api impl

2024-12-02 18:33:39 +00:00
parent 72807d41c1
commit 83c5662fcb
14 changed files with 236 additions and 48 deletions
--- a/app.py
+++ b/app.py
@@ -1,51 +1,30 @@
-from authlib.integrations import flask_client
-from flask import Flask, jsonify, request, url_for, redirect, session
+# app.py
+from urllib.parse import urlparse
+
+from flask import Flask
 from flask_cors import  CORS
-from authlib.integrations.flask_client import OAuth
-import os
+import env_provider
+import db
+from api.auth import auth_bp
+from api.markdown import markdown_bp

+
+def is_allowed_origin(origin):
+    parsed_origin = urlparse(origin)
+    if parsed_origin.hostname in ['localhost', '127.0.0.1']:
+        return True
+    allowed_origins = [
+        "https://login.hangman-lab.top",
+        "https://git.hangman-lab.top",
+    ]
+    return origin in allowed_origins
+
+db.create_all()
 app = Flask(__name__)
-CORS(app)
-oauth = OAuth(app)
-
-keycloak = oauth.register(
-    'keycloak',
-    client_id="main",
-    client_secret="<KEY>",
-    server_metadata_url="https://login.hangman-lab.top/auth/realms/Hangman-Lab/.well-known/openid-configuration",
-    client_kwargs={"scope": "openid email profile"},
-)
-
-
-@app.route('/api/login')
-def login():
-    redirect_uri = url_for("authorize", _external=True)
-    return keycloak.authorize_redirect(redirect_uri)
-
-@app.route('/api/authorize')
-def authorize():
-    token = keycloak.authorize_access_token()
-    user_info = keycloak.parse_id_token(token)
-    session['user'] = user_info
-
-@app.route('/api/logout')
-def logout():
-    session.pop('user', None)
-    logout_url = "https://login.hangman-lab.top/auth/realms/Hangman-Lab/protocol/openid-connect/logout"
-    return redirect(logout_url)
-
-@app.route("/api/user")
-def user():
-    u = session.get('user')
-    if not u:
-        return jsonify({"username": "guest", "role": "guest"})
-    return jsonify(user)
-
-@app.route('/api/get_note_list', methods=['GET'])
-def get_note_list():
-    raise NotImplementedError
-
-@app.route('/api/get_note', methods=['GET'])
-def get_note(idx):
-    raise NotImplementedError
+app.secret_key = env_provider.SESSION_SECRET_KEY
+CORS(app, resources={r"/api/*": {"origins": is_allowed_origin}})

+app.register_blueprint(markdown_bp)
+app.register_blueprint(auth_bp)
+if __name__ == '__main__':
+    app.run(host='0.0.0.0', port=5000)