
* fix scraping failure with wepb image (merge upstream/fix-webp-scrape) * add filetype to requirements * add proxycrawl.com as fallback for douban scraper * load 3p js/css from cdn * add fix-cover task * fix book/album cover tasks * scrapestack * bandcamp scrape and preview ; manage.py scrape <url> ; make ^C work when DEBUG * use scrapestack when fix cover * add user agent to improve compatibility * search BandCamp for music albums * add missing MovieGenre * fix search 500 when song has no parent album * adjust timeout * individual scrapers * fix tmdb parser * export marks via rq; pref to send public toot; move import to data page * fix spotify import * fix edge cases * export: fix dupe tags * use rq to manage doufen import * add django command to manage rq jobs * fix export edge case * tune rq admin * fix detail page 502 step 1: async pull mastodon follow/block/mute list * fix detail page 502 step 2: calculate relationship by local cached data * manual sync mastodon follow info * domain_blocks parsing fix * marks by who i follows * adjust label * use username in urls * add page to list a user\'s review * review widget on user home page * fix preview 500 * fix typo * minor fix * fix google books parsing * allow mark/review visible to oneself * fix auto sync masto for new user * fix search 500 * add command to restart a sync task * reset visibility * delete user data * fix tag search result pagination * not upgrade to django 4 yet * basic doc * wip: collection * wip * wip * collection use htmx * show in-collection section for entities * fix typo * add su for easier debug * fix some 500s * fix login using alternative domain * hide data from disabled user * add item to list from detail page * my tags * collection: inline comment edit * show number of ratings * fix collection delete * more detail in collection view * use item template in search result * fix 500 * write index to meilisearch * fix search * reindex in batch * fix 500 * show search result from meilisearch * more search commands * index less fields * index new items only * search highlights * fix 500 * auto set search category * classic search if no meili server * fix index stats error * support typesense backend * workaround typesense bug * make external search async * fix 500, typo * fix cover scripts * fix minor issue in douban parser * supports m.douban.com and customized bandcamp domain * move account * reword with gender-friendly and instance-neutral language * Friendica does not have vapid_key in api response * enable anonymous search * tweak book result template * API v0 API v0 * fix meilisearch reindex * fix search by url error * login via twitter.com * login via pixelfed * minor fix * no refresh on inactive users * support refresh access token * get rid of /users/number-id/ * refresh twitter handler automatically * paste image when review * support PixelFed (very long token) * fix django-markdownx version * ignore single quote for meilisearch for now * update logo * show book review/mark from same isbn * show movie review/mark from same imdb * fix login with older mastodon servers * import Goodreads book list and profile * add timestamp to Goodreads import * support new google books api * import goodreads list * minor goodreads fix * click corner action icon to add to wishlist * clean up duplicated code * fix anonymous search * fix 500 * minor fix search 500 * show rating only if votes > 5 * Entity.refresh_rating() * preference to append text when sharing; clean up duplicated code * fix missing data for user tagged view * fix page link for tag view * fix 500 when language field longer than 10 * fix 500 when sharing mark for song * fix error when reimport goodread profile * fix minor typo * fix a rare 500 * error log dump less * fix tags in marks export * fix missing param in pagination * import douban review * clarify text * fix missing sheet in review import * review: show in progress * scrape douban: ignore unknown genre * minor fix * improve review import by guess entity urls * clear guide text for review import * improve review import form text * workaround some 500 * fix mark import error * fix img in review import * load external results earlier * ignore search server errors * simplify user register flow to avoid inconsistent state * Add a learn more link on login page * Update login.html * show mark created timestamp as mark time * no 500 for api error * redirect for expired tokens * ensure preference object created. * mark collections * tag list * fix tag display * fix sorting etc * fix 500 * fix potential export 500; save shared links * fix share to twittwe * fix review url * fix 500 * fix 500 * add timeline, etc * missing status change in timeline * missing id in timeline * timeline view by default * workaround bug in markdownx... * fix typo * option to create new collection when add from detail page * add missing announcement and tags in timeline home * add missing announcement * add missing announcement * opensearch * show fediverse shared link * public review no longer requires login * fix markdownx bug * fix 500 * use cloudflare cdn * validate jquery load and domain input * fix 500 * tips for goodreads import * collaborative collection * show timeline and profile link on nav bar * minor tweak * share collection * fix Goodreads search * show wish mark in timeline * resync failed urls with local proxy * resync failed urls with local proxy: check proxy first * scraper minor fix * resync failed urls * fix fields limit * fix douban parsing error * resync * scraper minor fix * scraper minor fix * scraper minor fix * local proxy * local proxy * sync default config from neodb * configurable site name * fix 500 * fix 500 for anonymous user * add sentry * add git version in log * add git version in log * no longer rely on cdnjs.cloudflare.com * move jq/cash to _common_libs template partial * fix rare js error * fix 500 * avoid double submission error * import tag in lower case * catch some js network errors * catch some js network errors * support more goodread urls * fix unaired tv in tmdb * support more google book urls * fix related series * more goodreads urls * robust googlebooks search * robust search * Update settings.py * Update scraper.py * Update requirements.txt * make nicedb work * doc update * simplify permission check * update doc * update doc for bug report link * skip spotify tracks * fix 500 * improve search api * blind fix import compatibility * show years for movie in timeline * show years for movie in timeline; thinner font * export reviews * revert user home to use jquery https://github.com/fabiospampinato/cash/issues/246 * IGDB * use IGDB for Steam * use TMDB for IMDb * steam: igdb then fallback to steam * keep change history * keep change history: add django settings * Steam: keep localized title/brief while merging IGDB * basic Docker support * rescrape * Create codeql-analysis.yml * Create SECURITY.md * Create pysa.yml Co-authored-by: doubaniux <goodsir@vivaldi.net> Co-authored-by: Your Name <you@example.com> Co-authored-by: Their Name <they@example.com> Co-authored-by: Mt. Front <mfcndw@gmail.com>
255 lines
10 KiB
Python
255 lines
10 KiB
Python
from django.shortcuts import reverse, redirect, render, get_object_or_404
|
|
from django.http import HttpResponseBadRequest, HttpResponse
|
|
from django.contrib.auth.decorators import login_required
|
|
from django.contrib import auth
|
|
from django.contrib.auth import authenticate
|
|
from django.core.paginator import Paginator
|
|
from django.utils.translation import gettext_lazy as _
|
|
from django.core.exceptions import ObjectDoesNotExist
|
|
from django.db.models import Count
|
|
from .models import User, Report, Preference
|
|
from .forms import ReportForm
|
|
from mastodon.api import *
|
|
from mastodon import mastodon_request_included
|
|
from common.config import *
|
|
from common.models import MarkStatusEnum
|
|
from common.utils import PageLinksGenerator
|
|
from management.models import Announcement
|
|
from books.models import *
|
|
from movies.models import *
|
|
from music.models import *
|
|
from games.models import *
|
|
from books.forms import BookMarkStatusTranslator
|
|
from movies.forms import MovieMarkStatusTranslator
|
|
from music.forms import MusicMarkStatusTranslator
|
|
from games.forms import GameMarkStatusTranslator
|
|
from mastodon.models import MastodonApplication
|
|
from mastodon.api import verify_account
|
|
from django.conf import settings
|
|
from urllib.parse import quote
|
|
import django_rq
|
|
from .account import *
|
|
from .tasks import *
|
|
from datetime import timedelta
|
|
from django.utils import timezone
|
|
import json
|
|
from django.contrib import messages
|
|
from books.models import BookMark, BookReview
|
|
from movies.models import MovieMark, MovieReview
|
|
from games.models import GameMark, GameReview
|
|
from music.models import AlbumMark, SongMark, AlbumReview, SongReview
|
|
from collection.models import Collection, CollectionMark
|
|
from common.importers.goodreads import GoodreadsImporter
|
|
from common.importers.douban import DoubanImporter
|
|
|
|
|
|
# the 'login' page that user can see
|
|
def login(request):
|
|
if request.method == 'GET':
|
|
selected_site = request.GET.get('site', default='')
|
|
|
|
sites = MastodonApplication.objects.all().order_by("domain_name")
|
|
|
|
# store redirect url in the cookie
|
|
if request.GET.get('next'):
|
|
request.session['next_url'] = request.GET.get('next')
|
|
|
|
return render(
|
|
request,
|
|
'users/login.html',
|
|
{
|
|
'sites': sites,
|
|
'scope': quote(settings.MASTODON_CLIENT_SCOPE),
|
|
'selected_site': selected_site,
|
|
'allow_any_site': settings.MASTODON_ALLOW_ANY_SITE,
|
|
}
|
|
)
|
|
else:
|
|
return HttpResponseBadRequest()
|
|
|
|
|
|
# connect will redirect to mastodon server
|
|
def connect(request):
|
|
login_domain = request.session['swap_domain'] if request.session.get('swap_login') else request.GET.get('domain')
|
|
if not login_domain:
|
|
return render(request, 'common/error.html', {'msg': '未指定实例域名', 'secondary_msg': "", })
|
|
login_domain = login_domain.strip().lower().split('//')[-1].split('/')[0].split('@')[-1]
|
|
domain, version = get_instance_info(login_domain)
|
|
app, error_msg = get_mastodon_application(domain)
|
|
if app is None:
|
|
return render(request, 'common/error.html', {'msg': error_msg, 'secondary_msg': "", })
|
|
else:
|
|
login_url = get_mastodon_login_url(app, login_domain, version, request)
|
|
resp = redirect(login_url)
|
|
resp.set_cookie('mastodon_domain', domain)
|
|
return resp
|
|
|
|
|
|
# mastodon server redirect back to here
|
|
@mastodon_request_included
|
|
def OAuth2_login(request):
|
|
if request.method != 'GET':
|
|
return HttpResponseBadRequest()
|
|
|
|
code = request.GET.get('code')
|
|
site = request.COOKIES.get('mastodon_domain')
|
|
try:
|
|
token, refresh_token = obtain_token(site, request, code)
|
|
except ObjectDoesNotExist:
|
|
return HttpResponseBadRequest("Mastodon site not registered")
|
|
if not token:
|
|
return render(
|
|
request,
|
|
'common/error.html',
|
|
{
|
|
'msg': _("认证失败😫")
|
|
}
|
|
)
|
|
|
|
if request.session.get('swap_login', False) and request.user.is_authenticated: # swap login for existing user
|
|
return swap_login(request, token, site, refresh_token)
|
|
|
|
user = authenticate(request, token=token, site=site)
|
|
if user: # existing user
|
|
user.mastodon_token = token
|
|
user.mastodon_refresh_token = refresh_token
|
|
user.save(update_fields=['mastodon_token', 'mastodon_refresh_token'])
|
|
auth_login(request, user)
|
|
if request.session.get('next_url') is not None:
|
|
response = redirect(request.session.get('next_url'))
|
|
del request.session['next_url']
|
|
else:
|
|
response = redirect(reverse('common:home'))
|
|
return response
|
|
else: # newly registered user
|
|
code, user_data = verify_account(site, token)
|
|
if code != 200 or user_data is None:
|
|
return render(
|
|
request,
|
|
'common/error.html',
|
|
{
|
|
'msg': _("联邦网络访问失败😫")
|
|
}
|
|
)
|
|
new_user = User(
|
|
username=user_data['username'],
|
|
mastodon_id=user_data['id'],
|
|
mastodon_site=site,
|
|
mastodon_token=token,
|
|
mastodon_refresh_token=refresh_token,
|
|
mastodon_account=user_data,
|
|
)
|
|
new_user.save()
|
|
Preference.objects.create(user=new_user)
|
|
request.session['new_user'] = True
|
|
auth_login(request, new_user)
|
|
return redirect(reverse('users:register'))
|
|
|
|
|
|
@mastodon_request_included
|
|
@login_required
|
|
def logout(request):
|
|
if request.method == 'GET':
|
|
# revoke_token(request.user.mastodon_site, request.user.mastodon_token)
|
|
auth_logout(request)
|
|
return redirect(reverse("users:login"))
|
|
else:
|
|
return HttpResponseBadRequest()
|
|
|
|
|
|
@mastodon_request_included
|
|
@login_required
|
|
def reconnect(request):
|
|
if request.method == 'POST':
|
|
request.session['swap_login'] = True
|
|
request.session['swap_domain'] = request.POST['domain']
|
|
return connect(request)
|
|
else:
|
|
return HttpResponseBadRequest()
|
|
|
|
|
|
@mastodon_request_included
|
|
def register(request):
|
|
if request.session.get('new_user'):
|
|
del request.session['new_user']
|
|
return render(request, 'users/register.html')
|
|
else:
|
|
return redirect(reverse('common:home'))
|
|
|
|
|
|
def swap_login(request, token, site, refresh_token):
|
|
del request.session['swap_login']
|
|
del request.session['swap_domain']
|
|
code, data = verify_account(site, token)
|
|
current_user = request.user
|
|
if code == 200 and data is not None:
|
|
username = data['username']
|
|
if username == current_user.username and site == current_user.mastodon_site:
|
|
messages.add_message(request, messages.ERROR, _(f'该身份 {username}@{site} 与当前账号相同。'))
|
|
else:
|
|
try:
|
|
existing_user = User.objects.get(username=username, mastodon_site=site)
|
|
messages.add_message(request, messages.ERROR, _(f'该身份 {username}@{site} 已被用于其它账号。'))
|
|
except ObjectDoesNotExist:
|
|
current_user.username = username
|
|
current_user.mastodon_id = data['id']
|
|
current_user.mastodon_site = site
|
|
current_user.mastodon_token = token
|
|
current_user.mastodon_refresh_token = refresh_token
|
|
current_user.mastodon_account = data
|
|
current_user.save(update_fields=['username', 'mastodon_id', 'mastodon_site', 'mastodon_token', 'mastodon_refresh_token', 'mastodon_account'])
|
|
django_rq.get_queue('mastodon').enqueue(refresh_mastodon_data_task, current_user, token)
|
|
messages.add_message(request, messages.INFO, _(f'账号身份已更新为 {username}@{site}。'))
|
|
else:
|
|
messages.add_message(request, messages.ERROR, _('连接联邦网络获取身份信息失败。'))
|
|
return redirect(reverse('users:data'))
|
|
|
|
|
|
def auth_login(request, user):
|
|
""" Decorates django ``login()``. Attach token to session."""
|
|
auth.login(request, user)
|
|
if user.mastodon_last_refresh < timezone.now() - timedelta(hours=1) or user.mastodon_account == {}:
|
|
django_rq.get_queue('mastodon').enqueue(refresh_mastodon_data_task, user)
|
|
|
|
|
|
def auth_logout(request):
|
|
""" Decorates django ``logout()``. Release token in session."""
|
|
auth.logout(request)
|
|
|
|
|
|
@login_required
|
|
def clear_data(request):
|
|
if request.method == 'POST':
|
|
if request.POST.get('verification') == request.user.mastodon_username:
|
|
BookMark.objects.filter(owner=request.user).delete()
|
|
MovieMark.objects.filter(owner=request.user).delete()
|
|
GameMark.objects.filter(owner=request.user).delete()
|
|
AlbumMark.objects.filter(owner=request.user).delete()
|
|
SongMark.objects.filter(owner=request.user).delete()
|
|
BookReview.objects.filter(owner=request.user).delete()
|
|
MovieReview.objects.filter(owner=request.user).delete()
|
|
GameReview.objects.filter(owner=request.user).delete()
|
|
AlbumReview.objects.filter(owner=request.user).delete()
|
|
SongReview.objects.filter(owner=request.user).delete()
|
|
CollectionMark.objects.filter(owner=request.user).delete()
|
|
Collection.objects.filter(owner=request.user).delete()
|
|
request.user.first_name = request.user.username
|
|
request.user.last_name = request.user.mastodon_site
|
|
request.user.is_active = False
|
|
request.user.username = 'removed_' + str(request.user.id)
|
|
request.user.mastodon_id = 0
|
|
request.user.mastodon_site = 'removed'
|
|
request.user.mastodon_token = ''
|
|
request.user.mastodon_locked = False
|
|
request.user.mastodon_followers = []
|
|
request.user.mastodon_following = []
|
|
request.user.mastodon_mutes = []
|
|
request.user.mastodon_blocks = []
|
|
request.user.mastodon_domain_blocks = []
|
|
request.user.mastodon_account = {}
|
|
request.user.save()
|
|
auth_logout(request)
|
|
return redirect(reverse("users:login"))
|
|
else:
|
|
messages.add_message(request, messages.ERROR, _('验证信息不符。'))
|
|
return redirect(reverse("users:data"))
|