modified: Dockerfile

modified: app.py modified: bot.py
2024-09-06 10:26:46 +02:00
parent a59f6eefdf
commit 13c7fec864
3 changed files with 97 additions and 3 deletions
--- a/app.py
+++ b/app.py
@@ -7,10 +7,11 @@ import os
 import subprocess
 import psutil
 import mysql.connector
+import requests
 from datetime import datetime

 app = Flask(__name__)
-app.secret_key = os.getenv("FLASK_SECRET_KEY", "default_secret_key")
+app.secret_key = os.getenv("FLASK_SECRET_KEY")

 LOG_FILE_PATH = os.path.join("logs", f"{datetime.now().strftime('%Y-%m-%d')}.log")

@@ -21,6 +22,96 @@ DB_USER = os.getenv("DB_USER")
 DB_PASS = os.getenv("DB_PASSWORD")
 DB_NAME = os.getenv("DB_DATABASE")

+DISCORD_CLIENT_ID = os.getenv("DISCORD_CLIENT_ID")
+DISCORD_CLIENT_SECRET = os.getenv("DISCORD_CLIENT_SECRET")
+DISCORD_REDIRECT_URI = os.getenv("DISCORD_REDIRECT_URI")
+DISCORD_API_BASE_URL = "https://discord.com/api"
+
+def get_db_connection():
+    connection = mysql.connector.connect(
+        host=DB_HOST,
+        user=DB_USER,
+        password=DB_PASS,
+        database=DB_NAME
+    )
+    return connection
+
+@app.route("/login")
+def login():
+    discord_authorize_url = f"https://discord.com/api/oauth2/authorize?client_id={DISCORD_CLIENT_ID}&redirect_uri={DISCORD_REDIRECT_URI}&response_type=code&scope=identify"
+    return redirect(discord_authorize_url)
+
+# Route for OAuth2 Callback
+@app.route("/callback")
+def callback():
+    code = request.args.get("code")
+    if code is None:
+        return redirect(url_for("login"))
+
+    # Step 1: Exchange the authorization code for an access token
+    data = {
+        "client_id": DISCORD_CLIENT_ID,
+        "client_secret": DISCORD_CLIENT_SECRET,
+        "grant_type": "authorization_code",
+        "code": code,
+        "redirect_uri": DISCORD_REDIRECT_URI
+    }
+    headers = {"Content-Type": "application/x-www-form-urlencoded"}
+    response = requests.post(f"{DISCORD_API_BASE_URL}/oauth2/token", data=data, headers=headers)
+    response_data = response.json()
+    
+    if response.status_code != 200:
+        return jsonify(response_data), 400
+    
+    access_token = response_data.get("access_token")
+
+    # Step 2: Use the access token to fetch the user's info from Discord
+    headers = {
+        "Authorization": f"Bearer {access_token}"
+    }
+    user_response = requests.get(f"{DISCORD_API_BASE_URL}/users/@me", headers=headers)
+    user_data = user_response.json()
+
+    if user_response.status_code != 200:
+        return jsonify(user_data), 400
+    
+    discord_user_id = user_data["id"]
+    discord_username = user_data["username"]
+
+    # Step 3: Check user's permissions from the database
+    connection = get_db_connection()
+    cursor = connection.cursor(dictionary=True)
+    cursor.execute("SELECT permission FROM user_data WHERE user_id = %s", (discord_user_id,))
+    result = cursor.fetchone()
+
+    if result is None:
+        return "Access Denied: You are not registered in the database.", 403
+    
+    user_permission = result["permission"]
+
+    if user_permission < 8:  # Check if user is Admin or higher
+        return "Access Denied: You do not have sufficient permissions.", 403
+    
+    # Step 4: Log the user in
+    session["user_id"] = discord_user_id
+    session["username"] = discord_username
+    session["permission"] = user_permission
+
+    return redirect(url_for("index"))
+
+# Route for Logout
+@app.route("/logout")
+def logout():
+    session.clear()
+    return redirect(url_for("login"))
+
+# Route for Admin Dashboard (Protected)
+@app.route("/admin")
+def index():
+    if "user_id" in session and session["permission"] >= 8:
+        return f"Hello, {session['username']}! Welcome to the Admin Panel."
+    return redirect(url_for("login"))
+
 # Globale Variablen für die Intros
 INTRO_FILE = "introduction.txt"
 ASKNOTES_INTRO_FILE = "asknotesintro.txt"