]> git.gir.st - subscriptionfeed.git/blob - app/youtube/__init__.py
git://git.gir.st / subscriptionfeed.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
reddit: textarea hack does't escape quotes
[subscriptionfeed.git] / app / youtube / __init__.py
1 import re
2 import time
3 import sqlite3
4 import requests
5 from urllib.parse import urlparse
6 #from flask_login import current_user, login_required
7 from flask_login import LoginManager, UserMixin, current_user, login_user, logout_user, login_required
8 from flask import Blueprint, render_template, request, redirect, flash, url_for, jsonify, g, current_app
9 from werkzeug.exceptions import BadRequest, NotFound, BadGateway
10
11 from ..common.common import *
12 from .lib import *
13
14 frontend = Blueprint('youtube', __name__,
15 template_folder='templates',
16 static_folder='static',
17 static_url_path='/static/yt')
18
19 @frontend.route('/')
20 def index():
21 return redirect(url_for('.feed'), code=302)
22
23 @frontend.route('/feed/subscriptions')
24 # disabled for guest user: @login_required
25 def feed():
26 if current_user.is_anonymous:
27 token = 'guest'
28 settings = {}
29 if 'welcome_message' in cf['frontend']:
30 flash(cf['frontend']['welcome_message'], "welcome")
31 else:
32 token = current_user.token
33 settings = current_user.get_settings()
34 page = request.args.get('page', 0, type=int)
35 with sqlite3.connect(cf['global']['database']) as conn:
36 c = conn.cursor()
37
38 c.execute("""
39 SELECT videos.id, channel_id, name, title, length, livestream, premiere, shorts, published > datetime('now') as upcoming, published, playlist_videos.playlist_id, display
40 FROM videos
41 JOIN channels ON videos.channel_id = channels.id
42 LEFT JOIN playlist_videos ON (videos.id = playlist_videos.video_id)
43 LEFT JOIN flags ON (videos.id = flags.video_id) AND (flags.user = ?)
44 WHERE (channel_id IN (SELECT channel_id FROM subscriptions WHERE user=? AND type = 'channel')
45 OR playlist_videos.playlist_id IN (SELECT channel_id FROM subscriptions WHERE user=? AND type = 'playlist')
46 OR flags.display = 'pinned')
47 AND flags.display IS NOT 'hidden'
48 AND (flags.display = 'pinned' OR not ? or shorts is null or not shorts)
49 ORDER BY (display = 'pinned') DESC, crawled DESC
50 LIMIT 36
51 OFFSET 36*?""", (token, token, token, settings.get('noshorts', False), page))
52 rows = [{
53 'video_id': video_id,
54 'channel_id': channel_id,
55 'author': author,
56 'title': title,
57 'length': length,
58 'livestream': livestream,
59 'premiere': premiere,
60 'shorts': shorts,
61 'upcoming': upcoming,
62 'published': published,
63 'playlist': playlist,
64 'pinned': display == 'pinned',
65 } for (video_id, channel_id, author, title, length, livestream, premiere, shorts, upcoming, published, playlist, display) in c.fetchall()]
66 return render_template('index.html.j2', rows=rows, page=page)
67
68 @frontend.route('/watch')
69 def watch():
70 if current_user.is_anonymous:
71 token = 'guest'
72 else:
73 token = current_user.token
74
75 if not 'v' in request.args:
76 return "missing video id", 400
77 if len(request.args.get('v')) != 11:
78 return "malformed video id", 400
79
80 plaintextheaders = {
81 'content-type': 'text/plain',
82 'Link': "<data:text/css,body%7Bcolor:%23eee;background:%23333%7D>; rel=stylesheet;"
83 }
84
85 video_id = request.args.get('v')
86 playlist = request.args.get('list')
87 show = request.args.get("show")
88 itag = request.args.get("itag")
89 video_url, stream_map, metadata, error, errdetails = get_video_info(video_id, metaOnly=(show == 'meta'))
90
91 if itag: # if itag is specified and available, force its use even if not highest resolution
92 video_url = next((e['url'] for e in stream_map['muxed'] if 'url' in e and e['itag'] == int(itag)), video_url)
93
94 proxy_on = getattr(g, 'proxy_on', None)
95 proxy_msg = {
96 False: "Log in to use proxy.", # proxy for logged-in users only
97 None: "", # proxy disabled globally
98 True: "", # proxy is available to this user
99 }[proxy_on]
100 errdetails = {
101 'banned': "Instance is being rate limited.",
102 'malformed': "Video ID is invalid.",
103 'geolocked': f"This video is geolocked. {proxy_msg}",
104 'livestream': f"Livestreams disabled. {proxy_msg}",
105 'throttled': "Stream is severely throttled.",
106 'agegated': "Unable to bypass age-restriction.",
107 'scrambled': "VEVO style cyphering not supported.",
108 'no-url': "No muxed stream available.",
109 'exhausted': errdetails or "Couldn't extract video URLs.",
110 'player': errdetails,
111 }.get(error, error)
112
113 # if the video is geolocked, and the proxy is enabled, we can still play
114 # it, if the video is available in the instance server's region:
115 if error == 'geolocked' and video_url and proxy_on:
116 videoplayback = url_for('proxy.videoplayback')
117 query = urlparse(video_url).query
118 video_url = f"{videoplayback}?{query}"
119 for t in ('adaptive_video', 'adaptive_audio', 'muxed'):
120 for s in stream_map[t]:
121 query = urlparse(s['url']).query
122 s['url'] = f"{videoplayback}?{query}"
123 error = None
124
125 # if the proxy is enabled, we can also play livestreams:
126 if error == 'livestream' and proxy_on:
127 # Note: hlsManifestUrl's hostname will be replaced client-side
128 video_url = stream_map['hlsManifestUrl']
129 error = None
130
131 if show == "raw":
132 if error:
133 msg = errdetails if error=='player' else f"{error.upper()}: {errdetails}"
134 return msg, 400, plaintextheaders # TODO: nicer
135 return redirect(video_url, code=307)
136 elif show == "json":
137 if error and not metadata:
138 return {'error': True, error: errdetails}, 400 # TODO: better (test _CpR4o81XQc)
139 return jsonify(metadata)
140 elif show == "audio":
141 # sorting: we want to prioritize mp4a over opus, and sort by highest quality first
142 # todo: geolocking; prefer open format?
143 if error and not stream_map:
144 msg = errdetails if error=='player' else f"{error.upper()}: {errdetails}"
145 return msg, 400, plaintextheaders # TODO: nicer
146 stream = next(iter(sorted(
147 stream_map['adaptive_audio'],
148 key=lambda e: ('opus' not in e['mimeType'], e['bitrate']),
149 reverse=True
150 )),{}).get('url')
151 return redirect(stream)
152 elif show == "meta":
153 # this is the subset of (useful) keys that are not present in the
154 # Android API response. the special key '_' contains ready-to-use
155 # parsed versions of that data.
156 if error and not metadata:
157 return {'error': True, error: errdetails}, 400 # TODO: better (test _CpR4o81XQc)
158 parsed = microformat_parser(metadata)
159 return {'microformat': metadata.get('microformat'),'cards':metadata.get('cards'), '_':parsed}
160 else:
161 extra = {'geolocked':'local=1', 'livestream':'raw=0'}.get(error,'')
162 invidious_url = f"https://redirect.invidious.io/watch?v={video_id}&{extra}"
163 if error and not metadata: # e.g. malformed, private/deleted video, ...
164 return render_template('video-error.html.j2', video_id=video_id,
165 video_error=error, errdetails=errdetails, invidious_url=invidious_url)
166 meta = prepare_metadata(metadata)
167 with sqlite3.connect(cf['global']['database']) as conn:
168 c = conn.cursor()
169 c.execute("""
170 SELECT COUNT((
171 SELECT 1 FROM subscriptions WHERE channel_id = ? AND user = ?
172 )), COUNT((
173 SELECT 1 FROM flags WHERE video_id = ? AND display = 'pinned' AND user = ?
174 ))""", (meta['channel_id'], token, video_id, token))
175 (is_subscribed, is_pinned) = c.fetchone()
176 return render_template('watch.html.j2',
177 video_id=video_id, video_url=video_url, stream_map=stream_map,
178 video_error=error, errdetails=errdetails, invidious_url=invidious_url,
179 playlist=playlist, is_pinned=is_pinned, is_subscribed=is_subscribed,
180 **meta)
181
182 @frontend.route('/embed/videoseries')
183 def embed_videoseries():
184 return redirect(url_for('.playlist', list=request.args.get('list')))
185 @frontend.route('/embed/<video_id>', strict_slashes=False)
186 def embed(video_id):
187 if video_id == "videoseries":
188 return redirect(url_for('.playlist', list=request.args.get('list')))
189
190 return redirect(url_for('.watch', v=video_id, t=request.args.get('start')))
191
192 @frontend.route('/v/<video_id>', strict_slashes=False)
193 @frontend.route('/live/<video_id>', strict_slashes=False)
194 @frontend.route('/shorts/<video_id>', strict_slashes=False)
195 def shorts_or_live(video_id):
196 return redirect(url_for('.watch', v=video_id, t=request.args.get('start')))
197
198 @frontend.route('/<something>', strict_slashes=False)
199 def plain_user_or_video(something):
200 # yt.com interprets this as a username, but we also want to catch youtu.be
201 # short-urls. so we check if it's a channel by querying the RSS feed (this
202 # shoudn't be rate-limited); if that fails, check if it looks like a video
203 # id; or finally give up.
204 if '.' not in something and channel_exists(something):
205 # periods are not valid in usernames, vanity urls or ucids, but common
206 # in urls that get crawled by bots (e.g. index.php). failing early
207 # reduces the amount of invalid channel names getting looked up.
208 return redirect(url_for('.channel', channel_id=something))
209 elif re.match(r"^[-_0-9A-Za-z]{11}$", something): # looks like a video id
210 return redirect(url_for('.watch', v=something, t=request.args.get('t')))
211 else: # ¯\_(ツ)_/¯
212 # XXX: something == 'thethoughtemporium' -> 404s
213 raise NotFound("Note: some usernames not recognized; try searching it")
214
215 @frontend.route('/attribution_link', strict_slashes=False)
216 def attribution_link():
217 # /attribution_link?a=anything&u=/channel/UCZYTClx2T1of7BRZ86-8fow
218 # /attribution_link?a=JdfC0C9V6ZI&u=%2Fwatch%3Fv%3DEhxJLojIE_o%26feature%3Dshare
219 url = request.args.get('u') or '/'
220 if not url.startswith('/'):
221 raise BadRequest # prevent open redirect
222 return redirect(url)
223
224 @frontend.route('/c/<username>/<subpage>')
225 @frontend.route('/c/<username>/')
226 @frontend.route('/user/<username>/<subpage>')
227 @frontend.route('/user/<username>/')
228 def channel_redirect(username, subpage=None):
229 # Note: we can't check /c/, so we have to assume it is the same as /user/,
230 # which is sometimes wrong.
231 xmlfeed = fetch_xml("user", username)
232
233 if not xmlfeed:
234 raise NotFound("unknown channel name")
235
236 _, _, _, channel_id, _ = parse_xml(xmlfeed)
237
238 return redirect(url_for('.channel', channel_id=channel_id))
239
240 @frontend.route('/channel/<channel_id>/<subpage>')
241 @frontend.route('/channel/<channel_id>/')
242 def channel(channel_id, _=None):
243 token = getattr(current_user, 'token', 'guest')
244 sort = request.args.get("sort", "newest")
245
246 if not re.match(r"(UC[A-Za-z0-9_-]{22})", channel_id):
247 # canonicalize channel id, otherwise popular won't work
248 return redirect(url_for('.channel_redirect', channel_id=channel_id))
249
250 if sort == "popular":
251 xmlfeed = fetch_xml("playlist_id", f"PU{channel_id[2:]}")
252 else:
253 xmlfeed = fetch_xml("channel_id", channel_id)
254 #^note: could also use playlist_id=UU...
255
256 if not xmlfeed:
257 raise NotFound("unknown channel id")
258
259 title, author, videos, _, _ = parse_xml(xmlfeed)
260
261 with sqlite3.connect(cf['global']['database']) as conn:
262 c = conn.cursor()
263 c.execute("""
264 SELECT COUNT(*)
265 FROM subscriptions
266 WHERE channel_id = ? AND user = ?
267 """, (channel_id, token))
268 (is_subscribed,) = c.fetchone()
269
270 return render_template('xmlfeed.html.j2', title=author, rows=videos,
271 is_subscribed=is_subscribed, channel_id=channel_id)
272
273 @frontend.route('/playlist')
274 def playlist():
275 playlist_id = request.args.get('list')
276 if not playlist_id:
277 return "bad list id", 400 # todo
278
279 xmlfeed = fetch_xml("playlist_id", playlist_id)
280 if not xmlfeed:
281 return "not found or something", 404 # XXX
282 title, author, videos, _, _ = parse_xml(xmlfeed)
283 return render_template('xmlfeed.html.j2', title=f"{title} by {author}", rows=videos)
284
285 @frontend.route('/api/timedtext')
286 def timedtext():
287 r = requests.get("https://www.youtube.com/api/timedtext", request.args.to_dict())
288 # Note: in srv1 format, xmlentities are double-encoded m( a smart quote is
289 # even worse: it's '&amp;39;<smartquote>' wtf!? (at least vvt seems ok)
290 if not r.ok:
291 return "error: {r.text}", 400 # TODO: better
292 retval = r.text
293 if request.args.get('fmt') == 'vtt' and request.args.get('kind') == 'asr':
294 # autocaptions are extremely confusing, and stuck in the lower-left corner. fix it up a bit
295 retval = re.sub(r"<.+?>", "", retval) # remove inline html-like markup that times each word/adds styles
296 retval = retval.replace("align:start position:0%", "") # let browser position the text itself
297 # each subtitle-line is repeated twice (first on the lower line, then
298 # on the next "frame" on the upper line). we want to remove the
299 # repetition, as that's confusing without word and line animations:
300 lines = retval.split('\n')
301 retval = '\n'.join([line for line, prev in zip(lines, ['']+lines) if not " --> " in prev])
302 return retval, {'Content-Type': r.headers.get("Content-Type")}
303
304 @frontend.route('/feeds/videos.xml')
305 def xml_feed():
306 valid = ("channel_id", "playlist_id", "user")
307 key = next(iter(request.args), None)
308 if key not in valid: raise BadRequest
309 data = fetch_xml(key, request.args[key])
310 if not data: raise NotFound
311 return data, {'content-type': 'text/xml; charset=UTF-8'}
312
313 @frontend.route('/manage/subscriptions')
314 # disabled for guest user: @login_required
315 def subscription_manager():
316 if current_user.is_anonymous:
317 token = 'guest'
318 else:
319 token = current_user.token
320 with sqlite3.connect(cf['global']['database']) as conn:
321 #with conn.cursor() as c:
322 c = conn.cursor()
323 c.execute("""
324 SELECT subscriptions.channel_id, name, type,
325 (subscribed_until < datetime('now')) AS obsolete
326 FROM subscriptions
327 LEFT JOIN (SELECT name, id FROM channels
328 UNION
329 SELECT name, id FROM playlists
330 ) AS channels ON channels.id = subscriptions.channel_id
331 left JOIN websub ON channels.id = websub.channel_id
332 WHERE user = ?
333 AND subscriptions.type IN ('channel', 'playlist')
334 ORDER BY obsolete=0, name COLLATE NOCASE ASC""", (token,))
335 rows = [{
336 'channel_id': channel_id,
337 'author': author or channel_id,
338 'type': type,
339 'subscribed_until': subscribed_until
340 } for (channel_id, author, type, subscribed_until) in c.fetchall()]
341 return render_template('subscription_manager.html.j2', rows=rows)
342
343 @frontend.route('/feed/subscriptions', methods=['POST'])
344 @login_required
345 def feed_post():
346 token = current_user.token
347 action = next(iter(list(request.form.keys())), None)
348 if action in ['pin', 'unpin', 'hide', 'unhide']:
349 video_id = request.form.get(action)
350 display = {
351 'pin': 'pinned',
352 'unpin': None,
353 'hide': 'hidden',
354 'unhide': None,
355 }[action]
356 with sqlite3.connect(cf['global']['database']) as conn:
357 c = conn.cursor()
358 store_video_metadata(video_id) # only needed for pinning
359 c.execute("""
360 INSERT OR REPLACE INTO flags (user, video_id, display)
361 VALUES (?, ?, ?)
362 """, (token, video_id, display))
363 undo_flash(video_id, action)
364 else:
365 flash("unsupported action", "error")
366 return redirect(request.url, code=303)
367
368 @frontend.route('/manage/subscriptions', methods=['POST'])
369 @login_required
370 def manage_subscriptions():
371 token = current_user.token
372 if 'subscribe' in request.form:
373 some_id = request.form.get("subscribe")
374 match = re.search(r"(UC[A-Za-z0-9_-]{22})", some_id)
375 if match:
376 some_id = match.group(1)
377 id_type = "channel"
378 else:
379 match = re.search(r"((?:PL|LL|EC|UU|FL|UL|OL)[A-Za-z0-9_-]{10,})", some_id)
380 if match: # NOTE: PL-playlists are 32chars, others differ in length.
381 some_id = match.group(1)
382 id_type = "playlist"
383 else:
384 flash("not a valid/subscribable URI", "error")
385 return redirect(request.url, code=303)
386 with sqlite3.connect(cf['global']['database']) as conn:
387 #with conn.cursor() as c:
388 c = conn.cursor()
389 c.execute("""
390 INSERT OR IGNORE INTO subscriptions (user, channel_id, type)
391 VALUES (?, ?, ?)
392 """, (token, some_id, id_type))
393 # TODO: sql-error-handling, asynchronically calling update-subs.pl
394 undo_flash(some_id, 'subscribe')
395
396 elif 'unsubscribe' in request.form:
397 some_id = request.form.get("unsubscribe")
398 with sqlite3.connect(cf['global']['database']) as conn:
399 #with conn.cursor() as c:
400 c = conn.cursor()
401 c.execute("""
402 DELETE FROM subscriptions
403 WHERE user = ? AND channel_id = ?
404 """, (token, some_id))
405 # TODO: sql-error-handling, report success
406 undo_flash(some_id, 'unsubscribe')
407
408 else:
409 flash("unsupported action", "error")
410
411 return redirect(request.url, code=303)
412
413 @frontend.route('/vi/<vid>/<res>.jpg')
414 def redirect_thumbnails(vid, res):
415 return redirect(f"https://i.ytimg.com{request.path}", code=301)
416
417 @frontend.record
418 def redirect_youtube_dot_com(state):
419 """
420 This is executed when the blueprint is loaded dynamically builds a number
421 of routes so that URLs like
422 https://subscriptions.gir.st/https://www.youtube.com/watch?v=dQw4w9WgXcQ
423 redirect to the /watch page. Works with /watch, /embed/ and youtu.be short
424 links, with or without protocl and/or 'www'.
425 """
426 def real_redirect_youtube_dot_com(video_id=None):
427 if not re.match(r"^[-_0-9A-Za-z]{11}$", video_id or ''): video_id = None
428 if not video_id: video_id = request.args.get('v')
429 return redirect(url_for('.watch', v=video_id))
430
431 for protocol in ("", "http://", "https://"):
432 for prefix in ("", "www.", "m."):
433 for domain in ("youtube.com", "youtu.be", "youtube-nocookie.com"):
434 for urlpath in ("/watch", "/embed/<video_id>", "/live/<video_id>", "/shorts/<video_id>", "/<video_id>"):
435 if domain != "youtu.be" and urlpath == "/<video_id>":
436 continue # that's a channel, not a video
437 frontend.add_url_rule(
438 f"/{protocol}{prefix}{domain}{urlpath}",
439 view_func=real_redirect_youtube_dot_com,
440 strict_slashes=False
441 )
442
443 def undo_flash(thing_id, action):
444 undo_action, past_action = {
445 'pin': ('unpin', 'pinned'),
446 'unpin': ('pin', 'unpinned'),
447 'hide': ('unhide', 'hidden'),
448 'unhide': ('hide', 'unhidden'),
449 'subscribe': ('unsubscribe', 'subscribed'),
450 'unsubscribe': ('subscribe', 'unsubscribed'),
451 }.get(action)
452 if 'subscribe' in action and thing_id.startswith('UC'):
453 thing = "channel"
454 thing_url = url_for('.channel', channel_id=thing_id)
455 elif 'subscribe' in action:
456 thing = "playlist"
457 thing_url = url_for('.playlist', playlist_id=thing_id)
458 else:
459 thing = "video"
460 thing_url = url_for('.watch', v=thing_id)
461 flash(f'''
462 <form method=post><input type=hidden name="{undo_action}" value="{thing_id}">
463 <a href="{thing_url}">{thing}</a> {past_action}.
464 <label><input type="submit" hidden>
465 <span style="text-decoration:underline;cursor:pointer">undo</span>.
466 </label></form>''', "info")
467
468 @frontend.app_template_filter('format_date')
469 def format_date(s):
470 import datetime # can't import at top level, because it is inherited from common
471 (y,m,d) = (int(n) for n in s.split('T')[0].split(' ')[0].split('-')) # iso-dates can seperate date from time with space or 'T'
472 M = '_ Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec'.split()
473 if y == datetime.datetime.now().year:
474 return f"{d} {M[m]}"
475 else:
476 return f"{M[m]} '{y%100}"
477
478 @frontend.app_template_filter('format_time')
479 def format_time(i):
480 if i is None:
481 return None
482 h = i // (60*60)
483 m = i // 60 % 60
484 s = i % 60
485 return '%d:%02d:%02d' % (h,m,s) if h else '%02d:%02d' % (m,s)
486
487 @frontend.app_template_filter('timeoffset')
488 def timeoffset(s):
489 if s is None:
490 return None
491 match = re.match(r"^(\d+)s?$", s) # e.g. 2040s
492 if match:
493 return match.group(1)
494 match = re.match(r"^(?:(\d+)h)?(?:(\d+)m)?(?:(\d+)s)?$", s) # e.g. 34m, 1h23s
495 if match:
496 return ":".join([n.zfill(2) for n in match.groups('0')])
497 return None
Privacy-focused webservice to catch up with Youtube subscriptions
Imprint / Impressum