def get_data():
token = json.loads(request.data)['token']
try:
if VkApi(token)('users.get')[0]['id'] != db_gen.owner_id:
raise ValueError
except (KeyError, IndexError, ValueError):
return json.dumps({'error': error.AuthFail})
db = DB(db_gen.owner_id)
db.lp_settings['key'] = gen_secret(length=20)
db.save()
return json.dumps({
'chats': db.chats,
'deleter': db.responses['del_self'],
'settings': db.lp_settings,
'self_id': db.duty_id
})
def do_auth():
global auth
user_id = check_tokens(format_tokens([request.form.get('access_token')]))
if type(user_id) != list: return user_id
auth['user'] = user_id[0]
DB(user_id[0]) # ловим исключение, если юзер не в БД
response = make_response()
new_auth = md5(gen_secret().encode()).hexdigest()
auth['token'] = new_auth
response.set_cookie("auth", value=new_auth)
response.headers['location'] = "/"
return response, 302
def register():
global session
r = requests.post(DC,
json={
'method': 'register',
'user_id': str(db_gen.owner_id),
'token':
DB().access_token if db_gen.dc_auth else None,
'host': db_gen.host
})
if r.status_code == 200:
session = set_session(r.json()['response'])
def db_check_user(request): # TODO: убрать
uid = auth['user']
if uid == 0:
return redirect('/login'), 'fail'
try:
return DB(int(uid)), 'ok'
except ExcDB as e:
if e.code == 0:
return int_error(
'В админ панель можно зайти только с аккаунта дежурного 💅🏻'
), 'fail'
else:
return int_error(e), 'fail'
def api(method: str):
login_check(request)
db = DB()
if method == "edit_current_user":
tokens = format_tokens([
request.form.get('access_token', ''),
request.form.get('me_token', '')
])
if tokens[0]:
db.access_token = tokens[0]
if tokens[1]:
db.me_token = tokens[1]
db.save()
if method == 'connect_to_iris':
try:
VkApi(db.access_token, raise_excepts=True)(
'messages.send',
peer_id=-174105461,
message=f'+api {db.secret} https://{request.host}/callback',
random_id=0)
except VkApiResponseException as e:
return int_error(f'Ошибка VK #{e.error_code}: {e.error_msg}')
if method == "edit_responses":
for key in db.responses.keys():
response = request.form.get(key)
if response:
db.responses[key] = response
db.save()
return redirect('/admin#Responses')
if method == "edit_dyntemplates":
name = request.form['temp_name']
length = int(request.form['length'])
i = 0
frames = []
while True:
if i >= length:
break
frame = request.form.get(f'frame{i}')
if frame:
frames.append(frame)
elif i < length:
frames.append('Пустой кадр')
else:
break
i += 1
temp = {
'name': request.form['new_name'],
'frames': frames,
'speed': float(request.form['speed'])
}
for i in range(len(db.anims)):
if db.anims[i]['name'] == name:
db.anims[i].update(temp)
break
db.save()
return redirect('/admin#DynTemplates')
if method == 'add_dyntemplate':
db.anims.append({
'name': 'анимка',
'frames': ['Отсутствует'],
'speed': 1.0
})
db.save()
return redirect('/admin#DynTemplates')
if method == 'delete_anim':
name = request.form['name']
for i in range(len(db.anims)):
if db.anims[i]['name'] == name:
del (db.anims[i])
db.save()
return redirect('/admin#DynTemplates')
if method == 'dc_auth':
if request.form.get('permit') == 'on':
db_gen.dc_auth = True
else:
db_gen.dc_auth = False
db_gen.save()
return redirect('/')
def api(method: str):
db = DB()
if method == "setup_idm":
if db.installed:
return redirect('/')
local_db = DB()
local_db.owner_id = int(request.form.get('owner_id', None))
local_db.secret = request.form.get('secret').lower()
local_db.access_token = request.form.get('access_token', None)
local_db.online_token = request.form.get(
'online_token',
None) if request.form.get('online_token', None) != '' else None
local_db.me_token = request.form.get(
'me_token',
None) if request.form.get('me_token', None) != '' else None
local_db.bp_token = request.form.get(
'bp_token',
None) if request.form.get('bp_token', None) != '' else None
local_db.vk_app_id = int(request.form.get('vk_app_id', None))
local_db.vk_app_secret = request.form.get('vk_app_secret', None)
local_db.host = request.form.get('host', None)
local_db.installed = True
local_db.trusted_users.append(local_db.owner_id)
local_db.duty_id = VkApi(local_db.access_token)('users.get')[0]['id']
local_db.trusted_users.append(local_db.duty_id)
db = local_db
db.save()
return redirect('/login?next=/')
if method == "edit_bot":
if request.form.get('uid', None) is None:
return redirect('/login?next=/admin')
uid = int(request.form.get('uid', None))
token = request.form.get('token', None)
if uid != db.owner_id and uid != db.duty_id:
return redirect('/')
if md5(f"{db.vk_app_id}{uid}{db.vk_app_secret}".encode()).hexdigest(
) != token:
return redirect('/login?next=/admin')
db.secret = request.form.get('secret', '').lower()
access_token = request.form.get('access_token', None)
online_token = request.form.get('online_token', None)
bp_token = request.form.get('bp_token', None)
me_token = request.form.get('me_token', None)
if access_token is not None and access_token != '' and '*' not in access_token:
db.access_token = access_token
if online_token is not None and online_token != '' and '*' not in online_token:
db.online_token = online_token
if bp_token is not None and bp_token != '' and '*' not in bp_token:
db.bp_token = bp_token
if me_token is not None and me_token != '' and '*' not in me_token:
db.me_token = me_token
db.save()
return redirect('/admin')
if method == "reset":
secret = request.form.get('secret', None)
if secret == db.secret:
db.installed = False
db.chats = {}
db.trusted_users = []
db.owner_id = 0
db.duty_id = 0
db.vk_app_id = 0
db.vk_app_secret = ""
db.host = ""
db.secret = ""
db.access_token = None
db.online_token = None
db.me_token = None
db.bp_token = None
db.save()
return redirect('/')
return "ok"
def install():
db = DB()
return render_template('pages/install.html', installed=db.installed)
def login():
db = DB()
return render_template('pages/login.html', vk_app_id=db.vk_app_id)
def api(method: str):
if method == "setup_cb": #--------------------------------------------------------------
if db_gen.installed: return redirect('/')
tokens = format_tokens(
[request.form.get('access_token'),
request.form.get('me_token')])
user_id = check_tokens(tokens)[0]
if type(user_id) != int: return user_id
db_gen.set_user(user_id)
db = DB(user_id)
db.access_token = tokens[0]
db.me_token = tokens[1]
db.secret = gen_secret()
# db_gen.vk_app_id = int(request.form.get('vk_app_id'))
# db_gen.vk_app_secret = request.form.get('vk_app_secret')
db_gen.host = "http://" + request.host
db_gen.installed = True
db.trusted_users.append(db.duty_id)
db.save()
db_gen.save()
return redirect('/login?next=/admin')
db = DB(auth['user'])
login = login_check(request, db, db_gen)
if login: return login
if method == "edit_current_user": #--------------------------------------------------------------
tokens = format_tokens([
request.form.get('access_token', ''),
request.form.get('me_token', '')
])
if tokens[0]: db.access_token = tokens[0]
if tokens[1]: db.me_token = tokens[1]
db.save()
return redirect('/admin')
if method == 'connect_to_iris':
try:
VkApi(db.access_token, raise_excepts=True)(
'messages.send',
random_id=0,
message=f'+api {db.secret} {db.gen.host}/callback',
peer_id=-174105461)
except VkApiResponseException as e:
return int_error(f'Ошибка VK #{e.error_code}: {e.error_msg}')
return redirect('/')
if method == "edit_responses": #--------------------------------------------------------------
for key in db.responses.keys():
response = request.form.get(key)
if response: db.responses[key] = response
db.save()
return redirect('/admin#Responses')
if method == "edit_dyntemplates":
name = request.form['temp_name']
length = int(request.form['length'])
i = 0
frames = []
while True:
if i >= length:
break
frame = request.form.get(f'frame{i}')
if frame:
frames.append(frame)
elif i < length:
frames.append('Пустой кадр')
else:
break
i += 1
temp = {
'name': request.form['new_name'],
'frames': frames,
'speed': float(request.form['speed'])
}
for i in range(len(db.anims)):
if db.anims[i]['name'] == name:
db.anims[i].update(temp)
break
db.save()
return redirect('/admin#DynTemplates')
if method == 'add_dyntemplate':
db.anims.append({
'name': 'анимка',
'frames': ['Отсутствует'],
'speed': 1.0
})
db.save()
return redirect('/admin#DynTemplates')
if method == 'delete_anim':
name = request.form['name']
for i in range(len(db.anims)):
if db.anims[i]['name'] == name:
del (db.anims[i])
db.save()
return redirect('/admin#DynTemplates')
if method == 'dc_auth':
if request.form.get('permit') == 'on':
db_gen.dc_auth = True
else:
db_gen.dc_auth = False
db_gen.save()
return redirect('/admin')
return int_error('Тебя здесь быть не должно')
