from flask import Flask,redirect,url_for,request,render_template,make_response from datetime import datetime from hashlib import sha256 from uuid import uuid4 as uuid ## Import db class from func.py and initialise it from func import db db=db() db.startup() app = Flask(__name__) ## CUSTOM FILTERS @app.template_filter('ctime') def timectime(s): return datetime.utcfromtimestamp(s).strftime('%Y-%m-%d %H:%M') @app.template_filter('spacer') def convsize(s): sizes=("B","KB","MB","GB","TB") n=0 while s > 1000: n+=1 s=s/1000 return str("%.2f" % s)+sizes[n] ## WEB FRONTEND @app.route('/') def homepage(): # try to get userdata, else logout state print(request.base_url) try: logged_in,userdata=get_login_info(request.cookies.get('session')) except Exception as e: logged_in,userdata=False,() #try: # TODO: CLEAN! # # get sesskey and get info about user # sesskey=request.cookies.get('session') # res,userid=db.check_sesskey(sesskey) # if not res: # return 500 # userdata=db.get_user_info(userid) # logged_in=True #except Exception as e: # logged_in=False # userdata=() archives=db.get_n_archives() return render_template("home.html", title="Homepage",userdata=userdata,login=logged_in,archives=archives) @app.route('/user') @app.route('/user/') def userpage(userid:int=0): if userid == 0: return make_response(redirect('/')) @app.route('/login', methods=["GET","POST"]) def loginpage(): # POST: Process login request if request.method == 'POST': username=request.form['username'] password=sha256(request.form['password'].encode()).hexdigest() code,userid,passhash=db.get_passhash(username) if code != 200: return passhash # if passwords match, create session and return cookie if password.upper() == passhash.upper(): lifetime=3000000 # lifetime of the sesskey in seconds sesskey=str(uuid()) db.set_sesskey(sesskey,userid,lifetime) resp=setcookie("session",sesskey,lifetime) return resp else: return "

You've entered the wrong password. This incident will be reported.


Go back and try again." # GET: Login form else: return render_template("login.html", title="Login") @app.route('/search') def searchpage(): # try to get userdata, else logout state try: logged_in,userdata=get_login_info(request.cookies.get('session')) except Exception as e: logged_in,userdata=False,() # try to set all required variables, else defaults try: sorttype=request.args['sort'] except Exception as e: sorttype="time" try: category=request.args['category'] except Exception as e: category=0 try: keywords=request.args['q'] keywords="".join(keywords).split(" ") except Exception as e: keywords=[] try: count=request.args['count'] except Exception as e: count=20 archives=db.get_n_archives(sorttype,category,keywords,count) catlist=db.get_all_categories() htmlcatlist=[] # parse all categories and sort them into select box for cat in catlist: if not cat[2]: htmlcatlist.append((cat[0],cat[1])) parent=cat[1] parentid=cat[0] for i in catlist: if i[2] == parentid: htmlcatlist.append((i[0],f"{parent}/{i[1]}")) return render_template("search.html", title="Advanced Search",categories=htmlcatlist,userdata=userdata,login=logged_in,archives=archives) ## FUNCTIONS ## Checks if given sesskey is valid and returns user data ## OUTPUT: (if sesskey valid) logged_in:bool=True, userdata:tup ## (if sesskey invalid) def get_login_info(sesskey:str): logged_in,userid=db.check_sesskey(sesskey) if logged_in: userdata=db.get_user_info(userid) else: userdata=() return logged_in,userdata def setcookie(name:str,value:str,lifetime:int=10000): resp = make_response(redirect('/')) resp.set_cookie(name, value, max_age=lifetime) return resp ## API CALLS (NO THANKS) # main driver function if __name__ == '__main__': # run app if executed directly app.run()