def on_post(self, req, resp):
if req.get_header("content-type") != "application/json":
resp.status = "400 Bad Request"
resp.content_type = "text"
resp.body = "Data was not of type 'application/json'"
return
event_type = req.get_header("X-GitHub-Event")
data = json.load(req.bounded_stream)
state = data["state"]
project = data["name"]
context = data["context"]
branches = [b["name"] for b in data["branches"]]
if event_type != "status":
return
if not project.startswith("GlowstoneMC/"):
return
if not context.startswith("ci/circleci"):
return
if state != "success":
return
if "dev" not in branches and "master" not in branches:
return
celery.send_task(
"download_javadocs",
args=[project]
)
return
def on_post(self, req, resp):
user = req.context["user"]
db_session = req.context["db_session"]
db_session.query(BackupCode).filter_by(user=user).delete(
synchronize_session="fetch")
backup_codes = []
for i in range(10):
token = secrets.token_urlsafe(24)
db_session.add(BackupCode(user=user, code=token))
backup_codes.append(token)
celery.send_task("send_email",
args=["backup_codes", user.email, "MFA backup codes"],
kwargs={"codes": backup_codes})
resp.append_header("Refresh", "5;url=/settings")
return self.render_template(
req,
resp,
"message_gate.html",
gate_message=Message("success", "New codes generated",
"New backup codes have been emailed to you."),
redirect_uri="/settings")
def send_nodebb(title, url, markdown, username, email, post_id):
with send_nodebb.database.session() as session:
settings = {}
# Load up all NodeBB settings
try:
for setting in session.query(Setting).filter(
Setting.key.like("nodebb_%")).all():
settings[setting.key] = setting.value
except Exception as e:
logging.getLogger("send_nodebb").error(
"Failed to get NodeBB settings: {}".format(e))
return
finally:
session.close()
for key in NODEBB_NEEDED_KEYS:
if key not in settings:
return # Not enough settings available
nodebb_url = settings["nodebb_base_url"] + "{}"
# Attempt to find a user object by email
try:
resp = requests.get(
nodebb_url.format(NODEBB_READ_EMAIL.format(email)))
except Exception as e:
logging.getLogger("send_nodebb").warning(
"Failed to find a user for {}: {}".format(email, e))
uid = settings["nodebb_default_user_id"]
title = "{} (by {})".format(title, username)
else:
data = resp.json()
uid = data["uid"]
markdown = "{}\n\n*This post was mirrored from [the site]({}).*".format(
markdown, url)
try:
requests.post(nodebb_url.format(NODEBB_WRITE_POST),
data={
"_uid": uid,
"cid": settings["nodebb_category_id"],
"title": title,
"content": markdown
},
headers={
"Authorization":
"Bearer {}".format(settings["nodebb_api_key"])
})
app.send_task("link_comments", args=[post_id])
except Exception as e:
logging.getLogger("send_nodebb").error(
"Unable to create post: {}".format(e))
def on_get(self, req, resp):
db_session = req.context["db_session"]
params = {}
if not req.get_param("product", store=params):
raise HTTPNotFound()
try:
product = db_session.query(Product).filter_by(
id=int(params["product"])).one()
except NoResultFound:
raise HTTPNotFound()
else:
celery.send_task("github_import",
args=[product.id, "GlowstoneMC", product.name],
kwargs={})
raise HTTPTemporaryRedirect("/admin/products/")
def notify_post(post: NewsPost):
post_url = "https://glowstone.net/news/{}".format(post.id)
# Discord
md = post.summary
md += "\n\n"
md += "[Click here for more]({})".format(post_url)
discord_embed = {
"title": post.title,
"description": md,
"url": post_url,
"author": {
"name": post.user.username,
"url": "https://glowstone.net/"
}
}
app.send_task("send_discord", args=[discord_embed])
# Twitter
app.send_task("send_twitter", args=[post.title, post_url])
# NodeBB
app.send_task("send_nodebb",
args=[
post.title, post_url, post.markdown, post.user.username,
post.user.email, post.id
])
def on_get(self, req, resp):
params = {}
resp.append_header("Refresh", "5;url=/admin/news/")
if not req.get_param("post", store=params):
return self.render_template(
req,
resp,
"admin/message_gate.html",
gate_message=Message(
"danger", "Missing post ID",
"Please include the ID of the post you want to relink"),
redirect_uri="/admin/news")
db_session = req.context["db_session"]
try:
post = db_session.query(NewsPost).filter_by(
id=int(params["post"])).one()
except NoResultFound:
return self.render_template(req,
resp,
"admin/message_gate.html",
gate_message=Message(
"danger", "Error",
"No such post: {}".format(
params["post"])),
redirect_uri="/admin/news")
else:
celery.send_task("link_comments", args=[post.id])
return self.render_template(req,
resp,
"admin/message_gate.html",
gate_message=Message(
"success", "Relinking scheduled",
"This post is being relinked."),
redirect_uri="/admin/news")
def on_post(self, req, resp):
user = req.context["user"]
db_session = req.context["db_session"]
db_session.query(BackupCode).filter_by(user=user).delete(
synchronize_session="fetch")
user.mfa_enabled = False
user.mfa_token = None
celery.send_task("send_email",
args=["mfa_disabled", user.email, "MFA disabled"],
kwargs={})
resp.append_header("Refresh", "5;url=/settings")
return self.render_template(req,
resp,
"message_gate.html",
gate_message=Message(
"success", "MFA disabled",
"You have disabled MFA."),
redirect_uri="/settings")
def step_two(self, req, resp):
user = req.context["user"]
totp = pyotp.TOTP(user.mfa_token)
code = req.get_param("code")
db_session = req.context["db_session"]
if not code:
uri = totp.provisioning_uri("{}@glowstone.net".format(
user.username),
issuer_name="Glowstone")
image = qrcode.make(uri)
buffer = BytesIO()
image.save(buffer, format="PNG")
qr_code = base64.b64encode(buffer.getvalue()).decode("UTF-8")
return self.render_template(
req,
resp,
"mfa/setup/step_two.html",
message=Message(
"danger", "Missing code",
"Please enter a code from your authenticator application to continue."
),
qr_code=qr_code)
if totp.verify(code):
backup_codes = []
for i in range(10):
token = secrets.token_urlsafe(24)
db_session.add(BackupCode(user=user, code=token))
backup_codes.append(token)
celery.send_task(
"send_email",
args=["backup_codes", user.email, "MFA backup codes"],
kwargs={"codes": backup_codes})
user.mfa_enabled = True
return self.render_template(req, resp, "mfa/setup/complete.html")
else:
uri = totp.provisioning_uri("{}@glowstone.net".format(
user.username),
issuer_name="Glowstone")
image = qrcode.make(uri)
buffer = BytesIO()
image.save(buffer, format="PNG")
qr_code = base64.b64encode(buffer.getvalue()).decode("UTF-8")
return self.render_template(
req,
resp,
"mfa/setup/step_two.html",
message=Message(
"danger", "Invalid code",
"The auth code you provided was invalid - please try again."
),
qr_code=qr_code)
def on_post(self, req, resp):
if req.context["user"]:
resp.append_header("Refresh", "5;url=/")
return self.render_template(
req, resp, "message_gate.html",
gate_message=Message(
"danger", "Already logged in",
"You're already logged in!"
),
redirect_uri="/"
)
params = {}
if not req.get_param("g-recaptcha-response", store=params):
return self.render_template(
req, resp, "register.html",
message=Message(
"danger", "Failed CAPTCHA",
"Unfortunately, we were not able to verify you by CAPTCHA. Please try again."
),
csrf=resp.csrf
)
http = Session()
captcha_response = http.post(
RECAPTCHA_URL, data={
"secret": self.manager.database.config.recaptcha_secret,
"response": params["g-recaptcha-response"]
}
).json()
if not captcha_response["success"]:
return self.render_template(
req, resp, "register.html",
message=Message(
"danger", "Failed CAPTCHA",
"Unfortunately, we were not able to verify you by CAPTCHA. Please try again."
),
csrf=resp.csrf
)
if not req.get_param("username", store=params) \
or not req.get_param("email", store=params) \
or not req.get_param("password", store=params) \
or not req.get_param("confirm_password", store=params):
return self.render_template(
req, resp, "register.html",
message=Message("danger", "Missing input", "Please fill out the entire form"),
csrf=resp.csrf
)
if not params["password"] == params["confirm_password"]:
return self.render_template(
req, resp, "register.html",
message=Message("danger", "Passwords do not match", "Please ensure that your passwords match"),
csrf=resp.csrf
)
db_session = req.context["db_session"]
try:
db_session.query(User).filter_by(username=params["username"]).one()
except NoResultFound:
pass
else:
return self.render_template(
req, resp, "register.html",
message=Message("danger", "User already exists", "That username is already taken - please try another"),
csrf=resp.csrf
)
try:
db_session.query(User).filter_by(email=params["email"]).one()
except NoResultFound:
pass
else:
return self.render_template(
req, resp, "register.html",
message=Message("danger", "Email already used", "An account already exists for that email address"),
csrf=resp.csrf
)
password = base64.b64encode(hashlib.sha256(params["password"].encode("utf-8")).digest())
hashed_password = bcrypt.hashpw(password, bcrypt.gensalt()).decode("utf-8")
user = User(
username=params["username"], password=hashed_password, created=datetime.datetime.now(),
email=params["email"], email_verified=not self.db.config.email["use"],
admin=(params["username"] == self.manager.database.config.admin_username)
)
db_session.add(user)
resp.append_header("Refresh", "10;url=/")
if self.db.config.email["use"]:
key = secrets.token_urlsafe(32)
email_code = EmailCode(
user=user, code=key
)
db_session.add(email_code)
celery.send_task(
"send_email",
args=["email_verification", user.email, "Email verification"],
kwargs={"verify_url": "/login/verify/{}".format(key)}
)
return self.render_template(
req, resp, "message_gate.html",
gate_message=Message(
"info", "Registered", "Your account has been registered - please check your email to verify it!"
),
redirect_uri="/"
)
return self.render_template(
req, resp, "message_gate.html",
gate_message=Message(
"info", "Registered", "Your account has been registered successfully."
),
redirect_uri="/"
)
def on_post(self, req, resp):
params = {}
errors = []
updated = []
user = req.context["user"]
user_email = user.email
if not req.get_param("password", store=params):
return self.render_template(
req,
resp,
"users/settings.html",
message=Message(
"danger", "Missing password",
"Please enter your current password to make changes."),
user=user)
params["password"] = base64.b64encode(
hashlib.sha256(params["password"].encode("utf-8")).digest())
db_session = req.context["db_session"]
if not bcrypt.checkpw(params["password"],
user.password.encode("UTF-8")):
return self.render_template(
req,
resp,
"users/settings.html",
message=Message("danger", "Incorrect password",
"The password you entered was incorrect."),
user=user)
if not errors:
if req.get_param("new_password", store=params):
if not req.get_param("new_password_again", store=params):
errors.append("Please confirm your new password.")
elif not params["new_password"] == params["new_password_again"]:
errors.append("Your new passwords do not match.")
else:
password = base64.b64encode(
hashlib.sha256(
params["new_password"].encode("utf-8")).digest())
hashed_password = bcrypt.hashpw(
password, bcrypt.gensalt()).decode("utf-8")
user.password = hashed_password
updated.append("Password")
if not errors:
if req.get_param("email", store=params) and params["email"]:
key = secrets.token_urlsafe(32)
email_code = EmailCode(user=user, code=key)
db_session.add(email_code)
celery.send_task(
"send_email",
args=[
"email_verification", user.email, "Email verification"
],
kwargs={"verify_url": "/login/verify/{}".format(key)})
user.email = params["email"]
user.email_verified = False
updated.append("Email")
if errors:
return self.render_template(
req,
resp,
"users/settings.html",
message=Message(
"danger", "Error",
"The following problems were found - nothing has been changed. <br /><ul>{}</ul>"
.format("".join("<li>{}</li>".format(error)
for error in errors))),
user=user)
if updated:
updated = ", ".join(updated)
celery.send_task(
"send_email",
args=["settings_changed", user_email, "Settings Changed"],
kwargs={"settings": updated})
resp.append_header("Refresh", "10;url=/profile")
return self.render_template(
req,
resp,
"message_gate.html",
gate_message=Message(
"info", "Updated",
"You have updated the following settings: {}<br />If you updated your email, "
"remember to verify it - or you won't be able to log in!".
format(updated)),
redirect_uri="/profile")
return self.render_template(req,
resp,
"users/settings.html",
message=Message(
"warning", "No changes",
"You didn't change any settings."),
user=user)