def get_current_token():
db = DBSession()
if(db is not None):
with db.connection as conn:
with conn.cursor() as cur:
sql = """
SELECT access_token,
refresh_token,
token_expires_on
FROM oauth
WHERE app_name = 'patreon'"""
cur.execute(sql)
row = cur.fetchone()
token = {
'access_token': config.patreon.access_token,
'refresh_token': config.patreon.refresh_token,
'token_type': 'Bearer',
'token_expires_in': '3000'
}
if(row is None):
init_oauth(db)
else:
token['access_token'] = util.decrypt(row[0])
token['refresh_token'] = util.decrypt(row[1])
if(row[2] is not None):
token['token_expires_in'] = str(row[2] - int(time()))
else:
token['token_expires_in'] = -1
if(int(token['token_expires_in']) < 0):
client = OAuth2Session(config.patreon.client_id,
token=token)
new_token = client.refresh_token(
config.patreon.token_url,
client_id=config.patreon.client_id,
client_secret=config.patreon.client_secret
)
if not(new_token == token):
token = new_token
expires_in = token.get('token_expires_in',
config.session_max_age)
sql = """
UPDATE oauth
SET access_token = %s,
refresh_token = %s,
token_expires_on = %s
WHERE app_name = 'patreon'"""
cur.execute(sql, (
util.encrypt(token['access_token']),
util.encrypt(token['refresh_token']),
int(expires_in) + int(time())
))
return token
return None
def set_property(key, value):
if not value or value == get_property(key):
return
db = DBSession()
if db is not None:
with db.connection as conn:
with conn.cursor() as cur:
sql = ''
if get_property(key, None) is None:
# Insert
sql = """
INSERT INTO properties
(
value,
key
)
VALUES (
%s,
%s
)"""
else:
# Update
sql = """
UPDATE properties
SET value = %s
WHERE key = %s"""
cur.execute(sql, (encrypt(value), key))
this.cache[key] = value
def _create_new_user(self):
if self.db is not None and self.mastodon_id > 0 and self.username:
app_password_plain = generate_app_password()
self.app_password = encrypt(app_password_plain)
self.app_password_hash = md5(
app_password_plain.encode('utf-8')).hexdigest()
with self.db.connection as conn:
with conn.cursor() as cur:
sql = """
INSERT INTO users
(
mastodon_id,
username,
app_password,
app_password_hash
)
VALUES
(
%s,
%s,
%s,
%s
)"""
cur.execute(sql, (
self.mastodon_id,
self.username,
self.app_password,
self.app_password_hash
))
self.uid = User.uid_from_mastodon_id(self.mastodon_id)
def generate_state(env, csrf_clerk):
# if redirect_to is set, remember that instead of the current location
get_vars = retrieve_get_vars(env)
location = get_vars.get('redirect_to', [env['PATH_INFO']])[0]
csrf_token = csrf_clerk.register('oauth-authorization')
# oauth state is a list of a csrf token and the location
oauth_state = [csrf_token, location]
# return oauth_state jsonified and encrypted
return encrypt(json.dumps(oauth_state))
def init_oauth():
db = DBSession()
if db is not None:
with db.connection as conn:
with conn.cursor() as cur:
access_token = util.encrypt(config.patreon.access_token)
refresh_token = util.encrypt(config.patreon.refresh_token)
sql = """
INSERT INTO oauth
(
app_name,
access_token,
refresh_token
)
SELECT
'patreon',
%s,
%s
WHERE NOT EXISTS
(
SELECT 1 FROM oauth WHERE app_name = 'patreon'
)"""
cur.execute(sql, (access_token, refresh_token))
def reset_app_password(self):
if self.db is not None and self.uid > 0:
app_password_plain = generate_app_password()
self.app_password = encrypt(app_password_plain)
self.app_password_hash = md5(
app_password_plain.encode('utf-8')).hexdigest()
with self.db.connection as conn:
with conn.cursor() as cur:
sql = """
UPDATE users
SET app_password = %s,
app_password_hash = %s
WHERE id = %s"""
cur.execute(sql, (
self.app_password,
self.app_password_hash,
self.uid
))