Guest username changing support

webapp/titanembeds/blueprints/api/api.py

@@ -467,6 +467,40 @@ def create_unauthenticated_user():
         response.status_code = 403
         return response
 
+@api.route("/change_unauthenticated_username", methods=["POST"])
+@rate_limiter.limit("1 per 15 minute", key_func=guild_ratelimit_key)
+def change_unauthenticated_username():
+    username = request.form['username']
+    guild_id = request.form['guild_id']
+    ip_address = get_client_ipaddr()
+    username = username.strip()
+    if len(username) < 2 or len(username) > 32:
+        abort(406)
+    if not all(x.isalnum() or x.isspace() or "-" == x or "_" == x for x in username):
+        abort(406)
+    if not check_guild_existance(guild_id):
+        abort(404)
+    if not guild_query_unauth_users_bool(guild_id):
+        abort(401)
+    if not checkUserBanned(guild_id, ip_address):
+        if 'user_keys' not in session or guild_id not in session['user_keys'] or not session['unauthenticated']:
+            abort(424)
+        session['username'] = username
+        if 'user_id' not in session or len(str(session["user_id"])) > 4:
+            session['user_id'] = random.randint(0,9999)
+        user = UnauthenticatedUsers(guild_id, username, session['user_id'], ip_address)
+        db.session.add(user)
+        db.session.commit()
+        key = user.user_key
+        session['user_keys'][guild_id] = key
+        status = update_user_status(guild_id, username, key)
+        return jsonify(status=status)
+    else:
+        status = {'banned': True}
+        response = jsonify(status=status)
+        response.status_code = 403
+        return response
+
 def process_query_guild(guild_id, visitor=False):
     widget = discord_api.get_widget(guild_id)
     channels = get_guild_channels(guild_id, visitor)

webapp/titanembeds/static/js/embed.js

@@ -76,6 +76,16 @@
         });
         return funct.promise();
     }
+    
+    function change_unauthenticated_username(username) {
+        var funct = $.ajax({
+            method: "POST",
+            dataType: "json",
+            url: "/api/change_unauthenticated_username",
+            data: {"username": username, "guild_id": guild_id}
+        });
+        return funct.promise();
+    }
 
     function fetch(channel_id, after=null) {
         var url = "/api/fetch";
@@ -680,8 +690,10 @@
             var status = data.status;
             if (visitor_mode) {
                 update_embed_userchip(false, null, "Titan", null, "0001", null);
+                update_change_username_modal();
             } else {
                 update_embed_userchip(status.authenticated, status.avatar, status.username, status.nickname, status.user_id, status.discriminator);
+                update_change_username_modal(status.authenticated, status.username);
             }
             last_message_id = fill_discord_messages(data.messages, jumpscroll);
             if (!visitor_mode && status.manage_embed) {
@@ -755,6 +767,19 @@
             current_username_discrim = username + current_username_discrim;
         }
     }
+    
+    function update_change_username_modal(authenticated=false, username=null) {
+        if (!$("#change_username_field") || $("#change_username_field").is(":focus")) {
+            return;
+        }
+        if (authenticated || visitor_mode) {
+            $("#change_username_field").attr("disabled", true);
+            $("#change_username_field").val("");
+        } else {
+            $("#change_username_field").attr("disabled", false);
+            $("#change_username_field").val(username);
+        }
+    }
 
     $("#discordlogin_btn").click(function() {
         lock_login_fields();
@@ -788,6 +813,34 @@
             }
         }
     });
+    
+    $("#change_username_field").keyup(function(event){
+        if (event.keyCode == 13) {
+            $(this).blur();
+            if (!(new RegExp(/^[a-z\d\-_\s]+$/i).test($(this).val()))) {
+                Materialize.toast('Illegal username provided! Only alphanumeric, spaces, dashes, and underscores allowed in usernames.', 10000);
+                return;
+            }
+            if(($(this).val().length >= 2 && $(this).val().length <= 32) && $("#curuser_name").text() != $(this).val()) {
+                var usr = change_unauthenticated_username($(this).val());
+                usr.done(function(data) {
+                    Materialize.toast('Username changed successfully!', 10000);
+                    initialize_embed();
+                });
+                usr.fail(function(data) {
+                    if (data.status == 429) {
+                        Materialize.toast('Sorry! You are allowed to change your username once every 15 minutes.', 10000);
+                    } else if (data.status == 403) {
+                        Materialize.toast('Authentication error! You have been banned.', 10000);
+                    } else if (data.status == 406) {
+                        Materialize.toast('Illegal username provided! Only alphanumeric, spaces, dashes, and underscores allowed in usernames.', 10000);
+                    } else {
+                        Materialize.toast('Something unexpected happened! Error code of ' + data.status, 10000);
+                    }
+                });
+            }
+        }
+    });
 
     $("#messagebox").keyup(function(event){
         if ($(this).val().length == 1) {

webapp/titanembeds/templates/embed.html.j2

@@ -126,6 +126,16 @@
     
     <div id="userembedmodal" class="modal">
       <div class="modal-content">
+        {% if unauth_enabled %}
+        <h4>Change Username</h4>
+        <div class="row">
+            <div>
+              <p>(Guests Accounts Only)</p>
+              <input id="change_username_field" type="text" {% if session.unauthenticated and session.username %}value="{{ session['username'] }}"{% else %}disabled{% endif %}>
+              <label class="active" for="change_username_field">Change your username (Hit ENTER/RETURN key to confirm)</label>
+            </div>
+        </div>
+        {% endif %}
         <h4>Theme</h4>
         <div class="row">
           <div class="input-field col s12">