juergen/ticketfrei
1
0
Fork 0
Code Issues 15 Pull requests Releases Wiki Activity

writing good/blacklist to db. Cookies don't work yet

Browse source
This commit is contained in:
b3yond 2018-03-16 17:55:27 +01:00
parent 7bbcbe1ab1
commit 8a7c2f0110
3 changed files with 130 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

83
frontend/website.py
View file

@ -9,7 +9,7 @@ import pytoml as toml
import jwt import jwt
import pylibscrypt import pylibscrypt
import smtplib import smtplib
from bottle_auth import AuthPlugin # from bottle_auth import AuthPlugin
class Datagetter(object): class Datagetter(object):
@ -42,16 +42,16 @@ def login():
:return: bot.py Session Cookie :return: bot.py Session Cookie
""" """
uname = bottle.request.forms.get('uname') email = bottle.request.forms.get('uname')
psw = bottle.request.forms.get('psw') psw = bottle.request.forms.get('psw')
psw = psw.encode("utf-8") psw = psw.encode("utf-8")
db.cur.execute("SELECT pass_hashed FROM user WHERE email=?;", (uname, )) db.cur.execute("SELECT pass_hashed FROM user WHERE email=?;", (email, ))
try: try:
pass_hashed = db.cur.fetchone()[0] pass_hashed = db.cur.fetchone()[0]
except TypeError: except TypeError:
return "Wrong Credentials." # no user with this email return "Wrong Credentials." # no user with this email
if pylibscrypt.scrypt_mcf_check(pass_hashed, psw): if pylibscrypt.scrypt_mcf_check(pass_hashed, psw):
bottle.response.set_cookie("account", uname, secret) bottle.response.set_cookie("account", email, secret)
return bottle.redirect("/settings") return bottle.redirect("/settings")
else: else:
return "Wrong Credentials." # passphrase is wrong return "Wrong Credentials." # passphrase is wrong
@ -105,13 +105,20 @@ def confirm_account(encoded_jwt):
payload = jwt.decode(encoded_jwt, secret) payload = jwt.decode(encoded_jwt, secret)
email = payload["email"] email = payload["email"]
pass_hashed = base64.b64decode(payload["pass_hashed"]) pass_hashed = base64.b64decode(payload["pass_hashed"])
print(email, pass_hashed)
# create db entry # create db entry
db.cur.execute("INSERT INTO user(email, pass_hashed, enabled) VALUES(?, ?, ?);", (email, pass_hashed, 1)) db.cur.execute("INSERT INTO user(email, pass_hashed, enabled) VALUES(?, ?, ?);", (email, pass_hashed, 1))
# insert default good- & blacklist into db
with open(os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), "goodlists", "nbg_goodlist"),
"r") as f:
default_goodlist = f.read()
db.cur.execute("INSERT INTO trigger_good(user_id, words) VALUES(?, ?);", (get_user_id(email), default_goodlist))
with open(os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), "blacklists", "nbg_blacklist"),
"r") as f:
default_blacklist = f.read()
db.cur.execute("INSERT INTO trigger_bad(user_id, words) VALUES(?, ?);", (get_user_id(email), default_blacklist))
db.conn.commit() db.conn.commit()
bottle.response.set_cookie("account", email, secret) bottle.response.set_cookie("account", email, secret, path="/")
bottle.response.set_cookie("enabled", "True")
return bottle.redirect("/settings") return bottle.redirect("/settings")
@ -119,23 +126,46 @@ def confirm_account(encoded_jwt):
def manage_bot(): def manage_bot():
""" """
Restricted area. Deliver the bot settings page. Restricted area. Deliver the bot settings page.
:return: Deliver user settings with Cookies.
:return: If it returns something, it just refreshes the page.
""" """
uname = bottle.request.get_cookie("account", secret=secret) email = bottle.request.get_cookie("account", secret=secret)
if uname is not None: print(email) # debug
db.cur.execute("SELECT enabled FROM user WHERE email=?;", (uname,)) if email is not None:
try: user_id = get_user_id(email)
enabled = db.cur.fetchone()[0] # get Enable Status from db
except TypeError: db.cur.execute("SELECT enabled FROM user WHERE email = ?;", (email,))
return "Wrong Credentials." # no user with this email enabled = db.cur.fetchone()[0]
# Set Enable Status with a Cookie # Set Enable Status with a Cookie
if enabled: if enabled:
bottle.response.set_cookie("enabled", "True") bottle.response.set_cookie("enabled", "True")
else: else:
bottle.response.set_cookie("enabled", "False") bottle.response.set_cookie("enabled", "False")
# Get goodlist from db
db.cur.execute("SELECT words FROM trigger_good WHERE user_id=?;", (user_id,))
words = db.cur.fetchone()[0]
# Deliver goodlist with a Cookie
print("setting goodlist cookies?")
bottle.response.set_cookie("goodlist", words, path="/settings")
# Get blacklist from db
db.cur.execute("SELECT words FROM trigger_bad WHERE user_id=?;", (user_id,))
words = db.cur.fetchone()[0]
# Deliver badlist with a Cookie
print("setting blacklist cookies?")
bottle.response.set_cookie("blacklist", words, path="/settings")
return bottle.static_file("../static/bot.html", root='../static') return bottle.static_file("../static/bot.html", root='../static')
else: else:
bottle.abort(401, "Sorry, access denied.") bottle.abort(401, "Wrong username or passphrase. Try again!")
def get_user_id(email):
# get user_id from email
db.cur.execute("SELECT id FROM user WHERE email = ?", (email, ))
return db.cur.fetchone()[0]
@app.route('/settings/goodlist', method="POST") @app.route('/settings/goodlist', method="POST")
def update_goodlist(): def update_goodlist():
@ -146,12 +176,10 @@ def update_goodlist():
""" """
# get new goodlist # get new goodlist
words = bottle.request.forms.get("goodlist") words = bottle.request.forms.get("goodlist")
# get user.id user_id = get_user_id(bottle.cookie_decode("account", secret))
email = bottle.cookie_decode("account", secret)
db.cur.execute("SELECT id FROM user WHERE email = ?", (email, ))
user_id = db.cur.fetchone()
# write new goodlist to db # write new goodlist to db
db.cur.execute("UPDATE trigger_good SET ? WHERE user.id = ?", (words, user_id, )) db.cur.execute("UPDATE trigger_good SET words = ? WHERE user_id = ?;", (words, user_id, ))
db.conn.commit()
return bottle.redirect("/settings") return bottle.redirect("/settings")
@ -164,12 +192,13 @@ def update_blacklist():
""" """
# get new blacklist # get new blacklist
words = bottle.request.forms.get("blacklist") words = bottle.request.forms.get("blacklist")
# get user.id # get user_id
email = bottle.cookie_decode("account", secret) email = bottle.cookie_decode("account", secret)
db.cur.execute("SELECT id FROM user WHERE email = ?", (email, )) db.cur.execute("SELECT id FROM user WHERE email = ?", (email, ))
user_id = db.cur.fetchone() user_id = db.cur.fetchone()
# write new goodlist to db # write new goodlist to db
db.cur.execute("UPDATE trigger_bad SET ? WHERE user.id = ?", (words, user_id, )) db.cur.execute("UPDATE trigger_bad SET words = ? WHERE user_id = ?;", (words, user_id, ))
db.conn.commit()
return bottle.redirect("/settings") return bottle.redirect("/settings")
@ -272,10 +301,10 @@ if __name__ == "__main__":
db = Datagetter() db = Datagetter()
host = '0.0.0.0' host = '0.0.0.0'
from bottle_auth.social import twitter as twitterplugin # from bottle_auth.social import twitter as twitterplugin
callback_url = host + '/login/twitter/callback' # callback_url = host + '/login/twitter/callback'
twitter = twitterplugin.Twitter(config['tapp']['consumer_key'], config['tapp']['consumer_secret'], callback_url) # twitter = twitterplugin.Twitter(config['tapp']['consumer_key'], config['tapp']['consumer_secret'], callback_url)
bottle.install(AuthPlugin(twitter)) # bottle.install(AuthPlugin(twitter))
try: try:
bottle.run(app=StripPathMiddleware(app), host=host, port=8080) bottle.run(app=StripPathMiddleware(app), host=host, port=8080)

130
static/bot.html
View file

@ -13,85 +13,89 @@
<div id="enablebutton" style="float: right; padding: 2em;">asdf</div> <div id="enablebutton" style="float: right; padding: 2em;">asdf</div>
<a class='button' href="/login/twitter"> <a class='button' style="padding: 1.5em;" href="/login/twitter">
<picture> <picture>
<source type='image/webp' sizes='20px' srcset="/static-cb/1517673283/twitter-20.webp 20w,/static-cb/1517673283/twitter-40.webp 40w,/static-cb/1517673283/twitter-80.webp 80w,"/> <source type='image/webp' sizes='20px' srcset="/static-cb/1517673283/twitter-20.webp 20w,/static-cb/1517673283/twitter-40.webp 40w,/static-cb/1517673283/twitter-80.webp 80w,"/>
<source type='image/png' sizes='20px' srcset="/static-cb/1517673283/twitter-20.png 20w,/static-cb/1517673283/twitter-40.png 40w,/static-cb/1517673283/twitter-80.png 80w,"/> <source type='image/png' sizes='20px' srcset="/static-cb/1517673283/twitter-20.png 20w,/static-cb/1517673283/twitter-40.png 40w,/static-cb/1517673283/twitter-80.png 80w,"/>
<img src="/static-cb/1517673283/twitter-20.png" alt="" /> <img src="https://codl.forget.fr/static-cb/1517673283/twitter-20.png" alt="" />
</picture> </picture>
Log in with Twitter Log in with Twitter
</a> </a>
<section> <section style="padding: 1.5em;">
<h2>Log in with Mastodon</h2> <h2>Log in with Mastodon</h2>
<form action="/login/mastodon" method='post'> <p>
<label>Mastodon instance: <form action="/login/mastodon" method='post'>
<input type='text' name='instance_url' list='instances' placeholder='social.example.net'/> <label>Mastodon instance:
</label> <input type='text' name='instance_url' list='instances' placeholder='social.example.net'/>
<datalist id='instances'> </label>
<option value=''> <datalist id='instances'>
<option value='anticapitalist.party'> <option value=''>
<option value='awoo.space'> <option value='anticapitalist.party'>
<option value='cybre.space'> <option value='awoo.space'>
<option value='mastodon.social'> <option value='cybre.space'>
<option value='glitch.social'> <option value='mastodon.social'>
<option value='botsin.space'> <option value='glitch.social'>
<option value='witches.town'> <option value='botsin.space'>
<option value='social.wxcafe.net'> <option value='witches.town'>
<option value='monsterpit.net'> <option value='social.wxcafe.net'>
<option value='mastodon.xyz'> <option value='monsterpit.net'>
<option value='a.weirder.earth'> <option value='mastodon.xyz'>
<option value='chitter.xyz'> <option value='a.weirder.earth'>
<option value='sins.center'> <option value='chitter.xyz'>
<option value='dev.glitch.social'> <option value='sins.center'>
<option value='computerfairi.es'> <option value='dev.glitch.social'>
<option value='niu.moe'> <option value='computerfairi.es'>
<option value='icosahedron.website'> <option value='niu.moe'>
<option value='hostux.social'> <option value='icosahedron.website'>
<option value='hyenas.space'> <option value='hostux.social'>
<option value='instance.business'> <option value='hyenas.space'>
<option value='mastodon.sdf.org'> <option value='instance.business'>
<option value='pawoo.net'> <option value='mastodon.sdf.org'>
<option value='pouet.it'> <option value='pawoo.net'>
<option value='scalie.business'> <option value='pouet.it'>
<option value='sleeping.town'> <option value='scalie.business'>
<option value='social.koyu.space'> <option value='sleeping.town'>
<option value='sunshinegardens.org'> <option value='social.koyu.space'>
<option value='vcity.network'> <option value='sunshinegardens.org'>
<option value='octodon.social'> <option value='vcity.network'>
<option value='soc.ialis.me'> <option value='octodon.social'>
</datalist> <option value='soc.ialis.me'>
<input name='confirm' value='Log in' type='submit'/> </datalist>
</form> <input name='confirm' value='Log in' type='submit'/>
</form>
</p>
</section> </section>
<!-- offer mailing list creation button --> <!-- offer mailing list creation button -->
<!-- good list entry field --> <div style="float: left; padding: 1.5em;">
<p> <!-- good list entry field -->
Those words have to be contained in a report. <p>
If none of these expressions is in the report, it will be ignored by the bot. These words have to be contained in a report.
You can use the defaults, or enter some expressions specific to your city and language. If none of these expressions is in the report, it will be ignored by the bot.
</p> You can use the defaults, or enter some expressions specific to your city and language.
<form action="/settings/goodlist" method="post"> </p>
<textarea name="goodlist" wrap="physical"> <form action="/settings/goodlist" method="post">
<!-- find a way to display current good list. js which reads from a cookie? template? --> <!-- find a way to display current good list. js which reads from a cookie? template? -->
</textarea> <textarea id="goodlist" rows="8" cols="70" name="goodlist" wrap="physical"></textarea>
<button type="submit">Submit trigger words</button> <input name='confirm' value='Submit' type='submit'/>
</form> </form>
</div>
<!-- blacklist entry field --> <!-- blacklist entry field -->
<p> <div style="float:right; padding: 1.5em;">
Those words are not allowed in reports. <p>
If you encounter spam, you can add more here - the bot will ignore reports which use such words. These words are not allowed in reports.
<!-- There are words which you can't exclude from the blacklist, e.g. certain racist, sexist, or antisemitic slurs. (to be implemented) --> If you encounter spam, 40you can add more here - the bot will ignore reports which use such words.
</p> <!-- There are words which you can't exclude from the blacklist, e.g. certain racist, sexist, or antisemitic slurs. (to be implemented) -->
<form action="/settings/blacklist" method="post"> </p>
<textarea name="blacklist" wrap="physical"> <form action="/settings/blacklist" method="post">
<!-- find a way to display current blacklist. js which reads from a cookie? template? --> <!-- find a way to display current blacklist. js which reads from a cookie? template? -->
</textarea> <textarea id="blacklist" rows="8" cols="70" name="blacklist" wrap="physical"></textarea>
<button type="submit">Submit blacklist</button> <input name='confirm' value='Submit' type='submit'/>
</form> </form>
</div>
<script src="/static/js/functions.js"></script> <script src="/static/js/functions.js"></script>

7
static/js/functions.js
View file

@ -26,3 +26,10 @@ function getCookie(cname) {
} }
document.getElementById("enablebutton").innerHTML = enableButton(); document.getElementById("enablebutton").innerHTML = enableButton();
// document.getElementById("goodlist").innerHTML = getCookie("goodlist");
alert(getCookie("goodlist"))
alert(getCookie("blacklist"))
// document.getElementById("blacklist").innerHTML = getCookie("blacklist");