burgernotes-server/main

#!/usr/bin/python3
import os
import sqlite3
import time
import secrets
import configparser
import asyncio
from hypercorn.config import Config
from hypercorn.asyncio import serve
from werkzeug.security import generate_password_hash, check_password_hash
from quart import Quart, render_template, request, url_for, flash, redirect, session, make_response, send_from_directory, stream_with_context, Response, request

# Parse configuration file, and check if anything is wrong with it
config = configparser.ConfigParser()
config.read("config.ini")

HOST = config["config"]["HOST"]
PORT = config["config"]["PORT"]
SECRET_KEY = config["config"]["SECRET_KEY"]
MAX_STORAGE = config["config"]["MAX_STORAGE"]

if SECRET_KEY == "placeholder":
    print("[WARNING] Secret key not set")

# Define Quart
app = Quart(__name__)
app.config["SECRET_KEY"] = SECRET_KEY

# Database functions
def get_db_connection():
    conn = sqlite3.connect("database.db")
    conn.row_factory = sqlite3.Row
    return conn

def get_user(id):
    conn = get_db_connection()
    post = conn.execute("SELECT * FROM users WHERE id = ?",
                        (id,)).fetchone()
    conn.close()
    if post is None:
        return "error"
    return post

def get_note(id):
    conn = get_db_connection()
    post = conn.execute("SELECT * FROM notes WHERE id = ?",
                        (id,)).fetchone()
    conn.close()
    if post is None:
        return "error"
    return post

def get_space(id):
    conn = get_db_connection()
    notes = conn.execute("SELECT content, title FROM notes WHERE creator = ? ORDER BY id DESC;", (id,)).fetchall()
    conn.close()
    spacetaken = 0
    for x in notes:
        spacetaken = spacetaken + len(x["content"].encode("utf-8"))
        spacetaken = spacetaken + len(x["title"].encode("utf-8"))
    return spacetaken

def get_note_count(id):
    conn = get_db_connection()
    notes = conn.execute("SELECT content, title FROM notes WHERE creator = ? ORDER BY id DESC;", (id,)).fetchall()
    conn.close()
    notecount = 0
    for x in notes:
        notecount = notecount + 1
    return notecount

def get_session(id):
    conn = get_db_connection()
    post = conn.execute("SELECT * FROM sessions WHERE session = ?",
                        (id,)).fetchone()
    conn.close()
    if post is None:
        return "error"
    return post

def get_session_from_sessionid(id):
    conn = get_db_connection()
    post = conn.execute("SELECT * FROM sessions WHERE sessionid = ?",
                        (id,)).fetchone()
    conn.close()
    if post is None:
        return "error"
    return post

def check_username_taken(username):
    conn = get_db_connection()
    post = conn.execute("SELECT * FROM users WHERE lower(username) = ?",
                        (username.lower(),)).fetchone()
    conn.close()
    if post is None:
        return "error"
    return post["id"]

# Main page
@app.route("/")
async def main():
    return await render_template("main.html")

# Web app
@app.route("/app")
async def webapp():
    return await render_template("app.html")

# Login and signup
@app.route("/signup")
async def signup():
    return await render_template("signup.html")

@app.route("/login")
async def login():
    return await render_template("login.html")

# Privacy policy
@app.route("/privacy")
async def privacy():
    return await render_template("privacy.html")

# API
@app.route("/api/version", methods=("GET", "POST"))
async def apiversion():
    return "PageBurger Version 1.1"

@app.route("/api/signup", methods=("GET", "POST"))
async def apisignup():
    if request.method == "POST":
        data = await request.get_json()
        username = data["username"]
        password = data["password"]

        if username == "":
            return {}, 422

        if len(username) > 20:
            return {}, 422

        if not username.isalnum():
            return {}, 422

        if password == "":
            return {}, 422

        if len(password) < 14:
            return {}, 422

        if not check_username_taken(username) == "error":
            return {}, 409

        hashedpassword = generate_password_hash(password)

        conn = get_db_connection()
        conn.execute("INSERT INTO users (username, password, created) VALUES (?, ?, ?)",
                     (username, hashedpassword, str(time.time())))
        conn.commit()
        conn.close()

        userID = check_username_taken(username)
        user = get_user(userID)

        randomCharacters = secrets.token_hex(512)

        conn = get_db_connection()
        conn.execute("INSERT INTO sessions (session, id, device) VALUES (?, ?, ?)",
                     (randomCharacters, userID, request.headers.get("user-agent")))
        conn.commit()
        conn.close()

        return {
            "key": randomCharacters
        }, 200

@app.route("/api/login", methods=("GET", "POST"))
async def apilogin():
    if request.method == "POST":
        data = await request.get_json()
        username = data["username"]
        password = data["password"]
        passwordchange = data["passwordchange"]
        newpass = data["newpass"]

        check_username_thing = check_username_taken(username)

        if check_username_thing == "error":
            return {}, 401

        userID = check_username_taken(username)
        user = get_user(userID)

        if not check_password_hash(user["password"], (password)):
            return {}, 401

        randomCharacters = secrets.token_hex(512)

        conn = get_db_connection()
        conn.execute("INSERT INTO sessions (session, id, device) VALUES (?, ?, ?)",
                     (randomCharacters, userID, request.headers.get("user-agent")))
        conn.commit()
        conn.close()

        return {
            "key": randomCharacters,
        }, 200

        if str(passwordchange) == "yes":
            hashedpassword = generate_password_hash(newpass)
            conn = get_db_connection()
            conn.execute("UPDATE users SET password = ? WHERE username = ?", (hashedpassword, username))
            conn.commit()
            conn.close()

@app.route("/api/userinfo", methods=("GET", "POST"))
async def apiuserinfo():
    if request.method == "POST":
        data = await request.get_json()
        secretKey = data["secretKey"]

        userCookie = get_session(secretKey)
        user = get_user(userCookie["id"])
        datatemplate = {
            "username": user["username"],
            "id": user["id"],
            "created": user["created"],
            "storageused": get_space(user["id"]),
            "storagemax": MAX_STORAGE,
            "notecount": get_note_count(user["id"])
        }
        return datatemplate

@app.route("/api/listnotes", methods=("GET", "POST"))
async def apilistnotes():
    if request.method == "POST":
        data = await request.get_json()
        secretKey = data["secretKey"]

        userCookie = get_session(secretKey)
        user = get_user(userCookie["id"])

        conn = get_db_connection()
        notes = conn.execute("SELECT * FROM notes WHERE creator = ? ORDER BY id DESC;", (user["id"],)).fetchall()
        conn.close()

        datatemplate = []

        for note in notes:
            notetemplate = {
                "id": note["id"],
                "title": note["title"]
            }
            datatemplate.append(notetemplate)

        return datatemplate, 200

@app.route("/api/exportnotes", methods=("GET", "POST"))
async def apiexportnotes():
    if request.method == "POST":
        data = await request.get_json()
        secretKey = data["secretKey"]

        userCookie = get_session(secretKey)
        user = get_user(userCookie["id"])

        conn = get_db_connection()
        notes = conn.execute("SELECT * FROM notes WHERE creator = ? ORDER BY id DESC;", (user["id"],)).fetchall()
        conn.close()

        datatemplate = []

        for note in notes:
            notetemplate = {
                "id": note["id"],
                "created": note["created"],
                "edited": note["edited"],
                "title": note["title"],
                "content": note["content"]
            }
            datatemplate.append(notetemplate)

        return datatemplate, 200
    
@app.route("/api/newnote", methods=("GET", "POST"))
async def apinewnote():
    if request.method == "POST":
        data = await request.get_json()
        secretKey = data["secretKey"]
        noteName = data["noteName"]

        userCookie = get_session(secretKey)
        user = get_user(userCookie["id"])
        
        conn = get_db_connection()
        conn.execute("INSERT INTO notes (title, content, creator, created, edited) VALUES (?, ?, ?, ?, ?)",
                         (noteName, "", user["id"], str(time.time()), str(time.time())))
        conn.commit()
        conn.close()

        return {}, 200

@app.route("/api/readnote", methods=("GET", "POST"))
async def apireadnote():
    if request.method == "POST":
        data = await request.get_json()
        secretKey = data["secretKey"]
        noteId = data["noteId"]

        userCookie = get_session(secretKey)
        user = get_user(userCookie["id"])

        note = get_note(noteId)

        if (note != "error"):
            if (user["id"] == note["creator"]):
                contenttemplate = {
                    "content": note["content"]
                }

                return contenttemplate, 200
            else:
                return {}, 422
        else:
            return {}, 422

@app.route("/api/editnote", methods=("GET", "POST"))
async def apieditnote():
    if request.method == "POST":
        data = await request.get_json()
        secretKey = data["secretKey"]
        noteId = data["noteId"]
        content = data["content"]

        userCookie = get_session(secretKey)
        user = get_user(userCookie["id"])

        note = get_note(noteId)
        
        if get_space(user["id"]) + len(content.encode("utf-8")) > int(MAX_STORAGE):
            return {}, 418

        if (note != "error"):
            if (user["id"] == note["creator"]):
                conn = get_db_connection()
                conn.execute("UPDATE notes SET content = ?, edited = ? WHERE id = ?", (content, str(time.time()), noteId))
                conn.commit()
                conn.close()

                return {}, 200
            else:
                return {}, 403
        else:
            return {}, 422

@app.route("/api/removenote", methods=("GET", "POST"))
async def apiremovenote():
    if request.method == "POST":
        data = await request.get_json()
        secretKey = data["secretKey"]
        noteId = data["noteId"]

        userCookie = get_session(secretKey)
        user = get_user(userCookie["id"])

        note = get_note(noteId)

        if (note != "error"):
            if (user["id"] == note["creator"]):
                conn = get_db_connection()
                conn.execute("DELETE FROM notes WHERE id = ?", (noteId,))
                conn.commit()
                conn.close()

                return {}, 200
            else:
                return {}, 403
        else:
            return {}, 422


@app.route("/api/deleteaccount", methods=("GET", "POST"))
async def apideleteaccount():
    if request.method == "POST":
        data = await request.get_json()
        secretKey = data["secretKey"]

        userCookie = get_session(secretKey)
        user = get_user(userCookie["id"])

        conn = get_db_connection()
        conn.execute("DELETE FROM notes WHERE creator = ?", (userCookie["id"],))
        conn.commit()
        conn.close()

        conn = get_db_connection()
        conn.execute("DELETE FROM users WHERE id = ?", (userCookie["id"],))
        conn.commit()
        conn.close()

        return {}, 200

@app.route("/api/sessions/list", methods=("GET", "POST"))
async def apisessionslist():
    if request.method == "POST":
        data = await request.get_json()
        secretKey = data["secretKey"]

        userCookie = get_session(secretKey)
        user = get_user(userCookie["id"])

        conn = get_db_connection()
        sessions = conn.execute("SELECT * FROM sessions WHERE id = ? ORDER BY id DESC;", (user["id"],)).fetchall()
        conn.close()

        datatemplate = []

        for x in sessions:
            device = x["device"]
            thisSession = False
            if (x["session"] == secretKey):
                thisSession = True
            sessiontemplate = {
                "id": x["sessionid"],
                "thisSession": thisSession,
                "device": device
            }
            datatemplate.append(sessiontemplate)

        return datatemplate, 200

@app.route("/api/sessions/remove", methods=("GET", "POST"))
async def apisessionsremove():
    if request.method == "POST":
        data = await request.get_json()
        secretKey = data["secretKey"]
        sessionId = data["sessionId"]

        userCookie = get_session(secretKey)
        user = get_user(userCookie["id"])

        session = get_session_from_sessionid(sessionId)

        if (session != "error"):
            if (user["id"] == session["id"]):
                conn = get_db_connection()
                conn.execute("DELETE FROM sessions WHERE sessionid = ?", (session["sessionid"],))
                conn.commit()
                conn.close()

                return {}, 200
            else:
                return {}, 403
        else:
            return {}, 422


@app.route("/listusers/<secretkey>", methods=("GET", "POST"))
def listusers(secretkey):
    if secretkey == SECRET_KEY:
        conn = get_db_connection()
        users = conn.execute("SELECT * FROM users").fetchall()
        conn.close()
        thing = ""
        for x in users:
            thing = str(x["id"]) + " - " + x["username"] + " - " + str(get_space(x["id"])) + "<br>" + thing

        return thing
    else:
        return redirect("/")

@app.route("/api/logout")
async def apilogout():
    return await render_template("logout.html")

@app.errorhandler(500)
async def burger(e):
    return {}, 500

@app.errorhandler(404)
async def burger(e):
    return await render_template("error.html", errorCode=404, errorMessage="Page not found"), 404

# Start server
hypercornconfig = Config()
hypercornconfig.bind = (HOST + ":" + PORT)

if __name__ == "__main__":
    print("[INFO] Server started")
    asyncio.run(serve(app, hypercornconfig))
    print("[INFO] Server stopped")
initial commit 2023-07-21 20:52:06 +01:00			`#!/usr/bin/python3`
			`import os`
			`import sqlite3`
			`import time`
			`import secrets`
			`import configparser`
migrate to quart 2024-02-24 20:57:16 +00:00			`import asyncio`
			`from hypercorn.config import Config`
			`from hypercorn.asyncio import serve`
burger changes 2023-08-03 17:41:58 +01:00			`from werkzeug.security import generate_password_hash, check_password_hash`
migrate to quart 2024-02-24 20:57:16 +00:00			`from quart import Quart, render_template, request, url_for, flash, redirect, session, make_response, send_from_directory, stream_with_context, Response, request`
initial commit 2023-07-21 20:52:06 +01:00
			`# Parse configuration file, and check if anything is wrong with it`
			`config = configparser.ConfigParser()`
			`config.read("config.ini")`

			`HOST = config["config"]["HOST"]`
			`PORT = config["config"]["PORT"]`
			`SECRET_KEY = config["config"]["SECRET_KEY"]`
burger 2023-07-22 17:15:59 +01:00			`MAX_STORAGE = config["config"]["MAX_STORAGE"]`
initial commit 2023-07-21 20:52:06 +01:00
			`if SECRET_KEY == "placeholder":`
			`print("[WARNING] Secret key not set")`

migrate to quart 2024-02-24 20:57:16 +00:00			`# Define Quart`
			`app = Quart(__name__)`
initial commit 2023-07-21 20:52:06 +01:00			`app.config["SECRET_KEY"] = SECRET_KEY`

			`# Database functions`
			`def get_db_connection():`
			`conn = sqlite3.connect("database.db")`
			`conn.row_factory = sqlite3.Row`
			`return conn`

			`def get_user(id):`
			`conn = get_db_connection()`
			`post = conn.execute("SELECT * FROM users WHERE id = ?",`
			`(id,)).fetchone()`
			`conn.close()`
			`if post is None:`
			`return "error"`
			`return post`

			`def get_note(id):`
			`conn = get_db_connection()`
			`post = conn.execute("SELECT * FROM notes WHERE id = ?",`
			`(id,)).fetchone()`
			`conn.close()`
			`if post is None:`
			`return "error"`
			`return post`

burger 2023-07-22 17:15:59 +01:00			`def get_space(id):`
			`conn = get_db_connection()`
burger 2023-07-23 21:36:55 +01:00			`notes = conn.execute("SELECT content, title FROM notes WHERE creator = ? ORDER BY id DESC;", (id,)).fetchall()`
burger 2023-07-22 17:15:59 +01:00			`conn.close()`
			`spacetaken = 0`
			`for x in notes:`
			`spacetaken = spacetaken + len(x["content"].encode("utf-8"))`
burger 2023-07-23 21:36:55 +01:00			`spacetaken = spacetaken + len(x["title"].encode("utf-8"))`
burger 2023-07-22 17:15:59 +01:00			`return spacetaken`

fart 2023-08-05 23:28:57 +01:00			`def get_note_count(id):`
			`conn = get_db_connection()`
			`notes = conn.execute("SELECT content, title FROM notes WHERE creator = ? ORDER BY id DESC;", (id,)).fetchall()`
			`conn.close()`
			`notecount = 0`
			`for x in notes:`
			`notecount = notecount + 1`
			`return notecount`

initial commit 2023-07-21 20:52:06 +01:00			`def get_session(id):`
			`conn = get_db_connection()`
			`post = conn.execute("SELECT * FROM sessions WHERE session = ?",`
			`(id,)).fetchone()`
			`conn.close()`
			`if post is None:`
			`return "error"`
			`return post`

df 2023-08-19 14:17:23 +01:00			`def get_session_from_sessionid(id):`
			`conn = get_db_connection()`
			`post = conn.execute("SELECT * FROM sessions WHERE sessionid = ?",`
			`(id,)).fetchone()`
			`conn.close()`
			`if post is None:`
			`return "error"`
			`return post`

initial commit 2023-07-21 20:52:06 +01:00			`def check_username_taken(username):`
			`conn = get_db_connection()`
			`post = conn.execute("SELECT * FROM users WHERE lower(username) = ?",`
			`(username.lower(),)).fetchone()`
			`conn.close()`
			`if post is None:`
			`return "error"`
			`return post["id"]`

			`# Main page`
			`@app.route("/")`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def main():`
			`return await render_template("main.html")`
initial commit 2023-07-21 20:52:06 +01:00
			`# Web app`
			`@app.route("/app")`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def webapp():`
			`return await render_template("app.html")`
initial commit 2023-07-21 20:52:06 +01:00
			`# Login and signup`
			`@app.route("/signup")`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def signup():`
			`return await render_template("signup.html")`
initial commit 2023-07-21 20:52:06 +01:00
			`@app.route("/login")`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def login():`
			`return await render_template("login.html")`
initial commit 2023-07-21 20:52:06 +01:00
fr 2023-08-19 18:25:12 +01:00			`# Privacy policy`
burger 2023-08-16 14:42:08 +01:00			`@app.route("/privacy")`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def privacy():`
			`return await render_template("privacy.html")`
burger 2023-08-16 14:42:08 +01:00
initial commit 2023-07-21 20:52:06 +01:00			`# API`
Added version text 2024-02-23 14:35:53 +00:00			`@app.route("/api/version", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apiversion():`
Added version text 2024-02-23 14:35:53 +00:00			`return "PageBurger Version 1.1"`

initial commit 2023-07-21 20:52:06 +01:00			`@app.route("/api/signup", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apisignup():`
initial commit 2023-07-21 20:52:06 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
initial commit 2023-07-21 20:52:06 +01:00			`username = data["username"]`
			`password = data["password"]`

			`if username == "":`
			`return {}, 422`

			`if len(username) > 20:`
			`return {}, 422`
Added version text 2024-02-23 14:35:53 +00:00
initial commit 2023-07-21 20:52:06 +01:00			`if not username.isalnum():`
			`return {}, 422`

			`if password == "":`
			`return {}, 422`

			`if len(password) < 14:`
			`return {}, 422`

			`if not check_username_taken(username) == "error":`
			`return {}, 409`

burger changes 2023-08-03 17:41:58 +01:00			`hashedpassword = generate_password_hash(password)`

initial commit 2023-07-21 20:52:06 +01:00			`conn = get_db_connection()`
			`conn.execute("INSERT INTO users (username, password, created) VALUES (?, ?, ?)",`
burger changes 2023-08-03 17:41:58 +01:00			`(username, hashedpassword, str(time.time())))`
initial commit 2023-07-21 20:52:06 +01:00			`conn.commit()`
			`conn.close()`

			`userID = check_username_taken(username)`
			`user = get_user(userID)`

			`randomCharacters = secrets.token_hex(512)`

			`conn = get_db_connection()`
df 2023-08-19 14:17:23 +01:00			`conn.execute("INSERT INTO sessions (session, id, device) VALUES (?, ?, ?)",`
			`(randomCharacters, userID, request.headers.get("user-agent")))`
initial commit 2023-07-21 20:52:06 +01:00			`conn.commit()`
			`conn.close()`

			`return {`
			`"key": randomCharacters`
			`}, 200`
Final changes to hash migration 2024-02-25 19:05:22 +00:00
initial commit 2023-07-21 20:52:06 +01:00			`@app.route("/api/login", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apilogin():`
initial commit 2023-07-21 20:52:06 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
initial commit 2023-07-21 20:52:06 +01:00			`username = data["username"]`
			`password = data["password"]`
Final changes to hash migration 2024-02-25 19:05:22 +00:00			`passwordchange = data["passwordchange"]`
			`newpass = data["newpass"]`
Migration to chacha2 start 2024-02-25 17:05:55 +00:00
initial commit 2023-07-21 20:52:06 +01:00			`check_username_thing = check_username_taken(username)`

			`if check_username_thing == "error":`
			`return {}, 401`

			`userID = check_username_taken(username)`
			`user = get_user(userID)`

burger changes 2023-08-03 17:41:58 +01:00			`if not check_password_hash(user["password"], (password)):`
initial commit 2023-07-21 20:52:06 +01:00			`return {}, 401`

			`randomCharacters = secrets.token_hex(512)`

			`conn = get_db_connection()`
df 2023-08-19 14:17:23 +01:00			`conn.execute("INSERT INTO sessions (session, id, device) VALUES (?, ?, ?)",`
			`(randomCharacters, userID, request.headers.get("user-agent")))`
initial commit 2023-07-21 20:52:06 +01:00			`conn.commit()`
			`conn.close()`

Final changes to hash migration 2024-02-25 19:05:22 +00:00			`return {`
			`"key": randomCharacters,`
			`}, 200`
Migration to chacha2 start 2024-02-25 17:05:55 +00:00
Silly 2024-02-25 19:21:26 +00:00			`if str(passwordchange) == "yes":`
Final changes to hash migration 2024-02-25 19:05:22 +00:00			`hashedpassword = generate_password_hash(newpass)`
			`conn = get_db_connection()`
			`conn.execute("UPDATE users SET password = ? WHERE username = ?", (hashedpassword, username))`
			`conn.commit()`
			`conn.close()`
initial commit 2023-07-21 20:52:06 +01:00
			`@app.route("/api/userinfo", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apiuserinfo():`
initial commit 2023-07-21 20:52:06 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
initial commit 2023-07-21 20:52:06 +01:00			`secretKey = data["secretKey"]`

			`userCookie = get_session(secretKey)`
			`user = get_user(userCookie["id"])`
			`datatemplate = {`
			`"username": user["username"],`
			`"id": user["id"],`
burger 2023-07-22 17:15:59 +01:00			`"created": user["created"],`
			`"storageused": get_space(user["id"]),`
fart 2023-08-05 23:28:57 +01:00			`"storagemax": MAX_STORAGE,`
			`"notecount": get_note_count(user["id"])`
initial commit 2023-07-21 20:52:06 +01:00			`}`
			`return datatemplate`

			`@app.route("/api/listnotes", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apilistnotes():`
initial commit 2023-07-21 20:52:06 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
initial commit 2023-07-21 20:52:06 +01:00			`secretKey = data["secretKey"]`

			`userCookie = get_session(secretKey)`
			`user = get_user(userCookie["id"])`

			`conn = get_db_connection()`
			`notes = conn.execute("SELECT * FROM notes WHERE creator = ? ORDER BY id DESC;", (user["id"],)).fetchall()`
			`conn.close()`

			`datatemplate = []`

			`for note in notes:`
			`notetemplate = {`
			`"id": note["id"],`
			`"title": note["title"]`
			`}`
			`datatemplate.append(notetemplate)`

			`return datatemplate, 200`
export notes 2023-08-05 15:12:24 +01:00
			`@app.route("/api/exportnotes", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apiexportnotes():`
export notes 2023-08-05 15:12:24 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
export notes 2023-08-05 15:12:24 +01:00			`secretKey = data["secretKey"]`

			`userCookie = get_session(secretKey)`
			`user = get_user(userCookie["id"])`

			`conn = get_db_connection()`
			`notes = conn.execute("SELECT * FROM notes WHERE creator = ? ORDER BY id DESC;", (user["id"],)).fetchall()`
			`conn.close()`

			`datatemplate = []`

			`for note in notes:`
			`notetemplate = {`
			`"id": note["id"],`
			`"created": note["created"],`
			`"edited": note["edited"],`
			`"title": note["title"],`
			`"content": note["content"]`
			`}`
			`datatemplate.append(notetemplate)`

			`return datatemplate, 200`
initial commit 2023-07-21 20:52:06 +01:00
			`@app.route("/api/newnote", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apinewnote():`
initial commit 2023-07-21 20:52:06 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
initial commit 2023-07-21 20:52:06 +01:00			`secretKey = data["secretKey"]`
			`noteName = data["noteName"]`

			`userCookie = get_session(secretKey)`
			`user = get_user(userCookie["id"])`

			`conn = get_db_connection()`
			`conn.execute("INSERT INTO notes (title, content, creator, created, edited) VALUES (?, ?, ?, ?, ?)",`
			`(noteName, "", user["id"], str(time.time()), str(time.time())))`
			`conn.commit()`
			`conn.close()`

			`return {}, 200`

			`@app.route("/api/readnote", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apireadnote():`
initial commit 2023-07-21 20:52:06 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
initial commit 2023-07-21 20:52:06 +01:00			`secretKey = data["secretKey"]`
			`noteId = data["noteId"]`

			`userCookie = get_session(secretKey)`
			`user = get_user(userCookie["id"])`

			`note = get_note(noteId)`

			`if (note != "error"):`
			`if (user["id"] == note["creator"]):`
			`contenttemplate = {`
			`"content": note["content"]`
			`}`

			`return contenttemplate, 200`
			`else:`
			`return {}, 422`
			`else:`
			`return {}, 422`

			`@app.route("/api/editnote", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apieditnote():`
initial commit 2023-07-21 20:52:06 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
initial commit 2023-07-21 20:52:06 +01:00			`secretKey = data["secretKey"]`
			`noteId = data["noteId"]`
			`content = data["content"]`

			`userCookie = get_session(secretKey)`
			`user = get_user(userCookie["id"])`

			`note = get_note(noteId)`
burger 2023-07-22 17:15:59 +01:00
			`if get_space(user["id"]) + len(content.encode("utf-8")) > int(MAX_STORAGE):`
			`return {}, 418`
initial commit 2023-07-21 20:52:06 +01:00
			`if (note != "error"):`
			`if (user["id"] == note["creator"]):`
			`conn = get_db_connection()`
			`conn.execute("UPDATE notes SET content = ?, edited = ? WHERE id = ?", (content, str(time.time()), noteId))`
			`conn.commit()`
			`conn.close()`

			`return {}, 200`
			`else:`
			`return {}, 403`
			`else:`
			`return {}, 422`

			`@app.route("/api/removenote", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apiremovenote():`
initial commit 2023-07-21 20:52:06 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
initial commit 2023-07-21 20:52:06 +01:00			`secretKey = data["secretKey"]`
			`noteId = data["noteId"]`

			`userCookie = get_session(secretKey)`
			`user = get_user(userCookie["id"])`

			`note = get_note(noteId)`

			`if (note != "error"):`
			`if (user["id"] == note["creator"]):`
			`conn = get_db_connection()`
			`conn.execute("DELETE FROM notes WHERE id = ?", (noteId,))`
			`conn.commit()`
			`conn.close()`

			`return {}, 200`
			`else:`
			`return {}, 403`
			`else:`
			`return {}, 422`

listusers thing 2023-07-22 17:23:52 +01:00
burger changes 2023-08-02 20:08:11 +01:00			`@app.route("/api/deleteaccount", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apideleteaccount():`
burger changes 2023-08-02 20:08:11 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
burger changes 2023-08-02 20:08:11 +01:00			`secretKey = data["secretKey"]`

			`userCookie = get_session(secretKey)`
			`user = get_user(userCookie["id"])`

			`conn = get_db_connection()`
			`conn.execute("DELETE FROM notes WHERE creator = ?", (userCookie["id"],))`
			`conn.commit()`
			`conn.close()`

			`conn = get_db_connection()`
			`conn.execute("DELETE FROM users WHERE id = ?", (userCookie["id"],))`
			`conn.commit()`
			`conn.close()`

			`return {}, 200`

df 2023-08-19 14:17:23 +01:00			`@app.route("/api/sessions/list", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apisessionslist():`
df 2023-08-19 14:17:23 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
df 2023-08-19 14:17:23 +01:00			`secretKey = data["secretKey"]`

			`userCookie = get_session(secretKey)`
			`user = get_user(userCookie["id"])`

			`conn = get_db_connection()`
			`sessions = conn.execute("SELECT * FROM sessions WHERE id = ? ORDER BY id DESC;", (user["id"],)).fetchall()`
			`conn.close()`

			`datatemplate = []`

			`for x in sessions:`
			`device = x["device"]`
			`thisSession = False`
			`if (x["session"] == secretKey):`
			`thisSession = True`
			`sessiontemplate = {`
			`"id": x["sessionid"],`
			`"thisSession": thisSession,`
			`"device": device`
			`}`
			`datatemplate.append(sessiontemplate)`

			`return datatemplate, 200`

			`@app.route("/api/sessions/remove", methods=("GET", "POST"))`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apisessionsremove():`
df 2023-08-19 14:17:23 +01:00			`if request.method == "POST":`
migrate to quart 2024-02-24 20:57:16 +00:00			`data = await request.get_json()`
df 2023-08-19 14:17:23 +01:00			`secretKey = data["secretKey"]`
			`sessionId = data["sessionId"]`

			`userCookie = get_session(secretKey)`
			`user = get_user(userCookie["id"])`

			`session = get_session_from_sessionid(sessionId)`

			`if (session != "error"):`
			`if (user["id"] == session["id"]):`
			`conn = get_db_connection()`
			`conn.execute("DELETE FROM sessions WHERE sessionid = ?", (session["sessionid"],))`
			`conn.commit()`
			`conn.close()`

			`return {}, 200`
			`else:`
			`return {}, 403`
			`else:`
			`return {}, 422`
burger changes 2023-08-02 20:08:11 +01:00
add stuff 2023-10-16 19:45:00 +01:00
listusers thing 2023-07-22 17:23:52 +01:00			`@app.route("/listusers/<secretkey>", methods=("GET", "POST"))`
			`def listusers(secretkey):`
			`if secretkey == SECRET_KEY:`
			`conn = get_db_connection()`
			`users = conn.execute("SELECT * FROM users").fetchall()`
			`conn.close()`
			`thing = ""`
			`for x in users:`
			`thing = str(x["id"]) + " - " + x["username"] + " - " + str(get_space(x["id"])) + "<br>" + thing`

			`return thing`
			`else:`
			`return redirect("/")`

initial commit 2023-07-21 20:52:06 +01:00			`@app.route("/api/logout")`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def apilogout():`
			`return await render_template("logout.html")`
initial commit 2023-07-21 20:52:06 +01:00
burger 2023-08-03 20:33:02 +01:00			`@app.errorhandler(500)`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def burger(e):`
burger 2023-08-03 20:33:02 +01:00			`return {}, 500`

df 2023-08-19 14:17:23 +01:00			`@app.errorhandler(404)`
migrate to quart 2024-02-24 20:57:16 +00:00			`async def burger(e):`
			`return await render_template("error.html", errorCode=404, errorMessage="Page not found"), 404`
df 2023-08-19 14:17:23 +01:00
initial commit 2023-07-21 20:52:06 +01:00			`# Start server`
migrate to quart 2024-02-24 20:57:16 +00:00			`hypercornconfig = Config()`
			`hypercornconfig.bind = (HOST + ":" + PORT)`

initial commit 2023-07-21 20:52:06 +01:00			`if __name__ == "__main__":`
			`print("[INFO] Server started")`
migrate to quart 2024-02-24 20:57:16 +00:00			`asyncio.run(serve(app, hypercornconfig))`
We are soo back! 2023-11-03 20:24:40 +00:00			`print("[INFO] Server stopped")`