Fixed scrobbling with POST request

2023-08-10 21:12:55 +03:00 · 2020-08-26 05:27:01 +02:00 · 2020-08-26 05:27:01 +02:00 · 75bd823ad0
commit 75bd823ad0
parent 3a4769cfb2
6 changed files with 10 additions and 101 deletions
--- a/maloja/pkginfo.py
+++ b/maloja/pkginfo.py
@ -5,7 +5,7 @@ author = {
 	"email":"maloja@krateng.dev",
 	"github": "krateng"
 }
-version = 2,7,7
+version = 2,7,8
 versionstr = ".".join(str(n) for n in version)
 links = {
 	"pypi":"malojaserver",
--- a/maloja/database.py
+++ b/maloja/database.py
@ -246,7 +246,7 @@ def normalize_name(name):
 # skip regular authentication if api key is present in request
 # an api key now ONLY permits scrobbling tracks, no other admin tasks
 def api_key_correct(request):
-	args = request.query
+	args = request.params
 	if "key" in args:
 		apikey = args["key"]
 		del args["key"]
--- a/maloja/web/jinja/admin_overview.jinja
+++ b/maloja/web/jinja/admin_overview.jinja
@ -74,4 +74,11 @@
 	<a class="textlink" target="_blank" rel="noopener noreferrer" href="https://github.com/krateng/maloja/issues/new">Report Issue</a><br/>
 	<a class="textlink" target="_blank" rel="noopener noreferrer" href="https://github.com/krateng/maloja/blob/master/README.md">Readme</a><br/>
 	<a class="textlink" target="_blank" rel="noopener noreferrer" href="https://pypi.org/project/malojaserver/">PyPi</a><br/>
+	{% if false %}
+	<h2>Change Password</h2>
+
+	<input class="simpleinput" type="password" placeholder="New Password"></input><br/>
+	<input class="simpleinput" type="password" placeholder="Repeat"></input><br/><br/>
+	<span class="button" onclick="changepw()">Change</span>
+	{% endif %}
 	{% endblock %}
--- a/maloja/web/jinja/error.jinja
+++ b/maloja/web/jinja/error.jinja
@ -1,4 +1,5 @@
 {% extends "abstracts/base.jinja" %}
+{% block title %}Maloja - Error{% endblock %}

 {% block content %}
 	<table class="top_info">
--- a/maloja/web/proxy.html
+++ b/maloja/web/proxy.html
@ -1,46 +0,0 @@
-<!DOCTYPE html>
-
-<html>
-	<head>
-		<meta charset="UTF-8" />
-		<title>Maloja - Proxyscrobble</title>
-		<script src="/cookies.js"></script>
-
-		<script>
-			window.addEventListener("load",function(){
-				try {
-					document.getElementById("lastfmlink").href += window.location.href;
-				}
-				catch (e) {
-				}
-
-
-			});
-		</script>
-	</head>
-
-	<body>
-		<table class="top_info">
-			<tr>
-				<td class="image">
-					<div style="background-image:url('/favicon.png')"></div>
-				</td>
-				<td class="text">
-					<h1>Proxyscrobble</h1>
-
-					<p class="desc">Duplicate your scrobbles to another service.
-					Your API key is required to make any changes to the server: <input id='apikey' onchange='checkAPIkey()' style='width:300px;'/></p>
-				</td>
-			</tr>
-		</table>
-
-		<table class="list">
-			<tr>
-				<td>Last.fm</td>
-				KEY_STATUS_LASTFM
-			</tr>
-		</table>
-
-
-	</body>
-</html>
--- a/maloja/web/proxy.py
+++ b/maloja/web/proxy.py
@ -1,53 +0,0 @@
-from doreah.settings import get_settings, update_settings
-import urllib.request
-import hashlib
-import xml.etree.ElementTree as ET
-from bottle import redirect, request
-from ..database import checkAPIkey
-from ..external import lfmbuild
-
-def instructions(keys):
-	authenticated = False
-	if "Cookie" in request.headers:
-		cookies = request.headers["Cookie"].split(";")
-		for c in cookies:
-			if c.strip().startswith("apikey="):
-				authenticated = checkAPIkey(c.strip()[7:])
-
-	if "token" in keys and authenticated:
-		token = keys.get("token")
-		parameters = {
-			"method":"auth.getSession",
-			"token":token,
-			"api_key":get_settings("LASTFM_API_KEY")
-		}
-		response = urllib.request.urlopen("http://ws.audioscrobbler.com/2.0/?" + lfmbuild(parameters))
-		xml = response.read()
-		data = ET.fromstring(xml)
-		if data.attrib.get("status") == "ok":
-			username = data.find("session").find("name").text
-			sessionkey = data.find("session").find("key").text
-
-			update_settings("settings/settings.ini",{"LASTFM_API_SK":sessionkey,"LASTFM_USERNAME":username},create_new=True)
-
-		return "/proxy"
-
-	else:
-		key,secret,sessionkey,name = get_settings("LASTFM_API_KEY","LASTFM_API_SECRET","LASTFM_API_SK","LASTFM_USERNAME")
-
-		if key is None:
-			lastfm = "<td>No Last.fm key provided</td>"
-		elif secret is None:
-			lastfm = "<td>No Last.fm secret provided</td>"
-		elif sessionkey is None and authenticated:
-			url = "http://www.last.fm/api/auth/?api_key=" + key + "&cb="
-			lastfm = "<td class='button'><a id='lastfmlink' href='" + url + "'><div>Connect</div></a></td>"
-		elif sessionkey is None:
-			lastfm = "<td>Not active</td>"
-		else:
-
-			lastfm = "<td>Account: " + name + "</td>"
-
-
-
-	return {"KEY_STATUS_LASTFM":lastfm},[]