diff --git a/server/.routes.py.swp b/server/.routes.py.swp deleted file mode 100644 index 75c5b8f..0000000 Binary files a/server/.routes.py.swp and /dev/null differ diff --git a/server/googleHandler.py b/server/googleHandler.py index 4c65f5f..e607926 100644 --- a/server/googleHandler.py +++ b/server/googleHandler.py @@ -68,7 +68,7 @@ def login(): # for the OAuth 2.0 client, which you configured in the API Console. If this # value doesn't match an authorized URI, you will get a 'redirect_uri_mismatch' # error. - flow.redirect_uri = request.base_url + "/callback" + flow.redirect_uri = "https://longitudecalendar.com/login/google/callback" authorization_url, state = flow.authorization_url( # Enable offline access so that you can refresh an access token without # re-prompting the user for permission. Recommended for web server apps. @@ -88,8 +88,8 @@ def verifyResponse(): flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( GC.CLIENT_SECRETS_FILE, scopes=GC.SCOPES, state=state) - flow.redirect_uri = flask.url_for('callback', _external=True) - + flow.redirect_uri = "https://longitudecalendar.com/login/google/callback" + # Use the authorization server's response to fetch the OAuth 2.0 tokens. authorization_response = flask.request.url flow.fetch_token(authorization_response=authorization_response) @@ -122,7 +122,7 @@ class Calendar: self.toggle=toggle self.calendarId = calendarId -# TODO move this to databas +# TODO move this to database def calendarsFromDb(): pyCalendars = [] for calendar in current_user.calendars: @@ -147,18 +147,14 @@ def updateCalendars(): # print(a, flush=True) # print(current_user.getGoogleCredentials(), flush=True) if current_user.google_token == None: - print("notok", flush=True) return client_token = GC.build_credentials(current_user.google_token.token, current_user.google_token.refresh_token) credentials = google.oauth2.credentials.Credentials(**client_token) calendars = caltojson.getCalendarList(credentials) - print(calendars, flush=True) for calendar in calendars: - print(calendar, flush=True) if not current_user.hasCalendar(calendar.calendarId): - print("adding", flush=True) c = dbCalendar(calendar_id=calendar.calendarId, name = calendar.summary, toggle = "False", @@ -166,14 +162,12 @@ def updateCalendars(): db.session.add(c) current_user.calendars.append(c) - db.session.commit() - print("updated Calendars") # Save credentials back to session in case access token was refreshed. # ACTION ITEM: In a production app, you likely want to save these # credentials in a persistent database instead. # TODO add save updated token to database here - flask.session['credentials'] = credentials_to_dict(credentials) - + current_user.google_token.token = credentials.token + db.session.commit() def credentials_to_dict(credentials): diff --git a/server/routes.py b/server/routes.py index f3e1ddb..4b5f105 100644 --- a/server/routes.py +++ b/server/routes.py @@ -29,6 +29,10 @@ os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' def account(): return flask.redirect('account') +@app.route("/privacy") +def privacy(): + return flask.render_template('privacy.html') + @app.route("/account") def index(): if current_user.is_authenticated: @@ -61,7 +65,6 @@ def devices(): db.session.commit() # if this is part of the device form - # TODO add this device to the user - do not create new device form = DeviceForm() if form.validate_on_submit(): device = db.session.query(Device).filter(Device.deviceName==form.deviceName.data).first() @@ -129,7 +132,7 @@ def deleteAccount(): @app.route("/login/google") def googlelogin(): - if current_user.is_authenticated and current_user.google_token.refresh_token != None: + if current_user.is_authenticated and current_user.google_token != None: return redirect(url_for('account')) authorization_url = google.login() @@ -186,7 +189,6 @@ def credentials_to_dict(credentials): @app.route("/device//calendarevents.json") def downloader(device): path = "/home/calendarwatch/device/" + device + "/" - # TODO change search for device (also in tizen) request_device = db.session.query(Device).filter(Device.deviceName==device).first() if request_device == None: return jsonify(kind="not found") @@ -198,6 +200,8 @@ def downloader(device): request_user = db.session.query(User).filter(User.id==request_device.user_id).first() routine = Routine() + # TODO add test if googke token exists + # if request_user.google_token != Null: client_token = google.GC.build_credentials(request_user.google_token.token, request_user.google_token.refresh_token) calendarjson = routine.updateCalendar(request_user, client_token) diff --git a/server/static/css/main.css b/server/static/css/main.css index 590a2de..663b61e 100644 --- a/server/static/css/main.css +++ b/server/static/css/main.css @@ -1,7 +1,31 @@ -body * +html, +body { font-family: "Trebuchet MS", Helvetica, sans-serif; + margin: 0.5rem; + padding: 0; + height: calc(100% - 1rem) +} + +#container { + min-height:100%; + position:relative; +} +#main { + padding-bottom: 3rem; + padding-top: 3rem; + padding: 30px 10px; + display: flex; + flex-direction: column; + justify-content: center; + align-items: center; +} +#footer { + position: absolute; + bottom: 0; + width: 100%; + height: 3rem; } .banner { @@ -15,7 +39,6 @@ body * } .title { - margin: none; color: blue; } @@ -33,13 +56,37 @@ body * width: 200px; } + +/* bot navigation */ + +.footer { + background-color: #d8d8d8; + display: flex; + justify-content:center; + align-items:center; +} + +.footer p { + margin: 0px; + text-decoration: none; + display: flex; + float: left; + color: #424242; + padding: 1rem; + font-size: 17px; +} +.footer a { + text-decoration: none; + color: #085a87; +} + /* top navigation */ -.topnav { - background-color: #333; +.navigation { + background-color: orange; overflow: hidden; } -.topnav a { +.navigation a { float: left; display: flex; color: #f2f2f2; @@ -49,40 +96,40 @@ body * font-size: 17px; } -.topnav a:hover { +.navigation a:hover { background-color: #ddd; color: black; } /* Add an active class to highlight the current page */ -.topnav a.active { +.navigation a.active { background-color: #4CAF50; color: white; } -/* Hide the link that should open and close the topnav on small screens */ -.topnav .icon { +/* Hide the link that should open and close the navigation on small screens */ +.navigation .icon { display: none; } - /* When the screen is less than 600 pixels wide, hide all links, except for the first one ("Home"). Show the link that contains should open and close the topnav (.icon) */ + /* When the screen is less than 600 pixels wide, hide all links, except for the first one ("Home"). Show the link that contains should open and close the navigation (.icon) */ @media screen and (max-width: 600px) { - .topnav a:not(:first-child) {display: none;} - .topnav a.icon { + .navigation a:not(:first-child) {display: none;} + .navigation a.icon { float: right; display: block; } } -/* The "responsive" class is added to the topnav with JavaScript when the user clicks on the icon. This class makes the topnav look good on small screens (display the links vertically instead of horizontally) */ +/* The "responsive" class is added to the navigation with JavaScript when the user clicks on the icon. This class makes the navigation look good on small screens (display the links vertically instead of horizontally) */ @media screen and (max-width: 600px) { - .topnav.responsive {position: relative;} - .topnav.responsive a.icon { + .navigation.responsive {position: relative;} + .navigation.responsive a.icon { position: absolute; right: 0; top: 0; } - .topnav.responsive a { + .navigation.responsive a { float: none; display: block; text-align: left; diff --git a/server/static/js/index.js b/server/static/js/index.js index 412db9d..399079a 100644 --- a/server/static/js/index.js +++ b/server/static/js/index.js @@ -1,9 +1,9 @@ -/* Toggle between adding and removing the "responsive" class to topnav when the user clicks on the icon */ +/* Toggle between adding and removing the "responsive" class to navigation when the user clicks on the icon */ function menuBars() { - var x = document.getElementById("myTopnav"); - if (x.className === "topnav") { + var x = document.getElementById("navigation"); + if (x.className === "navigation") { x.className += " responsive"; } else { - x.className = "topnav"; + x.className = "navigation"; } } diff --git a/server/template/base.html b/server/template/base.html index 1c0e4f4..628cc10 100644 --- a/server/template/base.html +++ b/server/template/base.html @@ -11,8 +11,12 @@ - +
{% block content %}{% endblock %} +
+
+ {% include "footer.html" %} +
diff --git a/server/template/footer.html b/server/template/footer.html new file mode 100644 index 0000000..37e8ed6 --- /dev/null +++ b/server/template/footer.html @@ -0,0 +1,11 @@ + + diff --git a/server/template/privacy.html b/server/template/privacy.html new file mode 100644 index 0000000..ded991d --- /dev/null +++ b/server/template/privacy.html @@ -0,0 +1,52 @@ +{% extends "base.html" %} + +{% block content %} + + + +

Summary

+
This Privacy Statement descibes how Longitude handles your data and how the developer makes sure, that the users information remains as secure as possible. +This application does not share any user information with third parties and takes care to only save the minimum amount of information about the user. +The following chapters cover all essential points of interest about which information is saved and when it is removed from the server. +If you have any further questions or suggestions, please email us at raphael@maenle.net.
+ + +

What Information is saved?

+
+Longitude Calendar saves as little information about their users as possible. The application handles sensitive information only when directly prompted by the user or a device associated with the user. The service only provides this information to the user or a device associated with the user. The data saved in the Longidute Databas is + + +All this information is erased as soon as the user deletes his account. Further, this information can be exported for the user to view if he so requests via email. +
+

How do you handle calendar information?

+
+As previously stated, Longitude does not save calendar event information. Instead, any user or device request dynamically pulls only the neccessary information and +generates the response. The information is then immediately discarded. +
+

Are there any Cookies, and what does your javascript do?

+
+longitudecalendar.com saves a session cookie on your device while you are on the website. +Javascript is used to send data to the server and is necessary for the color picker. +
+

Will there be Changes to these Policies?

+
+This Privacy Policy statement may be upated at any time, if any material changes are made, the users of this service +will be notified in advance through the email provided with the creation of their user account. If a user continues to +use the service after changes in the privacy policy are in effect, he or she thereby agrees to the policy revisions. +
+ +

What do I do if I have further questions?

+
+If you have any further questions about this policy, please do not hesitate to contact the developer of this service. +
+{% endblock %} diff --git a/server/template/sidebar.html b/server/template/sidebar.html index aafab18..1850a1a 100644 --- a/server/template/sidebar.html +++ b/server/template/sidebar.html @@ -20,30 +20,29 @@ - +
+ + + + +
+ + {% block body %} + // content here + {% endblock %} - - + {% include "footer.html" %}
- - -
- - {% block body %} - // content here - {% endblock %} - -
- -