inoreader2readwise/app/main.py

94 lines
2.9 KiB
Python
Raw Permalink Normal View History

2024-01-24 12:29:35 +01:00
import os
from flask import Flask, render_template, request, redirect, abort
import requests
def get_env_variable(var_name):
value = os.environ.get(var_name)
if not value:
raise ValueError(f"Missing required environment variable: {var_name}")
return value
app = Flask(__name__)
# Read environment variables outside the route function
client_id = get_env_variable('CLIENT_ID')
redirect_uri = get_env_variable('REDIRECT_URI')
optional_scopes = get_env_variable('OPTIONAL_SCOPES')
database_url = get_env_variable('DATABASE_URL')
csrf_protection_string = None
@app.route('/')
def home():
if is_logged_in():
return render_template('success.html')
# Generate a CSRF protection string
global csrf_protection_string
csrf_protection_string = os.urandom(16).hex()
# Pass dynamic variables to the template
return render_template('index.html', client_id=client_id, redirect_uri=redirect_uri,
optional_scopes=optional_scopes, csrf_protection_string=csrf_protection_string)
@app.route('/oauth-redirect')
def oauth_redirect():
auth_code = request.args.get('code')
csrf_token = request.args.get('state')
# Verify the CSRF protection string
if csrf_token != csrf_protection_string:
abort(400, 'Invalid CSRF token. Please try again.')
# Exchange authorization code for access and refresh tokens
response = requests.post(
'https://www.inoreader.com/oauth2/token',
headers={
'Content-Type': 'application/x-www-form-urlencoded',
'User-agent': 'your-user-agent'
},
data={
'code': auth_code,
'redirect_uri': get_env_variable('REDIRECT_URI'),
'client_id': get_env_variable('CLIENT_ID'),
'client_secret': get_env_variable('CLIENT_SECRET'),
'scope': '',
'grant_type': 'authorization_code'
}
)
response.raise_for_status()
tokens = response.json()
# Save tokens for later use
save_tokens(tokens['access_token'], tokens['refresh_token'], tokens['expires_in'])
return redirect('/')
def is_logged_in():
response = requests.get(f'{database_url}/token/latest')
response.raise_for_status()
if response.status_code == 204:
return False
elif response.status_code == 200:
resp_json = response.json()
return resp_json['token']['expiration_seconds'] + resp_json['token']['timestamp'] > datetime.now().timestamp()
return False
def save_tokens(access_token, refresh_token, expiration_seconds):
response = requests.post(
f'{database_url}/token',
headers={
'Content-Type': 'application/json'
},
json={
'access_token': access_token,
'refresh_token': refresh_token,
'expiration_seconds': expiration_seconds
}
)
response.raise_for_status()
if __name__ == '__main__':
app.run(debug=True, port=5000)