boris/k-boris-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Steam library import via OpenID
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse Source 
- Steam OpenID flow: user authenticates with Steam, we get their Steam ID
- Server-side API key fetches their owned games with playtime
- Import page shows full library, marks already-imported games
- Imported games land in backlog as GAMES items with hours_played set
- STEAM_API_KEY env var plumbed into both prod and dev containers

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Boris
2026-03-31 22:38:28 +03:00
parent 8f34d9388f
commit a4c31bf40b
6 changed files with 382 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
backlogger/steam.py Normal file
View File

@@ -0,0 +1,50 @@
import re
import requests
from urllib.parse import urlencode
STEAM_OPENID_URL = 'https://steamcommunity.com/openid/login'
STEAM_API_BASE = 'https://api.steampowered.com'
def build_auth_url(return_to, realm):
params = {
'openid.ns': 'http://specs.openid.net/auth/2.0',
'openid.mode': 'checkid_setup',
'openid.return_to': return_to,
'openid.realm': realm,
'openid.identity': 'http://specs.openid.net/auth/2.0/identifier_select',
'openid.claimed_id': 'http://specs.openid.net/auth/2.0/identifier_select',
}
return f"{STEAM_OPENID_URL}?{urlencode(params)}"
def verify_and_get_steam_id(params):
"""Verify OpenID assertion with Steam. Returns steam64 id string or None."""
verify_params = {k: v for k, v in params.items()}
verify_params['openid.mode'] = 'check_authentication'
try:
resp = requests.post(STEAM_OPENID_URL, data=verify_params, timeout=10)
resp.raise_for_status()
except requests.RequestException:
return None
if 'is_valid:true' not in resp.text:
return None
claimed_id = params.get('openid.claimed_id', '')
match = re.search(r'/openid/id/(\d+)$', claimed_id)
return match.group(1) if match else None
def get_owned_games(api_key, steam_id):
"""Return list of games sorted by playtime desc. Raises on API error."""
url = f"{STEAM_API_BASE}/IPlayerService/GetOwnedGames/v1/"
params = {
'key': api_key,
'steamid': steam_id,
'include_appinfo': 'true',
'include_played_free_games': 'true',
'format': 'json',
}
resp = requests.get(url, params=params, timeout=15)
resp.raise_for_status()
games = resp.json().get('response', {}).get('games', [])
return sorted(games, key=lambda g: g.get('playtime_forever', 0), reverse=True)

8
backlogger/templates/backlogger/list.html
View File

@@ -164,7 +164,13 @@
<div class="container"> <div class="container">
<div class="top-bar"> <div class="top-bar">
<h1>Backlogger <span class="count">{{ items|length }}</span></h1> <h1>Backlogger <span class="count">{{ items|length }}</span></h1>
<a href="{% url 'backlogger:add' %}" class="btn btn-primary">+ Add item</a> <div style="display:flex;gap:0.5rem;align-items:center">
{% if request.GET.imported %}
<span style="font-size:0.82rem;color:#34d399">&#10003; {{ request.GET.imported }} game{{ request.GET.imported|pluralize }} imported</span>
{% endif %}
<a href="{% url 'backlogger:steam_login' %}" class="btn btn-outline" style="font-size:0.82rem">&#9654; Steam</a>
<a href="{% url 'backlogger:add' %}" class="btn btn-primary">+ Add item</a>
</div>
</div> </div>
<div class="filter-bar"> <div class="filter-bar">

248
backlogger/templates/backlogger/steam_import.html Normal file
View File

@@ -0,0 +1,248 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Import from Steam — Backlogger</title>
<style>
*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
background: #0f172a;
color: #e2e8f0;
min-height: 100vh;
}
a { color: inherit; text-decoration: none; }
.site-header {
background: #0a0f1e;
border-bottom: 1px solid #1e293b;
padding: 0.75rem 2rem;
display: flex;
justify-content: space-between;
align-items: center;
}
.site-header .brand { color: #38bdf8; font-weight: 600; font-size: 0.95rem; }
.site-header nav a { color: #64748b; font-size: 0.85rem; }
.site-header nav a:hover { color: #e2e8f0; }
.container { max-width: 860px; margin: 0 auto; padding: 2rem; }
.top-bar {
display: flex;
justify-content: space-between;
align-items: center;
margin-bottom: 1.75rem;
}
.top-bar h1 { font-size: 1.5rem; letter-spacing: -0.03em; }
.top-bar .count { color: #64748b; font-size: 1rem; font-weight: 400; margin-left: 0.5rem; }
.error-banner {
background: #450a0a;
border: 1px solid #f87171;
border-radius: 8px;
color: #fca5a5;
padding: 0.85rem 1.1rem;
margin-bottom: 1.5rem;
}
.toolbar {
display: flex;
gap: 0.75rem;
align-items: center;
margin-bottom: 1rem;
}
.btn {
display: inline-block;
padding: 0.45rem 1rem;
border-radius: 6px;
font-size: 0.85rem;
cursor: pointer;
border: none;
transition: opacity 0.15s;
font-family: inherit;
}
.btn:hover { opacity: 0.85; }
.btn-primary { background: #38bdf8; color: #0f172a; font-weight: 600; }
.btn-outline { background: transparent; color: #94a3b8; border: 1px solid #334155; }
.btn-text { background: none; border: none; color: #64748b; font-size: 0.8rem; cursor: pointer; font-family: inherit; padding: 0; }
.btn-text:hover { color: #e2e8f0; }
.game-table {
width: 100%;
border-collapse: collapse;
}
.game-table thead th {
text-align: left;
font-size: 0.72rem;
text-transform: uppercase;
letter-spacing: 0.08em;
color: #475569;
padding: 0 0.75rem 0.6rem;
border-bottom: 1px solid #1e293b;
}
.game-table thead th:first-child { padding-left: 0; width: 2rem; }
.game-table tbody tr {
border-bottom: 1px solid #1a2235;
transition: background 0.1s;
}
.game-table tbody tr:hover:not(.already-imported) { background: #0d1526; }
.game-table td {
padding: 0.6rem 0.75rem;
font-size: 0.88rem;
}
.game-table td:first-child { padding-left: 0; }
.already-imported td { opacity: 0.38; }
.already-imported .tag {
font-size: 0.68rem;
color: #475569;
border: 1px solid #1e293b;
border-radius: 4px;
padding: 0.1rem 0.4rem;
margin-left: 0.5rem;
vertical-align: middle;
}
.hours { color: #38bdf8; font-variant-numeric: tabular-nums; }
.hours-zero { color: #334155; }
input[type="checkbox"] { accent-color: #38bdf8; width: 1rem; height: 1rem; cursor: pointer; }
.sticky-footer {
position: sticky;
bottom: 0;
background: #0a0f1e;
border-top: 1px solid #1e293b;
padding: 1rem 2rem;
display: flex;
align-items: center;
gap: 1.25rem;
}
.sticky-footer .summary { font-size: 0.85rem; color: #64748b; }
.sticky-footer .summary strong { color: #e2e8f0; }
.empty { text-align: center; padding: 4rem 2rem; color: #475569; }
.steam-btn {
display: inline-flex;
align-items: center;
gap: 0.6rem;
background: #1b2838;
border: 1px solid #2a475e;
color: #c7d5e0;
font-weight: 600;
border-radius: 6px;
padding: 0.6rem 1.1rem;
font-size: 0.9rem;
cursor: pointer;
text-decoration: none;
transition: background 0.15s;
}
.steam-btn:hover { background: #2a475e; }
.steam-logo { width: 20px; height: 20px; }
</style>
</head>
<body>
<header class="site-header">
<a class="brand" href="/">killmybacklog.com</a>
<nav><a href="{% url 'backlogger:list' %}">← Back to backlog</a></nav>
</header>
<div class="container">
{% if error %}
<div class="error-banner">{{ error }}</div>
<div class="empty">
<p style="margin-bottom:1.25rem">Want to try again?</p>
<a href="{% url 'backlogger:steam_login' %}" class="steam-btn">
<svg class="steam-logo" viewBox="0 0 233 233" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M116.5 0C52.1 0 0 52.1 0 116.5c0 55.4 38.6 101.8 90.4 113.7l34.2-84.2c-1.2.1-2.4.1-3.6.1-22.1 0-40-17.9-40-40s17.9-40 40-40 40 17.9 40 40c0 19.1-13.4 35.1-31.4 39l-33.8 83.3C147.5 222 185 179.5 185 128c0-1.6-.1-3.1-.2-4.7l-31.5-13c.4 2.2.7 4.5.7 6.8 0 19.9-16.1 36-36 36s-36-16.1-36-36 16.1-36 36-36 36 16.1 36 36" fill="#c7d5e0"/>
</svg>
Connect with Steam
</a>
</div>
{% elif games %}
<div class="top-bar">
<h1>Import from Steam <span class="count">{{ games|length }} games</span></h1>
</div>
<form method="post" action="{% url 'backlogger:steam_import' %}">
{% csrf_token %}
<div class="toolbar">
<button type="submit" class="btn btn-primary">Import selected</button>
<button type="button" class="btn-text" onclick="toggleAll(true)">Select all</button>
<button type="button" class="btn-text" onclick="toggleAll(false)">Deselect all</button>
</div>
<table class="game-table">
<thead>
<tr>
<th></th>
<th>Game</th>
<th>Hours played</th>
</tr>
</thead>
<tbody>
{% for game in games %}
<tr class="{% if game.already_imported %}already-imported{% endif %}">
<td>
{% if game.already_imported %}
<input type="checkbox" disabled>
{% else %}
<input type="checkbox" name="appids" value="{{ game.appid }}" checked>
{% endif %}
</td>
<td>
{{ game.name }}
{% if game.already_imported %}<span class="tag">already in backlog</span>{% endif %}
</td>
<td class="{% if game.hours == 0 %}hours-zero{% else %}hours{% endif %}">
{{ game.hours }}h
</td>
</tr>
{% endfor %}
</tbody>
</table>
<div class="sticky-footer">
<button type="submit" class="btn btn-primary">Import selected</button>
<span class="summary">
<strong id="sel-count">{{ games|length }}</strong> selected
</span>
<a href="{% url 'backlogger:list' %}" class="btn btn-outline">Cancel</a>
</div>
</form>
{% else %}
<div class="top-bar"><h1>Import from Steam</h1></div>
<div class="empty">
<p style="margin-bottom:1.25rem; color:#64748b">Connect your Steam account to import your library.</p>
<a href="{% url 'backlogger:steam_login' %}" class="steam-btn">
<svg class="steam-logo" viewBox="0 0 233 233" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M116.5 0C52.1 0 0 52.1 0 116.5c0 55.4 38.6 101.8 90.4 113.7l34.2-84.2c-1.2.1-2.4.1-3.6.1-22.1 0-40-17.9-40-40s17.9-40 40-40 40 17.9 40 40c0 19.1-13.4 35.1-31.4 39l-33.8 83.3C147.5 222 185 179.5 185 128c0-1.6-.1-3.1-.2-4.7l-31.5-13c.4 2.2.7 4.5.7 6.8 0 19.9-16.1 36-36 36s-36-16.1-36-36 16.1-36 36-36 36 16.1 36 36" fill="#c7d5e0"/>
</svg>
Connect with Steam
</a>
</div>
{% endif %}
</div>
<script>
function toggleAll(check) {
document.querySelectorAll('input[name="appids"]').forEach(cb => cb.checked = check);
updateCount();
}
function updateCount() {
const n = document.querySelectorAll('input[name="appids"]:checked').length;
const el = document.getElementById('sel-count');
if (el) el.textContent = n;
}
document.querySelectorAll('input[name="appids"]').forEach(cb => cb.addEventListener('change', updateCount));
updateCount();
</script>
</body>
</html>

3
backlogger/urls.py
View File

@@ -7,4 +7,7 @@ urlpatterns = [
path('add/', views.item_add, name='add'), path('add/', views.item_add, name='add'),
path('<int:pk>/edit/', views.item_edit, name='edit'), path('<int:pk>/edit/', views.item_edit, name='edit'),
path('<int:pk>/delete/', views.item_delete, name='delete'), path('<int:pk>/delete/', views.item_delete, name='delete'),
path('steam/login/', views.steam_login, name='steam_login'),
path('steam/callback/', views.steam_callback, name='steam_callback'),
path('steam/import/', views.steam_import, name='steam_import'),
] ]

73
backlogger/views.py
View File

@@ -1,7 +1,10 @@
from django.conf import settings
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from django.shortcuts import render, get_object_or_404, redirect from django.shortcuts import render, get_object_or_404, redirect
from django.urls import reverse
from .models import Item from .models import Item
from .forms import ItemForm, SignupForm from .forms import ItemForm, SignupForm
from . import steam as steam_api
def signup(request): def signup(request):
@@ -77,3 +80,73 @@ def item_delete(request, pk):
if request.method == 'POST': if request.method == 'POST':
get_object_or_404(Item, pk=pk, user=request.user).delete() get_object_or_404(Item, pk=pk, user=request.user).delete()
return redirect('backlogger:list') return redirect('backlogger:list')
@login_required
def steam_login(request):
callback = request.build_absolute_uri(reverse('backlogger:steam_callback'))
realm = f"{request.scheme}://{request.get_host()}"
return redirect(steam_api.build_auth_url(callback, realm))
@login_required
def steam_callback(request):
steam_id = steam_api.verify_and_get_steam_id(request.GET.dict())
if not steam_id:
return render(request, 'backlogger/steam_import.html', {'error': 'Steam verification failed. Please try again.'})
api_key = getattr(settings, 'STEAM_API_KEY', '')
if not api_key:
return render(request, 'backlogger/steam_import.html', {'error': 'Steam API key is not configured on the server.'})
try:
games = steam_api.get_owned_games(api_key, steam_id)
except Exception:
return render(request, 'backlogger/steam_import.html', {'error': 'Could not fetch your Steam library. Your profile may be set to private.'})
existing = set(
Item.objects.filter(user=request.user, category=Item.GAMES)
.values_list('name', flat=True)
)
game_list = []
for g in games:
name = g.get('name', '')
hours = round(g.get('playtime_forever', 0) / 60, 1)
game_list.append({
'appid': g.get('appid'),
'name': name,
'hours': hours,
'already_imported': name in existing,
})
request.session['steam_games'] = game_list
return render(request, 'backlogger/steam_import.html', {'games': game_list})
@login_required
def steam_import(request):
if request.method != 'POST':
return redirect('backlogger:list')
games_by_appid = {str(g['appid']): g for g in request.session.get('steam_games', [])}
selected = request.POST.getlist('appids')
imported = 0
for appid in selected:
game = games_by_appid.get(appid)
if not game or game['already_imported']:
continue
hours = game['hours']
progress = min(100.0, hours) if hours > 0 else 0.0
Item.objects.create(
user=request.user,
category=Item.GAMES,
name=game['name'],
hours_played=hours,
progress_percent=progress,
)
imported += 1
del request.session['steam_games']
return redirect(f"{reverse('backlogger:list')}?category=games&imported={imported}")

1
kboris/settings.py
View File

@@ -5,6 +5,7 @@ BASE_DIR = Path(__file__).resolve().parent.parent
SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', 'dev-insecure-key') SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', 'dev-insecure-key')
DEBUG = os.environ.get('DEBUG', 'False').lower() == 'true' DEBUG = os.environ.get('DEBUG', 'False').lower() == 'true'
STEAM_API_KEY = os.environ.get('STEAM_API_KEY', '')
ALLOWED_HOSTS = [ ALLOWED_HOSTS = [
'k-boris.tech', 'k-boris.tech',