def user_edit(request): if not request.user.is_super: return render_to_response("user_edit.html", {'error1': u'无权限'}, context_instance=RequestContext(request)) if request.method == 'POST': post = request.POST uid = post.get('uid', '') state = post.get('state', '') role = post.get('role', "1") name = post.get('name', '') if uid: User.objects.filter(pk=uid).update( role=role, first_name=name, is_active=True if state == '1' else False) return HttpResponseRedirect(reverse('user_list')) else: _get = request.GET uid = _get.get('uid', '') if uid: try: user = User.objects.get(pk=uid) except User.DoesNotExist: user = User() else: user = User() user.id = '' return render_to_response("user_edit.html", { 'user_l': user, 'id': user.id }, context_instance=RequestContext(request))
def populate_db(num_users=5): """ Fills the database with fake data. """ from faker import Factory from app.user.models import User fake = Factory.create() admin_username = '******' admin_email = '*****@*****.**' admin_password = '******' users = [] for _ in range(int(num_users)): users.append( User(fake.userName(), fake.email(), fake.word() + fake.word(), fake.ipv4())) users.append( User(admin_username, admin_email, admin_password, fake.ipv4(), active=True, is_admin=True)) for user in users: db.session.add(user) db.session.commit()
def system_user_new(request): if request.method == 'POST': qd = request.POST _id = qd.get("itemid", "") if _id: item = User.objects.get(pk=_id) else: item = User() item.set_password(qd.get("password", '')) item.role = qd.get("role", 0) item.username = qd.get("username", '') item.email = qd.get("email", '') item.first_name = qd.get("first_name", '') item.last_name = qd.get("last_name", '') item.save() return HttpResponseRedirect(reverse("system_user_list")) else: qd = request.GET _id = qd.get("itemid", "") if _id: item = User.objects.get(pk=_id) else: item = User() context = { "item": item, "current_user": request.user, } return render(request, 'system_user/user_new.html', context)
def load_user_from_request(request): # first, try to login using the api_key url arg api_key = request.args.get('api_key') if api_key: db = get_db() res = db.user.find_one({'openid': api_key}) if res: user = User(res.get('openid')) return user # next, try to login using Basic Auth api_key = request.headers.get('Authorization') # print(api_key) if api_key: db = get_db() # api_key = api_key.replace('Basic ', '', 1) # try: # import base64 # api_key = base64.b64decode(api_key).decode('utf-8') # print(api_key) # except TypeError: # pass res = db.user.find_one({'openid': api_key}) print(res) if res: user = User(res.get('openid')) return user # finally, return None if both methods did not login the user return None
def set_up_users(self): self.admin = User(username="******", role=Role.Admin.value) self.moderator = User(username="******", role=Role.Moderator.value) self.user = User(username="******") self.user2 = User(username="******") self.add_all([self.admin, self.moderator, self.user, self.user2]) self.commit()
def test_follow_posts(self): # make four users u1 = User(nickname='john', email='*****@*****.**') u2 = User(nickname='susan', email='*****@*****.**') u3 = User(nickname='mary', email='*****@*****.**') u4 = User(nickname='david', email='*****@*****.**') db.session.add(u1) db.session.add(u2) db.session.add(u3) db.session.add(u4) # make four posts utcnow = datetime.utcnow() p1 = Post(body="post from john", author=u1, timestamp=utcnow + timedelta(seconds=1)) p2 = Post(body="post from susan", author=u2, timestamp=utcnow + timedelta(seconds=2)) p3 = Post(body="post from mary", author=u3, timestamp=utcnow + timedelta(seconds=3)) p4 = Post(body="post from david", author=u4, timestamp=utcnow + timedelta(seconds=4)) db.session.add(p1) db.session.add(p2) db.session.add(p3) db.session.add(p4) db.session.commit() # setup the followers u1.follow(u1) # john follows himself u1.follow(u2) # john follows susan u1.follow(u4) # john follows david u2.follow(u2) # susan follows herself u2.follow(u3) # susan follows mary u3.follow(u3) # mary follows herself u3.follow(u4) # mary follows david u4.follow(u4) # david follows himself db.session.add(u1) db.session.add(u2) db.session.add(u3) db.session.add(u4) db.session.commit() # check the followed posts of each user f1 = u1.followed_posts().all() f2 = u2.followed_posts().all() f3 = u3.followed_posts().all() f4 = u4.followed_posts().all() assert len(f1) == 3 assert len(f2) == 2 assert len(f3) == 2 assert len(f4) == 1 assert f1 == [p4, p2, p1] assert f2 == [p3, p2] assert f3 == [p4, p3] assert f4 == [p4]
def test_follow_user(self): u1 = User('foo', '*****@*****.**') u1.save() u2 = User('foo1', '*****@*****.**') u2.save() p1 = UserProfile(u1) p2 = UserProfile(u2) p1.save() p2.save() p1.follow(p2) assert p1.is_following(p2)
def register(): result = {} if request.method == 'POST': username = request.values.get('username') password = request.values.get('password') email = request.values.get('email') if username and password and email: user = User.query.filter(User.username == username or User.email == email).all() if user: result.update(msg='用户名或者邮箱已存在', status=-2) else: user = User(username=username, password=password, email=email) db.session.add(user) db.session.commit() # 发送激活的邮箱 msg = Message("Hello world", body='用户您好1', html=render_template('activate.html', username=username), sender="*****@*****.**", recipients=['*****@*****.**']) mail.send(msg) # tooken # 将用户名缓存到redis rds.set('username', username, ex=10 * 60) # cache.set('key', value, timeout=10 * 60) else: result.update(msg='必要参数不能为空', status=-1) else: result.update(msg='错误的请求方式', status=400) return jsonify(result)
def add_user(): # Check all required fields for field in ['email', 'password']: if field not in flask.request.json: raise InvalidUsage('Field {0} is mising.', status_code=422, enum='POST_ERROR') email = flask.request.json['email'] password = flask.request.json['password'] # Check if user already exists user = User.query.filter_by(email=email).first() if user is not None: db.session.close() raise InvalidUsage('User already exists', status_code=409, enum='USER_EXISTS') user = User(email, password) db.session.add(user) db.session.commit() response = { 'message': 'Registration was successful', 'username': '', 'email': user.email, 'auth_token': user.get_auth_token() } log.print_log(app.name, 'Registered new user {}'.format(user)) return flask.make_response(jsonify(response), 200)
def register(): result = {} if request.method == 'POST': username = request.values.get('username') password = request.values.get('password') email = request.values.get('email') if username and password and email: user = User.query.filter(User.username == username or User.email == email).all() if user: result.update(msg='账号或者邮箱已经存在', status=-2) else: pwd = generate_password_hash(password) user = User(username=username, password=pwd, email=email) db.session.add(user) db.session.commit() #发送激活邮箱 msg = Message('激活邮件', body='用户您好', html=render_template('activate.html', username=username), sender='*****@*****.**', recipients=[email]) mail.send(msg) #将用户缓存到redis # rds.set('username', username, ex=10 * 60) cache.set('username', username, timeout=10 * 60) else: result.update(msg='必要参数不能为空', status=-1) else: result.update(msg='错误的请求方式', status=400) return jsonify(result)
def add_default_admin(): print('Adding the default admin') user = User(default_admin) try: store.add(user) except Exception as e: print('User already created')
def test_unfavorite_an_article(self): u1 = User('foo', '*****@*****.**') u1.save() p1 = UserProfile(u1) p1.save() u2 = User('foo1', '*****@*****.**') u2.save() p2 = UserProfile(u2) p2.save() article = Article(p1, 'title', 'some body', description='some') article.save() assert article.favourite(p1) assert article.unfavourite(p1) assert not article.is_favourite(p1)
def test_get_by_id(self): """Get user by ID.""" user = User('foo', '*****@*****.**') user.save() retrieved = User.get_by_id(user.id) assert retrieved == user
def register(): """ Renders the HTML page where users can register new accounts. If the RegistrationForm meets criteria, a new user is written into the database. :return: HTML page for registration. """ current_app.logger.info('Start function register() [VIEW]') form = RegistrationForm() if form.validate_on_submit(): user = User(email=form.email.data.lower(), password=form.password.data, first_name=form.first_name.data, last_name=form.last_name.data, division=form.division.data, tag_id=form.tag.data, budget_code=form.budget_code.data, object_code=form.object_code.data, object_name=form.object_name.data, is_administrator=True, is_supervisor=True, validated=True) db.session.add(user) db.session.commit() current_app.logger.info('Successfully registered user {}'.format( user.email)) flash('User successfully registered.', category='success') current_app.logger.info('End function register() [VIEW]') return redirect(url_for('auth.login')) current_app.logger.info('End function register() [VIEW]') return render_template('auth/register.html', form=form)
def add_user(): form = json.loads(request.data) #print('Register: ' + str(form)) firstname = form['firstname'] lastname = form['lastname'] email = form['email'].lower() age = form['age'] gender = form['gender'].lower() try: if User.query.filter_by(email=email).first(): message = {'message': 'User {} already exists'.format(email)} return jsonify(message), 500 else: new_user = User(firstname=firstname, lastname=lastname, email=email, age=age, gender=gender) db.session.add(new_user) db.session.commit() response = { 'message': 'User {} was created'.format(new_user.firstname), 'id': new_user.id } return jsonify(response) except Exception as e: print(e) message = {'message': 'Something went wrong'} return jsonify(message), 500
def get_user_from_ldap(self, username): """ # 使用管理员账号与密码登陆ldap服务,查询用户 # 是否存在,存在则用用户信息创建User实例。 :param username: :return: """ client = self.ldap_login("*****@*****.**", "JWPRj7pa^J#3NLZ3") try: result = client.search_s("OU=小帮规划,DC=xiaobang,DC=xyz", ldap.SCOPE_SUBTREE, "(cn={})".format(username))[0][1] except IndexError: return None except ldap.NO_SUCH_OBJECT: return None user = User() user.id = result.get("employeeID")[0].decode() user.name = result.get("name")[0].decode() user.display_name = result.get("displayName")[0].decode() user.email = result.get("mail")[0].decode() user.department = result.get("department")[0].decode() user.role = result.get("title")[0].decode() user.title = result.get("title")[0].decode() return user
def register(): result = {} if request.method == 'POST': username = request.values.get('username') password = request.values.get('password') email = request.values.get('email') if username and password and email: user = User.query.filter(User.username == username or User.email == email).all() if user: result.update(msg='账户或者邮箱已经存在', status=-2) else: user = User(username=username, password=password, email=email) db.session.add(user) db.session.commit() msg = Message('Hello', body='用户您好', html=render_template('activate.html', username=username), sender='*****@*****.**', recipients=['*****@*****.**']) # cache.set(username=username) mail.send(msg) rds.set('username', username, ex=10 * 60) else: result.update(msg='必要参数不能为空', status=-1) else: result.update(msg='错误的请求方式', status=400) return jsonify(result)
def post(self): result = {"status": False, 'msg': ''} status_code = 400 if request.method == 'POST': email = request.json.get("email") first_name = request.json.get("first_name") last_name = request.json.get("last_name") password = request.json.get("password") user = User.query.filter_by(email=email).first() if user: result['msg'] = "User already exist!" else: user = User(email=email, first_name=first_name, last_name=last_name, password=User.set_password_class_method(password)) db.session.add(user) db.session.commit() status_code = 201 result = {"status": True, 'msg': 'User created successfully.'} return Response(json.dumps(result), status=status_code, mimetype='application/json')
def signup(): if current_user.is_authenticated: return redirect(url_for('post.index')) form = SignUpForm() message = None if form.validate_on_submit(): username = form.username.data.capitalize() email = form.email.data.capitalize() password = form.password.data # Check if other user has this email or username user_email = User.get_by_email(email) user_name = User.query.filter_by(username=username).first() if user_email is not None or user_name is not None: if user_email is not None: message = f'The email {email} already registered' else: message = f'Username {username} already taken' else: # Create user and save it user = User(username=username, email=email) user.set_password(password) user.save() if user.id == 1: user.admin = True db.session.commit() # Log in the user login_user(user, remember=True) next_page = request.args.get('next', None) if not next_page or url_parse(next_page).netloc != '': next_page = url_for('post.index') flash('Welcome to Micro-Posting') return redirect(next_page) return render_template('session/Signup.html', form=form, message=message)
def signup(): form = RegisterForm(form_type="inline") if form.validate_on_submit(): #Form Values hashed_password = generate_password_hash(form.password.data, method='sha256') username = form.username.data email = form.email.data cur_check = db.engine.execute("SELECT email, username FROM users WHERE username='******' or email='{}'".format(username,email)).first() if cur_check is not None: error = Markup( '<div class="alert alert-danger w-100" role="alert">Der <b>Nutzername</b> oder die <b>Mailadresse</b> ist schon registriert</div>') return render_template('user/signup.html', form=form, error=error) else: new_user = User(username=username, email=email, password=hashed_password, lastname=form.lastname.data, firstname=form.firstname.data, facility=form.facility.data, access=1, business=form.business.data, confirmed=False) db.session.add(new_user) db.session.commit() token_user = token.generate_confirmation_token(username) confirm_url = "{}confirm/{}".format(Config.URL_ENDPOINT, token_user) html = render_template('user/activate_mail.html', confirm_url=confirm_url) subject = "Bitte bestätigen Sie ihre Email" mail = Mailer(email, subject, html) mail.send_email() login_user(User.query.filter_by(username=username).first()) return render_template('user/signup.html') return render_template('user/signup.html', form=form)
def create_user(): try: username = request.form['username'] email = request.form['email'] password = request.form['password'] first_name = request.form['first_name'] middle_name = request.form['middle_name'] last_name = request.form['last_name'] except KeyError as e: return jsonify(success=False, message="%s not sent in the request" % e.args), 400 user_type = "user" if '@' not in email: return jsonify(success=False, message="Please enter a valid email"), 400 cast = User.query.all() length = 1 for cas in cast: length = length + 1 user = User(first_name, middle_name, last_name, email, username, user_type, password) db.session.add(user) try: db.session.commit() except IntegrityError as e: return jsonify(success=False, message="This email already exists"), 400 session['user_id'] = str(length) return redirect(url_for('user.check_login'))
def load_user(user_id): db = get_db() res = db.user.find_one({'openid': user_id}) if res: user = User(res['openid']) return user return None
def new(self, school_id=None, form_id=None, permissions=[], roles=[]): if school_id is None: school_id = self.school.id password = fake.password() user = User(first_name=fake.first_name(), last_name=fake.last_name(), email=fake.email(), password=password, school_id=school_id, username=fake.user_name(), form_id=form_id) user.raw_password = password user.id = fake.random_int() if len(permissions) > 0: permission_query = Permission.query.filter( Permission.name.in_(permissions), Permission.school_id == school_id) [user.permissions.append(p) for p in permission_query] if len(roles) > 0: role_query = Role.query.filter(Role.name.in_(roles), Role.school_id == school_id) [user.roles.append(r) for r in role_query] return user
def post(self): '''用户注册接口 :return 返回注册信息{'re_code': '0', 'msg': '注册成功'} ''' nickname = request.json.get('nickname') email = request.json.get('email') password = request.json.get('password') mailcode_client = request.json.get('mailcode') if not all([email, nickname, password, mailcode_client]): return jsonify(re_code=RET.PARAMERR, msg='参数不完整') # 从Redis中获取此邮箱对应的验证码,与前端传来的数据校验 try: mailcode_server = redis_conn.get('EMAILCODE:' + email).decode() except Exception as e: current_app.logger.info(e) return jsonify(re_code=RET.DBERR, msg='查询邮箱验证码失败') if mailcode_server != mailcode_client: current_app.logger.info(mailcode_server) return jsonify(re_code=RET.PARAMERR, msg='邮箱验证码错误') user = User() user.email = email user.nickname = nickname user.password = password # 利用user model中的类属性方法加密用户的密码并存入数据库 try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.info(e) db.session.rollback() return jsonify(re_code=RET.DBERR, msg='注册失败') # 6.响应结果 return jsonify(re_code=RET.OK, msg='注册成功')
def register(): result = {} if request.method == 'POST': username = request.values.get('username') password = request.values.get('password') email = request.values.get('email') if username and password and email: user = User.query.filter(User.username == username or User.email == email).all() # user = User.query.withenties(username=username) if user: result.update(msg='账号或邮箱已存在!!', status=-2) else: user = User(username=username, password=password, email=email) db.session.add(user) db.session.commit() msg = Message( '激活邮件', body='用户您好', sender='*****@*****.**', recipients=[email], ) get_redis().set('username', username, ex=10 * 60) mail.send(msg) result.update(msg='邮件已发送', status=1) else: result.update(msg='必要参数不能为空!!!', status=-1) else: result.update(msg='错误的请求方式!!!', status=400) return jsonify(result)
def register(): result = {} if request.method == 'GET': return render_template('res.html') if request.method == 'POST': username = request.values.get('username') password = request.values.get('password') email = request.values.get('email') if username and password and email: user = User.query.filter(User.username == username or User.email == email).all() if user: result.update(msg='账号或者邮箱已经存在', status=-2) else: user = User(username=username, password=password, email=email) db.session.add(user) db.session.commit() msg = Message("Hello", sender="*****@*****.**", recipients=['*****@*****.**']) mail.send(msg) else: result.update(msg='必要参数不能为空', status=-1) else: result.update(msg='错误的请求方式', status=400) return jsonify(result)
def create(self, db_session: Session, *, obj_in: UserCreate) -> User: db_obj = User(name=obj_in.name, password=get_password_hash(obj_in.password), date=datetime.now()) db_session.add(db_obj) db_session.commit() db_session.refresh(db_obj) return db_obj
def signup(): if 'user_id' in session: return redirect(url_for('helper.load_html')) #return redirect("http://127.0.0.1:5000/home") form = RegisterForm() print('/register') if form.validate_on_submit(): print('nothing ran') if form.password.data != form.check_password.data: return render_template('register.html', form=form, message="Passwords don't match") if '@' not in form.email.data: return render_template('register.html', form=form, message="Please enter a valid email") try: print('user added') new_user = User(name=form.username.data, email=form.email.data, password=form.password.data, is_admin=False) db.session.add(new_user) db.session.commit() k = Globalvar.query.all() for i in k: db.session.delete(i) var = Globalvar(get_random_string()) db.session.add(var) db.session.commit() #global checker #app.jinja_env.globals['csrf_key'] = get_random_string() #checker = get_random_string() #g.gvariable = get_random_string() #print(session) #session.pop('user_id') #print(session) #for key in session.keys(): # session.pop[key] #print(session) #session['user_id'] = new_user.id print(new_user.id) #print(session['user_id']) login_user(new_user) #print(session['user_id']) #print(session['csrf_key']) #print(session) #print('checker after post request',checker) return redirect(url_for('helper.load_html')) #return redirect("http://127.0.0.1:5000/home") except: print('user not added') return render_template('register.html', form=form, message="Email is already Registered") return render_template('register.html', form=form)
def signup_school(request): # Fetch JSON data from request data = json_from_request(request) # List of keys we expect to see in JSON expected_keys = [ "school_name", "first_name", "last_name", "password", "username", "email" ] # Checks keys are present in JSON and throws error if not which is automatically caught and converted into a error message check_keys(expected_keys, data) # Checks values for keys are not blank check_values_not_blank(expected_keys, data) # Create school object with user's data school = School(school_name=data['school_name']) # Add school to db db.session.add(school) db.session.commit() # Create user # Check email not already in use if User.query.filter_by(email=data['email']).first() is not None: raise FieldInUseError("email") # Check username is not already in use if User.query.filter_by(username=data['username']).first() is not None: raise FieldInUseError("username") # Create user user = User(first_name=data['first_name'], last_name=data['last_name'], email=data['email'], password=data['password'], username=data['username'], school_id=school.id) # Add user to db db.session.add(user) db.session.commit() # Create permissions for permission in Permission.default_permissions(school.id): db.session.add(permission) db.session.commit() # Assign user to admin permissions permission = Permission.query.filter_by(name="Administrator", school_id=school.id).first() user.permissions.append(permission) db.session.add(user) db.session.commit() # Return success message as JSON return jsonify({'success': True})
def process(item): roles = item['roles'] del item['roles'] item['password'] = password_helper.generate_password_hash( item['password']) obj, msg = User(**item).create() roles = [Role.get_by_name(role) for role in roles] obj.roles = [UserRole(obj.id, role.id) for role in roles] obj.save()