From bc9336ef21e5636d442dff1da36d5e759ed4a088 Mon Sep 17 00:00:00 2001
From: Shirkanesi <shirkanesi@shirkanesi.com>
Date: Sat, 19 Aug 2023 00:43:12 +0200
Subject: [PATCH] Initial work on auth-tokens

---
 jon/__init__.py         |  9 +++++++++
 jon/auth.py             | 44 +++++++++++++++++++++++++++++++++++++++++
 jon/templates/base.html |  1 +
 3 files changed, 54 insertions(+)
 create mode 100644 jon/auth.py

diff --git a/jon/__init__.py b/jon/__init__.py
index 7766f92..01498d4 100644
--- a/jon/__init__.py
+++ b/jon/__init__.py
@@ -1,9 +1,11 @@
 import inspect
 import json
+import sys
 
 from flask import Flask, render_template
 
 from . import (
+    auth,
     db,
     entry,
     inventory,
@@ -21,6 +23,10 @@ def create_app():
 
     db.init_app(app)
 
+    @app.before_request
+    def before_req_fun():
+        return auth.before_request()
+
     @app.context_processor
     def utility_processor():
         return dict(inspect.getmembers(template_utils, inspect.isfunction))
@@ -28,8 +34,11 @@ def create_app():
     app.register_blueprint(location.bp)
     app.register_blueprint(inventory.bp)
     app.register_blueprint(entry.bp)
+    app.register_blueprint(auth.auth)
     @app.route("/")
     def index():
         return render_template("index.html")
 
+    print("Jon started. Token: %s" % auth.ACCESS_TOKEN, file=sys.stderr)
+
     return app
diff --git a/jon/auth.py b/jon/auth.py
new file mode 100644
index 0000000..b843f2d
--- /dev/null
+++ b/jon/auth.py
@@ -0,0 +1,44 @@
+from flask import Blueprint, request, redirect, make_response
+from . import db
+import random
+import string
+
+auth = Blueprint('auth', __name__)
+
+ACCESS_TOKEN = ''.join(random.choice(string.ascii_lowercase) for i in range(64))
+
+ERROR_TEXT =  """
+              For security-reasons we must make sure you are the person who executed jon :D <br />
+              <form action="" method="get">
+                  <input type="password" name="token" placeholder="Token" />
+                  <input type="hidden" hidden name="next" value="{next}" />
+                  <input type="submit" value="login" />
+              </form>
+              <hr />
+
+              """
+
+
+def before_request():
+    token = request.cookies.get('token')
+    if token == ACCESS_TOKEN:
+        pass
+    else:
+        token = request.args.get('token')
+        next: str = request.args.get('next') or "/"
+        if token is None:
+            # TODO: make template
+            return ERROR_TEXT.format(next=next) + "No token provided!"
+        if token != ACCESS_TOKEN:
+            return ERROR_TEXT.format(next=next) + "Invalid token!"
+        else:
+            resp = make_response(redirect(next))
+            resp.set_cookie('token', token)
+            return resp
+
+
+@auth.route('/logout')
+def logout():
+    resp = make_response(redirect("/"))
+    resp.set_cookie('token', "")
+    return resp
diff --git a/jon/templates/base.html b/jon/templates/base.html
index f71f7e1..4398641 100644
--- a/jon/templates/base.html
+++ b/jon/templates/base.html
@@ -88,6 +88,7 @@
             {% endif %}
             </a>
           </li>
+          <li {{ "class=current-page" if request.path.startswith("/logout") else "" }}><a href="/logout">Logout</a></li>
         </ul>
       </nav>