From 22c337f8aa753e5b542fd5733c809525a6e065b6 Mon Sep 17 00:00:00 2001 From: trinkey <97406176+trinkey@users.noreply.github.com> Date: Tue, 19 Mar 2024 17:32:20 -0400 Subject: [PATCH] add account deletion and password changing --- README.md | 2 +- _server.py | 71 ++++++++++++++++++++++++++++++++----------- public/css/home.css | 2 +- public/editor.html | 1 - public/home.html | 8 +++++ public/js/settings.js | 68 +++++++++++++++++++++++++++++++++++++++++ public/js/signup.js | 26 ++++++---------- public/settings.html | 37 ++++++++++++++++++++++ 8 files changed, 179 insertions(+), 36 deletions(-) create mode 100644 public/js/settings.js create mode 100644 public/settings.html diff --git a/README.md b/README.md index 947b02a..6a9f8a4 100644 --- a/README.md +++ b/README.md @@ -5,4 +5,4 @@ it's like pronouns.page but i made it ### todo * social links -* sexuality/gender flags +* templating and embeds on /u/... pages diff --git a/_server.py b/_server.py index e8fccc1..32f3587 100644 --- a/_server.py +++ b/_server.py @@ -135,39 +135,39 @@ def api_account_login(): for i in username: if i not in "abcdefghijklmnopqrstuvwxyz0123456789_-": - return return_dynamic_content_type(json.dumps({ + return { "valid": False, "reason": "User doesn't exist." - }), "application/json") + } try: open(f"{SAVING_DIRECTORY}{username}.json", "r") except FileNotFoundError: - return return_dynamic_content_type(json.dumps({ + return { "valid": False, "reason": "User doesn't exist." - }), "application/json") + } token = generate_token(username, passhash) try: enforced_username = open(f"{SAVING_DIRECTORY}tokens/{token}.txt", "r").read() except FileNotFoundError: - return return_dynamic_content_type(json.dumps({ + return { "valid": False, "reason": "Invalid password" - }), "application/json") + } if enforced_username != username: - return return_dynamic_content_type(json.dumps({ + return { "valid": False, "reason": "Invalid password" - }), "application/json") + } - return return_dynamic_content_type(json.dumps({ + return { "valid": True, "token": token - }), "application/json") + } def api_account_signup(): try: @@ -191,17 +191,17 @@ def api_account_signup(): for i in username: if i not in "abcdefghijklmnopqrstuvwxyz0123456789_-": - return return_dynamic_content_type(json.dumps({ + return { "valid": False, "reason": "Username can only contain a-z, 0-9, underscores, and hyphens." - }), "application/json") + } try: open(f"{SAVING_DIRECTORY}{username}.json", "r") - return return_dynamic_content_type(json.dumps({ + return { "valid": False, "reason": "Username taken." - }), "application/json") + } except FileNotFoundError: pass @@ -280,6 +280,40 @@ def api_account_self(): except FileNotFoundError: flask.abort(404) +def api_account_change(): + username = open(f'{SAVING_DIRECTORY}tokens/{request.cookies["token"]}.txt', 'r').read() + x = json.loads(request.data) + + if generate_token(username, x["current"]) != request.cookies["token"]: + flask.abort(401) + + new = generate_token(username, x["new"]) + os.rename(f'{SAVING_DIRECTORY}tokens/{request.cookies["token"]}.txt', f'{SAVING_DIRECTORY}tokens/{new}.txt') + + return { + "token": new + } + +def api_account_delete(): + username = open(f'{SAVING_DIRECTORY}tokens/{request.cookies["token"]}.txt', 'r').read() + x = json.loads(request.data) + + token = generate_token(username, x["passhash"]) + if generate_token(username, x["passhash"]) != request.cookies["token"]: + flask.abort(401) + + os.remove(f"{SAVING_DIRECTORY}tokens/{token}.txt") + os.remove(f"{SAVING_DIRECTORY}{username}.json") + + f = json.loads(open(f"{SAVING_DIRECTORY}public/list.json", "r").read()) + if username in f: + f.remove(username) + g = open(f"{SAVING_DIRECTORY}public/list.json", "w") + g.write(json.dumps(f)) + g.close() + + return "200 OK" + def api_save(): username = open(f'{SAVING_DIRECTORY}tokens/{request.cookies["token"]}.txt', 'r').read() x = json.loads(request.data) @@ -357,9 +391,9 @@ def api_save(): return "200 OK" def api_browse(): - return return_dynamic_content_type( - json.dumps(list_public(request.args.get("sort"), int(request.args.get("page")) if "page" in request.args else 0)), - "application/json" + return list_public( + request.args.get("sort"), # type: ignore + int(request.args.get("page")) if "page" in request.args else 0 # type: ignore ) def home(): @@ -399,6 +433,7 @@ app.route("/login")(create_file_serve("login.html")) app.route("/signup")(create_file_serve("signup.html")) app.route("/logout")(create_file_serve("logout.html")) app.route("/browse")(create_file_serve("browse.html")) +app.route("/settings")(create_file_serve("settings.html")) app.route("/editor")(create_file_serve("editor.html")) app.route("/u/")(create_file_serve("user.html")) @@ -411,6 +446,8 @@ app.route("/api/account/login", methods=["POST"])(api_account_login) app.route("/api/account/signup", methods=["POST"])(api_account_signup) app.route("/api/account/info/", methods=["GET"])(api_account_info_) app.route("/api/account/self", methods=["GET"])(api_account_self) +app.route("/api/account/change", methods=["POST"])(api_account_change) +app.route("/api/account/delete", methods=["DELETE"])(api_account_delete) app.route("/api/save", methods=["PATCH"])(api_save) app.route("/api/browse", methods=["GET"])(api_browse) diff --git a/public/css/home.css b/public/css/home.css index 758307e..29a9cc8 100644 --- a/public/css/home.css +++ b/public/css/home.css @@ -1,7 +1,7 @@ .home-container { width: 20em; padding: 10px 0; - margin: 0 auto; + margin: 10px auto; border: 2px var(--secondary) solid; padding: 6px; border-radius: 4px; diff --git a/public/editor.html b/public/editor.html index 90a45be..a660dea 100644 --- a/public/editor.html +++ b/public/editor.html @@ -14,6 +14,5 @@ - Log Out \ No newline at end of file diff --git a/public/home.html b/public/home.html index 71de91c..803c56e 100644 --- a/public/home.html +++ b/public/home.html @@ -42,6 +42,14 @@ Shortened url:
https://infopg.web.app/u/{{USERNAME}} +
+

Log out

+ You can always log back in +
+
+

User Settings

+ Change password, delete acc, etc. +
+ + + + + +

Settings

+

Password change

+
+
+
+ + +

+ +

Delete account

+

+ + Return home + + + +