forked from ticketfrei/ticketfrei
created twitter/masto OAuth login stub
This commit is contained in:
parent
26d1282413
commit
4b21dddddf
|
@ -9,6 +9,7 @@ import pytoml as toml
|
|||
import jwt
|
||||
import pylibscrypt
|
||||
import smtplib
|
||||
from bottle_auth import AuthPlugin
|
||||
|
||||
|
||||
class Datagetter(object):
|
||||
|
@ -81,36 +82,35 @@ def register():
|
|||
pass_hashed = pass_hashed.decode("ascii")
|
||||
payload = {"email": email, "pass_hashed": pass_hashed}
|
||||
|
||||
# create confirmlink
|
||||
# create confirm_link
|
||||
encoded_jwt = jwt.encode(payload, secret).decode('utf-8')
|
||||
host = bottle.request.get_header('host')
|
||||
confirmlink = "http://" + host + "/confirm/" + str(encoded_jwt) # to be changed to https
|
||||
confirm_link = "http://" + bottle.request.get_header('host') + "/confirm/" + str(encoded_jwt) # :todo http -> https
|
||||
|
||||
# send the mail
|
||||
m = sendmail.Mailer(config)
|
||||
try:
|
||||
m.send("Complete your registration here: " + confirmlink, email, "[Ticketfrei] Confirm your account")
|
||||
m.send("Complete your registration here: " + confirm_link, email, "[Ticketfrei] Confirm your account")
|
||||
except smtplib.SMTPRecipientsRefused:
|
||||
return "Please enter a valid E-Mail address."
|
||||
return "We sent you an E-Mail. Please click on the confirmation link."
|
||||
|
||||
|
||||
@app.route('/confirm/<encoded_jwt>', method="GET")
|
||||
def confirmaccount(encoded_jwt):
|
||||
def confirm_account(encoded_jwt):
|
||||
"""
|
||||
Confirm the account creation and create a database entry.
|
||||
:return: Redirection to bot.html
|
||||
"""
|
||||
# get values from URL
|
||||
dict = jwt.decode(encoded_jwt, secret)
|
||||
uname = dict["email"]
|
||||
pass_hashed = base64.b64decode(dict["pass_hashed"])
|
||||
print(uname, pass_hashed)
|
||||
payload = jwt.decode(encoded_jwt, secret)
|
||||
email = payload["email"]
|
||||
pass_hashed = base64.b64decode(payload["pass_hashed"])
|
||||
print(email, pass_hashed)
|
||||
|
||||
# create db entry
|
||||
db.cur.execute("INSERT INTO user(email, pass_hashed, enabled) VALUES(?, ?, ?);", (uname, pass_hashed, 1))
|
||||
db.cur.execute("INSERT INTO user(email, pass_hashed, enabled) VALUES(?, ?, ?);", (email, pass_hashed, 1))
|
||||
db.conn.commit()
|
||||
bottle.response.set_cookie("account", uname, secret)
|
||||
bottle.response.set_cookie("account", email, secret)
|
||||
bottle.response.set_cookie("enabled", "True")
|
||||
return bottle.redirect("/settings")
|
||||
|
||||
|
@ -137,6 +137,7 @@ def manage_bot():
|
|||
else:
|
||||
bottle.abort(401, "Sorry, access denied.")
|
||||
|
||||
|
||||
@app.route('/enable', method="POST")
|
||||
def enable():
|
||||
"""
|
||||
|
@ -144,11 +145,12 @@ def enable():
|
|||
:return: redirect to settings page
|
||||
"""
|
||||
email = bottle.request.get_cookie("account", secret=secret)
|
||||
db.cur.execute("UPDATE user SET enabled = 1 WHERE email=?;", (email,)) # :todo is this correct SQL?
|
||||
db.cur.execute("UPDATE user SET enabled = 1 WHERE email=?;", (email,))
|
||||
db.conn.commit()
|
||||
bottle.response.set_cookie("enabled", "True")
|
||||
return bottle.redirect("/settings")
|
||||
|
||||
|
||||
@app.route('/disable', method="POST")
|
||||
def disable():
|
||||
"""
|
||||
|
@ -156,11 +158,41 @@ def disable():
|
|||
:return: redirect to settings page
|
||||
"""
|
||||
email = bottle.request.get_cookie("account", secret=secret)
|
||||
db.cur.execute("UPDATE user SET enabled = 0 WHERE email=?;", (email,)) # :todo is this correct SQL?
|
||||
db.cur.execute("UPDATE user SET enabled = 0 WHERE email=?;", (email,))
|
||||
db.conn.commit()
|
||||
bottle.response.set_cookie("enabled", "False")
|
||||
return bottle.redirect("/settings")
|
||||
|
||||
|
||||
@app.route('/login/twitter', method="POST")
|
||||
def login_twitter():
|
||||
"""
|
||||
Starts the twitter OAuth authentication process.
|
||||
:return: redirect to twitter.
|
||||
"""
|
||||
# twitter.redirect("no environ", "no cookie monster")
|
||||
return "logging in with twitter is not implemented yet."
|
||||
|
||||
|
||||
@app.route('/login/twitter/callback', method="POST")
|
||||
def twitter_callback():
|
||||
"""
|
||||
Gets the callback
|
||||
:return:
|
||||
"""
|
||||
return "logging in with twitter is not implemented yet."
|
||||
|
||||
|
||||
@app.route('/login/mastodon', method="POST")
|
||||
def login_mastodon():
|
||||
"""
|
||||
Starts the mastodon OAuth authentication process.
|
||||
:return: redirect to twitter.
|
||||
"""
|
||||
# instance_url = bottle.request.forms.get('instance_url')
|
||||
return "logging in with mastodon is not implemented yet."
|
||||
|
||||
|
||||
@app.route('/static/<filename:path>')
|
||||
def static(filename):
|
||||
"""
|
||||
|
@ -199,9 +231,18 @@ if __name__ == "__main__":
|
|||
|
||||
global db
|
||||
global secret
|
||||
global twitter
|
||||
|
||||
secret = os.urandom(32)
|
||||
db = Datagetter()
|
||||
host = '0.0.0.0'
|
||||
|
||||
from bottle_auth.social import twitter as twitterplugin
|
||||
callback_url = host + '/login/twitter/callback'
|
||||
twitter = twitterplugin.Twitter(config['tapp']['consumer_key'], config['tapp']['consumer_secret'], callback_url)
|
||||
bottle.install(AuthPlugin(twitter))
|
||||
|
||||
try:
|
||||
bottle.run(app=StripPathMiddleware(app), host='0.0.0.0', port=8080)
|
||||
bottle.run(app=StripPathMiddleware(app), host=host, port=8080)
|
||||
finally:
|
||||
db.conn.close()
|
||||
|
|
|
@ -22,6 +22,55 @@
|
|||
Log in with Twitter
|
||||
</a>
|
||||
|
||||
<section>
|
||||
<h2>Log in with Mastodon</h2>
|
||||
<form action="/login/mastodon" method='post'>
|
||||
<label>Mastodon instance:
|
||||
<input type='text' name='instance_url' list='instances' placeholder='social.example.net'/>
|
||||
</label>
|
||||
<datalist id='instances'>
|
||||
<option value=''>
|
||||
<option value='anticapitalist.party'>
|
||||
<option value='awoo.space'>
|
||||
<option value='cybre.space'>
|
||||
<option value='mastodon.social'>
|
||||
<option value='glitch.social'>
|
||||
<option value='botsin.space'>
|
||||
<option value='witches.town'>
|
||||
<option value='social.wxcafe.net'>
|
||||
<option value='monsterpit.net'>
|
||||
<option value='mastodon.xyz'>
|
||||
<option value='a.weirder.earth'>
|
||||
<option value='chitter.xyz'>
|
||||
<option value='sins.center'>
|
||||
<option value='dev.glitch.social'>
|
||||
<option value='computerfairi.es'>
|
||||
<option value='niu.moe'>
|
||||
<option value='icosahedron.website'>
|
||||
<option value='hostux.social'>
|
||||
<option value='hyenas.space'>
|
||||
<option value='instance.business'>
|
||||
<option value='mastodon.sdf.org'>
|
||||
<option value='pawoo.net'>
|
||||
<option value='pouet.it'>
|
||||
<option value='scalie.business'>
|
||||
<option value='sleeping.town'>
|
||||
<option value='social.koyu.space'>
|
||||
<option value='sunshinegardens.org'>
|
||||
<option value='vcity.network'>
|
||||
<option value='octodon.social'>
|
||||
<option value='soc.ialis.me'>
|
||||
</datalist>
|
||||
<input name='confirm' value='Log in' type='submit'/>
|
||||
</form>
|
||||
</section>
|
||||
|
||||
<!-- login with e-mail -->
|
||||
|
||||
<!-- good list entry field -->
|
||||
|
||||
<!-- blacklist entry field -->
|
||||
|
||||
<script src="/static/js/functions.js"></script>
|
||||
|
||||
<div class=footer>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
function enableButton() {
|
||||
var enablebutton = '<form action="/enable" method="POST"> <button type="submit">Enable</button> </form> ';
|
||||
var disablebutton = '<form action="/disable" method="POST"> <button type="submit">Disable</button> </form> ';
|
||||
var disablebutton = '<form action="/disable" method="POST"> <button style="background-color: red;" type="submit">Disable</button> </form> ';
|
||||
var enabled = getCookie('enabled');
|
||||
if (enabled == "True") {
|
||||
return disablebutton;
|
||||
|
|
Loading…
Reference in a new issue