1
Fork 0
mirror of https://github.com/RYGhub/royalnet.git synced 2024-11-27 13:34:28 +00:00
royalnet/webserver.py

97 lines
2.8 KiB
Python
Raw Normal View History

2018-05-07 10:51:24 +00:00
from flask import Flask, render_template, request, abort, redirect, url_for
from flask import session as fl_session
import db
from sqlalchemy import func, alias
import bcrypt
import configparser
2018-06-01 11:45:45 +00:00
import requests
2017-10-25 09:09:06 +00:00
app = Flask(__name__)
app.jinja_env.trim_blocks = True
app.jinja_env.lstrip_blocks = True
2018-05-07 10:51:24 +00:00
config = configparser.ConfigParser()
config.read("config.ini")
app.secret_key = config["Flask"]["secret_key"]
2018-03-12 12:29:12 +00:00
2018-01-25 14:24:17 +00:00
@app.route("/")
2018-06-01 11:45:45 +00:00
def page_main():
if fl_session.get("username"):
return render_template("main.html", easter_egg=config["Flask"]["easter_egg"])
return redirect(url_for("page_login"))
2018-02-02 10:46:27 +00:00
2017-11-07 17:44:00 +00:00
2018-05-07 10:51:24 +00:00
@app.route("/login")
def page_login():
return render_template("login.html")
2018-06-01 11:45:45 +00:00
@app.route("/loggedin", methods=["POST"])
2018-05-07 10:51:24 +00:00
def page_loggedin():
2018-06-01 11:45:45 +00:00
username = request.form.get("username", "")
password = request.form.get("password", "")
db_session = db.Session()
user = db_session.query(db.Royal).filter_by(username=username).one_or_none()
db_session.close()
if user is None:
abort(403)
return
if user.password is None:
fl_session["username"] = username
return redirect(url_for("page_password"))
if bcrypt.checkpw(bytes(password, encoding="utf8"), user.password):
fl_session["username"] = username
return redirect(url_for("page_main"))
else:
abort(403)
return
2018-05-07 10:51:24 +00:00
@app.route("/password", methods=["GET", "POST"])
def page_password():
username = fl_session.get("username")
if request.method == "GET":
if username is None:
abort(403)
return
return render_template("password.html")
elif request.method == "POST":
2018-06-01 11:45:45 +00:00
new_password = request.form.get("new", "")
2018-05-07 10:51:24 +00:00
db_session = db.Session()
2018-06-01 11:45:45 +00:00
user = db_session.query(db.Royal).filter_by(username=username).one()
if user.password is None:
2018-05-07 10:51:24 +00:00
user.password = bcrypt.hashpw(bytes(new_password, encoding="utf8"), bcrypt.gensalt())
db_session.commit()
db_session.close()
2018-06-01 11:45:45 +00:00
return redirect(url_for("page_main"))
2018-05-07 10:51:24 +00:00
else:
db_session.close()
abort(403)
2018-06-01 11:45:45 +00:00
return
@app.route(config["Flask"]["easter_egg"])
def page_easter_egg():
username = fl_session.get("username")
if username is None:
abort(403)
return
db_session = db.Session()
user = db_session.query(db.Telegram).join(db.Royal).filter_by(username=username).one()
db_session.close()
requests.get("https://api.telegram.org/bot490383363:AAG-_iipLeU2Vl0CfAG-YbRzy-mAndfANBc/sendDocument", params={
"chat_id": user.telegram_id,
"document": "BQADAgADqgEAAu2JiEjObmr6xD7y7AI",
"caption": "Super-secret file"
})
2018-05-07 10:51:24 +00:00
2017-10-25 09:09:06 +00:00
if __name__ == "__main__":
2017-10-27 09:53:05 +00:00
try:
2018-05-26 08:50:54 +00:00
app.run(host="0.0.0.0", port=1234, debug=__debug__)
2017-10-27 09:53:05 +00:00
except KeyboardInterrupt:
2018-01-25 14:29:38 +00:00
pass