sdsgfg

1. from flask import Flask, request, jsonify
2. from datetime import datetime, timedelta
3. import hashlib
4.  
5. app = Flask(__name__)
6.  
7. # Simulate a database
8. banned_devices = set()
9. request_logs = {} # { device_id: [timestamps] }
10.  
11. # Your secret key to verify legitimate APKs (should be embedded securely in your real APK)
12. SECRET_KEY = "your_super_secret_server_key"
13.  
14. # Simple API key hashing to verify legit clients
15. def verify_key(client_key):
16. expected_hash = hashlib.sha256(SECRET_KEY.encode()).hexdigest()
17. return client_key == expected_hash
18.  
19. # Ban a device
20. def ban_device(device_id):
21. banned_devices.add(device_id)
22. print(f"[!] Device banned: {device_id}")
23.  
24. # Check rate limit (basic anti-spam)
25. def is_rate_limited(device_id, max_requests=10, per_seconds=60):
26. now = datetime.utcnow()
27. logs = request_logs.get(device_id, [])
28. # Remove old entries
29. logs = [ts for ts in logs if now - ts < timedelta(seconds=per_seconds)]
30. logs.append(now)
31. request_logs[device_id] = logs
32. return len(logs) > max_requests
33.  
34. @app.route('/verify', methods=['POST'])
35. def verify_client():
36. data = request.json
37. device_id = data.get('device_id')
38. client_key = data.get('auth_key')
39.  
40. if not device_id or not client_key:
41. return jsonify({'error': 'Missing required fields'}), 400
42.  
43. # Ban check
44. if device_id in banned_devices:
45. return jsonify({'status': 'banned'}), 403
46.  
47. # Rate limit check
48. if is_rate_limited(device_id):
49. ban_device(device_id)
50. return jsonify({'status': 'rate_limit_ban'}), 429
51.  
52. # Key verification
53. if not verify_key(client_key):
54. ban_device(device_id)
55. return jsonify({'status': 'invalid_key'}), 401
56.  
57. # Passed all checks
58. return jsonify({'status': 'verified'}), 200
59.  
60. @app.route('/report', methods=['POST'])
61. def report_mod():
62. data = request.json
63. device_id = data.get('device_id')
64. reason = data.get('reason')
65.  
66. if device_id:
67. ban_device(device_id)
68. return jsonify({'status': 'reported_and_banned', 'reason': reason}), 200
69. return jsonify({'error': 'Missing device ID'}), 400
70.  
71. @app.route('/admin/banned', methods=['GET'])
72. def get_banned():
73. return jsonify({'banned_devices': list(banned_devices)}), 200
74.  
75. if __name__ == '__main__':
76. app.run(debug=True, port=5000)
77.