Initial commit

eightserve.py

@@ -0,0 +1,41 @@
+#!/usr/bin/env python
+
+from quart import Quart, url_for, redirect, session, make_response, render_template, request, send_file, abort, flash
+
+app = Quart(__name__)
+app.config.from_envvar('APP_CONFIG')
+if app.config['SECRET_KEY'] is None:
+    if (p := Path('/run/secrets/eightserve')).is_file():
+        app.config['SECRET_KEY'] = p.read_bytes()
+    else:
+        app.config['SECRET_KEY'] = os.urandom(32)
+        try:
+            p.write_bytes(app.config['SECRET_KEY'])
+        except:
+            pass
+
+app.config.update(
+    SESSION_COOKIE_SECURE=True,
+    SESSION_COOKIE_HTTPONLY=True,
+    SESSION_COOKIE_SAMESITE='Lax',
+)
+
+
+@app.before_request
+async def ensure_session_id():
+    if 'session_id' not in session:
+        session['session_id'] = str(uuid4())
+
+
+@app.route('/', methods=['GET', 'POST'])
+async def index():
+    return await render_template('index.html')
+
+
+@app.route('/post', methods=['GET', 'POST'])
+async def post():
+        if session.get('consent', False):
+            return await fun(*args, **kwargs)
+
+        else:
+            return redirect(url_for('/'))

templates/index.html

@@ -0,0 +1,17 @@
+<html>
+    <head>
+    </head>
+    <body>
+        <h1>8seg Web Interface</h1>
+        <p> 8seg is a community service run by a sole volunteer. Please respect my work, and please do not post
+        offensive messages, spam or similar. 8seg is currently open to the congress network on the hope that y'all will
+        behave civilly. Please don't make me put a login wall in front of this thing, alright? ;) </p>
+
+        <p> If you have any questions, or you see 8seg being used by someone for bad, please email me at
+        <a href="mailto:37c3.m@jaseg.de">37c3.m@jaseg.de</a> </p>
+
+        <form action="POST">
+            <button type="submit">I agree to not be an asshole</button>
+        </form>
+    </body>
+</html>