main.py

main

main

bug_report

bug_report() -> str

bug_report

Source code in COSCUP-Volunteer/main.py

@app.route('/bug-report')
def bug_report() -> str:
    ''' bug_report '''
    return render_template('./bug_report.html')

coc

coc() -> ResponseBase | str

coc

Source code in COSCUP-Volunteer/main.py

@app.route('/coc', methods=('GET', 'POST'))
def coc() -> ResponseBase | str:
    ''' coc '''
    if request.method == 'GET':
        mem_cahce = MC.get_client()
        content = mem_cahce.get('page:coc')
        if not content:
            with open('./templates/coc.md', 'r', encoding='UTF-8') as files:
                content = markdown(files.read())
                mem_cahce.set('page:coc', content, 3600)

        return render_template('./coc.html', content=content)

    if request.method == 'POST':
        if not g.user:
            return make_response({}, 404)

        PolicySigned.sign(
            uid=g.user['account']['_id'], _type=PolicyType.COC)

        flash('已簽署完成！')

    return redirect('/coc')

error_exception

error_exception(
    sender: Any, exception: Any, **extra: Any
) -> None

error_exception

Source code in COSCUP-Volunteer/main.py

def error_exception(sender: Any, exception: Any, **extra: Any) -> None:
    ''' error_exception '''
    logging.info('sender: %s, exception: %s, extra: %s',
                 sender, exception, extra)

    mail_sys_weberror.apply_async(
        kwargs={
            'title': f'{request.method}, {request.path}, {arrow.now()}',
            'body': f'''<b>{request.method}</b> {request.path}<br>
<pre>{os.environ}</pre>
<pre>{request.headers}</pre>
<pre>User: {g.get('user', {}).get('account', {}).get('_id')}\n\n
sid: {session.get('sid')}\n\n
args: {request.args}\n\nform: {request.form}\n\n
values: {request.values}\n\n{traceback.format_exc()}</pre>'''
        })

exception_func

exception_func() -> str

exception_func

Source code in COSCUP-Volunteer/main.py

@app.route('/exception')
def exception_func() -> str:
    ''' exception_func '''
    try:
        return str(1/0)
    except Exception as error:
        raise Exception('Error: [{error}]') from error

index

index() -> str

index

Source code in COSCUP-Volunteer/main.py

@app.route('/')
def index() -> str:
    ''' index '''
    if 'user' not in g:
        return render_template('index.html')

    check = {
        'profile': False,
        'participate_in': False,
        'mattermost': False,
    }

    if 'profile' in g.user['account'] and 'intro' in g.user['account']['profile']:
        if len(g.user['account']['profile']['intro']) > 100:
            check['profile'] = True

    if list(Team.participate_in(uid=g.user['account']['_id'])):
        check['participate_in'] = True

    if MattermostTools.find_possible_mid(uid=g.user['account']['_id']):
        check['mattermost'] = True

    return render_template('index_guide.html', check=check)

need_login

need_login() -> ResponseBase | None

need_login

Source code in COSCUP-Volunteer/main.py

@app.before_request
def need_login() -> ResponseBase | None:
    ''' need_login '''
    # pylint: disable=too-many-return-statements,too-many-branches
    logging.info('[X-SSL-SESSION-ID: %s] [X-REAL-IP: %s] [USER-AGENT: %s] [SESSION: %s]',
                 request.headers.get('X-SSL-SESSION-ID'),
                 request.headers.get('X-REAL-IP'),
                 request.headers.get('USER-AGENT'),
                 session, )

    if request.path.startswith('/user') and request.path[-1] == '/':
        for uid in re.finditer('[a-z0-9]{8}', request.path):
            return redirect(f'/user/{uid.group()}')

    if 'sid' in session and session['sid']:
        mem_cahce = MC.get_client()
        user_g_data = mem_cahce.get(f"sid:{session['sid']}")

        if user_g_data:
            g.user = user_g_data  # pylint: disable=assigning-non-slot
        else:
            session_data = USession.get(session['sid'])
            if session_data:
                has_suspended: bool | None = mem_cahce.get(
                    f"suspend:{session_data['uid']}")
                if has_suspended is None:
                    has_suspended = User(session_data['uid']).has_suspended()

                    if has_suspended:
                        mem_cahce.set(
                            f"suspend:{session_data['uid']}", True, 300)
                    else:
                        mem_cahce.set(
                            f"suspend:{session_data['uid']}", False, 300)

                if has_suspended:
                    session.pop('sid', None)
                    return redirect('/docs/zh-TW/error_note/e001/')

                g.user = {}  # pylint: disable=assigning-non-slot
                g.user['account'] = User(uid=session_data['uid']).get()

                if g.user['account']:
                    oauth = OAuth(
                        mail=g.user['account']['mail']).get()

                    if not oauth:
                        return None

                    call_func_pid: Callable[[
                        dict[str, Any], ], Any] = lambda x: x['pid']
                    g.user['data'] = oauth['data']
                    g.user['participate_in'] = sorted([
                        {'pid': team['pid'], 'tid': team['tid'],
                            'name': team['name']}
                        for team in Team.participate_in(
                            uid=session_data['uid'])], key=call_func_pid, reverse=True)

                    mem_cahce.set(f"sid:{session['sid']}", g.user, 600)
            else:
                session.pop('sid', None)
                session['r'] = request.path

                return redirect(url_for('oauth2callback', _scheme='https', _external=True))

        return None

    if request.path in NO_NEED_LOGIN_PATH or \
            request.path.startswith('/static/') or \
            request.path.startswith('/tasks') or \
    request.path.startswith('/schedule'):
        return None

    if request.path not in NO_NEED_LOGIN_PATH:
        # ----- Let user profile public ----- #
        # if re.match(r'(\/user\/[a-z0-9]{8}).*', request.path):
        #    return

        session['r'] = request.path
        logging.info('r: %s', session['r'])
        return redirect(url_for('oauth2callback', _scheme='https', _external=True))

    session.pop('sid', None)
    session['r'] = request.path

    return redirect(url_for('oauth2callback', _scheme='https', _external=True))

no_store

no_store(response: Response) -> Response

return no-store

Source code in COSCUP-Volunteer/main.py

@app.after_request
def no_store(response: Response) -> Response:
    ''' return no-store '''
    if 'sid' in session and session['sid']:
        response.headers['Cache-Control'] = 'no-store'

    return response

oauth2callback

oauth2callback() -> ResponseBase

oauth2callback

Source code in COSCUP-Volunteer/main.py

@app.route('/oauth2callback')
def oauth2callback() -> ResponseBase:
    ''' oauth2callback '''
    if 'r' in request.args and request.args['r'].startswith('/'):
        session['r'] = request.args['r']

    flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file(
        './client_secret.json',
        scopes=(
            'openid',
            'https://www.googleapis.com/auth/userinfo.email',
            'https://www.googleapis.com/auth/userinfo.profile',
        ),
        redirect_uri=f'https://{setting.DOMAIN}/oauth2callback',
    )

    if 'code' not in request.args:
        authorization_url, state = flow.authorization_url(
            access_type='offline',
            include_granted_scopes='true',
            state=secrets.token_urlsafe(64),
        )

        session['state'] = state
        return redirect(authorization_url)

    url = request.url.replace('http://', 'https://')
    url_query = parse_qs(urlparse(url).query)

    if 'state' in url_query and url_query['state'] and \
            url_query['state'][0] == session.get('state'):
        flow.fetch_token(authorization_response=url)

        auth_client = discovery.build(
            'oauth2', 'v2', credentials=flow.credentials, cache_discovery=False)
        user_info = auth_client.userinfo().get().execute()

        # ----- save oauth info ----- #
        OAuth.add(mail=user_info['email'],
                  data=user_info, token=flow.credentials)

        # ----- Check account or create ----- #
        owner = OAuth.owner(mail=user_info['email'])
        if owner:
            user = User(uid=owner).get()
        else:
            user = User.create(mail=user_info['email'])
            MailLetterDB().create(uid=user['_id'])

        if not user:
            return redirect(url_for('index', _scheme='https', _external=True))

        user_session = USession.make_new(
            uid=user['_id'], header=dict(request.headers))
        session['sid'] = user_session.inserted_id

        if 'r' in session:
            redirect_path = session['r']
            logging.info('login r: %s', redirect_path)
            session.pop('r', None)
            session.pop('state', None)
            return redirect(redirect_path)

        return redirect(url_for('index', _scheme='https', _external=True))

    session.pop('state', None)
    return redirect(url_for('oauth2callback', _scheme='https', _external=True))

oauth2logout

oauth2logout() -> ResponseBase

Logout

GET /logout

:return: Remove cookie/session.

Source code in COSCUP-Volunteer/main.py

@app.route('/logout')
def oauth2logout() -> ResponseBase:
    ''' Logout

        **GET** ``/logout``

        :return: Remove cookie/session.
    '''
    if 'sid' in session:
        USession.make_dead(sid=session['sid'])

    session.pop('state', None)
    session.pop('sid', None)
    return redirect(url_for('index', _scheme='https', _external=True))

privacy

privacy() -> str

privacy

Source code in COSCUP-Volunteer/main.py

@app.route('/privacy')
def privacy() -> str:
    ''' privacy '''
    mem_cahce = MC.get_client()
    content = mem_cahce.get('page:privacy')
    if not content:
        with open('./templates/privacy.md', 'r', encoding='UTF-8') as files:
            content = markdown(files.read())
            mem_cahce.set('page:privacy', content, 3600)

    return render_template('./privacy.html', content=content)

robots

robots() -> ResponseBase

robots

Source code in COSCUP-Volunteer/main.py

@app.route('/robots.txt')
def robots() -> ResponseBase:
    ''' robots '''
    resp = make_response('''User-agent: *
Allow: /

Sitemap: https://volunteer.coscup.org/sitemap.txt
Sitemap: https://volunteer.coscup.org/docs/sitemap.xml''', 200)
    resp.mimetype = 'text/plain'
    return resp

security_guard

security_guard() -> ResponseBase | str

Security Guard

Source code in COSCUP-Volunteer/main.py

@app.route('/security_guard', methods=('GET', 'POST'))
def security_guard() -> ResponseBase | str:
    ''' Security Guard '''
    if request.method == 'GET':
        mem_cahce = MC.get_client()
        content = mem_cahce.get('page:security_g')
        if not content:
            with open('./templates/security_guard.md', 'r', encoding='UTF-8') as files:
                content = markdown(files.read())
                mem_cahce.set('page:security_g', content, 3600)

        return render_template('./security_guard.html', content=content)

    if request.method == 'POST':
        if not g.user:
            return make_response({}, 404)

        PolicySigned.sign(
            uid=g.user['account']['_id'], _type=PolicyType.SECURITY_GUARD)

        flash('已簽署完成！')

    return redirect('/security_guard')

sitemap

sitemap() -> ResponseBase

sitemap

Source code in COSCUP-Volunteer/main.py

@app.route('/sitemap.txt')
def sitemap() -> ResponseBase:
    ''' sitemap '''
    result: list[str] = []
    for path in (
        '/',
        '/.well-known/security.txt',
        '/api/docs',
        '/api/redoc',
        '/bug-report',
        '/coc',
        '/doc/security.txt',
        '/docs/sitemap.xml',
        '/privacy',
        '/robots.txt',
        '/security_guard',
    ):
        result.append(f'https://volunteer.coscup.org{path}')

    for path in Tasks.sitemap():
        result.append(f'https://volunteer.coscup.org{path}')

    for path in Track.sitemap():
        result.append(f'https://volunteer.coscup.org{path}')

    for path in TalkFavs(pid='2023', uid='').sitemap():
        result.append(f'https://volunteer.coscup.org{path}')

    resp = make_response('\r\n'.join(result), 200)
    resp.mimetype = 'text/plain'
    return resp