baidakovru/app.py at main · baidakovil/baidakovru · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
import json
import logging
import os
import signal
import sys
from traceback import format_exc
from typing import Dict, List, Optional, Tuple, Union

import requests
from dotenv import load_dotenv
from flask import Flask, Response, current_app, g, jsonify, render_template, request
from flask_babel import Babel
from flask_babel import gettext as _
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address
from flask_mail import Mail, Message

from pyscripts import log_config
from pyscripts.config import EVENT_TYPES, config
from pyscripts.database.dbmanager import DatabaseManager
from pyscripts.date_formatters import format_full_date, format_time_ago

load_dotenv()

SECRET_KEY = os.getenv('SECRET_KEY')
FLASK_DEBUG = os.getenv('FLASK_DEBUG', 'false').lower() in ('true', '1', 't')
FLASK_PORT = int(os.getenv('FLASK_PORT', '5000'))
FLASK_HOST = os.getenv('FLASK_HOST', '127.0.0.1')

logger = log_config.setup_logging()
logger.info('Application startup')

app = Flask(__name__, static_folder='static', template_folder='templates')
app.config['SECRET_KEY'] = SECRET_KEY

# Add Turnstile config
app.config['TURNSTILE_SITE_KEY'] = os.getenv('TURNSTILE_SITE_KEY')
app.config['TURNSTILE_SECRET_KEY'] = os.getenv('TURNSTILE_SECRET_KEY')

# Mail configuration
app.config.update(
    MAIL_SERVER=os.getenv('MAIL_SERVER', 'smtp.gmail.com'),
    MAIL_PORT=int(os.getenv('MAIL_PORT', '587')),
    MAIL_USE_TLS=os.getenv('MAIL_USE_TLS', 'true').lower() in ('true', '1', 't'),
    MAIL_USERNAME=os.getenv('MAIL_USERNAME'),
    MAIL_PASSWORD=os.getenv('MAIL_PASSWORD'),
    MAIL_DEFAULT_SENDER=('Сайт baidakov.ru', os.getenv('MAIL_DEFAULT_SENDER')),
    MAIL_RECIPIENT=os.getenv('MAIL_RECIPIENT'),
)

mail = Mail(app)

# Initialize database manager
db_manager = DatabaseManager(config.db_path)

limiter = Limiter(
    app=app, key_func=get_remote_address, default_limits=["200 per day", "50 per hour"]
)

# Конфигурация Babel
app.config['LANGUAGES'] = {'en': 'English', 'ru': 'Русский'}
app.config['BABEL_DEFAULT_LOCALE'] = 'ru'


def get_locale():
    lang = request.args.get('lang')
    if lang in app.config['LANGUAGES']:
        return lang
    return request.accept_languages.best_match(app.config['LANGUAGES'].keys())


@app.context_processor
def utility_processor():
    return {'get_locale': get_locale}


babel = Babel(app, locale_selector=get_locale)


# Page routes
@app.route('/')
def index():
    return render_template('index.html')


@app.route('/bio')
def bio():
    return render_template('bio.html')


@app.route('/about')
def about():
    return render_template('about.html')


@app.route('/contact', methods=['GET', 'POST'])
def contact():
    message = None
    message_type = None

    if request.method == 'POST':
        # Verify Turnstile token
        token = request.form.get('cf-turnstile-response')
        if not token:
            return render_template(
                'contact.html',
                message=_('Пожалуйста, подтвердите, что вы человек'),
                message_type='error',
            )

        data = {'secret': current_app.config['TURNSTILE_SECRET_KEY'], 'response': token}

        resp = requests.post(
            'https://challenges.cloudflare.com/turnstile/v0/siteverify', data=data
        )
        result = resp.json()

        if not result['success']:
            return render_template(
                'contact.html',
                message=_('Проверка не пройдена. Попробуйте еще раз'),
                message_type='error',
            )

        try:
            email = request.form['email']
            subject = request.form['subject']
            message_text = request.form['message']

            # Проверяем конфигурацию
            required_settings = [
                'MAIL_SERVER',
                'MAIL_USERNAME',
                'MAIL_PASSWORD',
                'MAIL_RECIPIENT',
            ]
            missing_settings = [s for s in required_settings if not app.config.get(s)]

            if missing_settings:
                raise ValueError(
                    f"Missing required mail settings: {', '.join(missing_settings)}"
                )

            msg = Message(
                subject=f"Сообщение с сайта: {subject}",
                recipients=[app.config['MAIL_RECIPIENT']],
                body=f"От: {'<не указан>' if not email else email}\n\n{message_text}",
                reply_to=email if email else None,
            )

            mail.send(msg)
            message = "Сообщение успешно отправлено!"
            message_type = "success"

        except ValueError as ve:
            message = str(ve)
            message_type = "error"
        except Exception as e:
            logger.error(f"Failed to send email. Error: {str(e)}")
            message = "Произошла ошибка при отправке сообщения."
            message_type = "error"

    return render_template(
        'contact.html',
        message=message,
        message_type=message_type,
    )


# API routes
@app.route('/api/updates', methods=['GET'])
@limiter.limit("1 per second")
def get_updates() -> Tuple[Response, int]:
    try:
        if not db_manager.health_check():
            logger.error("Database health check failed")
            return jsonify({'error': 'Database unavailable'}), 503

        updates: List[Dict] = []
        with db_manager.get_connection() as conn:
            try:
                cursor = conn.cursor()
                cursor.execute(
                    """
                    WITH LatestDatetimes AS (
                        -- First get the latest NON-ERROR datetime for each platform
                        SELECT platform_id, MAX(formatted_datetime) as max_datetime
                        FROM updates
                        WHERE NOT is_error
                        GROUP BY platform_id
                    ),
                    LatestIds AS (
                        -- Then for each platform's latest datetime, get the latest ID
                        SELECT u.platform_id, MAX(u.id) as max_id
                        FROM updates u
                        INNER JOIN LatestDatetimes lt
                            ON u.platform_id = lt.platform_id
                            AND u.formatted_datetime = lt.max_datetime
                            AND NOT u.is_error
                        GROUP BY u.platform_id
                    )
                    -- Finally, get the full records using the latest IDs
                    SELECT u.platform_id, u.platform_name, u.formatted_datetime,
                           u.update_desc, u.update_event, u.platform_url
                    FROM updates u
                    INNER JOIN LatestIds li
                        ON u.platform_id = li.platform_id
                        AND u.id = li.max_id
                    WHERE NOT u.is_error
                    ORDER BY u.formatted_datetime DESC
                    """
                )
                updates = cursor.fetchall()
            except Exception as db_error:
                logger.error(f"Database query error: {db_error}")
                return jsonify({'error': 'Database query failed'}), 500

        data = [
            {
                'platform_id': platform_id,
                'platform_name': platform_name,
                'formatted_datetime': formatted_datetime,
                'update_desc': update_desc,
                'update_event': update_event,
                'platform_url': platform_url,
                'time_ago': format_time_ago(formatted_datetime),
                'full_date': format_full_date(formatted_datetime),
            }
            for platform_id, platform_name, formatted_datetime, update_desc, update_event, platform_url in updates
        ]

        return jsonify(data), 200
    except Exception as e:
        logger.error(f'Error fetching updates: {str(e)}\n{format_exc()}')
        return jsonify({'error': 'Internal Server Error'}), 500


@app.route('/api/event-types')
@limiter.limit("10 per minute")
def get_event_types():
    """Return all event types with translations based on current locale."""
    translations = {
        event_type: _(description) for event_type, description in EVENT_TYPES.items()
    }
    return jsonify(translations)


@app.route('/api/log-error', methods=['POST'])
@limiter.limit("5 per minute")
def log_error():
    error_data = request.json
    logger.error(
        f"Client-side error: {error_data['message']}\nStack: {error_data['stack']}"
    )
    return jsonify({"status": "error logged"}), 200


# Security headers
@app.after_request
def add_header(response):
    response.headers['X-Content-Type-Options'] = 'nosniff'
    response.headers['Content-Security-Policy'] = "frame-ancestors 'none'"
    response.headers['X-XSS-Protection'] = '1; mode=block'
    return response


# Shutdown handling
def sigterm_handler(signum, frame):
    logger.info("Received SIGTERM. Shutting down gracefully...")
    # Clean up database connections
    try:
        db_manager.close_all()
    except Exception as e:
        logger.error(f"Error during shutdown: {e}")
    sys.exit(0)


signal.signal(signal.SIGTERM, sigterm_handler)

if __name__ == '__main__':
    # Ensure database is properly initialized on startup
    if not db_manager.health_check():
        logger.error("Database initialization failed. Exiting.")
        sys.exit(1)

    app.run(debug=FLASK_DEBUG, host=FLASK_HOST, port=FLASK_PORT)