#!/usr/bin/python3
import sqlite3
from functools import wraps
from flask import Flask, render_template, request, redirect, send_file, Response, jsonify, abort, session
from werkzeug.utils import secure_filename
import variables as var
import util
import math
import os
import os.path
import errno
from typing import Type
import media
import json
from media.item import dicts_to_items, dict_to_item, BaseItem
from media.file import FileItem
from media.url import URLItem
from media.url_from_playlist import PlaylistURLItem
from media.radio import RadioItem
from media.cache import get_cached_wrapper_from_scrap, get_cached_wrapper_by_id, get_cached_wrappers_by_tags, \
get_cached_wrapper
from database import MusicDatabase, Condition
import logging
import time
class ReverseProxied(object):
"""Wrap the application in this middleware and configure the
front-end server to add these headers, to let you quietly bind
this to a URL other than / and to an HTTP scheme that is
different than what is used locally.
In nginx:
location /myprefix {
proxy_pass http://192.168.0.1:5001;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Script-Name /myprefix;
}
:param app: the WSGI application
"""
def __init__(self, app):
self.app = app
def __call__(self, environ, start_response):
script_name = environ.get('HTTP_X_SCRIPT_NAME', '')
if script_name:
environ['SCRIPT_NAME'] = script_name
path_info = environ['PATH_INFO']
if path_info.startswith(script_name):
environ['PATH_INFO'] = path_info[len(script_name):]
scheme = environ.get('HTTP_X_SCHEME', '')
if scheme:
environ['wsgi.url_scheme'] = scheme
real_ip = environ.get('HTTP_X_REAL_IP', '')
if real_ip:
environ['REMOTE_ADDR'] = real_ip
return self.app(environ, start_response)
root_dir = os.path.dirname(__file__)
web = Flask(__name__, template_folder=os.path.join(root_dir, "templates"))
#web.config['TEMPLATES_AUTO_RELOAD'] = True
log = logging.getLogger("bot")
user = 'Remote Control'
def init_proxy():
global web
if var.is_proxified:
web.wsgi_app = ReverseProxied(web.wsgi_app)
# https://stackoverflow.com/questions/29725217/password-protect-one-webpage-in-flask-app
def check_auth(username, password):
"""This function is called to check if a username /
password combination is valid.
"""
if username == var.config.get("webinterface", "user") and password == var.config.get("webinterface", "password"):
return True
web_users = json.loads(var.db.get("privilege", "web_access", fallback='[]'))
if username in web_users:
user_dict = json.loads(var.db.get("user", username, fallback='{}'))
if 'password' in user_dict and 'salt' in user_dict and \
util.verify_password(password, user_dict['password'], user_dict['salt']):
return True
return False
def authenticate():
"""Sends a 401 response that enables basic auth"""
global log
return Response('Could not verify your access level for that URL.\n'
'You have to login with proper credentials', 401,
{'WWW-Authenticate': 'Basic realm="Login Required"'})
bad_access_count = {}
banned_ip = []
def requires_auth(f):
@wraps(f)
def decorated(*args, **kwargs):
global log, user, bad_access_count, banned_ip
if request.remote_addr in banned_ip:
abort(403)
auth_method = var.config.get("webinterface", "auth_method")
if auth_method == 'password':
auth = request.authorization
if auth:
user = auth.username
if not check_auth(auth.username, auth.password):
if request.remote_addr in bad_access_count:
bad_access_count[request.remote_addr] += 1
log.info(f"web: failed login attempt, user: {auth.username}, from ip {request.remote_addr}."
f"{bad_access_count[request.remote_addr]} attempts.")
if bad_access_count[request.remote_addr] > var.config.getint("webinterface", "max_attempts",
fallback=10):
banned_ip.append(request.remote_addr)
log.info(f"web: access banned for {request.remote_addr}")
else:
bad_access_count[request.remote_addr] = 1
log.info(f"web: failed login attempt, user: {auth.username}, from ip {request.remote_addr}.")
return authenticate()
else:
return authenticate()
if auth_method == 'token':
if 'user' in session and 'token' not in request.args:
user = session['user']
return f(*args, **kwargs)
elif 'token' in request.args:
token = request.args.get('token')
token_user = var.db.get("web_token", token, fallback=None)
if token_user is not None:
user = token_user
user_info = var.db.get("user", user, fallback=None)
user_dict = json.loads(user_info)
user_dict['IP'] = request.remote_addr
var.db.set("user", user, json.dumps(user_dict))
log.debug(
f"web: new user access, token validated for the user: {token_user}, from ip {request.remote_addr}.")
session['token'] = token
session['user'] = token_user
return f(*args, **kwargs)
if request.remote_addr in bad_access_count:
bad_access_count[request.remote_addr] += 1
log.info(f"web: bad token from ip {request.remote_addr}, "
f"{bad_access_count[request.remote_addr]} attempts.")
if bad_access_count[request.remote_addr] > var.config.getint("webinterface", "max_attempts"):
banned_ip.append(request.remote_addr)
log.info(f"web: access banned for {request.remote_addr}")
else:
bad_access_count[request.remote_addr] = 1
log.info(f"web: bad token from ip {request.remote_addr}.")
return render_template(f'need_token.{var.language}.html',
name=var.config.get('bot', 'username'),
command=f"{var.config.get('commands', 'command_symbol')[0]}"
f"{var.config.get('commands', 'requests_webinterface_access')}")
return f(*args, **kwargs)
return decorated
def tag_color(tag):
num = hash(tag) % 8
if num == 0:
return "primary"
elif num == 1:
return "secondary"
elif num == 2:
return "success"
elif num == 3:
return "danger"
elif num == 4:
return "warning"
elif num == 5:
return "info"
elif num == 6:
return "light"
elif num == 7:
return "dark"
def build_tags_color_lookup():
color_lookup = {}
for tag in var.music_db.query_all_tags():
color_lookup[tag] = tag_color(tag)
return color_lookup
def get_all_dirs():
dirs = ["."]
paths = var.music_db.query_all_paths()
for path in paths:
pos = 0
while True:
pos = path.find("/", pos + 1)
if pos == -1:
break
folder = path[:pos]
if folder not in dirs:
dirs.append(folder)
return dirs
@web.route("/", methods=['GET'])
@requires_auth
def index():
return open(os.path.join(root_dir, f"templates/index.{var.language}.html"), "r").read()
@web.route("/playlist", methods=['GET'])
@requires_auth
def playlist():
if len(var.playlist) == 0:
return jsonify({
'items': [],
'current_index': -1,
'length': 0,
'start_from': 0
})
DEFAULT_DISPLAY_COUNT = 11
_from = 0
_to = 10
if 'range_from' in request.args and 'range_to' in request.args:
_from = int(request.args['range_from'])
_to = int(request.args['range_to'])
else:
if var.playlist.current_index - int(DEFAULT_DISPLAY_COUNT / 2) > 0:
_from = var.playlist.current_index - int(DEFAULT_DISPLAY_COUNT / 2)
_to = _from - 1 + DEFAULT_DISPLAY_COUNT
tags_color_lookup = build_tags_color_lookup() # TODO: cached this?
items = []
for index, item_wrapper in enumerate(var.playlist[_from: _to + 1]):
tag_tuples = []
for tag in item_wrapper.item().tags:
tag_tuples.append([tag, tags_color_lookup[tag]])
item: Type[BaseItem] = item_wrapper.item()
title = item.format_title()
artist = "??"
path = ""
duration = 0
if isinstance(item, FileItem):
path = item.path
if item.artist:
artist = item.artist
duration = item.duration
elif isinstance(item, URLItem):
path = f" {item.url}"
duration = item.duration
elif isinstance(item, PlaylistURLItem):
path = f" {item.url}"
artist = f" {item.playlist_title}"
duration = item.duration
elif isinstance(item, RadioItem):
path = f" {item.url}"
thumb = ""
if item.type != 'radio' and item.thumbnail:
thumb = f"data:image/PNG;base64,{item.thumbnail}"
else:
thumb = "static/image/unknown-album.png"
items.append({
'index': _from + index,
'id': item.id,
'type': item.display_type(),
'path': path,
'title': title,
'artist': artist,
'thumbnail': thumb,
'tags': tag_tuples,
'duration': duration
})
return jsonify({
'items': items,
'current_index': var.playlist.current_index,
'length': len(var.playlist),
'start_from': _from
})
def status():
if len(var.playlist) > 0:
return jsonify({'ver': var.playlist.version,
'current_index': var.playlist.current_index,
'empty': False,
'play': not var.bot.is_pause,
'mode': var.playlist.mode,
'volume': var.bot.volume_helper.plain_volume_set,
'playhead': var.bot.playhead
})
else:
return jsonify({'ver': var.playlist.version,
'current_index': var.playlist.current_index,
'empty': True,
'play': not var.bot.is_pause,
'mode': var.playlist.mode,
'volume': var.bot.volume_helper.plain_volume_set,
'playhead': 0
})
@web.route("/post", methods=['POST'])
@requires_auth
def post():
global log
payload = request.get_json() if request.is_json else request.form
if payload:
log.debug("web: Post request from %s: %s" % (request.remote_addr, str(payload)))
if 'add_item_at_once' in payload:
music_wrapper = get_cached_wrapper_by_id(payload['add_item_at_once'], user)
if music_wrapper:
var.playlist.insert(var.playlist.current_index + 1, music_wrapper)
log.info('web: add to playlist(next): ' + music_wrapper.format_debug_string())
if not var.bot.is_pause:
var.bot.interrupt()
else:
var.bot.is_pause = False
else:
abort(404)
if 'add_item_bottom' in payload:
music_wrapper = get_cached_wrapper_by_id(payload['add_item_bottom'], user)
if music_wrapper:
var.playlist.append(music_wrapper)
log.info('web: add to playlist(bottom): ' + music_wrapper.format_debug_string())
else:
abort(404)
elif 'add_item_next' in payload:
music_wrapper = get_cached_wrapper_by_id(payload['add_item_next'], user)
if music_wrapper:
var.playlist.insert(var.playlist.current_index + 1, music_wrapper)
log.info('web: add to playlist(next): ' + music_wrapper.format_debug_string())
else:
abort(404)
elif 'add_url' in payload:
music_wrapper = get_cached_wrapper_from_scrap(type='url', url=payload['add_url'], user=user)
var.playlist.append(music_wrapper)
log.info("web: add to playlist: " + music_wrapper.format_debug_string())
if len(var.playlist) == 2:
# If I am the second item on the playlist. (I am the next one!)
var.bot.async_download_next()
elif 'add_radio' in payload:
url = payload['add_radio']
music_wrapper = get_cached_wrapper_from_scrap(type='radio', url=url, user=user)
var.playlist.append(music_wrapper)
log.info("cmd: add to playlist: " + music_wrapper.format_debug_string())
elif 'delete_music' in payload:
music_wrapper = var.playlist[int(payload['delete_music'])]
log.info("web: delete from playlist: " + music_wrapper.format_debug_string())
if len(var.playlist) >= int(payload['delete_music']):
index = int(payload['delete_music'])
if index == var.playlist.current_index:
var.playlist.remove(index)
if index < len(var.playlist):
if not var.bot.is_pause:
var.bot.interrupt()
var.playlist.current_index -= 1
# then the bot will move to next item
else: # if item deleted is the last item of the queue
var.playlist.current_index -= 1
if not var.bot.is_pause:
var.bot.interrupt()
else:
var.playlist.remove(index)
elif 'play_music' in payload:
music_wrapper = var.playlist[int(payload['play_music'])]
log.info("web: jump to: " + music_wrapper.format_debug_string())
if len(var.playlist) >= int(payload['play_music']):
var.bot.play(int(payload['play_music']))
time.sleep(0.1)
elif 'move_playhead' in payload:
if float(payload['move_playhead']) < var.playlist.current_item().item().duration:
log.info(f"web: move playhead to {float(payload['move_playhead'])} s.")
var.bot.play(var.playlist.current_index, float(payload['move_playhead']))
elif 'delete_item_from_library' in payload:
_id = payload['delete_item_from_library']
var.playlist.remove_by_id(_id)
item = var.cache.get_item_by_id(_id)
if os.path.isfile(item.uri()):
log.info("web: delete file " + item.uri())
os.remove(item.uri())
var.cache.free_and_delete(_id)
time.sleep(0.1)
elif 'add_tag' in payload:
music_wrappers = get_cached_wrappers_by_tags([payload['add_tag']], user)
for music_wrapper in music_wrappers:
log.info("cmd: add to playlist: " + music_wrapper.format_debug_string())
var.playlist.extend(music_wrappers)
elif 'action' in payload:
action = payload['action']
if action == "random":
if var.playlist.mode != "random":
var.playlist = media.playlist.get_playlist("random", var.playlist)
else:
var.playlist.randomize()
var.bot.interrupt()
var.db.set('playlist', 'playback_mode', "random")
log.info("web: playback mode changed to random.")
if action == "one-shot":
var.playlist = media.playlist.get_playlist("one-shot", var.playlist)
var.db.set('playlist', 'playback_mode', "one-shot")
log.info("web: playback mode changed to one-shot.")
if action == "repeat":
var.playlist = media.playlist.get_playlist("repeat", var.playlist)
var.db.set('playlist', 'playback_mode', "repeat")
log.info("web: playback mode changed to repeat.")
if action == "autoplay":
var.playlist = media.playlist.get_playlist("autoplay", var.playlist)
var.db.set('playlist', 'playback_mode', "autoplay")
log.info("web: playback mode changed to autoplay.")
if action == "rescan":
var.cache.build_dir_cache()
var.music_db.manage_special_tags()
log.info("web: Local file cache refreshed.")
elif action == "stop":
if var.config.getboolean("bot", "clear_when_stop_in_oneshot") \
and var.playlist.mode == 'one-shot':
var.bot.clear()
else:
var.bot.stop()
elif action == "next":
if not var.bot.is_pause:
var.bot.interrupt()
else:
var.playlist.next()
var.bot.wait_for_ready = True
elif action == "pause":
var.bot.pause()
elif action == "resume":
var.bot.resume()
elif action == "clear":
var.bot.clear()
elif action == "volume_up":
if var.bot.volume_helper.plain_volume_set + 0.03 < 1.0:
var.bot.volume_helper.set_volume(var.bot.volume_helper.plain_volume_set + 0.03)
else:
var.bot.volume_helper.set_volume(1.0)
var.db.set('bot', 'volume', str(var.bot.volume_helper.plain_volume_set))
log.info("web: volume up to %d" % (var.bot.volume_helper.plain_volume_set * 100))
elif action == "volume_down":
if var.bot.volume_helper.plain_volume_set - 0.03 > 0:
var.bot.volume_helper.set_volume(var.bot.unconverted_volume - 0.03)
else:
var.bot.volume_helper.set_volume(1.0)
var.db.set('bot', 'volume', str(var.bot.volume_helper.plain_volume_set))
log.info("web: volume down to %d" % (var.bot.volume_helper.plain_volume_set * 100))
elif action == "volume_set_value":
if 'new_volume' in payload:
if float(payload['new_volume']) > 1:
var.bot.volume_helper.set_volume(1.0)
elif float(payload['new_volume']) < 0:
var.bot.volume_helper.set_volume(0)
else:
# value for new volume is between 0 and 1, round to two decimal digits
var.bot.volume_helper.set_volume(round(float(payload['new_volume']), 2))
var.db.set('bot', 'volume', str(var.bot.volume_helper.plain_volume_set))
log.info("web: volume set to %d" % (var.bot.volume_helper.plain_volume_set * 100))
return status()
def build_library_query_condition(form):
try:
condition = Condition()
types = form['type'].split(",")
sub_cond = Condition()
for type in types:
sub_cond.or_equal("type", type)
condition.and_sub_condition(sub_cond)
if form['type'] == 'file':
folder = form['dir']
if folder == ".":
folder = ""
if not folder.endswith('/') and folder:
folder += '/'
condition.and_like('path', folder + '%')
tags = form['tags'].split(",")
for tag in tags:
if tag:
condition.and_like("tags", f"%{tag},%", case_sensitive=False)
_keywords = form['keywords'].split(" ")
keywords = []
for kw in _keywords:
if kw:
keywords.append(kw)
for keyword in keywords:
condition.and_like("keywords", f"%{keyword}%", case_sensitive=False)
condition.order_by('create_at', desc=True)
return condition
except KeyError:
abort(400)
@web.route("/library/info", methods=['GET'])
@requires_auth
def library_info():
global log
while var.cache.dir_lock.locked():
time.sleep(0.1)
tags = var.music_db.query_all_tags()
max_upload_file_size = util.parse_file_size(var.config.get("webinterface", "max_upload_file_size"))
return jsonify(dict(
dirs=get_all_dirs(),
upload_enabled=var.config.getboolean("webinterface", "upload_enabled") or var.bot.is_admin(user),
delete_allowed=var.config.getboolean("bot", "delete_allowed") or var.bot.is_admin(user),
tags=tags,
max_upload_file_size=max_upload_file_size
))
@web.route("/library", methods=['POST'])
@requires_auth
def library():
global log
ITEM_PER_PAGE = 10
payload = request.form if request.form else request.json
if payload:
log.debug("web: Post request from %s: %s" % (request.remote_addr, str(payload)))
if payload['action'] in ['add', 'query', 'delete']:
condition = build_library_query_condition(payload)
total_count = 0
try:
total_count = var.music_db.query_music_count(condition)
except sqlite3.OperationalError:
pass
if not total_count:
return jsonify({
'items': [],
'total_pages': 0,
'active_page': 0
})
if payload['action'] == 'add':
items = dicts_to_items(var.music_db.query_music(condition))
music_wrappers = []
for item in items:
music_wrapper = get_cached_wrapper(item, user)
music_wrappers.append(music_wrapper)
log.info("cmd: add to playlist: " + music_wrapper.format_debug_string())
var.playlist.extend(music_wrappers)
return redirect("./", code=302)
elif payload['action'] == 'delete':
if var.config.getboolean("bot", "delete_allowed"):
items = dicts_to_items(var.music_db.query_music(condition))
for item in items:
var.playlist.remove_by_id(item.id)
item = var.cache.get_item_by_id(item.id)
if os.path.isfile(item.uri()):
log.info("web: delete file " + item.uri())
os.remove(item.uri())
var.cache.free_and_delete(item.id)
if len(os.listdir(var.music_folder + payload['dir'])) == 0:
os.rmdir(var.music_folder + payload['dir'])
time.sleep(0.1)
return redirect("./", code=302)
else:
abort(403)
else:
page_count = math.ceil(total_count / ITEM_PER_PAGE)
current_page = int(payload['page']) if 'page' in payload else 1
if current_page <= page_count:
condition.offset((current_page - 1) * ITEM_PER_PAGE)
else:
current_page = 1
condition.limit(ITEM_PER_PAGE)
items = dicts_to_items(var.music_db.query_music(condition))
results = []
for item in items:
result = {'id': item.id, 'title': item.title, 'type': item.display_type(),
'tags': [(tag, tag_color(tag)) for tag in item.tags]}
if item.type != 'radio' and item.thumbnail:
result['thumb'] = f"data:image/PNG;base64,{item.thumbnail}"
else:
result['thumb'] = "static/image/unknown-album.png"
if item.type == 'file':
result['path'] = item.path
result['artist'] = item.artist
else:
result['path'] = item.url
result['artist'] = "??"
results.append(result)
return jsonify({
'items': results,
'total_pages': page_count,
'active_page': current_page
})
elif payload['action'] == 'edit_tags':
tags = list(dict.fromkeys(payload['tags'].split(","))) # remove duplicated items
if payload['id'] in var.cache:
music_wrapper = get_cached_wrapper_by_id(payload['id'], user)
music_wrapper.clear_tags()
music_wrapper.add_tags(tags)
var.playlist.version += 1
else:
item = var.music_db.query_music_by_id(payload['id'])
item['tags'] = tags
var.music_db.insert_music(item)
return redirect("./", code=302)
else:
abort(400)
@web.route('/upload', methods=["POST"])
@requires_auth
def upload():
global log
if not var.config.getboolean("webinterface", "upload_enabled"):
abort(403)
file = request.files['file']
if not file:
abort(400)
filename = file.filename
if filename == '':
abort(400)
targetdir = request.form['targetdir'].strip()
if targetdir == '':
targetdir = 'uploads/'
elif '../' in targetdir:
abort(403)
log.info('web: Uploading file from %s:' % request.remote_addr)
log.info('web: - filename: ' + filename)
log.info('web: - targetdir: ' + targetdir)
log.info('web: - mimetype: ' + file.mimetype)
if "audio" in file.mimetype or "video" in file.mimetype:
storagepath = os.path.abspath(os.path.join(var.music_folder, targetdir))
if not storagepath.startswith(os.path.abspath(var.music_folder)):
abort(403)
try:
os.makedirs(storagepath)
except OSError as ee:
if ee.errno != errno.EEXIST:
log.error(f'web: failed to create directory {storagepath}')
abort(500)
filepath = os.path.join(storagepath, filename)
log.info('web: - file saved at: ' + filepath)
if os.path.exists(filepath):
return 'File existed!', 409
file.save(filepath)
else:
log.error(f'web: unsupported file type {file.mimetype}! File was not saved.')
return 'Unsupported media type!', 415
return '', 200
@web.route('/download', methods=["GET"])
@requires_auth
def download():
global log
if 'id' in request.args and request.args['id']:
item = dicts_to_items(var.music_db.query_music(
Condition().and_equal('id', request.args['id'])))[0]
requested_file = item.uri()
log.info('web: Download of file %s requested from %s:' % (requested_file, request.remote_addr))
try:
return send_file(requested_file, as_attachment=True)
except Exception as e:
log.exception(e)
abort(404)
else:
condition = build_library_query_condition(request.args)
items = dicts_to_items(var.music_db.query_music(condition))
zipfile = util.zipdir([item.uri() for item in items])
try:
return send_file(zipfile, as_attachment=True)
except Exception as e:
log.exception(e)
abort(404)
return abort(400)
if __name__ == '__main__':
web.run(port=8181, host="127.0.0.1")