This commit is contained in:
@@ -596,6 +596,15 @@ async def get_oauth_state(state: str) -> dict | None:
|
|||||||
async def oauth_login_http(request: Request) -> JSONResponse | RedirectResponse:
|
async def oauth_login_http(request: Request) -> JSONResponse | RedirectResponse:
|
||||||
"""HTTP handler для OAuth login"""
|
"""HTTP handler для OAuth login"""
|
||||||
try:
|
try:
|
||||||
|
# 🚫 Блокируем запросы от ботов (GPTBot, crawlers)
|
||||||
|
user_agent = request.headers.get("user-agent", "").lower()
|
||||||
|
if (
|
||||||
|
any(bot in user_agent for bot in ["gptbot", "crawler", "spider", "bot"])
|
||||||
|
or "x-openai-host-hash" in request.headers
|
||||||
|
):
|
||||||
|
logger.warning(f"🤖 Blocked OAuth request from bot: {user_agent}")
|
||||||
|
return JSONResponse({"error": "OAuth not available for bots"}, status_code=403)
|
||||||
|
|
||||||
provider = request.path_params.get("provider")
|
provider = request.path_params.get("provider")
|
||||||
logger.info(
|
logger.info(
|
||||||
f"🔍 OAuth login request: provider='{provider}', url='{request.url}', path_params={request.path_params}, query_params={dict(request.query_params)}"
|
f"🔍 OAuth login request: provider='{provider}', url='{request.url}', path_params={request.path_params}, query_params={dict(request.query_params)}"
|
||||||
@@ -671,6 +680,15 @@ async def oauth_login_http(request: Request) -> JSONResponse | RedirectResponse:
|
|||||||
async def oauth_callback_http(request: Request) -> JSONResponse | RedirectResponse:
|
async def oauth_callback_http(request: Request) -> JSONResponse | RedirectResponse:
|
||||||
"""HTTP handler для OAuth callback"""
|
"""HTTP handler для OAuth callback"""
|
||||||
try:
|
try:
|
||||||
|
# 🚫 Блокируем запросы от ботов (GPTBot, crawlers)
|
||||||
|
user_agent = request.headers.get("user-agent", "").lower()
|
||||||
|
if (
|
||||||
|
any(bot in user_agent for bot in ["gptbot", "crawler", "spider", "bot"])
|
||||||
|
or "x-openai-host-hash" in request.headers
|
||||||
|
):
|
||||||
|
logger.warning(f"🤖 Blocked OAuth request from bot: {user_agent}")
|
||||||
|
return JSONResponse({"error": "OAuth not available for bots"}, status_code=403)
|
||||||
|
|
||||||
# 🔍 Диагностика входящего callback запроса
|
# 🔍 Диагностика входящего callback запроса
|
||||||
logger.info("🔄 OAuth callback received:")
|
logger.info("🔄 OAuth callback received:")
|
||||||
logger.info(f" - URL: {request.url}")
|
logger.info(f" - URL: {request.url}")
|
||||||
|
|||||||
@@ -52,6 +52,24 @@ def console_filter(record: logging.LogRecord) -> bool:
|
|||||||
):
|
):
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
# 🚫 Блокируем OAuth ошибки от ботов (GPTBot, crawlers)
|
||||||
|
if (
|
||||||
|
record.levelno == logging.ERROR
|
||||||
|
and "Missing OAuth state parameter" in message
|
||||||
|
and any(
|
||||||
|
bot_phrase in message
|
||||||
|
for bot_phrase in [
|
||||||
|
"GPTBot",
|
||||||
|
"gptbot",
|
||||||
|
"crawler",
|
||||||
|
"bot",
|
||||||
|
"spider",
|
||||||
|
"x-openai-host-hash",
|
||||||
|
]
|
||||||
|
)
|
||||||
|
):
|
||||||
|
return False
|
||||||
|
|
||||||
# Define `package` attribute with the relative path.
|
# Define `package` attribute with the relative path.
|
||||||
record.package = record.pathname[_leng_path + 1 :].replace(".py", "")
|
record.package = record.pathname[_leng_path + 1 :].replace(".py", "")
|
||||||
record.emoji = (
|
record.emoji = (
|
||||||
|
|||||||
Reference in New Issue
Block a user