From 4d4e68b66f7ab29c91d3b112b8c7772b63d6393c Mon Sep 17 00:00:00 2001 From: Whispering Wind <151555003+ReturnFI@users.noreply.github.com> Date: Fri, 22 Aug 2025 23:10:36 +0330 Subject: [PATCH] perf(auth): Make aiohttp auth server read-only Refactored the aiohttp authentication server to be a purely read-only service. Removed all file write operations from the authentication logic to eliminate disk I/O and reduce CPU overhead during connection attempts. The responsibility for persistently blocking users by writing to `users.json` is now fully delegated to the external scheduler service, allowing the auth server to function as a faster, more efficient gatekeeper. --- core/scripts/hysteria2/auth_server.py | 25 ++++++++----------------- 1 file changed, 8 insertions(+), 17 deletions(-) diff --git a/core/scripts/hysteria2/auth_server.py b/core/scripts/hysteria2/auth_server.py index a16d650..efe54b9 100644 --- a/core/scripts/hysteria2/auth_server.py +++ b/core/scripts/hysteria2/auth_server.py @@ -14,18 +14,16 @@ async def load_users(app): global users_data async with users_lock: if os.path.exists(USERS_FILE): - async with aiofiles.open(USERS_FILE, 'r') as f: - content = await f.read() - users_data = json.loads(content) + try: + async with aiofiles.open(USERS_FILE, 'r') as f: + content = await f.read() + users_data = json.loads(content) + except (IOError, json.JSONDecodeError): + users_data = {} else: users_data = {} app['users_data'] = users_data -async def save_users(): - async with users_lock: - async with aiofiles.open(USERS_FILE, 'w') as f: - await f.write(json.dumps(users_data, indent=4)) - async def authenticate(request): global users_data try: @@ -50,7 +48,6 @@ async def authenticate(request): if user.get("password") != password: return web.json_response({"ok": False, "msg": "Invalid password"}, status=401) - should_save = False expiration_days = user.get("expiration_days", 0) if expiration_days > 0: creation_date_str = user.get("account_creation_date") @@ -58,20 +55,14 @@ async def authenticate(request): creation_date = datetime.strptime(creation_date_str, "%Y-%m-%d") expiration_date = creation_date + timedelta(days=expiration_days) if datetime.now() >= expiration_date: - user["blocked"] = True - should_save = True + return web.json_response({"ok": False, "msg": "Account expired"}, status=401) max_bytes = user.get("max_download_bytes", 0) if max_bytes > 0: current_up = user.get("upload_bytes", 0) current_down = user.get("download_bytes", 0) if (current_up + current_down) >= max_bytes: - user["blocked"] = True - should_save = True - - if should_save: - await save_users() - return web.json_response({"ok": False, "msg": "User blocked due to limits"}, status=401) + return web.json_response({"ok": False, "msg": "Data limit exceeded"}, status=401) return web.json_response({"ok": True, "id": username})