-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathserver.py
More file actions
executable file
·372 lines (290 loc) · 9.92 KB
/
server.py
File metadata and controls
executable file
·372 lines (290 loc) · 9.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
"""Efty server — Flask backend with SQLite persistence and user auth."""
import functools
import os
import re
import sqlite3
import urllib.request
import feedparser
from flask import (
Flask,
g,
jsonify,
redirect,
render_template,
request,
session,
)
from werkzeug.security import check_password_hash
BASE_DIR = os.path.dirname(os.path.abspath(__file__))
DB_PATH = os.environ.get("EFTY_DB", os.path.join(BASE_DIR, "db.sqlite3"))
app = Flask(__name__)
app.secret_key = os.environ.get("SECRET_KEY", os.urandom(32))
if not os.environ.get("SECRET_KEY"):
print("Warning: SECRET_KEY not set — sessions will not persist across restarts.")
# ── Database ──
def get_db():
"""Return the per-request database connection, creating it if needed."""
if "db" not in g:
g.db = sqlite3.connect(DB_PATH)
g.db.row_factory = sqlite3.Row
g.db.execute("PRAGMA foreign_keys = ON")
return g.db
@app.teardown_appcontext
def close_db(exc=None):
"""Close the database connection at the end of the request."""
db = g.pop("db", None)
if db is not None:
db.close()
def init_db():
"""Create tables from schema.sql if they don't already exist."""
with app.app_context():
db = get_db()
schema = os.path.join(BASE_DIR, "schema.sql")
with open(schema) as f:
db.executescript(f.read())
db.commit()
# ── Feed fetching ──
_USER_AGENT = "Efty RSS Reader/1.0"
def fetch_and_parse(url):
"""Fetch and parse an RSS or Atom feed. Return (title, items).
Args:
url: The feed URL to fetch.
Returns:
A tuple of (feed_title: str, items: list[dict]).
Raises:
ValueError: If the feed cannot be fetched or parsed.
"""
try:
req = urllib.request.Request(url, headers={"User-Agent": _USER_AGENT})
with urllib.request.urlopen(req, timeout=15) as resp:
data = resp.read()
except Exception as exc:
raise ValueError(f"Could not fetch feed: {exc}") from exc
parsed = feedparser.parse(data)
if parsed.bozo and not parsed.entries:
raise ValueError(f"Could not parse feed: {parsed.get('bozo_exception')}")
title = parsed.feed.get("title") or url
items = []
for entry in parsed.entries:
content = ""
if entry.get("content"):
content = entry.content[0].get("value", "")
if not content:
content = entry.get("summary", "")
raw_summary = entry.get("summary", "") or content
summary = re.sub(r"<[^>]+>", "", raw_summary)[:200]
date = entry.get("published") or entry.get("updated") or ""
items.append({
"guid": (
entry.get("id") or entry.get("link") or entry.get("title", "")
),
"title": entry.get("title") or "Untitled",
"link": entry.get("link", ""),
"date": date,
"summary": summary,
"content": content,
})
return title, items
def feed_to_dict(feed_row, item_rows):
"""Serialize a feed row and its items to a JSON-serializable dict."""
return {
"id": feed_row["id"],
"url": feed_row["url"],
"title": feed_row["title"],
"items": [
{
"id": r["id"],
"guid": r["guid"],
"title": r["title"],
"link": r["link"],
"date": r["date"],
"summary": r["summary"],
"content": r["content"],
"read": bool(r["read"]),
}
for r in item_rows
],
}
# ── Auth helpers ──
def require_login(f):
"""Decorator — return 401 JSON if the user is not logged in."""
@functools.wraps(f)
def wrapper(*args, **kwargs):
if "user_id" not in session:
return jsonify({"error": "Not authenticated"}), 401
return f(*args, **kwargs)
return wrapper
# ── Page routes ──
@app.route("/")
def index():
"""Serve the main app, or redirect to /login if not authenticated."""
if "user_id" not in session:
return redirect("/login")
return render_template("index.html")
@app.route("/login")
def login_page():
"""Serve the login/register page."""
if "user_id" in session:
return redirect("/")
return render_template("login.html")
# ── Auth API ──
@app.route("/auth/login", methods=["POST"])
def login():
"""Authenticate and start a session."""
data = request.get_json(silent=True) or {}
username = data.get("username", "").strip()
password = data.get("password", "")
db = get_db()
user = db.execute(
"SELECT id, password_hash FROM users WHERE username = ?", (username,)
).fetchone()
if not user or not check_password_hash(user["password_hash"], password):
return jsonify({"error": "Invalid username or password"}), 401
session.clear()
session["user_id"] = user["id"]
return jsonify({"ok": True})
@app.route("/auth/logout", methods=["POST"])
def logout():
"""Clear the current session."""
session.clear()
return jsonify({"ok": True})
# ── Feeds API ──
@app.route("/api/feeds")
@require_login
def get_feeds():
"""Return all of the current user's feeds with their items."""
db = get_db()
user_id = session["user_id"]
feeds = db.execute(
"SELECT id, url, title FROM feeds WHERE user_id = ? ORDER BY added_at",
(user_id,),
).fetchall()
result = []
for feed in feeds:
items = db.execute(
"""SELECT id, guid, title, link, date, summary, content, read
FROM items WHERE feed_id = ? ORDER BY date DESC""",
(feed["id"],),
).fetchall()
result.append(feed_to_dict(feed, items))
return jsonify(result)
@app.route("/api/feeds", methods=["POST"])
@require_login
def add_feed():
"""Subscribe to a new feed by URL. Fetches and stores its items."""
data = request.get_json(silent=True) or {}
url = data.get("url", "").strip()
if not url:
return jsonify({"error": "URL is required"}), 422
try:
title, items = fetch_and_parse(url)
except ValueError as exc:
return jsonify({"error": str(exc)}), 502
db = get_db()
try:
cursor = db.execute(
"INSERT INTO feeds (user_id, url, title) VALUES (?, ?, ?)",
(session["user_id"], url, title),
)
feed_id = cursor.lastrowid
except sqlite3.IntegrityError:
return jsonify({"error": "Already subscribed to this feed"}), 409
_upsert_items(db, feed_id, items)
db.commit()
item_rows = db.execute(
"""SELECT id, guid, title, link, date, summary, content, read
FROM items WHERE feed_id = ? ORDER BY date DESC""",
(feed_id,),
).fetchall()
feed_row = db.execute(
"SELECT id, url, title FROM feeds WHERE id = ?", (feed_id,)
).fetchone()
return jsonify(feed_to_dict(feed_row, item_rows)), 201
@app.route("/api/feeds/<int:feed_id>", methods=["DELETE"])
@require_login
def remove_feed(feed_id):
"""Unsubscribe from a feed and delete its items."""
db = get_db()
result = db.execute(
"DELETE FROM feeds WHERE id = ? AND user_id = ?",
(feed_id, session["user_id"]),
)
db.commit()
if result.rowcount == 0:
return jsonify({"error": "Feed not found"}), 404
return "", 204
@app.route("/api/feeds/<int:feed_id>/refresh", methods=["POST"])
@require_login
def refresh_feed(feed_id):
"""Re-fetch a feed's items from the source and return the updated feed."""
db = get_db()
feed = db.execute(
"SELECT id, url, title FROM feeds WHERE id = ? AND user_id = ?",
(feed_id, session["user_id"]),
).fetchone()
if not feed:
return jsonify({"error": "Feed not found"}), 404
try:
title, items = fetch_and_parse(feed["url"])
except ValueError as exc:
return jsonify({"error": str(exc)}), 502
db.execute(
"UPDATE feeds SET title = ? WHERE id = ?", (title, feed_id)
)
_upsert_items(db, feed_id, items)
db.commit()
item_rows = db.execute(
"""SELECT id, guid, title, link, date, summary, content, read
FROM items WHERE feed_id = ? ORDER BY date DESC""",
(feed_id,),
).fetchall()
updated_feed = db.execute(
"SELECT id, url, title FROM feeds WHERE id = ?", (feed_id,)
).fetchone()
return jsonify(feed_to_dict(updated_feed, item_rows))
# ── Items API ──
@app.route("/api/items/<int:item_id>", methods=["PATCH"])
@require_login
def update_item(item_id):
"""Update an item's read status."""
data = request.get_json(silent=True) or {}
if "read" not in data:
return jsonify({"error": "Missing 'read' field"}), 422
db = get_db()
# Verify the item belongs to this user via its feed.
item = db.execute(
"""SELECT items.id FROM items
JOIN feeds ON feeds.id = items.feed_id
WHERE items.id = ? AND feeds.user_id = ?""",
(item_id, session["user_id"]),
).fetchone()
if not item:
return jsonify({"error": "Item not found"}), 404
db.execute(
"UPDATE items SET read = ? WHERE id = ?",
(1 if data["read"] else 0, item_id),
)
db.commit()
return "", 204
# ── Internal helpers ──
def _upsert_items(db, feed_id, items):
"""Insert new items into the database, ignoring duplicates by guid."""
for item in items:
db.execute(
"""INSERT OR IGNORE INTO items
(feed_id, guid, title, link, date, summary, content)
VALUES (?, ?, ?, ?, ?, ?, ?)""",
(
feed_id,
item["guid"],
item["title"],
item["link"],
item["date"],
item["summary"],
item["content"],
),
)
# ── Entry point ──
if __name__ == "__main__":
init_db()
app.run(debug=True, port=8000)