SteamDesktopAuthenticator2/main.py at main · offish/SteamDesktopAuthenticator2 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
import time

from flask import Flask, Response, abort, jsonify, redirect, render_template, request

from sda2.account_manager import AccountManager
from sda2.guard import generate_confirmation_key, generate_one_time_code

BASE_PATH = "/sda2/"
app = Flask(__name__)
account_manager = AccountManager()


@app.route("/")
def index() -> Response:
    return redirect("/decrypt")


@app.route(BASE_PATH)
def home() -> Response:
    if account_manager.needs_password():
        return redirect("/decrypt")

    return render_template("index.html", check_user_script_installed=True)


@app.route("/decrypt", methods=["GET", "POST"])
def decrypt() -> Response:
    if request.method == "POST":
        password = request.form.get("password", "").strip()

        try:
            account_manager.decrypt_accounts(password)
        except ValueError:
            pass

    if account_manager.needs_password():
        print("Password is required to access the accounts")
        return render_template(
            "index.html", password_required=True, check_user_script_installed=False
        )

    account_manager.set_remaining_accounts()
    return redirect(BASE_PATH)


@app.route(BASE_PATH + "codes")
def codes() -> Response:
    return render_template("codes.html", accounts=account_manager.get_accounts())


@app.route(BASE_PATH + "code/<username>")
def get_code(username: str) -> str:
    print(f"User requesting login code for {username}")
    shared_secret = account_manager.get_shared_secret(username)

    if not shared_secret:
        abort(404, description="No shared_secret was found for that username.")

    return generate_one_time_code(shared_secret)


@app.route(BASE_PATH + "key/<username>/<tag>")
def get_confirmation_key(username: str, tag: str) -> Response:
    print(f"User requesting confirmation key for {username}, tag {tag}")
    timestamp = int(request.args.get("t", time.time()))
    identity_secret = account_manager.get_identity_secret(username)

    if not identity_secret:
        abort(404, description="No identity_secret was found for that username.")

    return jsonify(
        {
            "time": timestamp,
            "key": generate_confirmation_key(identity_secret, tag, timestamp),
        }
    )


if __name__ == "__main__":
    app.run(host="127.0.0.1", port=5000, debug=True)