This repository has been archived by the owner on Oct 1, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapi.py
241 lines (190 loc) · 7.88 KB
/
api.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
from sanic import response
from sanic import Blueprint
from ext import *
from config import *
import sqlite3
import smtplib
from email.mime.text import MIMEText
import random
import string
import httpx
import json
import traceback
from sanic.log import logger
from email_util import send_app_login_attempt
bp = Blueprint("api", url_prefix="/manage/api")
@bp.route("/members.json")
async def api_members(request):
ret = []
for o in sorted(request.app.ctx.om.cache.values(), key=lambda x: len(x.room_members), reverse=True):
if o.status in ['expired', 'canceled']: continue
ret.append({
'code': o.code,
'sponsorship': o.sponsorship,
'is_fursuiter': o.is_fursuiter,
'name': o.name,
'has_early': o.has_early,
'has_late': o.has_late,
'propic': o.ans('propic'),
'propic_fursuiter': o.ans('propic_fursuiter'),
'staff_role': o.ans('staff_role'),
'country': o.country,
'room_id': o.room_id,
'is_checked_in': o.checked_in,
'points': random.randint(0,50) if random.random() > 0.3 else 0
})
return response.json(ret)
@bp.route("/leaderboard.json")
async def api_leaderboard(request):
ret = []
for o in request.app.ctx.om.cache.values():
if o.status in ['expired', 'canceled']: continue
ret.append({
'name': o.name,
'propic': o.ans('propic'),
'points': 0,
})
ret = sorted(ret, key=lambda x: x['points'], reverse=True)
return response.json(ret)
@bp.post("/feedback")
async def send_feedback(request):
try:
async with httpx.AsyncClient() as client:
r = await client.post(f"https://api.telegram.org/bot{TG_BOT_API}/sendMessage",
json = {'chat_id': TG_CHAT_ID, 'text': str(request.json)}
)
except:
return response.json({'ok': False, 'error': 'There has been an issue sending your feedback.'})
else:
return response.json({'ok': True, 'message': 'Your feedback has been sent'})
@bp.post("/event_feedback")
async def send_event_feedback(request):
with open('data/event_feedback.json', 'a') as f:
f.write(json.dumps(request.json)+"\n")
return response.json({'ok': True, 'message': 'Your feedback has been sent'})
@bp.route("/events.json")
async def show_events(request):
with sqlite3.connect('data/event.db') as db:
db.row_factory = sqlite3.Row
events = db.execute('SELECT * FROM event ORDER BY start ASC')
r = response.json([dict(x) for x in events])
r.headers["Access-Control-Allow-Origin"] = "*"
return r
@bp.get("/logout")
async def logout(request):
if not request.token:
return response.json({'ok': False, 'error': 'You need to provide a token.'}, status=401)
user = await request.app.ctx.om.get_order(code=request.token[:5])
if not user or user.app_token != request.token[5:]:
return response.json({'ok': False, 'error': 'The token you have provided is not valid.'}, status=401)
await user.edit_answer('app_token', None)
await user.send_answers()
return response.json({'ok': True, 'message': 'You have been logged out and this token has been destroyed.'})
@bp.get("/test")
async def token_test(request):
if not request.token:
return response.json({'ok': False, 'error': 'You need to provide a token.'}, status=401)
user = await request.app.ctx.om.get_order(code=request.token[:5])
if not user or user.app_token != request.token[5:]:
return response.json({'ok': False, 'error': 'The token you have provided is not correct.'}, status=401)
return response.json({'ok': True, 'message': 'This token is valid :)'})
@bp.get("/ping")
async def ping(request):
return response.text("pong")
@bp.get("/welcome")
async def welcome_app(request):
ret = {
'phone': None,
'message': 'Reception open now!'
}
if not request.token:
return response.json(ret)
o = await request.app.ctx.om.get_order(code=request.token[:5])
if not o or o.app_token != request.token[5:]:
return response.json({'ok': False, 'error': 'The token you have provided is not correct.'}, status=401)
return response.json({
'code': o.code,
'sponsorship': o.sponsorship,
'is_fursuiter': o.is_fursuiter,
'name': o.name,
'has_early': o.has_early,
'has_late': o.has_late,
'propic': o.ans('propic'),
'propic_fursuiter': o.ans('propic_fursuiter'),
'staff_role': o.ans('staff_role'),
'country': o.country,
'is_checked_in': o.checked_in,
'points': random.randint(0,50) if random.random() > 0.3 else 0,
'can_scan_nfc': o.can_scan_nfc,
'room_id': o.room_id,
#'mail': o.email,
'actual_room_id': o.actual_room,
**ret
})
@bp.get("/scan/<nfc_id>")
async def nfc_scan(request, nfc_id):
return response.text("Nope")
if not request.token:
return response.json({'ok': False, 'error': 'You need to provide a token.'}, status=401)
user = await request.app.ctx.om.get_order(code=request.token[:5])
if not user or user.app_token != request.token[5:]:
return response.json({'ok': False, 'error': 'The token you have provided is not correct.'}, status=401)
if not user.can_scan_nfc:
return response.json({'ok': False, 'error': 'You cannot scan NFC at this time.'}, status=401)
for o in request.app.ctx.om.cache.values():
if nfc_id in [o.nfc_id, o.code, o.barcode]:
room_owner = request.app.ctx.om.cache[o.room_id]
return response.json({
'code': o.code,
'sponsorship': o.sponsorship,
'is_fursuiter': o.is_fursuiter,
'name': o.name,
'has_early': o.has_early,
'has_late': o.has_late,
'propic': o.ans('propic'),
'propic_fursuiter': o.ans('propic_fursuiter'),
'staff_role': o.ans('staff_role'),
'country': o.country,
'is_checked_in': o.checked_in,
'points': random.randint(0,50) if random.random() > 0.3 else 0,
'comment': o.comment,
'actual_room_id': o.actual_room,
'phone': o.phone,
'room_id': o.room_id,
'telegram_username': o.telegram_username,
'roommates': {x: (await request.app.ctx.om.get_order(code=x, cached=True)).name for x in room_owner.room_members if x != o.code}
})
return response.json({'ok': False, 'error': 'This NFC tag is not valid.'})
@bp.get("/get_token/<code>/<login_code>")
async def get_token_from_code(request, code, login_code):
if not code in request.app.ctx.login_codes:
if DEV_MODE and EXTRA_PRINTS:
logger.debug(request.app.ctx.login_codes)
return response.json({'ok': False, 'error': 'You need to reauthenticate. The code has expired.'}, status=401)
if request.app.ctx.login_codes[code][1] == 0:
del request.app.ctx.login_codes[code]
return response.json({'ok': False, 'error': 'Too many tries. Please reauthenticate again.'}, status=401)
if request.app.ctx.login_codes[code][0] != login_code:
request.app.ctx.login_codes[code][1] -= 1
return response.json({'ok': False, 'error': 'The login code is incorrect. Try again.'}, status=401)
user = await request.app.ctx.om.get_order(code=code)
token = ''.join(random.choice(string.ascii_letters) for _ in range(48))
await user.edit_answer('app_token', token)
await user.send_answers()
return response.json({'ok': True, 'token': code+token})
@bp.route("/get_token/<code>")
async def get_token(request, code):
user = await request.app.ctx.om.get_order(code=code)
if not user:
return response.json({'ok': False, 'error': 'The user you have requested does not exist.'}, status=404)
if user.status in ['expired', 'canceled']:
return response.json({'ok': False, 'error': 'This user is not allowed to login because the order has been canceled.'}, status=401)
if not user.email:
return response.json({'ok': False, 'error': 'This user has not provided their email.'}, status=401)
request.app.ctx.login_codes[code] = [''.join(random.choice(string.digits) for _ in range(6)), 3]
try:
await send_app_login_attempt(user, request.app.ctx.login_codes[code][0])
except Exception:
logger.error(f"[API] [GET_TOKEN] Error while sending email.\n{traceback.format_exc()}")
return response.json({'ok': False, 'error': 'There has been an issue sending your e-mail. Please try again later or report to an admin.'}, status=500)
return response.json({'ok': True, 'message': 'A login code has been sent to your email.'})