Spaces:
Sleeping
Sleeping
File size: 7,181 Bytes
d4672d0 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 |
import os
import secrets
import hashlib
import time
from argon2 import PasswordHasher
from cryptography.fernet import Fernet
from transformers import AutoTokenizer, AutoModel
import torch
import numpy as np
from .models import User, File
from . import db
from huggingface_hub import hf_hub_download
import requests
from dotenv import load_dotenv
load_dotenv()
# Initialize global variables
MODEL_NAME = os.getenv('SECRET_M')
HF_TOKEN = os.getenv('HF_TOKEN')
tokenizer = None
model = None
# Initialize Argon2 hasher and Fernet cipher
ph = PasswordHasher()
cipher_key = Fernet.generate_key()
cipher = Fernet(cipher_key)
def get_embedding(text):
global tokenizer, model
if tokenizer is None or model is None:
try:
tokenizer = AutoTokenizer.from_pretrained(MODEL_NAME, use_auth_token=HF_TOKEN)
model = AutoModel.from_pretrained(MODEL_NAME, torch_dtype=torch.float16, use_auth_token=HF_TOKEN)
if tokenizer.pad_token is None:
tokenizer.pad_token = tokenizer.eos_token
model.resize_token_embeddings(len(tokenizer))
except (requests.exceptions.RequestException, OSError) as e:
print(f"Error loading model: {str(e)}")
return None
inputs = tokenizer(text, return_tensors="pt", padding=True, truncation=True, max_length=512)
with torch.no_grad():
outputs = model(**inputs)
return outputs.last_hidden_state.mean(dim=1).squeeze().numpy()
def hash_embedding(embedding, salt):
salted_embedding = np.concatenate([embedding, np.frombuffer(salt, dtype=np.float32)])
return hashlib.sha256(salted_embedding.tobytes()).hexdigest()
def create_user(username, password):
if User.query.filter_by(username=username).first():
return "Username already exists."
salt = secrets.token_bytes(16)
embedding = get_embedding(password)
if embedding is None:
return "Error creating user. Please try again later."
embedding_hash = hash_embedding(embedding, salt)
new_user = User(username=username, salt=salt.hex(), embedding_hash=embedding_hash)
new_user.set_password(password)
db.session.add(new_user)
db.session.commit()
return "User created successfully."
def verify_user(username, password):
user = User.query.filter_by(username=username).first()
if not user:
return False
if not user.check_password(password):
return False
embedding = get_embedding(password)
if embedding is None:
return False
embedding_hash = hash_embedding(embedding, bytes.fromhex(user.salt))
return embedding_hash == user.embedding_hash
def get_user_files(username):
user = User.query.filter_by(username=username).first()
if not user:
return []
return [{"filename": file.filename, "size": file.size} for file in user.files]
def upload_file(username, filename, content):
user = User.query.filter_by(username=username).first()
if not user:
return "User not found."
if user.get_used_storage() + len(content) > user.storage_limit:
return "Storage limit exceeded."
existing_file = File.query.filter_by(user_id=user.id, filename=filename).first()
if existing_file:
return f"File {filename} already exists."
encrypted_content = cipher.encrypt(content)
new_file = File(filename=filename, content=encrypted_content, size=len(content), user_id=user.id)
db.session.add(new_file)
db.session.commit()
return f"File {filename} uploaded successfully."
def download_file(username, filename):
user = User.query.filter_by(username=username).first()
if not user:
return None
file = File.query.filter_by(user_id=user.id, filename=filename).first()
if not file:
return None
return cipher.decrypt(file.content)
def delete_file(username, filename):
user = User.query.filter_by(username=username).first()
if not user:
return "User not found."
file = File.query.filter_by(user_id=user.id, filename=filename).first()
if not file:
return f"File {filename} not found."
db.session.delete(file)
db.session.commit()
return f"File {filename} deleted successfully."
def empty_vault(username):
user = User.query.filter_by(username=username).first()
if not user:
return "User not found."
File.query.filter_by(user_id=user.id).delete()
db.session.commit()
return "All files in your vault have been deleted."
def is_admin(username):
user = User.query.filter_by(username=username).first()
return user and user.is_admin
def get_all_accounts():
return [{"username": user.username, "created_at": user.created_at, "last_active": user.last_active, "storage_used": user.get_used_storage(), "storage_limit": user.storage_limit, "is_banned": user.is_banned} for user in User.query.all()]
def delete_account(username):
if username == os.getenv('ADMIN_USERNAME'):
return "Cannot delete admin account."
user = User.query.filter_by(username=username).first()
if not user:
return "User not found."
File.query.filter_by(user_id=user.id).delete()
db.session.delete(user)
db.session.commit()
return f"Account {username} and all associated files have been deleted."
def update_storage_limit(username, new_limit):
user = User.query.filter_by(username=username).first()
if not user:
return "User not found."
user.storage_limit = new_limit
db.session.commit()
return f"Storage limit for {username} updated to {new_limit} bytes."
def ban_user(username, ban_status):
user = User.query.filter_by(username=username).first()
if not user:
return "User not found."
user.is_banned = ban_status
db.session.commit()
action = "banned" if ban_status else "unbanned"
return f"User {username} has been {action}."
# Rate limiting
RATE_LIMIT = 5 # maximum number of requests per minute
rate_limit_dict = {}
def is_rate_limited(username):
current_time = time.time()
if username in rate_limit_dict:
last_request_time, count = rate_limit_dict[username]
if current_time - last_request_time < 60: # within 1 minute
if count >= RATE_LIMIT:
return True
rate_limit_dict[username] = (last_request_time, count + 1)
else:
rate_limit_dict[username] = (current_time, 1)
else:
rate_limit_dict[username] = (current_time, 1)
return False
# Account lockout
MAX_LOGIN_ATTEMPTS = 5
LOCKOUT_TIME = 300 # 5 minutes
lockout_dict = {}
def is_account_locked(username):
if username in lockout_dict:
attempts, lockout_time = lockout_dict[username]
if attempts >= MAX_LOGIN_ATTEMPTS:
if time.time() - lockout_time < LOCKOUT_TIME:
return True
else:
del lockout_dict[username]
return False
def record_login_attempt(username, success):
if username not in lockout_dict:
lockout_dict[username] = [0, 0]
if success:
del lockout_dict[username]
else:
lockout_dict[username][0] += 1
lockout_dict[username][1] = time.time()
|