Ailur-Archives
/
hectabit-oauth2
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Optimised database to hopefully stop stuff crashing

This commit is contained in:
Tracker-Friendly 2024-03-30 09:04:11 +00:00
parent 11cfd73dc9
commit 23db9ed0fd
1 changed files with 28 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
main
View File

@ -76,11 +76,20 @@ async def oauth2_token_refresh(openid, appId):
while True: while True:
print(openid, appId) print(openid, appId)
conn = get_db_connection() conn = get_db_connection()
conn.execute("UPDATE logins SET code = ?, nextcode = ? WHERE appId = ? AND openid = ?", (str(conn.execute("SELECT nextcode FROM logins WHERE appId = ? AND openid = ?", (str(appId), str(openid))).fetchone()[0]), str(secrets.token_hex(512)), str(appId), str(openid)))
conn.execute("UPDATE logins SET secret = ?, nextsecret = ? WHERE appId = ? AND openid = ?", (str(conn.execute("SELECT nextsecret FROM logins WHERE appId = ? AND openid = ?", (str(appId), str(openid))).fetchone()[0])), str(secrets.token_hex(512)), str(appId), str(openid)) # Fetch required data in a single query
login_data = conn.execute("SELECT nextcode, nextsecret FROM logins WHERE appId = ? AND openid = ?", (str(appId), str(openid))).fetchone()
if login_data:
nextcode = login_data[0]
nextsecret = login_data[1]
conn.execute("UPDATE logins SET code = ?, nextcode = ?, secret = ?, nextsecret = ? WHERE appId = ? AND openid = ?", (nextcode, str(secrets.token_hex(512)), nextsecret, str(secrets.token_hex(512)), str(appId), str(openid)))
conn.commit() conn.commit()
conn.close() conn.close()
await asyncio.sleep(3600) await asyncio.sleep(3600)
else:
conn.close()
return
# Disable CORS # Disable CORS
@app.after_request @app.after_request
@ -250,29 +259,26 @@ async def apitokenexchange():
conn = get_db_connection() conn = get_db_connection()
print(str(appId)) # Fetch required data in a single query
appidcheck = str(conn.execute("SELECT appId FROM oauth WHERE appId = ?", (str(appId),)).fetchone()[0]) oauth_data = conn.execute("SELECT appId, secret FROM oauth WHERE appId = ?", (str(appId),)).fetchone()
if not str(appidcheck) == str(appId): if not oauth_data or oauth_data["appId"] != appId or oauth_data["secret"] != secret:
return {}, 401 return {}, 401
secretcheck = str(conn.execute("SELECT secret FROM oauth WHERE appId = ?", (str(appId),)).fetchone()[0])
if not str(secretcheck) == str(secret):
return {}, 402
newkey = str(secrets.token_hex(512)) newkey = str(secrets.token_hex(512))
conn.execute("UPDATE logins SET secret = ?, nextsecret = ? WHERE appId = ? AND secret = ?", (str(newkey), str(secrets.token_hex(512)), str(appId), str(secret))) conn.execute("UPDATE logins SET secret = ?, nextsecret = ? WHERE appId = ? AND secret = ?", (str(newkey), str(secrets.token_hex(512)), str(appId), str(secret)))
openid = str(conn.execute("SELECT openid FROM logins WHERE appId = ? AND secret = ?", (str(appId), str(code))).fetchone()[0])
# Fetch openid and code in a single query
login_data = conn.execute("SELECT openid, code FROM logins WHERE appId = ? AND secret = ?", (str(appId), str(code))).fetchone()
if login_data:
access_token = { access_token = {
"access_token": str(conn.execute("SELECT code FROM logins WHERE appId = ? AND secret = ?", (str(appId), str(code))).fetchone()[0]), "access_token": str(login_data["code"]),
"token_type": "bearer", "token_type": "bearer",
"expires_in": 3600, "expires_in": 3600,
"refresh_token": newkey, "refresh_token": newkey,
"id_token": openid "id_token": str(login_data["openid"])
} }
asyncio.create_task(oauth2_token_refresh(login_data["openid"], appId))
if access_token:
asyncio.create_task(oauth2_token_refresh(openid, appId))
return access_token, 200 return access_token, 200
else: else:
return {}, 400 return {}, 400