__version__ = "dev-0.4.6" __all__ = ["Discordbot-chatai-webpanel (Discord)"] __author__ = "SimolZimol" from flask import Flask, render_template, redirect, url_for, request, session, jsonify, send_file, flash, g from requests_oauthlib import OAuth2Session import os import subprocess import psutil import mysql.connector from datetime import datetime from flask_session import Session app = Flask(__name__) app.secret_key = os.getenv("FLASK_SECRET_KEY") LOG_FILE_PATH = os.path.join("logs", f"{datetime.now().strftime('%Y-%m-%d')}.log") app.config["SESSION_TYPE"] = "filesystem" # Oder 'redis' für Redis-basierte Speicherung Session(app) print(f"Session Type: {app.config['SESSION_TYPE']}") # Verwende Umgebungsvariablen für die Datenbankverbindung DB_HOST = os.getenv("DB_HOST") DB_PORT = os.getenv("DB_PORT") DB_USER = os.getenv("DB_USER") DB_PASS = os.getenv("DB_PASSWORD") DB_NAME = os.getenv("DB_DATABASE") DISCORD_CLIENT_ID = os.getenv("DISCORD_CLIENT_ID") DISCORD_CLIENT_SECRET = os.getenv("DISCORD_CLIENT_SECRET") DISCORD_REDIRECT_URI = os.getenv("DISCORD_REDIRECT_URI") DISCORD_OAUTH2_URL = "https://discord.com/api/oauth2/authorize" DISCORD_TOKEN_URL = "https://discord.com/api/oauth2/token" DISCORD_API_URL = "https://discord.com/api/users/@me" os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' # Speichern der Prozess-ID bot_process = None def bot_status(): """Überprüft, ob der Bot läuft.""" global bot_process if bot_process is None: return False return bot_process.poll() is None # None bedeutet, dass der Prozess noch läuft def start_bot(): """Startet den Bot.""" global bot_process if not bot_status(): bot_process = subprocess.Popen(["python", "bot.py"], cwd=os.path.dirname(os.path.abspath(__file__))) else: print("Bot läuft bereits.") def stop_bot(): """Stoppt den Bot.""" global bot_process if bot_process and bot_status(): bot_process.terminate() bot_process.wait() # Warten, bis der Prozess beendet ist bot_process = None else: print("Bot läuft nicht.") def get_db_connection(): """Stellt eine Verbindung zur MySQL-Datenbank her.""" return mysql.connector.connect( host=DB_HOST, port=DB_PORT, user=DB_USER, password=DB_PASS, database=DB_NAME ) def token_updater(token): session['oauth_token'] = token def make_discord_session(token=None, state=None): return OAuth2Session( DISCORD_CLIENT_ID, token=token or session.get("oauth_token"), state=state, redirect_uri=DISCORD_REDIRECT_URI, scope=["identify", "guilds"], auto_refresh_kwargs={ 'client_id': DISCORD_CLIENT_ID, 'client_secret': DISCORD_CLIENT_SECRET, }, auto_refresh_url=DISCORD_TOKEN_URL, token_updater=token_updater ) def is_bot_admin(): """Überprüft, ob der Benutzer globale Admin-Rechte hat.""" if "discord_user" in session: user_info = session["discord_user"] user_id = user_info["id"] connection = get_db_connection() cursor = connection.cursor(dictionary=True) cursor.execute("SELECT global_permission FROM bot_data WHERE user_id = %s", (user_id,)) user_data = cursor.fetchone() cursor.close() connection.close() return user_data and user_data["global_permission"] >= 8 return False def is_server_admin(guild_id): """Überprüft, ob der Benutzer Admin-Rechte auf einem bestimmten Server (Guild) hat.""" if "discord_user" in session: user_info = session["discord_user"] user_id = user_info["id"] connection = get_db_connection() cursor = connection.cursor(dictionary=True) cursor.execute("SELECT permission FROM user_data WHERE user_id = %s AND guild_id = %s", (user_id, guild_id)) user_data = cursor.fetchone() cursor.close() connection.close() return user_data and user_data["permission"] >= 8 return False @app.route("/") def landing_page(): """Landing Page""" return render_template("landing.html") @app.route("/about") def about(): """Öffentliche Über-uns-Seite""" return render_template("about.html") @app.route("/contact") def contact(): """Öffentliche Kontaktseite""" return render_template("contact.html") @app.route("/faq") def faq(): """Öffentliche FAQ-Seite""" return render_template("faq.html") @app.route("/help") def help_page(): """Öffentliche Hilfeseite""" return render_template("help.html") @app.route("/login") def login(): """Startet den Discord-OAuth2-Flow.""" discord = make_discord_session() authorization_url, state = discord.authorization_url(DISCORD_OAUTH2_URL) session['oauth_state'] = state return redirect(authorization_url) @app.before_request def load_user_data(): """Lädt Benutzerdaten vor jeder Anfrage für geschützte Routen.""" if "discord_user" in session: g.user_info = session["discord_user"] g.is_admin = session.get("is_admin", False) g.bot_running = bot_status() # Lädt den Bot-Status in g # Hole die Liste der Gilden aus der Datenbank connection = get_db_connection() cursor = connection.cursor(dictionary=True) # Lade die Gilden des Nutzers user_guilds = session.get("discord_guilds", []) user_guild_ids = [guild["id"] for guild in user_guilds] # Finde nur die Gilden, die auch in der Datenbank existieren cursor.execute("SELECT guild_id FROM guilds WHERE guild_id IN (%s)" % ','.join(['%s'] * len(user_guild_ids)), user_guild_ids) existing_guilds = cursor.fetchall() # Filtere die Gilden des Nutzers basierend auf der Existenz in der Datenbank g.guilds = [guild for guild in user_guilds if int(guild["id"]) in {g["guild_id"] for g in existing_guilds}] cursor.close() connection.close() else: # Falls der Benutzer nicht eingeloggt ist, keine Daten setzen g.user_info = None g.is_admin = False g.guilds = [] g.bot_running = False @app.route("/callback") def callback(): """Verarbeitet den OAuth2-Rückruf von Discord.""" try: discord = make_discord_session(state=session.get("oauth_state")) token = discord.fetch_token( DISCORD_TOKEN_URL, client_secret=DISCORD_CLIENT_SECRET, authorization_response=request.url, ) session['oauth_token'] = token # Abrufen der Benutzerinformationen von Discord user_info = discord.get(DISCORD_API_URL).json() session['discord_user'] = user_info # Hole die Gilden (Server), auf denen der Benutzer ist guilds_response = discord.get('https://discord.com/api/users/@me/guilds') if guilds_response.status_code != 200: flash("Fehler beim Abrufen der Gilden.", "danger") return redirect(url_for("landing_page")) guilds = guilds_response.json() session['discord_guilds'] = guilds # Speichere die Gilden in der Session # Prüfe die Admin-Berechtigungen in der bot_data Tabelle connection = get_db_connection() cursor = connection.cursor(dictionary=True) cursor.execute("SELECT global_permission FROM bot_data WHERE user_id = %s", (user_info["id"],)) bot_admin_data = cursor.fetchone() # Speichere Admin-Rechte in der Session session['is_admin'] = bool(bot_admin_data and bot_admin_data['global_permission'] >= 8) cursor.close() connection.close() # Leite zur User-Landing-Page weiter return redirect(url_for("user_landing_page")) except Exception as e: print(f"Error in OAuth2 callback: {e}") flash("Ein Fehler ist beim Authentifizierungsprozess aufgetreten.", "danger") return redirect(url_for("landing_page")) @app.route("/user_server_data/") def user_server_data(guild_id): """Zeigt die serverbezogenen Nutzerdaten für den ausgewählten Server an.""" if "discord_user" in session: user_info = session["discord_user"] user_id = user_info["id"] connection = get_db_connection() cursor = connection.cursor(dictionary=True) # Hole die serverbezogenen Nutzerdaten cursor.execute("SELECT * FROM user_data WHERE user_id = %s AND guild_id = %s", (user_id, guild_id)) user_data = cursor.fetchone() cursor.close() connection.close() if user_data: return render_template("user_server_data.html", user_info=user_info, user_data=user_data, guild_id=guild_id) else: flash("Keine Daten für diesen Server gefunden.", "warning") return redirect(url_for("user_landing_page")) return redirect(url_for("landing_page")) @app.route("/server_admin_dashboard/") def server_admin_dashboard(guild_id): """Serverbasiertes Admin-Dashboard für server-spezifische Admin-Rechte""" if g.user_info: user_id = g.user_info["id"] # Überprüfe, ob der Benutzer Admin-Rechte auf dem spezifischen Server hat connection = get_db_connection() cursor = connection.cursor(dictionary=True) cursor.execute("SELECT permission FROM user_data WHERE user_id = %s AND guild_id = %s", (user_id, guild_id)) user_data = cursor.fetchone() cursor.execute("SELECT name FROM guilds WHERE guild_id = %s", (guild_id,)) # Nehme an, du speicherst Guild-Infos guild_name = cursor.fetchone()["name"] cursor.close() connection.close() if user_data and user_data['permission'] >= 8: # Benutzer ist Admin auf diesem Server return render_template("server_admin_dashboard.html", guild_id=guild_id, guild_name=guild_name) return redirect(url_for("user_landing_page")) @app.route("/user_dashboard/") def user_dashboard(guild_id): """Serverbasiertes User-Dashboard""" if g.user_info: user_id = g.user_info["id"] # Hole die serverbezogenen Nutzerdaten connection = get_db_connection() cursor = connection.cursor(dictionary=True) # Überprüfe, ob der Benutzer Mitglied des Servers (Gilde) ist cursor.execute("SELECT * FROM user_data WHERE user_id = %s AND guild_id = %s", (user_id, guild_id)) user_data = cursor.fetchone() cursor.close() connection.close() if user_data: g.guild_id = guild_id # Setzt g.guild_id für die Navigation g.user_data = user_data return render_template("user_dashboard.html") else: flash("You do not have access to this server.", "danger") return redirect(url_for("user_landing_page")) flash("Please log in to view your dashboard.", "danger") return redirect(url_for("landing_page")) @app.route("/server_giveaways/") def server_giveaways(guild_id): """Serverbasiertes Giveaway-Management""" if g.user_info: user_id = g.user_info["id"] # Überprüfe, ob der Benutzer Admin-Rechte auf diesem Server hat connection = get_db_connection() cursor = connection.cursor(dictionary=True) cursor.execute("SELECT permission FROM user_data WHERE user_id = %s AND guild_id = %s", (user_id, guild_id)) user_data = cursor.fetchone() if user_data and user_data['permission'] >= 8: # Hole die Giveaways für diesen Server cursor.execute("SELECT * FROM giveaway_data WHERE guild_id = %s", (guild_id,)) giveaways = cursor.fetchall() cursor.close() connection.close() return render_template("server_giveaways.html", giveaways=giveaways, guild_id=guild_id) return redirect(url_for("user_landing_page")) @app.route("/user_landing_page") def user_landing_page(): """Zeigt die globale Benutzerdaten und die Liste der Server an.""" if g.user_info and "discord_guilds" in session: guilds = session["discord_guilds"] return render_template("user_landing_page.html", user_info=g.user_info, guilds=guilds) return redirect(url_for("landing_page")) @app.route("/global_admin_dashboard") def global_admin_dashboard(): """Globales Admin-Dashboard nur für globale Admins""" if g.is_admin: bot_running = bot_status() # Funktion, die den Status des Bots prüft return render_template("global_admin_dashboard.html", user_info=g.user_info, bot_running=bot_running) return redirect(url_for("user_landing_page")) @app.route("/logout") def logout(): """Meldet den Benutzer ab.""" session.clear() return redirect(url_for("landing_page")) # Bot Management Routes @app.route("/start_bot") def start(): if g.is_admin: start_bot() return redirect(url_for("global_admin_dashboard")) return redirect(url_for("landing_page")) @app.route("/stop_bot") def stop(): if g.is_admin: stop_bot() return redirect(url_for("global_admin_dashboard")) return redirect(url_for("landing_page")) if __name__ == "__main__": app.run(host="0.0.0.0", port=5000, debug=True)