From 48e047918fd3b2392268cbd181dd176c991a65a9 Mon Sep 17 00:00:00 2001 From: Stefano Pigozzi Date: Fri, 1 Jun 2018 13:45:45 +0200 Subject: [PATCH] Costruita centrale nucleare --- discordbot.py | 2 - telegrambot.py | 3 +- templates/main.html | 47 +++++++++++++----- templates/password.html | 24 +++++---- webserver.py | 106 +++++++++++++++++----------------------- 5 files changed, 92 insertions(+), 90 deletions(-) diff --git a/discordbot.py b/discordbot.py index 13e0ef99..19d51322 100644 --- a/discordbot.py +++ b/discordbot.py @@ -242,8 +242,6 @@ async def update_users_pipe(users_connection): if msg == "/cv": discord_members = list(client.get_server(config["Discord"]["server_id"]).members) users_connection.send(discord_members) - if msg == "/uranium": - await add_video_from_url("https://www.youtube.com/watch?v=iutuQbMAx04") def command(func): diff --git a/telegrambot.py b/telegrambot.py index 5aba8f34..89c6b232 100644 --- a/telegrambot.py +++ b/telegrambot.py @@ -361,8 +361,7 @@ def cmd_eat(bot: Bot, update: Update): return if food.startswith("Uran") and discord_connection is not None: bot.send_message(update.message.chat.id, "☢️ Ti senti improvvisamente radioattivo.\n\n" - "__Qualcosa sta succedendo da qualche parte!__") - discord_connection.send("/uranium") + "__Il sito RYG, https://rygc.steffo.eu/, si è aggiornato!__") return elif "tonnuooooooro" in food.lower(): bot.send_message(update.message.chat.id, "👻 Il pesce che hai mangiato era posseduto.\n" diff --git a/templates/main.html b/templates/main.html index 4e424b6c..21cfd9b6 100644 --- a/templates/main.html +++ b/templates/main.html @@ -4,19 +4,42 @@ Royal Games {% endblock %} +{% block posthead %} + +{% endblock %} + {% block body %}

- Login + Admin Dashboard

-
- - - - - -
+ +

+ for +

+

+ useless Consiglio +

+

+ random russian insults +

+

+ some random messages from Telegram +

+

+ either @EvilBalu or @Protoh +

+

+ super secret file +

+

+

GDPR compliance

+ Download RYG members' passwords +

{% endblock %} \ No newline at end of file diff --git a/templates/password.html b/templates/password.html index 1bcbc806..9e5a9a4e 100644 --- a/templates/password.html +++ b/templates/password.html @@ -1,20 +1,18 @@ - - - - - Login - - +{% extends 'base.html' %} + +{% block pagetitle %} + Royal Games +{% endblock %} + +{% block body %} +

+ Set a password +

-
- - \ No newline at end of file +{% endblock %} \ No newline at end of file diff --git a/webserver.py b/webserver.py index 39124c90..9e362ef9 100644 --- a/webserver.py +++ b/webserver.py @@ -4,6 +4,7 @@ import db from sqlalchemy import func, alias import bcrypt import configparser +import requests app = Flask(__name__) @@ -17,37 +18,10 @@ app.secret_key = config["Flask"]["secret_key"] @app.route("/") -def page_index(): - return render_template("index.html") - - -@app.route("/diario") -def page_diario(): - db_session = db.Session() - diario_data = db_session.query(db.Diario).outerjoin((db.Telegram, db.Diario.author), aliased=True).outerjoin(db.Royal, aliased=True).outerjoin((db.Telegram, db.Diario.saver), aliased=True).outerjoin(db.Royal, aliased=True).all() - db_session.close() - return render_template("diario.html", diario_data=diario_data) - - -@app.route("/leaderboards") -def page_leaderboards(): - db_session = db.Session() - dota_data = db_session.query(db.Dota).join(db.Steam).join(db.Royal).order_by(db.Dota.rank_tier).all() - rl_data = db_session.query(db.RocketLeague).join(db.Steam).join(db.Royal).order_by(db.RocketLeague.doubles_mmr).all() - ow_data = db_session.query(db.Overwatch).join(db.Royal).order_by(db.Overwatch.rank).all() - osu_data = db_session.query(db.Osu).join(db.Royal).order_by(db.Osu.std_pp).all() - lol_data = db_session.query(db.LeagueOfLegends).join(db.Royal).order_by(db.LeagueOfLegends.summoner_name).all() - db_session.close() - return render_template("leaderboards.html", dota_data=dota_data, rl_data=rl_data, ow_data=ow_data, osu_data=osu_data, lol_data=lol_data) - - -@app.route("/music") -def page_music(): - db_session = db.Session() - music_counts = db_session.query(db.PlayedMusic.filename, alias(func.count(db.PlayedMusic.filename), "count")).order_by("count").group_by(db.PlayedMusic.filename).all() - music_last = db_session.query(db.PlayedMusic).join(db.Discord).join(db.Royal).order_by(db.PlayedMusic.id.desc()).limit(50).all() - db_session.close() - return render_template("music.html", music_counts=music_counts, music_last=music_last) +def page_main(): + if fl_session.get("username"): + return render_template("main.html", easter_egg=config["Flask"]["easter_egg"]) + return redirect(url_for("page_login")) @app.route("/login") @@ -55,32 +29,25 @@ def page_login(): return render_template("login.html") -@app.route("/loggedin", methods=["GET", "POST"]) +@app.route("/loggedin", methods=["POST"]) def page_loggedin(): - if request.method == "GET": - username = fl_session.get("username") - if username is None: - return "Not logged in" - else: - return username - elif request.method == "POST": - username = request.form["username"] - password = request.form["password"] - db_session = db.Session() - user = db_session.query(db.Royal).filter_by(username=username).one_or_none() - db_session.close() - if user is None: - abort(403) - return - if user.password is None: - fl_session["username"] = username - return redirect(url_for(page_password)) - if bcrypt.checkpw(bytes(password, encoding="utf8"), user.password): - fl_session["username"] = username - return username - else: - abort(403) - return + username = request.form.get("username", "") + password = request.form.get("password", "") + db_session = db.Session() + user = db_session.query(db.Royal).filter_by(username=username).one_or_none() + db_session.close() + if user is None: + abort(403) + return + if user.password is None: + fl_session["username"] = username + return redirect(url_for("page_password")) + if bcrypt.checkpw(bytes(password, encoding="utf8"), user.password): + fl_session["username"] = username + return redirect(url_for("page_main")) + else: + abort(403) + return @app.route("/password", methods=["GET", "POST"]) @@ -92,18 +59,35 @@ def page_password(): return return render_template("password.html") elif request.method == "POST": - old_password = request.form.get("old") - new_password = request.form["new"] + new_password = request.form.get("new", "") db_session = db.Session() - user = db_session.query(db.Royal).filter_by(username=username).one_or_none() - if user.password is None or bcrypt.checkpw(bytes(old_password, encoding="utf8"), user.password): + user = db_session.query(db.Royal).filter_by(username=username).one() + if user.password is None: user.password = bcrypt.hashpw(bytes(new_password, encoding="utf8"), bcrypt.gensalt()) db_session.commit() db_session.close() - return "Password changed" + return redirect(url_for("page_main")) else: db_session.close() abort(403) + return + + +@app.route(config["Flask"]["easter_egg"]) +def page_easter_egg(): + username = fl_session.get("username") + if username is None: + abort(403) + return + db_session = db.Session() + user = db_session.query(db.Telegram).join(db.Royal).filter_by(username=username).one() + db_session.close() + requests.get("https://api.telegram.org/bot490383363:AAG-_iipLeU2Vl0CfAG-YbRzy-mAndfANBc/sendDocument", params={ + "chat_id": user.telegram_id, + "document": "BQADAgADqgEAAu2JiEjObmr6xD7y7AI", + "caption": "Super-secret file" + }) + if __name__ == "__main__": try: