def tag_post(t): logged_in = True token = get_token_from_request() data = None if not token: logged_in = False else: state, data = token_processor.get_username(token) # print(data) logged_in = state if not logged_in: data = {'role': 0} page = request.args.get('page', 1, int) limit = request.args.get('limit', 6, int) offset = (page - 1) * limit posts = ppl.get_posts(offset, limit, level=logged_in + data['role'], tag=t) user_data = { 'username': data['username'], 'role': data['role'], 'token': token } if logged_in else None return render_template('index.html', posts=posts, userData=user_data, tag=t.capitalize(), info=BLOG_INFO)
def upload_pic_to_channel(channel): if channel not in image_channels: return {'success': False, 'msg': f'Channel {channel} not found.'} channel = image_channels[channel] file = request.files['file'] token = get_token_from_request() convert = request.form.get('to') status, msg = token_processor.get_username(token) if status and not msg['role']: status = False msg = 'No Access' if status: msg = '' if file and file.filename.split('.')[-1].lower() in { 'jpg', 'jpeg', 'png', 'bmp', 'webp', 'gif' }: result = channel.add_image(file, file.filename, convert) pic_url, delete_key = result.get_or(('', '')) return { 'success': not result.empty, 'picURL': pic_url, 'msg': '', 'result': { 'url': pic_url, 'deleteKey': delete_key, 'channel': channel.identifier } } else: msg += 'File Not Supported' return {'success': False, 'picURL': "", 'msg': msg}
def add_user(): form = request.get_json() username = form.get('username') password = form.get('password') token = get_token_from_request() role = form.get('role', 0) try: role = int(role) except Exception: role = -1 if not all([username, password, token]) or role < 0: return {"success": False, 'msg': 'Bad Request'} valid, info = token_processor.is_su(token) if not valid: return {'success': False, 'msg': info} su_role = info.get('su', 0) if su_role == 0 or role >= su_role: return {'success': False, 'msg': 'role error'} state = acm.add_user(username, password, role) if state: log.v("User added.", username=username, by=info.get('admin'), role=role) return {'success': state, 'msg': 'User Exists'}
def get_user_list(): token = get_token_from_request() stat, data = token_processor.get_username(token) if stat: stat = stat and data.get('role', 0) if not stat: return {'success': False, 'msg': 'Bad token or role'} return {'success': True, 'data': acm.get_all_user(data.get('role', 0))}
def seo_post(p): # print("Got an request:", p) logged_in = True data = None token = get_token_from_request() if not token: logged_in = False else: state, data = token_processor.get_username(token) # print(data) logged_in = state if not logged_in: data = {'role': 0} post = ppl.find_post(p) level = logged_in + data['role'] if post and level >= post['secret']: username = data.get('username') post_data = dict(post, prev=ppl.get_prev(p, level, username), next=ppl.get_next(p, level, username)) else: post_data = { 'title': 'Page Not Found', 'subtitle': "Please check your post-id. Or try to <a href='../login.html' onclick='utils.setRedirect(utils.getAbsPath())'" + ">Login</a>", 'date': datetime.datetime.now().strftime('%B %d, %Y'), 'tags': ['404'], 'content': '<p>There might be some problem here. Please check your input.</p>', 'id': -1, 'prev': -1, 'next': -1, 'secret': 0 if not post else post.get('secret', 0) } user_data = { 'username': data['username'], 'role': data['role'], 'token': token } if logged_in else None return render_template('post.html', post=post_data, userData=user_data, info=BLOG_INFO)
def oauth_bind(username, third): adp = oauth_adapters.get(third.lower()) code = request.args.get('code') token = get_token_from_request() stat, user = token_processor.get_username(token) if not adp or not code or not stat or user['username'].lower( ) != username.lower(): return redirect(BLOG_LINK[:-1] + '/userspace/oauth-accounts?error={}'.format(third)) result = adp.add_user(username, code) if result: return redirect(BLOG_LINK[:-1] + '/userspace/oauth-accounts?succeed=' + third) else: return redirect(BLOG_LINK[:-1] + '/userspace/oauth-accounts?error=' + quote('Maybe this user is not available'))
def delete_user(): form = request.get_json() if not form: form = request.form username = form.get('username') token = get_token_from_request() if not all([username, token]): return {"success": False, 'msg': 'Bad Request'} valid, info = token_processor.is_su(token) if not valid: return {'success': False, 'msg': info} if info.get('su', 0) == 0: return {'success': False, 'msg': 'role error'} acm.delete_user(username, info.get('su', 0)) log.v("User deleted.", username=username, by=info.get('admin')) return {'success': True}
def getpostpage(p=None): p = p or request.args.get("p", -1, int) logged_in = True data = None token = get_token_from_request() if not token: logged_in = False else: state, data = token_processor.get_username(token) # print(data) logged_in = state if not logged_in: data = {'role': 0} post = ppl.find_post(p) if post: p = post['id'] level = logged_in + data['role'] if post and level >= post['secret']: username = data.get('username') post_data = dict(post, prev=ppl.get_prev(p, level, username), next=ppl.get_next(p, level, username)) else: post_data = { 'title': 'Page Not Found', 'subtitle': "Please check your post-id. Or try to Login.", 'date': datetime.datetime.now().strftime('%B %d, %Y'), 'tags': ['404'], 'content': '<p>There might be some problem here. Please check your input.</p>', 'id': -1, 'prev': -1, 'next': -1, 'secret': 0 if not post else post.get('secret', 0), 'author': { 'nickname': '' } } user_data = { 'username': data['username'], 'role': data['role'], 'token': token } if logged_in else None return render_template('post_vue.html', post=post_data, userData=user_data, info=BLOG_INFO)
def delete_post(): form = request.get_json() if not form: form = request.form pid = form.get('postID') token = get_token_from_request() valid, info = token_processor.get_username(token) if not valid: return {'success': False, 'msg': info} if info.get('role') == 0: return {'success': False, 'msg': 'role error'} success = ppl.remove_post(pid, info.get('role')) if success: log.v("Post deleted.", pid=pid) return { 'success': success, 'msg': 'You are not supposed to delete that post' }
def scan_code(code): token = get_token_from_request() def hndl_code(): if not code: return False, "No code" if not token: return False, "No token" valid, user = token_processor.get_username(token) if not valid: return False, "Invalid token" stat, info = auth_login.get_code(code) if not stat: return False, info auth_login.set_code(code, user) conn = auth_login.conns.get(code) return True, conn succ, info = hndl_code() return {"success": succ, "msg": info}
def confirm_code(code): token = get_token_from_request() succ, info = auth_login.get_code(code) valid, token_user = token_processor.get_username(token) def handler(): if not succ: return False, info if not valid: return False, token_user user = info.get("user", {}) username = user.get("username", "") role = user.get("role", 0) if username != token_user.get("username"): return False, "Wrong user" auth_login.confirm_login(code) return True, "Confirmed" succ, pld = handler() return {"success": succ, "data": pld}
def seo_main(): # return new_index() logged_in = True token = get_token_from_request() data = None if not token: logged_in = False else: state, data = token_processor.get_username(token) # print(data) logged_in = state if not logged_in: data = {'role': 0} tag = request.args.get('tag') catalog = request.args.get('catalog') page = request.args.get('page', 1, int) limit = request.args.get('limit', 6, int) offset = (page - 1) * limit level = logged_in + data['role'] posts = ppl.get_posts(offset, limit, level, tag, catalog) total = ppl.get_count(level) pages = total // limit + (total % limit > 0) user_data = { 'username': data['username'], 'role': data['role'], 'token': token } if logged_in else None tag = tag.capitalize() if tag else None return render_template('index_vue.html', posts=posts, userData=user_data, tag=tag, info=BLOG_INFO, pages={ 'total': total, "current": page, "pages": pages })
def all_post(): logged_in = True token = get_token_from_request() data = None if not token: logged_in = False else: state, data = token_processor.get_username(token) # print(data) logged_in = state if not logged_in: data = {'role': 0} level = logged_in + data['role'] page = request.args.get('page', 1, int) limit = request.args.get('limit', 20, int) tag = request.args.get('tag') catalog = request.args.get('catalog') offset = (page - 1) * limit username = data.get('username') total = ppl.filter_post(level, tag, catalog, username).count() pages = total // limit + (total % limit > 0) posts = ppl.get_posts(offset, limit, level, tag, catalog, username) return {'data': posts, 'total': total, 'pages': pages, 'valid': logged_in}
def get_su_token(): form = request.get_json() if not form: form = request.form token = get_token_from_request() username = None if token: stat, info = token_processor.get_username(token) if stat: username = info['username'] else: username = form.get('username') password = form.get('password') if not all([username, password]): return {'success': False, 'msg': 'Missing Username or Password'} status, code = acm.check_user(username, password) if not status or not code: return {'success': False, 'msg': 'Wrong Username or Password'} log.v("SuperUser token issued.", username=username, role=code) return { 'success': True, 'token': token_processor.iss_su_token(username, code) }
def add_edit_post(): form = request.get_json() if not form: form = request.form pid = form.get('postID') data = form.get('data') token = get_token_from_request() markdown = form.get('markdown', 0) if not all([data, token]): return {'success': False, 'msg': 'bad request'} valid, info = token_processor.get_username(token) if not valid: return {'success': False, 'msg': info} if info.get('role', 0) == 0 or info.get('role', 0) + 1 < data.get('secret', 0): return {'success': False, 'msg': 'role error'} if not pid: state = ppl.add_post(data, info['username'], markdown) else: state = ppl.edit_post(pid, data, info.get('role', 0), markdown) if state: emit('post_edited', {'id': pid}) # Broadcast to all clients. return {'success': state}
def get_post(p): logged_in = True data = None token = get_token_from_request() if not token: logged_in = False else: state, data = token_processor.get_username(token) # print(data) logged_in = state if not logged_in: data = {'role': 0} need_markdown = json.loads(request.args.get('markdown', "false").lower()) post = ppl.find_post(p, need_markdown) level = logged_in + data['role'] username = data.get('username') if post: return dict( post, prev=ppl.get_prev(post['id'], level, username), next=ppl.get_next(post['id'], level, username)) if level >= post['secret'] else None return None
def rss_feed(): logged_in = True token = get_token_from_request() data = None if not token: logged_in = False else: state, data = token_processor.get_username(token) # print(data) logged_in = state if not logged_in: data = {'role': 0} level = logged_in + data['role'] data = ppl.get_all_posts(level) rss = PyRSS2Gen.RSS2( title=BLOG_INFO['title'], link=BLOG_LINK, description=BLOG_INFO['motto'], lastBuildDate=datetime.datetime.now() if not len(data) else data[-1]['last_edit'], pubDate=datetime.datetime.now(), items=[ PyRSS2Gen.RSSItem( title=post['title'], description=post['subtitle'], author=post['author']['nickname'], link="{}post/{}".format(BLOG_LINK, quote(post['display_id'])) if post['display_id'] else '{}post?p={}'.format( BLOG_LINK, post['id']), guid=PyRSS2Gen.Guid( "{}post/{}".format(BLOG_LINK, post['display_id']) if post['display_id'] else '{}post?p={}'.format(post['id'])), categories=post['tags'], pubDate=post['created']) for post in data ]) return rss.to_xml('utf-8'), 201, {'Content-Type': 'application/xml'}
def token(self): return get_token_from_request()
def login_token(): token = get_token_from_request() if not token: return {'success': False, 'msg': 'Bad Params'} stat, payload = token_processor.get_username(token) return {'success': stat, 'payload': payload, 'msg': 'Bad token'}
def refresh_token(): token = get_token_from_request() stat, payload = token_processor.refresh_token(token) if stat: return {'success': True, 'token': payload['token']} return {'success': False, 'msg': payload}
def get_infos(): token = get_token_from_request() stat, info = token_processor.app_token_decode(token) return {'success': stat, 'info': info}