Use webapp secret instead of bot token

This commit is contained in:
Jeremy Zhang 2018-08-10 04:22:24 +00:00
parent cb0f1b249e
commit 6d06b4001f
3 changed files with 6 additions and 4 deletions

View File

@ -7,6 +7,8 @@ config = {
'titan-web-url': "https://titanembeds.com/", 'titan-web-url': "https://titanembeds.com/",
'titan-web-app-secret': "app secret from the webapp config",
'discord-bots-org-token': "DiscordBots.org Post Stats Token", 'discord-bots-org-token': "DiscordBots.org Post Stats Token",
'bots-discord-pw-token': "bots.discord.pw Post Stats Token", 'bots-discord-pw-token': "bots.discord.pw Post Stats Token",

View File

@ -16,7 +16,7 @@ class Commands():
content = content.split() content = content.split()
username = content[2][:content[2].find("#")] if "#" in content[2] else content[2] username = content[2][:content[2].find("#")] if "#" in content[2] else content[2]
discriminator = int(content[2][content[2].find("#") + 1:]) if "#" in content[2] else None discriminator = int(content[2][content[2].find("#") + 1:]) if "#" in content[2] else None
headers = {"Authorization": self.config["bot-token"]} headers = {"Authorization": self.config["titan-web-app-secret"]}
payload = { payload = {
"guild_id": message.guild.id, "guild_id": message.guild.id,
"placer_id": message.author.id, "placer_id": message.author.id,
@ -47,7 +47,7 @@ class Commands():
content = content.split() content = content.split()
username = content[2][:content[2].find("#")] if "#" in content[2] else content[2] username = content[2][:content[2].find("#")] if "#" in content[2] else content[2]
discriminator = int(content[2][content[2].find("#") + 1:]) if "#" in content[2] else None discriminator = int(content[2][content[2].find("#") + 1:]) if "#" in content[2] else None
headers = {"Authorization": self.config["bot-token"]} headers = {"Authorization": self.config["titan-web-app-secret"]}
payload = { payload = {
"guild_id": message.guild.id, "guild_id": message.guild.id,
"username": username "username": username

View File

@ -553,7 +553,7 @@ def webhook_discordbotsorg_vote():
@api.route("/bot/ban", methods=["POST"]) @api.route("/bot/ban", methods=["POST"])
def bot_ban(): def bot_ban():
if request.headers.get("Authorization", "") != config.get("bot-token", ""): if request.headers.get("Authorization", "") != config.get("app-secret", ""):
return jsonify(error="Authorization header does not match."), 403 return jsonify(error="Authorization header does not match."), 403
incoming = request.get_json() incoming = request.get_json()
guild_id = incoming.get("guild_id", None) guild_id = incoming.get("guild_id", None)
@ -590,7 +590,7 @@ def bot_ban():
@api.route("/bot/revoke", methods=["POST"]) @api.route("/bot/revoke", methods=["POST"])
def bot_revoke(): def bot_revoke():
if request.headers.get("Authorization", "") != config.get("bot-token", ""): if request.headers.get("Authorization", "") != config.get("app-secret", ""):
return jsonify(error="Authorization header does not match."), 403 return jsonify(error="Authorization header does not match."), 403
incoming = request.get_json() incoming = request.get_json()
guild_id = incoming.get("guild_id", None) guild_id = incoming.get("guild_id", None)