nex/college-bot-v1
1
0
Fork 0
mirror of https://github.com/nexy7574/LCC-bot.git synced 2024-09-20 02:26:32 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add web-verification

Browse source
This commit is contained in:
Nexus 2023-02-23 11:19:56 +00:00
parent 6919bc3f15
commit aecde04c39
Signed by: nex
GPG key ID: 0FA334385D0B689F
1 changed files with 27 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
web/server.py
View file

@ -14,6 +14,8 @@ try:
except ImportError: except ImportError:
OAUTH_ID = OAUTH_SECRET = OAUTH_REDIRECT_URI = None OAUTH_ID = OAUTH_SECRET = OAUTH_REDIRECT_URI = None
GENERAL = "https://ptb.discord.com/channels/994710566612500550/1018915342317277215/"
OAUTH_ENABLED = OAUTH_ID and OAUTH_SECRET and OAUTH_REDIRECT_URI OAUTH_ENABLED = OAUTH_ID and OAUTH_SECRET and OAUTH_REDIRECT_URI
app = FastAPI() app = FastAPI()
@ -51,6 +53,12 @@ def ping():
@app.get("/auth") @app.get("/auth")
async def authenticate(req: Request, code: str = None, state: str = None): async def authenticate(req: Request, code: str = None, state: str = None):
if not OAUTH_ENABLED:
raise HTTPException(
503,
"OAuth is not enabled."
)
if not (code and state) or state not in app.state.states: if not (code and state) or state not in app.state.states:
value = os.urandom(3).hex() value = os.urandom(3).hex()
assert value not in app.state.states, "Generated a state that already exists." assert value not in app.state.states, "Generated a state that already exists."
@ -60,7 +68,7 @@ async def authenticate(req: Request, code: str = None, state: str = None):
OAUTH_ID, OAUTH_ID,
redirect_uri=OAUTH_REDIRECT_URI, redirect_uri=OAUTH_REDIRECT_URI,
scopes=('identify',) scopes=('identify',)
) + f"&state={value}", ) + f"&state={value}&prompt=none",
status_code=301 status_code=301
) )
else: else:
@ -111,6 +119,7 @@ async def authenticate(req: Request, code: str = None, state: str = None):
) )
# Now send a request to https://ip-api.com/json/{ip}?fields=17136 # Now send a request to https://ip-api.com/json/{ip}?fields=17136
if req.client.host not in ("127.0.0.1", "localhost", "::1"):
response = app.state.http.get( response = app.state.http.get(
f"http://ip-api.com/json/{req.client.host}?fields=17136" f"http://ip-api.com/json/{req.client.host}?fields=17136"
) )
@ -125,13 +134,15 @@ async def authenticate(req: Request, code: str = None, state: str = None):
status_code=500, status_code=500,
detail=f"Failed to get IP data for {req.client.host}: {data}." detail=f"Failed to get IP data for {req.client.host}: {data}."
) )
else:
data = None
# Now we can update the student entry with this data # Now we can update the student entry with this data
await student.update(ip_info=data, access_token_hash=token) await student.update(ip_info=data, access_token_hash=token)
# And set it as a cookie # And set it as a cookie
response = RedirectResponse( response = RedirectResponse(
"/", GENERAL,
status_code=307, status_code=307,
headers={ headers={
"Cache-Control": "max-age=604800" "Cache-Control": "max-age=604800"
@ -198,6 +209,6 @@ async def verify(code: str):
console.log(f"[green]{verify_code.bind} verified ({verify_code.bind}/{verify_code.student_id})") console.log(f"[green]{verify_code.bind} verified ({verify_code.bind}/{verify_code.student_id})")
return RedirectResponse( return RedirectResponse(
"https://ptb.discord.com/channels/994710566612500550/1018915342317277215/", GENERAL,
status_code=308 status_code=308
) )