mirror of
https://github.com/TitanEmbeds/Titan.git
synced 2024-12-24 14:07:03 +01:00
Finished handling authenticated users creating
This commit is contained in:
parent
06d86e1046
commit
56c91894cf
@ -1,12 +1,13 @@
|
|||||||
from titanembeds.database import db, Guilds, UnauthenticatedUsers, UnauthenticatedBans, AuthenticatedUsers
|
from titanembeds.database import db, Guilds, UnauthenticatedUsers, UnauthenticatedBans, AuthenticatedUsers
|
||||||
from titanembeds.decorators import valid_session_required, discord_users_only
|
from titanembeds.decorators import valid_session_required, discord_users_only
|
||||||
from titanembeds.utils import get_client_ipaddr, discord_api, rate_limiter, channel_ratelimit_key, guild_ratelimit_key
|
from titanembeds.utils import get_client_ipaddr, discord_api, rate_limiter, channel_ratelimit_key, guild_ratelimit_key, cache, make_guildchannels_cache_key
|
||||||
|
from titanembeds.oauth import user_has_permission, generate_avatar_url
|
||||||
from flask import Blueprint, abort, jsonify, session, request
|
from flask import Blueprint, abort, jsonify, session, request
|
||||||
from sqlalchemy import and_
|
from sqlalchemy import and_
|
||||||
import random
|
import random
|
||||||
import requests
|
import requests
|
||||||
import json
|
import json
|
||||||
import time
|
import datetime
|
||||||
from config import config
|
from config import config
|
||||||
|
|
||||||
api = Blueprint("api", __name__)
|
api = Blueprint("api", __name__)
|
||||||
@ -52,7 +53,7 @@ def check_guild_existance(guild_id):
|
|||||||
dbGuild = Guilds.query.filter_by(guild_id=guild_id).first()
|
dbGuild = Guilds.query.filter_by(guild_id=guild_id).first()
|
||||||
if not dbGuild:
|
if not dbGuild:
|
||||||
return False
|
return False
|
||||||
guilds = discord_api.get_all_guilds()['content']
|
guilds = discord_api.get_all_guilds()
|
||||||
for guild in guilds:
|
for guild in guilds:
|
||||||
if guild_id == guild['id']:
|
if guild_id == guild['id']:
|
||||||
return True
|
return True
|
||||||
@ -91,6 +92,65 @@ def update_user_status(guild_id, username, user_key=None):
|
|||||||
dbUser.bumpTimestamp()
|
dbUser.bumpTimestamp()
|
||||||
return status
|
return status
|
||||||
|
|
||||||
|
def check_user_in_guild(guild_id):
|
||||||
|
if user_unauthenticated():
|
||||||
|
return guild_id in session['user_keys']
|
||||||
|
else:
|
||||||
|
return 200 == discord_api.get_guild_member(guild_id, session['user_id'])['code']
|
||||||
|
|
||||||
|
@cache.cached(timeout=300, key_prefix=make_guildchannels_cache_key)
|
||||||
|
def get_guild_channels(guild_id):
|
||||||
|
if user_unauthenticated():
|
||||||
|
roles = [guild_id] #equivilant to @everyone role
|
||||||
|
else:
|
||||||
|
member = discord_api.get_guild_member(guild_id, session['user_id'])['content']
|
||||||
|
roles = member['roles']
|
||||||
|
guild_channels = discord_api.get_guild_channels(guild_id)['content']
|
||||||
|
guild_owner = discord_api.get_guild(guild_id)['content']['owner_id']
|
||||||
|
result_channels = []
|
||||||
|
for channel in guild_channels:
|
||||||
|
if channel['type'] == 0:
|
||||||
|
if guild_owner == session['user_id']:
|
||||||
|
result_channels.append(channel)
|
||||||
|
continue
|
||||||
|
if len(channel['permission_overwrites']) == 0:
|
||||||
|
result_channels.append(channel)
|
||||||
|
else:
|
||||||
|
for overwrite in channel['permission_overwrites']:
|
||||||
|
if overwrite['type'] == "role" and overwrite['id'] == roles[-1] and not user_has_permission(overwrite['deny'], 10):
|
||||||
|
result_channels.append(channel)
|
||||||
|
break
|
||||||
|
elif overwrite['type'] == "member" and not user_unauthenticated and overwrite['id'] == session['user_id'] and not user_has_permission(overwrite['deny'], 10):
|
||||||
|
result_channels.append(channel)
|
||||||
|
break
|
||||||
|
return result_channels
|
||||||
|
|
||||||
|
def get_online_discord_users(guild_id):
|
||||||
|
embed = discord_api.get_widget(guild_id)
|
||||||
|
return embed['members']
|
||||||
|
|
||||||
|
def get_online_embed_users(guild_id):
|
||||||
|
time_past = (datetime.datetime.now() - datetime.timedelta(seconds = 120)).strftime('%Y-%m-%d %H:%M:%S')
|
||||||
|
unauths = db.session.query(UnauthenticatedUsers).filter(UnauthenticatedUsers.last_timestamp > time_past, UnauthenticatedUsers.revoked == False).all()
|
||||||
|
auths = db.session.query(AuthenticatedUsers).filter(AuthenticatedUsers.last_timestamp > time_past).all()
|
||||||
|
users = {'unauthenticated':[], 'authenticated':[]}
|
||||||
|
for user in unauths:
|
||||||
|
meta = {
|
||||||
|
'username': user.username,
|
||||||
|
'discriminator': user.discriminator,
|
||||||
|
}
|
||||||
|
users['unauthenticated'].append(meta)
|
||||||
|
for user in auths:
|
||||||
|
client_id = user.client_id
|
||||||
|
u = discord_api.get_guild_member(guild_id, client_id)['content']['user']
|
||||||
|
meta = {
|
||||||
|
'username': u['username'],
|
||||||
|
'discriminator': u['discriminator'],
|
||||||
|
'avatar': generate_avatar_url(u['id'], u['avatar']),
|
||||||
|
}
|
||||||
|
users['authenticated'].append(meta)
|
||||||
|
return users
|
||||||
|
|
||||||
@api.route("/fetch", methods=["GET"])
|
@api.route("/fetch", methods=["GET"])
|
||||||
@valid_session_required(api=True)
|
@valid_session_required(api=True)
|
||||||
@rate_limiter.limit("2500/hour")
|
@rate_limiter.limit("2500/hour")
|
||||||
@ -143,7 +203,7 @@ def create_unauthenticated_user():
|
|||||||
guild_id = request.form['guild_id']
|
guild_id = request.form['guild_id']
|
||||||
ip_address = get_client_ipaddr()
|
ip_address = get_client_ipaddr()
|
||||||
if not check_guild_existance(guild_id):
|
if not check_guild_existance(guild_id):
|
||||||
abort(400)
|
abort(404)
|
||||||
if not checkUserBanned(guild_id, ip_address):
|
if not checkUserBanned(guild_id, ip_address):
|
||||||
session['username'] = username
|
session['username'] = username
|
||||||
if 'user_id' not in session:
|
if 'user_id' not in session:
|
||||||
@ -166,12 +226,36 @@ def create_unauthenticated_user():
|
|||||||
@valid_session_required(api=True)
|
@valid_session_required(api=True)
|
||||||
def query_guild():
|
def query_guild():
|
||||||
guild_id = request.args.get('guild_id')
|
guild_id = request.args.get('guild_id')
|
||||||
return jsonify(exists=check_guild_existance(guild_id))
|
if check_guild_existance(guild_id):
|
||||||
|
if check_user_in_guild(guild_id):
|
||||||
|
channels = get_guild_channels(guild_id)
|
||||||
|
discordmembers = get_online_discord_users(guild_id)
|
||||||
|
embedmembers = get_online_embed_users(guild_id)
|
||||||
|
return jsonify(channels=channels, discordmembers=discordmembers, embedmembers=embedmembers)
|
||||||
|
return 403
|
||||||
|
return 404
|
||||||
|
|
||||||
@api.route("/check_discord_authentication", methods=["GET"])
|
@api.route("/create_authenticated_user", methods=["POST"])
|
||||||
@discord_users_only(api=True)
|
@discord_users_only(api=True)
|
||||||
def check_discord_authentication():
|
def create_authenticated_user():
|
||||||
if not session['unauthenticated']:
|
guild_id = request.form.get('guild_id')
|
||||||
return jsonify(error=False)
|
if session['unauthenticated']:
|
||||||
|
response = jsonify(error=True)
|
||||||
|
response.status_code = 401
|
||||||
|
return response
|
||||||
else:
|
else:
|
||||||
return jsonify(error=True)
|
if not check_guild_existance(guild_id):
|
||||||
|
abort(404)
|
||||||
|
if not checkUserBanned(guild_id):
|
||||||
|
db_user = db.session.query(AuthenticatedUsers).filter(AuthenticatedUsers.guild_id == guild_id, AuthenticatedUsers.client_id == session['user_id']).first()
|
||||||
|
if not db_user:
|
||||||
|
db_user = AuthenticatedUsers(guild_id, session['user_id'])
|
||||||
|
db.session.add(db_user)
|
||||||
|
db.session.commit()
|
||||||
|
status = update_user_status(guild_id, session['username'])
|
||||||
|
return jsonify(error=False)
|
||||||
|
else:
|
||||||
|
status = {'banned': True}
|
||||||
|
response = jsonify(status=status)
|
||||||
|
response.status_code = 403
|
||||||
|
return response
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
from titanembeds.database import db
|
from titanembeds.database import db
|
||||||
import datetime
|
import datetime
|
||||||
|
import time
|
||||||
|
|
||||||
class AuthenticatedUsers(db.Model):
|
class AuthenticatedUsers(db.Model):
|
||||||
__tablename__ = "authenticated_users"
|
__tablename__ = "authenticated_users"
|
||||||
@ -11,9 +12,9 @@ class AuthenticatedUsers(db.Model):
|
|||||||
def __init__(self, guild_id, client_id):
|
def __init__(self, guild_id, client_id):
|
||||||
self.guild_id = guild_id
|
self.guild_id = guild_id
|
||||||
self.client_id = client_id
|
self.client_id = client_id
|
||||||
self.last_timestamp = datetime.datetime.now
|
self.last_timestamp = datetime.datetime.fromtimestamp(time.time()).strftime('%Y-%m-%d %H:%M:%S')
|
||||||
|
|
||||||
def bumpTimestamp(self):
|
def bumpTimestamp(self):
|
||||||
self.last_timestamp = datetime.datetime.now
|
self.last_timestamp = datetime.datetime.fromtimestamp(time.time()).strftime('%Y-%m-%d %H:%M:%S')
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
return self.last_timestamp
|
return self.last_timestamp
|
||||||
|
@ -120,6 +120,7 @@ class DiscordREST:
|
|||||||
r = self.request("GET", _endpoint)
|
r = self.request("GET", _endpoint)
|
||||||
return r
|
return r
|
||||||
|
|
||||||
|
@cached(cache)
|
||||||
def get_guild_member(self, guild_id, user_id):
|
def get_guild_member(self, guild_id, user_id):
|
||||||
_endpoint = "/guilds/{guild_id}/members/{user_id}".format(guild_id=guild_id, user_id=user_id)
|
_endpoint = "/guilds/{guild_id}/members/{user_id}".format(guild_id=guild_id, user_id=user_id)
|
||||||
r = self.request("GET", _endpoint)
|
r = self.request("GET", _endpoint)
|
||||||
@ -141,7 +142,7 @@ class DiscordREST:
|
|||||||
return r
|
return r
|
||||||
|
|
||||||
def get_guild_bans(self, guild_id):
|
def get_guild_bans(self, guild_id):
|
||||||
_endpoint = "/guilds/{guild_id}/embed".format(guild_id=guild_id)
|
_endpoint = "/guilds/{guild_id}/bans".format(guild_id=guild_id)
|
||||||
r = self.request("GET", _endpoint)
|
r = self.request("GET", _endpoint)
|
||||||
return r
|
return r
|
||||||
|
|
||||||
|
@ -35,6 +35,12 @@ def make_guilds_cache_key():
|
|||||||
ip = get_client_ipaddr()
|
ip = get_client_ipaddr()
|
||||||
return (sess + ip + "user_guilds").encode('utf-8')
|
return (sess + ip + "user_guilds").encode('utf-8')
|
||||||
|
|
||||||
|
def make_guildchannels_cache_key():
|
||||||
|
guild_id = request.args.get('guild_id', "0")
|
||||||
|
sess = generate_session_key()
|
||||||
|
ip = get_client_ipaddr()
|
||||||
|
return (sess + ip + guild_id + "user_guild_channels").encode('utf-8')
|
||||||
|
|
||||||
def channel_ratelimit_key(): # Generate a bucket with given channel & unique session key
|
def channel_ratelimit_key(): # Generate a bucket with given channel & unique session key
|
||||||
sess = generate_session_key()
|
sess = generate_session_key()
|
||||||
channel_id = request.args.get('channel_id', "0")
|
channel_id = request.args.get('channel_id', "0")
|
||||||
|
Loading…
Reference in New Issue
Block a user