diff --git a/run.py b/run.py index 48d7ffa..f8f01bc 100644 --- a/run.py +++ b/run.py @@ -2,4 +2,6 @@ from titanembeds.app import app if __name__ == "__main__": + import os + os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' # Testing oauthlib app.run(host="0.0.0.0",port=3000,debug=True) diff --git a/titanembeds/app.py b/titanembeds/app.py index ee30acc..41e482a 100644 --- a/titanembeds/app.py +++ b/titanembeds/app.py @@ -2,6 +2,7 @@ from config import config from database import db from flask import Flask, render_template, request, session, url_for, redirect import blueprints.api +import blueprints.user import os @@ -14,6 +15,7 @@ app.secret_key = config['app-secret'] db.init_app(app) app.register_blueprint(blueprints.api.api, url_prefix="/api", template_folder="/templates") +app.register_blueprint(blueprints.user.user, url_prefix="/user", template_folder="/templates") @app.route("/set_username//", methods=["GET"]) def get_set_username(guildid, channelid): diff --git a/titanembeds/blueprints/user/__init__.py b/titanembeds/blueprints/user/__init__.py new file mode 100644 index 0000000..7645840 --- /dev/null +++ b/titanembeds/blueprints/user/__init__.py @@ -0,0 +1 @@ +from user import user diff --git a/titanembeds/blueprints/user/user.py b/titanembeds/blueprints/user/user.py new file mode 100644 index 0000000..32c1f6c --- /dev/null +++ b/titanembeds/blueprints/user/user.py @@ -0,0 +1,67 @@ +from flask import Blueprint, request, redirect, jsonify, abort, session +from requests_oauthlib import OAuth2Session +from config import config + +user = Blueprint("user", __name__) +redirect_url = config['app-base-url'] + "/user/callback" +authorize_url = "https://discordapp.com/api/oauth2/authorize" +token_url = "https://discordapp.com/api/oauth2/token" +avatar_base_url = "https://cdn.discordapp.com/avatars/" + +def make_session(token=None, state=None, scope=None): + return OAuth2Session( + client_id=config['client-id'], + token=token, + state=state, + scope=scope, + redirect_uri=redirect_url, + ) + +def get_current_user(): + token = session['discord_token'] + discord = make_session(token=token) + req = discord.get("https://discordapp.com/api/users/@me") + if req.status_code != 200: + abort(req.status_code) + user = req.json() + return user + +@user.route("/login_authenticated", methods=["GET"]) +def login_authenticated(): + scope = ['identify', 'guilds', 'guilds.join'] + discord = make_session(scope=scope) + authorization_url, state = discord.authorization_url( + authorize_url, + access_type="offline" + ) + session['oauth2_state'] = state + return redirect(authorization_url) + +@user.route('/callback', methods=["GET"]) +def callback(): + state = session.get('oauth2_state') + if not state or request.values.get('error'): + return "state error" + discord = make_session(state=state) + discord_token = discord.fetch_token( + token_url, + client_secret=config['client-secret'], + authorization_response=request.url) + if not discord_token: + return "no discord token" + session['discord_token'] = discord_token + return str(discord_token) + +@user.route('/logout', methods=["GET"]) +def logout(): + session.clear() + return "logged out" + +@user.route('/me') +def me(): + return jsonify(user=get_current_user()) + +@user.route('/avatar') +def avatar(): + user = get_current_user() + return avatar_base_url + str(user['id']) + '/' + str(user['avatar']) + '.jpg'