contentdb/app/blueprints/users/claim.py

121 lines
4.3 KiB
Python
Raw Normal View History

2020-07-12 17:34:25 +02:00
# ContentDB
2021-01-30 17:59:42 +01:00
# Copyright (C) 2018-21 rubenwardy
2020-01-24 19:15:09 +01:00
#
# This program is free software: you can redistribute it and/or modify
2021-01-30 17:59:42 +01:00
# it under the terms of the GNU Affero General Public License as published by
2020-01-24 19:15:09 +01:00
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2021-01-30 17:59:42 +01:00
# GNU Affero General Public License for more details.
2020-01-24 19:15:09 +01:00
#
2021-01-30 17:59:42 +01:00
# You should have received a copy of the GNU Affero General Public License
2020-01-24 19:15:09 +01:00
# along with this program. If not, see <https://www.gnu.org/licenses/>.
from . import bp
from flask import redirect, render_template, session, request, flash, url_for
from app.models import db, User, UserRank
2020-12-15 13:29:25 +01:00
from app.utils import randomString, login_user_set_active
2020-01-24 19:15:09 +01:00
from app.tasks.forumtasks import checkForumAccount
from app.tasks.phpbbparser import getProfile
import re
2020-12-15 13:29:25 +01:00
def check_username(username):
return username is not None and len(username) >= 2 and re.match("^[A-Za-z0-9._-]*$", username)
2020-01-24 19:15:09 +01:00
2020-12-15 13:29:25 +01:00
2020-12-22 11:58:43 +01:00
2020-01-24 19:15:09 +01:00
@bp.route("/user/claim/", methods=["GET", "POST"])
def claim():
2020-12-22 11:58:43 +01:00
return render_template("users/claim.html")
@bp.route("/user/claim-forums/", methods=["GET", "POST"])
def claim_forums():
2020-01-24 19:15:09 +01:00
username = request.args.get("username")
if username is None:
username = ""
else:
method = request.args.get("method")
if not check_username(username):
flash("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin", "danger")
2020-12-22 11:58:43 +01:00
return redirect(url_for("users.claim_forums"))
2020-01-24 19:15:09 +01:00
user = User.query.filter_by(forums_username=username).first()
if user and user.rank.atLeast(UserRank.NEW_MEMBER):
flash("User has already been claimed", "danger")
2020-12-22 11:58:43 +01:00
return redirect(url_for("users.claim_forums"))
elif method == "github":
if user is None or user.github_username is None:
2020-12-22 11:58:43 +01:00
flash("Unable to get GitHub username for user", "danger")
return redirect(url_for("users.claim_forums", username=username))
else:
return redirect(url_for("github.start"))
2020-01-24 19:15:09 +01:00
if "forum_token" in session:
token = session["forum_token"]
else:
2020-12-22 11:58:43 +01:00
token = randomString(12)
2020-01-24 19:15:09 +01:00
session["forum_token"] = token
if request.method == "POST":
ctype = request.form.get("claim_type")
username = request.form.get("username")
if not check_username(username):
flash("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin", "danger")
2020-01-24 19:15:09 +01:00
elif ctype == "github":
task = checkForumAccount.delay(username)
2020-12-22 11:58:43 +01:00
return redirect(url_for("tasks.check", id=task.id, r=url_for("users.claim_forums", username=username, method="github")))
2020-01-24 19:15:09 +01:00
elif ctype == "forum":
user = User.query.filter_by(forums_username=username).first()
if user is not None and user.rank.atLeast(UserRank.NEW_MEMBER):
flash("That user has already been claimed!", "danger")
2020-12-22 11:58:43 +01:00
return redirect(url_for("users.claim_forums"))
2020-01-24 19:15:09 +01:00
# Get signature
sig = None
try:
profile = getProfile("https://forum.minetest.net", username)
sig = profile.signature if profile else None
except IOError as e:
if hasattr(e, 'message'):
message = e.message
else:
message = str(e)
flash("Error whilst attempting to access forums: " + message, "danger")
2020-12-22 11:58:43 +01:00
return redirect(url_for("users.claim_forums", username=username))
if profile is None:
2020-01-24 19:15:09 +01:00
flash("Unable to get forum signature - does the user exist?", "danger")
2020-12-22 11:58:43 +01:00
return redirect(url_for("users.claim_forums", username=username))
2020-01-24 19:15:09 +01:00
# Look for key
2020-09-15 16:48:03 +02:00
if sig and token in sig:
# Try getting again to fix crash
user = User.query.filter_by(forums_username=username).first()
2020-01-24 19:15:09 +01:00
if user is None:
user = User(username)
user.forums_username = username
db.session.add(user)
db.session.commit()
2020-12-15 13:29:25 +01:00
if login_user_set_active(user, remember=True):
2020-01-24 19:15:09 +01:00
return redirect(url_for("users.set_password"))
else:
flash("Unable to login as user", "danger")
2020-12-22 11:58:43 +01:00
return redirect(url_for("users.claim_forums", username=username))
2020-01-24 19:15:09 +01:00
else:
flash("Could not find the key in your signature!", "danger")
2020-12-22 11:58:43 +01:00
return redirect(url_for("users.claim_forums", username=username))
2020-01-24 19:15:09 +01:00
else:
flash("Unknown claim type", "danger")
2020-12-22 11:58:43 +01:00
return render_template("users/claim_forums.html", username=username, key="cdb_" + token)