From ee6419eb4e8982e68012112402dbb3103b600a56 Mon Sep 17 00:00:00 2001 From: Aevann1 Date: Wed, 28 Jul 2021 00:31:28 +0200 Subject: [PATCH] dffdfd --- drama/mail/mail.py | 4 +-- drama/routes/admin.py | 74 ++++++++++++++++++++-------------------- drama/routes/comments.py | 38 ++++++++++----------- drama/routes/discord.py | 4 +-- drama/routes/errors.py | 4 +-- drama/routes/feeds.py | 2 +- drama/routes/flagging.py | 4 +-- drama/routes/front.py | 18 +++++----- drama/routes/login.py | 26 +++++++------- drama/routes/oauth.py | 32 ++++++++--------- drama/routes/posts.py | 40 +++++++++++----------- drama/routes/search.py | 12 +++---- drama/routes/settings.py | 52 ++++++++++++++-------------- drama/routes/static.py | 42 +++++++++++------------ drama/routes/users.py | 50 +++++++++++++-------------- drama/routes/votes.py | 10 +++--- 16 files changed, 206 insertions(+), 206 deletions(-) diff --git a/drama/mail/mail.py b/drama/mail/mail.py index e0c0e1ab8..ebe5eddc6 100644 --- a/drama/mail/mail.py +++ b/drama/mail/mail.py @@ -51,7 +51,7 @@ def send_verification_email(user, email=None): ) -@app.route("/api/verify_email", methods=["POST"]) +@app.post("/api/verify_email") @is_not_banned def api_verify_email(v): @@ -60,7 +60,7 @@ def api_verify_email(v): return "", 204 -@app.route("/activate", methods=["GET"]) +@app.get("/activate") @auth_desired def activate(v): diff --git a/drama/routes/admin.py b/drama/routes/admin.py index 1bf1a5391..1b5c69698 100644 --- a/drama/routes/admin.py +++ b/drama/routes/admin.py @@ -20,7 +20,7 @@ import matplotlib.pyplot as plt from .front import frontlist from drama.__main__ import app, cache -@app.route("/admin/shadowbanned", methods=["GET"]) +@app.get("/admin/shadowbanned") @auth_required def shadowbanned(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -29,7 +29,7 @@ def shadowbanned(v): return render_template("banned.html", v=v, users=users) -@app.route("/admin/agendaposters", methods=["GET"]) +@app.get("/admin/agendaposters") @auth_required def agendaposters(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -38,7 +38,7 @@ def agendaposters(v): return render_template("banned.html", v=v, users=users) -@app.route("/admin/flagged/posts", methods=["GET"]) +@app.get("/admin/flagged/posts") @admin_level_required(3) def flagged_posts(v): @@ -61,7 +61,7 @@ def flagged_posts(v): next_exists=next_exists, listing=listing, page=page, v=v) -@app.route("/admin/image_posts", methods=["GET"]) +@app.get("/admin/image_posts") @admin_level_required(3) @api("read") def image_posts_listing(v): @@ -89,7 +89,7 @@ def image_posts_listing(v): } -@app.route("/admin/flagged/comments", methods=["GET"]) +@app.get("/admin/flagged/comments") @admin_level_required(3) def flagged_comments(v): @@ -115,7 +115,7 @@ def flagged_comments(v): v=v, standalone=True) -@app.route("/admin", methods=["GET"]) +@app.get("/admin") @admin_level_required(3) def admin_home(v): with open('./disablesignups', 'r') as f: @@ -123,7 +123,7 @@ def admin_home(v): return render_template("admin/admin_home.html", v=v, x=x) -@app.route("/admin/disablesignups", methods=["POST"]) +@app.post("/admin/disablesignups") @admin_level_required(6) @validate_formkey def disablesignups(v): @@ -134,7 +134,7 @@ def disablesignups(v): return "", 204 -@app.route("/admin/badge_grant", methods=["GET"]) +@app.get("/admin/badge_grant") @admin_level_required(4) def badge_grant_get(v): @@ -155,7 +155,7 @@ def badge_grant_get(v): ) -@app.route("/admin/badge_grant", methods=["POST"]) +@app.post("/admin/badge_grant") @admin_level_required(4) @validate_formkey def badge_grant_post(v): @@ -207,7 +207,7 @@ def badge_grant_post(v): return redirect(user.url) -@app.route("/admin/users", methods=["GET"]) +@app.get("/admin/users") @admin_level_required(2) def users_list(v): @@ -230,7 +230,7 @@ def users_list(v): ) -@app.route("/admin/content_stats", methods=["GET"]) +@app.get("/admin/content_stats") @admin_level_required(2) def participation_stats(v): @@ -265,7 +265,7 @@ def participation_stats(v): return render_template("admin/content_stats.html", v=v, title="Content Statistics", data=data) -@app.route("/admin/alt_votes", methods=["GET"]) +@app.get("/admin/alt_votes") @admin_level_required(4) def alt_votes_get(v): @@ -374,7 +374,7 @@ def alt_votes_get(v): ) -@app.route("/admin/link_accounts", methods=["POST"]) +@app.post("/admin/link_accounts") @admin_level_required(4) @validate_formkey def admin_link_accounts(v): @@ -394,7 +394,7 @@ def admin_link_accounts(v): return redirect(f"/admin/alt_votes?u1={g.db.query(User).get(u1).username}&u2={g.db.query(User).get(u2).username}") -@app.route("/admin/removed", methods=["GET"]) +@app.get("/admin/removed") @admin_level_required(3) def admin_removed(v): @@ -419,7 +419,7 @@ def admin_removed(v): ) -@app.route("/admin/appdata", methods=["GET"]) +@app.get("/admin/appdata") @admin_level_required(4) def admin_appdata(v): @@ -441,7 +441,7 @@ def admin_appdata(v): v=v) -@app.route("/admin/domain/", methods=["GET"]) +@app.get("/admin/domain/") @admin_level_required(4) def admin_domain_domain(domain_name, v): @@ -460,7 +460,7 @@ def admin_domain_domain(domain_name, v): ) -@app.route("/admin/image_purge", methods=["POST"]) +@app.post("/admin/image_purge") @admin_level_required(5) def admin_image_purge(v): @@ -469,7 +469,7 @@ def admin_image_purge(v): return redirect("/admin/image_purge") -@app.route("/admin/image_ban", methods=["POST"]) +@app.post("/admin/image_ban") @admin_level_required(4) @validate_formkey def admin_image_ban(v): @@ -507,7 +507,7 @@ def admin_image_ban(v): return render_template("admin/image_ban.html", v=v, success=True) -@app.route("/agendaposter/", methods=["POST"]) +@app.post("/agendaposter/") @admin_level_required(6) @validate_formkey def agendaposter(user_id, v): @@ -549,7 +549,7 @@ def agendaposter(user_id, v): else: return redirect(user.url) -@app.route("/shadowban/", methods=["POST"]) +@app.post("/shadowban/") @admin_level_required(6) @validate_formkey def shadowban(user_id, v): @@ -571,7 +571,7 @@ def shadowban(user_id, v): return "", 204 -@app.route("/unshadowban/", methods=["POST"]) +@app.post("/unshadowban/") @admin_level_required(6) @validate_formkey def unshadowban(user_id, v): @@ -593,7 +593,7 @@ def unshadowban(user_id, v): return "", 204 -@app.route("/admin/title_change/", methods=["POST"]) +@app.post("/admin/title_change/") @admin_level_required(6) @validate_formkey def admin_title_change(user_id, v): @@ -626,7 +626,7 @@ def admin_title_change(user_id, v): return (redirect(user.url), user) -@app.route("/api/ban_user/", methods=["POST"]) +@app.post("/api/ban_user/") @admin_level_required(6) @validate_formkey def ban_user(user_id, v): @@ -683,7 +683,7 @@ def ban_user(user_id, v): return jsonify({"message": f"@{user.username} was banned"}) -@app.route("/api/unban_user/", methods=["POST"]) +@app.post("/api/unban_user/") @admin_level_required(6) @validate_formkey def unban_user(user_id, v): @@ -713,7 +713,7 @@ def unban_user(user_id, v): if request.args.get("notoast"): return (redirect(user.url), user) return jsonify({"message": f"@{user.username} was unbanned"}) -@app.route("/api/ban_post/", methods=["POST"]) +@app.post("/api/ban_post/") @admin_level_required(3) @validate_formkey def ban_post(post_id, v): @@ -749,7 +749,7 @@ def ban_post(post_id, v): return "", 204 -@app.route("/api/unban_post/", methods=["POST"]) +@app.post("/api/unban_post/") @admin_level_required(3) @validate_formkey def unban_post(post_id, v): @@ -777,7 +777,7 @@ def unban_post(post_id, v): return "", 204 -@app.route("/api/distinguish/", methods=["POST"]) +@app.post("/api/distinguish/") @admin_level_required(1) @validate_formkey def api_distinguish_post(post_id, v): @@ -800,7 +800,7 @@ def api_distinguish_post(post_id, v): return "", 204 -@app.route("/api/sticky/", methods=["POST"]) +@app.post("/api/sticky/") @admin_level_required(3) def api_sticky_post(post_id, v): @@ -813,7 +813,7 @@ def api_sticky_post(post_id, v): return "", 204 -@app.route("/api/pin/", methods=["POST"]) +@app.post("/api/pin/") @auth_required def api_pin_post(post_id, v): @@ -824,7 +824,7 @@ def api_pin_post(post_id, v): return "", 204 -@app.route("/api/ban_comment/", methods=["post"]) +@app.post("/api/ban_comment/") @admin_level_required(1) def api_ban_comment(c_id, v): @@ -845,7 +845,7 @@ def api_ban_comment(c_id, v): return "", 204 -@app.route("/api/unban_comment/", methods=["post"]) +@app.post("/api/unban_comment/") @admin_level_required(1) def api_unban_comment(c_id, v): @@ -869,8 +869,8 @@ def api_unban_comment(c_id, v): return "", 204 -@app.route("/api/distinguish_comment/", methods=["post"]) -@app.route("/api/v1/distinguish_comment/", methods=["post"]) +@app.post("/api/distinguish_comment/") +@app.post("/api/v1/distinguish_comment/") @auth_required @api("read") def admin_distinguish_comment(c_id, v): @@ -898,14 +898,14 @@ def admin_distinguish_comment(c_id, v): return jsonify({"html":html, "api":html}) -@app.route("/admin/dump_cache", methods=["GET"]) +@app.get("/admin/dump_cache") @admin_level_required(6) def admin_dump_cache(v): cache.clear() return jsonify({"message": "Internal cache cleared."}) -@app.route("/admin/ban_domain", methods=["POST"]) +@app.post("/admin/ban_domain") @admin_level_required(4) @validate_formkey def admin_ban_domain(v): @@ -940,7 +940,7 @@ def admin_ban_domain(v): return redirect(d.permalink) -@app.route("/admin/nuke_user", methods=["POST"]) +@app.post("/admin/nuke_user") @admin_level_required(4) @validate_formkey def admin_nuke_user(v): @@ -970,7 +970,7 @@ def admin_nuke_user(v): return redirect(user.url) -@app.route("/admin/unnuke_user", methods=["POST"]) +@app.post("/admin/unnuke_user") @admin_level_required(4) @validate_formkey def admin_nunuke_user(v): diff --git a/drama/routes/comments.py b/drama/routes/comments.py index bc29696e4..af4275e54 100644 --- a/drama/routes/comments.py +++ b/drama/routes/comments.py @@ -50,16 +50,16 @@ def banawardcomment(comment_id, v): return jsonify({"message": "User banned successfully!"}), 204 -@app.route("/api/v1/post//comment/", methods=["GET"]) +@app.get("/api/v1/post//comment/") def comment_cid_api_redirect(cid=None, pid=None): redirect(f'/api/v1/comment/') -@app.route("/comment/", methods=["GET"]) -@app.route("/comment/", methods=["GET"]) -@app.route("/post_short//", methods=["GET"]) -@app.route("/post_short///", methods=["GET"]) -@app.route("/api/v1/comment/", methods=["GET"]) -@app.route("/post///", methods=["GET"]) +@app.get("/comment/") +@app.get("/comment/") +@app.get("/post_short//") +@app.get("/post_short///") +@app.get("/api/v1/comment/") +@app.get("/post///") @app.route("/api/vue/comment/") @auth_desired @api("read") @@ -229,8 +229,8 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None): 'api': lambda: top_comment.json } -@app.route("/api/comment", methods=["POST"]) -@app.route("/api/v1/comment", methods=["POST"]) +@app.post("/api/comment") +@app.post("/api/v1/comment") @limiter.limit("6/minute") @is_not_banned @validate_formkey @@ -635,7 +635,7 @@ def api_comment(v): -@app.route("/edit_comment/", methods=["POST"]) +@app.post("/edit_comment/") @is_not_banned @validate_formkey @api("edit") @@ -868,8 +868,8 @@ def delete_comment(cid, v): return {"html": lambda: ("", 204), "api": lambda: ("", 204)} -@app.route("/undelete/comment/", methods=["POST"]) -@app.route("/api/v1/undelete/comment/", methods=["POST"]) +@app.post("/undelete/comment/") +@app.post("/api/v1/undelete/comment/") @auth_required @validate_formkey @api("delete") @@ -892,10 +892,10 @@ def undelete_comment(cid, v): return {"html": lambda: ("", 204), "api": lambda: ("", 204)} -@app.route("/embed/comment/", methods=["GET"]) -@app.route("/embed/post//comment/", methods=["GET"]) -@app.route("/api/v1/embed/comment/", methods=["GET"]) -@app.route("/api/v1/embed/post//comment/", methods=["GET"]) +@app.get("/embed/comment/") +@app.get("/embed/post//comment/") +@app.get("/api/v1/embed/comment/") +@app.get("/api/v1/embed/post//comment/") def embed_comment_cid(cid, pid=None): comment = get_comment(int(cid)) @@ -910,7 +910,7 @@ def embed_comment_cid(cid, pid=None): return render_template("embeds/comment.html", c=comment) -@app.route("/comment_pin/", methods=["POST"]) +@app.post("/comment_pin/") @auth_required @validate_formkey def toggle_comment_pin(cid, v): @@ -945,7 +945,7 @@ def toggle_comment_pin(cid, v): return jsonify({"html":html}) -@app.route("/save_comment/", methods=["POST"]) +@app.post("/save_comment/") @auth_required @validate_formkey def save_comment(cid, v): @@ -961,7 +961,7 @@ def save_comment(cid, v): return "", 204 -@app.route("/unsave_comment/", methods=["POST"]) +@app.post("/unsave_comment/") @auth_required @validate_formkey def unsave_comment(cid, v): diff --git a/drama/routes/discord.py b/drama/routes/discord.py index ee9656fba..cb519613d 100644 --- a/drama/routes/discord.py +++ b/drama/routes/discord.py @@ -12,7 +12,7 @@ DISCORD_ENDPOINT = "https://discordapp.com/api/v6" WELCOME_CHANNEL="846509313941700618" -@app.route("/discord", methods=["GET"]) +@app.get("/discord") @auth_required def join_discord(v): @@ -27,7 +27,7 @@ def join_discord(v): return redirect(f"https://discord.com/api/oauth2/authorize?client_id={CLIENT_ID}&redirect_uri=https%3A%2F%2F{app.config['SERVER_NAME']}%2Fdiscord_redirect&response_type=code&scope=identify%20guilds.join&state={state}") -@app.route("/discord_redirect", methods=["GET"]) +@app.get("/discord_redirect") @auth_required def discord_redirect(v): diff --git a/drama/routes/errors.py b/drama/routes/errors.py index e267c0e7c..c9df3910f 100644 --- a/drama/routes/errors.py +++ b/drama/routes/errors.py @@ -154,7 +154,7 @@ def error_503(e, v): } -@app.route("/allow_nsfw", methods=["POST"]) +@app.post("/allow_nsfw") def allow_nsfw(): session["over_18"] = int(time.time()) + 3600 @@ -162,7 +162,7 @@ def allow_nsfw(): return redirect(request.form.get("redir")) -@app.route("/error/", methods=["GET"]) +@app.get("/error/") @auth_desired def error_all_preview(error, v): diff --git a/drama/routes/feeds.py b/drama/routes/feeds.py index a51a780ba..464801091 100644 --- a/drama/routes/feeds.py +++ b/drama/routes/feeds.py @@ -7,7 +7,7 @@ from yattag import Doc from drama.__main__ import app -@app.route('/rss//', methods=["GET"]) +@app.get('/rss//') def feeds_user(sort='hot', t='all'): page = int(request.args.get("page", 1)) diff --git a/drama/routes/flagging.py b/drama/routes/flagging.py index 47c723456..51fdadb6f 100644 --- a/drama/routes/flagging.py +++ b/drama/routes/flagging.py @@ -4,7 +4,7 @@ from flask import g from drama.__main__ import app -@app.route("/api/flag/post/", methods=["POST"]) +@app.post("/api/flag/post/") @auth_desired def api_flag_post(pid, v): @@ -30,7 +30,7 @@ def api_flag_post(pid, v): return "", 204 -@app.route("/api/flag/comment/", methods=["POST"]) +@app.post("/api/flag/comment/") @auth_desired def api_flag_comment(cid, v): diff --git a/drama/routes/front.py b/drama/routes/front.py index 81e42e5e4..58203cc27 100644 --- a/drama/routes/front.py +++ b/drama/routes/front.py @@ -4,13 +4,13 @@ from drama.helpers.get import * from drama.__main__ import app, cache from drama.classes.submission import Submission -@app.route("/post/", methods=["GET"]) +@app.get("/post/") def slash_post(): return redirect("/") # this is a test -@app.route("/notifications", methods=["GET"]) +@app.get("/notifications") @auth_required def notifications(v): @@ -176,8 +176,8 @@ def frontlist(v=None, sort="hot", page=1,t="all", ids_only=True, filter_words='' return posts return posts -@app.route("/", methods=["GET"]) -@app.route("/api/v1/listing", methods=["GET"]) +@app.get("/") +@app.get("/api/v1/listing") @auth_desired def front_all(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -288,8 +288,8 @@ def changeloglist(v=None, sort="new", page=1 ,t="all", **kwargs): posts = [x.id for x in posts] return posts -@app.route("/changelog", methods=["GET"]) -@app.route("/api/v1/changelog", methods=["GET"]) +@app.get("/changelog") +@app.get("/api/v1/changelog") @auth_desired @api("read") def changelog(v): @@ -330,7 +330,7 @@ def changelog(v): ) } -@app.route("/random", methods=["GET"]) +@app.get("/random") @auth_desired def random_post(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -404,8 +404,8 @@ def comment_idlist(page=1, v=None, nsfw=False, sort="new", t="all", **kwargs): return comments[:26] -@app.route("/comments", methods=["GET"]) -@app.route("/api/v1/front/comments", methods=["GET"]) +@app.get("/comments") +@app.get("/api/v1/front/comments") @auth_desired @api("read") def all_comments(v): diff --git a/drama/routes/login.py b/drama/routes/login.py index 55653875f..641a19bb2 100644 --- a/drama/routes/login.py +++ b/drama/routes/login.py @@ -6,7 +6,7 @@ valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$") valid_password_regex = re.compile("^.{8,100}$") -@app.route("/login", methods=["GET"]) +@app.get("/login") @no_cors @auth_desired def login_get(v): @@ -52,7 +52,7 @@ def check_for_alts(current_id): @no_cors -@app.route("/login", methods=["POST"]) +@app.post("/login") @limiter.limit("6/minute") def login_post(): @@ -133,14 +133,14 @@ def login_post(): return redirect(account.url) -@app.route("/me", methods=["GET"]) -@app.route("/@me", methods=["GET"]) +@app.get("/me") +@app.get("/@me") @auth_required def me(v): return redirect(v.url) -@app.route("/logout", methods=["POST"]) +@app.post("/logout") @auth_required @validate_formkey def logout(v): @@ -153,7 +153,7 @@ def logout(v): # signing up -@app.route("/signup", methods=["GET"]) +@app.get("/signup") @no_cors @auth_desired def sign_up_get(v): @@ -210,7 +210,7 @@ def sign_up_get(v): # signup api -@app.route("/signup", methods=["POST"]) +@app.post("/signup") @no_cors @auth_desired def sign_up_post(v): @@ -382,7 +382,7 @@ def sign_up_post(v): return redirect("/") -@app.route("/forgot", methods=["GET"]) +@app.get("/forgot") def get_forgot(): return render_template("forgot_password.html", @@ -390,7 +390,7 @@ def get_forgot(): ) -@app.route("/forgot", methods=["POST"]) +@app.post("/forgot") def post_forgot(): username = request.form.get("username").lstrip('@') @@ -426,7 +426,7 @@ def post_forgot(): i=random_image()) -@app.route("/reset", methods=["GET"]) +@app.get("/reset") def get_reset(): user_id = request.args.get("id") @@ -458,7 +458,7 @@ def get_reset(): ) -@app.route("/reset", methods=["POST"]) +@app.post("/reset") @auth_desired def post_reset(v): if v: @@ -510,7 +510,7 @@ def lost_2fa(v): v=v ) -@app.route("/request_2fa_disable", methods=["POST"]) +@app.post("/request_2fa_disable") @limiter.limit("6/minute") def request_2fa_disable(): @@ -558,7 +558,7 @@ def request_2fa_disable(): title="Removal request received", message="If username, password, and email match, we will send you an email.") -@app.route("/reset_2fa", methods=["GET"]) +@app.get("/reset_2fa") def reset_2fa(): now=int(time.time()) diff --git a/drama/routes/oauth.py b/drama/routes/oauth.py index 5573efef1..a5f8eccaa 100644 --- a/drama/routes/oauth.py +++ b/drama/routes/oauth.py @@ -15,7 +15,7 @@ SCOPES = { } -@app.route("/oauth/authorize", methods=["GET"]) +@app.get("/oauth/authorize") @auth_required def oauth_authorize_prompt(v): ''' @@ -80,7 +80,7 @@ def oauth_authorize_prompt(v): ) -@app.route("/oauth/authorize", methods=["POST"]) +@app.post("/oauth/authorize") @auth_required @validate_formkey def oauth_authorize_post(v): @@ -136,7 +136,7 @@ def oauth_authorize_post(v): return redirect(f"{redirect_uri}?code={new_auth.oauth_code}&scopes={scopes_txt}&state={state}") -@app.route("/oauth/grant", methods=["POST"]) +@app.post("/oauth/grant") def oauth_grant(): ''' This endpoint takes the following parameters: @@ -221,7 +221,7 @@ def oauth_grant(): return jsonify({"oauth_error": f"Invalid grant_type `{request.values.get('grant_type','')}`. Expected `code` or `refresh`."}), 400 -@app.route("/api_keys", methods=["POST"]) +@app.post("/api_keys") @is_not_banned def request_api_keys(v): @@ -239,7 +239,7 @@ def request_api_keys(v): return redirect('/settings/apps') -@app.route("/delete_app/", methods=["POST"]) +@app.post("/delete_app/") @is_not_banned @validate_formkey def delete_oauth_app(v, aid): @@ -257,7 +257,7 @@ def delete_oauth_app(v, aid): return redirect('/apps') -@app.route("/edit_app/", methods=["POST"]) +@app.post("/edit_app/") @is_not_banned @validate_formkey def edit_oauth_app(v, aid): @@ -282,7 +282,7 @@ def api_v1_identity(v): return jsonify(v.json) -@app.route("/admin/app/approve/", methods=["POST"]) +@app.post("/admin/app/approve/") @admin_level_required(3) @validate_formkey def admin_app_approve(v, aid): @@ -300,7 +300,7 @@ def admin_app_approve(v, aid): return jsonify({"message": f"{app.app_name} approved"}) -@app.route("/admin/app/revoke/", methods=["POST"]) +@app.post("/admin/app/revoke/") @admin_level_required(3) @validate_formkey def admin_app_revoke(v, aid): @@ -318,7 +318,7 @@ def admin_app_revoke(v, aid): return jsonify({"message": f"{app.app_name} revoked"}) -@app.route("/admin/app/reject/", methods=["POST"]) +@app.post("/admin/app/reject/") @admin_level_required(3) @validate_formkey def admin_app_reject(v, aid): @@ -337,7 +337,7 @@ def admin_app_reject(v, aid): return jsonify({"message": f"{app.app_name} rejected"}) -@app.route("/admin/app/", methods=["GET"]) +@app.get("/admin/app/") @admin_level_required(3) def admin_app_id(v, aid): @@ -363,7 +363,7 @@ def admin_app_id(v, aid): next_exists=next_exists ) -@app.route("/admin/app//comments", methods=["GET"]) +@app.get("/admin/app//comments") @admin_level_required(3) def admin_app_id_comments(v, aid): @@ -392,7 +392,7 @@ def admin_app_id_comments(v, aid): ) -@app.route("/admin/apps", methods=["GET"]) +@app.get("/admin/apps") @admin_level_required(3) def admin_apps_list(v): @@ -405,7 +405,7 @@ def admin_apps_list(v): return render_template("admin/apps.html", v=v, apps=apps) -@app.route("/oauth/reroll/", methods=["POST"]) +@app.post("/oauth/reroll/") @auth_required def reroll_oauth_tokens(aid, v): @@ -428,7 +428,7 @@ def reroll_oauth_tokens(aid, v): ) -@app.route("/oauth/rescind/", methods=["POST"]) +@app.post("/oauth/rescind/") @auth_required @validate_formkey def oauth_rescind_app(aid, v): @@ -443,7 +443,7 @@ def oauth_rescind_app(aid, v): return jsonify({"message": f"{auth.application.app_name} Revoked"}) -@app.route("/api/v1/release", methods=["POST"]) +@app.post("/api/v1/release") @auth_required @api() def oauth_release_auth(v): @@ -462,7 +462,7 @@ def oauth_release_auth(v): return jsonify({"message":"Authorization released"}) -@app.route("/api/v1/kill", methods=["POST"]) +@app.post("/api/v1/kill") @auth_required @api() def oauth_kill_auth(v): diff --git a/drama/routes/posts.py b/drama/routes/posts.py index 2e6ca1047..1fe3425d8 100644 --- a/drama/routes/posts.py +++ b/drama/routes/posts.py @@ -52,7 +52,7 @@ def postbanaward(post_id, v): return jsonify({"message": "User banned successfully!"}), 204 -@app.route("/api/publish/", methods=["POST"]) +@app.post("/api/publish/") @is_not_banned @validate_formkey def publish(pid, v): @@ -64,7 +64,7 @@ def publish(pid, v): g.db.commit() return "", 204 -@app.route("/submit", methods=["GET"]) +@app.get("/submit") @auth_required def submit_get(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -72,10 +72,10 @@ def submit_get(v): return render_template("submit.html", v=v) -@app.route("/post/", methods=["GET"]) -@app.route("/post//", methods=["GET"]) -@app.route("/post//", methods=["GET"]) -@app.route("/api/v1/post/", methods=["GET"]) +@app.get("/post/") +@app.get("/post//") +@app.get("/post//") +@app.get("/api/v1/post/") @auth_desired @api("read") def post_base36id(pid, anything=None, v=None): @@ -246,7 +246,7 @@ def post_base36id(pid, anything=None, v=None): "api":lambda:jsonify(post.json) } -@app.route("/edit_post/", methods=["POST"]) +@app.post("/edit_post/") @is_not_banned @validate_formkey def edit_post(pid, v): @@ -550,8 +550,8 @@ def archiveorg(url): @app.route("/submit", methods=['POST']) -@app.route("/api/v1/submit", methods=["POST"]) -@app.route("/api/vue/submit", methods=["POST"]) +@app.post("/api/v1/submit") +@app.post("/api/vue/submit") @limiter.limit("6/minute") @is_not_banned @validate_formkey @@ -1042,8 +1042,8 @@ def submit_post(v): } -@app.route("/delete_post/", methods=["POST"]) -@app.route("/api/v1/delete_post/", methods=["POST"]) +@app.post("/delete_post/") +@app.post("/api/v1/delete_post/") @auth_required @api("delete") @validate_formkey @@ -1063,8 +1063,8 @@ def delete_post_pid(pid, v): return "", 204 -@app.route("/undelete_post/", methods=["POST"]) -@app.route("/api/v1/undelete_post/", methods=["POST"]) +@app.post("/undelete_post/") +@app.post("/api/v1/undelete_post/") @auth_required @api("delete") @validate_formkey @@ -1076,7 +1076,7 @@ def undelete_post_pid(pid, v): cache.delete_memoized(frontlist) return "", 204 -@app.route("/embed/post/", methods=["GET"]) +@app.get("/embed/post/") def embed_post_pid(pid): post = get_post(int(pid)) @@ -1086,8 +1086,8 @@ def embed_post_pid(pid): return render_template("embeds/submission.html", p=post) -@app.route("/api/toggle_comment_nsfw/", methods=["POST"]) -@app.route("/api/v1/toggle_comment_nsfw/", methods=["POST"]) +@app.post("/api/toggle_comment_nsfw/") +@app.post("/api/v1/toggle_comment_nsfw/") @is_not_banned @api("update") @validate_formkey @@ -1099,8 +1099,8 @@ def toggle_comment_nsfw(cid, v): g.db.add(comment) return "", 204 -@app.route("/api/toggle_post_nsfw/", methods=["POST"]) -@app.route("/api/v1/toggle_post_nsfw/", methods=["POST"]) +@app.post("/api/toggle_post_nsfw/") +@app.post("/api/v1/toggle_post_nsfw/") @is_not_banned @api("update") @validate_formkey @@ -1124,7 +1124,7 @@ def toggle_post_nsfw(pid, v): return "", 204 -@app.route("/save_post/", methods=["POST"]) +@app.post("/save_post/") @auth_required @validate_formkey def save_post(pid, v): @@ -1140,7 +1140,7 @@ def save_post(pid, v): return "", 204 -@app.route("/unsave_post/", methods=["POST"]) +@app.post("/unsave_post/") @auth_required @validate_formkey def unsave_post(pid, v): diff --git a/drama/routes/search.py b/drama/routes/search.py index 8d8c6ae93..88f4584b7 100644 --- a/drama/routes/search.py +++ b/drama/routes/search.py @@ -196,8 +196,8 @@ def searchcommentlisting(criteria, v=None, page=1, t="None", sort="top"): comments = comments[firstrange:secondrange] return total, [x.id for x in comments] -@app.route("/search/posts", methods=["GET"]) -@app.route("/api/v1/search", methods=["GET"]) +@app.get("/search/posts") +@app.get("/api/v1/search") @app.route("/api/vue/search") @auth_desired @api("read") @@ -242,8 +242,8 @@ def searchposts(v, search_type="posts"): "api":lambda:jsonify({"data":[x.json for x in posts]}) } -@app.route("/search/comments", methods=["GET"]) -@app.route("/api/v1/search/comments", methods=["GET"]) +@app.get("/search/comments") +@app.get("/api/v1/search/comments") @app.route("/api/vue/search/comments") @auth_desired @api("read") @@ -279,8 +279,8 @@ def searchcomments(v): "api":lambda:jsonify({"data":[x.json for x in comments]}) } -@app.route("/search/users", methods=["GET"]) -@app.route("/api/v1/search/users", methods=["GET"]) +@app.get("/search/users") +@app.get("/api/v1/search/users") @app.route("/api/vue/search/users") @auth_desired @api("read") diff --git a/drama/routes/settings.py b/drama/routes/settings.py index f26475ddf..d98a53a08 100644 --- a/drama/routes/settings.py +++ b/drama/routes/settings.py @@ -15,7 +15,7 @@ valid_password_regex = re.compile("^.{8,100}$") youtubekey = environ.get("youtubekey").strip() -@app.route("/settings/profile", methods=["POST"]) +@app.post("/settings/profile") @auth_required @validate_formkey def settings_profile_post(v): @@ -153,7 +153,7 @@ def settings_profile_post(v): else: return jsonify({"error": "You didn't change anything."}), 400 -@app.route("/changelogsub", methods=["POST"]) +@app.post("/changelogsub") @auth_required @validate_formkey def changelogsub(v): @@ -162,7 +162,7 @@ def changelogsub(v): cache.delete_memoized(frontlist) return "", 204 -@app.route("/settings/namecolor", methods=["POST"]) +@app.post("/settings/namecolor") @auth_required @validate_formkey def namecolor(v): @@ -172,7 +172,7 @@ def namecolor(v): g.db.add(v) return redirect("/settings/profile") -@app.route("/settings/themecolor", methods=["POST"]) +@app.post("/settings/themecolor") @auth_required @validate_formkey def themecolor(v): @@ -182,7 +182,7 @@ def themecolor(v): g.db.add(v) return redirect("/settings/profile") -@app.route("/settings/titlecolor", methods=["POST"]) +@app.post("/settings/titlecolor") @auth_required @validate_formkey def titlecolor(v): @@ -192,7 +192,7 @@ def titlecolor(v): g.db.add(v) return redirect("/settings/profile") -@app.route("/settings/security", methods=["POST"]) +@app.post("/settings/security") @auth_required @validate_formkey def settings_security_post(v): @@ -297,7 +297,7 @@ def settings_security_post(v): return redirect("/settings/security?msg=" + escape("Two-factor authentication disabled.")) -@app.route("/settings/log_out_all_others", methods=["POST"]) +@app.post("/settings/log_out_all_others") @auth_required @validate_formkey def settings_log_out_others(v): @@ -320,7 +320,7 @@ def settings_log_out_others(v): msg="All other devices have been logged out") -@app.route("/settings/images/profile", methods=["POST"]) +@app.post("/settings/images/profile") @auth_required @validate_formkey def settings_images_profile(v): @@ -339,7 +339,7 @@ def settings_images_profile(v): v=v, msg="Profile picture successfully updated.") -@app.route("/settings/images/banner", methods=["POST"]) +@app.post("/settings/images/banner") @auth_required @validate_formkey def settings_images_banner(v): @@ -357,7 +357,7 @@ def settings_images_banner(v): v=v, msg="Banner successfully updated.") -@app.route("/settings/delete/profile", methods=["POST"]) +@app.post("/settings/delete/profile") @auth_required @validate_formkey def settings_delete_profile(v): @@ -367,7 +367,7 @@ def settings_delete_profile(v): return render_template("settings_profile.html", v=v, msg="Profile picture successfully removed.") -@app.route("/settings/delete/banner", methods=["POST"]) +@app.post("/settings/delete/banner") @auth_required @validate_formkey def settings_delete_banner(v): @@ -378,7 +378,7 @@ def settings_delete_banner(v): msg="Banner successfully removed.") -@app.route("/settings/read_announcement", methods=["POST"]) +@app.post("/settings/read_announcement") @auth_required @validate_formkey def update_announcement(v): @@ -389,7 +389,7 @@ def update_announcement(v): return "", 204 -@app.route("/settings/blocks", methods=["GET"]) +@app.get("/settings/blocks") @auth_required def settings_blockedpage(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -399,14 +399,14 @@ def settings_blockedpage(v): return render_template("settings_blocks.html", v=v) -@app.route("/settings/css", methods=["GET"]) +@app.get("/settings/css") @auth_required def settings_css_get(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") return render_template("settings_css.html", v=v) -@app.route("/settings/css", methods=["POST"]) +@app.post("/settings/css") @auth_required def settings_css(v): css = request.form.get("css").replace('\\', '')[0:50000] @@ -418,14 +418,14 @@ def settings_css(v): g.db.add(v) return render_template("settings_css.html", v=v) -@app.route("/settings/profilecss", methods=["GET"]) +@app.get("/settings/profilecss") @auth_required def settings_profilecss_get(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") if v.dramacoins < 1000: return "You must have +1000 dramacoins to set profile css." return render_template("settings_profilecss.html", v=v) -@app.route("/settings/profilecss", methods=["POST"]) +@app.post("/settings/profilecss") @auth_required def settings_profilecss(v): if v.dramacoins < 1000: return "You must have +1000 dramacoins to set profile css." @@ -434,7 +434,7 @@ def settings_profilecss(v): g.db.add(v) return render_template("settings_profilecss.html", v=v) -@app.route("/settings/block", methods=["POST"]) +@app.post("/settings/block") @auth_required @validate_formkey def settings_block_user(v): @@ -468,7 +468,7 @@ def settings_block_user(v): return jsonify({"message": f"@{user.username} blocked."}) -@app.route("/settings/unblock", methods=["POST"]) +@app.post("/settings/unblock") @auth_required @validate_formkey def settings_unblock_user(v): @@ -490,7 +490,7 @@ def settings_unblock_user(v): return jsonify({"message": f"@{user.username} unblocked."}) -@app.route("/settings/apps", methods=["GET"]) +@app.get("/settings/apps") @auth_required def settings_apps(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -498,7 +498,7 @@ def settings_apps(v): return render_template("settings_apps.html", v=v) -@app.route("/settings/remove_discord", methods=["POST"]) +@app.post("/settings/remove_discord") @auth_required @validate_formkey def settings_remove_discord(v): @@ -514,14 +514,14 @@ def settings_remove_discord(v): return redirect("/settings/profile") -@app.route("/settings/content", methods=["GET"]) +@app.get("/settings/content") @auth_required def settings_content_get(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") return render_template("settings_filters.html", v=v) -@app.route("/settings/name_change", methods=["POST"]) +@app.post("/settings/name_change") @auth_required @validate_formkey def settings_name_change(v): @@ -569,7 +569,7 @@ def settings_name_change(v): return redirect("/settings/profile") -@app.route("/settings/song_change", methods=["POST"]) +@app.post("/settings/song_change") @auth_required @validate_formkey def settings_song_change(v): @@ -650,7 +650,7 @@ def settings_song_change(v): return redirect("/settings/profile") -@app.route("/settings/title_change", methods=["POST"]) +@app.post("/settings/title_change") @auth_required @validate_formkey def settings_title_change(v): @@ -683,7 +683,7 @@ def settings_title_change(v): return redirect("/settings/profile") -@app.route("/settings/badges", methods=["POST"]) +@app.post("/settings/badges") @auth_required @validate_formkey def settings_badge_recheck(v): diff --git a/drama/routes/static.py b/drama/routes/static.py index c0c38d227..55143a6c3 100644 --- a/drama/routes/static.py +++ b/drama/routes/static.py @@ -3,9 +3,9 @@ from drama.__main__ import app, limiter from drama.helpers.alerts import * -@app.route("/badmins", methods=["GET"]) +@app.get("/badmins") @app.route("/api/vue/admins", methods=["GET"]) -@app.route("/api/v1/admins", methods=["GET"]) +@app.get("/api/v1/admins") @auth_desired @public("read") def badmins(v): @@ -15,8 +15,8 @@ def badmins(v): "api":lambda:jsonify({"data":[x.json for x in badmins]}) } -@app.route("/log", methods=["GET"]) -@app.route("/api/v1/mod_log", methods=["GET"]) +@app.get("/log") +@app.get("/api/v1/mod_log") @auth_desired @api("read") def log(v): @@ -40,7 +40,7 @@ def log(v): "api":lambda:jsonify({"data":[x.json for x in actions]}) } -@app.route("/log/", methods=["GET"]) +@app.get("/log/") @auth_desired def log_item(aid, v): @@ -64,22 +64,22 @@ def log_item(aid, v): def index(): return render_template("index.html", **{"greeting": "Hello from Flask!"}) -@app.route("/assets/favicon.ico", methods=["GET"]) +@app.get("/assets/favicon.ico") def favicon(): return send_file("./assets/images/favicon.png") -@app.route("/oauthhelp", methods=["GET"]) +@app.get("/oauthhelp") @auth_desired def oauthhelp(v): return render_template("oauthhelp.html", v=v) -@app.route("/contact", methods=["GET"]) +@app.get("/contact") @auth_desired def contact(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") return render_template("contact.html", v=v) -@app.route("/contact", methods=["POST"]) +@app.post("/contact") @auth_desired def submit_contact(v): message = f'This message has been sent automatically to all admins via https://rdrama.net/contact, user email is "{v.email}"\n\nMessage:\n\n' + request.form.get("message", "") @@ -109,11 +109,11 @@ def static_service(path): resp.headers.add("Content-Type", "text/css") return resp -@app.route("/robots.txt", methods=["GET"]) +@app.get("/robots.txt") def robots_txt(): return send_file("./assets/robots.txt") -@app.route("/settings", methods=["GET"]) +@app.get("/settings") @auth_required def settings(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -121,7 +121,7 @@ def settings(v): return redirect("/settings/profile") -@app.route("/settings/profile", methods=["GET"]) +@app.get("/settings/profile") @auth_required def settings_profile(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -130,7 +130,7 @@ def settings_profile(v): v=v) -@app.route("/titles", methods=["GET"]) +@app.get("/titles") @auth_desired def titles(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -140,7 +140,7 @@ def titles(v): v=v, titles=titles) -@app.route("/badges", methods=["GET"]) +@app.get("/badges") @auth_desired def badges(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -152,7 +152,7 @@ def badges(v): v=v, badges=badges) -@app.route("/blocks", methods=["GET"]) +@app.get("/blocks") @auth_desired def blocks(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -166,7 +166,7 @@ def blocks(v): return render_template("blocks.html", v=v, users=users, targets=targets) -@app.route("/banned", methods=["GET"]) +@app.get("/banned") @auth_desired def banned(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -174,18 +174,18 @@ def banned(v): users = [x for x in g.db.query(User).filter(User.is_banned > 0, User.unban_utc == 0).all()] return render_template("banned.html", v=v, users=users) -@app.route("/formatting", methods=["GET"]) +@app.get("/formatting") @auth_desired def formatting(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") return render_template("formatting.html", v=v) -@app.route("/.well-known/brave-rewards-verification.txt", methods=["GET"]) +@app.get("/.well-known/brave-rewards-verification.txt") def brave(): with open(".well-known/brave-rewards-verification.txt", "r") as f: return Response(f.read(), mimetype='text/plain') -@app.route("/.well-known/assetlinks.json", methods=["GET"]) +@app.get("/.well-known/assetlinks.json") def googleplayapp(): with open(".well-known/assetlinks.json", "r") as f: return Response(f.read(), mimetype='application/json') @@ -194,7 +194,7 @@ def serviceworker(): with open(".well-known/service-worker.js", "r") as f: return Response(f.read(), mimetype='application/javascript') -@app.route("/settings/security", methods=["GET"]) +@app.get("/settings/security") @auth_required def settings_security(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -206,7 +206,7 @@ def settings_security(v): msg=request.args.get("msg") or None ) -@app.route("/dismiss_mobile_tip", methods=["POST"]) +@app.post("/dismiss_mobile_tip") def dismiss_mobile_tip(): session["tooltip_last_dismissed"]=int(time.time()) diff --git a/drama/routes/users.py b/drama/routes/users.py index 2c4ad7720..10a71eca6 100644 --- a/drama/routes/users.py +++ b/drama/routes/users.py @@ -31,14 +31,14 @@ def suicide(v, username): g.db.add(v) return "", 204 -@app.route("/api/v1/user/", methods=["GET"]) +@app.get("/api/v1/user/") @auth_desired @api("read") def user_info(v, username): user = get_user(username, v=v) return jsonify(user.json) -@app.route("/leaderboard", methods=["GET"]) +@app.get("/leaderboard") @auth_desired def leaderboard(v): if v and v.is_banned and not v.unban_utc:return render_template("seized.html") @@ -72,7 +72,7 @@ def get_profilecss(username): resp.headers.add("Content-Type", "text/css") return resp -@app.route("/@/reply/", methods=["POST"]) +@app.post("/@/reply/") @auth_required def messagereply(v, username, id): message = request.form.get("message", "")[:1000].strip() @@ -97,14 +97,14 @@ def messagereply(v, username, id): g.db.commit() return redirect('/notifications?all=true') -@app.route("/songs/", methods=["GET"]) +@app.get("/songs/") def songs(id): try: id = int(id) except: return '', 400 user = g.db.query(User).filter_by(id=id).first() return send_from_directory('/songs/', f'{user.song}.mp3') -@app.route("/subscribe/", methods=["POST"]) +@app.post("/subscribe/") @auth_required def subscribe(v, post_id): new_sub = Subscription(user_id=v.id, submission_id=post_id) @@ -112,14 +112,14 @@ def subscribe(v, post_id): g.db.commit() return "", 204 -@app.route("/unsubscribe/", methods=["POST"]) +@app.post("/unsubscribe/") @auth_required def unsubscribe(v, post_id): sub=g.db.query(Subscription).filter_by(user_id=v.id, submission_id=post_id).first() g.db.delete(sub) return "", 204 -@app.route("/@/message", methods=["POST"]) +@app.post("/@/message") @auth_required def message2(v, username): user = get_user(username, v=v) @@ -141,7 +141,7 @@ def message2(v, username): ) return redirect('/notifications?all=true') -@app.route("/2faqr/", methods=["GET"]) +@app.get("/2faqr/") @auth_required def mfa_qr(secret, v): x = pyotp.TOTP(secret) @@ -158,8 +158,8 @@ def mfa_qr(secret, v): return send_file(mem, mimetype="image/png", as_attachment=False) -@app.route("/api/is_available/", methods=["GET"]) -@app.route("/api/v1/is_available/", methods=["GET"]) +@app.get("/api/is_available/") +@app.get("/api/v1/is_available/") @auth_desired @api("read") def api_is_available(name, v): @@ -186,7 +186,7 @@ def api_is_available(name, v): return jsonify({name: True}) -@app.route("/id/", methods=["GET"]) +@app.get("/id/") def user_id(id): user = get_account(int(id)) @@ -196,7 +196,7 @@ def user_id(id): # actual user api endpoint. # So they get the data and then there will be no need to reinvent # the wheel. -@app.route("/api/v1/uid/", methods=["GET"]) +@app.get("/api/v1/uid/") @auth_desired @api("read") def user_by_uid(uid, v=None): @@ -204,11 +204,11 @@ def user_by_uid(uid, v=None): return redirect(f'/api/v1/user/{user.username}/info') -@app.route("/u/", methods=["GET"]) +@app.get("/u/") def redditor_moment_redirect(username): return redirect(f"/@{username}") -@app.route("/@/followers", methods=["GET"]) +@app.get("/@/followers") @auth_required def followers(username, v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -224,8 +224,8 @@ def visitors(v): viewers=sorted(v.viewers, key = lambda x: x.last_view_utc, reverse=True) return render_template("viewers.html", v=v, viewers=viewers) -@app.route("/@", methods=["GET"]) -@app.route("/api/v1/user//listing", methods=["GET"]) +@app.get("/@") +@app.get("/api/v1/user//listing") @auth_desired @public("read") def u_username(username, v=None): @@ -336,8 +336,8 @@ def u_username(username, v=None): } -@app.route("/@/comments", methods=["GET"]) -@app.route("/api/v1/user//comments", methods=["GET"]) +@app.get("/@/comments") +@app.get("/api/v1/user//comments") @auth_desired @public("read") def u_username_comments(username, v=None): @@ -415,7 +415,7 @@ def u_username_comments(username, v=None): "api": lambda: jsonify({"data": [c.json for c in listing]}) } -@app.route("/api/v1/user//info", methods=["GET"]) +@app.get("/api/v1/user//info") @auth_desired @public("read") def u_username_info(username, v=None): @@ -430,7 +430,7 @@ def u_username_info(username, v=None): return jsonify(user.json) -@app.route("/api/follow/", methods=["POST"]) +@app.post("/api/follow/") @auth_required def follow_user(username, v): @@ -455,7 +455,7 @@ def follow_user(username, v): return "", 204 -@app.route("/api/unfollow/", methods=["POST"]) +@app.post("/api/unfollow/") @auth_required def unfollow_user(username, v): @@ -490,8 +490,8 @@ def user_profile_uid(uid): return redirect(x.profile_url) -@app.route("/@/saved/posts", methods=["GET"]) -@app.route("/api/v1/saved/posts", methods=["GET"]) +@app.get("/@/saved/posts") +@app.get("/api/v1/saved/posts") @auth_required @api("read") def saved_posts(v, username): @@ -517,8 +517,8 @@ def saved_posts(v, username): } -@app.route("/@/saved/comments", methods=["GET"]) -@app.route("/api/v1/saved/comments", methods=["GET"]) +@app.get("/@/saved/comments") +@app.get("/api/v1/saved/comments") @auth_required @api("read") def saved_comments(v, username): diff --git a/drama/routes/votes.py b/drama/routes/votes.py index a2e7fb9f6..3fdb162e0 100644 --- a/drama/routes/votes.py +++ b/drama/routes/votes.py @@ -5,7 +5,7 @@ from flask import * from drama.__main__ import app -@app.route("/votes", methods=["GET"]) +@app.get("/votes") @auth_desired def admin_vote_info_get(v): if v and v.is_banned and not v.unban_utc: return render_template("seized.html") @@ -62,8 +62,8 @@ def admin_vote_info_get(v): -@app.route("/api/v1/vote/post//", methods=["POST"]) -@app.route("/api/vote/post//", methods=["POST"]) +@app.post("/api/v1/vote/post//") +@app.post("/api/vote/post//") @is_not_banned @api("vote") @validate_formkey @@ -107,8 +107,8 @@ def api_vote_post(post_id, new, v): g.db.add(post) return "", 204 -@app.route("/api/v1/vote/comment//", methods=["POST"]) -@app.route("/api/vote/comment//", methods=["POST"]) +@app.post("/api/v1/vote/comment//") +@app.post("/api/vote/comment//") @is_not_banned @api("vote") @validate_formkey