diff --git a/.vscode/launch.json b/.vscode/launch.json new file mode 100644 index 0000000..b1b9d3a --- /dev/null +++ b/.vscode/launch.json @@ -0,0 +1,21 @@ +{ + "version": "0.2.0", + "configurations": [ + { + "name": "Python: Remote Attach", + "type": "python", + "request": "attach", + "connect": { + "host": "192.168.10.31", + "port": 5678 + }, + "pathMappings": [ + { + "localRoot": "${workspaceFolder}", + "remoteRoot": "." + } + ], + "justMyCode": true + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8e1aa4f..b25f09c 100644 --- a/README.md +++ b/README.md @@ -131,7 +131,7 @@ Go to [http://localhost:5000](http://localhost:5000) in your browser. ## 🛠️ Technology Stack 🛠️ - **Frontend:** Bootstrap 5, Jinja2 Templates ... -- **Backend:** Python 3, Flask, Flask-Babel, Flask-Login, Flask-SQLAlchemy ... +- **Backend:** Python 3, Flask, Flask-Babel, Flask-Login, Flask-SQLAlchemy, Apprise ... - **Database:** SQLite (persisted in `data/`) - **Containerization:** Docker, docker-compose - **Translations:** Flask-Babel, editable `.po` files in `translations/` @@ -144,8 +144,8 @@ Go to [http://localhost:5000](http://localhost:5000) in your browser. ## 🔔 Notifications - Send notifications if a game has to be redeemed by a specific date -- Gotify, Matrix and Pushover are already available - have a look into the .env file -- 48 hours before you are running out of time the app will send you a notice +- Switched from generic notifications to [Apprise](https://github.com/caronc/apprise) - have a look into the .env file +- 48 hours before you are running out of time the app will send you a notice to your services --- diff --git a/app.py b/app.py new file mode 100644 index 0000000..e69de29 diff --git a/setup.sh b/setup.sh index 4741e96..ee3d8e7 100644 --- a/setup.sh +++ b/setup.sh @@ -76,19 +76,26 @@ fi # Configuration PROJECT_DIR="steam-gift-manager" -TRANSLATIONS_DIR="$PWD/translations" +TRANSLATIONS_DIR="$PWD/$PROJECT_DIR/translations" DATA_DIR="$PWD/data" # 1. Create folders -mkdir -p "$PROJECT_DIR"/{templates,static} -mkdir -p "$TRANSLATIONS_DIR"/de/LC_MESSAGES -mkdir -p "$TRANSLATIONS_DIR"/en/LC_MESSAGES +mkdir -p "$PROJECT_DIR"/{templates,static,translations} mkdir -p "$DATA_DIR" chmod -R a+rwX "$TRANSLATIONS_DIR" "$DATA_DIR" cd $PROJECT_DIR +## UID/GID-Logic +#if [ "$(id -u)" -eq 0 ]; then +# export UID=1000 +# export GID=1000 +#else +# export UID=$(id -u) +# export GID=$(id -g) +#fi + # 2. requirements.txt cat < requirements.txt flask @@ -98,19 +105,22 @@ flask-migrate werkzeug python-dotenv flask-sqlalchemy -flask-babel jinja2<3.1.0 itsdangerous sqlalchemy apscheduler -matrix-client reportlab requests pillow gunicorn +apprise +debugpy +pytz +Flask-Session +redis EOL -# 3. .env Datei in Parent-VFolder +# 3. .env Datei in Parent-Folder cd .. SECRET_KEY=$(python3 -c 'import secrets; print(secrets.token_hex(24))') REDEEM_SECRET=$(python3 -c 'import secrets; print(secrets.token_hex(16))') @@ -122,15 +132,15 @@ SECRET_KEY="$SECRET_KEY" REDEEM_SECRET="$REDEEM_SECRET" WTF_CSRF_SECRET_KEY="$REDEEM_CSRF" -# locales -BABEL_DEFAULT_LOCALE="en" -BABEL_SUPPORTED_LOCALES="de,en" -BABEL_TRANSLATION_DIRECTORIES="translations" +# Language Settings +DEFAULT_LANGUAGE="en" +SUPPORTED_LANGUAGES="de,en" # Timezone TZ=Europe/Berlin # Security +FORCE_HTTPS=False SESSION_COOKIE_SECURE="False" CSRF_ENABLED="True" # Account registration @@ -139,36 +149,57 @@ REGISTRATION_ENABLED="True" # checking interval if keys have to be redeemed before a specific date CHECK_EXPIRING_KEYS_INTERVAL_HOURS=6 -# Pushover -PUSHOVER_APP_TOKEN="" -PUSHOVER_USER_KEY="" +# Apprise URLs (separate several with a line break, comma or space) +APPRISE_URLS="" -# Gotify -GOTIFY_URL="" -GOTIFY_TOKEN="" +### example for multiple notifications +#APPRISE_URLS="pover://USER_KEY@APP_TOKEN +#gotify://gotify.example.com/TOKEN +#matrixs://TOKEN@matrix.org/!ROOM_ID" -# Matrix -MATRIX_HOMESERVER="" -MATRIX_ACCESS_TOKEN="" -MATRIX_ROOM_ID="" +# Redis URL +REDIS_URL=redis://redis:6379/0 + +# Enable Debug (e.g. for VS Code) +DEBUGPY=0 EOL cd $PROJECT_DIR # 4. app.py (the main app) cat <<'PYTHON_END' > app.py -import os +import os, time +from datetime import datetime, timedelta +from zoneinfo import ZoneInfo +import pytz import warnings from sqlalchemy.exc import LegacyAPIWarning warnings.simplefilter("ignore", category=LegacyAPIWarning) -from flask import Flask, render_template, request, redirect, url_for, flash, make_response, session, abort, send_file, jsonify +from flask import ( + Flask, + render_template, + request, + redirect, + url_for, + flash, + session, + abort, + send_file, + jsonify, + Markup, + make_response, + abort +) from flask_sqlalchemy import SQLAlchemy +from flask_session import Session from flask_login import LoginManager, UserMixin, login_user, logout_user, login_required, current_user -from flask_babel import Babel, _ from werkzeug.security import generate_password_hash, check_password_hash -from datetime import datetime, timedelta from flask_wtf import CSRFProtect from flask import abort +from flask import request, redirect +from flask_wtf import FlaskForm +from flask_wtf.csrf import CSRFProtect +from wtforms import StringField, SelectField, TextAreaField, validators import io import warnings import re @@ -180,9 +211,10 @@ from dotenv import load_dotenv load_dotenv(override=True) from sqlalchemy.exc import IntegrityError from apscheduler.schedulers.background import BackgroundScheduler +from apscheduler.jobstores.sqlalchemy import SQLAlchemyJobStore import atexit from flask_migrate import Migrate -from sqlalchemy import MetaData +from sqlalchemy import MetaData, event, UniqueConstraint from reportlab.pdfgen import canvas from reportlab.lib.pagesizes import A4, landscape, letter from reportlab.platypus import ( @@ -199,11 +231,79 @@ from reportlab.lib.utils import ImageReader from reportlab.lib.units import cm, inch, mm from io import BytesIO import reportlab.lib +import traceback import logging -logging.basicConfig() -logging.getLogger('babel').setLevel(logging.DEBUG) +logging.basicConfig(level=logging.INFO) +logging.getLogger('apscheduler').setLevel(logging.DEBUG) +from sqlalchemy.engine import Engine +import sqlite3 +from sqlalchemy.orm import joinedload +from functools import wraps +from flask_session import Session +from redis import Redis + +@event.listens_for(Engine, "connect") +def enable_foreign_keys(dbapi_connection, connection_record): + if isinstance(dbapi_connection, sqlite3.Connection): + cursor = dbapi_connection.cursor() + cursor.execute("PRAGMA foreign_keys=ON;") + cursor.close() + +TZ = os.getenv('TZ', 'UTC') +os.environ['TZ'] = TZ app = Flask(__name__) +# Auf UNIX-Systemen (Linux, Docker) wirksam machen +try: + time.tzset() +except AttributeError: + pass # tzset gibt es auf Windows nicht +local_tz = pytz.timezone(TZ) + +# Load Languages +import os +import json + + +TRANSLATION_DIR = os.path.join(os.getcwd(), 'translations') +SUPPORTED_LANGUAGES = ['de', 'en'] +TRANSLATIONS = {} + +for lang in SUPPORTED_LANGUAGES: + try: + with open(os.path.join(TRANSLATION_DIR, f'{lang}.json'), encoding='utf-8') as f: + TRANSLATIONS[lang] = json.load(f) + print(f"✅ Loaded {lang} translations") + except Exception: + print(f"❌ Failed loading {lang}.json: {str(e)}") + TRANSLATIONS[lang] = {} + +def translate(key, lang=None, **kwargs): + lang = lang or session.get('lang', 'en') + fallback_lang = app.config.get('DEFAULT_LANGUAGE', 'en') + + translations = TRANSLATIONS.get(lang, {}) + fallback_translations = TRANSLATIONS.get(fallback_lang, {}) + + value = translations.get(key) or fallback_translations.get(key) or key + return value.format(**kwargs) if isinstance(value, str) else value + +## DEBUG Translations +if app.debug: + print(f"Loaded translations for 'de': {TRANSLATIONS.get('de', {})}") + +### Admin decorator +def admin_required(f): + @wraps(f) + def decorated_function(*args, **kwargs): + if not current_user.is_authenticated: + abort(403) + if not current_user.is_admin: + abort(403) + return f(*args, **kwargs) + return decorated_function + + csrf = CSRFProtect(app) convention = { @@ -222,22 +322,38 @@ load_dotenv(override=True) # App-Configuration app.config.update( + # WICHTIGSTE EINSTELLUNGEN SECRET_KEY=os.getenv('SECRET_KEY'), - SQLALCHEMY_DATABASE_URI='sqlite:////app/data/games.db', - SQLALCHEMY_TRACK_MODIFICATIONS=False, - BABEL_DEFAULT_LOCALE=os.getenv('BABEL_DEFAULT_LOCALE', 'en'), - BABEL_SUPPORTED_LOCALES=os.getenv('BABEL_SUPPORTED_LOCALES', 'de,en').split(','), - BABEL_TRANSLATION_DIRECTORIES=os.path.join(app.root_path, 'translations'), - SESSION_COOKIE_SECURE=os.getenv('SESSION_COOKIE_SECURE', 'False') == 'True', - SESSION_COOKIE_SAMESITE='Lax', - PERMANENT_SESSION_LIFETIME=timedelta(days=30), - SESSION_REFRESH_EACH_REQUEST=False, - WTF_CSRF_ENABLED=os.getenv('CSRF_ENABLED', 'True') == 'True', - REGISTRATION_ENABLED=os.getenv('REGISTRATION_ENABLED', 'True').lower() == 'true', - SEND_FILE_MAX_AGE_DEFAULT=int(os.getenv('SEND_FILE_MAX_AGE_DEFAULT', 0)), - TEMPLATES_AUTO_RELOAD=os.getenv('TEMPLATES_AUTO_RELOAD', 'True') == 'True' + SQLALCHEMY_DATABASE_URI = 'sqlite:////app/data/games.db', + SQLALCHEMY_TRACK_MODIFICATIONS = False, + + # SESSION-HANDLING (Produktion: Redis verwenden!) + SESSION_TYPE='redis', + SESSION_PERMANENT = False, + SESSION_USE_SIGNER = True, + SESSION_REDIS=Redis.from_url(os.getenv("REDIS_URL", "redis://redis:6379/0")), + SESSION_FILE_DIR = '/app/data/flask-sessions', + SESSION_COOKIE_NAME = 'gamekeys_session', + SESSION_COOKIE_SECURE = os.getenv('SESSION_COOKIE_SECURE', 'False').lower() == 'true', + SESSION_COOKIE_HTTPONLY = True, + SESSION_COOKIE_SAMESITE = 'Lax', + PERMANENT_SESSION_LIFETIME = timedelta(days=30), + + # CSRF-PROTECTION + WTF_CSRF_ENABLED = True, + WTF_CSRF_SECRET_KEY = os.getenv('CSRF_SECRET_KEY', os.urandom(32).hex()), + WTF_CSRF_TIME_LIMIT = 3600, + + # SECURITYsa & PERFORMANCE + REGISTRATION_ENABLED = os.getenv('REGISTRATION_ENABLED', 'True').lower() == 'true', + SEND_FILE_MAX_AGE_DEFAULT = int(os.getenv('SEND_FILE_MAX_AGE_DEFAULT', 0)), + TEMPLATES_AUTO_RELOAD = os.getenv('TEMPLATES_AUTO_RELOAD', 'True').lower() == 'true', + PREFERRED_URL_SCHEME = 'https' if os.getenv('FORCE_HTTPS') else 'http' ) + +Session(app) + interval_hours = int(os.getenv('CHECK_EXPIRING_KEYS_INTERVAL_HOURS', 12)) # Initialisation @@ -245,59 +361,145 @@ db = SQLAlchemy(app, metadata=metadata) migrate = Migrate(app, db) login_manager = LoginManager(app) login_manager.login_view = 'login' -babel = Babel(app) # Logging app.logger.addHandler(logging.StreamHandler()) app.logger.setLevel(logging.INFO) -@babel.localeselector -def get_locale(): - if 'lang' in session and session['lang'] in app.config['BABEL_SUPPORTED_LOCALES']: - return session['lang'] - return request.accept_languages.best_match(app.config['BABEL_SUPPORTED_LOCALES']) @app.before_request -def reload_translations(): - if app.config['DEBUG']: - babel.reload() +def debug_translations(): + app.logger.debug(f"Aktuelle Sprache: {session.get('lang')}") + app.logger.debug(f"Übersetzungskeys: {list(TRANSLATIONS.get(session.get('lang', 'en'), {}).keys())}") +def enforce_https(): + if os.getenv('FORCE_HTTPS', 'False').lower() == 'true': + if request.headers.get('X-Forwarded-Proto', 'http') != 'https' and not request.is_secure: + url = request.url.replace('http://', 'https://', 1) + app.logger.info(f"Redirecting to HTTPS: {url}") + return redirect(url, code=301) +def check_translations(): + app.logger.debug(f"Available translations: {TRANSLATIONS}") + app.logger.debug(f"Current language: {session.get('lang', 'en')}") + @app.context_processor -def inject_template_vars(): - return dict( - get_locale=get_locale, - theme='dark' if request.cookies.get('dark_mode') == 'true' else 'light' - ) +def inject_template_globals(): + return { + '_': lambda key, **kwargs: translate(key, lang=session.get('lang', 'en'), **kwargs), + 'now': datetime.now(local_tz), + 'app_version': os.getenv('APP_VERSION', '1.0.0'), + 'local_tz': str(local_tz) + } + +@app.template_filter('strftime') +def _jinja2_filter_datetime(date, fmt='%d.%m.%Y'): + if date is None: + return '' + return date.strftime(fmt) + # DB Models -class User(db.Model, UserMixin): +class User(UserMixin, db.Model): __tablename__ = 'users' + id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(80), unique=True, nullable=False) password = db.Column(db.String(256), nullable=False) - games = db.relationship('Game', back_populates='owner', lazy=True) + is_admin = db.Column(db.Boolean, default=False) + games = db.relationship( + 'Game', + back_populates='owner', + cascade='all, delete-orphan', + passive_deletes=True + ) + class Game(db.Model): + __tablename__ = 'games' + __table_args__ = ( + UniqueConstraint('steam_key', 'user_id', name='uq_steam_key_user'), + ) + id = db.Column(db.Integer, primary_key=True) - owner = db.relationship('User', back_populates='games') name = db.Column(db.String(100), nullable=False) steam_key = db.Column(db.String(100), nullable=False, unique=True) status = db.Column(db.String(50), nullable=False) recipient = db.Column(db.String(100)) notes = db.Column(db.Text) url = db.Column(db.String(200)) - created_at = db.Column(db.DateTime, default=datetime.utcnow) + created_at = db.Column(db.DateTime, default=lambda: datetime.now(local_tz)) redeem_date = db.Column(db.DateTime) - user_id = db.Column(db.Integer, db.ForeignKey('users.id'), nullable=False) steam_appid = db.Column(db.String(20)) + platform = db.Column(db.String(50), default='pc') + + # with users.id + user_id = db.Column(db.Integer, db.ForeignKey('users.id', ondelete='CASCADE'), nullable=False) + + owner = db.relationship( + 'User', + back_populates='games' + ) + + redeem_tokens = db.relationship( + 'RedeemToken', + back_populates='game', + cascade='all, delete-orphan', + passive_deletes=True + ) class RedeemToken(db.Model): + __tablename__ = 'redeem_tokens' + id = db.Column(db.Integer, primary_key=True) token = db.Column(db.String(17), unique=True, nullable=False) - game_id = db.Column(db.Integer, db.ForeignKey('game.id'), nullable=False) expires = db.Column(db.DateTime, nullable=False) - used = db.Column(db.Boolean, default=False) total_hours = db.Column(db.Integer, nullable=False) + + # ForeignKey with CASCADE + game_id = db.Column( + db.Integer, + db.ForeignKey('games.id', ondelete='CASCADE'), + nullable=False + ) + + game = db.relationship('Game', back_populates='redeem_tokens') + + def is_expired(self): + # use timeszone (from .env) + local_tz = pytz.timezone(os.getenv('TZ', 'UTC')) + now = datetime.now(local_tz) + return now > self.expires.astimezone(local_tz) + + +class GameForm(FlaskForm): + name = StringField('Name', [validators.DataRequired()]) + steam_key = StringField('Steam Key') + status = SelectField('Status', choices=[ + ('nicht eingelöst', 'Nicht eingelöst'), + ('eingelöst', 'Eingelöst'), + ('geschenkt', 'Geschenkt') + ]) + recipient = StringField('Empfänger') + notes = TextAreaField('Notizen') + url = StringField('Store URL') + redeem_date = StringField('Einlösedatum') + steam_appid = StringField('Steam App ID') + + +PLATFORM_CHOICES = [ + ('pc', 'PC'), + ('xbox', 'XBox'), + ('playstation', 'PlayStation'), + ('switch', 'Nintendo Switch'), + ('other', 'Andere') +] + +STATUS_CHOICES = [ + ('nicht eingelöst', 'Nicht eingelöst'), + ('eingelöst', 'Eingelöst'), + ('geschenkt', 'Geschenkt') +] + with app.app_context(): db.create_all() @@ -334,14 +536,15 @@ def index(): @app.route('/set-lang/') def set_lang(lang): - if lang in app.config['BABEL_SUPPORTED_LOCALES']: + if lang in SUPPORTED_LANGUAGES: session['lang'] = lang + session.permanent = True return redirect(request.referrer or url_for('index')) - + @app.route('/set-theme/') def set_theme(theme): resp = make_response('', 204) - resp.set_cookie('dark_mode', 'true' if theme == 'dark' else 'false', max_age=60*60*24*365) + resp.set_cookie('theme', theme, max_age=60*60*24*365) # 1 Jahr Gültigkeit return resp @app.route('/login', methods=['GET', 'POST']) @@ -355,29 +558,38 @@ def login(): login_user(user) return redirect(url_for('index')) - flash(_('Invalid credentials'), 'danger') + flash(translate('Invalid credentials', session.get('lang', 'en')), 'danger') return render_template('login.html') @app.route('/register', methods=['GET', 'POST']) def register(): if not app.config['REGISTRATION_ENABLED']: - flash(_('No new registrations. They are deactivated!'), 'danger') - return redirect(url_for('login')) - + abort(403) + if request.method == 'POST': username = request.form['username'] - password = generate_password_hash(request.form['password']) - - if User.query.filter_by(username=username).first(): - flash(_('Username already exists'), 'danger') + password = request.form['password'] + + existing_user = User.query.filter_by(username=username).first() + if existing_user: + flash(translate('Username already exists'), 'error') return redirect(url_for('register')) - - new_user = User(username=username, password=password) + + # make the first user admin + is_admin = User.query.count() == 0 + + new_user = User( + username=username, + password=generate_password_hash(password), + is_admin=is_admin + ) + db.session.add(new_user) db.session.commit() login_user(new_user) + flash(translate('Registration successful'), 'success') return redirect(url_for('index')) - + return render_template('register.html') @app.route('/logout') @@ -395,16 +607,16 @@ def change_password(): confirm_password = request.form['confirm_password'] if not check_password_hash(current_user.password, current_password): - flash(_('Current passwort is wrong'), 'danger') + flash(translate('Current passwort is wrong'), 'danger') return redirect(url_for('change_password')) if new_password != confirm_password: - flash(_('New Passwords are not matching'), 'danger') + flash(translate('New Passwords are not matching'), 'danger') return redirect(url_for('change_password')) current_user.password = generate_password_hash(new_password) db.session.commit() - flash(_('Password changed successfully'), 'success') + flash(translate('Password changed successfully', session.get('lang', 'en')), 'success') return redirect(url_for('index')) return render_template('change_password.html') @@ -419,10 +631,15 @@ def add_game(): if not steam_appid: steam_appid = extract_steam_appid(url) - + + steam_key = request.form['steam_key'] + if Game.query.filter_by(steam_key=steam_key).first(): + flash(translate('Steam Key already exists!'), 'error') + return redirect(url_for('add_game')) + new_game = Game( name=request.form['name'], - steam_key=request.form['steam_key'], + steam_key=steam_key, status=request.form['status'], recipient=request.form.get('recipient', ''), notes=request.form.get('notes', ''), @@ -434,83 +651,119 @@ def add_game(): db.session.add(new_game) db.session.commit() - flash(_('Game added successfully!'), 'success') + flash(translate('Game added successfully!'), 'success') return redirect(url_for('index')) - except IntegrityError: + except IntegrityError as e: db.session.rollback() - flash(_('Steam Key already exists!'), 'danger') + if "UNIQUE constraint failed: game.steam_key" in str(e): + flash(translate('Steam Key already exists!'), 'error') + else: + flash(translate('Database error: %(error)s', error=str(e)), 'error') + except Exception as e: db.session.rollback() - flash(_('Error: ') + str(e), 'danger') + flash(translate('Error: %(error)s', error=str(e)), 'error') - return render_template('add_game.html') + return render_template( + 'add_game.html', + platforms=PLATFORM_CHOICES, + statuses=STATUS_CHOICES + ) + @app.route('/edit/', methods=['GET', 'POST']) @login_required def edit_game(game_id): - game = db.session.get(Game, game_id) - if not game or game.owner != current_user: - abort(404) - - if not game or game.owner != current_user: - abort(403) - - active_redeem = RedeemToken.query.filter( - RedeemToken.game_id == game_id, - RedeemToken.expires > datetime.utcnow() - ).first() - - redeem_url = url_for('redeem_page', token=active_redeem.token, _external=True) if active_redeem else None + # Eager Loading für Tokens + game = Game.query.options(joinedload(Game.redeem_tokens)).get_or_404(game_id) + + def safe_parse_date(date_str): + try: + naive = datetime.strptime(date_str, '%Y-%m-%d') if date_str else None + return local_tz.localize(naive) if naive else None + except ValueError: + return None if request.method == 'POST': try: - url = request.form.get('url', '') - steam_appid = request.form.get('steam_appid', '').strip() - - if not steam_appid: - steam_appid = extract_steam_appid(url) - + # Validierung + if not request.form.get('name') or not request.form.get('steam_key'): + flash(translate('Name and Steam Key are required'), 'error') + return redirect(url_for('edit_game', game_id=game_id)) + + # Dublettenprüfung + existing = Game.query.filter( + Game.steam_key == request.form['steam_key'], + Game.id != game.id + ).first() + if existing: + flash(translate('Steam Key already exists'), 'error') + return redirect(url_for('edit_game', game_id=game_id)) + + # Felder aktualisieren game.name = request.form['name'] game.steam_key = request.form['steam_key'] game.status = request.form['status'] + game.platform = request.form.get('platform', 'pc') game.recipient = request.form.get('recipient', '') game.notes = request.form.get('notes', '') - game.url = url - game.steam_appid = steam_appid - game.redeem_date = datetime.strptime(request.form['redeem_date'], '%Y-%m-%d') if request.form['redeem_date'] else None + game.url = request.form.get('url', '') + game.steam_appid = request.form.get('steam_appid', '') + game.redeem_date = safe_parse_date(request.form.get('redeem_date', '')) + # Zeitzonen-korrekte Umwandlung + game.redeem_date_local = ( + game.redeem_date.astimezone(local_tz) + if game.redeem_date + else None + ) + + # Token-Logik + if game.status == 'geschenkt': + # Vorhandene Tokens löschen + RedeemToken.query.filter_by(game_id=game.id).delete() + + # Neuen Token generieren + token = secrets.token_urlsafe(12)[:17] + expires = datetime.now(local_tz) + timedelta(hours=24) + new_token = RedeemToken( + token=token, + game_id=game.id, + expires=expires, + total_hours=24 + ) + db.session.add(new_token) + db.session.commit() - flash(_('Changes saved!'), 'success') + flash(translate('Changes saved successfully'), 'success') return redirect(url_for('index')) - + + except IntegrityError as e: + db.session.rollback() + app.logger.error(f"IntegrityError: {traceback.format_exc()}") + flash(translate('Database error: {error}', error=str(e.orig)), 'error') # Platzhalter korrigiert except Exception as e: db.session.rollback() - flash(_('Error: ') + str(e), 'danger') - - return render_template('edit_game.html', - game=game, - redeem_url=redeem_url, - active_redeem=active_redeem, - redeem_date=game.redeem_date.strftime('%Y-%m-%d') if game.redeem_date else '') + app.logger.error(f"Unexpected error: {traceback.format_exc()}") + flash(translate('Unexpected error: {error}', error=str(e)), 'error') # Platzhalter korrigiert + + return render_template( + 'edit_game.html', + game=game, + platforms=PLATFORM_CHOICES, + statuses=STATUS_CHOICES, + redeem_date=game.redeem_date.strftime('%Y-%m-%d') if game.redeem_date else '' + ) @app.route('/delete/', methods=['POST']) @login_required def delete_game(game_id): - game = db.session.get(Game, game_id) - if not game or game.owner != current_user: - abort(404) - - if game.owner != current_user: - abort(403) - - try: - db.session.delete(game) - db.session.commit() - except Exception as e: - db.session.rollback() - + game = Game.query.get_or_404(game_id) + db.session.delete(game) + db.session.commit() + flash(translate('Game deleted successfully'), 'success') return redirect(url_for('index')) @@ -569,7 +822,10 @@ def export_pdf(): img_height = 2*cm # Titel - elements.append(Paragraph(_("Game List (without Keys)"), styles['Title'])) + elements.append(Paragraph( + translate("Game List (without Keys)", lang=session.get('lang', 'en')), + styles['Title'] + )) elements.append(Spacer(1, 12)) # Tabellenkopf @@ -592,6 +848,12 @@ def export_pdf(): img = Image(img_data, width=3*cm, height=img_height) except Exception: img = Paragraph('', styles['Normal']) + elif game.url and 'gog.com' in game.url: + try: + img_path = os.path.join(app.root_path, 'static', 'gog_logo.webp') + img = Image(img_path, width=3*cm, height=img_height) + except Exception: + img = Paragraph('', styles['Normal']) data.append([ img or '', @@ -600,7 +862,7 @@ def export_pdf(): game.redeem_date.strftime('%d.%m.%y') if game.redeem_date else '' ]) - # Table format + # Table format (korrekte Einrückung) table = Table(data, colWidths=col_widths, repeatRows=1) table.setStyle(TableStyle([ ('FONTNAME', (0,0), (-1,0), 'Helvetica-Bold'), @@ -616,13 +878,14 @@ def export_pdf(): doc.build(elements) buffer.seek(0) - return send_file( + return send_file( buffer, mimetype='application/pdf', as_attachment=True, download_name=f'game_export_{datetime.now().strftime("%Y%m%d")}.pdf' ) + @app.route('/import', methods=['GET', 'POST']) @login_required def import_games(): @@ -662,59 +925,60 @@ def import_games(): db.session.commit() - flash(_('%(new)d new games imported, %(dup)d skipped duplicates', new=new_games, dup=duplicates), 'success') + flash(translate("new_games_imported", new=new_games, dup=duplicates), 'success') except Exception as e: db.session.rollback() - flash(_('Import error: %(error)s', error=str(e)), 'danger') + flash(translate('Import error: {error}', error=str(e)), 'danger') return redirect(url_for('index')) - flash(_('Please upload a valid CSV file.'), 'danger') + flash(translate('Please upload a valid CSV file.'), 'danger') return render_template('import.html') + @app.route('/generate_redeem/', methods=['POST']) @login_required def generate_redeem(game_id): - game = db.session.get(Game, game_id) - if not game or game.owner != current_user: - abort(403) - - if game.owner != current_user or game.status != 'verschenkt': - abort(403) - + game = Game.query.get_or_404(game_id) + if game.user_id != current_user.id or game.status != 'geschenkt': + return jsonify({'error': translate('Forbidden')}), 403 + try: - token = secrets.token_urlsafe(12)[:17] - expires = datetime.utcnow() + timedelta(hours=24) - total_hours = 24 - RedeemToken.query.filter_by(game_id=game_id).delete() - + token = secrets.token_urlsafe(12)[:17] + expires = datetime.now(local_tz) + timedelta(hours=24) new_token = RedeemToken( token=token, game_id=game_id, expires=expires, total_hours=24 ) - db.session.add(new_token) db.session.commit() - - redeem_url = url_for('redeem_page', token=token, _external=True) - return jsonify({'url': redeem_url}) - + redeem_url = url_for('redeem', token=token, _external=True) + message = translate( + 'Redeem link generated: {url}', + url=redeem_url + ) + return jsonify({'url': redeem_url, 'message': message}) except Exception as e: - app.logger.error(f"Redeem error: {str(e)}") + db.session.rollback() return jsonify({'error': str(e)}), 500 -@app.route('/redeem/') + +@app.route('/redeem/', endpoint='redeem') def redeem_page(token): redeem_token = RedeemToken.query.filter_by(token=token).first() if not redeem_token: abort(404) - if redeem_token.expires < datetime.utcnow(): + + # Zeit in UTC umwandeln + expires_utc = redeem_token.expires.astimezone(pytz.UTC) + + if datetime.now(pytz.UTC) > expires_utc: db.session.delete(redeem_token) db.session.commit() abort(404) @@ -726,261 +990,142 @@ def redeem_page(token): return render_template('redeem.html', game=game, redeem_token=redeem_token, + expires_timestamp=int(expires_utc.timestamp() * 1000), # Millisekunden platform_link='https://store.steampowered.com/account/registerkey?key=' if game.steam_appid else 'https://www.gog.com/redeem') -@app.route('/debug-session') -def debug_session(): - return jsonify({ - 'session_lang': session.get('lang'), - 'config_locales': app.config['BABEL_SUPPORTED_LOCALES'] - }) +@app.route('/admin/users') +@login_required +@admin_required +def admin_users(): + users = User.query.all() + return render_template('admin_users.html', users=users) -# Benachrichtigungsfunktionen -def send_pushover_notification(user, game): - """Sendet Pushover-Benachrichtigung für ablaufenden Key""" - if not app.config['PUSHOVER_APP_TOKEN'] or not app.config['PUSHOVER_USER_KEY']: - return False - - payload = { - "token": os.getenv('PUSHOVER_APP_TOKEN'), - "user": os.getenv('PUSHOVER_USER_KEY'), - "title": "Steam-Key läuft ab!", - "message": f"Dein Key für '{game.name}' läuft in weniger als 48 Stunden ab!", - "url": url_for('edit_game', game_id=game.id, _external=True), - "url_title": "Zum Spiel", - "priority": 1 - } +@app.route('/admin/users/delete/', methods=['POST']) +@login_required +@admin_required +def admin_delete_user(user_id): + if current_user.id == user_id: + flash(translate('You cannot delete yourself'), 'error') + return redirect(url_for('admin_users')) - try: - response = requests.post( - 'https://api.pushover.net/1/messages.json', - data=payload - ) - return response.status_code == 200 - except Exception as e: - app.logger.error(f"Pushover error: {str(e)}") + user = User.query.get_or_404(user_id) + db.session.delete(user) + db.session.commit() + flash(translate('User deleted successfully'), 'success') + return redirect(url_for('admin_users')) + +@app.route('/admin/users/reset_password/', methods=['POST']) +@login_required +@admin_required +def admin_reset_password(user_id): + user = User.query.get_or_404(user_id) + new_password = secrets.token_urlsafe(8) + user.password = generate_password_hash(new_password) + db.session.commit() + + flash( + translate('New password for {username}: {password}', + username=user.username, + password=new_password), + 'info' + ) + return redirect(url_for('admin_users')) + + + +# Apprise Notifications +import apprise + +def send_apprise_notification(user, game): + apprise_urls = os.getenv('APPRISE_URLS', '').strip() + if not apprise_urls: + app.logger.error("No APPRISE_URLS configured") return False -def send_gotify_notification(user, game): - """Sendet Gotify-Benachrichtigung für ablaufenden Key""" - if not GOTIFY_URL or not GOTIFY_TOKEN: - return False - - payload = { - "title": "Steam-Key läuft ab!", - "message": f"Dein Key für '{game.name}' läuft in weniger als 48 Stunden ab!", - "priority": 5 - } - - try: - response = requests.post( - f"{GOTIFY_URL}/message?token={GOTIFY_TOKEN}", - json=payload - ) - return response.status_code == 200 - except Exception as e: - app.logger.error(f"Gotify error: {str(e)}") - return False + apobj = apprise.Apprise() + for url in apprise_urls.replace(',', '\n').splitlines(): + if url.strip(): + apobj.add(url.strip()) -def send_matrix_notification(user, game): - """Sendet Matrix-Benachrichtigung für ablaufenden Key""" - if not MATRIX_HOMESERVER or not MATRIX_ACCESS_TOKEN or not MATRIX_ROOM_ID: - return False - - try: - from matrix_client.client import MatrixClient - - client = MatrixClient(MATRIX_HOMESERVER, token=MATRIX_ACCESS_TOKEN) - room = client.join_room(MATRIX_ROOM_ID) - - message = f"🎮 Dein Key für '{game.name}' läuft in weniger als 48 Stunden ab!" - room.send_text(message) - - return True - except Exception as e: - app.logger.error(f"Matrix error: {str(e)}") - return False + edit_url = url_for('edit_game', game_id=game.id, _external=True) + result = apobj.notify( + title="Steam-Key läuft ab!", + body=f"Dein Key für '{game.name}' läuft in weniger als 48 Stunden ab!\n\nLink: {edit_url}", + ) + return result def send_notification(user, game): - """Sendet Benachrichtigung über den bevorzugten Dienst des Benutzers""" - if user.notification_service == 'pushover': - return send_pushover_notification(user, game) - elif user.notification_service == 'gotify': - return send_gotify_notification(user, game) - elif user.notification_service == 'matrix': - return send_matrix_notification(user, game) - return False + return send_apprise_notification(user, game) def check_expiring_keys(): - with app.app_context(): - now = datetime.utcnow() - expiry_threshold = now + timedelta(hours=48) - - # Moderner Select-Aufruf - stmt = select(Game).where( - Game.status != 'eingelöst', - Game.redeem_date <= expiry_threshold, - Game.redeem_date > now - ) - - expiring_games = db.session.execute(stmt).scalars().all() - - for game in expiring_games: - user = User.query.get(game.user_id) - if user.notification_service and user.notification_service != 'none': - send_notification(user, game) + now = datetime.now(local_tz) + expiry_threshold = now + timedelta(hours=48) + + stmt = select(Game).where( + Game.status != 'eingelöst', + Game.redeem_date <= expiry_threshold, + Game.redeem_date > now + ) + + expiring_games = db.session.execute(stmt).scalars().all() + + for game in expiring_games: + user = User.query.get(game.user_id) + if user.notification_service and user.notification_service != 'none': + send_notification(user, game) # Optional: cleaning up old tokens def cleanup_expired_tokens(): - now = datetime.utcnow() - expired = RedeemToken.query.filter(RedeemToken.expires < now).all() - for token in expired: - db.session.delete(token) - db.session.commit() + with app.app_context(): + try: + now = datetime.now(local_tz) + expired = RedeemToken.query.filter(RedeemToken.expires < now).all() + for token in expired: + db.session.delete(token) + db.session.commit() + app.logger.info(f"Cleaned up {len(expired)} expired tokens.") + except Exception as e: + app.logger.error(f"Error during cleanup_expired_tokens: {e}") + db.session.rollback() # Scheduler start -scheduler = BackgroundScheduler() -scheduler.add_job(func=check_expiring_keys, trigger="interval", hours=interval_hours) -scheduler.add_job(func=cleanup_expired_tokens, trigger="interval", hours=1) -scheduler.start() +scheduler = BackgroundScheduler(timezone=str(local_tz)) -# Shutdown of the Schedulers when stopping the app -atexit.register(lambda: scheduler.shutdown()) +def check_expiring_keys_job(): + with app.app_context(): + check_expiring_keys() + +def cleanup_expired_tokens_job(): + with app.app_context(): + cleanup_expired_tokens() + +# Jobs hinzufügen +scheduler.add_job( + check_expiring_keys_job, + 'interval', + hours=int(os.getenv('CHECK_EXPIRING_KEYS_INTERVAL_HOURS', 12)), + id='check_expiring_keys' +) +scheduler.add_job( + cleanup_expired_tokens_job, + 'interval', + hours=1, + id='cleanup_expired_tokens' +) + +# Scheduler starten +scheduler.start() +atexit.register(lambda: scheduler.shutdown(wait=False)) if __name__ == '__main__': with app.app_context(): db.create_all() - app.run(host='0.0.0.0', port=5000) + app.run(debug=True, host='0.0.0.0', port=5000) PYTHON_END -# Create Babel configuration -cat < babel.cfg -[python: **.py] -[jinja2: **/templates/**.html] -extensions=jinja2.ext.autoescape,jinja2.ext.with_ -EOL - -# 5. Dockerfile -cat < Dockerfile -FROM python:3.10-slim - -SHELL ["/bin/bash", "-c"] - -RUN apt-get update && apt-get install -y --no-install-recommends wget \ - && mkdir -p /app/static \ - && wget -O /app/static/logo.png "https://git.nocci.it/nocci/GiftGamesDB/raw/branch/main/steam-gift-manager/static/logo.png" \ - && wget -O /app/static/logo_small.png "https://git.nocci.it/nocci/GiftGamesDB/raw/branch/main/steam-gift-manager/static/logo_small.png" \ - && wget -O /app/static/forgejo.svg "https://git.nocci.it/nocci/GiftGamesDB/raw/branch/main/steam-gift-manager/static/forgejo.svg" \ - && rm -rf /var/lib/apt/lists/* - -RUN mkdir -p /app/data && \ - chown -R 1000:1000 /app/data - -ENV TZ=${TZ} -RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone - - -WORKDIR /app -COPY requirements.txt . -RUN pip install --no-cache-dir -r requirements.txt - -COPY . . - -ARG UID=1000 -ARG GID=1000 -RUN groupadd -g \$GID appuser && \ - useradd -u \$UID -g \$GID -m appuser && \ - chown -R appuser:appuser /app - -USER appuser - -EXPOSE 5000 - -CMD ["gunicorn", "-b", "0.0.0.0:5000", "app:app"] -DOCKER_END - -# 6. docker-compose.yml -cat < docker-compose.yml -services: - steam-manager: - build: . - ports: - - "5000:5000" - environment: - - REGISTRATION_ENABLED=${REGISTRATION_ENABLED:-True} - - TZ=${TZ} - volumes: - - ../data:/app/data - - ../translations:/app/translations:rw - - ../.env:/app/.env - user: "${UID}:${GID}" - restart: unless-stopped - -COMPOSE_END - -# 7. Directories and permissions -mkdir -p ../data ../translations -chmod -R a+rwX ../data ../translations -find ../data ../translations -type d -exec chmod 775 {} \; -find ../data ../translations -type f -exec chmod 664 {} \; - -# 8. Translation and upgrade scripts -cat <<'SCRIPT_END' > ../translate.sh -#!/bin/bash -set -e - -# 0.1 Change to the project directory (where docker-compose.yml is located) -cd "$(dirname "$0")/steam-gift-manager" - -declare -a locales=("de" "en") - -# 1. POT-Datei aktualisieren -docker-compose run --rm steam-manager pybabel extract -F babel.cfg -o translations/messages.pot . - -# 2. PO files for each language -for lang in "${locales[@]}"; do - docker-compose run --rm steam-manager pybabel update \ - -i translations/messages.pot \ - -d translations \ - -l $lang --previous -done - -# 3. Compile MO files (without fuzzy entries) -docker-compose run --rm steam-manager pybabel compile -d translations - -echo "✅ Translations successfully updated!" -SCRIPT_END -chmod +x ../translate.sh - -cat <<'SCRIPT_END' > ../upgrade.sh -#!/bin/bash -set -e - -# Set the working directory to the project directory -cd "$(dirname "$0")/steam-gift-manager" - -# Setze FLASK_APP, falls nötig -export FLASK_APP=app.py - -# Initialize migrations, if not yet available -if [ ! -d migrations ]; then - echo "Starting Flask-Migrate..." - docker-compose exec steam-manager flask db init -fi - -# Create migration (only if models have changed) -docker-compose exec steam-manager flask db migrate -m "Automatic Migration" - -# Apply migration -docker-compose exec steam-manager flask db upgrade - -echo "✅ Database migration completed!" -SCRIPT_END -chmod +x ../upgrade.sh - # 9. Templates mkdir -p templates static @@ -988,55 +1133,91 @@ mkdir -p templates static # Base Template cat < templates/base.html - + + + + {{ _('Game Key Manager') }} - + + + + + {% if games and games[0].steam_appid %} + + {% endif %} +