Yadciel/Titan
1
0
Fork 0
mirror of https://github.com/TitanEmbeds/Titan.git synced 2025-06-17 03:45:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Basic dashboard support for Authenticated users

Browse Source
This commit is contained in:
Jeremy Zhang
2017-03-25 00:52:56 -07:00
parent 11c326b35d
commit 2e5f6fafbf
11 changed files with 284 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
titanembeds/blueprints/api/api.py
View File

@ -1,5 +1,5 @@
from titanembeds.database import db, Guilds, UnauthenticatedUsers, UnauthenticatedBans
from titanembeds.decorators import valid_session_required
from titanembeds.database import db, Guilds, UnauthenticatedUsers, UnauthenticatedBans, AuthenticatedUsers
from titanembeds.decorators import valid_session_required, discord_users_only
from titanembeds.discordrest import DiscordREST
from flask import Blueprint, abort, jsonify, session, request
from sqlalchemy import and_
@ -141,8 +141,21 @@ def create_unauthenticated_user():
status = {'banned': True}
return jsonify(status=status)
@api.route("/new_guild", methods=["POST"])
@discord_users_only(api=True)
def post_new_guild():
pass
@api.route("/query_guild", methods=["GET"])
@valid_session_required(api=True)
def query_guild():
guild_id = request.args.get('guild_id')
return jsonify(exists=check_guild_existance(guild_id))
@api.route("/check_discord_authentication", methods=["GET"])
@discord_users_only(api=True)
def check_discord_authentication():
if not session['unauthenticated']:
return jsonify(error=False)
else:
return jsonify(error=True)

82
titanembeds/blueprints/user/user.py
View File

@ -1,35 +1,64 @@
from flask import Blueprint, request, redirect, jsonify, abort, session
from flask import Blueprint, request, redirect, jsonify, abort, session, url_for, render_template
from requests_oauthlib import OAuth2Session
from config import config
from titanembeds.decorators import discord_users_only
user = Blueprint("user", __name__)
redirect_url = config['app-base-url'] + "/user/callback"
authorize_url = "https://discordapp.com/api/oauth2/authorize"
token_url = "https://discordapp.com/api/oauth2/token"
avatar_base_url = "https://cdn.discordapp.com/avatars/"
guild_icon_url = "https://cdn.discordapp.com/icons/"
def make_session(token=None, state=None, scope=None):
def make_authenticated_session(token=None, state=None, scope=None):
return OAuth2Session(
client_id=config['client-id'],
token=token,
state=state,
scope=scope,
redirect_uri=redirect_url,
redirect_uri=request.url_root + "user/callback",
)
def get_current_user():
token = session['discord_token']
discord = make_session(token=token)
req = discord.get("https://discordapp.com/api/users/@me")
def discordrest_from_user(endpoint):
token = session['user_keys']
discord = make_authenticated_session(token=token)
req = discord.get("https://discordapp.com/api/v6{}".format(endpoint))
return req
def get_current_authenticated_user():
req = discordrest_from_user("/users/@me")
if req.status_code != 200:
abort(req.status_code)
user = req.json()
return user
def user_has_permission(permission, index):
return bool((int(permission) >> index) & 1)
def get_user_guilds():
req = discordrest_from_user("/users/@me/guilds")
return req
def get_user_managed_servers():
guilds = get_user_guilds().json()
filtered = []
for guild in guilds:
permission = guild['permissions'] # Manage Server, Ban Members, Kick Members
if guild['owner'] or user_has_permission(permission, 5) or user_has_permission(permission, 2) or user_has_permission(permission, 1):
filtered.append(guild)
return filtered
def generate_avatar_url(id, av):
return avatar_base_url + str(id) + '/' + str(av) + '.jpg'
def generate_guild_icon_url(id, hash):
return guild_icon_url + str(id) + "/" + str(hash) + ".jpg"
@user.route("/login_authenticated", methods=["GET"])
def login_authenticated():
session["redirect"] = request.args.get("redirect")
scope = ['identify', 'guilds', 'guilds.join']
discord = make_session(scope=scope)
discord = make_authenticated_session(scope=scope)
authorization_url, state = discord.authorization_url(
authorize_url,
access_type="offline"
@ -41,27 +70,40 @@ def login_authenticated():
def callback():
state = session.get('oauth2_state')
if not state or request.values.get('error'):
return "state error"
discord = make_session(state=state)
return redirect(url_for('user.logout'))
discord = make_authenticated_session(state=state)
discord_token = discord.fetch_token(
token_url,
client_secret=config['client-secret'],
authorization_response=request.url)
if not discord_token:
return "no discord token"
session['discord_token'] = discord_token
return str(discord_token)
return redirect(url_for('user.logout'))
session['user_keys'] = discord_token
session['unauthenticated'] = False
user = get_current_authenticated_user()
session['user_id'] = user['id']
session['username'] = user['username']
session['avatar'] = generate_avatar_url(user['id'], user['avatar'])
if session["redirect"]:
return redirect(session["redirect"])
return redirect(url_for("user.dashboard"))
@user.route('/logout', methods=["GET"])
def logout():
session.clear()
return "logged out"
return redirect(url_for("index"))
@user.route("/dashboard")
@discord_users_only()
def dashboard():
return render_template("dashboard.html.jinja2", servers=get_user_managed_servers(), icon_generate=generate_guild_icon_url)
@user.route("/administrate_guild/<guild_id>")
@discord_users_only()
def administrate_guild(guild_id):
return str(guild_id)
@user.route('/me')
@discord_users_only()
def me():
return jsonify(user=get_current_user())
@user.route('/avatar')
def avatar():
user = get_current_user()
return avatar_base_url + str(user['id']) + '/' + str(user['avatar']) + '.jpg'
return jsonify(user=get_current_authenticated_user())