Compare commits
No commits in common. "Services/part4" and "main" have entirely different histories.
Services/p
...
main
232
app/main.py
232
app/main.py
|
@ -1,232 +0,0 @@
|
||||||
import os
|
|
||||||
from flask import Flask, render_template, request, redirect, abort, url_for, session
|
|
||||||
import requests
|
|
||||||
from datetime import datetime
|
|
||||||
from urllib.parse import urlencode
|
|
||||||
|
|
||||||
def get_env_variable(var_name):
|
|
||||||
value = os.environ.get(var_name)
|
|
||||||
if not value:
|
|
||||||
raise ValueError(f"Missing required environment variable: {var_name}")
|
|
||||||
return value
|
|
||||||
|
|
||||||
app = Flask(__name__)
|
|
||||||
|
|
||||||
# Read environment variables outside the route function
|
|
||||||
client_id = get_env_variable('CLIENT_ID')
|
|
||||||
client_secret = get_env_variable('CLIENT_SECRET')
|
|
||||||
redirect_uri = get_env_variable('REDIRECT_URI')
|
|
||||||
optional_scopes = get_env_variable('OPTIONAL_SCOPES')
|
|
||||||
database_url = get_env_variable('DATABASE_URL')
|
|
||||||
secret_key = get_env_variable('APP_SECRET_KEY')
|
|
||||||
|
|
||||||
# Set secret key to enable sessions
|
|
||||||
app.secret_key = secret_key
|
|
||||||
|
|
||||||
# https://www.inoreader.com/oauth2/auth
|
|
||||||
AUTH_URL = 'https://github.com/login/oauth/authorize'
|
|
||||||
|
|
||||||
@app.route('/')
|
|
||||||
def home():
|
|
||||||
if is_logged_in():
|
|
||||||
token_id = session.get('token_id')
|
|
||||||
resp = requests.get(f'{database_url}/token/{token_id}')
|
|
||||||
raise_for_status(resp)
|
|
||||||
resp_json = resp.json()
|
|
||||||
token = resp_json['token']
|
|
||||||
|
|
||||||
user_info = requests.get('https://api.github.com/user', headers={
|
|
||||||
'Authorization': f'Bearer {token.get("access_token")}'
|
|
||||||
}).json()
|
|
||||||
|
|
||||||
last_synced = datetime.fromtimestamp(token.get('updated_at')).strftime('%Y-%m-%d %H:%M:%S')
|
|
||||||
next_sync = datetime.fromtimestamp(token.get('updated_at') + token.get('expiration_seconds')).strftime('%Y-%m-%d %H:%M:%S')
|
|
||||||
return render_template('home.html',
|
|
||||||
user_login=user_info.get('login'),
|
|
||||||
user_email=user_info.get('email'), # for inoreader it's userName and userEmail
|
|
||||||
readwise_api_key=token.get('readwise_api_key') or '',
|
|
||||||
last_synced=last_synced, next_sync=next_sync)
|
|
||||||
|
|
||||||
# Generate a CSRF protection string
|
|
||||||
session['csrf_protection_string'] = os.urandom(16).hex()
|
|
||||||
# Construct the OAuth URL with URL encoding
|
|
||||||
oauth_params = {
|
|
||||||
'client_id': client_id,
|
|
||||||
'redirect_uri': redirect_uri,
|
|
||||||
'response_type': 'code',
|
|
||||||
'scope': optional_scopes,
|
|
||||||
'state': session['csrf_protection_string']
|
|
||||||
}
|
|
||||||
# Use urlencode to properly encode the URL parameters
|
|
||||||
oauth_url = f'{AUTH_URL}?{urlencode(oauth_params)}'
|
|
||||||
|
|
||||||
|
|
||||||
# Pass dynamic variables to the template
|
|
||||||
# return render_template('login.html',oauth_url)
|
|
||||||
return render_template('login.html', oauth_url=oauth_url)
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@app.route('/oauth-redirect')
|
|
||||||
def oauth_redirect():
|
|
||||||
auth_code = request.args.get('code')
|
|
||||||
csrf_token = request.args.get('state')
|
|
||||||
|
|
||||||
# Verify the CSRF protection string
|
|
||||||
if csrf_token != session.get('csrf_protection_string'):
|
|
||||||
abort(403, 'Invalid CSRF token. Please try again.')
|
|
||||||
|
|
||||||
# Exchange authorization code for access and refresh tokens
|
|
||||||
# response = requests.post(
|
|
||||||
# 'https://www.inoreader.com/oauth2/token',
|
|
||||||
# headers={
|
|
||||||
# 'Content-Type': 'application/x-www-form-urlencoded',
|
|
||||||
# },
|
|
||||||
# data={
|
|
||||||
# 'code': auth_code,
|
|
||||||
# 'redirect_uri': redirect_uri,
|
|
||||||
# 'client_id': client_id,
|
|
||||||
# 'client_secret': client_secret,
|
|
||||||
# 'scope': '',
|
|
||||||
# 'grant_type': 'authorization_code'
|
|
||||||
# }
|
|
||||||
# )
|
|
||||||
|
|
||||||
# TEST: Github OAuth - REMOVE
|
|
||||||
response = requests.post(
|
|
||||||
'https://github.com/login/oauth/access_token',
|
|
||||||
headers={
|
|
||||||
'Accept': 'application/json'
|
|
||||||
},
|
|
||||||
data={
|
|
||||||
'code': auth_code,
|
|
||||||
'redirect_uri': redirect_uri,
|
|
||||||
'client_id': client_id,
|
|
||||||
'client_secret': client_secret,
|
|
||||||
}
|
|
||||||
)
|
|
||||||
|
|
||||||
raise_for_status(response)
|
|
||||||
|
|
||||||
token = response.json()
|
|
||||||
|
|
||||||
# TEST: Github OAuth - REMOVE
|
|
||||||
token['refresh_token'] = 'N/A'
|
|
||||||
token['expires_in'] = 3600
|
|
||||||
|
|
||||||
# REPLACE user API call with inoreader API call
|
|
||||||
# https://www.inoreader.com/reader/api/0/user-info
|
|
||||||
user_info = requests.get('https://api.github.com/user', headers={
|
|
||||||
'Authorization': f'Bearer {token.get("access_token")}'
|
|
||||||
}).json()
|
|
||||||
|
|
||||||
# Save tokens for later use
|
|
||||||
token_id = save_token(
|
|
||||||
user_info.get('email'), # for inoreader it's userEmail
|
|
||||||
token.get('access_token'),
|
|
||||||
token.get('refresh_token'),
|
|
||||||
token.get('expires_in')
|
|
||||||
)
|
|
||||||
|
|
||||||
set_session_token_id(token_id)
|
|
||||||
return redirect(url_for('home'))
|
|
||||||
|
|
||||||
# logout
|
|
||||||
@app.route('/logout', methods=['POST'])
|
|
||||||
def logout():
|
|
||||||
token_id = session.get('token_id')
|
|
||||||
|
|
||||||
if not token_id:
|
|
||||||
return redirect(url_for('home'))
|
|
||||||
|
|
||||||
# remove token_id from session
|
|
||||||
session.pop('token_id', None)
|
|
||||||
|
|
||||||
# response = requests.put(f'{database_url}/token/{token_id}', headers={
|
|
||||||
# 'Content-Type': 'application/json'
|
|
||||||
# }, json={
|
|
||||||
# 'is_logged_in': False
|
|
||||||
# })
|
|
||||||
# response.raise_for_status()
|
|
||||||
|
|
||||||
return redirect(url_for('home'))
|
|
||||||
|
|
||||||
@app.route('/readwise', methods=['POST'])
|
|
||||||
def submit_readwise_api():
|
|
||||||
token_id = session.get('token_id')
|
|
||||||
|
|
||||||
if not token_id:
|
|
||||||
return redirect(url_for('home'))
|
|
||||||
|
|
||||||
response = requests.put(f'{database_url}/token/{token_id}', headers={
|
|
||||||
'Content-Type': 'application/json'
|
|
||||||
}, json={
|
|
||||||
'readwise_api_key': request.form.get('readwise_api_key')
|
|
||||||
})
|
|
||||||
raise_for_status(response)
|
|
||||||
|
|
||||||
return redirect(url_for('home'))
|
|
||||||
|
|
||||||
def is_logged_in():
|
|
||||||
token_id = session.get('token_id')
|
|
||||||
if not token_id:
|
|
||||||
return False
|
|
||||||
|
|
||||||
response = requests.get(f'{database_url}/token/{token_id}')
|
|
||||||
raise_for_status(response)
|
|
||||||
resp_json = response.json()
|
|
||||||
token = resp_json['token']
|
|
||||||
|
|
||||||
return token.get('active', False)
|
|
||||||
|
|
||||||
def save_token(email, access_token, refresh_token, expiration_seconds):
|
|
||||||
# check if an active token with this email already exists
|
|
||||||
token_by_email_resp = requests.get(f'{database_url}/token?email={email}')
|
|
||||||
raise_for_status(token_by_email_resp)
|
|
||||||
|
|
||||||
if token_by_email_resp.status_code != 200:
|
|
||||||
response = requests.post(
|
|
||||||
f'{database_url}/token',
|
|
||||||
headers={
|
|
||||||
'Content-Type': 'application/json'
|
|
||||||
},
|
|
||||||
json={
|
|
||||||
'email': email,
|
|
||||||
'access_token': access_token,
|
|
||||||
'refresh_token': refresh_token,
|
|
||||||
'expiration_seconds': expiration_seconds
|
|
||||||
}
|
|
||||||
)
|
|
||||||
raise_for_status(response)
|
|
||||||
return response.json().get('id')
|
|
||||||
else:
|
|
||||||
token_by_email_resp_json = token_by_email_resp.json()
|
|
||||||
token = token_by_email_resp_json['token']
|
|
||||||
response = requests.put(
|
|
||||||
f'{database_url}/token/{token["id"]}',
|
|
||||||
headers={
|
|
||||||
'Content-Type': 'application/json'
|
|
||||||
},
|
|
||||||
json={
|
|
||||||
'access_token': access_token,
|
|
||||||
'refresh_token': refresh_token,
|
|
||||||
'expiration_seconds': expiration_seconds,
|
|
||||||
}
|
|
||||||
)
|
|
||||||
raise_for_status(response)
|
|
||||||
return token['id']
|
|
||||||
|
|
||||||
def set_session_token_id(token_id):
|
|
||||||
session['token_id'] = token_id
|
|
||||||
|
|
||||||
def raise_for_status(response):
|
|
||||||
if response.status_code not in range(200, 300):
|
|
||||||
msg = None
|
|
||||||
try:
|
|
||||||
msg = response.json().get('error', '')
|
|
||||||
except:
|
|
||||||
msg = response.text
|
|
||||||
raise Exception(f'HTTPError: {response.status_code} \n Message: {msg}')
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
|
||||||
app.run(host='0.0.0.0', debug=True, port=5000)
|
|
|
@ -1,2 +0,0 @@
|
||||||
Flask==3.0.1
|
|
||||||
requests==2.31.0
|
|
200
database/main.py
200
database/main.py
|
@ -1,200 +0,0 @@
|
||||||
from flask import Flask, jsonify, request
|
|
||||||
from flask_sqlalchemy import SQLAlchemy
|
|
||||||
from datetime import datetime
|
|
||||||
import uuid
|
|
||||||
|
|
||||||
app = Flask(__name__)
|
|
||||||
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///tokens.db' # Use SQLite for simplicity
|
|
||||||
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
|
|
||||||
db = SQLAlchemy(app)
|
|
||||||
|
|
||||||
class Token(db.Model):
|
|
||||||
id = db.Column(db.String(36), primary_key=True, default=str(uuid.uuid4()))
|
|
||||||
email = db.Column(db.String(255), nullable=False)
|
|
||||||
access_token = db.Column(db.String(255), nullable=False)
|
|
||||||
refresh_token = db.Column(db.String(255), nullable=False)
|
|
||||||
expiration_seconds = db.Column(db.Integer, nullable=False)
|
|
||||||
readwise_api_key = db.Column(db.String(255))
|
|
||||||
active = db.Column(db.Boolean, default=True)
|
|
||||||
created_at = db.Column(db.DateTime, default=datetime.utcnow)
|
|
||||||
updated_at = db.Column(db.DateTime, default=datetime.utcnow)
|
|
||||||
|
|
||||||
def __repr__(self):
|
|
||||||
return f'<Token {self.id}>'
|
|
||||||
|
|
||||||
# This table stores email-wise last annotation timestamp
|
|
||||||
# only one entry per email
|
|
||||||
class AnnotationLastUpdate(db.Model):
|
|
||||||
id = db.Column(db.String(36), primary_key=True, default=str(uuid.uuid4()))
|
|
||||||
email = db.Column(db.String(255), nullable=False)
|
|
||||||
last_update_time = db.Column(db.DateTime, nullable=False)
|
|
||||||
created_at = db.Column(db.DateTime, default=datetime.utcnow)
|
|
||||||
updated_at = db.Column(db.DateTime, default=datetime.utcnow)
|
|
||||||
|
|
||||||
def __repr__(self):
|
|
||||||
return f'<AnnotationLastUpdate {self.id}>'
|
|
||||||
|
|
||||||
# Create an application context
|
|
||||||
with app.app_context():
|
|
||||||
db.create_all()
|
|
||||||
|
|
||||||
# API to create a new token entry
|
|
||||||
@app.route('/token', methods=['POST'])
|
|
||||||
def create_token():
|
|
||||||
data = request.get_json()
|
|
||||||
email = data.get('email')
|
|
||||||
access_token = data.get('access_token')
|
|
||||||
refresh_token = data.get('refresh_token')
|
|
||||||
expiration_seconds = data.get('expiration_seconds')
|
|
||||||
readwise_api_key = data.get('readwise_api_key')
|
|
||||||
|
|
||||||
required_fields = ['email', 'access_token', 'refresh_token', 'expiration_seconds']
|
|
||||||
missing_fields = [field for field in required_fields if not data.get(field)]
|
|
||||||
|
|
||||||
if missing_fields:
|
|
||||||
return jsonify({'error': f'Missing required fields: {", ".join(missing_fields)}'}), 400
|
|
||||||
|
|
||||||
# unique email when active is true
|
|
||||||
existing_token = Token.query.filter_by(email=email, active=True).first()
|
|
||||||
if existing_token:
|
|
||||||
return jsonify({'error': 'An active token with this email already exists'}), 400
|
|
||||||
|
|
||||||
new_token = Token(
|
|
||||||
email=email,
|
|
||||||
access_token=access_token,
|
|
||||||
refresh_token=refresh_token,
|
|
||||||
expiration_seconds=expiration_seconds,
|
|
||||||
readwise_api_key=readwise_api_key
|
|
||||||
)
|
|
||||||
db.session.add(new_token)
|
|
||||||
db.session.commit()
|
|
||||||
|
|
||||||
return jsonify({'id': new_token.id}), 201
|
|
||||||
|
|
||||||
# API to get the token based on the id
|
|
||||||
@app.route('/token/<id>', methods=['GET'])
|
|
||||||
def get_token_by_id(id):
|
|
||||||
token = Token.query.get(id)
|
|
||||||
if not token:
|
|
||||||
return jsonify({'error': 'Token not found'}), 404
|
|
||||||
token_info = {
|
|
||||||
'id': token.id,
|
|
||||||
'email': token.email,
|
|
||||||
'access_token': token.access_token,
|
|
||||||
'refresh_token': token.refresh_token,
|
|
||||||
'expiration_seconds': int(token.expiration_seconds),
|
|
||||||
'readwise_api_key': token.readwise_api_key,
|
|
||||||
'active': token.active,
|
|
||||||
'created_at': int(token.created_at.timestamp()),
|
|
||||||
'updated_at': int(token.updated_at.timestamp())
|
|
||||||
}
|
|
||||||
return jsonify({'token': token_info}), 200
|
|
||||||
|
|
||||||
# API to get the token based on the email
|
|
||||||
@app.route('/token', methods=['GET'])
|
|
||||||
def get_token_by_email():
|
|
||||||
email = request.args.get('email')
|
|
||||||
if not email:
|
|
||||||
return jsonify({'error': 'Missing email query parameter'}), 400
|
|
||||||
token = Token.query.filter_by(email=email, active=True).first()
|
|
||||||
if not token:
|
|
||||||
return '', 204
|
|
||||||
token_info = {
|
|
||||||
'id': token.id,
|
|
||||||
'email': token.email,
|
|
||||||
'access_token': token.access_token,
|
|
||||||
'refresh_token': token.refresh_token,
|
|
||||||
'expiration_seconds': int(token.expiration_seconds),
|
|
||||||
'readwise_api_key': token.readwise_api_key,
|
|
||||||
'active': token.active,
|
|
||||||
'created_at': int(token.created_at.timestamp()),
|
|
||||||
'updated_at': int(token.updated_at.timestamp())
|
|
||||||
}
|
|
||||||
return jsonify({'token': token_info}), 200
|
|
||||||
|
|
||||||
# API to update the token based on the id
|
|
||||||
@app.route('/token/<id>', methods=['PUT'])
|
|
||||||
def update_token_by_id(id):
|
|
||||||
token = Token.query.get_or_404(id)
|
|
||||||
data = request.get_json()
|
|
||||||
token.access_token = data.get('access_token', token.access_token)
|
|
||||||
token.refresh_token = data.get('refresh_token', token.refresh_token)
|
|
||||||
token.expiration_seconds = data.get('expiration_seconds', token.expiration_seconds)
|
|
||||||
token.readwise_api_key = data.get('readwise_api_key', token.readwise_api_key)
|
|
||||||
token.updated_at = datetime.utcnow()
|
|
||||||
db.session.commit()
|
|
||||||
return '', 204
|
|
||||||
|
|
||||||
# deactivate token
|
|
||||||
@app.route('/token/<id>/deactivate', methods=['POST'])
|
|
||||||
def deactivate_token_by_id(id):
|
|
||||||
token = Token.query.get_or_404(id)
|
|
||||||
token.active = False
|
|
||||||
db.session.commit()
|
|
||||||
return '', 204
|
|
||||||
|
|
||||||
# get all tokens
|
|
||||||
@app.route('/token/all', methods=['GET'])
|
|
||||||
def get_all_tokens():
|
|
||||||
only_active = request.args.get('only_active')
|
|
||||||
tokens = Token.query.all() if not only_active else Token.query.filter_by(active=True).all()
|
|
||||||
tokens_info = [{
|
|
||||||
'id': token.id,
|
|
||||||
'email': token.email,
|
|
||||||
'access_token': token.access_token,
|
|
||||||
'refresh_token': token.refresh_token,
|
|
||||||
'expiration_seconds': int(token.expiration_seconds),
|
|
||||||
'readwise_api_key': token.readwise_api_key,
|
|
||||||
'active': token.active,
|
|
||||||
'created_at': int(token.created_at.timestamp()),
|
|
||||||
'updated_at': int(token.updated_at.timestamp())
|
|
||||||
} for token in tokens]
|
|
||||||
return jsonify({'tokens': tokens_info}), 200
|
|
||||||
|
|
||||||
# API to create or update the last annotation timestamp
|
|
||||||
@app.route('/annotation_last_update', methods=['POST'])
|
|
||||||
def create_or_update_annotation_last_update():
|
|
||||||
data = request.get_json()
|
|
||||||
email = data.get('email')
|
|
||||||
last_update_time = data.get('last_update_time')
|
|
||||||
|
|
||||||
required_fields = ['email', 'last_update_time']
|
|
||||||
missing_fields = [field for field in required_fields if not data.get(field)]
|
|
||||||
|
|
||||||
if missing_fields:
|
|
||||||
return jsonify({'error': f'Missing required fields: {", ".join(missing_fields)}'}), 400
|
|
||||||
|
|
||||||
existing_annotation_last_update = AnnotationLastUpdate.query.filter_by(email=email).first()
|
|
||||||
if existing_annotation_last_update:
|
|
||||||
existing_annotation_last_update.last_update_time = last_update_time
|
|
||||||
existing_annotation_last_update.updated_at = datetime.utcnow()
|
|
||||||
db.session.commit()
|
|
||||||
return '', 204
|
|
||||||
else:
|
|
||||||
new_annotation_last_update = AnnotationLastUpdate(
|
|
||||||
email=email,
|
|
||||||
last_update_time=last_update_time
|
|
||||||
)
|
|
||||||
db.session.add(new_annotation_last_update)
|
|
||||||
db.session.commit()
|
|
||||||
return '', 204
|
|
||||||
|
|
||||||
# API to get the last annotation timestamp based on the email
|
|
||||||
@app.route('/annotation_last_update/<email>', methods=['GET'])
|
|
||||||
def get_annotation_last_update_by_email(email):
|
|
||||||
if not email:
|
|
||||||
return jsonify({'error': 'Missing email query parameter'}), 400
|
|
||||||
annotation_last_update = AnnotationLastUpdate.query.filter_by(email=email).first()
|
|
||||||
if not annotation_last_update:
|
|
||||||
return '', 204
|
|
||||||
annotation_last_update_info = {
|
|
||||||
'id': annotation_last_update.id,
|
|
||||||
'email': annotation_last_update.email,
|
|
||||||
'last_update_time': int(annotation_last_update.last_update_time.timestamp()),
|
|
||||||
'created_at': int(annotation_last_update.created_at.timestamp()),
|
|
||||||
'updated_at': int(annotation_last_update.updated_at.timestamp())
|
|
||||||
}
|
|
||||||
return jsonify(annotation_last_update_info), 200
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
|
||||||
app.run(host='0.0.0.0', port=5000, debug=True)
|
|
|
@ -1,2 +0,0 @@
|
||||||
Flask==3.0.1
|
|
||||||
Flask-SQLAlchemy==3.1.1
|
|
Loading…
Reference in New Issue
Block a user