From b3e1d10646ea5b0bdbfdbdbf8bd5e21487248c5c Mon Sep 17 00:00:00 2001
From: David Timber <dxdt@dev.snart.me>
Date: Wed, 1 May 2024 21:59:51 +0900
Subject: Fix implementation of refersh token requires JS

- Sign in on init, sign out on exit
- Deprecate checkSession()
- Fix JWT marker being rejected
---
 src/okkybot/__main__.py | 21 +++++++++------------
 1 file changed, 9 insertions(+), 12 deletions(-)

diff --git a/src/okkybot/__main__.py b/src/okkybot/__main__.py
index adac359..e924581 100644
--- a/src/okkybot/__main__.py
+++ b/src/okkybot/__main__.py
@@ -22,7 +22,7 @@ MAX_POSTS_PER_TOPIC = 50
 TARGET_TOPICS = [ "community" ]
 POST_TOKEN_LIMIT = 5000 # $0.0025 spending limit per post
 
-dryrun = True
+dryrun = False
 
 def getCache () -> StateCache:
 	try:
@@ -41,6 +41,7 @@ def getOpenaiAPIKey () -> str:
 	global conf
 	return conf.get("api_keys", dict()).get("chatgpt")
 
+# FIXME: doesn't work without actually running the JS
 def checkSession (c: StateCache, s: requests.Session) -> bool:
 	with s.get(
 			"https://okky.kr/settings/profile",
@@ -50,11 +51,13 @@ def checkSession (c: StateCache, s: requests.Session) -> bool:
 		h = rsp.status_code % 100
 		return h == 2
 
+def doSignout (s: requests.Session):
+	with s.get("https://okky.kr/api/okky-web/auth/logout"): pass
+
 def doSignin (c: StateCache, s: requests.Session):
 	global conf
 	body = conf["login"]
 
-	with s.get("https://okky.kr/api/okky-web/auth/logout"): pass
 	with s.post(
 			"https://okky.kr/api/okky-web/auth/login",
 			json = body) as rsp:
@@ -95,18 +98,14 @@ def validateMarkerJWT (token: str) -> bool:
 def writeComment (pid: int, result: str, s: requests.Session):
 	global dryrun
 
-	marker_href = '''?okkybot-marker='''.format(
+	marker_href = '''?okkybot-marker={marker}'''.format(
 		marker = urllib.parse.quote(issueMarkerJWT()))
 
 	text = ""
 	text += '''<p>킁킁. AI는 이 글이 정치적이라고 생각합니다:</p>'''
 	text += '''<blockquote><p>{result}</p></blockquote>'''.format(
 		result = html.escape(result))
-	# FIXME: 필터링됨 ...
-	# hidden 속성이 문제거나
-	# 서버가 href를 직접 follow 해보거나
-	# Fully-qualified URL이어야 하나 봄
-	text += '''<a hidden href="{href}">'''.format(href = marker_href)
+	text += '''<p><a href="{href}">.</a></p>'''.format(href = marker_href)
 
 	body = {
 		"targetId": str(pid),
@@ -257,21 +256,19 @@ with open(CONFIG_FILENAME) as f:
 
 c = getCache()
 s = requests.Session()
-s.cookies = c.cookies
 s.headers["User-Agent"] = USER_AGENT
 
 openai.api_key = getOpenaiAPIKey()
 
 try:
-	if not checkSession(c, s):
-		doSignin(c, s)
+	doSignin(c, s)
 
 	for topic in TARGET_TOPICS:
 		ts = c.topics.get(topic, StateCache.TopicState())
 		doTopic(topic, ts, s)
 		c.topics[topic] = ts
 finally:
-	c.cookies = s.cookies
 	saveCache(c)
+	doSignout(s)
 
 exit(0)
-- 
cgit