1
0
Fork 0
mirror of https://github.com/Lynnesbian/FediBooks/ synced 2024-11-25 16:48:58 +00:00

Compare commits

..

No commits in common. "86f68cfa370ab1b80941c0434d2ee59ce6249af1" and "7a1658c3c951ddc1dbfee0947616bad55b576433" have entirely different histories.

5 changed files with 34 additions and 94 deletions

3
.github/FUNDING.yml vendored
View file

@ -1,3 +0,0 @@
patreon: Lynnesbian
ko_fi: Lynnesbian
custom: https://www.paypal.me/Lynnesbian

View file

@ -3,5 +3,5 @@ markovify==0.7.1
beautifulsoup4==4.7.1
requests==2.22.0
Flask==1.1.1
flask-mysqldb==0.2.0
mysql-connector-python==8.0.17
bcrypt == 3.1.7

View file

@ -1,23 +1,18 @@
USE `fedibooks`;
CREATE TABLE IF NOT EXISTS `users` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`id` BINARY(64) PRIMARY KEY,
`email` VARCHAR(128) UNIQUE NOT NULL,
`password` BINARY(60) NOT NULL,
`password` BINARY(60) NOT NULL
);
CREATE TABLE IF NOT EXISTS `contact_settings` (
FOREIGN KEY (`user_id`) REFERENCES users(id) ON DELETE CASCADE,
`fetch` ENUM('always', 'once', 'never') DEFAULT 'once',
`submit` ENUM('always', 'once', 'never') DEFAULT 'once',
`generation` ENUM('always', 'once', 'never') DEFAULT 'once',
`reply` ENUM('always', 'once', 'never') DEFAULT 'once'
) ENGINE=INNODB;
CREATE TABLE IF NOT EXISTS `credentials` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`client_id` VARCHAR(128) NOT NULL,
`client_secret` VARCHAR(128) NOT NULL,
`secret` VARCHAR(128) NOT NULL
) ENGINE=INNODB;
);
CREATE TABLE IF NOT EXISTS `bots` (
`id` BINARY(64) PRIMARY KEY,
`user_id` INT NOT NULL,
`credentials_id` INT NOT NULL,
FOREIGN KEY (`user_id`) REFERENCES users(id) ON DELETE CASCADE,
`enabled` BOOLEAN DEFAULT 1,
`replies_enabled` BOOLEAN DEFAULT 1,
`post_frequency` SMALLINT UNSIGNED DEFAULT 30,
@ -28,37 +23,35 @@ CREATE TABLE IF NOT EXISTS `bots` (
`post_privacy` ENUM('public', 'unlisted', 'followers_only') DEFAULT 'unlisted',
`learn_from_cw` BOOLEAN DEFAULT 0,
`last_post` DATETIME DEFAULT 0,
`icon` VARCHAR(512),
`icon_update_time` DATETIME DEFAULT 0,
FOREIGN KEY (`user_id`) REFERENCES users(id) ON DELETE CASCADE,
FOREIGN KEY (`credentials_id`) REFERENCES credentials(id) ON DELETE CASCADE
) ENGINE=INNODB;
);
CREATE TABLE IF NOT EXISTS `credentials` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`client_id` VARCHAR(128) NOT NULL,
`client_secret` VARCHAR(128) NOT NULL,
`secret` VARCHAR(128) NOT NULL
);
CREATE TABLE IF NOT EXISTS `fedi_account` (
`handle` VARCHAR(128) NOT NULL PRIMARY KEY,
`outbox` VARCHAR(256),
`credentials_id` INT NOT NULL,
`icon` VARCHAR(512),
`icon_update_time` DATETIME DEFAULT 0,
FOREIGN KEY (`credentials_id`) REFERENCES credentials(id) ON DELETE CASCADE
) ENGINE=INNODB;
);
CREATE TABLE IF NOT EXISTS `posts` (
`id` BIGINT AUTO_INCREMENT PRIMARY KEY,
`post_id` VARCHAR(64) NOT NULL,
`content` TEXT NOT NULL,
`content` VARCHAR(65535) NOT NULL,
`cw` BOOLEAN NOT NULL
) ENGINE=INNODB;
);
CREATE TABLE IF NOT EXISTS `word_blacklist` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`bot_id` BINARY(64) NOT NULL,
FOREIGN KEY (`bot_id`) REFERENCES bots(id) ON DELETE CASCADE,
`phrase` VARCHAR(128) NOT NULL,
`whole_word` BOOLEAN NOT NULL,
FOREIGN KEY (`bot_id`) REFERENCES bots(id) ON DELETE CASCADE
) ENGINE=INNODB;
`whole_word` BOOLEAN NOT NULL
);
CREATE TABLE IF NOT EXISTS `contact_history` (
`user_id` INT NOT NULL,
FOREIGN KEY (`user_id`) REFERENCES users(id) ON DELETE CASCADE,
`fetch` BOOLEAN DEFAULT 0,
`submit` BOOLEAN DEFAULT 0,
`generation` BOOLEAN DEFAULT 0,
`reply` BOOLEAN DEFAULT 0,
FOREIGN KEY (`user_id`) REFERENCES users(id) ON DELETE CASCADE
) ENGINE=INNODB;
`reply` BOOLEAN DEFAULT 0
);

View file

@ -23,7 +23,7 @@
{% endif %}
<br>
<label for="password" class="important full-width">Password</label>
<input type="password" pattern=".{8,}" name="password">
<input type="password" name="password">
{% if signup %}
<p class="small">
Passwords must be at least eight characters long.

View file

@ -1,23 +1,15 @@
from flask import Flask, render_template, session, request, redirect, url_for
from flask_mysqldb import MySQL
import MySQLdb
import bcrypt
import json, hashlib
from flask import Flask, render_template, session
import json
cfg = json.load(open("config.json"))
app = Flask(__name__)
app.secret_key = cfg['secret_key']
app.config['MYSQL_HOST'] = cfg['db_host']
app.config['MYSQL_DB'] = cfg['db_name']
app.config['MYSQL_USER'] = cfg['db_user']
app.config['MYSQL_PASSWORD'] = cfg['db_pass']
mysql = MySQL(app)
@app.route("/")
def home():
def hello():
session['userid'] = 1
# session.clear()
if 'userid' in session:
session['step'] = 1
return render_template("home.html")
@ -37,8 +29,7 @@ def show_login_page():
return render_template("login.html", signup = False)
@app.route("/signup")
def show_signup_page(error = None):
#TODO: display error if any
def show_signup_page():
return render_template("login.html", signup = True)
@app.route("/settings")
@ -63,48 +54,7 @@ def bot_accounts_add():
@app.route("/bot/create/")
def bot_create():
session['step'] = 4
session['instance'] = "botsin.space"
session['instance_type'] = "Mastodon"
return render_template("bot_create.html")
@app.route("/do/signup", methods=['POST'])
def do_signup():
# email validation is basically impossible without actually sending an email to the address
# because fedibooks can't send email yet, we'll just check if the string contains an @ ;)
if "@" not in request.form['email']:
return show_signup_page("Invalid email address.")
if len(request.form['password']) < 8:
return show_signup_page("Password too short.")
user_id = hashlib.sha256(request.form['email'].encode('utf-8')).digest()
pw_hashed = hashlib.sha256(request.form['password'].encode('utf-8')).digest()
pw = bcrypt.hashpw(pw_hashed, bcrypt.gensalt(12))
# try to sign up
c = mysql.connection.cursor()
c.execute("INSERT INTO `users` (email, password) VALUES (%s, %s)", (request.form['email'], pw))
mysql.connection.commit()
c.close()
# success!
session['userid'] = user_id
return redirect(url_for('home'))
@app.route("/do/signout")
def do_signout():
session.clear()
return redirect(url_for("home"))
@app.route("/do/login", methods=['POST'])
def do_login():
pw_hashed = hashlib.sha256(request.form['password'].encode('utf-8')).digest()
c = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
c.execute("SELECT * FROM users WHERE email = %s", (request.form['email'],))
data = c.fetchone()
c.close()
if bcrypt.checkpw(pw_hashed, data['password']):
session['userid'] = data['id']
return redirect(url_for("home"))
else:
return "invalid login"