Пример #1
0
def get_data():
    token = json.loads(request.data)['token']

    try:
        if VkApi(token)('users.get')[0]['id'] != db_gen.owner_id:
            raise ValueError
    except (KeyError, IndexError, ValueError):
        return json.dumps({'error': error.AuthFail})

    db = DB(db_gen.owner_id)
    db.lp_settings['key'] = gen_secret(length=20)
    db.save()
    return json.dumps({
        'chats': db.chats,
        'deleter': db.responses['del_self'],
        'settings': db.lp_settings,
        'self_id': db.duty_id
    })
Пример #2
0
def do_auth():
    global auth
    user_id = check_tokens(format_tokens([request.form.get('access_token')]))
    if type(user_id) != list: return user_id
    auth['user'] = user_id[0]
    DB(user_id[0])  # ловим исключение, если юзер не в БД
    response = make_response()
    new_auth = md5(gen_secret().encode()).hexdigest()
    auth['token'] = new_auth
    response.set_cookie("auth", value=new_auth)
    response.headers['location'] = "/"
    return response, 302
Пример #3
0
def register():
    global session
    r = requests.post(DC,
                      json={
                          'method': 'register',
                          'user_id': str(db_gen.owner_id),
                          'token':
                          DB().access_token if db_gen.dc_auth else None,
                          'host': db_gen.host
                      })
    if r.status_code == 200:
        session = set_session(r.json()['response'])
Пример #4
0
def db_check_user(request):  # TODO: убрать
    uid = auth['user']
    if uid == 0:
        return redirect('/login'), 'fail'
    try:
        return DB(int(uid)), 'ok'
    except ExcDB as e:
        if e.code == 0:
            return int_error(
                'В админ панель можно зайти только с аккаунта дежурного 💅🏻'
            ), 'fail'
        else:
            return int_error(e), 'fail'
Пример #5
0
def api(method: str):
    login_check(request)

    db = DB()

    if method == "edit_current_user":
        tokens = format_tokens([
            request.form.get('access_token', ''),
            request.form.get('me_token', '')
        ])
        if tokens[0]:
            db.access_token = tokens[0]
        if tokens[1]:
            db.me_token = tokens[1]
        db.save()

    if method == 'connect_to_iris':
        try:
            VkApi(db.access_token, raise_excepts=True)(
                'messages.send',
                peer_id=-174105461,
                message=f'+api {db.secret} https://{request.host}/callback',
                random_id=0)
        except VkApiResponseException as e:
            return int_error(f'Ошибка VK #{e.error_code}: {e.error_msg}')

    if method == "edit_responses":
        for key in db.responses.keys():
            response = request.form.get(key)
            if response:
                db.responses[key] = response
        db.save()
        return redirect('/admin#Responses')

    if method == "edit_dyntemplates":
        name = request.form['temp_name']
        length = int(request.form['length'])
        i = 0
        frames = []
        while True:
            if i >= length:
                break
            frame = request.form.get(f'frame{i}')
            if frame:
                frames.append(frame)
            elif i < length:
                frames.append('Пустой кадр')
            else:
                break
            i += 1
        temp = {
            'name': request.form['new_name'],
            'frames': frames,
            'speed': float(request.form['speed'])
        }
        for i in range(len(db.anims)):
            if db.anims[i]['name'] == name:
                db.anims[i].update(temp)
                break
        db.save()
        return redirect('/admin#DynTemplates')

    if method == 'add_dyntemplate':
        db.anims.append({
            'name': 'анимка',
            'frames': ['Отсутствует'],
            'speed': 1.0
        })
        db.save()
        return redirect('/admin#DynTemplates')

    if method == 'delete_anim':
        name = request.form['name']
        for i in range(len(db.anims)):
            if db.anims[i]['name'] == name:
                del (db.anims[i])
                db.save()
                return redirect('/admin#DynTemplates')

    if method == 'dc_auth':
        if request.form.get('permit') == 'on':
            db_gen.dc_auth = True
        else:
            db_gen.dc_auth = False
        db_gen.save()

    return redirect('/')
Пример #6
0
def api(method: str):
    db = DB()

    if method == "setup_idm":
        if db.installed:
            return redirect('/')

        local_db = DB()
        local_db.owner_id = int(request.form.get('owner_id', None))
        local_db.secret = request.form.get('secret').lower()
        local_db.access_token = request.form.get('access_token', None)

        local_db.online_token = request.form.get(
            'online_token',
            None) if request.form.get('online_token', None) != '' else None
        local_db.me_token = request.form.get(
            'me_token',
            None) if request.form.get('me_token', None) != '' else None
        local_db.bp_token = request.form.get(
            'bp_token',
            None) if request.form.get('bp_token', None) != '' else None

        local_db.vk_app_id = int(request.form.get('vk_app_id', None))
        local_db.vk_app_secret = request.form.get('vk_app_secret', None)
        local_db.host = request.form.get('host', None)
        local_db.installed = True
        local_db.trusted_users.append(local_db.owner_id)
        local_db.duty_id = VkApi(local_db.access_token)('users.get')[0]['id']
        local_db.trusted_users.append(local_db.duty_id)

        db = local_db
        db.save()
        return redirect('/login?next=/')

    if method == "edit_bot":
        if request.form.get('uid', None) is None:
            return redirect('/login?next=/admin')
        uid = int(request.form.get('uid', None))
        token = request.form.get('token', None)

        if uid != db.owner_id and uid != db.duty_id:
            return redirect('/')

        if md5(f"{db.vk_app_id}{uid}{db.vk_app_secret}".encode()).hexdigest(
        ) != token:
            return redirect('/login?next=/admin')

        db.secret = request.form.get('secret', '').lower()

        access_token = request.form.get('access_token', None)
        online_token = request.form.get('online_token', None)
        bp_token = request.form.get('bp_token', None)
        me_token = request.form.get('me_token', None)

        if access_token is not None and access_token != '' and '*' not in access_token:
            db.access_token = access_token

        if online_token is not None and online_token != '' and '*' not in online_token:
            db.online_token = online_token

        if bp_token is not None and bp_token != '' and '*' not in bp_token:
            db.bp_token = bp_token

        if me_token is not None and me_token != '' and '*' not in me_token:
            db.me_token = me_token
        db.save()
        return redirect('/admin')

    if method == "reset":
        secret = request.form.get('secret', None)
        if secret == db.secret:
            db.installed = False
            db.chats = {}
            db.trusted_users = []
            db.owner_id = 0
            db.duty_id = 0
            db.vk_app_id = 0
            db.vk_app_secret = ""
            db.host = ""
            db.secret = ""
            db.access_token = None
            db.online_token = None
            db.me_token = None
            db.bp_token = None
            db.save()
        return redirect('/')

    return "ok"
Пример #7
0
def install():
    db = DB()
    return render_template('pages/install.html', installed=db.installed)
Пример #8
0
def login():
    db = DB()
    return render_template('pages/login.html', vk_app_id=db.vk_app_id)
Пример #9
0
def api(method: str):
    if method == "setup_cb":  #--------------------------------------------------------------
        if db_gen.installed: return redirect('/')

        tokens = format_tokens(
            [request.form.get('access_token'),
             request.form.get('me_token')])

        user_id = check_tokens(tokens)[0]
        if type(user_id) != int: return user_id

        db_gen.set_user(user_id)
        db = DB(user_id)

        db.access_token = tokens[0]
        db.me_token = tokens[1]

        db.secret = gen_secret()
        # db_gen.vk_app_id = int(request.form.get('vk_app_id'))
        # db_gen.vk_app_secret = request.form.get('vk_app_secret')
        db_gen.host = "http://" + request.host
        db_gen.installed = True
        db.trusted_users.append(db.duty_id)
        db.save()
        db_gen.save()
        return redirect('/login?next=/admin')

    db = DB(auth['user'])

    login = login_check(request, db, db_gen)
    if login: return login

    if method == "edit_current_user":  #--------------------------------------------------------------
        tokens = format_tokens([
            request.form.get('access_token', ''),
            request.form.get('me_token', '')
        ])
        if tokens[0]: db.access_token = tokens[0]
        if tokens[1]: db.me_token = tokens[1]
        db.save()
        return redirect('/admin')

    if method == 'connect_to_iris':
        try:
            VkApi(db.access_token, raise_excepts=True)(
                'messages.send',
                random_id=0,
                message=f'+api {db.secret} {db.gen.host}/callback',
                peer_id=-174105461)
        except VkApiResponseException as e:
            return int_error(f'Ошибка VK #{e.error_code}: {e.error_msg}')
        return redirect('/')

    if method == "edit_responses":  #--------------------------------------------------------------
        for key in db.responses.keys():
            response = request.form.get(key)
            if response: db.responses[key] = response
        db.save()
        return redirect('/admin#Responses')

    if method == "edit_dyntemplates":
        name = request.form['temp_name']
        length = int(request.form['length'])
        i = 0
        frames = []
        while True:
            if i >= length:
                break
            frame = request.form.get(f'frame{i}')
            if frame:
                frames.append(frame)
            elif i < length:
                frames.append('Пустой кадр')
            else:
                break
            i += 1
        temp = {
            'name': request.form['new_name'],
            'frames': frames,
            'speed': float(request.form['speed'])
        }
        for i in range(len(db.anims)):
            if db.anims[i]['name'] == name:
                db.anims[i].update(temp)
                break
        db.save()
        return redirect('/admin#DynTemplates')

    if method == 'add_dyntemplate':
        db.anims.append({
            'name': 'анимка',
            'frames': ['Отсутствует'],
            'speed': 1.0
        })
        db.save()
        return redirect('/admin#DynTemplates')

    if method == 'delete_anim':
        name = request.form['name']
        for i in range(len(db.anims)):
            if db.anims[i]['name'] == name:
                del (db.anims[i])
                db.save()
                return redirect('/admin#DynTemplates')

    if method == 'dc_auth':
        if request.form.get('permit') == 'on':
            db_gen.dc_auth = True
        else:
            db_gen.dc_auth = False
        db_gen.save()
        return redirect('/admin')

    return int_error('Тебя здесь быть не должно')