writing good/blacklist to db. Cookies don't work yet

This commit is contained in:
b3yond 2018-03-16 17:55:27 +01:00
parent 7bbcbe1ab1
commit 8a7c2f0110
3 changed files with 130 additions and 90 deletions

View file

@ -9,7 +9,7 @@ import pytoml as toml
import jwt
import pylibscrypt
import smtplib
from bottle_auth import AuthPlugin
# from bottle_auth import AuthPlugin
class Datagetter(object):
@ -42,16 +42,16 @@ def login():
:return: bot.py Session Cookie
uname = bottle.request.forms.get('uname')
email = bottle.request.forms.get('uname')
psw = bottle.request.forms.get('psw')
psw = psw.encode("utf-8")
db.cur.execute("SELECT pass_hashed FROM user WHERE email=?;", (uname, ))
db.cur.execute("SELECT pass_hashed FROM user WHERE email=?;", (email, ))
pass_hashed = db.cur.fetchone()[0]
except TypeError:
return "Wrong Credentials." # no user with this email
if pylibscrypt.scrypt_mcf_check(pass_hashed, psw):
bottle.response.set_cookie("account", uname, secret)
bottle.response.set_cookie("account", email, secret)
return bottle.redirect("/settings")
return "Wrong Credentials." # passphrase is wrong
@ -105,13 +105,20 @@ def confirm_account(encoded_jwt):
payload = jwt.decode(encoded_jwt, secret)
email = payload["email"]
pass_hashed = base64.b64decode(payload["pass_hashed"])
print(email, pass_hashed)
# create db entry
db.cur.execute("INSERT INTO user(email, pass_hashed, enabled) VALUES(?, ?, ?);", (email, pass_hashed, 1))
# insert default good- & blacklist into db
with open(os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), "goodlists", "nbg_goodlist"),
"r") as f:
default_goodlist = f.read()
db.cur.execute("INSERT INTO trigger_good(user_id, words) VALUES(?, ?);", (get_user_id(email), default_goodlist))
with open(os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), "blacklists", "nbg_blacklist"),
"r") as f:
default_blacklist = f.read()
db.cur.execute("INSERT INTO trigger_bad(user_id, words) VALUES(?, ?);", (get_user_id(email), default_blacklist))
bottle.response.set_cookie("account", email, secret)
bottle.response.set_cookie("enabled", "True")
bottle.response.set_cookie("account", email, secret, path="/")
return bottle.redirect("/settings")
@ -119,23 +126,46 @@ def confirm_account(encoded_jwt):
def manage_bot():
Restricted area. Deliver the bot settings page.
Deliver user settings with Cookies.
:return: If it returns something, it just refreshes the page.
uname = bottle.request.get_cookie("account", secret=secret)
if uname is not None:
db.cur.execute("SELECT enabled FROM user WHERE email=?;", (uname,))
enabled = db.cur.fetchone()[0]
except TypeError:
return "Wrong Credentials." # no user with this email
email = bottle.request.get_cookie("account", secret=secret)
print(email) # debug
if email is not None:
user_id = get_user_id(email)
# get Enable Status from db
db.cur.execute("SELECT enabled FROM user WHERE email = ?;", (email,))
enabled = db.cur.fetchone()[0]
# Set Enable Status with a Cookie
if enabled:
bottle.response.set_cookie("enabled", "True")
bottle.response.set_cookie("enabled", "False")
# Get goodlist from db
db.cur.execute("SELECT words FROM trigger_good WHERE user_id=?;", (user_id,))
words = db.cur.fetchone()[0]
# Deliver goodlist with a Cookie
print("setting goodlist cookies?")
bottle.response.set_cookie("goodlist", words, path="/settings")
# Get blacklist from db
db.cur.execute("SELECT words FROM trigger_bad WHERE user_id=?;", (user_id,))
words = db.cur.fetchone()[0]
# Deliver badlist with a Cookie
print("setting blacklist cookies?")
bottle.response.set_cookie("blacklist", words, path="/settings")
return bottle.static_file("../static/bot.html", root='../static')
bottle.abort(401, "Sorry, access denied.")
bottle.abort(401, "Wrong username or passphrase. Try again!")
def get_user_id(email):
# get user_id from email
db.cur.execute("SELECT id FROM user WHERE email = ?", (email, ))
return db.cur.fetchone()[0]
@app.route('/settings/goodlist', method="POST")
def update_goodlist():
@ -146,12 +176,10 @@ def update_goodlist():
# get new goodlist
words = bottle.request.forms.get("goodlist")
# get user.id
email = bottle.cookie_decode("account", secret)
db.cur.execute("SELECT id FROM user WHERE email = ?", (email, ))
user_id = db.cur.fetchone()
user_id = get_user_id(bottle.cookie_decode("account", secret))
# write new goodlist to db
db.cur.execute("UPDATE trigger_good SET ? WHERE user.id = ?", (words, user_id, ))
db.cur.execute("UPDATE trigger_good SET words = ? WHERE user_id = ?;", (words, user_id, ))
return bottle.redirect("/settings")
@ -164,12 +192,13 @@ def update_blacklist():
# get new blacklist
words = bottle.request.forms.get("blacklist")
# get user.id
# get user_id
email = bottle.cookie_decode("account", secret)
db.cur.execute("SELECT id FROM user WHERE email = ?", (email, ))
user_id = db.cur.fetchone()
# write new goodlist to db
db.cur.execute("UPDATE trigger_bad SET ? WHERE user.id = ?", (words, user_id, ))
db.cur.execute("UPDATE trigger_bad SET words = ? WHERE user_id = ?;", (words, user_id, ))
return bottle.redirect("/settings")
@ -272,10 +301,10 @@ if __name__ == "__main__":
db = Datagetter()
host = ''
from bottle_auth.social import twitter as twitterplugin
callback_url = host + '/login/twitter/callback'
twitter = twitterplugin.Twitter(config['tapp']['consumer_key'], config['tapp']['consumer_secret'], callback_url)
# from bottle_auth.social import twitter as twitterplugin
# callback_url = host + '/login/twitter/callback'
# twitter = twitterplugin.Twitter(config['tapp']['consumer_key'], config['tapp']['consumer_secret'], callback_url)
# bottle.install(AuthPlugin(twitter))
bottle.run(app=StripPathMiddleware(app), host=host, port=8080)

View file

@ -13,85 +13,89 @@
<div id="enablebutton" style="float: right; padding: 2em;">asdf</div>
<a class='button' href="/login/twitter">
<a class='button' style="padding: 1.5em;" href="/login/twitter">
<source type='image/webp' sizes='20px' srcset="/static-cb/1517673283/twitter-20.webp 20w,/static-cb/1517673283/twitter-40.webp 40w,/static-cb/1517673283/twitter-80.webp 80w,"/>
<source type='image/png' sizes='20px' srcset="/static-cb/1517673283/twitter-20.png 20w,/static-cb/1517673283/twitter-40.png 40w,/static-cb/1517673283/twitter-80.png 80w,"/>
<img src="/static-cb/1517673283/twitter-20.png" alt="" />
<img src="https://codl.forget.fr/static-cb/1517673283/twitter-20.png" alt="" />
Log in with Twitter
<section style="padding: 1.5em;">
<h2>Log in with Mastodon</h2>
<form action="/login/mastodon" method='post'>
<label>Mastodon instance:
<input type='text' name='instance_url' list='instances' placeholder='social.example.net'/>
<datalist id='instances'>
<option value=''>
<option value='anticapitalist.party'>
<option value='awoo.space'>
<option value='cybre.space'>
<option value='mastodon.social'>
<option value='glitch.social'>
<option value='botsin.space'>
<option value='witches.town'>
<option value='social.wxcafe.net'>
<option value='monsterpit.net'>
<option value='mastodon.xyz'>
<option value='a.weirder.earth'>
<option value='chitter.xyz'>
<option value='sins.center'>
<option value='dev.glitch.social'>
<option value='computerfairi.es'>
<option value='niu.moe'>
<option value='icosahedron.website'>
<option value='hostux.social'>
<option value='hyenas.space'>
<option value='instance.business'>
<option value='mastodon.sdf.org'>
<option value='pawoo.net'>
<option value='pouet.it'>
<option value='scalie.business'>
<option value='sleeping.town'>
<option value='social.koyu.space'>
<option value='sunshinegardens.org'>
<option value='vcity.network'>
<option value='octodon.social'>
<option value='soc.ialis.me'>
<input name='confirm' value='Log in' type='submit'/>
<form action="/login/mastodon" method='post'>
<label>Mastodon instance:
<input type='text' name='instance_url' list='instances' placeholder='social.example.net'/>
<datalist id='instances'>
<option value=''>
<option value='anticapitalist.party'>
<option value='awoo.space'>
<option value='cybre.space'>
<option value='mastodon.social'>
<option value='glitch.social'>
<option value='botsin.space'>
<option value='witches.town'>
<option value='social.wxcafe.net'>
<option value='monsterpit.net'>
<option value='mastodon.xyz'>
<option value='a.weirder.earth'>
<option value='chitter.xyz'>
<option value='sins.center'>
<option value='dev.glitch.social'>
<option value='computerfairi.es'>
<option value='niu.moe'>
<option value='icosahedron.website'>
<option value='hostux.social'>
<option value='hyenas.space'>
<option value='instance.business'>
<option value='mastodon.sdf.org'>
<option value='pawoo.net'>
<option value='pouet.it'>
<option value='scalie.business'>
<option value='sleeping.town'>
<option value='social.koyu.space'>
<option value='sunshinegardens.org'>
<option value='vcity.network'>
<option value='octodon.social'>
<option value='soc.ialis.me'>
<input name='confirm' value='Log in' type='submit'/>
<!-- offer mailing list creation button -->
<!-- good list entry field -->
Those words have to be contained in a report.
If none of these expressions is in the report, it will be ignored by the bot.
You can use the defaults, or enter some expressions specific to your city and language.
<form action="/settings/goodlist" method="post">
<textarea name="goodlist" wrap="physical">
<div style="float: left; padding: 1.5em;">
<!-- good list entry field -->
These words have to be contained in a report.
If none of these expressions is in the report, it will be ignored by the bot.
You can use the defaults, or enter some expressions specific to your city and language.
<form action="/settings/goodlist" method="post">
<!-- find a way to display current good list. js which reads from a cookie? template? -->
<button type="submit">Submit trigger words</button>
<textarea id="goodlist" rows="8" cols="70" name="goodlist" wrap="physical"></textarea>
<input name='confirm' value='Submit' type='submit'/>
<!-- blacklist entry field -->
Those words are not allowed in reports.
If you encounter spam, you can add more here - the bot will ignore reports which use such words.
<!-- There are words which you can't exclude from the blacklist, e.g. certain racist, sexist, or antisemitic slurs. (to be implemented) -->
<form action="/settings/blacklist" method="post">
<textarea name="blacklist" wrap="physical">
<div style="float:right; padding: 1.5em;">
These words are not allowed in reports.
If you encounter spam, 40you can add more here - the bot will ignore reports which use such words.
<!-- There are words which you can't exclude from the blacklist, e.g. certain racist, sexist, or antisemitic slurs. (to be implemented) -->
<form action="/settings/blacklist" method="post">
<!-- find a way to display current blacklist. js which reads from a cookie? template? -->
<button type="submit">Submit blacklist</button>
<textarea id="blacklist" rows="8" cols="70" name="blacklist" wrap="physical"></textarea>
<input name='confirm' value='Submit' type='submit'/>
<script src="/static/js/functions.js"></script>

View file

@ -26,3 +26,10 @@ function getCookie(cname) {
document.getElementById("enablebutton").innerHTML = enableButton();
// document.getElementById("goodlist").innerHTML = getCookie("goodlist");
// document.getElementById("blacklist").innerHTML = getCookie("blacklist");