rDrama/files/routes/oauth.py

from files.helpers.wrappers import *
from files.helpers.alerts import *
from files.helpers.get import *
from files.helpers.const import *
from files.classes import *
from flask import *
from files.__main__ import app, limiter
import sqlalchemy.exc

@app.get("/authorize")
@auth_required
def authorize_prompt(v):
	client_id = request.values.get("client_id")
	application = g.db.query(OauthApp).filter_by(client_id=client_id).one_or_none()
	if not application: return {"oauth_error": "Invalid `client_id`"}, 401
	return render_template("oauth.html", v=v, application=application)


@app.post("/authorize")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@auth_required
def authorize(v):

	client_id = request.values.get("client_id")
	application = g.db.query(OauthApp).filter_by(client_id=client_id).one_or_none()
	if not application: return {"oauth_error": "Invalid `client_id`"}, 401
	access_token = secrets.token_urlsafe(128)[:128]

	try:
		new_auth = ClientAuth(oauth_client = application.id, user_id = v.id, access_token=access_token)
		g.db.add(new_auth)
		g.db.commit()
	except sqlalchemy.exc.IntegrityError:
		g.db.rollback()
		old_auth = g.db.query(ClientAuth).filter_by(oauth_client = application.id, user_id = v.id).one()
		access_token = old_auth.access_token

	return redirect(f"{application.redirect_uri}?token={access_token}")


@app.post("/api_keys")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@is_not_permabanned
def request_api_keys(v):

	new_app = OauthApp(
		app_name=request.values.get('name').replace('<','').replace('>',''),
		redirect_uri=request.values.get('redirect_uri'),
		author_id=v.id,
		description=request.values.get("description")[:256]
	)

	g.db.add(new_app)

	body = f"@{v.username} has requested API keys for `{request.values.get('name')}`. You can approve or deny the request [here](/admin/apps)."

	body_html = sanitize(body, noimages=True)


	new_comment = Comment(author_id=NOTIFICATIONS_ID,
						  parent_submission=None,
						  level=1,
						  body_html=body_html,
						  sentto=2,
						  distinguish_level=6
						  )
	g.db.add(new_comment)
	g.db.flush()

	new_comment.top_comment_id = new_comment.id

	for admin in g.db.query(User).filter(User.admin_level > 2).all():
		notif = Notification(comment_id=new_comment.id, user_id=admin.id)
		g.db.add(notif)


	g.db.commit()

	return redirect('/settings/apps')


@app.post("/delete_app/<aid>")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@auth_required
def delete_oauth_app(v, aid):

	aid = int(aid)
	app = g.db.query(OauthApp).filter_by(id=aid).one_or_none()

	if app.author_id != v.id: abort(403)

	for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all():
		g.db.delete(auth)

	g.db.delete(app)

	g.db.commit()

	return redirect('/apps')


@app.post("/edit_app/<aid>")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@is_not_permabanned
def edit_oauth_app(v, aid):

	aid = int(aid)
	app = g.db.query(OauthApp).filter_by(id=aid).one_or_none()

	if app.author_id != v.id: abort(403)

	app.redirect_uri = request.values.get('redirect_uri')
	app.app_name = request.values.get('name')
	app.description = request.values.get("description")[:256]

	g.db.add(app)

	g.db.commit()

	return redirect('/settings/apps')


@app.post("/admin/app/approve/<aid>")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(3)
def admin_app_approve(v, aid):

	app = g.db.query(OauthApp).filter_by(id=aid).one_or_none()
	user = app.author

	app.client_id = secrets.token_urlsafe(64)[:64]
	g.db.add(app)

	access_token = secrets.token_urlsafe(128)[:128]
	new_auth = ClientAuth(
		oauth_client = app.id,
		user_id = user.id,
		access_token=access_token
	)

	g.db.add(new_auth)

	send_repeatable_notification(user.id, f"@{v.username} has approved your application `{app.app_name}`. Here's your access token: `{access_token}`\nPlease check the guide [here](/api) if you don't know what to do next.")

	ma = ModAction(
		kind="approve_app",
		user_id=v.id,
		target_user_id=user.id,
	)
	g.db.add(ma)

	g.db.commit()

	return {"message": "Application approved"}


@app.post("/admin/app/revoke/<aid>")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(2)
def admin_app_revoke(v, aid):

	app = g.db.query(OauthApp).filter_by(id=aid).one_or_none()
	if app:
		for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all(): g.db.delete(auth)

		send_repeatable_notification(app.author.id, f"@{v.username} has revoked your application `{app.app_name}`.")

		g.db.delete(app)

		ma = ModAction(
			kind="revoke_app",
			user_id=v.id,
			target_user_id=app.author.id,
		)
		g.db.add(ma)

		g.db.commit()

	return {"message": "App revoked"}


@app.post("/admin/app/reject/<aid>")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(2)
def admin_app_reject(v, aid):

	app = g.db.query(OauthApp).filter_by(id=aid).one_or_none()

	if app:
		for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all(): g.db.delete(auth)

		send_repeatable_notification(app.author.id, f"@{v.username} has rejected your application `{app.app_name}`.")

		g.db.delete(app)

		ma = ModAction(
			kind="reject_app",
			user_id=v.id,
			target_user_id=app.author.id,
		)
		g.db.add(ma)

		g.db.commit()

	return {"message": "App rejected"}


@app.get("/admin/app/<aid>")
@admin_level_required(2)
def admin_app_id(v, aid):

	aid=aid

	oauth = g.db.query(OauthApp).filter_by(id=aid).one_or_none()

	pids=oauth.idlist(page=int(request.values.get("page",1)))

	next_exists=len(pids)==101
	pids=pids[:100]

	posts=get_posts(pids, v=v)

	return render_template("admin/app.html",
						   v=v,
						   app=oauth,
						   listing=posts,
						   next_exists=next_exists
						   )

@app.get("/admin/app/<aid>/comments")
@admin_level_required(2)
def admin_app_id_comments(v, aid):

	aid=aid

	oauth = g.db.query(OauthApp).filter_by(id=aid).one_or_none()

	cids=oauth.comments_idlist(page=int(request.values.get("page",1)),
		)

	next_exists=len(cids)==101
	cids=cids[:100]

	comments=get_comments(cids, v=v)


	return render_template("admin/app.html",
						   v=v,
						   app=oauth,
						   comments=comments,
						   next_exists=next_exists,
						   standalone=True
						   )


@app.get("/admin/apps")
@admin_level_required(2)
def admin_apps_list(v):

	apps = g.db.query(OauthApp).order_by(OauthApp.id.desc()).all()

	return render_template("admin/apps.html", v=v, apps=apps)


@app.post("/oauth/reroll/<aid>")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@auth_required
def reroll_oauth_tokens(aid, v):

	aid = aid

	a = g.db.query(OauthApp).filter_by(id=aid).one_or_none()

	if a.author_id != v.id: abort(403)

	a.client_id = secrets.token_urlsafe(64)[:64]
	g.db.add(a)

	g.db.commit()

	return {"message": "Client ID Rerolled", "id": a.client_id}
fd 2021-10-15 14:08:27 +00:00			`from files.helpers.wrappers import *`
			`from files.helpers.alerts import *`
			`from files.helpers.get import *`
			`from files.helpers.const import *`
			`from files.classes import *`
			`from flask import *`
			`from files.__main__ import app, limiter`
Fixed oauth error (#223) 2022-03-17 07:14:46 +00:00			`import sqlalchemy.exc`
fd 2021-10-15 14:08:27 +00:00
			`@app.get("/authorize")`
			`@auth_required`
			`def authorize_prompt(v):`
			`client_id = request.values.get("client_id")`
fsd 2022-01-02 00:06:46 +00:00			`application = g.db.query(OauthApp).filter_by(client_id=client_id).one_or_none()`
fd 2021-10-15 14:08:27 +00:00			if not application: return {"oauth_error": "Invalid `client_id`"}, 401
b 2022-01-14 12:04:34 +00:00			`return render_template("oauth.html", v=v, application=application)`
fd 2021-10-15 14:08:27 +00:00

			`@app.post("/authorize")`
testing 2022-01-15 06:31:17 +00:00			`@limiter.limit("1/second;30/minute;200/hour;1000/day")`
fd 2021-10-15 14:08:27 +00:00			`@auth_required`
			`def authorize(v):`

			`client_id = request.values.get("client_id")`
fsd 2022-01-02 00:06:46 +00:00			`application = g.db.query(OauthApp).filter_by(client_id=client_id).one_or_none()`
fd 2021-10-15 14:08:27 +00:00			if not application: return {"oauth_error": "Invalid `client_id`"}, 401
			`access_token = secrets.token_urlsafe(128)[:128]`

Fixed oauth error (#223) 2022-03-17 07:14:46 +00:00			`try:`
			`new_auth = ClientAuth(oauth_client = application.id, user_id = v.id, access_token=access_token)`
			`g.db.add(new_auth)`
			`g.db.commit()`
			`except sqlalchemy.exc.IntegrityError:`
			`g.db.rollback()`
			`old_auth = g.db.query(ClientAuth).filter_by(oauth_client = application.id, user_id = v.id).one()`
			`access_token = old_auth.access_token`
fd 2021-10-15 14:08:27 +00:00
			`return redirect(f"{application.redirect_uri}?token={access_token}")`


			`@app.post("/api_keys")`
testing 2022-01-15 06:31:17 +00:00			`@limiter.limit("1/second;30/minute;200/hour;1000/day")`
big one 2022-01-06 16:46:09 +00:00			`@is_not_permabanned`
fd 2021-10-15 14:08:27 +00:00			`def request_api_keys(v):`

			`new_app = OauthApp(`
dfs 2022-01-29 16:10:31 +00:00			`app_name=request.values.get('name').replace('<','').replace('>',''),`
fd 2021-10-15 14:08:27 +00:00			`redirect_uri=request.values.get('redirect_uri'),`
			`author_id=v.id,`
			`description=request.values.get("description")[:256]`
			`)`

			`g.db.add(new_app)`

site settings 2022-04-12 19:05:50 +00:00			body = f"@{v.username} has requested API keys for `{request.values.get('name')}`. You can approve or deny the request [here](/admin/apps)."
bbb 2022-01-14 06:40:30 +00:00
xvc 2022-02-01 00:07:15 +00:00			`body_html = sanitize(body, noimages=True)`
bbb 2022-01-14 06:40:30 +00:00
gdf 2022-02-21 01:58:12 +00:00
			`new_comment = Comment(author_id=NOTIFICATIONS_ID,`
			`parent_submission=None,`
			`level=1,`
			`body_html=body_html,`
fds 2022-03-31 15:00:57 +00:00			`sentto=2,`
			`distinguish_level=6`
gdf 2022-02-21 01:58:12 +00:00			`)`
			`g.db.add(new_comment)`
			`g.db.flush()`
fsd 2022-04-04 01:41:20 +00:00
			`new_comment.top_comment_id = new_comment.id`

gdf 2022-02-21 01:58:12 +00:00			`for admin in g.db.query(User).filter(User.admin_level > 2).all():`
			`notif = Notification(comment_id=new_comment.id, user_id=admin.id)`
			`g.db.add(notif)`

fd 2021-10-15 14:08:27 +00:00
			`g.db.commit()`

fsd 2022-04-02 17:11:35 +00:00			`return redirect('/settings/apps')`
fd 2021-10-15 14:08:27 +00:00

			`@app.post("/delete_app/<aid>")`
testing 2022-01-15 06:31:17 +00:00			`@limiter.limit("1/second;30/minute;200/hour;1000/day")`
fd 2021-10-15 14:08:27 +00:00			`@auth_required`
			`def delete_oauth_app(v, aid):`

			`aid = int(aid)`
fsd 2022-01-02 00:06:46 +00:00			`app = g.db.query(OauthApp).filter_by(id=aid).one_or_none()`
fd 2021-10-15 14:08:27 +00:00
fsdfds 2021-10-15 15:59:23 +00:00			`if app.author_id != v.id: abort(403)`

redundant 2021-11-06 15:52:48 +00:00			`for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all():`
fd 2021-10-15 14:08:27 +00:00			`g.db.delete(auth)`

			`g.db.delete(app)`

			`g.db.commit()`

fsd 2022-04-02 17:11:35 +00:00			`return redirect('/apps')`
fd 2021-10-15 14:08:27 +00:00

			`@app.post("/edit_app/<aid>")`
testing 2022-01-15 06:31:17 +00:00			`@limiter.limit("1/second;30/minute;200/hour;1000/day")`
big one 2022-01-06 16:46:09 +00:00			`@is_not_permabanned`
fd 2021-10-15 14:08:27 +00:00			`def edit_oauth_app(v, aid):`

			`aid = int(aid)`
fsd 2022-01-02 00:06:46 +00:00			`app = g.db.query(OauthApp).filter_by(id=aid).one_or_none()`
fd 2021-10-15 14:08:27 +00:00
fsdfds 2021-10-15 15:59:23 +00:00			`if app.author_id != v.id: abort(403)`

fd 2021-10-15 14:08:27 +00:00			`app.redirect_uri = request.values.get('redirect_uri')`
			`app.app_name = request.values.get('name')`
			`app.description = request.values.get("description")[:256]`

			`g.db.add(app)`

			`g.db.commit()`

fsd 2022-04-02 17:11:35 +00:00			`return redirect('/settings/apps')`
fd 2021-10-15 14:08:27 +00:00

			`@app.post("/admin/app/approve/<aid>")`
testing 2022-01-15 06:31:17 +00:00			`@limiter.limit("1/second;30/minute;200/hour;1000/day")`
df 2022-01-31 23:10:22 +00:00			`@admin_level_required(3)`
fd 2021-10-15 14:08:27 +00:00			`def admin_app_approve(v, aid):`

fsd 2022-01-02 00:06:46 +00:00			`app = g.db.query(OauthApp).filter_by(id=aid).one_or_none()`
fd 2021-10-15 14:08:27 +00:00			`user = app.author`

			`app.client_id = secrets.token_urlsafe(64)[:64]`
			`g.db.add(app)`

			`access_token = secrets.token_urlsafe(128)[:128]`
			`new_auth = ClientAuth(`
			`oauth_client = app.id,`
			`user_id = user.id,`
			`access_token=access_token`
			`)`

			`g.db.add(new_auth)`

vc 2022-02-22 11:43:38 +00:00			send_repeatable_notification(user.id, f"@{v.username} has approved your application `{app.app_name}`. Here's your access token: `{access_token}`\nPlease check the guide [here](/api) if you don't know what to do next.")
fd 2021-10-15 14:08:27 +00:00
misc 2021-10-25 18:08:03 +00:00			`ma = ModAction(`
			`kind="approve_app",`
			`user_id=v.id,`
			`target_user_id=user.id,`
			`)`
			`g.db.add(ma)`

fd 2021-10-15 14:08:27 +00:00			`g.db.commit()`

sfd 2022-01-07 21:03:14 +00:00			`return {"message": "Application approved"}`
fd 2021-10-15 14:08:27 +00:00

			`@app.post("/admin/app/revoke/<aid>")`
testing 2022-01-15 06:31:17 +00:00			`@limiter.limit("1/second;30/minute;200/hour;1000/day")`
sfdsfd 2021-11-16 04:18:36 +00:00			`@admin_level_required(2)`
fd 2021-10-15 14:08:27 +00:00			`def admin_app_revoke(v, aid):`

fsd 2022-01-02 00:06:46 +00:00			`app = g.db.query(OauthApp).filter_by(id=aid).one_or_none()`
xcv 2022-02-13 02:04:57 +00:00			`if app:`
redundant 2021-11-06 15:52:48 +00:00			`for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all(): g.db.delete(auth)`
fd 2021-10-15 14:08:27 +00:00
vc 2022-02-22 11:43:38 +00:00			send_repeatable_notification(app.author.id, f"@{v.username} has revoked your application `{app.app_name}`.")
fd 2021-10-15 14:08:27 +00:00
			`g.db.delete(app)`

misc 2021-10-25 18:08:03 +00:00			`ma = ModAction(`
			`kind="revoke_app",`
			`user_id=v.id,`
			`target_user_id=app.author.id,`
			`)`
			`g.db.add(ma)`

fd 2021-10-15 14:08:27 +00:00			`g.db.commit()`

sfd 2022-01-07 21:03:14 +00:00			`return {"message": "App revoked"}`
fd 2021-10-15 14:08:27 +00:00

			`@app.post("/admin/app/reject/<aid>")`
testing 2022-01-15 06:31:17 +00:00			`@limiter.limit("1/second;30/minute;200/hour;1000/day")`
sfdsfd 2021-11-16 04:18:36 +00:00			`@admin_level_required(2)`
fd 2021-10-15 14:08:27 +00:00			`def admin_app_reject(v, aid):`

fsd 2022-01-02 00:06:46 +00:00			`app = g.db.query(OauthApp).filter_by(id=aid).one_or_none()`
fd 2021-10-15 14:08:27 +00:00
xcv 2022-02-13 02:04:57 +00:00			`if app:`
			`for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all(): g.db.delete(auth)`
fd 2021-10-15 14:08:27 +00:00
vc 2022-02-22 11:43:38 +00:00			send_repeatable_notification(app.author.id, f"@{v.username} has rejected your application `{app.app_name}`.")
fd 2021-10-15 14:08:27 +00:00
xcv 2022-02-13 02:04:57 +00:00			`g.db.delete(app)`
fd 2021-10-15 14:08:27 +00:00
xcv 2022-02-13 02:04:57 +00:00			`ma = ModAction(`
			`kind="reject_app",`
			`user_id=v.id,`
			`target_user_id=app.author.id,`
			`)`
			`g.db.add(ma)`
misc 2021-10-25 18:08:03 +00:00
xcv 2022-02-13 02:04:57 +00:00			`g.db.commit()`
fd 2021-10-15 14:08:27 +00:00
sfd 2022-01-07 21:03:14 +00:00			`return {"message": "App rejected"}`
fd 2021-10-15 14:08:27 +00:00

			`@app.get("/admin/app/<aid>")`
sfdsfd 2021-11-16 04:18:36 +00:00			`@admin_level_required(2)`
fd 2021-10-15 14:08:27 +00:00			`def admin_app_id(v, aid):`

			`aid=aid`

xv 2022-02-07 11:39:26 +00:00			`oauth = g.db.query(OauthApp).filter_by(id=aid).one_or_none()`
fd 2021-10-15 14:08:27 +00:00
xv 2022-02-07 11:39:26 +00:00			`pids=oauth.idlist(page=int(request.values.get("page",1)))`
fd 2021-10-15 14:08:27 +00:00
			`next_exists=len(pids)==101`
			`pids=pids[:100]`

			`posts=get_posts(pids, v=v)`

b 2022-01-14 12:04:34 +00:00			`return render_template("admin/app.html",`
fd 2021-10-15 14:08:27 +00:00			`v=v,`
			`app=oauth,`
			`listing=posts,`
			`next_exists=next_exists`
			`)`

			`@app.get("/admin/app/<aid>/comments")`
sfdsfd 2021-11-16 04:18:36 +00:00			`@admin_level_required(2)`
fd 2021-10-15 14:08:27 +00:00			`def admin_app_id_comments(v, aid):`

			`aid=aid`

xv 2022-02-07 11:39:26 +00:00			`oauth = g.db.query(OauthApp).filter_by(id=aid).one_or_none()`
fd 2021-10-15 14:08:27 +00:00
			`cids=oauth.comments_idlist(page=int(request.values.get("page",1)),`
			`)`

			`next_exists=len(cids)==101`
			`cids=cids[:100]`

			`comments=get_comments(cids, v=v)`


b 2022-01-14 12:04:34 +00:00			`return render_template("admin/app.html",`
fd 2021-10-15 14:08:27 +00:00			`v=v,`
			`app=oauth,`
			`comments=comments,`
			`next_exists=next_exists,`
			`standalone=True`
			`)`


			`@app.get("/admin/apps")`
sfdsfd 2021-11-16 04:18:36 +00:00			`@admin_level_required(2)`
fd 2021-10-15 14:08:27 +00:00			`def admin_apps_list(v):`

fds 2021-12-30 05:52:26 +00:00			`apps = g.db.query(OauthApp).order_by(OauthApp.id.desc()).all()`
fd 2021-10-15 14:08:27 +00:00
b 2022-01-14 12:04:34 +00:00			`return render_template("admin/apps.html", v=v, apps=apps)`
fd 2021-10-15 14:08:27 +00:00

			`@app.post("/oauth/reroll/<aid>")`
testing 2022-01-15 06:31:17 +00:00			`@limiter.limit("1/second;30/minute;200/hour;1000/day")`
fd 2021-10-15 14:08:27 +00:00			`@auth_required`
			`def reroll_oauth_tokens(aid, v):`

			`aid = aid`

fsd 2022-01-02 00:06:46 +00:00			`a = g.db.query(OauthApp).filter_by(id=aid).one_or_none()`
fd 2021-10-15 14:08:27 +00:00
			`if a.author_id != v.id: abort(403)`

			`a.client_id = secrets.token_urlsafe(64)[:64]`
			`g.db.add(a)`

			`g.db.commit()`

			`return {"message": "Client ID Rerolled", "id": a.client_id}`