forked from MarseyWorld/MarseyWorld
dffdfd
Aevann1
parent
bfb00967f0
commit
ee6419eb4e
|
|
@ -51,7 +51,7 @@ def send_verification_email(user, email=None):
|
|||
)
|
||||
|
||||
|
||||
@app.route("/api/verify_email", methods=["POST"])
|
||||
@app.post("/api/verify_email")
|
||||
@is_not_banned
|
||||
def api_verify_email(v):
|
||||
|
||||
|
|
@ -60,7 +60,7 @@ def api_verify_email(v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/activate", methods=["GET"])
|
||||
@app.get("/activate")
|
||||
@auth_desired
|
||||
def activate(v):
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ import matplotlib.pyplot as plt
|
|||
from .front import frontlist
|
||||
from drama.__main__ import app, cache
|
||||
|
||||
@app.route("/admin/shadowbanned", methods=["GET"])
|
||||
@app.get("/admin/shadowbanned")
|
||||
@auth_required
|
||||
def shadowbanned(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -29,7 +29,7 @@ def shadowbanned(v):
|
|||
return render_template("banned.html", v=v, users=users)
|
||||
|
||||
|
||||
@app.route("/admin/agendaposters", methods=["GET"])
|
||||
@app.get("/admin/agendaposters")
|
||||
@auth_required
|
||||
def agendaposters(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -38,7 +38,7 @@ def agendaposters(v):
|
|||
return render_template("banned.html", v=v, users=users)
|
||||
|
||||
|
||||
@app.route("/admin/flagged/posts", methods=["GET"])
|
||||
@app.get("/admin/flagged/posts")
|
||||
@admin_level_required(3)
|
||||
def flagged_posts(v):
|
||||
|
||||
|
|
@ -61,7 +61,7 @@ def flagged_posts(v):
|
|||
next_exists=next_exists, listing=listing, page=page, v=v)
|
||||
|
||||
|
||||
@app.route("/admin/image_posts", methods=["GET"])
|
||||
@app.get("/admin/image_posts")
|
||||
@admin_level_required(3)
|
||||
@api("read")
|
||||
def image_posts_listing(v):
|
||||
|
|
@ -89,7 +89,7 @@ def image_posts_listing(v):
|
|||
}
|
||||
|
||||
|
||||
@app.route("/admin/flagged/comments", methods=["GET"])
|
||||
@app.get("/admin/flagged/comments")
|
||||
@admin_level_required(3)
|
||||
def flagged_comments(v):
|
||||
|
||||
|
|
@ -115,7 +115,7 @@ def flagged_comments(v):
|
|||
v=v,
|
||||
standalone=True)
|
||||
|
||||
@app.route("/admin", methods=["GET"])
|
||||
@app.get("/admin")
|
||||
@admin_level_required(3)
|
||||
def admin_home(v):
|
||||
with open('./disablesignups', 'r') as f:
|
||||
|
|
@ -123,7 +123,7 @@ def admin_home(v):
|
|||
return render_template("admin/admin_home.html", v=v, x=x)
|
||||
|
||||
|
||||
@app.route("/admin/disablesignups", methods=["POST"])
|
||||
@app.post("/admin/disablesignups")
|
||||
@admin_level_required(6)
|
||||
@validate_formkey
|
||||
def disablesignups(v):
|
||||
|
|
@ -134,7 +134,7 @@ def disablesignups(v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/admin/badge_grant", methods=["GET"])
|
||||
@app.get("/admin/badge_grant")
|
||||
@admin_level_required(4)
|
||||
def badge_grant_get(v):
|
||||
|
||||
|
|
@ -155,7 +155,7 @@ def badge_grant_get(v):
|
|||
)
|
||||
|
||||
|
||||
@app.route("/admin/badge_grant", methods=["POST"])
|
||||
@app.post("/admin/badge_grant")
|
||||
@admin_level_required(4)
|
||||
@validate_formkey
|
||||
def badge_grant_post(v):
|
||||
|
|
@ -207,7 +207,7 @@ def badge_grant_post(v):
|
|||
return redirect(user.url)
|
||||
|
||||
|
||||
@app.route("/admin/users", methods=["GET"])
|
||||
@app.get("/admin/users")
|
||||
@admin_level_required(2)
|
||||
def users_list(v):
|
||||
|
||||
|
|
@ -230,7 +230,7 @@ def users_list(v):
|
|||
)
|
||||
|
||||
|
||||
@app.route("/admin/content_stats", methods=["GET"])
|
||||
@app.get("/admin/content_stats")
|
||||
@admin_level_required(2)
|
||||
def participation_stats(v):
|
||||
|
||||
|
|
@ -265,7 +265,7 @@ def participation_stats(v):
|
|||
|
||||
return render_template("admin/content_stats.html", v=v, title="Content Statistics", data=data)
|
||||
|
||||
@app.route("/admin/alt_votes", methods=["GET"])
|
||||
@app.get("/admin/alt_votes")
|
||||
@admin_level_required(4)
|
||||
def alt_votes_get(v):
|
||||
|
||||
|
|
@ -374,7 +374,7 @@ def alt_votes_get(v):
|
|||
)
|
||||
|
||||
|
||||
@app.route("/admin/link_accounts", methods=["POST"])
|
||||
@app.post("/admin/link_accounts")
|
||||
@admin_level_required(4)
|
||||
@validate_formkey
|
||||
def admin_link_accounts(v):
|
||||
|
|
@ -394,7 +394,7 @@ def admin_link_accounts(v):
|
|||
return redirect(f"/admin/alt_votes?u1={g.db.query(User).get(u1).username}&u2={g.db.query(User).get(u2).username}")
|
||||
|
||||
|
||||
@app.route("/admin/removed", methods=["GET"])
|
||||
@app.get("/admin/removed")
|
||||
@admin_level_required(3)
|
||||
def admin_removed(v):
|
||||
|
||||
|
|
@ -419,7 +419,7 @@ def admin_removed(v):
|
|||
)
|
||||
|
||||
|
||||
@app.route("/admin/appdata", methods=["GET"])
|
||||
@app.get("/admin/appdata")
|
||||
@admin_level_required(4)
|
||||
def admin_appdata(v):
|
||||
|
||||
|
|
@ -441,7 +441,7 @@ def admin_appdata(v):
|
|||
v=v)
|
||||
|
||||
|
||||
@app.route("/admin/domain/<domain_name>", methods=["GET"])
|
||||
@app.get("/admin/domain/<domain_name>")
|
||||
@admin_level_required(4)
|
||||
def admin_domain_domain(domain_name, v):
|
||||
|
||||
|
|
@ -460,7 +460,7 @@ def admin_domain_domain(domain_name, v):
|
|||
)
|
||||
|
||||
|
||||
@app.route("/admin/image_purge", methods=["POST"])
|
||||
@app.post("/admin/image_purge")
|
||||
@admin_level_required(5)
|
||||
def admin_image_purge(v):
|
||||
|
||||
|
|
@ -469,7 +469,7 @@ def admin_image_purge(v):
|
|||
return redirect("/admin/image_purge")
|
||||
|
||||
|
||||
@app.route("/admin/image_ban", methods=["POST"])
|
||||
@app.post("/admin/image_ban")
|
||||
@admin_level_required(4)
|
||||
@validate_formkey
|
||||
def admin_image_ban(v):
|
||||
|
|
@ -507,7 +507,7 @@ def admin_image_ban(v):
|
|||
return render_template("admin/image_ban.html", v=v, success=True)
|
||||
|
||||
|
||||
@app.route("/agendaposter/<user_id>", methods=["POST"])
|
||||
@app.post("/agendaposter/<user_id>")
|
||||
@admin_level_required(6)
|
||||
@validate_formkey
|
||||
def agendaposter(user_id, v):
|
||||
|
|
@ -549,7 +549,7 @@ def agendaposter(user_id, v):
|
|||
else:
|
||||
return redirect(user.url)
|
||||
|
||||
@app.route("/shadowban/<user_id>", methods=["POST"])
|
||||
@app.post("/shadowban/<user_id>")
|
||||
@admin_level_required(6)
|
||||
@validate_formkey
|
||||
def shadowban(user_id, v):
|
||||
|
|
@ -571,7 +571,7 @@ def shadowban(user_id, v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/unshadowban/<user_id>", methods=["POST"])
|
||||
@app.post("/unshadowban/<user_id>")
|
||||
@admin_level_required(6)
|
||||
@validate_formkey
|
||||
def unshadowban(user_id, v):
|
||||
|
|
@ -593,7 +593,7 @@ def unshadowban(user_id, v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/admin/title_change/<user_id>", methods=["POST"])
|
||||
@app.post("/admin/title_change/<user_id>")
|
||||
@admin_level_required(6)
|
||||
@validate_formkey
|
||||
def admin_title_change(user_id, v):
|
||||
|
|
@ -626,7 +626,7 @@ def admin_title_change(user_id, v):
|
|||
|
||||
return (redirect(user.url), user)
|
||||
|
||||
@app.route("/api/ban_user/<user_id>", methods=["POST"])
|
||||
@app.post("/api/ban_user/<user_id>")
|
||||
@admin_level_required(6)
|
||||
@validate_formkey
|
||||
def ban_user(user_id, v):
|
||||
|
|
@ -683,7 +683,7 @@ def ban_user(user_id, v):
|
|||
return jsonify({"message": f"@{user.username} was banned"})
|
||||
|
||||
|
||||
@app.route("/api/unban_user/<user_id>", methods=["POST"])
|
||||
@app.post("/api/unban_user/<user_id>")
|
||||
@admin_level_required(6)
|
||||
@validate_formkey
|
||||
def unban_user(user_id, v):
|
||||
|
|
@ -713,7 +713,7 @@ def unban_user(user_id, v):
|
|||
if request.args.get("notoast"): return (redirect(user.url), user)
|
||||
return jsonify({"message": f"@{user.username} was unbanned"})
|
||||
|
||||
@app.route("/api/ban_post/<post_id>", methods=["POST"])
|
||||
@app.post("/api/ban_post/<post_id>")
|
||||
@admin_level_required(3)
|
||||
@validate_formkey
|
||||
def ban_post(post_id, v):
|
||||
|
|
@ -749,7 +749,7 @@ def ban_post(post_id, v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/api/unban_post/<post_id>", methods=["POST"])
|
||||
@app.post("/api/unban_post/<post_id>")
|
||||
@admin_level_required(3)
|
||||
@validate_formkey
|
||||
def unban_post(post_id, v):
|
||||
|
|
@ -777,7 +777,7 @@ def unban_post(post_id, v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/api/distinguish/<post_id>", methods=["POST"])
|
||||
@app.post("/api/distinguish/<post_id>")
|
||||
@admin_level_required(1)
|
||||
@validate_formkey
|
||||
def api_distinguish_post(post_id, v):
|
||||
|
|
@ -800,7 +800,7 @@ def api_distinguish_post(post_id, v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/api/sticky/<post_id>", methods=["POST"])
|
||||
@app.post("/api/sticky/<post_id>")
|
||||
@admin_level_required(3)
|
||||
def api_sticky_post(post_id, v):
|
||||
|
||||
|
|
@ -813,7 +813,7 @@ def api_sticky_post(post_id, v):
|
|||
|
||||
return "", 204
|
||||
|
||||
@app.route("/api/pin/<post_id>", methods=["POST"])
|
||||
@app.post("/api/pin/<post_id>")
|
||||
@auth_required
|
||||
def api_pin_post(post_id, v):
|
||||
|
||||
|
|
@ -824,7 +824,7 @@ def api_pin_post(post_id, v):
|
|||
|
||||
return "", 204
|
||||
|
||||
@app.route("/api/ban_comment/<c_id>", methods=["post"])
|
||||
@app.post("/api/ban_comment/<c_id>")
|
||||
@admin_level_required(1)
|
||||
def api_ban_comment(c_id, v):
|
||||
|
||||
|
|
@ -845,7 +845,7 @@ def api_ban_comment(c_id, v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/api/unban_comment/<c_id>", methods=["post"])
|
||||
@app.post("/api/unban_comment/<c_id>")
|
||||
@admin_level_required(1)
|
||||
def api_unban_comment(c_id, v):
|
||||
|
||||
|
|
@ -869,8 +869,8 @@ def api_unban_comment(c_id, v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/api/distinguish_comment/<c_id>", methods=["post"])
|
||||
@app.route("/api/v1/distinguish_comment/<c_id>", methods=["post"])
|
||||
@app.post("/api/distinguish_comment/<c_id>")
|
||||
@app.post("/api/v1/distinguish_comment/<c_id>")
|
||||
@auth_required
|
||||
@api("read")
|
||||
def admin_distinguish_comment(c_id, v):
|
||||
|
|
@ -898,14 +898,14 @@ def admin_distinguish_comment(c_id, v):
|
|||
return jsonify({"html":html, "api":html})
|
||||
|
||||
|
||||
@app.route("/admin/dump_cache", methods=["GET"])
|
||||
@app.get("/admin/dump_cache")
|
||||
@admin_level_required(6)
|
||||
def admin_dump_cache(v):
|
||||
cache.clear()
|
||||
return jsonify({"message": "Internal cache cleared."})
|
||||
|
||||
|
||||
@app.route("/admin/ban_domain", methods=["POST"])
|
||||
@app.post("/admin/ban_domain")
|
||||
@admin_level_required(4)
|
||||
@validate_formkey
|
||||
def admin_ban_domain(v):
|
||||
|
|
@ -940,7 +940,7 @@ def admin_ban_domain(v):
|
|||
return redirect(d.permalink)
|
||||
|
||||
|
||||
@app.route("/admin/nuke_user", methods=["POST"])
|
||||
@app.post("/admin/nuke_user")
|
||||
@admin_level_required(4)
|
||||
@validate_formkey
|
||||
def admin_nuke_user(v):
|
||||
|
|
@ -970,7 +970,7 @@ def admin_nuke_user(v):
|
|||
|
||||
return redirect(user.url)
|
||||
|
||||
@app.route("/admin/unnuke_user", methods=["POST"])
|
||||
@app.post("/admin/unnuke_user")
|
||||
@admin_level_required(4)
|
||||
@validate_formkey
|
||||
def admin_nunuke_user(v):
|
||||
|
|
|
|||
|
|
@ -50,16 +50,16 @@ def banawardcomment(comment_id, v):
|
|||
return jsonify({"message": "User banned successfully!"}), 204
|
||||
|
||||
|
||||
@app.route("/api/v1/post/<pid>/comment/<cid>", methods=["GET"])
|
||||
@app.get("/api/v1/post/<pid>/comment/<cid>")
|
||||
def comment_cid_api_redirect(cid=None, pid=None):
|
||||
redirect(f'/api/v1/comment/<cid>')
|
||||
|
||||
@app.route("/comment/<cid>", methods=["GET"])
|
||||
@app.route("/comment/<cid>", methods=["GET"])
|
||||
@app.route("/post_short/<pid>/<cid>", methods=["GET"])
|
||||
@app.route("/post_short/<pid>/<cid>/", methods=["GET"])
|
||||
@app.route("/api/v1/comment/<cid>", methods=["GET"])
|
||||
@app.route("/post/<pid>/<anything>/<cid>", methods=["GET"])
|
||||
@app.get("/comment/<cid>")
|
||||
@app.get("/comment/<cid>")
|
||||
@app.get("/post_short/<pid>/<cid>")
|
||||
@app.get("/post_short/<pid>/<cid>/")
|
||||
@app.get("/api/v1/comment/<cid>")
|
||||
@app.get("/post/<pid>/<anything>/<cid>")
|
||||
@app.route("/api/vue/comment/<cid>")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
|
|
@ -229,8 +229,8 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None):
|
|||
'api': lambda: top_comment.json
|
||||
}
|
||||
|
||||
@app.route("/api/comment", methods=["POST"])
|
||||
@app.route("/api/v1/comment", methods=["POST"])
|
||||
@app.post("/api/comment")
|
||||
@app.post("/api/v1/comment")
|
||||
@limiter.limit("6/minute")
|
||||
@is_not_banned
|
||||
@validate_formkey
|
||||
|
|
@ -635,7 +635,7 @@ def api_comment(v):
|
|||
|
||||
|
||||
|
||||
@app.route("/edit_comment/<cid>", methods=["POST"])
|
||||
@app.post("/edit_comment/<cid>")
|
||||
@is_not_banned
|
||||
@validate_formkey
|
||||
@api("edit")
|
||||
|
|
@ -868,8 +868,8 @@ def delete_comment(cid, v):
|
|||
return {"html": lambda: ("", 204),
|
||||
"api": lambda: ("", 204)}
|
||||
|
||||
@app.route("/undelete/comment/<cid>", methods=["POST"])
|
||||
@app.route("/api/v1/undelete/comment/<cid>", methods=["POST"])
|
||||
@app.post("/undelete/comment/<cid>")
|
||||
@app.post("/api/v1/undelete/comment/<cid>")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
@api("delete")
|
||||
|
|
@ -892,10 +892,10 @@ def undelete_comment(cid, v):
|
|||
return {"html": lambda: ("", 204),
|
||||
"api": lambda: ("", 204)}
|
||||
|
||||
@app.route("/embed/comment/<cid>", methods=["GET"])
|
||||
@app.route("/embed/post/<pid>/comment/<cid>", methods=["GET"])
|
||||
@app.route("/api/v1/embed/comment/<cid>", methods=["GET"])
|
||||
@app.route("/api/v1/embed/post/<pid>/comment/<cid>", methods=["GET"])
|
||||
@app.get("/embed/comment/<cid>")
|
||||
@app.get("/embed/post/<pid>/comment/<cid>")
|
||||
@app.get("/api/v1/embed/comment/<cid>")
|
||||
@app.get("/api/v1/embed/post/<pid>/comment/<cid>")
|
||||
def embed_comment_cid(cid, pid=None):
|
||||
|
||||
comment = get_comment(int(cid))
|
||||
|
|
@ -910,7 +910,7 @@ def embed_comment_cid(cid, pid=None):
|
|||
|
||||
return render_template("embeds/comment.html", c=comment)
|
||||
|
||||
@app.route("/comment_pin/<cid>", methods=["POST"])
|
||||
@app.post("/comment_pin/<cid>")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def toggle_comment_pin(cid, v):
|
||||
|
|
@ -945,7 +945,7 @@ def toggle_comment_pin(cid, v):
|
|||
return jsonify({"html":html})
|
||||
|
||||
|
||||
@app.route("/save_comment/<cid>", methods=["POST"])
|
||||
@app.post("/save_comment/<cid>")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def save_comment(cid, v):
|
||||
|
|
@ -961,7 +961,7 @@ def save_comment(cid, v):
|
|||
|
||||
return "", 204
|
||||
|
||||
@app.route("/unsave_comment/<cid>", methods=["POST"])
|
||||
@app.post("/unsave_comment/<cid>")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def unsave_comment(cid, v):
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ DISCORD_ENDPOINT = "https://discordapp.com/api/v6"
|
|||
|
||||
WELCOME_CHANNEL="846509313941700618"
|
||||
|
||||
@app.route("/discord", methods=["GET"])
|
||||
@app.get("/discord")
|
||||
@auth_required
|
||||
def join_discord(v):
|
||||
|
||||
|
|
@ -27,7 +27,7 @@ def join_discord(v):
|
|||
|
||||
return redirect(f"https://discord.com/api/oauth2/authorize?client_id={CLIENT_ID}&redirect_uri=https%3A%2F%2F{app.config['SERVER_NAME']}%2Fdiscord_redirect&response_type=code&scope=identify%20guilds.join&state={state}")
|
||||
|
||||
@app.route("/discord_redirect", methods=["GET"])
|
||||
@app.get("/discord_redirect")
|
||||
@auth_required
|
||||
def discord_redirect(v):
|
||||
|
||||
|
|
|
|||
|
|
@ -154,7 +154,7 @@ def error_503(e, v):
|
|||
}
|
||||
|
||||
|
||||
@app.route("/allow_nsfw", methods=["POST"])
|
||||
@app.post("/allow_nsfw")
|
||||
def allow_nsfw():
|
||||
|
||||
session["over_18"] = int(time.time()) + 3600
|
||||
|
|
@ -162,7 +162,7 @@ def allow_nsfw():
|
|||
return redirect(request.form.get("redir"))
|
||||
|
||||
|
||||
@app.route("/error/<error>", methods=["GET"])
|
||||
@app.get("/error/<error>")
|
||||
@auth_desired
|
||||
def error_all_preview(error, v):
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ from yattag import Doc
|
|||
|
||||
from drama.__main__ import app
|
||||
|
||||
@app.route('/rss/<sort>/<t>', methods=["GET"])
|
||||
@app.get('/rss/<sort>/<t>')
|
||||
def feeds_user(sort='hot', t='all'):
|
||||
|
||||
page = int(request.args.get("page", 1))
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ from flask import g
|
|||
from drama.__main__ import app
|
||||
|
||||
|
||||
@app.route("/api/flag/post/<pid>", methods=["POST"])
|
||||
@app.post("/api/flag/post/<pid>")
|
||||
@auth_desired
|
||||
def api_flag_post(pid, v):
|
||||
|
||||
|
|
@ -30,7 +30,7 @@ def api_flag_post(pid, v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/api/flag/comment/<cid>", methods=["POST"])
|
||||
@app.post("/api/flag/comment/<cid>")
|
||||
@auth_desired
|
||||
def api_flag_comment(cid, v):
|
||||
|
||||
|
|
|
|||
|
|
@ -4,13 +4,13 @@ from drama.helpers.get import *
|
|||
from drama.__main__ import app, cache
|
||||
from drama.classes.submission import Submission
|
||||
|
||||
@app.route("/post/", methods=["GET"])
|
||||
@app.get("/post/")
|
||||
def slash_post():
|
||||
return redirect("/")
|
||||
|
||||
# this is a test
|
||||
|
||||
@app.route("/notifications", methods=["GET"])
|
||||
@app.get("/notifications")
|
||||
@auth_required
|
||||
def notifications(v):
|
||||
|
||||
|
|
@ -176,8 +176,8 @@ def frontlist(v=None, sort="hot", page=1,t="all", ids_only=True, filter_words=''
|
|||
return posts
|
||||
return posts
|
||||
|
||||
@app.route("/", methods=["GET"])
|
||||
@app.route("/api/v1/listing", methods=["GET"])
|
||||
@app.get("/")
|
||||
@app.get("/api/v1/listing")
|
||||
@auth_desired
|
||||
def front_all(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -288,8 +288,8 @@ def changeloglist(v=None, sort="new", page=1 ,t="all", **kwargs):
|
|||
posts = [x.id for x in posts]
|
||||
return posts
|
||||
|
||||
@app.route("/changelog", methods=["GET"])
|
||||
@app.route("/api/v1/changelog", methods=["GET"])
|
||||
@app.get("/changelog")
|
||||
@app.get("/api/v1/changelog")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
def changelog(v):
|
||||
|
|
@ -330,7 +330,7 @@ def changelog(v):
|
|||
)
|
||||
}
|
||||
|
||||
@app.route("/random", methods=["GET"])
|
||||
@app.get("/random")
|
||||
@auth_desired
|
||||
def random_post(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -404,8 +404,8 @@ def comment_idlist(page=1, v=None, nsfw=False, sort="new", t="all", **kwargs):
|
|||
|
||||
return comments[:26]
|
||||
|
||||
@app.route("/comments", methods=["GET"])
|
||||
@app.route("/api/v1/front/comments", methods=["GET"])
|
||||
@app.get("/comments")
|
||||
@app.get("/api/v1/front/comments")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
def all_comments(v):
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$")
|
|||
valid_password_regex = re.compile("^.{8,100}$")
|
||||
|
||||
|
||||
@app.route("/login", methods=["GET"])
|
||||
@app.get("/login")
|
||||
@no_cors
|
||||
@auth_desired
|
||||
def login_get(v):
|
||||
|
|
@ -52,7 +52,7 @@ def check_for_alts(current_id):
|
|||
|
||||
|
||||
@no_cors
|
||||
@app.route("/login", methods=["POST"])
|
||||
@app.post("/login")
|
||||
@limiter.limit("6/minute")
|
||||
def login_post():
|
||||
|
||||
|
|
@ -133,14 +133,14 @@ def login_post():
|
|||
return redirect(account.url)
|
||||
|
||||
|
||||
@app.route("/me", methods=["GET"])
|
||||
@app.route("/@me", methods=["GET"])
|
||||
@app.get("/me")
|
||||
@app.get("/@me")
|
||||
@auth_required
|
||||
def me(v):
|
||||
return redirect(v.url)
|
||||
|
||||
|
||||
@app.route("/logout", methods=["POST"])
|
||||
@app.post("/logout")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def logout(v):
|
||||
|
|
@ -153,7 +153,7 @@ def logout(v):
|
|||
# signing up
|
||||
|
||||
|
||||
@app.route("/signup", methods=["GET"])
|
||||
@app.get("/signup")
|
||||
@no_cors
|
||||
@auth_desired
|
||||
def sign_up_get(v):
|
||||
|
|
@ -210,7 +210,7 @@ def sign_up_get(v):
|
|||
# signup api
|
||||
|
||||
|
||||
@app.route("/signup", methods=["POST"])
|
||||
@app.post("/signup")
|
||||
@no_cors
|
||||
@auth_desired
|
||||
def sign_up_post(v):
|
||||
|
|
@ -382,7 +382,7 @@ def sign_up_post(v):
|
|||
return redirect("/")
|
||||
|
||||
|
||||
@app.route("/forgot", methods=["GET"])
|
||||
@app.get("/forgot")
|
||||
def get_forgot():
|
||||
|
||||
return render_template("forgot_password.html",
|
||||
|
|
@ -390,7 +390,7 @@ def get_forgot():
|
|||
)
|
||||
|
||||
|
||||
@app.route("/forgot", methods=["POST"])
|
||||
@app.post("/forgot")
|
||||
def post_forgot():
|
||||
|
||||
username = request.form.get("username").lstrip('@')
|
||||
|
|
@ -426,7 +426,7 @@ def post_forgot():
|
|||
i=random_image())
|
||||
|
||||
|
||||
@app.route("/reset", methods=["GET"])
|
||||
@app.get("/reset")
|
||||
def get_reset():
|
||||
|
||||
user_id = request.args.get("id")
|
||||
|
|
@ -458,7 +458,7 @@ def get_reset():
|
|||
)
|
||||
|
||||
|
||||
@app.route("/reset", methods=["POST"])
|
||||
@app.post("/reset")
|
||||
@auth_desired
|
||||
def post_reset(v):
|
||||
if v:
|
||||
|
|
@ -510,7 +510,7 @@ def lost_2fa(v):
|
|||
v=v
|
||||
)
|
||||
|
||||
@app.route("/request_2fa_disable", methods=["POST"])
|
||||
@app.post("/request_2fa_disable")
|
||||
@limiter.limit("6/minute")
|
||||
def request_2fa_disable():
|
||||
|
||||
|
|
@ -558,7 +558,7 @@ def request_2fa_disable():
|
|||
title="Removal request received",
|
||||
message="If username, password, and email match, we will send you an email.")
|
||||
|
||||
@app.route("/reset_2fa", methods=["GET"])
|
||||
@app.get("/reset_2fa")
|
||||
def reset_2fa():
|
||||
|
||||
now=int(time.time())
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ SCOPES = {
|
|||
}
|
||||
|
||||
|
||||
@app.route("/oauth/authorize", methods=["GET"])
|
||||
@app.get("/oauth/authorize")
|
||||
@auth_required
|
||||
def oauth_authorize_prompt(v):
|
||||
'''
|
||||
|
|
@ -80,7 +80,7 @@ def oauth_authorize_prompt(v):
|
|||
)
|
||||
|
||||
|
||||
@app.route("/oauth/authorize", methods=["POST"])
|
||||
@app.post("/oauth/authorize")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def oauth_authorize_post(v):
|
||||
|
|
@ -136,7 +136,7 @@ def oauth_authorize_post(v):
|
|||
return redirect(f"{redirect_uri}?code={new_auth.oauth_code}&scopes={scopes_txt}&state={state}")
|
||||
|
||||
|
||||
@app.route("/oauth/grant", methods=["POST"])
|
||||
@app.post("/oauth/grant")
|
||||
def oauth_grant():
|
||||
'''
|
||||
This endpoint takes the following parameters:
|
||||
|
|
@ -221,7 +221,7 @@ def oauth_grant():
|
|||
return jsonify({"oauth_error": f"Invalid grant_type `{request.values.get('grant_type','')}`. Expected `code` or `refresh`."}), 400
|
||||
|
||||
|
||||
@app.route("/api_keys", methods=["POST"])
|
||||
@app.post("/api_keys")
|
||||
@is_not_banned
|
||||
def request_api_keys(v):
|
||||
|
||||
|
|
@ -239,7 +239,7 @@ def request_api_keys(v):
|
|||
return redirect('/settings/apps')
|
||||
|
||||
|
||||
@app.route("/delete_app/<aid>", methods=["POST"])
|
||||
@app.post("/delete_app/<aid>")
|
||||
@is_not_banned
|
||||
@validate_formkey
|
||||
def delete_oauth_app(v, aid):
|
||||
|
|
@ -257,7 +257,7 @@ def delete_oauth_app(v, aid):
|
|||
return redirect('/apps')
|
||||
|
||||
|
||||
@app.route("/edit_app/<aid>", methods=["POST"])
|
||||
@app.post("/edit_app/<aid>")
|
||||
@is_not_banned
|
||||
@validate_formkey
|
||||
def edit_oauth_app(v, aid):
|
||||
|
|
@ -282,7 +282,7 @@ def api_v1_identity(v):
|
|||
return jsonify(v.json)
|
||||
|
||||
|
||||
@app.route("/admin/app/approve/<aid>", methods=["POST"])
|
||||
@app.post("/admin/app/approve/<aid>")
|
||||
@admin_level_required(3)
|
||||
@validate_formkey
|
||||
def admin_app_approve(v, aid):
|
||||
|
|
@ -300,7 +300,7 @@ def admin_app_approve(v, aid):
|
|||
return jsonify({"message": f"{app.app_name} approved"})
|
||||
|
||||
|
||||
@app.route("/admin/app/revoke/<aid>", methods=["POST"])
|
||||
@app.post("/admin/app/revoke/<aid>")
|
||||
@admin_level_required(3)
|
||||
@validate_formkey
|
||||
def admin_app_revoke(v, aid):
|
||||
|
|
@ -318,7 +318,7 @@ def admin_app_revoke(v, aid):
|
|||
return jsonify({"message": f"{app.app_name} revoked"})
|
||||
|
||||
|
||||
@app.route("/admin/app/reject/<aid>", methods=["POST"])
|
||||
@app.post("/admin/app/reject/<aid>")
|
||||
@admin_level_required(3)
|
||||
@validate_formkey
|
||||
def admin_app_reject(v, aid):
|
||||
|
|
@ -337,7 +337,7 @@ def admin_app_reject(v, aid):
|
|||
return jsonify({"message": f"{app.app_name} rejected"})
|
||||
|
||||
|
||||
@app.route("/admin/app/<aid>", methods=["GET"])
|
||||
@app.get("/admin/app/<aid>")
|
||||
@admin_level_required(3)
|
||||
def admin_app_id(v, aid):
|
||||
|
||||
|
|
@ -363,7 +363,7 @@ def admin_app_id(v, aid):
|
|||
next_exists=next_exists
|
||||
)
|
||||
|
||||
@app.route("/admin/app/<aid>/comments", methods=["GET"])
|
||||
@app.get("/admin/app/<aid>/comments")
|
||||
@admin_level_required(3)
|
||||
def admin_app_id_comments(v, aid):
|
||||
|
||||
|
|
@ -392,7 +392,7 @@ def admin_app_id_comments(v, aid):
|
|||
)
|
||||
|
||||
|
||||
@app.route("/admin/apps", methods=["GET"])
|
||||
@app.get("/admin/apps")
|
||||
@admin_level_required(3)
|
||||
def admin_apps_list(v):
|
||||
|
||||
|
|
@ -405,7 +405,7 @@ def admin_apps_list(v):
|
|||
return render_template("admin/apps.html", v=v, apps=apps)
|
||||
|
||||
|
||||
@app.route("/oauth/reroll/<aid>", methods=["POST"])
|
||||
@app.post("/oauth/reroll/<aid>")
|
||||
@auth_required
|
||||
def reroll_oauth_tokens(aid, v):
|
||||
|
||||
|
|
@ -428,7 +428,7 @@ def reroll_oauth_tokens(aid, v):
|
|||
)
|
||||
|
||||
|
||||
@app.route("/oauth/rescind/<aid>", methods=["POST"])
|
||||
@app.post("/oauth/rescind/<aid>")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def oauth_rescind_app(aid, v):
|
||||
|
|
@ -443,7 +443,7 @@ def oauth_rescind_app(aid, v):
|
|||
|
||||
return jsonify({"message": f"{auth.application.app_name} Revoked"})
|
||||
|
||||
@app.route("/api/v1/release", methods=["POST"])
|
||||
@app.post("/api/v1/release")
|
||||
@auth_required
|
||||
@api()
|
||||
def oauth_release_auth(v):
|
||||
|
|
@ -462,7 +462,7 @@ def oauth_release_auth(v):
|
|||
|
||||
return jsonify({"message":"Authorization released"})
|
||||
|
||||
@app.route("/api/v1/kill", methods=["POST"])
|
||||
@app.post("/api/v1/kill")
|
||||
@auth_required
|
||||
@api()
|
||||
def oauth_kill_auth(v):
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ def postbanaward(post_id, v):
|
|||
|
||||
return jsonify({"message": "User banned successfully!"}), 204
|
||||
|
||||
@app.route("/api/publish/<pid>", methods=["POST"])
|
||||
@app.post("/api/publish/<pid>")
|
||||
@is_not_banned
|
||||
@validate_formkey
|
||||
def publish(pid, v):
|
||||
|
|
@ -64,7 +64,7 @@ def publish(pid, v):
|
|||
g.db.commit()
|
||||
return "", 204
|
||||
|
||||
@app.route("/submit", methods=["GET"])
|
||||
@app.get("/submit")
|
||||
@auth_required
|
||||
def submit_get(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -72,10 +72,10 @@ def submit_get(v):
|
|||
return render_template("submit.html",
|
||||
v=v)
|
||||
|
||||
@app.route("/post/<pid>", methods=["GET"])
|
||||
@app.route("/post/<pid>/", methods=["GET"])
|
||||
@app.route("/post/<pid>/<anything>", methods=["GET"])
|
||||
@app.route("/api/v1/post/<pid>", methods=["GET"])
|
||||
@app.get("/post/<pid>")
|
||||
@app.get("/post/<pid>/")
|
||||
@app.get("/post/<pid>/<anything>")
|
||||
@app.get("/api/v1/post/<pid>")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
def post_base36id(pid, anything=None, v=None):
|
||||
|
|
@ -246,7 +246,7 @@ def post_base36id(pid, anything=None, v=None):
|
|||
"api":lambda:jsonify(post.json)
|
||||
}
|
||||
|
||||
@app.route("/edit_post/<pid>", methods=["POST"])
|
||||
@app.post("/edit_post/<pid>")
|
||||
@is_not_banned
|
||||
@validate_formkey
|
||||
def edit_post(pid, v):
|
||||
|
|
@ -550,8 +550,8 @@ def archiveorg(url):
|
|||
|
||||
|
||||
@app.route("/submit", methods=['POST'])
|
||||
@app.route("/api/v1/submit", methods=["POST"])
|
||||
@app.route("/api/vue/submit", methods=["POST"])
|
||||
@app.post("/api/v1/submit")
|
||||
@app.post("/api/vue/submit")
|
||||
@limiter.limit("6/minute")
|
||||
@is_not_banned
|
||||
@validate_formkey
|
||||
|
|
@ -1042,8 +1042,8 @@ def submit_post(v):
|
|||
}
|
||||
|
||||
|
||||
@app.route("/delete_post/<pid>", methods=["POST"])
|
||||
@app.route("/api/v1/delete_post/<pid>", methods=["POST"])
|
||||
@app.post("/delete_post/<pid>")
|
||||
@app.post("/api/v1/delete_post/<pid>")
|
||||
@auth_required
|
||||
@api("delete")
|
||||
@validate_formkey
|
||||
|
|
@ -1063,8 +1063,8 @@ def delete_post_pid(pid, v):
|
|||
|
||||
return "", 204
|
||||
|
||||
@app.route("/undelete_post/<pid>", methods=["POST"])
|
||||
@app.route("/api/v1/undelete_post/<pid>", methods=["POST"])
|
||||
@app.post("/undelete_post/<pid>")
|
||||
@app.post("/api/v1/undelete_post/<pid>")
|
||||
@auth_required
|
||||
@api("delete")
|
||||
@validate_formkey
|
||||
|
|
@ -1076,7 +1076,7 @@ def undelete_post_pid(pid, v):
|
|||
cache.delete_memoized(frontlist)
|
||||
return "", 204
|
||||
|
||||
@app.route("/embed/post/<pid>", methods=["GET"])
|
||||
@app.get("/embed/post/<pid>")
|
||||
def embed_post_pid(pid):
|
||||
|
||||
post = get_post(int(pid))
|
||||
|
|
@ -1086,8 +1086,8 @@ def embed_post_pid(pid):
|
|||
|
||||
return render_template("embeds/submission.html", p=post)
|
||||
|
||||
@app.route("/api/toggle_comment_nsfw/<cid>", methods=["POST"])
|
||||
@app.route("/api/v1/toggle_comment_nsfw/<cid>", methods=["POST"])
|
||||
@app.post("/api/toggle_comment_nsfw/<cid>")
|
||||
@app.post("/api/v1/toggle_comment_nsfw/<cid>")
|
||||
@is_not_banned
|
||||
@api("update")
|
||||
@validate_formkey
|
||||
|
|
@ -1099,8 +1099,8 @@ def toggle_comment_nsfw(cid, v):
|
|||
g.db.add(comment)
|
||||
return "", 204
|
||||
|
||||
@app.route("/api/toggle_post_nsfw/<pid>", methods=["POST"])
|
||||
@app.route("/api/v1/toggle_post_nsfw/<pid>", methods=["POST"])
|
||||
@app.post("/api/toggle_post_nsfw/<pid>")
|
||||
@app.post("/api/v1/toggle_post_nsfw/<pid>")
|
||||
@is_not_banned
|
||||
@api("update")
|
||||
@validate_formkey
|
||||
|
|
@ -1124,7 +1124,7 @@ def toggle_post_nsfw(pid, v):
|
|||
|
||||
return "", 204
|
||||
|
||||
@app.route("/save_post/<pid>", methods=["POST"])
|
||||
@app.post("/save_post/<pid>")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def save_post(pid, v):
|
||||
|
|
@ -1140,7 +1140,7 @@ def save_post(pid, v):
|
|||
|
||||
return "", 204
|
||||
|
||||
@app.route("/unsave_post/<pid>", methods=["POST"])
|
||||
@app.post("/unsave_post/<pid>")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def unsave_post(pid, v):
|
||||
|
|
|
|||
|
|
@ -196,8 +196,8 @@ def searchcommentlisting(criteria, v=None, page=1, t="None", sort="top"):
|
|||
comments = comments[firstrange:secondrange]
|
||||
return total, [x.id for x in comments]
|
||||
|
||||
@app.route("/search/posts", methods=["GET"])
|
||||
@app.route("/api/v1/search", methods=["GET"])
|
||||
@app.get("/search/posts")
|
||||
@app.get("/api/v1/search")
|
||||
@app.route("/api/vue/search")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
|
|
@ -242,8 +242,8 @@ def searchposts(v, search_type="posts"):
|
|||
"api":lambda:jsonify({"data":[x.json for x in posts]})
|
||||
}
|
||||
|
||||
@app.route("/search/comments", methods=["GET"])
|
||||
@app.route("/api/v1/search/comments", methods=["GET"])
|
||||
@app.get("/search/comments")
|
||||
@app.get("/api/v1/search/comments")
|
||||
@app.route("/api/vue/search/comments")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
|
|
@ -279,8 +279,8 @@ def searchcomments(v):
|
|||
"api":lambda:jsonify({"data":[x.json for x in comments]})
|
||||
}
|
||||
|
||||
@app.route("/search/users", methods=["GET"])
|
||||
@app.route("/api/v1/search/users", methods=["GET"])
|
||||
@app.get("/search/users")
|
||||
@app.get("/api/v1/search/users")
|
||||
@app.route("/api/vue/search/users")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ valid_password_regex = re.compile("^.{8,100}$")
|
|||
|
||||
youtubekey = environ.get("youtubekey").strip()
|
||||
|
||||
@app.route("/settings/profile", methods=["POST"])
|
||||
@app.post("/settings/profile")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_profile_post(v):
|
||||
|
|
@ -153,7 +153,7 @@ def settings_profile_post(v):
|
|||
else:
|
||||
return jsonify({"error": "You didn't change anything."}), 400
|
||||
|
||||
@app.route("/changelogsub", methods=["POST"])
|
||||
@app.post("/changelogsub")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def changelogsub(v):
|
||||
|
|
@ -162,7 +162,7 @@ def changelogsub(v):
|
|||
cache.delete_memoized(frontlist)
|
||||
return "", 204
|
||||
|
||||
@app.route("/settings/namecolor", methods=["POST"])
|
||||
@app.post("/settings/namecolor")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def namecolor(v):
|
||||
|
|
@ -172,7 +172,7 @@ def namecolor(v):
|
|||
g.db.add(v)
|
||||
return redirect("/settings/profile")
|
||||
|
||||
@app.route("/settings/themecolor", methods=["POST"])
|
||||
@app.post("/settings/themecolor")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def themecolor(v):
|
||||
|
|
@ -182,7 +182,7 @@ def themecolor(v):
|
|||
g.db.add(v)
|
||||
return redirect("/settings/profile")
|
||||
|
||||
@app.route("/settings/titlecolor", methods=["POST"])
|
||||
@app.post("/settings/titlecolor")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def titlecolor(v):
|
||||
|
|
@ -192,7 +192,7 @@ def titlecolor(v):
|
|||
g.db.add(v)
|
||||
return redirect("/settings/profile")
|
||||
|
||||
@app.route("/settings/security", methods=["POST"])
|
||||
@app.post("/settings/security")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_security_post(v):
|
||||
|
|
@ -297,7 +297,7 @@ def settings_security_post(v):
|
|||
return redirect("/settings/security?msg=" +
|
||||
escape("Two-factor authentication disabled."))
|
||||
|
||||
@app.route("/settings/log_out_all_others", methods=["POST"])
|
||||
@app.post("/settings/log_out_all_others")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_log_out_others(v):
|
||||
|
|
@ -320,7 +320,7 @@ def settings_log_out_others(v):
|
|||
msg="All other devices have been logged out")
|
||||
|
||||
|
||||
@app.route("/settings/images/profile", methods=["POST"])
|
||||
@app.post("/settings/images/profile")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_images_profile(v):
|
||||
|
|
@ -339,7 +339,7 @@ def settings_images_profile(v):
|
|||
v=v, msg="Profile picture successfully updated.")
|
||||
|
||||
|
||||
@app.route("/settings/images/banner", methods=["POST"])
|
||||
@app.post("/settings/images/banner")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_images_banner(v):
|
||||
|
|
@ -357,7 +357,7 @@ def settings_images_banner(v):
|
|||
v=v, msg="Banner successfully updated.")
|
||||
|
||||
|
||||
@app.route("/settings/delete/profile", methods=["POST"])
|
||||
@app.post("/settings/delete/profile")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_delete_profile(v):
|
||||
|
|
@ -367,7 +367,7 @@ def settings_delete_profile(v):
|
|||
return render_template("settings_profile.html", v=v,
|
||||
msg="Profile picture successfully removed.")
|
||||
|
||||
@app.route("/settings/delete/banner", methods=["POST"])
|
||||
@app.post("/settings/delete/banner")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_delete_banner(v):
|
||||
|
|
@ -378,7 +378,7 @@ def settings_delete_banner(v):
|
|||
msg="Banner successfully removed.")
|
||||
|
||||
|
||||
@app.route("/settings/read_announcement", methods=["POST"])
|
||||
@app.post("/settings/read_announcement")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def update_announcement(v):
|
||||
|
|
@ -389,7 +389,7 @@ def update_announcement(v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/settings/blocks", methods=["GET"])
|
||||
@app.get("/settings/blocks")
|
||||
@auth_required
|
||||
def settings_blockedpage(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -399,14 +399,14 @@ def settings_blockedpage(v):
|
|||
return render_template("settings_blocks.html",
|
||||
v=v)
|
||||
|
||||
@app.route("/settings/css", methods=["GET"])
|
||||
@app.get("/settings/css")
|
||||
@auth_required
|
||||
def settings_css_get(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
||||
return render_template("settings_css.html", v=v)
|
||||
|
||||
@app.route("/settings/css", methods=["POST"])
|
||||
@app.post("/settings/css")
|
||||
@auth_required
|
||||
def settings_css(v):
|
||||
css = request.form.get("css").replace('\\', '')[0:50000]
|
||||
|
|
@ -418,14 +418,14 @@ def settings_css(v):
|
|||
g.db.add(v)
|
||||
return render_template("settings_css.html", v=v)
|
||||
|
||||
@app.route("/settings/profilecss", methods=["GET"])
|
||||
@app.get("/settings/profilecss")
|
||||
@auth_required
|
||||
def settings_profilecss_get(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
if v.dramacoins < 1000: return "You must have +1000 dramacoins to set profile css."
|
||||
return render_template("settings_profilecss.html", v=v)
|
||||
|
||||
@app.route("/settings/profilecss", methods=["POST"])
|
||||
@app.post("/settings/profilecss")
|
||||
@auth_required
|
||||
def settings_profilecss(v):
|
||||
if v.dramacoins < 1000: return "You must have +1000 dramacoins to set profile css."
|
||||
|
|
@ -434,7 +434,7 @@ def settings_profilecss(v):
|
|||
g.db.add(v)
|
||||
return render_template("settings_profilecss.html", v=v)
|
||||
|
||||
@app.route("/settings/block", methods=["POST"])
|
||||
@app.post("/settings/block")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_block_user(v):
|
||||
|
|
@ -468,7 +468,7 @@ def settings_block_user(v):
|
|||
return jsonify({"message": f"@{user.username} blocked."})
|
||||
|
||||
|
||||
@app.route("/settings/unblock", methods=["POST"])
|
||||
@app.post("/settings/unblock")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_unblock_user(v):
|
||||
|
|
@ -490,7 +490,7 @@ def settings_unblock_user(v):
|
|||
return jsonify({"message": f"@{user.username} unblocked."})
|
||||
|
||||
|
||||
@app.route("/settings/apps", methods=["GET"])
|
||||
@app.get("/settings/apps")
|
||||
@auth_required
|
||||
def settings_apps(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -498,7 +498,7 @@ def settings_apps(v):
|
|||
return render_template("settings_apps.html", v=v)
|
||||
|
||||
|
||||
@app.route("/settings/remove_discord", methods=["POST"])
|
||||
@app.post("/settings/remove_discord")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_remove_discord(v):
|
||||
|
|
@ -514,14 +514,14 @@ def settings_remove_discord(v):
|
|||
|
||||
return redirect("/settings/profile")
|
||||
|
||||
@app.route("/settings/content", methods=["GET"])
|
||||
@app.get("/settings/content")
|
||||
@auth_required
|
||||
def settings_content_get(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
||||
return render_template("settings_filters.html", v=v)
|
||||
|
||||
@app.route("/settings/name_change", methods=["POST"])
|
||||
@app.post("/settings/name_change")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_name_change(v):
|
||||
|
|
@ -569,7 +569,7 @@ def settings_name_change(v):
|
|||
|
||||
return redirect("/settings/profile")
|
||||
|
||||
@app.route("/settings/song_change", methods=["POST"])
|
||||
@app.post("/settings/song_change")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_song_change(v):
|
||||
|
|
@ -650,7 +650,7 @@ def settings_song_change(v):
|
|||
|
||||
return redirect("/settings/profile")
|
||||
|
||||
@app.route("/settings/title_change", methods=["POST"])
|
||||
@app.post("/settings/title_change")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_title_change(v):
|
||||
|
|
@ -683,7 +683,7 @@ def settings_title_change(v):
|
|||
|
||||
return redirect("/settings/profile")
|
||||
|
||||
@app.route("/settings/badges", methods=["POST"])
|
||||
@app.post("/settings/badges")
|
||||
@auth_required
|
||||
@validate_formkey
|
||||
def settings_badge_recheck(v):
|
||||
|
|
|
|||
|
|
@ -3,9 +3,9 @@ from drama.__main__ import app, limiter
|
|||
from drama.helpers.alerts import *
|
||||
|
||||
|
||||
@app.route("/badmins", methods=["GET"])
|
||||
@app.get("/badmins")
|
||||
@app.route("/api/vue/admins", methods=["GET"])
|
||||
@app.route("/api/v1/admins", methods=["GET"])
|
||||
@app.get("/api/v1/admins")
|
||||
@auth_desired
|
||||
@public("read")
|
||||
def badmins(v):
|
||||
|
|
@ -15,8 +15,8 @@ def badmins(v):
|
|||
"api":lambda:jsonify({"data":[x.json for x in badmins]})
|
||||
}
|
||||
|
||||
@app.route("/log", methods=["GET"])
|
||||
@app.route("/api/v1/mod_log", methods=["GET"])
|
||||
@app.get("/log")
|
||||
@app.get("/api/v1/mod_log")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
def log(v):
|
||||
|
|
@ -40,7 +40,7 @@ def log(v):
|
|||
"api":lambda:jsonify({"data":[x.json for x in actions]})
|
||||
}
|
||||
|
||||
@app.route("/log/<aid>", methods=["GET"])
|
||||
@app.get("/log/<aid>")
|
||||
@auth_desired
|
||||
def log_item(aid, v):
|
||||
|
||||
|
|
@ -64,22 +64,22 @@ def log_item(aid, v):
|
|||
def index():
|
||||
return render_template("index.html", **{"greeting": "Hello from Flask!"})
|
||||
|
||||
@app.route("/assets/favicon.ico", methods=["GET"])
|
||||
@app.get("/assets/favicon.ico")
|
||||
def favicon():
|
||||
return send_file("./assets/images/favicon.png")
|
||||
|
||||
@app.route("/oauthhelp", methods=["GET"])
|
||||
@app.get("/oauthhelp")
|
||||
@auth_desired
|
||||
def oauthhelp(v):
|
||||
return render_template("oauthhelp.html", v=v)
|
||||
|
||||
@app.route("/contact", methods=["GET"])
|
||||
@app.get("/contact")
|
||||
@auth_desired
|
||||
def contact(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
return render_template("contact.html", v=v)
|
||||
|
||||
@app.route("/contact", methods=["POST"])
|
||||
@app.post("/contact")
|
||||
@auth_desired
|
||||
def submit_contact(v):
|
||||
message = f'This message has been sent automatically to all admins via https://rdrama.net/contact, user email is "{v.email}"\n\nMessage:\n\n' + request.form.get("message", "")
|
||||
|
|
@ -109,11 +109,11 @@ def static_service(path):
|
|||
resp.headers.add("Content-Type", "text/css")
|
||||
return resp
|
||||
|
||||
@app.route("/robots.txt", methods=["GET"])
|
||||
@app.get("/robots.txt")
|
||||
def robots_txt():
|
||||
return send_file("./assets/robots.txt")
|
||||
|
||||
@app.route("/settings", methods=["GET"])
|
||||
@app.get("/settings")
|
||||
@auth_required
|
||||
def settings(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -121,7 +121,7 @@ def settings(v):
|
|||
return redirect("/settings/profile")
|
||||
|
||||
|
||||
@app.route("/settings/profile", methods=["GET"])
|
||||
@app.get("/settings/profile")
|
||||
@auth_required
|
||||
def settings_profile(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -130,7 +130,7 @@ def settings_profile(v):
|
|||
v=v)
|
||||
|
||||
|
||||
@app.route("/titles", methods=["GET"])
|
||||
@app.get("/titles")
|
||||
@auth_desired
|
||||
def titles(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -140,7 +140,7 @@ def titles(v):
|
|||
v=v,
|
||||
titles=titles)
|
||||
|
||||
@app.route("/badges", methods=["GET"])
|
||||
@app.get("/badges")
|
||||
@auth_desired
|
||||
def badges(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -152,7 +152,7 @@ def badges(v):
|
|||
v=v,
|
||||
badges=badges)
|
||||
|
||||
@app.route("/blocks", methods=["GET"])
|
||||
@app.get("/blocks")
|
||||
@auth_desired
|
||||
def blocks(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -166,7 +166,7 @@ def blocks(v):
|
|||
|
||||
return render_template("blocks.html", v=v, users=users, targets=targets)
|
||||
|
||||
@app.route("/banned", methods=["GET"])
|
||||
@app.get("/banned")
|
||||
@auth_desired
|
||||
def banned(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -174,18 +174,18 @@ def banned(v):
|
|||
users = [x for x in g.db.query(User).filter(User.is_banned > 0, User.unban_utc == 0).all()]
|
||||
return render_template("banned.html", v=v, users=users)
|
||||
|
||||
@app.route("/formatting", methods=["GET"])
|
||||
@app.get("/formatting")
|
||||
@auth_desired
|
||||
def formatting(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
||||
return render_template("formatting.html", v=v)
|
||||
|
||||
@app.route("/.well-known/brave-rewards-verification.txt", methods=["GET"])
|
||||
@app.get("/.well-known/brave-rewards-verification.txt")
|
||||
def brave():
|
||||
with open(".well-known/brave-rewards-verification.txt", "r") as f: return Response(f.read(), mimetype='text/plain')
|
||||
|
||||
@app.route("/.well-known/assetlinks.json", methods=["GET"])
|
||||
@app.get("/.well-known/assetlinks.json")
|
||||
def googleplayapp():
|
||||
with open(".well-known/assetlinks.json", "r") as f: return Response(f.read(), mimetype='application/json')
|
||||
|
||||
|
|
@ -194,7 +194,7 @@ def serviceworker():
|
|||
with open(".well-known/service-worker.js", "r") as f: return Response(f.read(), mimetype='application/javascript')
|
||||
|
||||
|
||||
@app.route("/settings/security", methods=["GET"])
|
||||
@app.get("/settings/security")
|
||||
@auth_required
|
||||
def settings_security(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -206,7 +206,7 @@ def settings_security(v):
|
|||
msg=request.args.get("msg") or None
|
||||
)
|
||||
|
||||
@app.route("/dismiss_mobile_tip", methods=["POST"])
|
||||
@app.post("/dismiss_mobile_tip")
|
||||
def dismiss_mobile_tip():
|
||||
|
||||
session["tooltip_last_dismissed"]=int(time.time())
|
||||
|
|
|
|||
|
|
@ -31,14 +31,14 @@ def suicide(v, username):
|
|||
g.db.add(v)
|
||||
return "", 204
|
||||
|
||||
@app.route("/api/v1/user/<username>", methods=["GET"])
|
||||
@app.get("/api/v1/user/<username>")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
def user_info(v, username):
|
||||
user = get_user(username, v=v)
|
||||
return jsonify(user.json)
|
||||
|
||||
@app.route("/leaderboard", methods=["GET"])
|
||||
@app.get("/leaderboard")
|
||||
@auth_desired
|
||||
def leaderboard(v):
|
||||
if v and v.is_banned and not v.unban_utc:return render_template("seized.html")
|
||||
|
|
@ -72,7 +72,7 @@ def get_profilecss(username):
|
|||
resp.headers.add("Content-Type", "text/css")
|
||||
return resp
|
||||
|
||||
@app.route("/@<username>/reply/<id>", methods=["POST"])
|
||||
@app.post("/@<username>/reply/<id>")
|
||||
@auth_required
|
||||
def messagereply(v, username, id):
|
||||
message = request.form.get("message", "")[:1000].strip()
|
||||
|
|
@ -97,14 +97,14 @@ def messagereply(v, username, id):
|
|||
g.db.commit()
|
||||
return redirect('/notifications?all=true')
|
||||
|
||||
@app.route("/songs/<id>", methods=["GET"])
|
||||
@app.get("/songs/<id>")
|
||||
def songs(id):
|
||||
try: id = int(id)
|
||||
except: return '', 400
|
||||
user = g.db.query(User).filter_by(id=id).first()
|
||||
return send_from_directory('/songs/', f'{user.song}.mp3')
|
||||
|
||||
@app.route("/subscribe/<post_id>", methods=["POST"])
|
||||
@app.post("/subscribe/<post_id>")
|
||||
@auth_required
|
||||
def subscribe(v, post_id):
|
||||
new_sub = Subscription(user_id=v.id, submission_id=post_id)
|
||||
|
|
@ -112,14 +112,14 @@ def subscribe(v, post_id):
|
|||
g.db.commit()
|
||||
return "", 204
|
||||
|
||||
@app.route("/unsubscribe/<post_id>", methods=["POST"])
|
||||
@app.post("/unsubscribe/<post_id>")
|
||||
@auth_required
|
||||
def unsubscribe(v, post_id):
|
||||
sub=g.db.query(Subscription).filter_by(user_id=v.id, submission_id=post_id).first()
|
||||
g.db.delete(sub)
|
||||
return "", 204
|
||||
|
||||
@app.route("/@<username>/message", methods=["POST"])
|
||||
@app.post("/@<username>/message")
|
||||
@auth_required
|
||||
def message2(v, username):
|
||||
user = get_user(username, v=v)
|
||||
|
|
@ -141,7 +141,7 @@ def message2(v, username):
|
|||
)
|
||||
return redirect('/notifications?all=true')
|
||||
|
||||
@app.route("/2faqr/<secret>", methods=["GET"])
|
||||
@app.get("/2faqr/<secret>")
|
||||
@auth_required
|
||||
def mfa_qr(secret, v):
|
||||
x = pyotp.TOTP(secret)
|
||||
|
|
@ -158,8 +158,8 @@ def mfa_qr(secret, v):
|
|||
return send_file(mem, mimetype="image/png", as_attachment=False)
|
||||
|
||||
|
||||
@app.route("/api/is_available/<name>", methods=["GET"])
|
||||
@app.route("/api/v1/is_available/<name>", methods=["GET"])
|
||||
@app.get("/api/is_available/<name>")
|
||||
@app.get("/api/v1/is_available/<name>")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
def api_is_available(name, v):
|
||||
|
|
@ -186,7 +186,7 @@ def api_is_available(name, v):
|
|||
return jsonify({name: True})
|
||||
|
||||
|
||||
@app.route("/id/<id>", methods=["GET"])
|
||||
@app.get("/id/<id>")
|
||||
def user_id(id):
|
||||
|
||||
user = get_account(int(id))
|
||||
|
|
@ -196,7 +196,7 @@ def user_id(id):
|
|||
# actual user api endpoint.
|
||||
# So they get the data and then there will be no need to reinvent
|
||||
# the wheel.
|
||||
@app.route("/api/v1/uid/<uid>", methods=["GET"])
|
||||
@app.get("/api/v1/uid/<uid>")
|
||||
@auth_desired
|
||||
@api("read")
|
||||
def user_by_uid(uid, v=None):
|
||||
|
|
@ -204,11 +204,11 @@ def user_by_uid(uid, v=None):
|
|||
|
||||
return redirect(f'/api/v1/user/{user.username}/info')
|
||||
|
||||
@app.route("/u/<username>", methods=["GET"])
|
||||
@app.get("/u/<username>")
|
||||
def redditor_moment_redirect(username):
|
||||
return redirect(f"/@{username}")
|
||||
|
||||
@app.route("/@<username>/followers", methods=["GET"])
|
||||
@app.get("/@<username>/followers")
|
||||
@auth_required
|
||||
def followers(username, v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -224,8 +224,8 @@ def visitors(v):
|
|||
viewers=sorted(v.viewers, key = lambda x: x.last_view_utc, reverse=True)
|
||||
return render_template("viewers.html", v=v, viewers=viewers)
|
||||
|
||||
@app.route("/@<username>", methods=["GET"])
|
||||
@app.route("/api/v1/user/<username>/listing", methods=["GET"])
|
||||
@app.get("/@<username>")
|
||||
@app.get("/api/v1/user/<username>/listing")
|
||||
@auth_desired
|
||||
@public("read")
|
||||
def u_username(username, v=None):
|
||||
|
|
@ -336,8 +336,8 @@ def u_username(username, v=None):
|
|||
}
|
||||
|
||||
|
||||
@app.route("/@<username>/comments", methods=["GET"])
|
||||
@app.route("/api/v1/user/<username>/comments", methods=["GET"])
|
||||
@app.get("/@<username>/comments")
|
||||
@app.get("/api/v1/user/<username>/comments")
|
||||
@auth_desired
|
||||
@public("read")
|
||||
def u_username_comments(username, v=None):
|
||||
|
|
@ -415,7 +415,7 @@ def u_username_comments(username, v=None):
|
|||
"api": lambda: jsonify({"data": [c.json for c in listing]})
|
||||
}
|
||||
|
||||
@app.route("/api/v1/user/<username>/info", methods=["GET"])
|
||||
@app.get("/api/v1/user/<username>/info")
|
||||
@auth_desired
|
||||
@public("read")
|
||||
def u_username_info(username, v=None):
|
||||
|
|
@ -430,7 +430,7 @@ def u_username_info(username, v=None):
|
|||
return jsonify(user.json)
|
||||
|
||||
|
||||
@app.route("/api/follow/<username>", methods=["POST"])
|
||||
@app.post("/api/follow/<username>")
|
||||
@auth_required
|
||||
def follow_user(username, v):
|
||||
|
||||
|
|
@ -455,7 +455,7 @@ def follow_user(username, v):
|
|||
return "", 204
|
||||
|
||||
|
||||
@app.route("/api/unfollow/<username>", methods=["POST"])
|
||||
@app.post("/api/unfollow/<username>")
|
||||
@auth_required
|
||||
def unfollow_user(username, v):
|
||||
|
||||
|
|
@ -490,8 +490,8 @@ def user_profile_uid(uid):
|
|||
return redirect(x.profile_url)
|
||||
|
||||
|
||||
@app.route("/@<username>/saved/posts", methods=["GET"])
|
||||
@app.route("/api/v1/saved/posts", methods=["GET"])
|
||||
@app.get("/@<username>/saved/posts")
|
||||
@app.get("/api/v1/saved/posts")
|
||||
@auth_required
|
||||
@api("read")
|
||||
def saved_posts(v, username):
|
||||
|
|
@ -517,8 +517,8 @@ def saved_posts(v, username):
|
|||
}
|
||||
|
||||
|
||||
@app.route("/@<username>/saved/comments", methods=["GET"])
|
||||
@app.route("/api/v1/saved/comments", methods=["GET"])
|
||||
@app.get("/@<username>/saved/comments")
|
||||
@app.get("/api/v1/saved/comments")
|
||||
@auth_required
|
||||
@api("read")
|
||||
def saved_comments(v, username):
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ from flask import *
|
|||
from drama.__main__ import app
|
||||
|
||||
|
||||
@app.route("/votes", methods=["GET"])
|
||||
@app.get("/votes")
|
||||
@auth_desired
|
||||
def admin_vote_info_get(v):
|
||||
if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
|
||||
|
|
@ -62,8 +62,8 @@ def admin_vote_info_get(v):
|
|||
|
||||
|
||||
|
||||
@app.route("/api/v1/vote/post/<post_id>/<new>", methods=["POST"])
|
||||
@app.route("/api/vote/post/<post_id>/<new>", methods=["POST"])
|
||||
@app.post("/api/v1/vote/post/<post_id>/<new>")
|
||||
@app.post("/api/vote/post/<post_id>/<new>")
|
||||
@is_not_banned
|
||||
@api("vote")
|
||||
@validate_formkey
|
||||
|
|
@ -107,8 +107,8 @@ def api_vote_post(post_id, new, v):
|
|||
g.db.add(post)
|
||||
return "", 204
|
||||
|
||||
@app.route("/api/v1/vote/comment/<comment_id>/<new>", methods=["POST"])
|
||||
@app.route("/api/vote/comment/<comment_id>/<new>", methods=["POST"])
|
||||
@app.post("/api/v1/vote/comment/<comment_id>/<new>")
|
||||
@app.post("/api/vote/comment/<comment_id>/<new>")
|
||||
@is_not_banned
|
||||
@api("vote")
|
||||
@validate_formkey
|
||||
|
|
|
|||
Loading…
Reference in New Issue