lynnesbian/curious-greg
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: lynnesbian:3910fcf0a69ebfcdba213c453f37d5ea64747213
Branches Tags
lynnesbian:master
..
compare: lynnesbian:5202b48bd8b0670b66a6c0e08496ae89effe8ab8
Branches Tags
lynnesbian:master

3 commits
3910fcf0a6 ... 5202b48bd8

Author SHA1 Message Date
Lynne
5202b48bd8
added profile picture to password creation form, changed DB schema to accomodate 2018-11-06 21:57:47 +10:00
Lynne
456c46811d
removed second password entry thingy 2018-11-06 21:23:04 +10:00
Lynne
d17093ab3e
added password creation page 2018-11-06 21:22:10 +10:00
3 changed files with 66 additions and 14 deletions
Show stats Expand all files Collapse all files

10
static/style.css
View file

@ -57,3 +57,13 @@ button:hover, .button:hover{
background-color:#2b90d9; background-color:#2b90d9;
color:white; color:white;
} }
#form-avi {
height: 128px;
width:128px;
margin:0 auto 15px;
background-size:cover;
border-radius:16px;
}
#form-avi-label {
font-size:0.6em;
}

25
templates/create_password.html Normal file
View file

@ -0,0 +1,25 @@
<!DOCTYPE html>
<html>
<head>
<title>Curious Greg - Create Password</title>
{% include 'imports.html' %}
</head>
<body>
<h1>Create password</h1>
<h2>Please enter a password for your new Curious Greg account.</h2>
<noscript>
Curious Greg will not function without JavaScript. Please ensure you have JavaScript enabled.
</noscript>
<!-- <div id='logo-main'></div> -->
<form action='/internal/do_login' method='POST'>
<div id='form-avi' style='background-image:url("https://fedi.lynnesbian.space/system/accounts/avatars/000/000/002/original/7ebcb4b973eee926.gif?1541354017")'></div>
<span id='form-avi-label'>@lynnesbian@fedi.lynnesbian.space</span><br /><br />
<label for='pw'>Password</label><br />
<input type='password' name='pw' placeholder='••••••••' required /><br />
<button>Create Account</button>
</form>
<br /><br />
Your password will be hashed using bcrypt, ensuring that nobody can read it.
{% include 'footer.html' %}
</body>
</html>

41
web.py
View file

@ -14,7 +14,7 @@ cfg = json.load(open("meta.json"))
db = sqlite3.connect("database.db") #TODO: switch to mysql so concurrency is possible db = sqlite3.connect("database.db") #TODO: switch to mysql so concurrency is possible
c = db.cursor() c = db.cursor()
c.execute("CREATE TABLE IF NOT EXISTS `data` (username TEXT NOT NULL, instance TEXT NOT NULL, secret TEXT NOT NULL, appid TEXT NOT NULL, appsecret TEXT NOT NULL, cc TEXT, latest_post TEXT, latest_timestamp TEXT, time_between_checks INT)") c.execute("CREATE TABLE IF NOT EXISTS `data` (username TEXT NOT NULL, instance TEXT NOT NULL, password TEXT NOT NULL, avi TEXT NOT NULL, secret TEXT NOT NULL, appid TEXT NOT NULL, appsecret TEXT NOT NULL, cc TEXT, latest_post TEXT, latest_timestamp TEXT, time_between_checks INT)")
app = Flask(cfg['name']) app = Flask(cfg['name'])
app.secret_key = cfg['flask_key'] app.secret_key = cfg['flask_key']
@ -34,8 +34,24 @@ def home():
else: else:
return redirect(url_for('main')) return redirect(url_for('main'))
@app.route('/debug') #TODO: remove this before making the site live ;p
def print_debug_info():
return json.dumps(session._get_current_object())
@app.route('/login')
def log_in():
if 'acct' in session:
#user is probably already logged in. if they aren't, home() will handle things and redirect them back here
return redirect(url_for('home'))
return render_template("login.html")
# return(json.dumps(client_info))
#internal stuff
@app.route('/internal/auth_a') @app.route('/internal/auth_a')
def internal_auth_a(): def internal_auth_a(): #TODO: prevent these endpoints from being spammed somehow
session['instance_url'] = request.args.get('url', default='mastodon.social', type=str) session['instance_url'] = request.args.get('url', default='mastodon.social', type=str)
if not session['instance_url'].startswith("https://"): if not session['instance_url'].startswith("https://"):
@ -57,7 +73,6 @@ def internal_auth_a():
} }
url = "{}/oauth/authorize?{}".format(session['instance_url'], urllib.parse.urlencode(params)) url = "{}/oauth/authorize?{}".format(session['instance_url'], urllib.parse.urlencode(params))
return url return url
@app.route('/internal/auth_b') @app.route('/internal/auth_b')
@ -70,16 +85,18 @@ def internal_auth_b():
if c.execute("SELECT COUNT(*) FROM data WHERE username LIKE ? AND instance LIKE ?", (session['username'], session['instance_url'])).fetchone()[0] > 0: if c.execute("SELECT COUNT(*) FROM data WHERE username LIKE ? AND instance LIKE ?", (session['username'], session['instance_url'])).fetchone()[0] > 0:
#user already has an account with CG #user already has an account with CG
return redirect(url_for('log_in')) return redirect(url_for('log_in'))
c.execute("INSERT INTO data (username, instance, secret, appid, appsecret) VALUES (?, ?, ?, ?, ?)", (session['username'], session['instance_url'], session['secret'], session['client_id'], session['client_secret'])) else:
db.commit()
return redirect(url_for('home')) return redirect(url_for('home'))
@app.route('/debug') @app.route('/internal/do_login')
def print_debug_info(): def do_login():
return json.dumps(session._get_current_object()) pass
@app.route('/login') @app.route('/create_password')
def log_in(): def create_password():
return render_template("login.html") return render_template("create_password.html")
# return(json.dumps(client_info)) @app.route('/internal/create_account')
def create_account():
c.execute("INSERT INTO data (username, instance, secret, appid, appsecret) VALUES (?, ?, ?, ?, ?)", (session['username'], session['instance_url'], session['secret'], session['client_id'], session['client_secret']))
db.commit()