2021-08-04 15:35:10 +00:00
from files . helpers . wrappers import *
from files . helpers . alerts import *
from files . helpers . get import *
from files . classes import *
2021-07-21 01:12:26 +00:00
from flask import *
2021-08-04 15:35:10 +00:00
from files . __main__ import app
2021-07-21 01:12:26 +00:00
2021-08-03 16:39:59 +00:00
@app.get ( " /authorize " )
2021-07-21 01:12:26 +00:00
@auth_required
2021-08-03 16:39:59 +00:00
def authorize_prompt ( v ) :
2021-07-21 01:12:26 +00:00
client_id = request . args . get ( " client_id " )
2021-07-25 14:23:53 +00:00
application = g . db . query ( OauthApp ) . filter_by ( client_id = client_id ) . first ( )
2021-08-03 16:39:59 +00:00
if not application : return { " oauth_error " : " Invalid `client_id` " } , 401
2021-08-03 17:16:54 +00:00
return render_template ( " oauth.html " , v = v , application = application )
2021-07-21 01:12:26 +00:00
2021-08-03 16:25:38 +00:00
@app.post ( " /authorize " )
2021-07-21 01:12:26 +00:00
@auth_required
@validate_formkey
2021-08-03 17:16:54 +00:00
def authorize ( v ) :
2021-07-21 01:12:26 +00:00
client_id = request . form . get ( " client_id " )
2021-07-25 14:23:53 +00:00
application = g . db . query ( OauthApp ) . filter_by ( client_id = client_id ) . first ( )
2021-08-03 16:25:38 +00:00
if not application : return { " oauth_error " : " Invalid `client_id` " } , 401
access_token = secrets . token_urlsafe ( 128 ) [ : 128 ]
2021-07-21 01:12:26 +00:00
new_auth = ClientAuth (
2021-08-03 16:25:38 +00:00
oauth_client = application . id ,
user_id = v . id ,
access_token = access_token
2021-07-21 01:12:26 +00:00
)
g . db . add ( new_auth )
2021-08-03 16:25:38 +00:00
return redirect ( f " { application . redirect_uri } ?token= { access_token } " )
2021-07-21 01:12:26 +00:00
2021-07-27 22:31:28 +00:00
@app.post ( " /api_keys " )
2021-07-21 01:12:26 +00:00
@is_not_banned
def request_api_keys ( v ) :
new_app = OauthApp (
app_name = request . form . get ( ' name ' ) ,
redirect_uri = request . form . get ( ' redirect_uri ' ) ,
author_id = v . id ,
2021-07-28 10:57:41 +00:00
description = request . form . get ( " description " ) [ : 256 ]
2021-07-21 01:12:26 +00:00
)
g . db . add ( new_app )
send_admin ( 1046 , f " @ { v . username } has requested API keys for ` { request . form . get ( ' name ' ) } `. You can approve or deny the request [here](/admin/apps). " )
return redirect ( ' /settings/apps ' )
2021-07-27 22:31:28 +00:00
@app.post ( " /delete_app/<aid> " )
2021-07-21 01:12:26 +00:00
@is_not_banned
@validate_formkey
def delete_oauth_app ( v , aid ) :
aid = int ( aid )
app = g . db . query ( OauthApp ) . filter_by ( id = aid ) . first ( )
for auth in g . db . query ( ClientAuth ) . filter_by ( oauth_client = app . id ) . all ( ) :
g . db . delete ( auth )
g . db . delete ( app )
return redirect ( ' /apps ' )
2021-07-27 22:31:28 +00:00
@app.post ( " /edit_app/<aid> " )
2021-07-21 01:12:26 +00:00
@is_not_banned
@validate_formkey
def edit_oauth_app ( v , aid ) :
aid = int ( aid )
app = g . db . query ( OauthApp ) . filter_by ( id = aid ) . first ( )
app . redirect_uri = request . form . get ( ' redirect_uri ' )
app . app_name = request . form . get ( ' name ' )
2021-07-28 10:57:41 +00:00
app . description = request . form . get ( " description " ) [ : 256 ]
2021-07-21 01:12:26 +00:00
g . db . add ( app )
return redirect ( ' /settings/apps ' )
2021-07-27 22:31:28 +00:00
@app.post ( " /admin/app/approve/<aid> " )
2021-07-21 01:12:26 +00:00
@admin_level_required ( 3 )
@validate_formkey
def admin_app_approve ( v , aid ) :
2021-07-30 05:31:38 +00:00
app = g . db . query ( OauthApp ) . filter_by ( id = aid ) . first ( )
2021-08-09 21:03:36 +00:00
user = app . author
2021-07-21 01:12:26 +00:00
2021-08-02 07:37:46 +00:00
app . client_id = secrets . token_urlsafe ( 64 ) [ : 64 ]
2021-07-21 01:12:26 +00:00
g . db . add ( app )
2021-08-03 16:51:35 +00:00
access_token = secrets . token_urlsafe ( 128 ) [ : 128 ]
new_auth = ClientAuth (
oauth_client = app . id ,
2021-08-09 21:03:36 +00:00
user_id = user . id ,
2021-08-03 16:51:35 +00:00
access_token = access_token
)
g . db . add ( new_auth )
2021-08-09 21:05:17 +00:00
send_notification ( 1046 , user , f " Your application ` { app . app_name } ` has been approved. Here ' s your access token: ` { access_token } ` \n Please check the guide [here](/api) if you don ' t know what to do next. " )
2021-07-21 01:12:26 +00:00
2021-07-31 05:28:05 +00:00
return { " message " : f " { app . app_name } approved " }
2021-07-21 01:12:26 +00:00
2021-07-27 22:31:28 +00:00
@app.post ( " /admin/app/revoke/<aid> " )
2021-07-21 01:12:26 +00:00
@admin_level_required ( 3 )
@validate_formkey
def admin_app_revoke ( v , aid ) :
2021-07-30 05:31:38 +00:00
app = g . db . query ( OauthApp ) . filter_by ( id = aid ) . first ( )
2021-07-21 01:12:26 +00:00
2021-08-03 17:43:30 +00:00
for auth in g . db . query ( ClientAuth ) . filter_by ( oauth_client = app . id ) . all ( ) : g . db . delete ( auth )
2021-07-21 01:12:26 +00:00
2021-08-03 17:43:30 +00:00
g . db . flush ( )
send_notification ( 1046 , app . author , f " Your application ` { app . app_name } ` has been revoked. " )
2021-07-21 01:12:26 +00:00
2021-08-03 17:43:30 +00:00
g . db . delete ( app )
2021-07-21 01:12:26 +00:00
2021-08-03 17:43:30 +00:00
return { " message " : f " App revoked " }
2021-07-21 01:12:26 +00:00
2021-07-27 22:31:28 +00:00
@app.post ( " /admin/app/reject/<aid> " )
2021-07-21 01:12:26 +00:00
@admin_level_required ( 3 )
@validate_formkey
def admin_app_reject ( v , aid ) :
2021-07-30 05:31:38 +00:00
app = g . db . query ( OauthApp ) . filter_by ( id = aid ) . first ( )
2021-07-21 01:12:26 +00:00
2021-08-03 17:43:30 +00:00
for auth in g . db . query ( ClientAuth ) . filter_by ( oauth_client = app . id ) . all ( ) : g . db . delete ( auth )
2021-07-21 01:12:26 +00:00
g . db . flush ( )
2021-08-03 17:43:30 +00:00
send_notification ( 1046 , app . author , f " Your application ` { app . app_name } ` has been rejected. " )
2021-07-21 01:12:26 +00:00
g . db . delete ( app )
2021-08-03 17:43:30 +00:00
return { " message " : f " App rejected " }
2021-07-21 01:12:26 +00:00
2021-07-27 22:31:28 +00:00
@app.get ( " /admin/app/<aid> " )
2021-07-21 01:12:26 +00:00
@admin_level_required ( 3 )
def admin_app_id ( v , aid ) :
2021-07-30 05:31:38 +00:00
aid = aid
2021-07-21 01:12:26 +00:00
oauth = g . db . query ( OauthApp ) . options (
joinedload (
OauthApp . author ) ) . filter_by (
id = aid ) . first ( )
pids = oauth . idlist ( page = int ( request . args . get ( " page " , 1 ) ) ,
)
next_exists = len ( pids ) == 101
2021-08-02 07:37:46 +00:00
pids = pids [ : 100 ]
2021-07-21 01:12:26 +00:00
posts = get_posts ( pids , v = v )
return render_template ( " admin/app.html " ,
v = v ,
app = oauth ,
listing = posts ,
next_exists = next_exists
)
2021-07-27 22:31:28 +00:00
@app.get ( " /admin/app/<aid>/comments " )
2021-07-21 01:12:26 +00:00
@admin_level_required ( 3 )
def admin_app_id_comments ( v , aid ) :
2021-07-30 05:31:38 +00:00
aid = aid
2021-07-21 01:12:26 +00:00
oauth = g . db . query ( OauthApp ) . options (
joinedload (
OauthApp . author ) ) . filter_by (
id = aid ) . first ( )
cids = oauth . comments_idlist ( page = int ( request . args . get ( " page " , 1 ) ) ,
)
next_exists = len ( cids ) == 101
2021-08-02 07:37:46 +00:00
cids = cids [ : 100 ]
2021-07-21 01:12:26 +00:00
comments = get_comments ( cids , v = v )
return render_template ( " admin/app.html " ,
v = v ,
app = oauth ,
comments = comments ,
next_exists = next_exists ,
standalone = True
)
2021-07-27 22:31:28 +00:00
@app.get ( " /admin/apps " )
2021-07-21 01:12:26 +00:00
@admin_level_required ( 3 )
def admin_apps_list ( v ) :
2021-08-03 16:41:52 +00:00
apps = g . db . query ( OauthApp ) . all ( )
2021-07-21 01:12:26 +00:00
2021-08-03 18:22:22 +00:00
return render_template ( " admin/apps.html " , v = v , apps = apps )
@app.post ( " /oauth/reroll/<aid> " )
@auth_required
def reroll_oauth_tokens ( aid , v ) :
aid = aid
a = g . db . query ( OauthApp ) . filter_by ( id = aid ) . first ( )
if a . author_id != v . id : abort ( 403 )
a . client_id = secrets . token_urlsafe ( 64 ) [ : 64 ]
g . db . add ( a )
return { " message " : " Client ID Rerolled " , " id " : a . client_id }