def headless_theatre_view(env, get_vars, post_vars, csrf_clerk, session, user): page_data = basic_page_data('theatre-headless') status = '200 OK' given_password = post_vars.get('theatre_password', [''])[0] theatre_password = get_property('theatre_password', None) if (user is not None or given_password == theatre_password or patreon.validate_session(env)): page_data['chat_uri'] = turbo_views['chat-headless'].path page_data['youtube_stream_id'] = get_property('theatre_stream_id') response_body = templates.render('youtube_embed', page_data) else: callback_view = turbo_views['patreon-theatre-callback'] redirect_uri = callback_view.uri oauth = turbo_session.OAuth2Session(config.patreon.client_id, redirect_uri=redirect_uri, scope=config.patreon.scope) authorization_url, state = oauth.authorization_url( config.patreon.authorize_url, turbo_session.generate_state(env, csrf_clerk)) page_data['patreon_authorization_uri'] = authorization_url page_data['form_action'] = turbo_views['theatre-headless'].path page_data['login_uri'] = util.build_url( turbo_views['login'].path, query={'redirect_to': turbo_views['theatre'].path}) response_body = templates.render('theatre_auth', page_data) response_headers = util.basic_response_header(response_body) return response_body, response_headers, status
def account_view(env, get_vars, post_vars, csrf_clerk, session, user): page_data = basic_page_data('account') # Reset app_password if requested if post_vars.get('reset_app_password', [0])[0] == '1': csrf_token = post_vars.get('csrf_token', [''])[0] if csrf_clerk.validate(session, csrf_token): # silently failing on an invalid token is fine here user.reset_app_password() status = '200 OK' page_data['nav'] = turbo_nav.generate_html('account', user, expanded=True) page_data['form_action'] = turbo_views['account'].path page_data['username'] = user.username page_data['avatar_src'] = user.account.get('avatar', '') page_data['app_password'] = user.app_password_plain page_data['csrf_token'] = csrf_clerk.register(session) discord_member = discord.get_member(user.discord_id) discord_user = discord.get_user(discord_member) redirect_uri = turbo_views['discord-callback'].uri oauth = turbo_session.OAuth2Session(config.discord.client_id, redirect_uri=redirect_uri, scope=config.discord.scope) authorization_url, state = oauth.authorization_url( config.discord.authorize_url, turbo_session.generate_state(env, csrf_clerk)) page_data['discord_username'] = discord.render_username(discord_user) page_data['discord_roles'] = discord.render_roles(discord_member) page_data['discord_avatar_src'] = discord.get_avatar_url(discord_user) page_data['authorization_url'] = authorization_url response_body = templates.render('account', page_data) response_headers = util.basic_response_header(response_body) return response_body, response_headers, status
def decorated_function(env, csrf_clerk): get_vars = util.retrieve_get_vars(env) post_vars = util.retrieve_post_vars(env) session = turbo_session.get_session(env) account = turbo_session.retrieve_oauth_account(session) # Start OAuth cookie_set = int(get_vars.get('cookie_set', [0])[0]) # Failed to set cookie, tell user to enable cookies if(account is None and min_access_level >= ACL.turbo and cookie_set == 1): return error_view('Login Error', 'Failed to create session. Try to enable ' ' cookies for this site.') elif(account is None and min_access_level >= ACL.turbo): # Show Auth Error in headless mode if(headless): return error_view('Auth Error', 'You are not logged in.', nav, headless=True) redirect_uri = turbo_views['oauth-callback'].uri oauth = turbo_session.OAuth2Session( config.mastodon.client_id, redirect_uri=redirect_uri, scope=config.mastodon.scope) authorization_url, state = oauth.authorization_url( config.mastodon.authorize_url, turbo_session.generate_state(env, csrf_clerk) ) status = '307 Temporary Redirect' response_body = '' response_headers = [('Location', str(authorization_url))] # Redirect to url without cookie_set parameter elif(cookie_set == 1): status = '307 Temporary Redirect' response_body = '' response_headers = [ ('Location', util.build_url(env['PATH_INFO'])) ] # Display View else: user = User.create(account) access_level = User.get_access_level(user) if access_level < min_access_level: return error_view('Missing Privileges', 'You do not have the required ' 'permissions to access this.', access_level=access_level) response_body, response_headers, status = func( env, get_vars, post_vars, csrf_clerk, session, user ) return response_body, response_headers, status
def main_view(env, csrf_clerk): page_data = basic_page_data('main') response_body = 'Template Render Error.' response_headers = util.basic_response_header(response_body) status = '200 OK' session = turbo_session.get_session(env) account = turbo_session.retrieve_oauth_account(session) # Couldn't auth based on session. Start fresh OAuth 2.0 handshake if(account is None): if(session is not None): redirect_uri = turbo_views['oauth-callback'].uri oauth = turbo_session.OAuth2Session( config.mastodon.client_id, redirect_uri=redirect_uri, scope=config.mastodon.scope ) authorization_url, state = oauth.authorization_url( config.mastodon.authorize_url, turbo_session.generate_state(env, csrf_clerk) ) status = '307 Temporary Redirect' response_body = '' response_headers = [('Location', str(authorization_url))] # Not yet authenticated and no old session else: page_data['nav'] = turbo_nav.generate_html('main') page_data['login_uri'] = turbo_views['login'].path response_body = templates.render('main', page_data) response_headers = util.basic_response_header(response_body) # Display Account Information else: status = '307 Temporary Redirect' response_body = '' response_headers = [ ('Location', turbo_views['account'].uri) ] return response_body, response_headers, status