url encoding in python

2024-02-14 10:34:21 +05:30 · 2024-02-14 10:34:21 +05:30 · b5373d144e
parent bde73bf535
commit b5373d144e
1 changed files with 35 additions and 19 deletions
--- a/app/main.py
+++ b/app/main.py
@ -2,6 +2,7 @@ import os
 from flask import Flask, render_template, request, redirect, abort, url_for, session
 import requests
 from datetime import datetime
+from urllib.parse import quote_plus, urlencode

 def get_env_variable(var_name):
    value = os.environ.get(var_name)
@ -27,30 +28,45 @@ AUTH_URL = 'https://github.com/login/oauth/authorize'

@app.route('/')
 def home():
-    if is_logged_in():
-        token_id = session.get('token_id')
-        resp = requests.get(f'{database_url}/token/{token_id}')
-        raise_for_status(resp)
-        resp_json = resp.json()
-        token = resp_json['token']
+    """Home route that either shows user info or initiates OAuth flow."""
+    if 'token_id' in session:
+        try:
+            # Attempt to fetch user info using the stored access token
+            token_id = session['token_id']
+            resp = requests.get(f'{database_url}/token/{token_id}')
+            resp.raise_for_status()  # This will raise an exception for HTTP errors
+            token = resp.json()['token']

-        user_info = requests.get('https://api.github.com/user', headers={
-            'Authorization': f'Bearer {token.get("access_token")}'
-        }).json()
+            # Use the access token to fetch user info from GitHub
+            user_info_resp = requests.get('https://api.github.com/user', headers={'Authorization': f'token {token["access_token"]}'})
+            user_info_resp.raise_for_status()
+            user_info = user_info_resp.json()

-        last_synced = datetime.fromtimestamp(token.get('updated_at')).strftime('%Y-%m-%d %H:%M:%S')
-        next_sync = datetime.fromtimestamp(token.get('updated_at') + token.get('expiration_seconds')).strftime('%Y-%m-%d %H:%M:%S')
-        return render_template('home.html', user_login=user_info.get('login'), user_email=user_info.get('email'), # for inoreader it's userName and userEmail
-                                readwise_api_key=token.get('readwise_api_key') or '',
-                                last_synced=last_synced, next_sync=next_sync)
+            # Prepare user info and token details for rendering
+            last_synced = datetime.fromtimestamp(token['updated_at']).strftime('%Y-%m-%d %H:%M:%S')
+            next_sync = datetime.fromtimestamp(token['updated_at'] + token['expires_in']).strftime('%Y-%m-%d %H:%M:%S')

-    # Generate a CSRF protection string
-    session['csrf_protection_string'] = os.urandom(16).hex()
+            return render_template('home.html', user_info=user_info, last_synced=last_synced, next_sync=next_sync)
+        except Exception as e:
+            # Handle errors (e.g., token expired) by clearing the session and redirecting to login
+            session.pop('token_id', None)
+            return redirect(url_for('home'))

-    # Pass dynamic variables to the template
-    return render_template('login.html', auth_url=AUTH_URL, client_id=client_id, redirect_uri=redirect_uri, 
-                           optional_scopes=optional_scopes, csrf_protection_string=session.get('csrf_protection_string'))
+    else:
+        # User not logged in; start OAuth flow
+        session['csrf_protection_string'] = os.urandom(16).hex()  # CSRF protection

+        # Construct OAuth URL
+        params = {
+            'client_id': client_id,
+            'redirect_uri': redirect_uri,
+            'response_type': 'code',
+            'scope': optional_scopes,
+            'state': session['csrf_protection_string']
+        }
+        oauth_url = f'{AUTH_URL}?{urlencode(params)}'
+
+        return redirect(oauth_url)
@app.route('/oauth-redirect')
 def oauth_redirect():
    auth_code = request.args.get('code')