-
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathScratchAuth.py
More file actions
69 lines (53 loc) · 2.28 KB
/
ScratchAuth.py
File metadata and controls
69 lines (53 loc) · 2.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
from base64 import b64encode
from os import getenv, urandom, path
from flask import Flask, redirect, request, session, render_template
from requests import get
from dotenv import load_dotenv
load_dotenv()
# Generate a random 24-byte secret key using os.urandom()
random_secret_key = urandom(24) # Generates a 24-byte secret key
# Get absolute path to 'src' folder
template_folder_path = path.join(path.abspath(path.dirname(__file__)), 'src')
# Set up Flask app with the generated SECRET_KEY and 'src' as the template folder
app = Flask(__name__, template_folder=template_folder_path)
app.secret_key = random_secret_key # Use the generated random secret key
"""
Thanks to Chiroyce (https://replit.com/@Chiroyce/auth) for part of the code! Truly the GOAT.
"""
def encode_base64(string):
return b64encode(string.encode("utf-8")).decode()
def generate_random_code():
# Generate a 24-byte random code
random_bytes = urandom(24)
# Encode it in base64 format
return b64encode(random_bytes).decode('utf-8')
@app.get("/")
def home():
return render_template("account.html")
@app.get("/auth")
def auth():
if "username" not in session:
# Generate a random code using the generate_random_code function
random_code = generate_random_code()
return redirect(f"https://auth.itinerary.eu.org/auth/?redirect={encode_base64('https://scratch-coding-hut.github.io/auth')}&name=NotFenixio%27s%20ScratchAuth%20Example&code={random_code}")
else:
return render_template("auth.html", username=session["username"])
@app.get("/authenticate")
def authenticate():
code = request.args.get("privateCode")
if code is None:
return "Bad Request", 400
response = get(f"https://auth.itinerary.eu.org/api/auth/verifyToken?privateCode={code}")
if response.status_code != 200:
return "Error communicating with authentication service", 500
response_json = response.json()
if response_json.get("redirect") == "https://scratch-coding-hut.github.io/auth":
if response_json.get("valid"):
session["username"] = response_json["username"]
return redirect("/auth")
else:
return "Authentication failed!", 401
else:
return "Invalid Redirect", 400
if __name__ == "__main__":
app.run()