Update app.py
This commit is contained in:
@@ -342,7 +342,6 @@ def init_app():
|
||||
|
||||
init_app()
|
||||
|
||||
|
||||
# ============================================================
|
||||
# ROUTES
|
||||
# ============================================================
|
||||
@@ -359,6 +358,11 @@ def health():
|
||||
def metrics():
|
||||
return dict(METRICS)
|
||||
|
||||
|
||||
# ============================================================
|
||||
# CREATE ROOM
|
||||
# ============================================================
|
||||
|
||||
@app.route('/_matrix/client/v3/createRoom', methods=['POST'])
|
||||
def create_room():
|
||||
payload = request.get_json(silent=True) or {}
|
||||
@@ -407,6 +411,11 @@ def create_room():
|
||||
payload
|
||||
)
|
||||
|
||||
|
||||
# ============================================================
|
||||
# INVITE
|
||||
# ============================================================
|
||||
|
||||
@app.route('/_matrix/federation/v2/invite/<room_id>/<event_id>', methods=['PUT'])
|
||||
def invite(room_id, event_id):
|
||||
payload = request.get_json(force=True)
|
||||
@@ -419,13 +428,16 @@ def invite(room_id, event_id):
|
||||
|
||||
domain = extract_domain(sender)
|
||||
|
||||
# 🔒 Rate Limit
|
||||
if is_rate_limited(domain, sender):
|
||||
return Response(status=429)
|
||||
|
||||
# 🟢 Whitelist
|
||||
if domain in config.domain_whitelist:
|
||||
remember_user(sender)
|
||||
with METRICS_LOCK:
|
||||
METRICS["invite_allowed"] += 1
|
||||
|
||||
return forward_request(
|
||||
"PUT",
|
||||
f"{config.tuwunel_url}/_matrix/federation/v2/invite/{room_id}/{event_id}",
|
||||
@@ -435,10 +447,12 @@ def invite(room_id, event_id):
|
||||
|
||||
is_dm = is_likely_dm_event(event)
|
||||
|
||||
# 🔒 DM Protection
|
||||
if config.block_external_dms and is_dm and is_external(sender):
|
||||
|
||||
if not is_known_user(sender):
|
||||
|
||||
# 🔥 Retry fallback (eventual consistency fix)
|
||||
if fallback_check_with_retry(sender):
|
||||
remember_user(sender)
|
||||
|
||||
@@ -464,18 +478,20 @@ def invite(room_id, event_id):
|
||||
)
|
||||
return Response(status=403)
|
||||
|
||||
remember_user(sender)
|
||||
# 🟢 DEFAULT (alles andere erlauben)
|
||||
remember_user(sender)
|
||||
|
||||
with METRICS_LOCK:
|
||||
METRICS["invite_allowed"] += 1
|
||||
with METRICS_LOCK:
|
||||
METRICS["invite_allowed"] += 1
|
||||
|
||||
return forward_request(
|
||||
"PUT",
|
||||
f"{config.tuwunel_url}/_matrix/federation/v2/invite/{room_id}/{event_id}",
|
||||
request.headers,
|
||||
payload
|
||||
)
|
||||
|
||||
return forward_request(
|
||||
"PUT",
|
||||
f"{config.tuwunel_url}/_matrix/federation/v2/invite/{room_id}/{event_id}",
|
||||
request.headers,
|
||||
payload
|
||||
)
|
||||
|
||||
|
||||
# ============================================================
|
||||
# FORWARD
|
||||
# ============================================================
|
||||
|
||||
Reference in New Issue
Block a user