gear-orders/flask/app.py

import sys
from pathlib import Path
sys.path.insert(0, str(Path(__file__).resolve().parent.parent))

from flask import Flask, render_template, request, redirect, flash
from flask_login import LoginManager, UserMixin, login_user, logout_user, login_required, current_user
import hashlib
import hmac

from settings import FLASK_SECRET_KEY, TELEGRAM_API_TOKEN, TELEGRAM_BOT_NAME, TELEGRAM_BOT_DOMAIN
from db.queries import user_get
from api import api

app = Flask(__name__)

app.secret_key = FLASK_SECRET_KEY

login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = "index"

class FlaskUser(UserMixin):
  def __init__(self, db_user):
    self.db_user = db_user

  def get_id(self):
    return self.db_user.telegram_username

@login_manager.user_loader
def load_user(user_id):
    try:
      db_user = user_get(user_id)
      return FlaskUser(db_user)
    except:
      return None

app.register_blueprint(api, url_prefix='/api')

@app.route('/')
def index():
  if not current_user.is_authenticated:
    data = {'bot_name': TELEGRAM_BOT_NAME, 'bot_damin': TELEGRAM_BOT_DOMAIN}
    return render_template('index.html', data = data)
  else:
    return redirect('/dashboard/')

@app.route('/dashboard/', defaults={'path': ''})
@app.route('/dashboard/<path:path>')
@login_required
def dashboard(path):
  return render_template('dashboard.html')

@app.route('/logout')
def logout():
  logout_user()
  return redirect('/')

def string_generator(data_incoming):
  data = data_incoming.copy()
  del data['hash']
  keys = sorted(data.keys())
  string_arr = []
  for key in keys:
    string_arr.append(key + '=' + data[key])
  string_cat = '\n'.join(string_arr)
  return string_cat

@app.route('/login')
def login():
  tg_data = {
    "id": request.args.get("id", None),
    "first_name": request.args.get('first_name', None),
    "last_name": request.args.get('last_name', None),
    "username": request.args.get("username", None),
    "photo_url": request.args.get("photo_url", None),
    "auth_date": request.args.get('auth_date', None),
    "hash": request.args.get("hash", None)
  }
  data_check_string = string_generator(tg_data)
  secret_key = hashlib.sha256(TELEGRAM_API_TOKEN.encode('utf-8')).digest()
  secret_key_bytes = secret_key
  data_check_string_bytes = bytes(data_check_string, 'utf-8')
  hmac_string = hmac.new(secret_key_bytes, data_check_string_bytes, hashlib.sha256).hexdigest()
  if hmac_string == tg_data['hash']:
    try:
      db_user = user_get(tg_data['username'])
      login_user(FlaskUser(db_user))
    except:
      flash("Login failed. Please try again.")
      return redirect('/')
  else:
    flash("Login failed. Please try again.")
    return redirect('/')


  return redirect('/dashboard/')

if __name__ == '__main__':
  app.run(host='0.0.0.0', debug=True, port=8080)
Flask login with Telegram 2026-01-09 22:56:54 +00:00			`import sys`
			`from pathlib import Path`
			`sys.path.insert(0, str(Path(__file__).resolve().parent.parent))`

Flask Login 2026-01-09 23:45:03 +00:00			`from flask import Flask, render_template, request, redirect, flash`
			`from flask_login import LoginManager, UserMixin, login_user, logout_user, login_required, current_user`
Flask login with Telegram 2026-01-09 22:56:54 +00:00			`import hashlib`
			`import hmac`

			`from settings import FLASK_SECRET_KEY, TELEGRAM_API_TOKEN, TELEGRAM_BOT_NAME, TELEGRAM_BOT_DOMAIN`
Flask Login 2026-01-09 23:45:03 +00:00			`from db.queries import user_get`
First pass at vite ui 2026-01-10 03:44:55 +00:00			`from api import api`
Flask login with Telegram 2026-01-09 22:56:54 +00:00
			`app = Flask(__name__)`

			`app.secret_key = FLASK_SECRET_KEY`

Flask Login 2026-01-09 23:45:03 +00:00			`login_manager = LoginManager()`
			`login_manager.init_app(app)`
			`login_manager.login_view = "index"`

			`class FlaskUser(UserMixin):`
			`def __init__(self, db_user):`
			`self.db_user = db_user`

			`def get_id(self):`
			`return self.db_user.telegram_username`

			`@login_manager.user_loader`
			`def load_user(user_id):`
			`try:`
			`db_user = user_get(user_id)`
			`return FlaskUser(db_user)`
			`except:`
			`return None`

First pass at vite ui 2026-01-10 03:44:55 +00:00			`app.register_blueprint(api, url_prefix='/api')`

Flask login with Telegram 2026-01-09 22:56:54 +00:00			`@app.route('/')`
			`def index():`
Flask Login 2026-01-09 23:45:03 +00:00			`if not current_user.is_authenticated:`
			`data = {'bot_name': TELEGRAM_BOT_NAME, 'bot_damin': TELEGRAM_BOT_DOMAIN}`
			`return render_template('index.html', data = data)`
			`else:`
First pass at vite ui 2026-01-10 03:44:55 +00:00			`return redirect('/dashboard/')`
Flask login with Telegram 2026-01-09 22:56:54 +00:00
First pass at vite ui 2026-01-10 03:44:55 +00:00			`@app.route('/dashboard/', defaults={'path': ''})`
			`@app.route('/dashboard/<path:path>')`
Flask Login 2026-01-09 23:45:03 +00:00			`@login_required`
First pass at vite ui 2026-01-10 03:44:55 +00:00			`def dashboard(path):`
Flask login with Telegram 2026-01-09 22:56:54 +00:00			`return render_template('dashboard.html')`

Flask Login 2026-01-09 23:45:03 +00:00			`@app.route('/logout')`
			`def logout():`
			`logout_user()`
			`return redirect('/')`

Flask login with Telegram 2026-01-09 22:56:54 +00:00			`def string_generator(data_incoming):`
			`data = data_incoming.copy()`
			`del data['hash']`
			`keys = sorted(data.keys())`
			`string_arr = []`
			`for key in keys:`
			`string_arr.append(key + '=' + data[key])`
			`string_cat = '\n'.join(string_arr)`
			`return string_cat`

			`@app.route('/login')`
			`def login():`
			`tg_data = {`
			`"id": request.args.get("id", None),`
			`"first_name": request.args.get('first_name', None),`
			`"last_name": request.args.get('last_name', None),`
			`"username": request.args.get("username", None),`
			`"photo_url": request.args.get("photo_url", None),`
			`"auth_date": request.args.get('auth_date', None),`
			`"hash": request.args.get("hash", None)`
			`}`
			`data_check_string = string_generator(tg_data)`
			`secret_key = hashlib.sha256(TELEGRAM_API_TOKEN.encode('utf-8')).digest()`
			`secret_key_bytes = secret_key`
			`data_check_string_bytes = bytes(data_check_string, 'utf-8')`
			`hmac_string = hmac.new(secret_key_bytes, data_check_string_bytes, hashlib.sha256).hexdigest()`
			`if hmac_string == tg_data['hash']:`
Flask Login 2026-01-09 23:45:03 +00:00			`try:`
			`db_user = user_get(tg_data['username'])`
			`login_user(FlaskUser(db_user))`
			`except:`
			`flash("Login failed. Please try again.")`
			`return redirect('/')`
			`else:`
			`flash("Login failed. Please try again.")`
			`return redirect('/')`


First pass at vite ui 2026-01-10 03:44:55 +00:00			`return redirect('/dashboard/')`
Flask login with Telegram 2026-01-09 22:56:54 +00:00
			`if __name__ == '__main__':`
			`app.run(host='0.0.0.0', debug=True, port=8080)`