working logins, minor bug fixes
This commit is contained in:
parent
aa4e98d475
commit
3933078fd9
1 changed files with 8 additions and 7 deletions
15
web.py
15
web.py
|
@ -69,7 +69,7 @@ def home():
|
||||||
client = Mastodon(client_id=session['client_id'], client_secret=session['client_secret'], access_token=session['secret'], api_base_url=session['instance'])
|
client = Mastodon(client_id=session['client_id'], client_secret=session['client_secret'], access_token=session['secret'], api_base_url=session['instance'])
|
||||||
|
|
||||||
session['avi'] = client.account_verify_credentials()['avatar']
|
session['avi'] = client.account_verify_credentials()['avatar']
|
||||||
if session['cc'] != None:
|
if session['cc'] != "None":
|
||||||
#update cc avi too
|
#update cc avi too
|
||||||
r = requests.get("https://curiouscat.me/api/v2/profile?username={}".format(session['cc']))
|
r = requests.get("https://curiouscat.me/api/v2/profile?username={}".format(session['cc']))
|
||||||
j = r.json()
|
j = r.json()
|
||||||
|
@ -86,7 +86,7 @@ def home():
|
||||||
def print_debug_info():
|
def print_debug_info():
|
||||||
return json.dumps(session._get_current_object())
|
return json.dumps(session._get_current_object())
|
||||||
|
|
||||||
@app.route('/reset') #TODO: ditto
|
@app.route('/logout')
|
||||||
def reset_session():
|
def reset_session():
|
||||||
session.clear()
|
session.clear()
|
||||||
return redirect(url_for('main'))
|
return redirect(url_for('main'))
|
||||||
|
@ -139,19 +139,20 @@ def internal_auth_b():
|
||||||
else:
|
else:
|
||||||
return redirect(url_for('create_password'))
|
return redirect(url_for('create_password'))
|
||||||
|
|
||||||
@app.route('/internal/do_login')
|
@app.route('/internal/do_login', methods = ['POST'])
|
||||||
def do_login():
|
def do_login():
|
||||||
pw_in = request.form['pw']
|
pw_in = request.form['pw']
|
||||||
pw_hashed = hashlib.sha256(pw_in.encode('utf-8'))
|
pw_hashed = hashlib.sha256(pw_in.encode('utf-8')).digest()
|
||||||
acct = request.form['acct']
|
acct = request.form['acct']
|
||||||
session['username'] = re.match("^@[^@]*", acct).group(0)
|
session['username'] = re.match("^@([^@]+)@", acct).group(1)
|
||||||
session['instance'] = "https://{}".format(re.search("@([^@]+)$", acct).group(1))
|
session['instance'] = "https://{}".format(re.search("@([^@]+)$", acct).group(1))
|
||||||
dc.execute("SELECT * FROM data WHERE username LIKE %s AND password LIKE %s", (session['username'], session['instance']))
|
dc.execute("SELECT * FROM data WHERE username LIKE %s AND instance LIKE %s", (session['username'], session['instance']))
|
||||||
data = dc.fetchone()
|
data = dc.fetchone()
|
||||||
if bcrypt.checkpw(pw_hashed, data['password']):
|
if bcrypt.checkpw(pw_hashed, data['password'].encode('utf-8')):
|
||||||
#password is correct, log the user in
|
#password is correct, log the user in
|
||||||
for item in ['username', 'instance', 'avi', 'secret', 'client_id', 'client_secret', 'cc', 'ccavi']:
|
for item in ['username', 'instance', 'avi', 'secret', 'client_id', 'client_secret', 'cc', 'ccavi']:
|
||||||
session[item] = data[item]
|
session[item] = data[item]
|
||||||
|
session['acct'] = "@{}@{}".format(session['username'], re.match("https://(.*)", session['instance']).group(1))
|
||||||
return redirect('/home')
|
return redirect('/home')
|
||||||
else:
|
else:
|
||||||
return redirect('/login?invalid')
|
return redirect('/login?invalid')
|
||||||
|
|
Loading…
Reference in a new issue