diff options
Diffstat (limited to 'app.py')
| -rw-r--r-- | app.py | 71 |
1 files changed, 50 insertions, 21 deletions
@@ -1,3 +1,4 @@ +from gevent import monkey; monkey.patch_all() # MUST BE FIRST IMPORT from bottle import Bottle, run, debug, static_file, request, redirect, response, HTTPError from bottle import jinja2_template as template from oauthlib.oauth2 import WebApplicationClient @@ -11,25 +12,29 @@ from bottle.ext import sqlite load_dotenv() CLIENT_ID = os.environ.get("CLIENT_ID") # DOTENV ligger paa discorden, repoet er publkic saa det -CLIENT_SECRET = os.environ.get("CLIENT_ID") # DOTENV PAHAHAH +CLIENT_SECRET = os.environ.get("CLIENT_SECRET") # DOTENV PAHAHAH REDIRECT_URI = "https://localhost:8080/callback" AUTH_BASE_URL = 'https://oauth.battle.net/authorize' TOKEN_URL = "https://oauth.battle.net/token" client = WebApplicationClient(CLIENT_ID) -db = sqlite3.connect("thisisadatabasethatcontainsdata.db") -db.execute(""" +DB_PATH = "thisisadatabasethatcontainsdata.db" + +connection = sqlite3.connect(DB_PATH) +cursor = connection.cursor() +cursor.executescript(""" CREATE TABLE IF NOT EXISTS applications ( - name VARCHAR(32), - role VARCHAR(32), - motivation TEXT - ) + username VARCHAR(12) NOT NULL, + preferredRole VARCHAR(6) NOT NULL, + motivation TEXT NOT NULL, + userId INTEGER UNIQUE NOT NULL + ); """) -db.commit() -db.close() +cursor.close() +connection.close() app = Bottle() -plugin = sqlite.Plugin(dbfile="thisisadatabasethatcontainsdata.db") +plugin = sqlite.Plugin(dbfile=DB_PATH) app.install(plugin) @app.route("/") @@ -37,6 +42,10 @@ app.install(plugin) def index(): return template("index") [email protected]("/join_intro.html") +def join_intro(): + return template("join_intro") + @app.route("/battle") def battle(): state = secrets.token_urlsafe(16) @@ -45,23 +54,32 @@ def battle(): return redirect(authorization_url) @app.route('/callback') -def callback(): +def join_form(): state = request.get_cookie('oauth_state') - code = request.query.get('code') oauth2_session = OAuth2Session(CLIENT_ID, state=state, redirect_uri=REDIRECT_URI) token_response = oauth2_session.fetch_token(TOKEN_URL, authorization_response=request.url, client_secret=CLIENT_SECRET) - return f'Access token: {token_response.get("access_token")}' + # Get the user ID of the just authenticated user. As per the API + # documentation, this should be used to identify users. + # + # See: https://develop.battle.net/documentation/guides/regionality-and-apis#:~:text=Developers%20should%20use%20an%20accountId + query_parameters = { + "region": "eu", + } + response = oauth2_session.get("https://oauth.battle.net/oauth/userinfo", params=query_parameters) + response.raise_for_status() + user_info = response.json() + user_id = user_info["id"] [email protected]("/join.html") -def join_form(): - return template("join") + # We pass the token retrieved here so it can be submitted with the rest of the application. + return template("join_form", user_id=user_id) [email protected]("/join.html", method="POST") [email protected]("/callback", method="POST") def join_submission(db: sqlite3.Connection): name = request.forms.get("name") preferred_role = request.forms.get("preferredRole") motivation = request.forms.get("motivation") + user_id = request.forms.get("userId") if name == None or name.strip() == "": raise HTTPError(400, "Namefield is empty or missing. ( warning: this is not good )") @@ -71,10 +89,21 @@ def join_submission(db: sqlite3.Connection): raise HTTPError(400, "Preferred role must be one of the options (DPS, Tank, Healer) ( idiot )") if motivation == None or motivation.strip() == "": raise HTTPError(400, "Motivitaion field is empty or missing.") - - db.execute("SELECT * FROM applications").fetchone() + if user_id == None or not user_id.isdigit(): + raise HTTPError(400, "Missing or invalid user id") + + try: + db.execute("INSERT INTO applications(username, preferredRole, motivation, userId) VALUES (?, ?, ?, ?)", (name, preferred_role, motivation, user_id)) + except sqlite3.IntegrityError as e: + print(e.sqlite_errorcode == sqlite3.SQLITE_CONSTRAINT_UNIQUE) + print(str(e)) + if e.sqlite_errorcode == sqlite3.SQLITE_CONSTRAINT_UNIQUE: + # The database (model) rejected the application because the unique constraint wasn't met! + raise HTTPError(400, "You've already submitted an application!") + else: + raise - db.execute("INSERT INTO applications(name, role, motivation) VALUES (?, ?, ?)", (name, preferred_role, motivation)) + return template("join_success") @app.route("/<type:re:styles|images>/<filename>") def server_static(type, filename): @@ -82,4 +111,4 @@ def server_static(type, filename): debug(True) run(app, host='localhost', port=8080, reloader=True, - server="waitress", keyfile="./pki/server.key", certfile="./pki/server.crt") + server="gevent", keyfile="./pki/server.key", certfile="./pki/server.crt") |