path_access(path=path)
    return await maybe_a_hacker()

  await logger.info(f"{method} | {client_ip} had accessed the Side {path}")

@app.context_processor
async def inject_context_data():
  user = session.get("user")
  current_year = datetime.now().year

  await logger.debug(f"Inject Context Data | User: {user}, Year: {current_year}")
  return {
    "user": user,
    "year": current_year,
  }