|
|
@ -4,6 +4,7 @@ from flask_limiter import Limiter |
|
|
|
from flask_limiter.util import get_remote_address |
|
|
|
|
|
|
|
import ipfshttpclient |
|
|
|
from mastodon import Mastodon |
|
|
|
|
|
|
|
from datetime import date, datetime |
|
|
|
from functools import wraps |
|
|
@ -26,6 +27,13 @@ db = SQLAlchemy(app) |
|
|
|
|
|
|
|
ipfs_client = ipfshttpclient.connect() |
|
|
|
|
|
|
|
MAST_LOGIN_URL = Mastodon(api_base_url=C.mast_base_uri) \ |
|
|
|
.auth_request_url( |
|
|
|
client_id = C.mast_client_id, |
|
|
|
redirect_uris = C.mast_redirect_uri, |
|
|
|
scopes = ['read:accounts'] |
|
|
|
) |
|
|
|
|
|
|
|
class Paper(db.Model): |
|
|
|
id = db.Column(db.Integer, primary_key=True) |
|
|
|
course = db.Column(db.String(30), index=True) |
|
|
@ -47,7 +55,7 @@ def login_required(allow_guest=True): |
|
|
|
@wraps(f) |
|
|
|
def df(*args, **kwargs): |
|
|
|
username = session.get('username') |
|
|
|
if not username or (not allow_guest and username.startswith('guest~')): |
|
|
|
if not username or (not allow_guest and username.startswith('guest<')): |
|
|
|
return redirect(url_for('login')) |
|
|
|
return f(*args, **kwargs, username=username) |
|
|
|
return df |
|
|
@ -63,7 +71,7 @@ def guest_login(): |
|
|
|
|
|
|
|
@app.route('/pastExam/login/guest/verify', methods=['POST']) |
|
|
|
@limiter.limit("10 / hour") |
|
|
|
def guest_login_send(): |
|
|
|
def guest_login_verify(): |
|
|
|
for name, ques, hint, ans in C.verify: |
|
|
|
if request.form.get(name) != ans: |
|
|
|
return '错误!', 401 |
|
|
@ -71,10 +79,28 @@ def guest_login_send(): |
|
|
|
if 'uid' not in session: |
|
|
|
session['uid'] = random.randint(0, 10000000) |
|
|
|
|
|
|
|
session['username'] = 'guest~%s' % session['uid'] |
|
|
|
session['username'] = 'guest<%s>' % session['uid'] |
|
|
|
session.permanent = True |
|
|
|
return {'r':0} |
|
|
|
|
|
|
|
@app.route('/pastExam/login/mast/') |
|
|
|
def mast_login(): |
|
|
|
return redirect(MAST_LOGIN_URL) |
|
|
|
|
|
|
|
@app.route('/pastExam/login/mast/auth') |
|
|
|
def mast_login_auth(): |
|
|
|
code = request.args.get('code') |
|
|
|
client = Mastodon( |
|
|
|
client_id=C.mast_client_id, |
|
|
|
client_secret=C.mast_client_sec, |
|
|
|
api_base_url=C.mast_base_uri |
|
|
|
) |
|
|
|
token = client.log_in(code=code, redirect_uri=C.mast_redirect_uri,scopes=['read:accounts']) |
|
|
|
info = client.account_verify_credentials() |
|
|
|
session['username'] = info.acct |
|
|
|
|
|
|
|
return redirect(url_for('list')) |
|
|
|
|
|
|
|
@app.route('/pastExam/') |
|
|
|
@login_required() |
|
|
|
def list(username): |
|
|
@ -104,7 +130,7 @@ def list(username): |
|
|
|
all_teachers = [i for i, in db.session.query(Paper.teacher.distinct()).all()] |
|
|
|
all_years = [i for i, in db.session.query(Paper.year.distinct()).all()] |
|
|
|
ipfs_version = hashlib.sha256(C.ipfs_base_url.encode('utf-8')).hexdigest() |
|
|
|
disable_upload = not C.allow_guest_upload and username.startswith('guest~') |
|
|
|
disable_upload = not C.allow_guest_upload and username.startswith('guest<') |
|
|
|
return render_template('list.html', **locals()) |
|
|
|
|
|
|
|
def check_length(x, limit=30, allow_null=False): |
|
|
|