Prefix all configs with DISCORD_ to prevent un intended user override

flask_discord/_http.py

@@ -69,7 +69,7 @@ class DiscordOAuth2HttpClient(abc.ABC):
                 'client_id': self.client_id,
                 'client_secret': self.client_secret,
             },
-            auto_refresh_url=configs.TOKEN_URL,
+            auto_refresh_url=configs.DISCORD_TOKEN_URL,
             token_updater=self._token_updater)
 
     def get(self, route: str) -> dict:
@@ -95,7 +95,7 @@ class DiscordOAuth2HttpClient(abc.ABC):
             Raises :py:class:`flask_discord.Unauthorized` if current user is not authorized.
 
         """
-        response = self._make_session().get(configs.API_BASE_URL + route)
+        response = self._make_session().get(configs.DISCORD_API_BASE_URL + route)
 
         if response.status_code == 401:
             raise exceptions.Unauthorized
@@ -104,7 +104,7 @@ class DiscordOAuth2HttpClient(abc.ABC):
 
     def get_json(self):
         discord_session = self._make_session(token=session.get("DISCORD_OAUTH2_TOKEN"))
-        user = discord_session.get(configs.API_BASE_URL + '/users/@me').json()
+        user = discord_session.get(configs.DISCORD_API_BASE_URL + '/users/@me').json()
-        guilds = discord_session.get(configs.API_BASE_URL + '/users/@me/guilds').json()
+        guilds = discord_session.get(configs.DISCORD_API_BASE_URL + '/users/@me/guilds').json()
-        connections = discord_session.get(configs.API_BASE_URL + '/users/@me/connections').json()
+        connections = discord_session.get(configs.DISCORD_API_BASE_URL + '/users/@me/connections').json()
         return jsonify(user=user, guilds=guilds, connections=connections)

flask_discord/client.py

@@ -32,9 +32,9 @@ class DiscordOAuth2Session(_http.DiscordOAuth2HttpClient):
             Flask redirect to discord authorization servers to complete authorization code grant process.
 
         """
-        scope = scope or request.args.get("scope", str()).split() or configs.DEFAULT_SCOPES
+        scope = scope or request.args.get("scope", str()).split() or configs.DISCORD_OAUTH_DEFAULT_SCOPES
         discord_session = self._make_session(scope=scope)
-        authorization_url, state = discord_session.authorization_url(configs.AUTHORIZATION_BASE_URL)
+        authorization_url, state = discord_session.authorization_url(configs.DISCORD_AUTHORIZATION_BASE_URL)
         session["DISCORD_OAUTH2_STATE"] = state
         return redirect(authorization_url)
 
@@ -49,7 +49,7 @@ class DiscordOAuth2Session(_http.DiscordOAuth2HttpClient):
             return request.values["error"]
         discord = self._make_session(state=session.get("DISCORD_OAUTH2_STATE"))
         token = discord.fetch_token(
-            configs.TOKEN_URL,
+            configs.DISCORD_TOKEN_URL,
             client_secret=self.client_secret,
             authorization_response=request.url
         )

flask_discord/configs.py

@@ -1,24 +1,21 @@
-API_BASE_URL = "https://discordapp.com/api"
+DISCORD_API_BASE_URL = "https://discordapp.com/api"
 
-AUTHORIZATION_BASE_URL = API_BASE_URL + "/oauth2/authorize"
+DISCORD_AUTHORIZATION_BASE_URL = DISCORD_API_BASE_URL + "/oauth2/authorize"
-TOKEN_URL = API_BASE_URL + "/oauth2/token"
+DISCORD_TOKEN_URL = DISCORD_API_BASE_URL + "/oauth2/token"
 
 
-ALL_SCOPES = [
+DISCORD_OAUTH_ALL_SCOPES = [
     "bot", "connections", "email", "identify", "guilds", "guilds.join",
     "gdm.join", "messages.read", "rpc", "rpc.api", "rpc.notifications.read", "webhook.incoming",
 ]
 
-DEFAULT_SCOPES = [
+DISCORD_OAUTH_DEFAULT_SCOPES = [
     "identify", "email", "guilds", "guilds.join"
 ]
 
 
-IMAGE_BASE_URL = "https://cdn.discordapp.com/"
+DISCORD_IMAGE_BASE_URL = "https://cdn.discordapp.com/"
-IMAGE_FORMAT = "png"
+DISCORD_IMAGE_FORMAT = "png"
-ANIMATED_IMAGE_FORMAT = "gif"
+DISCORD_ANIMATED_IMAGE_FORMAT = "gif"
-USER_AVATAR_BASE_URL = IMAGE_BASE_URL + "avatars/{user_id}/{avatar_hash}.{format}"
+DISCORD_USER_AVATAR_BASE_URL = DISCORD_IMAGE_BASE_URL + "avatars/{user_id}/{avatar_hash}.{format}"
-GUILD_ICON_BASE_URL = IMAGE_BASE_URL + "icons/{guild_id}/{icon_hash}.png"
+DISCORD_GUILD_ICON_BASE_URL = DISCORD_IMAGE_BASE_URL + "icons/{guild_id}/{icon_hash}.png"
-
-
-# TODO: Prefix configs with DISCORD_ to avoid users overriding it with their own configs.

flask_discord/models/guild.py

@@ -37,4 +37,4 @@ class Guild(DiscordModelsBase):
         """A property returning direct URL to the guild's icon. Returns None if guild has no icon set."""
         if not self.icon_hash:
             return
-        return configs.GUILD_ICON_BASE_URL.format(guild_id=self.id, icon_hash=self.icon_hash)
+        return configs.DISCORD_GUILD_ICON_BASE_URL.format(guild_id=self.id, icon_hash=self.icon_hash)

flask_discord/models/user.py

@@ -60,8 +60,10 @@ class User(DiscordModelsBase):
     @property
     def avatar_url(self):
         """A property returning direct URL to user's avatar."""
-        image_format = configs.ANIMATED_IMAGE_FORMAT if self.is_avatar_animated else configs.IMAGE_FORMAT
+        image_format = configs.DISCORD_ANIMATED_IMAGE_FORMAT \
-        return configs.USER_AVATAR_BASE_URL.format(user_id=self.id, avatar_hash=self.avatar_hash, format=image_format)
+            if self.is_avatar_animated else configs.DISCORD_IMAGE_FORMAT
+        return configs.DISCORD_USER_AVATAR_BASE_URL.format(
+            user_id=self.id, avatar_hash=self.avatar_hash, format=image_format)
 
     @property
     def is_avatar_animated(self):