Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Renamed payload to user_jwt #29

Merged
merged 4 commits into from
Mar 17, 2024
Merged

Renamed payload to user_jwt #29

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ac8fad3
Renamed `payload` to `user_jwt`
Helithumper Mar 17, 2024
f668a0a
Logging progress from a diff pr
Helithumper Mar 17, 2024
d8a27a2
Reverting changes from other PR
Helithumper Mar 17, 2024
887007f
Undoing progres from another commit - git is confusing for reverts
Helithumper Mar 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions routes/admin.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,7 @@ async def admin_post_discord_message(
request: Request,
token: Optional[str] = Cookie(None),
member_id: Optional[str] = "FAIL",
payload: dict = Body(None),
user_jwt: dict = Body(None),
):
"""
API endpoint that gets a specific user's data as JSON
Expand All @@ -202,7 +202,7 @@ async def admin_post_discord_message(
if not data:
return Errors.generate(request, 404, "User Not Found")

message_text = payload.get("msg")
message_text = user_jwt.get("msg")

res = Discord.send_message(data.get("discord_id"), message_text)

Expand Down
12 changes: 6 additions & 6 deletions routes/api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ async def get_form(num: str):
async def get_form_html(
request: Request,
token: Optional[str] = Cookie(None),
payload: Optional[object] = {},
user_jwt: Optional[object] = {},
num: str = 1,
):
# AWS dependencies
Expand All @@ -71,7 +71,7 @@ async def get_form_html(
data = Options.get_form_body(num)

# Get data from DynamoDB
user_data = table.get_item(Key={"id": payload.get("id")}).get("Item", None)
user_data = table.get_item(Key={"id": user_jwt.get("id")}).get("Item", None)

# Have Kennelish parse the data.
body = Kennelish.parse(data, user_data)
Expand All @@ -89,7 +89,7 @@ async def get_form_html(
async def post_form(
request: Request,
token: Optional[str] = Cookie(None),
payload: Optional[object] = {},
user_jwt: Optional[object] = {},
num: str = 1,
):
# Get Kennelish data
Expand Down Expand Up @@ -143,7 +143,7 @@ async def post_form(
# Push data back to DynamoDB
try:
table.update_item(
Key={"id": payload.get("id")},
Key={"id": user_jwt.get("id")},
UpdateExpression=update_expression,
ExpressionAttributeValues=expression_attribute_values,
)
Expand All @@ -164,7 +164,7 @@ async def post_form(

# Create dictionary
table.update_item(
Key={"id": payload.get("id")},
Key={"id": user_jwt.get("id")},
# key_to_make is not user-supplied, rather, it's from the form JSON.
# if this noSQLi's, then it's because of an insider threat.
UpdateExpression=f"SET {key_to_make} = :dicty",
Expand All @@ -173,7 +173,7 @@ async def post_form(

# After all dicts are a thing, re-run query.
table.update_item(
Key={"id": payload.get("id")},
Key={"id": user_jwt.get("id")},
UpdateExpression=update_expression,
ExpressionAttributeValues=expression_attribute_values,
)
Expand Down
16 changes: 8 additions & 8 deletions routes/infra.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -192,19 +192,19 @@ async def get_root():
async def get_provision(
request: Request,
token: Optional[str] = Cookie(None),
payload: Optional[object] = {},
user_jwt: Optional[object] = {},
):
conn = openstack.connect(cloud="hackucf_infra")

# Get single user
user = conn.identity.find_user(payload.get("infra_email"))
user = conn.identity.find_user(user_jwt.get("infra_email"))

# Get project
project = conn.identity.get_project(user.default_project_id)

# Provision everything
asyncio.create_task(
create_resource(project, payload.get("discord_id"))
create_resource(project, user_jwt.get("discord_id"))
) # runs teardown async
return {"msg": "Queued."}

Expand All @@ -231,7 +231,7 @@ async def get_teardown(request: Request, token: Optional[str] = Cookie(None)):
async def get_options(
request: Request,
token: Optional[str] = Cookie(None),
payload: Optional[object] = {},
user_jwt: Optional[object] = {},
):
return get_shitty_database()

Expand Down Expand Up @@ -268,11 +268,11 @@ async def set_options(
async def get_infra(
request: Request,
token: Optional[str] = Cookie(None),
payload: Optional[object] = {},
user_jwt: Optional[object] = {},
):
member_id = payload.get("id")
member_id = user_jwt.get("id")

if not (payload.get("is_full_member") or payload.get("infra_email")):
if not (user_jwt.get("is_full_member") or user_jwt.get("infra_email")):
return Errors.generate(
request, 403, "This API endpoint is restricted to Dues-Paying Members."
)
Expand Down Expand Up @@ -330,7 +330,7 @@ async def get_infra(
async def download_file(
request: Request,
token: Optional[str] = Cookie(None),
payload: Optional[object] = {},
user_jwt: Optional[object] = {},
):
# Replace 'path/to/your/file.txt' with the actual path to your file
file_path = "./HackUCF.ovpn"
Expand Down
25 changes: 10 additions & 15 deletions routes/stripe.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
# Set Stripe API key.
stripe.api_key = options.get("stripe").get("api_key")


"""
Get API information.
"""
Expand All @@ -30,14 +31,14 @@
async def get_root(
request: Request,
token: Optional[str] = Cookie(None),
payload: Optional[object] = {},
user_jwt: Optional[object] = {},
):
# AWS dependencies
dynamodb = boto3.resource("dynamodb")
table = dynamodb.Table(options.get("aws").get("dynamodb").get("table"))

# Get data from DynamoDB
user_data = table.get_item(Key={"id": payload.get("id")}).get("Item", None)
user_data = table.get_item(Key={"id": user_jwt.get("id")}).get("Item", None)

did_pay_dues = user_data.get("did_pay_dues", False)

Expand All @@ -47,9 +48,9 @@ async def get_root(
"pay.html",
{
"request": request,
"icon": payload["pfp"],
"name": payload["name"],
"id": payload["id"],
"icon": user_jwt["pfp"],
"name": user_jwt["name"],
"id": user_jwt["id"],
"did_pay_dues": did_pay_dues,
"is_nid": is_nid,
},
Expand All @@ -61,14 +62,14 @@ async def get_root(
async def create_checkout_session(
request: Request,
token: Optional[str] = Cookie(None),
payload: Optional[object] = {},
user_jwt: Optional[object] = {},
):
# AWS dependencies
dynamodb = boto3.resource("dynamodb")
table = dynamodb.Table(options.get("aws").get("dynamodb").get("table"))

# Get data from DynamoDB
user_data = table.get_item(Key={"id": payload.get("id")}).get("Item", None)
user_data = table.get_item(Key={"id": user_jwt.get("id")}).get("Item", None)

try:
stripe_email = user_data.get("email")
Expand Down Expand Up @@ -109,32 +110,26 @@ async def webhook(request: Request):
print(e)
return HTTPException(status_code=400, detail="Malformed payload.")

# Handle the checkout.session.completed event
# Event Handling
if event["type"] == "checkout.session.completed":
session = event["data"]["object"]
# Retrieve the session. If you require line items in the response, you may include them by expanding line_items.
session = event["data"]["object"]

if session.payment_status == "paid":
# Mark as paid.
pay_dues(session)

print(session)

elif event["type"] == "checkout.session.async_payment_succeeded":
session = event["data"]["object"]
pay_dues(session)

# Passed signature verification
return HTTPException(status_code=200, detail="Success.")
# print(await request.json())
# return "yeet"


def pay_dues(session):
customer_email = session.get("customer_email")

print(customer_email)

# AWS dependencies
dynamodb = boto3.resource("dynamodb")
table = dynamodb.Table(options.get("aws").get("dynamodb").get("table"))
Expand Down
4 changes: 2 additions & 2 deletions routes/wallet.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -237,13 +237,13 @@ async def get_root():
async def aapl_gen(
request: Request,
token: Optional[str] = Cookie(None),
payload: Optional[object] = {},
user_jwt: Optional[object] = {},
):
dynamodb = boto3.resource("dynamodb")
table = dynamodb.Table(options.get("aws").get("dynamodb").get("table"))

# Get data from DynamoDB
user_data = table.get_item(Key={"id": payload.get("id")}).get("Item", None)
user_data = table.get_item(Key={"id": user_jwt.get("id")}).get("Item", None)

p = apple_wallet(user_data)

Expand Down
Loading