nex/college-bot-v1
1
0
Fork 0
mirror of https://github.com/nexy7574/LCC-bot.git synced 2024-09-19 18:16:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Properly handle conflicted state

Browse source
This commit is contained in:
Nexus 2023-04-09 21:55:54 +01:00
parent 2eb9adee7b
commit e9dd1160fe
Signed by: nex
GPG key ID: 0FA334385D0B689F
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
web/server.py
View file

@ -80,7 +80,17 @@ async def authenticate(req: Request, code: str = None, state: str = None):
print(f"Removed {removed} states.", file=sys.stderr) print(f"Removed {removed} states.", file=sys.stderr)
if value in app.state.states: if value in app.state.states:
assert value not in app.state.states, "Generated a state that already exists and could not free any slots." print("Critical: Generated a state that already exists and could not free any slots.", file=sys.stderr)
raise HTTPException(
HTTPStatus.SERVICE_UNAVAILABLE,
"Could not generate a state token (state container full, potential (D)DOS attack?). "
"Please try again later.",
# Saying a suspected DDOS makes sense, there are 4,294,967,296 possible states, the likelyhood of a
# collision is 1 in 4,294,967,296.
headers={
"Retry-After": "300"
}
)
app.state.states[value] = datetime.now() app.state.states[value] = datetime.now()
return RedirectResponse( return RedirectResponse(
discord.utils.oauth_url( discord.utils.oauth_url(