modified: app.py

modified:   requirements.txt
	modified:   templates/index.html

app.py

@@ -3,6 +3,7 @@ __all__ = ["Discordbot-chatai-webpanel (Discord)"]
 __author__ = "SimolZimol"
 
 from flask import Flask, render_template, redirect, url_for, request, session, jsonify, send_file
+from requests_oauthlib import OAuth2Session
 import os
 import subprocess
 import psutil
@@ -21,6 +22,13 @@ DB_USER = os.getenv("DB_USER")
 DB_PASS = os.getenv("DB_PASSWORD")
 DB_NAME = os.getenv("DB_DATABASE")
 
+DISCORD_CLIENT_ID = os.getenv("DISCORD_CLIENT_ID")
+DISCORD_CLIENT_SECRET = os.getenv("DISCORD_CLIENT_SECRET")
+DISCORD_REDIRECT_URI = os.getenv("DISCORD_REDIRECT_URI")
+DISCORD_OAUTH2_URL = "https://discord.com/api/oauth2/authorize"
+DISCORD_TOKEN_URL = "https://discord.com/api/oauth2/token"
+DISCORD_API_URL = "https://discord.com/api/users/@me"
+
 # Globale Variablen für die Intros
 INTRO_FILE = "introduction.txt"
 ASKNOTES_INTRO_FILE = "asknotesintro.txt"
@@ -75,28 +83,67 @@ def get_db_connection():
         database=DB_NAME
     )
 
+def make_discord_session(token=None, state=None):
+    return OAuth2Session(
+        DISCORD_CLIENT_ID,
+        token=token,
+        state=state,
+        redirect_uri=DISCORD_REDIRECT_URI,
+        scope=["identify"]
+    )
+
+
 @app.route("/")
 def index():
     if "username" in session:
         return render_template("index.html", bot_running=bot_status())
     return redirect(url_for("login"))
 
-@app.route("/login", methods=["GET", "POST"])
+@app.route("/login")
 def login():
-    if request.method == "POST":
-        username = request.form["username"]
-        password = request.form["password"]
-        if username == os.getenv("ADMIN_USER") and password == os.getenv("ADMIN_PASS"):
-            session["username"] = username
-            return redirect(url_for("index"))
-        else:
-            return "Invalid credentials!"
-    return render_template("login.html")
+    """Startet den Discord-OAuth2-Flow."""
+    discord = make_discord_session()
+    authorization_url, state = discord.authorization_url(DISCORD_OAUTH2_URL)
+    
+    session['oauth_state'] = state
+    return redirect(authorization_url)
+
+@app.route("/callback")
+def callback():
+    """Verarbeitet den OAuth2-Rückruf von Discord."""
+    discord = make_discord_session(state=session.get("oauth_state"))
+    token = discord.fetch_token(
+        DISCORD_TOKEN_URL,
+        client_secret=DISCORD_CLIENT_SECRET,
+        authorization_response=request.url,
+    )
+    
+    session['oauth_token'] = token
+    
+    # User-Informationen von Discord abrufen
+    user_info = discord.get(DISCORD_API_URL).json()
+    
+    # Speichere die Benutzerinformationen in der Session
+    session['discord_user'] = user_info
+
+    return redirect(url_for("dashboard"))
+
+@app.route("/dashboard")
+def dashboard():
+    """Das Dashboard nach erfolgreicher Authentifizierung."""
+    if "discord_user" not in session:
+        return redirect(url_for("login"))
+    
+    user_info = session['discord_user']
+    return render_template("dashboard.html", user_info=user_info)
+
 
 @app.route("/logout")
 def logout():
-    session.pop("username", None)
-    return redirect(url_for("login"))
+    """Löscht die Benutzersitzung und meldet den Benutzer ab."""
+    session.pop('discord_user', None)
+    session.pop('oauth_token', None)
+    return redirect(url_for('login'))
 
 @app.route("/start_bot")
 def start():