findings/pages/findings.py

from flask import Blueprint, render_template
from models import Finding, User
from sqlalchemy import desc

findings_bp = Blueprint('findings', __name__, url_prefix='/findings')

@findings_bp.route('/')
def latest_findings():
    latest = Finding.query.order_by(desc(Finding.find_time)).limit(20).all()
    # Eager load user data if needed
    user_map = {u.id: u for u in User.query.filter(User.id.in_([f.found_by for f in latest])).all()}
    return render_template('latest_findings.html', findings=latest, user_map=user_map)

@findings_bp.route('/<int:finding_id>')
def finding_detail(finding_id):
    finding = Finding.query.get_or_404(finding_id)
    user = User.query.get(finding.found_by)
    return render_template('finding_detail.html', finding=finding, user=user)



import requests
from flask import Blueprint, render_template, request, session, flash, redirect, url_for
from datetime import datetime
from bs4 import BeautifulSoup
from models import db, Finding


@findings_bp.route('/create', methods=['GET', 'POST'])
def create_finding():
    if not session.get('loggedin'):
        flash("Please log in to create a finding.", "warning")
        return redirect(url_for('login.login'))

    if request.method == 'POST':
        path = request.form.get('path', '').strip()
        lorekey = request.form.get('lorekey', '').strip()

        # Validate inputs
        if not path and not lorekey:
            flash("Title, Path, and Lorekey are required.", "danger")
            return render_template('create_finding.html', path=path, lorekey=lorekey)

        # Validate path exists on laminax.org (non-404)
        if path:
            try:
                path_res = requests.get(f'https://laminax.org/{path}')
                if path_res.status_code == 404:
                    flash(f"The path '{path}' does not exist on laminax.org.", "danger")
                    return render_template('create_finding.html', path=path, lorekey=lorekey)
                else:
                    soup = BeautifulSoup(path_res.text, 'html.parser')
                    for hr in soup.find_all('hr'):
                        hr.replace_with('----------')
                        content_text = soup.get_text(separator='\n')
                    content_text = soup.get_text(separator='\n')
                    # Get title element
                    title = (soup.title.string if soup.title else None) or "No title found"
                    # Save finding
                    new_finding = Finding(
                        title=f'https://laminax.org/{path}',
                        path=f'https://laminax.org/{path}',
                        find_time=datetime.utcnow(),
                        found_by=session.get('id'),
                        content_preview=content_text
                    )
                    db.session.add(new_finding)
                    db.session.commit()
                    flash("Finding created successfully!", "success")
                    return redirect("/findings/"+str(new_finding.id)) # Resort to manually redirecting for now
            except Exception as e:
                flash(f"Error validating path: {e}", "danger")
                return render_template('create_finding.html', path=path, lorekey=lorekey)

        # Check lorekey with external service
        if lorekey:
            try:
                res = requests.post('https://worker.laminax.org/check-password', json={"password": lorekey})
                if res.ok:
                    data = res.json()
                    if data.get('redirect'):
                        redirect_url = data['redirect']

                        # Fetch redirect page content
                        page_res = requests.get(redirect_url)
                        title = None
                        if page_res.ok:
                            # Parse html and replace all <hr> with 10 dashes using bs4
                            soup = BeautifulSoup(page_res.text, 'html.parser')
                            for hr in soup.find_all('hr'):
                                hr.replace_with('----------')
                            content_text = soup.get_text(separator='\n')
                            # Get title element
                            title = (soup.title.string if soup.title else None) or "No title found"
                        else:
                            content_text = None
                            title = "Unable to fetch redirect page content."

                        # Save finding
                        new_finding = Finding(
                            title=redirect_url,
                            path=redirect_url,
                            find_time=datetime.utcnow(),
                            found_by=session.get('id'),
                            content_preview=content_text
                        )
                        db.session.add(new_finding)
                        db.session.commit()
                        flash("Finding created successfully!", "success")
                        return redirect(url_for('findings.finding_detail', finding_id=new_finding.id))
                    else:
                        flash("Lorekey check failed or no redirect returned.", "danger")
                elif res.status_code == 401:
                    flash("Invalid Lorekey provided.", "danger")
                else:
                    flash("Lorekey service error, try again later.", "danger")
            except Exception as e:
                flash(f"An error occurred: {e}", "danger")

    # GET or fallback render
    return render_template('create_finding.html')