From d66a18f1250bdbec0d46da801db6e46d4628f920 Mon Sep 17 00:00:00 2001 From: andrew rowe Date: Sun, 7 Jul 2019 11:06:04 +1000 Subject: [PATCH] 1.0.9 - Add localhost as default ip whitelist. Add common search engine links as whitelist url patterns. --- example_app/requirements.txt | 2 +- flask_ipban/ip_ban.py | 21 +++++++++++++++++---- flask_ipban/test.py | 8 +++++--- pypar.commands.sh | 6 +++--- requirements.txt | 2 +- setup.py | 2 +- 6 files changed, 28 insertions(+), 13 deletions(-) diff --git a/example_app/requirements.txt b/example_app/requirements.txt index 8e32f9f..985ff07 100644 --- a/example_app/requirements.txt +++ b/example_app/requirements.txt @@ -1,2 +1,2 @@ flask>=1.0.2 -flask-ipban>=1.0.8 +flask-ipban>=1.0.9 diff --git a/flask_ipban/ip_ban.py b/flask_ipban/ip_ban.py index 5677437..d54c3d1 100644 --- a/flask_ipban/ip_ban.py +++ b/flask_ipban/ip_ban.py @@ -37,7 +37,7 @@ class IpBan: """ - def __init__(self, app=None, ban_count=20, ban_seconds=3600*24, persist=False, record_dir=None, ipc=False, + def __init__(self, app=None, ban_count=20, ban_seconds=3600 * 24, persist=False, record_dir=None, ipc=False, secret_key=None, ip_header=None, abuse_IPDB_config=None): """ start @@ -54,9 +54,16 @@ def __init__(self, app=None, ban_count=20, ban_seconds=3600*24, persist=False, r self.ban_count = int(os.environ.get('IP_BAN_LIST_COUNT', ban_count)) # type: int self.ban_seconds = int(os.environ.get('IP_BAN_LIST_SECONDS', ban_seconds)) # type: int - self._ip_whitelist = {} + self._ip_whitelist = {'127.0.0.1': True} + # self._ip_whitelist = {} self._ip_ban_list = {} - self._url_whitelist_patterns = {} + # initialise with well known search bot links + self._url_whitelist_patterns = { + '^/.well-known/': dict(pattern=re.compile('^/.well-known'), match_type='regex'), + '/favicon.ico': dict(pattern=re.compile(''), match_type='string'), + '/robots.txt': dict(pattern=re.compile(''), match_type='string'), + '/ads.txt': dict(pattern=re.compile(''), match_type='string'), + } self._url_blocklist_patterns = {} self.app = None self._logger = None @@ -143,6 +150,11 @@ def block(self, ip_list, permanent=False, no_write=False, timestamp=None): return len(self._ip_ban_list) def get_ip(self): + """ + return the ip for the current request from flask or from + the request header if behind a proxy + :return: + """ ip = None if self.ip_header: ip = request.headers.get(self.ip_header) @@ -310,7 +322,7 @@ def add(self, ip=None, url=None, reason='404', no_write=False, timestamp=None): """ increment ban count ip of the current request in the banned list :return: - :param ip: optional ip to add + :param ip: optional ip to add (ip ban will by default use current ip) :param url: optional url to display/store :param reason: optional reason for ban, default is 404 :param no_write: do not write out to record file @@ -496,6 +508,7 @@ def route_hello(): test_ip_ban.init_app(app) test_ip_ban.url_pattern_add('/unblock', match_type='string') test_ip_ban.url_pattern_add('/display', match_type='string') + test_ip_ban.ip_whitelist_remove('127.0.0.1') test_ip_ban.load_nuisances() app.logger.setLevel(logging.INFO) diff --git a/flask_ipban/test.py b/flask_ipban/test.py index 6078c28..db7aff1 100644 --- a/flask_ipban/test.py +++ b/flask_ipban/test.py @@ -36,6 +36,7 @@ def setUp(self): self.app = flask.Flask(__name__) self.ban_seconds = 2 self.ip_ban = IpBan(self.app, ban_seconds=self.ban_seconds, ban_count=5, secret_key='yo-yo-yo', ipc=False) + self.ip_ban.ip_whitelist_remove(localhost) self.client = self.app.test_client() self.app.route('/')(hello_world) @@ -58,8 +59,8 @@ def testAddRemoveUrlWhitelist(self): test_url = '/no_exist' self.assertTrue(re.match(test_pattern, test_url + '/123')) self.assertFalse(re.match(test_pattern, test_url)) - - self.assertEqual(self.ip_ban.url_pattern_add(test_pattern), 1) + existing_count = len(self.ip_ban._url_whitelist_patterns) + self.assertEqual(self.ip_ban.url_pattern_add(test_pattern), existing_count + 1) for x in range(self.ip_ban.ban_count * 2): self.client.get('{}/{}'.format(test_url, x)) response = self.client.get('/') @@ -76,7 +77,8 @@ def testAddRemoveUrlWhitelist(self): def testUrlWhitelistString(self): test_url = '/no_exist' - self.assertEqual(self.ip_ban.url_pattern_add(test_url, 'string'), 1) + existing_count = len(self.ip_ban._url_whitelist_patterns) + self.assertEqual(self.ip_ban.url_pattern_add(test_url, 'string'), existing_count + 1) for x in range(self.ip_ban.ban_count * 2): response = self.client.get('{}?{}'.format(test_url, x)) self.assertEqual(response.status_code, 404) diff --git a/pypar.commands.sh b/pypar.commands.sh index e41f954..f125474 100644 --- a/pypar.commands.sh +++ b/pypar.commands.sh @@ -18,12 +18,12 @@ pip install twine # on each release -python3 setup.py sdist bdist_wheel +python setup.py sdist bdist_wheel # -twine check dist/flask_ipban-1.0.8* +twine check dist/flask_ipban-1.0.9* # test # pip install -e . # twine upload --repository-url https://test.pypi.org/legacy/ dist/* -u martlark # prod pypi # add release in git hub to match the version -twine upload dist/flask_ipban-1.0.8* -u martlark +twine upload dist/flask_ipban-1.0.9* -u martlark diff --git a/requirements.txt b/requirements.txt index 1ed9ebe..d28a315 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -flask>=1.0.8 +flask>=1.0.2 pytest tox twine diff --git a/setup.py b/setup.py index 588e8c1..bdb40df 100644 --- a/setup.py +++ b/setup.py @@ -15,7 +15,7 @@ from codecs import open from setuptools import setup -VERSION = '1.0.8' +VERSION = '1.0.9' LONG_DESCRIPTION = open('README.rst', 'r', encoding='utf-8').read() setup(