def tag_post(t):
logged_in = True
token = get_token_from_request()
data = None
if not token:
logged_in = False
else:
state, data = token_processor.get_username(token)
# print(data)
logged_in = state
if not logged_in:
data = {'role': 0}
page = request.args.get('page', 1, int)
limit = request.args.get('limit', 6, int)
offset = (page - 1) * limit
posts = ppl.get_posts(offset, limit, level=logged_in + data['role'], tag=t)
user_data = {
'username': data['username'],
'role': data['role'],
'token': token
} if logged_in else None
return render_template('index.html',
posts=posts,
userData=user_data,
tag=t.capitalize(),
info=BLOG_INFO)
def upload_pic_to_channel(channel):
if channel not in image_channels:
return {'success': False, 'msg': f'Channel {channel} not found.'}
channel = image_channels[channel]
file = request.files['file']
token = get_token_from_request()
convert = request.form.get('to')
status, msg = token_processor.get_username(token)
if status and not msg['role']:
status = False
msg = 'No Access'
if status:
msg = ''
if file and file.filename.split('.')[-1].lower() in {
'jpg', 'jpeg', 'png', 'bmp', 'webp', 'gif'
}:
result = channel.add_image(file, file.filename, convert)
pic_url, delete_key = result.get_or(('', ''))
return {
'success': not result.empty,
'picURL': pic_url,
'msg': '',
'result': {
'url': pic_url,
'deleteKey': delete_key,
'channel': channel.identifier
}
}
else:
msg += 'File Not Supported'
return {'success': False, 'picURL': "", 'msg': msg}
def add_user():
form = request.get_json()
username = form.get('username')
password = form.get('password')
token = get_token_from_request()
role = form.get('role', 0)
try:
role = int(role)
except Exception:
role = -1
if not all([username, password, token]) or role < 0:
return {"success": False, 'msg': 'Bad Request'}
valid, info = token_processor.is_su(token)
if not valid:
return {'success': False, 'msg': info}
su_role = info.get('su', 0)
if su_role == 0 or role >= su_role:
return {'success': False, 'msg': 'role error'}
state = acm.add_user(username, password, role)
if state:
log.v("User added.",
username=username,
by=info.get('admin'),
role=role)
return {'success': state, 'msg': 'User Exists'}
def get_user_list():
token = get_token_from_request()
stat, data = token_processor.get_username(token)
if stat:
stat = stat and data.get('role', 0)
if not stat:
return {'success': False, 'msg': 'Bad token or role'}
return {'success': True, 'data': acm.get_all_user(data.get('role', 0))}
def seo_post(p):
# print("Got an request:", p)
logged_in = True
data = None
token = get_token_from_request()
if not token:
logged_in = False
else:
state, data = token_processor.get_username(token)
# print(data)
logged_in = state
if not logged_in:
data = {'role': 0}
post = ppl.find_post(p)
level = logged_in + data['role']
if post and level >= post['secret']:
username = data.get('username')
post_data = dict(post,
prev=ppl.get_prev(p, level, username),
next=ppl.get_next(p, level, username))
else:
post_data = {
'title':
'Page Not Found',
'subtitle':
"Please check your post-id. Or try to <a href='../login.html' onclick='utils.setRedirect(utils.getAbsPath())'"
+ ">Login</a>",
'date':
datetime.datetime.now().strftime('%B %d, %Y'),
'tags': ['404'],
'content':
'<p>There might be some problem here. Please check your input.</p>',
'id':
-1,
'prev':
-1,
'next':
-1,
'secret':
0 if not post else post.get('secret', 0)
}
user_data = {
'username': data['username'],
'role': data['role'],
'token': token
} if logged_in else None
return render_template('post.html',
post=post_data,
userData=user_data,
info=BLOG_INFO)
def oauth_bind(username, third):
adp = oauth_adapters.get(third.lower())
code = request.args.get('code')
token = get_token_from_request()
stat, user = token_processor.get_username(token)
if not adp or not code or not stat or user['username'].lower(
) != username.lower():
return redirect(BLOG_LINK[:-1] +
'/userspace/oauth-accounts?error={}'.format(third))
result = adp.add_user(username, code)
if result:
return redirect(BLOG_LINK[:-1] + '/userspace/oauth-accounts?succeed=' +
third)
else:
return redirect(BLOG_LINK[:-1] + '/userspace/oauth-accounts?error=' +
quote('Maybe this user is not available'))
def delete_user():
form = request.get_json()
if not form:
form = request.form
username = form.get('username')
token = get_token_from_request()
if not all([username, token]):
return {"success": False, 'msg': 'Bad Request'}
valid, info = token_processor.is_su(token)
if not valid:
return {'success': False, 'msg': info}
if info.get('su', 0) == 0:
return {'success': False, 'msg': 'role error'}
acm.delete_user(username, info.get('su', 0))
log.v("User deleted.", username=username, by=info.get('admin'))
return {'success': True}
def getpostpage(p=None):
p = p or request.args.get("p", -1, int)
logged_in = True
data = None
token = get_token_from_request()
if not token:
logged_in = False
else:
state, data = token_processor.get_username(token)
# print(data)
logged_in = state
if not logged_in:
data = {'role': 0}
post = ppl.find_post(p)
if post:
p = post['id']
level = logged_in + data['role']
if post and level >= post['secret']:
username = data.get('username')
post_data = dict(post,
prev=ppl.get_prev(p, level, username),
next=ppl.get_next(p, level, username))
else:
post_data = {
'title': 'Page Not Found',
'subtitle': "Please check your post-id. Or try to Login.",
'date': datetime.datetime.now().strftime('%B %d, %Y'),
'tags': ['404'],
'content':
'<p>There might be some problem here. Please check your input.</p>',
'id': -1,
'prev': -1,
'next': -1,
'secret': 0 if not post else post.get('secret', 0),
'author': {
'nickname': ''
}
}
user_data = {
'username': data['username'],
'role': data['role'],
'token': token
} if logged_in else None
return render_template('post_vue.html',
post=post_data,
userData=user_data,
info=BLOG_INFO)
def delete_post():
form = request.get_json()
if not form:
form = request.form
pid = form.get('postID')
token = get_token_from_request()
valid, info = token_processor.get_username(token)
if not valid:
return {'success': False, 'msg': info}
if info.get('role') == 0:
return {'success': False, 'msg': 'role error'}
success = ppl.remove_post(pid, info.get('role'))
if success:
log.v("Post deleted.", pid=pid)
return {
'success': success,
'msg': 'You are not supposed to delete that post'
}
def scan_code(code):
token = get_token_from_request()
def hndl_code():
if not code:
return False, "No code"
if not token:
return False, "No token"
valid, user = token_processor.get_username(token)
if not valid:
return False, "Invalid token"
stat, info = auth_login.get_code(code)
if not stat:
return False, info
auth_login.set_code(code, user)
conn = auth_login.conns.get(code)
return True, conn
succ, info = hndl_code()
return {"success": succ, "msg": info}
def confirm_code(code):
token = get_token_from_request()
succ, info = auth_login.get_code(code)
valid, token_user = token_processor.get_username(token)
def handler():
if not succ:
return False, info
if not valid:
return False, token_user
user = info.get("user", {})
username = user.get("username", "")
role = user.get("role", 0)
if username != token_user.get("username"):
return False, "Wrong user"
auth_login.confirm_login(code)
return True, "Confirmed"
succ, pld = handler()
return {"success": succ, "data": pld}
def seo_main():
# return new_index()
logged_in = True
token = get_token_from_request()
data = None
if not token:
logged_in = False
else:
state, data = token_processor.get_username(token)
# print(data)
logged_in = state
if not logged_in:
data = {'role': 0}
tag = request.args.get('tag')
catalog = request.args.get('catalog')
page = request.args.get('page', 1, int)
limit = request.args.get('limit', 6, int)
offset = (page - 1) * limit
level = logged_in + data['role']
posts = ppl.get_posts(offset, limit, level, tag, catalog)
total = ppl.get_count(level)
pages = total // limit + (total % limit > 0)
user_data = {
'username': data['username'],
'role': data['role'],
'token': token
} if logged_in else None
tag = tag.capitalize() if tag else None
return render_template('index_vue.html',
posts=posts,
userData=user_data,
tag=tag,
info=BLOG_INFO,
pages={
'total': total,
"current": page,
"pages": pages
})
def all_post():
logged_in = True
token = get_token_from_request()
data = None
if not token:
logged_in = False
else:
state, data = token_processor.get_username(token)
# print(data)
logged_in = state
if not logged_in:
data = {'role': 0}
level = logged_in + data['role']
page = request.args.get('page', 1, int)
limit = request.args.get('limit', 20, int)
tag = request.args.get('tag')
catalog = request.args.get('catalog')
offset = (page - 1) * limit
username = data.get('username')
total = ppl.filter_post(level, tag, catalog, username).count()
pages = total // limit + (total % limit > 0)
posts = ppl.get_posts(offset, limit, level, tag, catalog, username)
return {'data': posts, 'total': total, 'pages': pages, 'valid': logged_in}
def get_su_token():
form = request.get_json()
if not form:
form = request.form
token = get_token_from_request()
username = None
if token:
stat, info = token_processor.get_username(token)
if stat:
username = info['username']
else:
username = form.get('username')
password = form.get('password')
if not all([username, password]):
return {'success': False, 'msg': 'Missing Username or Password'}
status, code = acm.check_user(username, password)
if not status or not code:
return {'success': False, 'msg': 'Wrong Username or Password'}
log.v("SuperUser token issued.", username=username, role=code)
return {
'success': True,
'token': token_processor.iss_su_token(username, code)
}
def add_edit_post():
form = request.get_json()
if not form:
form = request.form
pid = form.get('postID')
data = form.get('data')
token = get_token_from_request()
markdown = form.get('markdown', 0)
if not all([data, token]):
return {'success': False, 'msg': 'bad request'}
valid, info = token_processor.get_username(token)
if not valid:
return {'success': False, 'msg': info}
if info.get('role',
0) == 0 or info.get('role', 0) + 1 < data.get('secret', 0):
return {'success': False, 'msg': 'role error'}
if not pid:
state = ppl.add_post(data, info['username'], markdown)
else:
state = ppl.edit_post(pid, data, info.get('role', 0), markdown)
if state:
emit('post_edited', {'id': pid}) # Broadcast to all clients.
return {'success': state}
def get_post(p):
logged_in = True
data = None
token = get_token_from_request()
if not token:
logged_in = False
else:
state, data = token_processor.get_username(token)
# print(data)
logged_in = state
if not logged_in:
data = {'role': 0}
need_markdown = json.loads(request.args.get('markdown', "false").lower())
post = ppl.find_post(p, need_markdown)
level = logged_in + data['role']
username = data.get('username')
if post:
return dict(
post,
prev=ppl.get_prev(post['id'], level, username),
next=ppl.get_next(post['id'], level,
username)) if level >= post['secret'] else None
return None
def rss_feed():
logged_in = True
token = get_token_from_request()
data = None
if not token:
logged_in = False
else:
state, data = token_processor.get_username(token)
# print(data)
logged_in = state
if not logged_in:
data = {'role': 0}
level = logged_in + data['role']
data = ppl.get_all_posts(level)
rss = PyRSS2Gen.RSS2(
title=BLOG_INFO['title'],
link=BLOG_LINK,
description=BLOG_INFO['motto'],
lastBuildDate=datetime.datetime.now()
if not len(data) else data[-1]['last_edit'],
pubDate=datetime.datetime.now(),
items=[
PyRSS2Gen.RSSItem(
title=post['title'],
description=post['subtitle'],
author=post['author']['nickname'],
link="{}post/{}".format(BLOG_LINK, quote(post['display_id']))
if post['display_id'] else '{}post?p={}'.format(
BLOG_LINK, post['id']),
guid=PyRSS2Gen.Guid(
"{}post/{}".format(BLOG_LINK, post['display_id']) if
post['display_id'] else '{}post?p={}'.format(post['id'])),
categories=post['tags'],
pubDate=post['created']) for post in data
])
return rss.to_xml('utf-8'), 201, {'Content-Type': 'application/xml'}
def token(self):
return get_token_from_request()
def login_token():
token = get_token_from_request()
if not token:
return {'success': False, 'msg': 'Bad Params'}
stat, payload = token_processor.get_username(token)
return {'success': stat, 'payload': payload, 'msg': 'Bad token'}
def refresh_token():
token = get_token_from_request()
stat, payload = token_processor.refresh_token(token)
if stat:
return {'success': True, 'token': payload['token']}
return {'success': False, 'msg': payload}
def get_infos():
token = get_token_from_request()
stat, info = token_processor.app_token_decode(token)
return {'success': stat, 'info': info}