DV8/GameExpo23
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/GameExpo23.git synced 2025-05-18 17:34:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
GameExpo23/TFR/server/api.py
Michał Gdula a4ebfa8552 Fuck so much to comment on 
Renamed the folders and containers to something more reasonable
Using .env file for secretes so I can better hide them from git
Mostly it, I think
2023-06-09 22:27:30 +03:00

86 lines
2.6 KiB
Python
Raw Blame History

import uuid
from flask import Blueprint, request, jsonify
from flask_login import login_required, current_user
from server.models import Tokens, Scores
from server.extensions import db
blueprint = Blueprint("api", __name__, url_prefix="/api")
@blueprint.route("/tokens", methods=["DELETE", "POST"])
@login_required
def tokens():
if request.method == "DELETE":
token_id = request.form["token_id"]
if not token_id:
return jsonify({"error": "No token ID provided!"}), 400
token = Tokens.query.filter_by(id=token_id).first()
if not token:
return jsonify({"error": "Token not found!"}), 404
if token.holder != current_user.id:
return jsonify({"error": "You do not own this token!"}), 403
db.session.delete(token)
db.session.commit()
return jsonify({"success": "Token deleted!"}), 200
elif request.method == "POST":
if len(Tokens.query.filter_by(holder=current_user.id).all()) >= 5:
return jsonify({"error": "You already have 5 tokens!"}), 403
token = Tokens(token=str(uuid.uuid4()), holder=current_user.id)
db.session.add(token)
db.session.commit()
return jsonify({"success": "Token added!"}), 200
@blueprint.route("/post", methods=["GET", "POST"])
def post():
if request.method == "GET":
return """
<form method="POST">
<input name="score">
<input name="difficulty">
<input name="token">
<button type="submit">Sub</button>
</form>
"""
form = request.form
if not form:
return "Invalid form", 400
if not form["token"]:
return "Invalid authentication", 401
# if not isinstance(form["score"], int):
# return "Score must be an integer", 400
if int(form["score"]) < 0:
return "Score must be greater than 0", 400
if int(form["difficulty"]) not in [0, 1, 2, 3, 4]:
# 0 = Easy, Level 1
# 1 = Easy, Level 2
# 2 = Easy, Level 3
# 3 = Normal
# 4 = Hard
return "Invalid difficulty", 400
if token := Tokens.query.filter_by(token=form["token"]).first():
# Yupeee, authenticated
score = Scores(
score=int(form["score"]),
difficulty=int(form["difficulty"]),
scorer=token.holder,
)
db.session.add(score)
db.session.commit()
return "Success!", 200
# L no authentication :3
return "Authentication failed", 401
Reference in a new issue View git blame Copy permalink