hiddifypanel 9.0.0.dev54__py3-none-any.whl → 9.0.0.dev61__py3-none-any.whl

hiddifypanel/panel/admin/Backup.py

@@ -2,6 +2,7 @@
 from urllib.parse import urlparse
 from flask_babelex import gettext as _
 from flask_bootstrap import SwitchField
+from hiddifypanel import hutils
 # from flask_babelex import gettext as _
 import wtforms as wtf
 from flask_wtf import FlaskForm
@@ -10,7 +11,6 @@ import json
 import json
 from flask import render_template, request, jsonify, redirect, g
 from hiddifypanel.panel.auth import login_required
-from hiddifypanel.panel.hiddify import flash
 from flask_wtf.file import FileField, FileRequired
 from flask_classful import FlaskView
 
@@ -58,13 +58,13 @@ class Backup(FlaskView):
 
             from flask_babel import refresh
             refresh()
-            return redirect(url_for("admin.Actions:reinstall2"))
+            return redirect(hutils.flask.url_for("admin.Actions:reinstall2"))
             # from . import Actions
             # action = Actions()
             # return action.reinstall(complete_install=True, domain_changed=True)
-            # # hiddify.flash_config_success(full_install=True)
+            # # hutils.flask.flash_config_success(full_install=True)
         else:
-            flash(_('Config file is incorrect'), category='error')
+            hutils.flask.flash(_('Config file is incorrect'), category='error')
         return render_template('backup.html', restore_form=restore_form)
 
 
@@ -74,7 +74,7 @@ def get_restore_form(empty=False):
         enable_config_restore = SwitchField(_("Restore Settings"), description=_("Restore Settings description"), default=False)
         enable_user_restore = SwitchField(_("Restore Users"), description=_("Restore Users description"), default=False)
         enable_domain_restore = SwitchField(_("Restore Domain"), description=_("Restore Domain description"), default=False)
-        override_root_admin = SwitchField(_("Override Root Admin"), description=_("It will override the root admin to the current user"), default=True)
+        override_root_admin = SwitchField(_("Override Root Admin"), description=_("It will override the root admin to the current user"), default=False)
         submit = wtf.fields.SubmitField(_('Submit'))
 
     return RestoreForm(None) if empty else RestoreForm()

hiddifypanel/panel/admin/ChildAdmin.py

@@ -3,7 +3,7 @@ from hiddifypanel.models import *
 from .adminlte import AdminLTEModelView
 from flask_babelex import gettext as __
 from flask_babelex import lazy_gettext as _
-from flask import Markup
+from flask import Markup, g
 
 from hiddifypanel.panel.auth import login_required
 from hiddifypanel.panel import hiddify
@@ -103,12 +103,12 @@ class ChildAdmin(AdminLTEModelView):
         if len(model.show_domains) == Domain.query.count():
             model.show_domains = []
 
-        hiddify.flash_config_success(restart_mode='apply', domain_changed=True)
+        hutils.flask.flash_config_success(restart_mode='apply', domain_changed=True)
 
     def on_model_delete(self, model):
         if len(ParentDomain.query.all()) <= 1:
             raise ValidationError(f"at least one domain should exist")
-        hiddify.flash_config_success(restart_mode='apply', domain_changed=True)
+        hutils.flask.flash_config_success(restart_mode='apply', domain_changed=True)
 
     def is_accessible(self):
         if login_required(roles={Role.super_admin})(lambda: True)() != True:

hiddifypanel/panel/admin/Dashboard.py

@@ -11,7 +11,7 @@ import hiddifypanel
 from hiddifypanel.models import *
 from hiddifypanel.panel import hiddify
 from hiddifypanel.panel.database import db
-from hiddifypanel.panel.hiddify import flash
+from hiddifypanel import hutils
 
 
 class Dashboard(FlaskView):
@@ -33,7 +33,7 @@ class Dashboard(FlaskView):
         if hconfig(ConfigEnum.first_setup):
             return redirect(url_for("admin.QuickSetup:index"))
         if hiddifypanel.__release_date__ + datetime.timedelta(days=20) < datetime.datetime.now():
-            flash(_('This version of hiddify panel is outdated. Please update it from admin area.'), "danger")
+            hutils.flask.flash(_('This version of hiddify panel is outdated. Please update it from admin area.'), "danger")  # type: ignore
         bot = None
         # if hconfig(ConfigEnum.license):
         childs = None
@@ -65,21 +65,23 @@ class Dashboard(FlaskView):
 
         if def_user and sslip_domains:
             quick_setup = url_for("admin.QuickSetup:index")
-            flash((_('It seems that you have not setup the system completely. <a class="btn btn-success" href="%(quick_setup)s">Click here</a> to complete setup.', quick_setup=quick_setup)), 'warning')
+            hutils.flask.flash((_('It seems that you have not setup the system completely. <a class="btn btn-success" href="%(quick_setup)s">Click here</a> to complete setup.',
+                                  quick_setup=quick_setup)), 'warning')  # type: ignore
             if hconfig(ConfigEnum.is_parent):
-                flash(_("Please understand that parent panel is under test and the plan and the condition of use maybe change at anytime."), "danger")
+                hutils.flask.flash(_("Please understand that parent panel is under test and the plan and the condition of use maybe change at anytime."), "danger")  # type: ignore
         elif len(sslip_domains):
-            flash((_('It seems that you are using default domain (%(domain)s) which is not recommended.', domain=sslip_domains[0])), 'warning')
+            hutils.flask.flash((_('It seems that you are using default domain (%(domain)s) which is not recommended.', domain=sslip_domains[0])), 'warning')  # type: ignore
             if hconfig(ConfigEnum.is_parent):
-                flash(_("Please understand that parent panel is under test and the plan and the condition of use maybe change at anytime."), "danger")
+                hutils.flask.flash(_("Please understand that parent panel is under test and the plan and the condition of use maybe change at anytime."), "danger")  # type: ignore
         elif def_user:
             d = domains[0]
-            flash((_('It seems that you have not created any users yet. Default user link: %(default_link)s', default_link=hiddify.get_html_user_link(def_user, d))), 'secondary')
+            hutils.flask.flash((_('It seems that you have not created any users yet. Default user link: %(default_link)s',
+                               default_link=hiddify.get_html_user_link(def_user, d))), 'secondary')  # type: ignore
         if hiddify.is_ssh_password_authentication_enabled():
-            flash(_('ssh.password-login.warning.'), "warning")
+            hutils.flask.flash(_('ssh.password-login.warning.'), "warning")  # type: ignore
 
     # except:
-    #     flash((_('Error!!!')),'info')
+    #     hutils.flask.flash((_('Error!!!')),'info')
 
         stats = {'system': hiddify.system_stats(), 'top5': hiddify.top_processes()}
         return render_template('index.html', stats=stats, usage_history=DailyUsage.get_daily_usage_stats(admin_id, child_id), childs=childs)
@@ -91,5 +93,5 @@ class Dashboard(FlaskView):
         child = Child.query.filter(Child.id == child_id).first()
         db.session.delete(child)
         db.session.commit()
-        flash(_("child has been removed!"), "success")
+        hutils.flask.flash(_("child has been removed!"), "success")  # type: ignore
         return self.index()

hiddifypanel/panel/admin/DomainAdmin.py

@@ -4,7 +4,6 @@ import hiddifypanel.panel.auth as auth
 from hiddifypanel.models import *
 import re
 from flask import Markup, g
-from flask import flash
 from flask_babelex import gettext as __
 from flask_babelex import lazy_gettext as _
 from hiddifypanel.panel.run_commander import Command, commander
@@ -91,7 +90,7 @@ class DomainAdmin(AdminLTEModelView):
             return Markup(f"<span class='badge'>{model.domain}</span>")
         d = model.domain
         if "*" in d:
-            d = d.replace("*", hiddify.get_random_string(5, 15))
+            d = d.replace("*", hutils.random.get_random_string(5, 15))
         admin_link = hiddify.get_account_panel_link(g.account, d)
         return Markup(
             f'<div class="btn-group"><a href="{admin_link}" class="btn btn-xs btn-secondary">' + _("admin link") +
@@ -170,7 +169,7 @@ class DomainAdmin(AdminLTEModelView):
                 raise ValidationError(__("Can not connect to Cloudflare.")+f' {e}')
         # elif model.mode==DomainType.auto_cdn_ip:
         if model.alias and not model.alias.replace("_", "").isalnum():
-            flash(__("Using alias with special charachters may cause problem in some clients like FairVPN."), 'warning')
+            hutils.flask.flash(__("Using alias with special charachters may cause problem in some clients like FairVPN."), 'warning')
         #     raise ValidationError(_("You have to add your cloudflare api key to use this feature: "))
 
         dip = hutils.ip.get_domain_ip(model.domain)
@@ -187,11 +186,13 @@ class DomainAdmin(AdminLTEModelView):
                 domain_ip_is_same_as_panel |= ipaddress.ip_address(dip) == ipaddress.ip_address(ipv6)
 
             if model.mode == DomainType.direct and not domain_ip_is_same_as_panel:
-                flash(__(message=f"Domain IP={dip} is not matched with your ip={', '.join(list(map(str, ipv4_list)))} which is required in direct mode"), category='warning')
+                hutils.flask.flash(
+                    __(message=f"Domain IP={dip} is not matched with your ip={', '.join(list(map(str, ipv4_list)))} which is required in direct mode"),
+                    category='warning')
                 # raise ValidationError(_("Domain IP=%(domain_ip)s is not matched with your ip=%(server_ip)s which is required in direct mode", server_ip=myip, domain_ip=dip))
 
             if domain_ip_is_same_as_panel and model.mode in [DomainType.cdn, DomainType.relay, DomainType.fake, DomainType.auto_cdn_ip]:
-                flash(__(f"In CDN mode, Domain IP={dip} should be different to your ip={', '.join(list(map(str, ipv4_list)))}"), 'warning')
+                hutils.flask.flash(__(f"In CDN mode, Domain IP={dip} should be different to your ip={', '.join(list(map(str, ipv4_list)))}"), 'warning')
                 # raise ValidationError(_("In CDN mode, Domain IP=%(domain_ip)s should be different to your ip=%(server_ip)s", server_ip=myip, domain_ip=dip))
 
             # if model.mode in [DomainType.ss_faketls, DomainType.telegram_faketls]:
@@ -220,7 +221,7 @@ class DomainAdmin(AdminLTEModelView):
         if model.mode == DomainType.reality:
             model.servernames = (model.domain).lower()
             if not hiddify.is_domain_reality_friendly(model.domain):
-                # flash(_("Domain is not REALITY friendly!")+" "+d,'error')
+                # hutils.flask.flash(_("Domain is not REALITY friendly!")+" "+d,'error')
                 # return render_template('config.html', form=form)
                 raise ValidationError(_("Domain is not REALITY friendly!")+" "+model.domain)
 
@@ -235,7 +236,7 @@ class DomainAdmin(AdminLTEModelView):
                         continue
 
                     if not hiddify.is_domain_reality_friendly(d):
-                        # flash(_("Domain is not REALITY friendly!")+" "+d,'error')
+                        # hutils.flask.flash(_("Domain is not REALITY friendly!")+" "+d,'error')
                         # return render_template('config.html', form=form)
                         raise ValidationError(_("Domain is not REALITY friendly!")+" "+d)
 
@@ -255,7 +256,7 @@ class DomainAdmin(AdminLTEModelView):
         old_db_domain = get_domain(model.domain)
         if is_created or not old_db_domain or old_db_domain.mode != model.mode:
             # return hiddify.reinstall_action(complete_install=False, domain_changed=True)
-            hiddify.flash_config_success(restart_mode='apply', domain_changed=True)
+            hutils.flask.flash_config_success(restart_mode='apply', domain_changed=True)
 
     # def after_model_change(self,form, model, is_created):
     #     if model.show_domains.count==0:
@@ -267,7 +268,7 @@ class DomainAdmin(AdminLTEModelView):
         # ShowDomain.query.filter_by(related_id == model.id).delete()
         model.showed_by_domains = []
         # db.session.commit()
-        hiddify.flash_config_success(restart_mode='apply', domain_changed=True)
+        hutils.flask.flash_config_success(restart_mode='apply', domain_changed=True)
 
     def after_model_delete(self, model):
         # if hconfig(ConfigEnum.parent_panel):

hiddifypanel/panel/admin/ProxyAdmin.py

@@ -1,4 +1,5 @@
 from flask_babelex import gettext as _
+from hiddifypanel import hutils
 from hiddifypanel.models.role import Role
 import wtforms as wtf
 from flask_wtf import FlaskForm
@@ -7,13 +8,10 @@ from flask import render_template
 
 
 from hiddifypanel.models import ConfigEnum, get_hconfigs, BoolConfig, ConfigEnum, hconfig, Proxy
-from hiddifypanel.panel.hiddify import flash
 from hiddifypanel.panel.database import db
 from wtforms.fields import *
 from hiddifypanel.panel import hiddify
 from flask_classful import FlaskView
-from hiddifypanel.panel.hiddify import flash
-from hiddifypanel.panel import hiddify
 from hiddifypanel.panel.auth import login_required
 
 
@@ -33,7 +31,7 @@ class ProxyAdmin(FlaskView):
                 if k in [c for c in ConfigEnum]:
                     BoolConfig.query.filter(BoolConfig.key == k).first().value = vs
                     if vs and k in [ConfigEnum.domain_fronting_http_enable, ConfigEnum.domain_fronting_tls_enable] and hconfig(ConfigEnum.domain_fronting_domain) == "":
-                        flash((_('config.domain-fronting-notsetup-error')), 'danger')
+                        hutils.flask.flash((_('config.domain-fronting-notsetup-error')), 'danger')
 
             # print(cat,vs)
             hiddify.get_available_proxies.invalidate_all()
@@ -58,12 +56,12 @@ class ProxyAdmin(FlaskView):
                 # print(cat,vs)
             db.session.commit()
             hiddify.get_available_proxies.invalidate_all()
-            hiddify.flash_config_success(restart_mode='apply', domain_changed=False)
+            hutils.flask.flash_config_success(restart_mode='apply', domain_changed=False)
             # if hconfig(ConfigEnum.parent_panel):
             #     hiddify_api.sync_child_to_parent()
             global_config_form = get_global_config_form(True)
         else:
-            flash((_('config.validation-error')), 'danger')
+            hutils.flask.flash((_('config.validation-error')), 'danger')
 
         return render_template('proxy.html', global_config_form=global_config_form, detailed_config_form=all_proxy_form)
 

hiddifypanel/panel/admin/QuickSetup.py

@@ -1,26 +1,24 @@
-from hiddifypanel.panel.auth import login_required
-from hiddifypanel import hutils
-from hiddifypanel.models import *
+import re
 import flask_babel
 import flask_babelex
 
 # from flask_babelex import lazy_gettext as _
+from flask import render_template, g
 from flask_babelex import gettext as _
 import wtforms as wtf
 from flask_wtf import FlaskForm
 from flask_bootstrap import SwitchField
 from hiddifypanel.panel import hiddify
-# from gettext import gettext as _
+from wtforms.fields import *
+from flask_classful import FlaskView
 from wtforms.validators import ValidationError
+# from gettext import gettext as _
 
-import re
-from flask import render_template, g
 from hiddifypanel.models import Domain, DomainType, StrConfig, ConfigEnum, get_hconfigs
 from hiddifypanel.panel.database import db
-from wtforms.fields import *
-
-from hiddifypanel.panel.hiddify import flash
-from flask_classful import FlaskView
+from hiddifypanel.panel.auth import login_required
+from hiddifypanel import hutils
+from hiddifypanel.models import *
 
 
 class QuickSetup(FlaskView):
@@ -51,9 +49,9 @@ class QuickSetup(FlaskView):
                 # with flask_babel.force_locale(lang_form.admin_lang.data):
                 #         flask_babel.refresh()
                 #         flask_babelex.refresh()
-                flash((_('quicksetup.setlang.success')), 'success')
+                hutils.flask.flash((_('quicksetup.setlang.success')), 'success')
             else:
-                flash((_('quicksetup.setlang.error')), 'danger')
+                hutils.flask.flash((_('quicksetup.setlang.error')), 'danger')
 
             return render_template(
                 'quick_setup.html', form=get_quick_setup_form(True),
@@ -80,7 +78,7 @@ class QuickSetup(FlaskView):
             action = Actions.Actions()
             return action.reinstall(domain_changed=True)
         else:
-            flash(_('config.validation-error'), 'danger')
+            hutils.flask.flash(_('config.validation-error'), 'danger')
         return render_template(
             'quick_setup.html', form=quick_form, lang_form=get_lang_form(True),
             ipv4=hutils.ip.get_ip(4),

hiddifypanel/panel/admin/SettingAdmin.py

@@ -1,9 +1,11 @@
+import re
 import flask_babel
 import flask_babelex
 from flask_babelex import lazy_gettext as _
 # from flask_babelex import gettext as _
 from flask import render_template, Markup, url_for, g
 from flask import current_app as app
+from hiddifypanel import hutils
 from hiddifypanel.panel.auth import login_required
 import wtforms as wtf
 from flask_bootstrap import SwitchField
@@ -13,12 +15,10 @@ from flask_classful import FlaskView
 from wtforms.fields import *
 from flask_wtf import FlaskForm
 
-import re
 
 from hiddifypanel.models import BoolConfig, StrConfig, ConfigEnum, hconfig, ConfigCategory
 from hiddifypanel.models import *
 from hiddifypanel.panel.database import db
-from hiddifypanel.panel.hiddify import flash
 from hiddifypanel.panel.hiddify import get_random_domains
 from hiddifypanel.panel import hiddify, custom_widgets
 
@@ -57,7 +57,7 @@ class SettingAdmin(FlaskView):
                                 for p in v.split(","):
                                     for k2, v2 in vs.items():
                                         if "port" in k2 and k != k2 and p in v2:
-                                            flash(_("Port is already used! in")+f" {k2} {k}", 'error')
+                                            hutils.flask.flash(_("Port is already used! in")+f" {k2} {k}", 'error')
                                             return render_template('config.html', form=form)
                             if k == ConfigEnum.parent_panel and v != '':
                                 # v=(v+"/").replace("/admin",'')
@@ -65,10 +65,10 @@ class SettingAdmin(FlaskView):
 
                                 # try:
                                 #     # if hiddify_api.sync_child_to_parent(v)['status'] != 200:
-                                #     #     flash(_("Can not connect to parent panel!"), 'error')
+                                #     #     hutils.flask.flash(_("Can not connect to parent panel!"), 'error')
                                 #     #     return render_template('config.html', form=form)
                                 # except:
-                                #     flash(_("Can not connect to parent panel!"), 'error')
+                                #     hutils.flask.flash(_("Can not connect to parent panel!"), 'error')
                                 #     return render_template('config.html', form=form)
                             StrConfig.query.filter(StrConfig.key == k, StrConfig.child_id == 0).first().value = v
                         if old_configs[k] != v:
@@ -78,20 +78,20 @@ class SettingAdmin(FlaskView):
 
             merged_configs = {**old_configs, **changed_configs}
             if len(set([merged_configs[ConfigEnum.proxy_path], merged_configs[ConfigEnum.proxy_path_client], merged_configs[ConfigEnum.proxy_path_admin]])) != 3:
-                flash(_("ProxyPath is already used! use different proxy path"), 'error')
+                hutils.flask.flash(_("ProxyPath is already used! use different proxy path"), 'error')#type: ignore
                 return render_template('config.html', form=form)
             # for k in [ConfigEnum.reality_server_names,ConfigEnum.reality_fallback_domain]:
             #     v=merged_configs[k]
             #     for d in v.split(","):
             #         if not d:continue
             #         if not hiddify.is_domain_reality_friendly(d):
-            #             flash(_("Domain is not REALITY friendly!")+" "+d,'error')
+            #             hutils.flask.flash(_("Domain is not REALITY friendly!")+" "+d,'error')
             #             return render_template('config.html', form=form)
             #         hiddify.debug_flash_if_not_in_the_same_asn(d)
             # fallback=merged_configs[ConfigEnum.reality_fallback_domain]
             # for d in merged_configs[ConfigEnum.reality_server_names].split(","):
             #     if not hiddify.fallback_domain_compatible_with_servernames(fallback, d):
-            #         flash(_("REALITY Fallback domain is not compaitble with server names!")+" "+d+" != "+fallback,'error')
+            #         hutils.flask.flash(_("REALITY Fallback domain is not compaitble with server names!")+" "+d+" != "+fallback,'error')
             #         return render_template('config.html', form=form)
             for k, v in changed_configs.items():
                 set_hconfig(k, v, 0, False)
@@ -110,7 +110,7 @@ class SettingAdmin(FlaskView):
             if old_configs[ConfigEnum.admin_lang] != hconfig(ConfigEnum.admin_lang):
                 form = get_config_form()
         else:
-            flash(_('config.validation-error'), 'danger')
+            hutils.flask.flash(_('config.validation-error'), 'danger')#type: ignore
 
         return reset_action or render_template('config.html', form=form)
 
@@ -211,6 +211,10 @@ def get_config_form():
                 libs = [("python", _("lib.telegram.python")), ("tgo", _("lib.telegram.go")), ("orig", _("lib.telegram.orignal")), ("erlang", _("lib.telegram.erlang"))]
                 field = wtf.fields.SelectField(_("config.telegram_lib.label"), choices=libs, description=_(
                     "config.telegram_lib.description"), default=hconfig(ConfigEnum.telegram_lib))
+            elif c.key == ConfigEnum.mux_protocol:
+                choices = [("smux", 'smux'), ("yamux", "yamux"), ("h2mux", "h2mux")]
+                field = wtf.fields.SelectField(_(f"config.{c.key}.label"), choices=choices, description=_(f"config.{c.key}.description"), default=hconfig(c.key))
+
             elif c.key == ConfigEnum.warp_sites:
                 validators = [wtf.validators.Length(max=2048)]
                 render_kw = {'class': "ltr", 'maxlength': 2048}
@@ -265,9 +269,15 @@ def get_config_form():
                         render_kw['required'] = ""
                     else:
                         validators.append(wtf.validators.Regexp("^(\d+)(,\d+)*$|^$", re.IGNORECASE, _("config.Invalid port")))
-
                     # validators.append(wtf.validators.Regexp("^(\d+)(,\d+)*$",re.IGNORECASE,_("config.port is required")))
 
+                # tls tricks validations
+                if c.key in [ConfigEnum.tls_fragment_size, ConfigEnum.tls_fragment_sleep, ConfigEnum.tls_padding_length]:
+                    validators.append(wtf.validators.Regexp("^\d+-\d+$", re.IGNORECASE, _("config.Invalid! The pattern is number-number")+f' {c.key}'))
+                # mux and hysteria validations
+                if c.key in [ConfigEnum.hysteria_up_mbps, ConfigEnum.hysteria_down_mbps, ConfigEnum.mux_max_connections, ConfigEnum.mux_min_streams, ConfigEnum.mux_max_streams,
+                             ConfigEnum.mux_brutal_down_mbps, ConfigEnum.mux_brutal_up_mbps]:
+                    validators.append(wtf.validators.Regexp("^\d+$", re.IGNORECASE, _("config.Invalid! it should be a number only")+f' {c.key}'))
                 for val in validators:
                     if hasattr(val, "regex"):
                         render_kw['pattern'] = val.regex.pattern

hiddifypanel/panel/admin/UserAdmin.py

@@ -1,9 +1,8 @@
-from hiddifypanel.models import *
-from flask_bootstrap import SwitchField
-from hiddifypanel.drivers import user_driver
-from hiddifypanel.panel.hiddify import flash
-from hiddifypanel.panel import hiddify, custom_widgets
+import re
+import datetime
+import uuid
 from apiflask import abort
+from flask_bootstrap import SwitchField
 from flask_babelex import gettext as __
 from .adminlte import AdminLTEModelView
 from wtforms.validators import NumberRange
@@ -11,10 +10,12 @@ from flask_babelex import lazy_gettext as _
 from flask import Markup, g, request, url_for
 from wtforms.validators import Regexp, ValidationError
 from flask import current_app
-import datetime
-import uuid
-import re
+
+from hiddifypanel.models import *
+from hiddifypanel.drivers import user_driver
+from hiddifypanel.panel import hiddify, custom_widgets
 from hiddifypanel.panel.auth import login_required
+from hiddifypanel import hutils
 import hiddifypanel.panel.auth as auth
 
 
@@ -204,7 +205,7 @@ class UserAdmin(AdminLTEModelView):
         if len(User.query.all()) <= 1:
             raise ValidationError(f"at least one user should exist")
         user_driver.remove_client(model)
-        # hiddify.flash_config_success()
+        # hutils.flask.flash_config_success()
 
     def is_accessible(self):
         if login_required(roles={Role.super_admin, Role.admin, Role.agent})(lambda: True)() != True:
@@ -246,12 +247,13 @@ class UserAdmin(AdminLTEModelView):
     def on_model_change(self, form, model, is_created):
         model.max_ips = max(3, model.max_ips or 10000)
         if len(User.query.all()) % 4 == 0:
-            flash(('<div id="show-modal-donation"></div>'), ' d-none')
+            hutils.flask.flash(('<div id="show-modal-donation"></div>'), ' d-none')
         if not re.match("^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$", model.uuid):
             raise ValidationError('Invalid UUID e.g.,' + str(uuid.uuid4()))
-
         if form.reset_usage.data:
             model.current_usage_GB = 0
+        # if model.telegram_id and model.telegram_id != '0' and not re.match(r"^[1-9]\d*$", model.telegram_id):
+        #     raise ValidationError('Invalid Telegram ID')
         # if form.disable_user.data:
         #     model.mode=UserMode.disable
         if form.reset_days.data:
@@ -275,7 +277,7 @@ class UserAdmin(AdminLTEModelView):
         #     xray_api.add_client(model.uuid)
         # else:
         #     xray_api.remove_client(model.uuid)
-        # hiddify.flash_config_success()
+        # hutils.flask.flash_config_success()
 
     def after_model_change(self, form, model, is_created):
         if hconfig(ConfigEnum.first_setup):

hiddifypanel/panel/auth.py

@@ -10,13 +10,46 @@ import hiddifypanel.panel.hiddify as hiddify
 from hiddifypanel import hutils
 
 from werkzeug.local import LocalProxy
+
 current_account = LocalProxy(lambda: _get_user())
 
 
+class AnonymousAccount(BaseAccount):
+    __abstract__ = True
+
+    @property
+    def uuid(self):
+        return None
+
+    @property
+    def lang(self) -> Lang:
+        return None
+
+    @property
+    def role(self) -> Role | None:
+        return None
+
+    def get_id(self) -> str | None:
+        return "-1"
+
+    def __bool__(self):
+        return False
+
+    def __eq__(self, other):
+        if other == None:
+            return True
+        if isinstance(other, AnonymousAccount):
+            return True
+        return False
+
+    def __ne__(self, other):
+        return not self.__eq__(other)
+
+
 def _get_user():
-    if not hasattr(g, "account"):
-        g.account = None
-    return g.account
+    if not hasattr(g, "__account_store"):
+        g.__account_store = AnonymousAccount()
+    return g.__account_store
 
 
 def admin_session_is_exist():
@@ -24,7 +57,7 @@ def admin_session_is_exist():
 
 
 def logout_user():
-    g.account = None
+    g.__account_store = None
     if '_user_id' in session:
         session.pop('_user_id')
     if '_admin_id' in session:
@@ -33,7 +66,7 @@ def logout_user():
 
 def login_user(user: AdminUser | User, remember=False, duration=None, force=False, fresh=True):
     # abort(400, f'logining user: {user} {user.is_active}')
-    g.account = user
+    g.__account_store = user
     # if not user.is_active:
     #     return False
 
@@ -122,7 +155,7 @@ def init_app(app):
 
         elif auth_header := request.headers.get("Hiddify_API_KEY"):
             # print("auth_header", auth_header)
-            apikey = hutils.utils.get_apikey_from_auth_header(auth_header)
+            apikey = hutils.auth.get_apikey_from_auth_header(auth_header)
             account = get_account_by_api_key(apikey, is_admin_path)
             if not account:
                 return logout_redirect()
@@ -139,23 +172,23 @@ def init_app(app):
                 return logout_redirect()
 
         elif (session_user := session.get('_user_id')) and not is_admin_path:
-            print('session_user', session_user)
+            # print('session_user', session_user)
             account = User.by_id(int(session_user.split("_")[1]))  # type: ignore
             if not account:
                 return logout_redirect()
         elif (session_admin := session.get('_admin_id')) and is_admin_path:
-            print('session_admin', session_admin)
+            # print('session_admin', session_admin)
             account = AdminUser.by_id(int(session_admin.split("_")[1]))  # type: ignore
             if not account:
                 return logout_redirect()
 
         if account:
-            g.account = account
+            g.__account_store = account
             # g.account_uuid = account.uuid
             g.is_admin = hiddify.is_admin_role(account.role)  # type: ignore
             login_user(account, force=True)
             # print("loggining in")
-            if next_url is not None and g.user_agent['is_browser']:
+            if next_url is not None and g.user_agent['is_browser'] and ".webmanifest" not in request.path:
                 return redirect(next_url)
 
     @app.url_value_preprocessor

hiddifypanel/panel/auth_back2.py

@@ -77,7 +77,7 @@ class CustumLoginManager(LoginManager):
         is_api_call = False
 
         if hiddify.is_api_call(request.path):
-            if apikey := hutils.utils.get_apikey_from_auth_header(auth_header):
+            if apikey := hutils.auth.get_apikey_from_auth_header(auth_header):
                 account = User.by_uuid(apikey) or AdminUser.by_uuid(apikey)
                 is_api_call = True
         else:
@@ -149,7 +149,7 @@ def get_account_by_api_key(api_key, is_admin):
 
 
 def get_account_by_uuid(uuid, is_admin):
-    return AdminUser.by_uuid(api_key) if is_admin else User.by_uuid(api_key)
+    return AdminUser.by_uuid(uuid) if is_admin else User.by_uuid(uuid)
 
 
 def init_app(app):
@@ -165,12 +165,12 @@ def init_app(app):
         next_url = None
         print("--------1")
         if auth_header := request.headers.get("Authorization"):
-            apikey = hutils.utils.get_apikey_from_auth_header(auth_header)
+            apikey = hutils.auth.get_apikey_from_auth_header(auth_header)
             account = get_account_by_api_key(apikey, is_admin_path)
             if not account:
                 logout_user()
 
-        if not account and (uuid := hutils.utils.get_uuid_from_url_path(request.path)):
+        if not account and (uuid := hutils.auth.get_uuid_from_url_path(request.path)):
             account = get_account_by_uuid(uuid, is_admin_path)
             if not account:
                 logout_user()
@@ -208,7 +208,7 @@ def init_app(app):
         #         return header_auth(request)
 
         # parse id
-        acc_type, id = hutils.utils.parse_login_id(id)  # type: ignore
+        acc_type, id = hutils.auth.parse_login_id(id)  # type: ignore
         if not acc_type or not id:
             return
 

hiddifypanel/panel/cli.py

@@ -105,6 +105,7 @@ def admin_links():
 
 def admin_path():
     admin = AdminUser.get_super_admin()
+    # WTF is the owner and server_id?
     print(hiddify.get_account_panel_link(owner, server_ip, prefere_path_only=True))
 
 

hiddifypanel/panel/commercial/ParentDomainAdmin.py

@@ -64,7 +64,7 @@ class ParentDomainAdmin(AdminLTEModelView):
     form_columns = ['domain', "alias", 'show_domains']
 
     def _domain_admin_link(view, context, model, name):
-        admin_link = hiddify.get_account_panel_link(g.account,model.domain)
+        admin_link = hiddify.get_account_panel_link(g.account, model.domain)
         return Markup(f'<div class="btn-group"><a href="{admin_link}" class="btn btn-xs btn-secondary">' + _("admin link") +
                       f'</a><a href="{admin_link}" class="btn btn-xs btn-info ltr" target="_blank">{model.domain}</a></div>')
 
@@ -116,12 +116,12 @@ class ParentDomainAdmin(AdminLTEModelView):
         if len(model.show_domains) == Domain.query.count():
             model.show_domains = []
 
-        hiddify.flash_config_success(restart_mode='apply', domain_changed=True)
+        hutils.flask.flash_config_success(restart_mode='apply', domain_changed=True)
 
     def on_model_delete(self, model):
         if len(ParentDomain.query.all()) <= 1:
             raise ValidationError(f"at least one domain should exist")
-        hiddify.flash_config_success(restart_mode='apply', domain_changed=True)
+        hutils.flask.flash_config_success(restart_mode='apply', domain_changed=True)
 
     def is_accessible(self):
         if login_required(roles={Role.super_admin, Role.admin})(lambda: True)() != True: