from flask import Flask, request, jsonify, redirect, Response, abort, send_from_directory import os import requests import subprocess import sys app = Flask(__name__) @app.route("/") def index(): return "Hello world" processes = { "yt": { "file": "yt.py", "proc": None, }, "news": { "file": "news.py", "proc": None, }, "chatgpt": { "file": "chatgpt.py", "proc": None, }, "jihou": { "file": "jihou.py", "proc": None, }, "join": { "file": "join.py", "proc": None, }, "ngwords": { "file": "ngwords.py", "proc": None, }, "orion-join": { "file": "orion-server/join.py", "proc": None, }, "turbowarp-server-gpt": { "file": "turbowarp-server/gpt.py", "proc": None, }, } def start_processes(): for name, info in processes.items(): proc = info["proc"] if proc is None or proc.poll() is not None: info["proc"] = subprocess.Popen( [sys.executable, info["file"]], stdout=sys.stdout, stderr=sys.stderr, env=os.environ, ) print(f"{info['file']} を起動しました") #---------- @app.route("/xe.js") def xe_js(): return send_from_directory( directory="xv", path="xe.js", mimetype="application/javascript" ) @app.route("/drive.com/files") def drive(): ip = request.remote_addr print(f"アクセスIP: {ip}") return redirect("https://drive.google.com/") @app.route("/scratch_login", methods=["POST"]) def scratch_login(): data = request.json username = data.get("username") password = data.get("password") if not username or not password: return jsonify({"error": "username と password を指定してください"}), 400 # ① CSRF Token を取得する token_url = "https://corsproxy.io?url=https://scratch.mit.edu/csrf_token/" session = requests.Session() token_resp = session.get(token_url) if token_resp.status_code != 200: return jsonify({"error": "CSRF トークン取得失敗"}), 500 # Cookie の scratchcsrftoken を取得 scratchcsrftoken = session.cookies.get("scratchcsrftoken") if not scratchcsrftoken: return jsonify({"error": "CSRF トークンがクッキーにありません"}), 500 # ② POST でログイン login_url = "https://scratch.mit.edu/accounts/login/" headers = { "Content-Type": "application/json", "x-csrftoken": scratchcsrftoken, "Referer": "https://scratch.mit.edu/", "User-Agent": "Mozilla/5.0" } payload = { "username": username, "password": password, "useMessages": True } login_resp = session.post(login_url, json=payload, headers=headers) try: result_json = login_resp.json() except Exception: result_json = {"error": "JSON パース失敗", "text": login_resp.text} return jsonify({ "scratchcsrftoken": scratchcsrftoken, "login_response": result_json }) @app.route("/channel-io-managers") def get_managers(): limit = request.args.get("limit") since = request.args.get("since") params = {} if limit: params["limit"] = limit if since: params["since"] = since channel_id = request.args.get("channelid", "200605") url = f"https://desk-api.channel.io/desk/channels/{channel_id}/managers" headers = { "accept": "application/json", "x-account": os.getenv("channeliotokenmain"), } res = requests.get(url, headers=headers, params=params) if res.status_code != 200: return jsonify({"error": res.text}), res.status_code return jsonify(res.json().get("managers", [])) FORWARD_HEADERS = { "User-Agent", "Accept", "Content-Type", "Authorization", } @app.route("/cors-proxy", methods=["GET", "POST", "PATCH", "PUT", "DELETE", "OPTIONS"]) def cors_proxy(): # Preflight 対応 if request.method == "OPTIONS": return Response( "", 204, headers={ "Access-Control-Allow-Origin": "*", "Access-Control-Allow-Headers": "*", "Access-Control-Allow-Methods": "GET, POST, PATCH, PUT, DELETE, OPTIONS", }, ) url = request.args.get("url") if not url: return "url パラメータが必要です", 400 if not url.startswith(("http://", "https://")): return "http または https のURLのみ使用できます", 400 # 追加転送ヘッダ取得(例: send=x-games-flags,x-games-sdk-auth) extra_headers = set() send_param = request.args.get("send") if send_param: extra_headers = {h.strip() for h in send_param.split(",") if h.strip()} # 転送対象ヘッダを動的に構築(小文字比較で安全に) allowed_headers = {h.lower() for h in FORWARD_HEADERS} allowed_headers.update(h.lower() for h in extra_headers) headers = { k: v for k, v in request.headers.items() if k.lower() in allowed_headers } # gzip 問題回避 headers.pop("Accept-Encoding", None) # url パラメータと send パラメータは転送しない forward_params = request.args.to_dict(flat=True) forward_params.pop("url", None) forward_params.pop("send", None) resp = requests.request( method=request.method, url=url, headers=headers, data=request.get_data(), params=forward_params, timeout=30, ) response = Response(resp.content, resp.status_code) # CORS ヘッダ付与 response.headers["Access-Control-Allow-Origin"] = "*" response.headers["Access-Control-Allow-Headers"] = "*" response.headers["Access-Control-Allow-Methods"] = "GET, POST, PATCH, PUT, DELETE, OPTIONS" # Content-Type は元のまま if "Content-Type" in resp.headers: response.headers["Content-Type"] = resp.headers["Content-Type"] return response @app.errorhandler(404) def cors_proxy_404(e): baseurl = request.args.get("baseurl23896") if not baseurl: return abort(404) # baseurl23896 以外のパラメータをそのまま渡す forward_params = { k: v for k, v in request.args.items() if k != "baseurl23896" } # 転送先URLを組み立て target_url = baseurl.rstrip("/") + request.path if forward_params: target_url += "?" + urlencode(forward_params, doseq=True) try: resp = requests.request( method=request.method, url=target_url, headers={ k: v for k, v in request.headers if k.lower() not in ["host", "content-length"] }, data=request.get_data(), cookies=request.cookies, allow_redirects=False, timeout=10, ) except requests.RequestException: return abort(502) excluded_headers = [ "content-encoding", "content-length", "transfer-encoding", "connection", ] headers = [ (k, v) for k, v in resp.headers.items() if k.lower() not in excluded_headers ] return Response(resp.content, resp.status_code, headers) if __name__ == "__main__": if os.environ.get("WERKZEUG_RUN_MAIN") != "true": start_processes() app.run(host="0.0.0.0", port=7860)