diff --git a/app.py b/app.py index 03754c5..4cbd939 100644 --- a/app.py +++ b/app.py @@ -4,6 +4,7 @@ from flask_limiter import Limiter from flask_limiter.util import get_remote_address import ipfshttpclient +from mastodon import Mastodon from datetime import date, datetime from functools import wraps @@ -26,6 +27,13 @@ db = SQLAlchemy(app) ipfs_client = ipfshttpclient.connect() +MAST_LOGIN_URL = Mastodon(api_base_url=C.mast_base_uri) \ + .auth_request_url( + client_id = C.mast_client_id, + redirect_uris = C.mast_redirect_uri, + scopes = ['read:accounts'] + ) + class Paper(db.Model): id = db.Column(db.Integer, primary_key=True) course = db.Column(db.String(30), index=True) @@ -47,7 +55,7 @@ def login_required(allow_guest=True): @wraps(f) def df(*args, **kwargs): username = session.get('username') - if not username or (not allow_guest and username.startswith('guest~')): + if not username or (not allow_guest and username.startswith('guest<')): return redirect(url_for('login')) return f(*args, **kwargs, username=username) return df @@ -63,7 +71,7 @@ def guest_login(): @app.route('/pastExam/login/guest/verify', methods=['POST']) @limiter.limit("10 / hour") -def guest_login_send(): +def guest_login_verify(): for name, ques, hint, ans in C.verify: if request.form.get(name) != ans: return '错误!', 401 @@ -71,10 +79,28 @@ def guest_login_send(): if 'uid' not in session: session['uid'] = random.randint(0, 10000000) - session['username'] = 'guest~%s' % session['uid'] + session['username'] = 'guest<%s>' % session['uid'] session.permanent = True return {'r':0} +@app.route('/pastExam/login/mast/') +def mast_login(): + return redirect(MAST_LOGIN_URL) + +@app.route('/pastExam/login/mast/auth') +def mast_login_auth(): + code = request.args.get('code') + client = Mastodon( + client_id=C.mast_client_id, + client_secret=C.mast_client_sec, + api_base_url=C.mast_base_uri + ) + token = client.log_in(code=code, redirect_uri=C.mast_redirect_uri,scopes=['read:accounts']) + info = client.account_verify_credentials() + session['username'] = info.acct + + return redirect(url_for('list')) + @app.route('/pastExam/') @login_required() def list(username): @@ -104,7 +130,7 @@ def list(username): all_teachers = [i for i, in db.session.query(Paper.teacher.distinct()).all()] all_years = [i for i, in db.session.query(Paper.year.distinct()).all()] ipfs_version = hashlib.sha256(C.ipfs_base_url.encode('utf-8')).hexdigest() - disable_upload = not C.allow_guest_upload and username.startswith('guest~') + disable_upload = not C.allow_guest_upload and username.startswith('guest<') return render_template('list.html', **locals()) def check_length(x, limit=30, allow_null=False): diff --git a/requirements.txt b/requirements.txt index 1ba69ec..6899fe9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,5 @@ Flask==1.1.2 +Mastodon.py==1.5.1 Flask_Limiter==1.3.1 Flask_SQLAlchemy==2.4.4 ipfshttpclient==0.7.0a1 diff --git a/static/login/index.html b/static/login/index.html index a5ac71c..62cea28 100644 --- a/static/login/index.html +++ b/static/login/index.html @@ -56,7 +56,7 @@

登录

- 闭社帐号登陆 + 闭社帐号登陆
@@ -81,7 +81,7 @@ ifr.width($('.login-box').width() - 10); ifr.height(570); if(!ifr.attr('src')) - ifr.attr("src", "guest"); + ifr.attr("src", "guest/"); ifr.show(); }