Compare commits
8 Commits
dea53d8396
...
bfee85a963
Author | SHA1 | Date | |
---|---|---|---|
bfee85a963 | |||
c68593a67d | |||
20da86f69e | |||
8efb3aea2c | |||
83aa9bc84c | |||
6171bb0f85 | |||
eeab4c167b | |||
25161fc8e9 |
1
Cargo.lock
generated
1
Cargo.lock
generated
@ -2271,6 +2271,7 @@ dependencies = [
|
||||
"sqlx",
|
||||
"tera",
|
||||
"ureq",
|
||||
"urlencoding",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -28,6 +28,7 @@ itertools = "0.13"
|
||||
job_scheduler_ng = "2.0"
|
||||
ureq = { version = "2.9", features = ["json"] }
|
||||
regex = "1.10"
|
||||
urlencoding = "2.1"
|
||||
|
||||
[target.'cfg(not(windows))'.dependencies]
|
||||
openssl = { version = "0.10", features = [ "vendored" ] }
|
||||
|
@ -5,3 +5,4 @@ limits = { file = "10 MiB", data-form = "10 MiB"}
|
||||
smtp_pw = "8kIjlLH79Ky6D3jQ"
|
||||
usage_log_path = "./usage.txt"
|
||||
openweathermap_key = "c8dab8f91b5b815d76e9879cbaecd8d5"
|
||||
wordpress_key = "pw-to-allow-sending-notifications"
|
||||
|
73
notes.md
73
notes.md
@ -1,73 +0,0 @@
|
||||
# Wordpress auth
|
||||
|
||||
Add the following code to `wp-content/themes/bravada/functions.php`:
|
||||
|
||||
```
|
||||
function rot_auth( $user, $username, $password ){
|
||||
// Make sure a username and password are present for us to work with
|
||||
if($username == '' || $password == '') return;
|
||||
|
||||
$ch = curl_init();
|
||||
|
||||
curl_setopt($ch, CURLOPT_URL, 'https://app.rudernlinz.at/wikiauth');
|
||||
curl_setopt($ch, CURLOPT_POST, 1);
|
||||
curl_setopt($ch, CURLOPT_POSTFIELDS, "name=$username&password=$password");
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
|
||||
// Execute the cURL session and get the response
|
||||
$response = curl_exec($ch);
|
||||
|
||||
// Check for cURL errors
|
||||
if(curl_errno($ch)){
|
||||
$user = new WP_Error( 'denied', __('Curl error: ' . curl_error($ch)) );
|
||||
}
|
||||
|
||||
// Close the cURL session
|
||||
curl_close($ch);
|
||||
|
||||
|
||||
if (strpos($response, 'SUCC') !== false) {
|
||||
$user = get_user_by('login', $username);
|
||||
|
||||
if (!$user) {
|
||||
// User does not exist, create a new one
|
||||
$userdata = array(
|
||||
'user_email' => $username,
|
||||
'user_login' => $username,
|
||||
'first_name' => $username,
|
||||
'last_name' => ''
|
||||
);
|
||||
$new_user_id = wp_insert_user($userdata);
|
||||
|
||||
if (!is_wp_error($new_user_id)) {
|
||||
// Load the new user info
|
||||
$user = new WP_User($new_user_id);
|
||||
|
||||
// Set role based on username
|
||||
if ($username == 'Philipp Hofer' || $username == 'Marie Birner') {
|
||||
$user->set_role('administrator');
|
||||
} else {
|
||||
$user->set_role('editor');
|
||||
}
|
||||
} else {
|
||||
// Handle error in user creation
|
||||
return $new_user_id;
|
||||
}
|
||||
} else {
|
||||
}
|
||||
|
||||
} else {
|
||||
$user = new WP_Error( 'denied', __("Falscher Benutzername/Passwort. Verwendest du deine Accountdaten vom Ruderassistenten?") );
|
||||
}
|
||||
|
||||
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
// Comment this line if you wish to fall back on WordPress authentication
|
||||
// Useful for times when the external service is offline
|
||||
remove_action('authenticate', 'wp_authenticate_username_password', 20);
|
||||
|
||||
add_filter( 'authenticate', 'rot_auth', 10, 3 );
|
||||
```
|
@ -179,6 +179,13 @@ ORDER BY read_at DESC, created_at DESC;
|
||||
.await
|
||||
.unwrap();
|
||||
}
|
||||
|
||||
pub(crate) async fn delete_by_link(db: &sqlx::Pool<Sqlite>, link: &str) {
|
||||
sqlx::query!("DELETE FROM notification WHERE link=?", link)
|
||||
.execute(db)
|
||||
.await
|
||||
.unwrap();
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
|
@ -118,6 +118,56 @@ fn unauthorized_error(req: &Request) -> Redirect {
|
||||
Redirect::to("/auth")
|
||||
}
|
||||
|
||||
#[derive(FromForm, Debug)]
|
||||
struct NewBlogpostForm<'r> {
|
||||
article_url: &'r str,
|
||||
article_title: &'r str,
|
||||
pw: &'r str,
|
||||
}
|
||||
|
||||
#[post("/", data = "<blogpost>")]
|
||||
async fn new_blogpost(
|
||||
db: &State<SqlitePool>,
|
||||
blogpost: Form<NewBlogpostForm<'_>>,
|
||||
config: &State<Config>,
|
||||
) -> String {
|
||||
if blogpost.pw == &config.wordpress_key {
|
||||
let member = Role::find_by_name(&db, "Donau Linz").await.unwrap();
|
||||
Notification::create_for_role(
|
||||
db,
|
||||
&member,
|
||||
&urlencoding::decode(blogpost.article_title).expect("UTF-8"),
|
||||
&format!("Neuer Blogpost"),
|
||||
Some(blogpost.article_url),
|
||||
None,
|
||||
)
|
||||
.await;
|
||||
"ACK".into()
|
||||
} else {
|
||||
"WRONG pw".into()
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(FromForm, Debug)]
|
||||
struct BlogpostUnpublishedForm<'r> {
|
||||
article_url: &'r str,
|
||||
pw: &'r str,
|
||||
}
|
||||
|
||||
#[post("/", data = "<blogpost>")]
|
||||
async fn blogpost_unpublished(
|
||||
db: &State<SqlitePool>,
|
||||
blogpost: Form<BlogpostUnpublishedForm<'_>>,
|
||||
config: &State<Config>,
|
||||
) -> String {
|
||||
if blogpost.pw == &config.wordpress_key {
|
||||
Notification::delete_by_link(&db, blogpost.article_url).await;
|
||||
"ACK".into()
|
||||
} else {
|
||||
"WRONG pw".into()
|
||||
}
|
||||
}
|
||||
|
||||
#[catch(403)] //forbidden
|
||||
fn forbidden_error() -> Flash<Redirect> {
|
||||
Flash::error(Redirect::to("/"), "Keine Berechtigung für diese Aktion. Wenn du der Meinung bist, dass du das machen darfst, melde dich bitte bei it@rudernlinz.at.")
|
||||
@ -187,6 +237,7 @@ pub struct Config {
|
||||
smtp_pw: String,
|
||||
usage_log_path: String,
|
||||
pub openweathermap_key: String,
|
||||
wordpress_key: String,
|
||||
}
|
||||
|
||||
pub fn config(rocket: Rocket<Build>) -> Rocket<Build> {
|
||||
@ -194,6 +245,8 @@ pub fn config(rocket: Rocket<Build>) -> Rocket<Build> {
|
||||
.mount("/", routes![index, steering, impressum])
|
||||
.mount("/auth", auth::routes())
|
||||
.mount("/wikiauth", routes![wikiauth])
|
||||
.mount("/new-blogpost", routes![new_blogpost])
|
||||
.mount("/blogpost-unpublished", routes![blogpost_unpublished])
|
||||
.mount("/log", log::routes())
|
||||
.mount("/planned", planned::routes())
|
||||
.mount("/ergo", ergo::routes())
|
||||
|
@ -33,6 +33,13 @@
|
||||
<div class="mt-1">{{ notification.message | safe }}</div>
|
||||
</div>
|
||||
<div>
|
||||
{% if notification.link %}
|
||||
<a href="{{ notification.link }}" class="inline-block">
|
||||
<button class="btn btn-primary" type="button">
|
||||
🔗
|
||||
</button>
|
||||
</a>
|
||||
{% endif %}
|
||||
{% if not notification.read_at %}
|
||||
<a href="/notification/{{ notification.id }}/read" class="inline-block">
|
||||
<button class="btn btn-primary" type="button">
|
||||
@ -56,6 +63,13 @@
|
||||
<strong>{{ notification.category }}</strong> • {{ notification.created_at | date(format="%d.%m.%Y %H:%M") }}
|
||||
</small>
|
||||
<div class="mt-1">{{ notification.message | safe }}</div>
|
||||
{% if notification.link %}
|
||||
<a href="{{ notification.link }}" class="inline-block">
|
||||
<button class="btn btn-primary" type="button">
|
||||
🔗
|
||||
</button>
|
||||
</a>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
156
wordpress-notes.md
Normal file
156
wordpress-notes.md
Normal file
@ -0,0 +1,156 @@
|
||||
# Wordpress auth
|
||||
|
||||
Add the following code to `wp-content/themes/bravada/functions.php`:
|
||||
|
||||
```
|
||||
function rot_auth( $user, $username, $password ){
|
||||
// Make sure a username and password are present for us to work with
|
||||
if($username == '' || $password == '') return;
|
||||
|
||||
$ch = curl_init();
|
||||
|
||||
curl_setopt($ch, CURLOPT_URL, 'https://app.rudernlinz.at/wikiauth');
|
||||
curl_setopt($ch, CURLOPT_POST, 1);
|
||||
curl_setopt($ch, CURLOPT_POSTFIELDS, "name=$username&password=$password");
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
|
||||
// Execute the cURL session and get the response
|
||||
$response = curl_exec($ch);
|
||||
|
||||
// Check for cURL errors
|
||||
if(curl_errno($ch)){
|
||||
$user = new WP_Error( 'denied', __('Curl error: ' . curl_error($ch)) );
|
||||
}
|
||||
|
||||
// Close the cURL session
|
||||
curl_close($ch);
|
||||
|
||||
|
||||
if (strpos($response, 'SUCC') !== false) {
|
||||
$user = get_user_by('login', $username);
|
||||
|
||||
if (!$user) {
|
||||
// User does not exist, create a new one
|
||||
$userdata = array(
|
||||
'user_email' => $username,
|
||||
'user_login' => $username,
|
||||
'first_name' => $username,
|
||||
'last_name' => ''
|
||||
);
|
||||
$new_user_id = wp_insert_user($userdata);
|
||||
|
||||
if (!is_wp_error($new_user_id)) {
|
||||
// Load the new user info
|
||||
$user = new WP_User($new_user_id);
|
||||
|
||||
// Set role based on username
|
||||
if ($username == 'Philipp Hofer' || $username == 'Marie Birner') {
|
||||
$user->set_role('administrator');
|
||||
} else {
|
||||
$user->set_role('editor');
|
||||
}
|
||||
} else {
|
||||
// Handle error in user creation
|
||||
return $new_user_id;
|
||||
}
|
||||
} else {
|
||||
}
|
||||
|
||||
} else {
|
||||
$user = new WP_Error( 'denied', __("Falscher Benutzername/Passwort. Verwendest du deine Accountdaten vom Ruderassistenten?") );
|
||||
}
|
||||
|
||||
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
// Comment this line if you wish to fall back on WordPress authentication
|
||||
// Useful for times when the external service is offline
|
||||
remove_action('authenticate', 'wp_authenticate_username_password', 20);
|
||||
|
||||
add_filter( 'authenticate', 'rot_auth', 10, 3 );
|
||||
```
|
||||
|
||||
|
||||
# Wordpress notify rowt on newly published article
|
||||
|
||||
Add the following code to `wp-content/themes/bravada/functions.php`:
|
||||
|
||||
```
|
||||
function send_article_url_on_publish($new_status, $old_status, $post) {
|
||||
// Check if the post is transitioning to 'publish' status
|
||||
if ($new_status == 'publish' && $old_status != 'publish' && $post->post_type == 'post') {
|
||||
// Get the URL of the newly published article
|
||||
$article_url = get_permalink($post->ID);
|
||||
$article_title = get_the_title($post->ID);
|
||||
|
||||
// URL to send the POST request to
|
||||
$api_url = 'https://app.rudernlinz.at/new-blogpost';
|
||||
|
||||
// Prepare the data for the POST request
|
||||
$body = array(
|
||||
'article_url' => $article_url,
|
||||
'article_title' => $article_title,
|
||||
'pw' => "wordpress_key"
|
||||
);
|
||||
|
||||
// Prepare the arguments for wp_remote_post
|
||||
$args = array(
|
||||
'body' => $body,
|
||||
'timeout' => '5',
|
||||
'redirection' => '5',
|
||||
'httpversion' => '1.0',
|
||||
'blocking' => true,
|
||||
'headers' => array(),
|
||||
'cookies' => array()
|
||||
);
|
||||
|
||||
// Send the POST request
|
||||
$response = wp_remote_post($api_url, $args);
|
||||
|
||||
// Optional: Check if the request was successful
|
||||
if (is_wp_error($response)) {
|
||||
error_log('Failed to send POST request: ' . $response->get_error_message());
|
||||
} else {
|
||||
error_log('POST request sent successfully with article URL: ' . $article_url);
|
||||
}
|
||||
}
|
||||
if ($new_status != 'publish' && $old_status == 'publish' && $post->post_type == 'post') {
|
||||
$article_url = get_permalink($post->ID);
|
||||
// URL to send the POST request to
|
||||
$api_url = 'https://app.rudernlinz.at/blogpost-unpublished';
|
||||
|
||||
// Prepare the data for the POST request
|
||||
$body = array(
|
||||
'article_url' => $article_url,
|
||||
'pw' => "wordpress_key"
|
||||
);
|
||||
|
||||
// Prepare the arguments for wp_remote_post
|
||||
$args = array(
|
||||
'body' => $body,
|
||||
'timeout' => '5',
|
||||
'redirection' => '5',
|
||||
'httpversion' => '1.0',
|
||||
'blocking' => true,
|
||||
'headers' => array(),
|
||||
'cookies' => array()
|
||||
);
|
||||
|
||||
// Send the POST request
|
||||
$response = wp_remote_post($api_url, $args);
|
||||
|
||||
// Optional: Check if the request was successful
|
||||
if (is_wp_error($response)) {
|
||||
error_log('Failed to send POST request: ' . $response->get_error_message());
|
||||
} else {
|
||||
error_log('POST request sent successfully with article URL: ' . $article_url);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
// Hook the function to the 'transition_post_status' action
|
||||
add_action('transition_post_status', 'send_article_url_on_publish', 10, 3);
|
||||
```
|
Loading…
Reference in New Issue
Block a user