Startseite Erkunden Hilfe
Anmelden
Pjotir
/
StellarFrontier
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Branch: main
Branches Tags
StellarFrontier
/
stellarwebapp
/
routes
/
auth.py

auth.py 2.4 KB
Permalink Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 
  1. from flask import Blueprint, redirect, url_for, session, request, flash
    2. 

  2. from flask_login import login_user, logout_user, login_required, current_user
    3. 

  3. from models import db, User
    4. 

  4. import requests
    5. 

  5. import os
    6. 

  6. 

  7. auth_bp = Blueprint('auth', __name__)
    8. 

  8. 

  9. DISCORD_API_BASE_URL = 'https://discord.com/api'
    10. 

  10. AUTHORIZATION_BASE_URL = DISCORD_API_BASE_URL + '/oauth2/authorize'
    11. 

  11. TOKEN_URL = DISCORD_API_BASE_URL + '/oauth2/token'
    12. 

  12. 

  13. @auth_bp.route('/login')
    14. 

  14. def login():
    15. 

  15.     client_id = os.getenv('DISCORD_CLIENT_ID')
    16. 

  16.     redirect_uri = os.getenv('DISCORD_REDIRECT_URI')
    17. 

  17.     scope = 'identify'
    18. 

  18.     discord_login_url = f"{AUTHORIZATION_BASE_URL}?response_type=code&client_id={client_id}&scope={scope}&redirect_uri={redirect_uri}&prompt=consent"
    19. 

  19.     return redirect(discord_login_url)
    20. 

  20. 

  21. @auth_bp.route('/callback')
    22. 

  22. def callback():
    23. 

  23.     code = request.args.get('code')
    24. 

  24.     if not code:
    25. 

  25.         flash("Error: No code provided.", "danger")
    26. 

  26.         return redirect(url_for('main.index'))
    27. 

  27. 

  28.     data = {
    29. 

  29.         'client_id': os.getenv('DISCORD_CLIENT_ID'),
    30. 

  30.         'client_secret': os.getenv('DISCORD_CLIENT_SECRET'),
    31. 

  31.         'grant_type': 'authorization_code',
    32. 

  32.         'code': code,
    33. 

  33.         'redirect_uri': os.getenv('DISCORD_REDIRECT_URI'),
    34. 

  34.         'scope': 'identify'
    35. 

  35.     }
    36. 

  36.     headers = {
    37. 

  37.         'Content-Type': 'application/x-www-form-urlencoded'
    38. 

  38.     }
    39. 

  39. 

  40.     response = requests.post(TOKEN_URL, data=data, headers=headers)
    41. 

  41.     token_json = response.json()
    42. 

  42.     
    43. 

  43.     if 'access_token' not in token_json:
    44. 

  44.         flash("Error: Failed to retrieve access token.", "danger")
    45. 

  45.         return redirect(url_for('main.index'))
    46. 

  46. 

  47.     access_token = token_json['access_token']
    48. 

  48.     user_headers = {
    49. 

  49.         'Authorization': f"Bearer {access_token}"
    50. 

  50.     }
    51. 

  51.     user_response = requests.get(f"{DISCORD_API_BASE_URL}/users/@me", headers=user_headers)
    52. 

  52.     user_data = user_response.json()
    53. 

  53. 

  54.     discord_id = user_data['id']
    55. 

  55.     username = user_data['username']
    56. 

  56. 

  57.     user = User.query.filter_by(discord_id=discord_id).first()
    58. 

  58.     if not user:
    59. 

  59.         user = User(discord_id=discord_id, username=username)
    60. 

  60.         db.session.add(user)
    61. 

  61.         db.session.commit()
    62. 

  62.     else:
    63. 

  63.         user.username = username
    64. 

  64.         db.session.commit()
    65. 

  65. 

  66.     login_user(user)
    67. 

  67.     flash(f"Logged in as {username}!", "success")
    68. 

  68.     return redirect(url_for('main.index'))
    69. 

  69. 

  70. @auth_bp.route('/logout')
    71. 

  71. @login_required
    72. 

  72. def logout():
    73. 

  73.     logout_user()
    74. 

  74.     flash("You have been logged out.", "info")
    75. 

  75.     return redirect(url_for('main.index'))
    76.