DV8/GameExpo23
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/GameExpo23.git synced 2025-05-14 14:22:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
GameExpo23/TFR/server/api.py
Fluffy-Bean 76e7ec2058 Reorganise images in static folder 
Run black
2023-06-12 20:15:17 +01:00

142 lines
3.8 KiB
Python
Raw Blame History

import re
import shortuuid
from flask import Blueprint, request, jsonify
from flask_login import login_required, current_user
from werkzeug.security import check_password_hash
from server.models import Scores, Sessions, Users
from server.extensions import db
from server.config import (
GAME_VERSION,
GAME_VERSIONS,
GAME_DIFFICULTIES,
USER_MAX_TOKENS,
MAX_SEARCH_RESULTS,
USER_REGEX,
)
blueprint = Blueprint("api", __name__, url_prefix="/api")
@blueprint.route("/tokens", methods=["POST"])
@login_required
def tokens():
session_id = request.form["session_id"]
if not session_id:
return jsonify({"error": "No Session provided!"}), 400
session = Sessions.query.filter_by(id=session_id).first()
if not session:
return jsonify({"error": "Session not found!"}), 404
if session.user_id != current_user.id:
return jsonify({"error": "You do not own this session!"}), 403
db.session.delete(session)
db.session.commit()
return jsonify({"success": "Session deleted!"})
@blueprint.route("/post", methods=["POST"])
def post():
form = request.form
error = []
if not form:
error.append("No form data provided!")
if not form["session"]:
error.append("No session key provided!")
if not form["version"]:
error.append("No version provided!")
if error:
return jsonify(error), 400
try:
int(form["score"])
int(form["difficulty"])
except TypeError:
error.append("Invalid score and difficulty must be valid numbers!")
if int(form["difficulty"]) not in GAME_DIFFICULTIES:
error.append("Invalid difficulty!")
session_data = Sessions.query.filter_by(auth_key=form["session"]).first()
if not session_data:
error.append("Authentication failed!")
if error:
return jsonify(error), 400
score = Scores(
score=int(form["score"]),
difficulty=int(form["difficulty"]),
version=form["version"],
user_id=session_data.user_id,
)
db.session.add(score)
db.session.commit()
return "Success!"
@blueprint.route("/search", methods=["GET"])
def search():
search_arg = request.args.get("q")
if not search_arg:
return "No search query provided!", 400
users = (
Users.query.filter(Users.username.icontains(search_arg))
.limit(MAX_SEARCH_RESULTS)
.all()
)
return jsonify([user.username for user in users])
@blueprint.route("/login", methods=["POST"])
def login():
username = request.form["username"].strip()
password = request.form["password"].strip()
device = request.form["device"].strip()
username_regex = re.compile(USER_REGEX)
if not username or not username_regex.match(username) or not password:
return "Username or Password is incorrect!", 400
user = Users.query.filter_by(username=username).first()
if not user or not check_password_hash(user.password, password):
return "Username or Password is incorrect!", 400
session = Sessions(
user_id=user.id,
auth_key=str(shortuuid.ShortUUID().random(length=32)),
ip_address=request.remote_addr,
device_type=device,
)
db.session.add(session)
db.session.commit()
return str(session.auth_key)
@blueprint.route("/authenticate", methods=["POST"])
def authenticate():
auth_key = request.form["auth_key"].strip()
session = Sessions.query.filter_by(auth_key=auth_key).first()
if not session:
return "Invalid session", 400
user_data = Users.query.filter_by(id=session.user_id).first()
return jsonify({"username": user_data.username})
Reference in a new issue View git blame Copy permalink