~sircmpwn/meta.sr.ht

ref: 72548bd7545f78670878667674cc7645835a17bd meta.sr.ht/metasrht/blueprints/profile.py -rw-r--r-- 2.1 KiB
72548bd7Drew DeVault API: Updates per core-go auth changes 1 year, 1 month ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
from flask import Blueprint, Response, render_template, request, abort
from flask import redirect, url_for, session
from metasrht.blueprints.auth import validate_email
from metasrht.types import User, UserAuthFactor, FactorType
from srht.config import cfg
from srht.database import db
from srht.oauth import current_user, loginrequired, login_user
from srht.graphql import exec_gql
from srht.validation import Validation

profile = Blueprint('profile', __name__)

site_name = cfg("sr.ht", "site-name")

@profile.route("/~<username>.keys")
def user_keys_GET(username):
    user = User.query.filter(User.username == username).one_or_none()
    if not user:
        abort(404)
    resp = Response("\n".join(k.key.strip() for k in user.ssh_keys) + "\n")
    resp.headers["Content-Type"] = "text/plain"
    return resp

@profile.route("/~<username>.pgp")
def user_pgp_keys_GET(username):
    user = User.query.filter(User.username == username).one_or_none()
    if not user:
        abort(404)
    resp = Response("\n".join(k.key.strip() for k in user.pgp_keys) + "\n")
    resp.headers["Content-Type"] = "text/plain"
    return resp

@profile.route("/profile")
@loginrequired
def profile_GET():
    notice = session.pop("notice", None)
    return render_template("profile.html", notice=notice)

@profile.route("/profile", methods=["POST"])
@loginrequired
def profile_POST():
    valid = Validation(request)
    resp = exec_gql("meta.sr.ht", """
        mutation UpdateProfile($input: UserInput!) {
            updateUser(input: $input) { id, email }
        }
    """, valid=valid, input={key: valid.source[key] for key in [
        "email", "url", "location", "bio",
    ] if valid.source.get(key) is not None})
    if not valid.ok:
        return render_template("profile.html", **valid.kwargs), 400
    if "email" in valid.source and valid.source["email"] != resp["updateUser"]["email"]:
        session["notice"] = "An email has been sent to your new address. Check your inbox to complete the change."
    user = User.query.filter(User.id == resp["updateUser"]["id"]).one()
    login_user(user, set_cookie=True)
    return redirect(url_for(".profile_GET"))