From 69f2ab189522177090638da2477835d29328488c Mon Sep 17 00:00:00 2001
From: EEKIM10 <me@nexy7574.cyou>
Date: Thu, 23 Feb 2023 23:05:50 +0000
Subject: [PATCH] redirect nicerly

---
 Dockerfile    |  2 +-
 main.py       |  2 +-
 web/server.py | 43 ++++++++++++++++++++++++++++++++++---------
 3 files changed, 36 insertions(+), 11 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 43e1829..1a5680c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -27,4 +27,4 @@ RUN pip install -r requirements.txt
 
 COPY . /
 
-CMD ["python", "main.py"]
+CMD ["python3", "main.py"]
diff --git a/main.py b/main.py
index 62f34bc..1d88e72 100644
--- a/main.py
+++ b/main.py
@@ -68,7 +68,7 @@ async def ping(ctx: discord.ApplicationContext):
 
 @bot.check_once
 async def check_not_banned(ctx: discord.ApplicationContext | commands.Context):
-    if await bot.is_owner(ctx.author):
+    if await bot.is_owner(ctx.author) or ctx.command.name in ("block", "unblock"):
         return True
     user = ctx.author
     ban: JimmyBans = await get_or_none(JimmyBans, user_id=user.id)
diff --git a/web/server.py b/web/server.py
index 8557231..5670f17 100644
--- a/web/server.py
+++ b/web/server.py
@@ -5,7 +5,7 @@ from datetime import datetime, timezone
 from hashlib import sha512
 
 from fastapi import FastAPI, HTTPException, Request
-from fastapi.responses import JSONResponse, RedirectResponse
+from fastapi.responses import JSONResponse, RedirectResponse, HTMLResponse
 from utils import Student, get_or_none, VerifyCode, console, BannedStudentID
 from config import guilds
 
@@ -35,7 +35,10 @@ async def check_bot_instanced(request, call_next):
     if not request.app.state.bot:
         return JSONResponse(
             status_code=503,
-            content={"message": "Not ready."}
+            content={"message": "Not ready."},
+            headers={
+                "Retry-After": "10"
+            }
         )
     return await call_next(request)
 
@@ -55,12 +58,12 @@ def ping():
 async def authenticate(req: Request, code: str = None, state: str = None):
     if not OAUTH_ENABLED:
         raise HTTPException(
-            503,
+            501,
             "OAuth is not enabled."
         )
 
     if not (code and state) or state not in app.state.states:
-        value = os.urandom(3).hex()
+        value = os.urandom(8).hex()
         assert value not in app.state.states, "Generated a state that already exists."
         app.state.states.add(value)
         return RedirectResponse(
@@ -69,7 +72,10 @@ async def authenticate(req: Request, code: str = None, state: str = None):
                 redirect_uri=OAUTH_REDIRECT_URI,
                 scopes=('identify',)
             ) + f"&state={value}&prompt=none",
-            status_code=301
+            status_code=301,
+            headers={
+                "Cache-Control": "no-store, no-cache"
+            }
         )
     else:
         app.state.states.discard(state)
@@ -139,12 +145,31 @@ async def authenticate(req: Request, code: str = None, state: str = None):
         
         # Now we can update the student entry with this data
         await student.update(ip_info=data, access_token_hash=token)
-
+        document = \
+f"""
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Redirecting...</title>
+</head>
+<body>
+    <script>
+        window.location.href = "{GENERAL}";
+    </script>
+    <noscript>
+        <meta http-equiv="refresh" content="0; url={GENERAL}" />
+    </noscript>
+    <p>Redirecting you to the general channel...</p>
+    <i><a href='{GENERAL}' rel='noopener'>Click here if you are not redirected.</a></i>
+</body>
+</html>
+"""
         # And set it as a cookie
-        response = RedirectResponse(
-            GENERAL,
-            status_code=307,
+        response = HTMLResponse(
+            document,
+            status_code=200,
             headers={
+                "Location": GENERAL,
                 "Cache-Control": "max-age=604800"
             }
         )