nova-api/api/security.py

"""Security checks for the API. Checks if the IP is masked etc."""

import os
import asyncio

from rich import print
from tests import check_proxy
from dotenv import load_dotenv

load_dotenv()
is_proxy_enabled = bool(os.getenv('PROXY_HOST', None))

class InsecureIPError(Exception):
    """Raised when the IP address of the server is not secure."""

async def ip_protection_check():
    """Makes sure that the actual server IP address is not exposed to the public."""

    if not is_proxy_enabled:
        print('[yellow]WARN:     The proxy is not enabled. \
Skipping IP protection check.[/yellow]')
        return True

    actual_ips = os.getenv('ACTUAL_IPS', '').split()

    if actual_ips:
        # run the async function check_proxy() and get its result
        response_ip = await check_proxy()

        for actual_ip in actual_ips:
            if actual_ip in response_ip:
                raise InsecureIPError(f'IP pattern "{actual_ip}" is in the values of ACTUAL_IPS of the\
.env file. Enable a VPN or proxy to continue.')

        if is_proxy_enabled:
            print(f'[green]GOOD:     The IP "{response_ip}" was detected, which seems to be a proxy. Great![/green]')
            return True

    else:
        print('[yellow]WARN:     ACTUAL_IPS is not set in the .env file or empty.\
This means that the real IP of the server could be exposed. If you\'re using something\
like Cloudflare or Repl.it, you can ignore this warning.[/yellow]')

if __name__ == '__main__':
    ip_protection_check()
This should be visible on Discord 2023-07-18 14:38:32 +02:00			`"""Security checks for the API. Checks if the IP is masked etc."""`

git finally works 2023-06-23 02:18:28 +02:00			`import os`
Works for BetterGPT 2023-07-19 23:51:28 +02:00			`import asyncio`
git finally works 2023-06-23 02:18:28 +02:00
			`from rich import print`
Works for BetterGPT 2023-07-19 23:51:28 +02:00			`from tests import check_proxy`
Fixed trademarks 2023-06-28 15:21:14 +02:00			`from dotenv import load_dotenv`

			`load_dotenv()`
Works for BetterGPT 2023-07-19 23:51:28 +02:00			`is_proxy_enabled = bool(os.getenv('PROXY_HOST', None))`
git finally works 2023-06-23 02:18:28 +02:00
			`class InsecureIPError(Exception):`
			`"""Raised when the IP address of the server is not secure."""`

Works for BetterGPT 2023-07-19 23:51:28 +02:00			`async def ip_protection_check():`
git finally works 2023-06-23 02:18:28 +02:00			`"""Makes sure that the actual server IP address is not exposed to the public."""`

Works for BetterGPT 2023-07-19 23:51:28 +02:00			`if not is_proxy_enabled:`
			`print('[yellow]WARN: The proxy is not enabled. \`
			`Skipping IP protection check.[/yellow]')`
			`return True`

git finally works 2023-06-23 02:18:28 +02:00			`actual_ips = os.getenv('ACTUAL_IPS', '').split()`

			`if actual_ips:`
Works for BetterGPT 2023-07-19 23:51:28 +02:00			`# run the async function check_proxy() and get its result`
			`response_ip = await check_proxy()`
git finally works 2023-06-23 02:18:28 +02:00
			`for actual_ip in actual_ips:`
Works for BetterGPT 2023-07-19 23:51:28 +02:00			`if actual_ip in response_ip:`
Fixed trademarks 2023-06-28 15:21:14 +02:00			`raise InsecureIPError(f'IP pattern "{actual_ip}" is in the values of ACTUAL_IPS of the\`
git finally works 2023-06-23 02:18:28 +02:00			`.env file. Enable a VPN or proxy to continue.')`

			`if is_proxy_enabled:`
Works for BetterGPT 2023-07-19 23:51:28 +02:00			`print(f'[green]GOOD: The IP "{response_ip}" was detected, which seems to be a proxy. Great![/green]')`
			`return True`
git finally works 2023-06-23 02:18:28 +02:00
			`else:`
Works for BetterGPT 2023-07-19 23:51:28 +02:00			`print('[yellow]WARN: ACTUAL_IPS is not set in the .env file or empty.\`
git finally works 2023-06-23 02:18:28 +02:00			`This means that the real IP of the server could be exposed. If you\'re using something\`
			`like Cloudflare or Repl.it, you can ignore this warning.[/yellow]')`
Fixed trademarks 2023-06-28 15:21:14 +02:00
			`if __name__ == '__main__':`
			`ip_protection_check()`