Compare commits

...

10 Commits

Author SHA1 Message Date
a43479276b
fixes: constant AUTH_URL & better csrf handeling 2024-02-07 12:43:26 +05:30
10dab44a27
app: update dummy.env 2024-02-01 16:37:36 +05:30
68869249bc
app: fix user_info error 2024-02-01 16:37:36 +05:30
dd850ca6e1
app: minor improvements 2024-02-01 16:37:35 +05:30
706ff9d90f
db: Table and apis for last annotation time 2024-02-01 16:37:35 +05:30
889469dcff
job: get/update last annotation time from database 2024-02-01 16:37:35 +05:30
1c0f991977
added dummy.env for reference 2024-02-01 16:37:34 +05:30
ee9b4b10a1
job: Run job for all active tokens
- check, deactivate, & refresh token
- better logging
2024-02-01 16:37:34 +05:30
65656ff559
db: API to deactivate token & fixes 2024-02-01 16:37:34 +05:30
e80e88bb99
app: Comments - inoreader user-info 2024-02-01 16:37:33 +05:30
7 changed files with 205 additions and 62 deletions

8
app/dummy.env Normal file
View File

@ -0,0 +1,8 @@
CLIENT_ID=
CLIENT_SECRET=
REDIRECT_URI=
OPTIONAL_SCOPES=
DATABASE_URL=
# generated by `openssl rand -hex 24` - used to encrypt session
APP_SECRET_KEY=

View File

@ -13,6 +13,7 @@ app = Flask(__name__)
# Read environment variables outside the route function
client_id = get_env_variable('CLIENT_ID')
client_secret = get_env_variable('CLIENT_SECRET')
redirect_uri = get_env_variable('REDIRECT_URI')
optional_scopes = get_env_variable('OPTIONAL_SCOPES')
database_url = get_env_variable('DATABASE_URL')
@ -21,7 +22,8 @@ secret_key = get_env_variable('APP_SECRET_KEY')
# Set secret key to enable sessions
app.secret_key = secret_key
csrf_protection_string = None
# https://www.inoreader.com/oauth2/auth
AUTH_URL = 'https://github.com/login/oauth/authorize'
@app.route('/')
def home():
@ -38,17 +40,16 @@ def home():
last_synced = datetime.fromtimestamp(token.get('updated_at')).strftime('%Y-%m-%d %H:%M:%S')
next_sync = datetime.fromtimestamp(token.get('updated_at') + token.get('expiration_seconds')).strftime('%Y-%m-%d %H:%M:%S')
return render_template('home.html', user_info=user_info,
return render_template('home.html', user_login=user_info.get('login'), user_email=user_info.get('email'), # for inoreader it's userName and userEmail
readwise_api_key=token.get('readwise_api_key') or '',
last_synced=last_synced, next_sync=next_sync)
# Generate a CSRF protection string
global csrf_protection_string
csrf_protection_string = os.urandom(16).hex()
session['csrf_protection_string'] = os.urandom(16).hex()
# Pass dynamic variables to the template
return render_template('login.html', client_id=client_id, redirect_uri=redirect_uri,
optional_scopes=optional_scopes, csrf_protection_string=csrf_protection_string)
return render_template('login.html', auth_url=AUTH_URL, client_id=client_id, redirect_uri=redirect_uri,
optional_scopes=optional_scopes, csrf_protection_string=session.get('csrf_protection_string'))
@app.route('/oauth-redirect')
def oauth_redirect():
@ -56,8 +57,8 @@ def oauth_redirect():
csrf_token = request.args.get('state')
# Verify the CSRF protection string
if csrf_token != csrf_protection_string:
abort(400, 'Invalid CSRF token. Please try again.')
if csrf_token != session.get('csrf_protection_string'):
abort(403, 'Invalid CSRF token. Please try again.')
# Exchange authorization code for access and refresh tokens
# response = requests.post(
@ -67,9 +68,9 @@ def oauth_redirect():
# },
# data={
# 'code': auth_code,
# 'redirect_uri': get_env_variable('REDIRECT_URI'),
# 'client_id': get_env_variable('CLIENT_ID'),
# 'client_secret': get_env_variable('CLIENT_SECRET'),
# 'redirect_uri': redirect_uri,
# 'client_id': client_id,
# 'client_secret': client_secret,
# 'scope': '',
# 'grant_type': 'authorization_code'
# }
@ -83,9 +84,9 @@ def oauth_redirect():
},
data={
'code': auth_code,
'redirect_uri': get_env_variable('REDIRECT_URI'),
'client_id': get_env_variable('CLIENT_ID'),
'client_secret': get_env_variable('CLIENT_SECRET')
'redirect_uri': redirect_uri,
'client_id': client_id,
'client_secret': client_secret,
}
)
@ -97,6 +98,8 @@ def oauth_redirect():
token['refresh_token'] = 'N/A'
token['expires_in'] = 3600
# REPLACE user API call with inoreader API call
# https://www.inoreader.com/reader/api/0/user-info
user_info = requests.get('https://api.github.com/user', headers={
'Authorization': f'Bearer {token.get("access_token")}'
}).json()

View File

@ -6,7 +6,7 @@
<title>Inoreader To Readwise</title>
</head>
<body>
<h1>Logged In as {{ user_info.login }}({{user_info.name}})</h1>
<h1>Logged In as {{ user_login }} - {{ user_email }}</h1>
<!-- show last synced and next synced time -->
<p>Last Synced: {{ last_synced }}</p>

View File

@ -15,8 +15,7 @@
var encodedOptionalScopes = encodeURIComponent('{{ optional_scopes }}');
// Construct the URL using Jinja variables
// var oauthUrl = `https://www.inoreader.com/oauth2/auth?client_id={{ client_id }}&redirect_uri=${encodedRedirectUri}&response_type=code&scope=${encodedOptionalScopes}&state={{ csrf_protection_string }}`;
var oauthUrl = `https://github.com/login/oauth/authorize?client_id={{ client_id }}&redirect_uri=${encodedRedirectUri}&response_type=code&scope=${encodedOptionalScopes}&state={{ csrf_protection_string }}`;
var oauthUrl = `{{ auth_url }}?client_id={{ client_id }}&redirect_uri=${encodedRedirectUri}&response_type=code&scope=${encodedOptionalScopes}&state={{ csrf_protection_string }}`;
// Redirect to the constructed URL
window.location.href = oauthUrl;

View File

@ -22,6 +22,18 @@ class Token(db.Model):
def __repr__(self):
return f'<Token {self.id}>'
# This table stores email-wise last annotation timestamp
# only one entry per email
class AnnotationLastUpdate(db.Model):
id = db.Column(db.String(36), primary_key=True, default=str(uuid.uuid4()))
email = db.Column(db.String(255), nullable=False)
last_update_time = db.Column(db.DateTime, nullable=False)
created_at = db.Column(db.DateTime, default=datetime.utcnow)
updated_at = db.Column(db.DateTime, default=datetime.utcnow)
def __repr__(self):
return f'<AnnotationLastUpdate {self.id}>'
# Create an application context
with app.app_context():
db.create_all()
@ -34,6 +46,7 @@ def create_token():
access_token = data.get('access_token')
refresh_token = data.get('refresh_token')
expiration_seconds = data.get('expiration_seconds')
readwise_api_key = data.get('readwise_api_key')
required_fields = ['email', 'access_token', 'refresh_token', 'expiration_seconds']
missing_fields = [field for field in required_fields if not data.get(field)]
@ -46,7 +59,13 @@ def create_token():
if existing_token:
return jsonify({'error': 'An active token with this email already exists'}), 400
new_token = Token(email=email, access_token=access_token, refresh_token=refresh_token, expiration_seconds=expiration_seconds)
new_token = Token(
email=email,
access_token=access_token,
refresh_token=refresh_token,
expiration_seconds=expiration_seconds,
readwise_api_key=readwise_api_key
)
db.session.add(new_token)
db.session.commit()
@ -101,16 +120,24 @@ def update_token_by_id(id):
token.access_token = data.get('access_token', token.access_token)
token.refresh_token = data.get('refresh_token', token.refresh_token)
token.expiration_seconds = data.get('expiration_seconds', token.expiration_seconds)
token.active = data.get('active', token.active)
token.readwise_api_key = data.get('readwise_api_key', token.readwise_api_key)
token.updated_at = datetime.utcnow()
db.session.commit()
return '', 204
# deactivate token
@app.route('/token/<id>/deactivate', methods=['POST'])
def deactivate_token_by_id(id):
token = Token.query.get_or_404(id)
token.active = False
db.session.commit()
return '', 204
# get all tokens
@app.route('/token/all', methods=['GET'])
def get_all_tokens():
tokens = Token.query.all()
only_active = request.args.get('only_active')
tokens = Token.query.all() if not only_active else Token.query.filter_by(active=True).all()
tokens_info = [{
'id': token.id,
'email': token.email,
@ -124,5 +151,50 @@ def get_all_tokens():
} for token in tokens]
return jsonify({'tokens': tokens_info}), 200
# API to create or update the last annotation timestamp
@app.route('/annotation_last_update', methods=['POST'])
def create_or_update_annotation_last_update():
data = request.get_json()
email = data.get('email')
last_update_time = data.get('last_update_time')
required_fields = ['email', 'last_update_time']
missing_fields = [field for field in required_fields if not data.get(field)]
if missing_fields:
return jsonify({'error': f'Missing required fields: {", ".join(missing_fields)}'}), 400
existing_annotation_last_update = AnnotationLastUpdate.query.filter_by(email=email).first()
if existing_annotation_last_update:
existing_annotation_last_update.last_update_time = last_update_time
existing_annotation_last_update.updated_at = datetime.utcnow()
db.session.commit()
return '', 204
else:
new_annotation_last_update = AnnotationLastUpdate(
email=email,
last_update_time=last_update_time
)
db.session.add(new_annotation_last_update)
db.session.commit()
return '', 204
# API to get the last annotation timestamp based on the email
@app.route('/annotation_last_update/<email>', methods=['GET'])
def get_annotation_last_update_by_email(email):
if not email:
return jsonify({'error': 'Missing email query parameter'}), 400
annotation_last_update = AnnotationLastUpdate.query.filter_by(email=email).first()
if not annotation_last_update:
return '', 204
annotation_last_update_info = {
'id': annotation_last_update.id,
'email': annotation_last_update.email,
'last_update_time': int(annotation_last_update.last_update_time.timestamp()),
'created_at': int(annotation_last_update.created_at.timestamp()),
'updated_at': int(annotation_last_update.updated_at.timestamp())
}
return jsonify(annotation_last_update_info), 200
if __name__ == '__main__':
app.run(host='0.0.0.0', port=5000, debug=True)

3
job/dummy.env Normal file
View File

@ -0,0 +1,3 @@
DATABASE_URL=
INOREADER_CLIENT_ID=
INOREADER_CLIENT_SECRET=

View File

@ -25,19 +25,33 @@ class APIHandler:
response.raise_for_status()
return response.status_code
def get_last_update_time():
with open(DATA_STORE_PATH, 'r') as file:
return int(file.read().strip())
def get_last_update_time(email):
response = requests.get(f'{DATABASE_URL}/annotation_last_update/{email}')
response.raise_for_status()
def update_last_update_time(new_time):
with open(DATA_STORE_PATH, 'w') as file:
file.write(str(new_time))
if response.status_code == 204:
return 0
elif response.status_code == 200:
return response.json()['last_update_time']
def get_new_annotations(last_annotation_time):
def update_last_update_time(email, new_time):
response = requests.post(
f'{DATABASE_URL}/annotation_last_update',
headers={
'Content-Type': 'application/json'
},
json={
'email': email,
'last_update_time': new_time
}
)
response.raise_for_status()
def get_new_annotations(last_annotation_time, inoreader_token):
inoreader = APIHandler(
"https://www.inoreader.com/reader/api/0/stream/contents",
headers = {
'Authorization': 'Bearer ' + get_inoreader_access_token()
'Authorization': 'Bearer ' + inoreader_token()
}
)
@ -74,11 +88,11 @@ def get_new_annotations(last_annotation_time):
return [annotation for annotation in all_annotations if annotation['added_on'] > last_annotation_time]
def push_annotations_to_readwise(annotations):
def push_annotations_to_readwise(annotations, readwise_token):
readwise = APIHandler(
"https://readwise.io",
headers = {
'Authorization': 'Token ' + os.getenv("READWISE_ACCESS_TOKEN"),
'Authorization': 'Token ' + readwise_token,
'Content-Type': 'application/json'
}
)
@ -101,29 +115,29 @@ def push_annotations_to_readwise(annotations):
}
)
def get_inoreader_access_token():
response = requests.get(f'{DATABASE_URL}/token/latest')
response.raise_for_status()
# def get_inoreader_access_token():
# response = requests.get(f'{DATABASE_URL}/token/latest')
# response.raise_for_status()
if response.status_code == 204:
# throw error - not logged in. Please log in first through the web app
raise Exception("Not logged in. Please log in first through the web app")
elif response.status_code == 200:
resp_json = response.json()
if resp_json['token']['expiration_seconds'] + resp_json['token']['timestamp'] > datetime.now().timestamp():
return resp_json['token']['access_token']
else:
return refresh_inoreader_access_token(resp_json['token']['refresh_token'])
# if response.status_code == 204:
# # throw error - not logged in. Please log in first through the web app
# raise Exception("Not logged in. Please log in first through the web app")
# elif response.status_code == 200:
# resp_json = response.json()
# if resp_json['token']['expiration_seconds'] + resp_json['token']['timestamp'] > datetime.now().timestamp():
# return resp_json['token']['access_token']
# else:
# return refresh_inoreader_access_token(resp_json['token']['refresh_token'])
access_token = get_token_from_database()
if not access_token:
access_token = refresh_inoreader_access_token()
# access_token = get_token_from_database()
# if not access_token:
# access_token = refresh_inoreader_access_token()
if not access_token:
raise Exception("Unable to get access token. Try logging in again through the web app")
return access_token
# if not access_token:
# raise Exception("Unable to get access token. Try logging in again through the web app")
# return access_token
def refresh_inoreader_access_token(refresh_token):
def refresh_inoreader_access_token(refresh_token, readwise_api_key):
response = requests.post(
'https://www.inoreader.com/oauth2/token',
headers={
@ -139,40 +153,84 @@ def refresh_inoreader_access_token(refresh_token):
response.raise_for_status()
tokens = response.json()
token = response.json()
user_info = requests.get('https://www.inoreader.com/reader/api/0/user-info', headers={
'Authorization': f'Bearer {token.get("access_token")}'
}).json()
# Save tokens for later use
save_tokens(tokens['access_token'], tokens['refresh_token'], tokens['expires_in'])
save_token(
user_info.get('userEmail'),
token['access_token'],
token['refresh_token'],
token['expires_in'],
readwise_api_key
)
return tokens['access_token']
return token['access_token'], readwise_api_key
def save_tokens(access_token, refresh_token, expiration_seconds):
def save_token(email, access_token, refresh_token, expiration_seconds, readwise_api_key):
response = requests.post(
f'{DATABASE_URL}/token',
headers={
'Content-Type': 'application/json'
},
json={
'email': email,
'access_token': access_token,
'refresh_token': refresh_token,
'expiration_seconds': expiration_seconds
'expiration_seconds': expiration_seconds,
'readwise_api_key': readwise_api_key
}
)
response.raise_for_status()
def get_all_active_tokens():
response = requests.get(f'{DATABASE_URL}/token/all?only_active=true')
response.raise_for_status()
if response.status_code == 200:
return response.json()['tokens']
else:
return []
def deactivate_token(token_id):
response = requests.post(
f'{DATABASE_URL}/token/{token_id}/deactivate',
headers={
'Content-Type': 'application/json'
}
)
response.raise_for_status()
def check_and_refresh_access_token(token):
if token['expiration_seconds'] + token['timestamp'] > datetime.now().timestamp():
return token['access_token'], token['readwise_api_key']
else:
deactivate_token(token['id'])
return refresh_inoreader_access_token(token['refresh_token'], token['readwise_api_key'])
def main():
while True:
try:
last_annotation_time = get_last_update_time()
new_annotations = get_new_annotations(last_annotation_time)
all_tokens = get_all_active_tokens()
for token in all_tokens:
logging.info("Checking for new annotations for user with email: {}".format(token['email']))
if new_annotations:
latest_added_on = max(annotation['added_on'] for annotation in new_annotations)
push_annotations_to_readwise(new_annotations)
update_last_update_time(latest_added_on)
else:
logging.info("No new annotations found")
inoreader_token, readwise_api_key = check_and_refresh_access_token(token)
last_annotation_time = get_last_update_time(token['email'])
new_annotations = get_new_annotations(last_annotation_time, inoreader_token)
if new_annotations:
latest_added_on = max(annotation['added_on'] for annotation in new_annotations)
push_annotations_to_readwise(new_annotations, readwise_api_key)
update_last_update_time(token['email'], latest_added_on)
logging.info("Successfully pushed {} new annotations to Readwise for user with email: {}".format(len(new_annotations), token['email']))
else:
logging.info("No new annotations found for user with email: {}".format(token['email']))
time.sleep(86400) # Sleep for 24 hours