Spaces:
Running
Running
added correct unsubscribe_token logic
Browse files
app.py
CHANGED
|
@@ -26,7 +26,7 @@ load_dotenv()
|
|
| 26 |
DB_URL = os.getenv("DB_URL")
|
| 27 |
GMAIL_USER = os.getenv("GMAIL_USER")
|
| 28 |
HF_URL = os.getenv("HF_URL")
|
| 29 |
-
ADMIN_SECRET = os.getenv("ADMIN_SECRET")
|
| 30 |
XSRF_TOKEN = os.getenv("XSRF_TOKEN")
|
| 31 |
BIP_SESSION = os.getenv("BIP_SESSION")
|
| 32 |
BIP_API = "https://bip.bitsathy.ac.in/nova-api/student-activity-masters"
|
|
@@ -54,8 +54,6 @@ def get_db():
|
|
| 54 |
raise
|
| 55 |
|
| 56 |
|
| 57 |
-
# ================= COOKIES =================
|
| 58 |
-
|
| 59 |
# ================= COOKIES =================
|
| 60 |
|
| 61 |
def load_cookies():
|
|
@@ -63,30 +61,12 @@ def load_cookies():
|
|
| 63 |
if not XSRF_TOKEN or not BIP_SESSION:
|
| 64 |
raise Exception("XSRF_TOKEN and BIP_SESSION must be set in environment variables")
|
| 65 |
|
| 66 |
-
# Clean the values - remove any cookie header prefixes
|
| 67 |
-
xsrf_value = XSRF_TOKEN.strip()
|
| 68 |
-
session_value = BIP_SESSION.strip()
|
| 69 |
-
|
| 70 |
-
# Remove "XSRF-TOKEN=" prefix if present
|
| 71 |
-
if xsrf_value.startswith("XSRF-TOKEN="):
|
| 72 |
-
xsrf_value = xsrf_value[12:] # Remove "XSRF-TOKEN="
|
| 73 |
-
|
| 74 |
-
# Remove "bip_session=" prefix if present
|
| 75 |
-
if session_value.startswith("bip_session="):
|
| 76 |
-
session_value = session_value[12:] # Remove "bip_session="
|
| 77 |
-
|
| 78 |
-
# Remove any trailing cookie parts (like "; other_cookie=...")
|
| 79 |
-
if ";" in xsrf_value:
|
| 80 |
-
xsrf_value = xsrf_value.split(";")[0]
|
| 81 |
-
|
| 82 |
-
if ";" in session_value:
|
| 83 |
-
session_value = session_value.split(";")[0]
|
| 84 |
-
|
| 85 |
return {
|
| 86 |
-
"XSRF-TOKEN":
|
| 87 |
-
"bip_session":
|
| 88 |
}
|
| 89 |
|
|
|
|
| 90 |
# ================= GMAIL =================
|
| 91 |
|
| 92 |
def create_token():
|
|
@@ -344,6 +324,7 @@ def log_page1_to_file():
|
|
| 344 |
# ================= SUBSCRIBE =================
|
| 345 |
|
| 346 |
def subscribe(email):
|
|
|
|
| 347 |
if not email or not email.endswith("@bitsathy.ac.in"):
|
| 348 |
return "β Use college email only"
|
| 349 |
|
|
@@ -351,90 +332,102 @@ def subscribe(email):
|
|
| 351 |
db = get_db()
|
| 352 |
cur = db.cursor()
|
| 353 |
|
| 354 |
-
# Check
|
| 355 |
cur.execute("""
|
| 356 |
-
SELECT email_verified, unsubscribed
|
| 357 |
-
FROM users
|
| 358 |
WHERE email=%s
|
| 359 |
""", (email,))
|
| 360 |
|
| 361 |
-
|
| 362 |
|
| 363 |
-
|
| 364 |
-
|
| 365 |
-
|
| 366 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 367 |
cur.close()
|
| 368 |
db.close()
|
| 369 |
-
return "β
You're already subscribed
|
| 370 |
-
|
| 371 |
-
|
| 372 |
-
|
|
|
|
|
|
|
| 373 |
cur.execute("""
|
| 374 |
-
UPDATE users
|
| 375 |
-
SET unsubscribed=false
|
|
|
|
| 376 |
WHERE email=%s
|
| 377 |
-
""", (
|
| 378 |
db.commit()
|
| 379 |
cur.close()
|
| 380 |
db.close()
|
| 381 |
-
return "β
Successfully re-subscribed
|
| 382 |
-
|
| 383 |
-
|
| 384 |
-
|
| 385 |
-
|
|
|
|
| 386 |
cur.execute("""
|
| 387 |
-
UPDATE users
|
| 388 |
-
SET verification_token=%s
|
| 389 |
WHERE email=%s
|
| 390 |
-
""", (
|
|
|
|
| 391 |
db.commit()
|
| 392 |
-
|
| 393 |
-
|
| 394 |
-
|
| 395 |
-
|
| 396 |
email,
|
| 397 |
"Verify BIP Alerts",
|
| 398 |
-
f"Click <a href='{
|
| 399 |
-
)
|
| 400 |
-
|
| 401 |
-
else:
|
| 402 |
-
result = "β Failed to send verification email"
|
| 403 |
-
|
| 404 |
cur.close()
|
| 405 |
db.close()
|
| 406 |
-
return
|
| 407 |
|
| 408 |
-
#
|
| 409 |
-
|
|
|
|
|
|
|
|
|
|
| 410 |
|
| 411 |
cur.execute("""
|
| 412 |
-
INSERT INTO users(
|
| 413 |
-
|
| 414 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 415 |
|
| 416 |
db.commit()
|
| 417 |
|
| 418 |
-
|
| 419 |
|
| 420 |
-
|
| 421 |
email,
|
| 422 |
"Verify BIP Alerts",
|
| 423 |
-
f"Click <a href='{
|
| 424 |
-
)
|
| 425 |
-
result = "π© Verification sent to your email"
|
| 426 |
-
else:
|
| 427 |
-
result = "β Failed to send verification email"
|
| 428 |
|
| 429 |
cur.close()
|
| 430 |
db.close()
|
| 431 |
|
| 432 |
-
return
|
| 433 |
|
| 434 |
except Exception as e:
|
| 435 |
-
print(
|
| 436 |
return f"β Error: {str(e)}"
|
| 437 |
-
|
| 438 |
# ================= VERIFY =================
|
| 439 |
|
| 440 |
def verify_user(token):
|
|
@@ -447,16 +440,17 @@ def verify_user(token):
|
|
| 447 |
|
| 448 |
cur.execute("""
|
| 449 |
UPDATE users
|
| 450 |
-
SET email_verified=true,
|
| 451 |
-
verification_token=NULL,
|
| 452 |
-
unsubscribed=false
|
| 453 |
-
WHERE verification_token=%s
|
|
|
|
| 454 |
""", (token,))
|
| 455 |
|
| 456 |
-
if cur.rowcount
|
| 457 |
-
result = "
|
| 458 |
else:
|
| 459 |
-
result = "
|
| 460 |
|
| 461 |
db.commit()
|
| 462 |
cur.close()
|
|
@@ -465,12 +459,10 @@ def verify_user(token):
|
|
| 465 |
return result
|
| 466 |
|
| 467 |
except Exception as e:
|
| 468 |
-
print(
|
| 469 |
return f"β Verification failed: {str(e)}"
|
| 470 |
|
| 471 |
-
|
| 472 |
# ================= UNSUBSCRIBE =================
|
| 473 |
-
|
| 474 |
def unsubscribe_user(token):
|
| 475 |
if not token:
|
| 476 |
return ""
|
|
@@ -480,17 +472,16 @@ def unsubscribe_user(token):
|
|
| 480 |
cur = db.cursor()
|
| 481 |
|
| 482 |
cur.execute("""
|
| 483 |
-
UPDATE users
|
| 484 |
-
SET unsubscribed=true
|
| 485 |
-
WHERE
|
| 486 |
-
|
| 487 |
-
|
| 488 |
-
""", (token, token))
|
| 489 |
|
| 490 |
-
if cur.rowcount
|
| 491 |
-
result = "
|
| 492 |
else:
|
| 493 |
-
result = "
|
| 494 |
|
| 495 |
db.commit()
|
| 496 |
cur.close()
|
|
@@ -499,10 +490,9 @@ def unsubscribe_user(token):
|
|
| 499 |
return result
|
| 500 |
|
| 501 |
except Exception as e:
|
| 502 |
-
print(
|
| 503 |
return f"β Unsubscribe failed: {str(e)}"
|
| 504 |
|
| 505 |
-
|
| 506 |
# ================= EMAIL STATUS =================
|
| 507 |
|
| 508 |
def check_email_status(email):
|
|
@@ -607,7 +597,7 @@ def send_notifications_for_events(new_events):
|
|
| 607 |
cur = db.cursor()
|
| 608 |
|
| 609 |
cur.execute("""
|
| 610 |
-
SELECT id,email,
|
| 611 |
FROM users
|
| 612 |
WHERE email_verified=true
|
| 613 |
AND unsubscribed=false
|
|
@@ -633,6 +623,7 @@ def send_notifications_for_events(new_events):
|
|
| 633 |
<li><b>Organizer:</b> {event['organizer']}</li>
|
| 634 |
<li><b>Date:</b> {event['start_date']}</li>
|
| 635 |
<li><b>Category:</b> {event['event_category']}</li>
|
|
|
|
| 636 |
<li><b>Location:</b> {event['location']}</li>
|
| 637 |
<li><b>View:</b> <a href="{event['web_url']}">Link</a></li>
|
| 638 |
</ul>
|
|
@@ -642,14 +633,14 @@ def send_notifications_for_events(new_events):
|
|
| 642 |
|
| 643 |
total_sent = 0
|
| 644 |
|
| 645 |
-
for uid, mail,
|
| 646 |
|
| 647 |
html = f"""
|
| 648 |
<h2>π’ New BIP Events Alert</h2>
|
| 649 |
<p>{len(new_events)} new events have been added:</p>
|
| 650 |
{events_html}
|
| 651 |
<hr>
|
| 652 |
-
<a href="{HF_URL}?unsubscribe={
|
| 653 |
"""
|
| 654 |
|
| 655 |
if send_email(mail, subject, html):
|
|
|
|
| 26 |
DB_URL = os.getenv("DB_URL")
|
| 27 |
GMAIL_USER = os.getenv("GMAIL_USER")
|
| 28 |
HF_URL = os.getenv("HF_URL")
|
| 29 |
+
# ADMIN_SECRET = os.getenv("ADMIN_SECRET")
|
| 30 |
XSRF_TOKEN = os.getenv("XSRF_TOKEN")
|
| 31 |
BIP_SESSION = os.getenv("BIP_SESSION")
|
| 32 |
BIP_API = "https://bip.bitsathy.ac.in/nova-api/student-activity-masters"
|
|
|
|
| 54 |
raise
|
| 55 |
|
| 56 |
|
|
|
|
|
|
|
| 57 |
# ================= COOKIES =================
|
| 58 |
|
| 59 |
def load_cookies():
|
|
|
|
| 61 |
if not XSRF_TOKEN or not BIP_SESSION:
|
| 62 |
raise Exception("XSRF_TOKEN and BIP_SESSION must be set in environment variables")
|
| 63 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 64 |
return {
|
| 65 |
+
"XSRF-TOKEN": XSRF_TOKEN,
|
| 66 |
+
"bip_session": BIP_SESSION
|
| 67 |
}
|
| 68 |
|
| 69 |
+
|
| 70 |
# ================= GMAIL =================
|
| 71 |
|
| 72 |
def create_token():
|
|
|
|
| 324 |
# ================= SUBSCRIBE =================
|
| 325 |
|
| 326 |
def subscribe(email):
|
| 327 |
+
|
| 328 |
if not email or not email.endswith("@bitsathy.ac.in"):
|
| 329 |
return "β Use college email only"
|
| 330 |
|
|
|
|
| 332 |
db = get_db()
|
| 333 |
cur = db.cursor()
|
| 334 |
|
| 335 |
+
# Check existing user
|
| 336 |
cur.execute("""
|
| 337 |
+
SELECT email_verified, unsubscribed
|
| 338 |
+
FROM users
|
| 339 |
WHERE email=%s
|
| 340 |
""", (email,))
|
| 341 |
|
| 342 |
+
row = cur.fetchone()
|
| 343 |
|
| 344 |
+
# -----------------------------
|
| 345 |
+
# EXISTING USER
|
| 346 |
+
# -----------------------------
|
| 347 |
+
if row:
|
| 348 |
+
verified, unsub = row
|
| 349 |
+
|
| 350 |
+
# Already active
|
| 351 |
+
if verified and not unsub:
|
| 352 |
cur.close()
|
| 353 |
db.close()
|
| 354 |
+
return "β
You're already subscribed"
|
| 355 |
+
|
| 356 |
+
# Re-subscribe user
|
| 357 |
+
if verified and unsub:
|
| 358 |
+
new_unsub_token = uuid.uuid4().hex
|
| 359 |
+
|
| 360 |
cur.execute("""
|
| 361 |
+
UPDATE users
|
| 362 |
+
SET unsubscribed=false,
|
| 363 |
+
unsubscribe_token=%s
|
| 364 |
WHERE email=%s
|
| 365 |
+
""", (new_unsub_token, email))
|
| 366 |
db.commit()
|
| 367 |
cur.close()
|
| 368 |
db.close()
|
| 369 |
+
return "β
Successfully re-subscribed"
|
| 370 |
+
|
| 371 |
+
# Not verified yet β resend verification
|
| 372 |
+
if not verified:
|
| 373 |
+
verification_token = uuid.uuid4().hex
|
| 374 |
+
|
| 375 |
cur.execute("""
|
| 376 |
+
UPDATE users
|
| 377 |
+
SET verification_token=%s
|
| 378 |
WHERE email=%s
|
| 379 |
+
""", (verification_token, email))
|
| 380 |
+
|
| 381 |
db.commit()
|
| 382 |
+
|
| 383 |
+
verify_link = f"{HF_URL}?verify={verification_token}"
|
| 384 |
+
|
| 385 |
+
send_email(
|
| 386 |
email,
|
| 387 |
"Verify BIP Alerts",
|
| 388 |
+
f"Click <a href='{verify_link}'>here</a> to verify"
|
| 389 |
+
)
|
| 390 |
+
|
|
|
|
|
|
|
|
|
|
| 391 |
cur.close()
|
| 392 |
db.close()
|
| 393 |
+
return "π© Verification email re-sent"
|
| 394 |
|
| 395 |
+
# -----------------------------
|
| 396 |
+
# NEW USER
|
| 397 |
+
# -----------------------------
|
| 398 |
+
verification_token = uuid.uuid4().hex
|
| 399 |
+
unsubscribe_token = uuid.uuid4().hex
|
| 400 |
|
| 401 |
cur.execute("""
|
| 402 |
+
INSERT INTO users(
|
| 403 |
+
email,
|
| 404 |
+
email_verified,
|
| 405 |
+
verification_token,
|
| 406 |
+
unsubscribe_token,
|
| 407 |
+
unsubscribed
|
| 408 |
+
)
|
| 409 |
+
VALUES(%s, false, %s, %s, false)
|
| 410 |
+
""", (email, verification_token, unsubscribe_token))
|
| 411 |
|
| 412 |
db.commit()
|
| 413 |
|
| 414 |
+
verify_link = f"{HF_URL}?verify={verification_token}"
|
| 415 |
|
| 416 |
+
send_email(
|
| 417 |
email,
|
| 418 |
"Verify BIP Alerts",
|
| 419 |
+
f"Click <a href='{verify_link}'>here</a> to verify"
|
| 420 |
+
)
|
|
|
|
|
|
|
|
|
|
| 421 |
|
| 422 |
cur.close()
|
| 423 |
db.close()
|
| 424 |
|
| 425 |
+
return "π© Verification sent"
|
| 426 |
|
| 427 |
except Exception as e:
|
| 428 |
+
print("β Subscribe error:", e)
|
| 429 |
return f"β Error: {str(e)}"
|
| 430 |
+
|
| 431 |
# ================= VERIFY =================
|
| 432 |
|
| 433 |
def verify_user(token):
|
|
|
|
| 440 |
|
| 441 |
cur.execute("""
|
| 442 |
UPDATE users
|
| 443 |
+
SET email_verified = true,
|
| 444 |
+
verification_token = NULL,
|
| 445 |
+
unsubscribed = false
|
| 446 |
+
WHERE verification_token = %s
|
| 447 |
+
AND email_verified = false
|
| 448 |
""", (token,))
|
| 449 |
|
| 450 |
+
if cur.rowcount == 0:
|
| 451 |
+
result = "β Invalid or expired verification link"
|
| 452 |
else:
|
| 453 |
+
result = "β
Email verified successfully!"
|
| 454 |
|
| 455 |
db.commit()
|
| 456 |
cur.close()
|
|
|
|
| 459 |
return result
|
| 460 |
|
| 461 |
except Exception as e:
|
| 462 |
+
print("β Verify error:", e)
|
| 463 |
return f"β Verification failed: {str(e)}"
|
| 464 |
|
|
|
|
| 465 |
# ================= UNSUBSCRIBE =================
|
|
|
|
| 466 |
def unsubscribe_user(token):
|
| 467 |
if not token:
|
| 468 |
return ""
|
|
|
|
| 472 |
cur = db.cursor()
|
| 473 |
|
| 474 |
cur.execute("""
|
| 475 |
+
UPDATE users
|
| 476 |
+
SET unsubscribed = true
|
| 477 |
+
WHERE unsubscribe_token = %s
|
| 478 |
+
AND email_verified = true
|
| 479 |
+
""", (token,))
|
|
|
|
| 480 |
|
| 481 |
+
if cur.rowcount == 0:
|
| 482 |
+
result = "β Invalid or expired unsubscribe link"
|
| 483 |
else:
|
| 484 |
+
result = "β
Successfully unsubscribed from BIP alerts"
|
| 485 |
|
| 486 |
db.commit()
|
| 487 |
cur.close()
|
|
|
|
| 490 |
return result
|
| 491 |
|
| 492 |
except Exception as e:
|
| 493 |
+
print("β Unsubscribe error:", e)
|
| 494 |
return f"β Unsubscribe failed: {str(e)}"
|
| 495 |
|
|
|
|
| 496 |
# ================= EMAIL STATUS =================
|
| 497 |
|
| 498 |
def check_email_status(email):
|
|
|
|
| 597 |
cur = db.cursor()
|
| 598 |
|
| 599 |
cur.execute("""
|
| 600 |
+
SELECT id,email,unsubscribe_token
|
| 601 |
FROM users
|
| 602 |
WHERE email_verified=true
|
| 603 |
AND unsubscribed=false
|
|
|
|
| 623 |
<li><b>Organizer:</b> {event['organizer']}</li>
|
| 624 |
<li><b>Date:</b> {event['start_date']}</li>
|
| 625 |
<li><b>Category:</b> {event['event_category']}</li>
|
| 626 |
+
<li><b>BIP URL:</b> <a href="https://bip.bitsathy.ac.in/nova/resources/student-achievement-loggers">Logger Link</a></li>
|
| 627 |
<li><b>Location:</b> {event['location']}</li>
|
| 628 |
<li><b>View:</b> <a href="{event['web_url']}">Link</a></li>
|
| 629 |
</ul>
|
|
|
|
| 633 |
|
| 634 |
total_sent = 0
|
| 635 |
|
| 636 |
+
for uid, mail, unsubscribe_token in users:
|
| 637 |
|
| 638 |
html = f"""
|
| 639 |
<h2>π’ New BIP Events Alert</h2>
|
| 640 |
<p>{len(new_events)} new events have been added:</p>
|
| 641 |
{events_html}
|
| 642 |
<hr>
|
| 643 |
+
<a href="{HF_URL}?unsubscribe={unsubscribe_token}">Unsubscribe</a>
|
| 644 |
"""
|
| 645 |
|
| 646 |
if send_email(mail, subject, html):
|