Initial Commit.

Strava authentication works; still need to implement a SQLAlchemy model for the API token.

.gitignore

+*.py[cod]
+*.swp
+venv
+config.py

README.md

+# ant.sr - the dynamic parts
+
+This is a [Flask](http://flask.pocoo.org) app powering the
+dynamic/interactive parts of [ant.sr](https://ant.sr).
+
+# Setup
+
+* Create a [virtualenv](https://virtualenv.readthedocs.io/en/stable/).
+* `pip install -r requirements.txt`
+
+# Development Server
+
+* `flask run`
+* Visit [localhost:5000](http://127.0.0.1:5000).

app.py

+from flask import Flask, redirect, render_template, url_for
+from strava import Strava
+from decorators import admin
+
+app = Flask(__name__)
+app.config.from_object('config')
+
+@app.route('/')
+def index():
+    return render_template('index.html')
+
+@admin
+@app.route('/strava_auth')
+def strava_auth():
+    return Strava.authorize()
+
+@app.context_processor
+def cp_is_admin():
+    from util import is_admin
+    return dict(is_admin=is_admin)
+
+@app.context_processor
+def cp_strava():
+    strava=Strava.check_auth()
+    return dict(strava=strava)

config.py.dist

+STRAVA_APP_ID = '12345'
+STRAVA_APP_SECRET = 'your-strava-app-secret'
+ADMIN_IP = '127.0.0.1'
+

decorators.py

+from functools import wraps
+from flask import abort
+from util import is_admin
+
+def admin(f):
+    @wraps(f)
+    def wrapped(*args, **kwargs):
+        if is_admin():
+            return abort(403)
+        return f(*args, **kwargs)
+        

requirements.txt

+Flask==0.11.1
+Flask-SQLAlchemy==2.1
+SQLAlchemy==1.0.14
+stravalib==0.5.0

strava.py

+from flask import request, redirect
+from stravalib.client import Client
+from requests.exceptions import HTTPError
+import config
+
+class Strava():
+    @classmethod
+    def check_auth(cls, token = None):
+        if not token:
+            # TODO: get token from database
+            token = "obviously invalid"
+        strava = Client(token)
+        try:
+            return strava.get_athlete().email
+        except (HTTPError, AttributeError):
+            return False
+        
+    @classmethod
+    def authorize(cls, code = None):
+        """Redirect to Strava to get an access token."""
+        code = code or request.args.get('code', None)
+        if not code:
+            strava = Client()
+            source_url = request.referrer
+            authorized_url = request.url
+            authorize_url = strava.authorization_url(
+                client_id=config.STRAVA_APP_ID, redirect_uri=authorized_url, state=source_url)
+            return redirect(authorize_url)
+        else:
+            source_url = request.args.get('state', None)
+            strava = Client()
+            access_token = strava.exchange_code_for_token(
+                client_id=config.STRAVA_APP_ID,
+                client_secret=config.STRAVA_APP_SECRET,
+                code=code)
+            strava.access_token = access_token
+            # TODO: store the access token
+            athlete = strava.get_athlete()
+            if source_url:
+                return redirect(source_url)
+            return "Auth success: {}".format(athlete.email)

templates/base.html

+<!doctype html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <title>ant.sr</title>
+</head>
+<body>
+{% block content %}{% endblock %}
+</body>
+</html>

templates/index.html

+{% extends 'base.html' %}
+{% block content %}
+    {% if is_admin() %}
+    <header>
+        <h1>ant.sr admin</h1>
+    </header>
+    <nav>
+    <ul>
+        <li>
+            {% if strava %}
+                <a href="{{ url_for('strava_auth') }}">Strava API Connected ({{ strava }})</a>
+            {% else %}
+                <a href="{{ url_for('strava_auth') }}">Authorize Strava API</a>
+            {% endif %}
+        </li>
+    </ul>
+    </nav>
+    {% endif %}
+{% endblock %}

util.py

+from flask import request
+import config
+
+def is_admin():
+    try:
+        admin_ip = config.ADMIN_IP
+    except AttributeError:
+        admin_ip = '127.0.0.1'
+    return request.remote_addr == admin_ip