def post(self): """ Gets title and concept from the form Validates all the fields, if there are no errors, adds to content to Concepts Kind """ ADMIN = [Crypto.encrypto_wo_salt("cranticumar")] if self.get_current_user().username in ADMIN: title = self.request.get("title") concept = self.request.get("concept") if title == "" or concept == "": # If there are errors, renders it back with errors self.render("addcontent.html", error="Please add both title and Concept", contentadd=True) else: # gets the current last/recently added concept (concept with last field set to True) prnt = Concepts.query(Concepts.last == True).get() if not prnt is None: # create an entity with last field set to true and parent field set to recently added entity's key tmp = Concepts(concept=generate_htmlstring(title, concept), title=title, parent=prnt.key, last=True) # as there can be only one recently added concept, setting previous last concept entity last field to False prnt.last = False # committing the preivous recently/last added concept changes prnt.put() else: # If this is the first time concept being added, entity creation happens without parent field tmp = Concepts(concept=generate_htmlstring(title, concept), title=title, last=True) # Commiting post to datastore tmp.put() self.redirect("/addcontent") else: self.render("addcontent.html", error="You are not admin to post the content", contentadd=True)
def post(self): """ Registration form to register a new user Login form to sign in to the website. Logout form to logout from the website. Also does the validation of all fields during registration Once logged in, redirects to Main Page. """ self.uname = str(self.request.get("username")) self.pwd = str(self.request.get("password")) if self.uname and self.uname != "": # If user name is provided and defined, encrypts it for checking/writing to database # Also uses it for cookie to retrieve user data # Encryption is needed for security self.encrypted_uname = Crypto.encrypto_wo_salt(self.uname) else: self.encrypted_uname = None if self.request.get("signup"): self.disname = str(self.request.get("dispname")) self.verify = str(self.request.get("verify")) self.email = str(self.request.get("email")) self.errors = validate_signupform( uname=self.uname, pwd=self.pwd, disname=self.disname, verify=self.verify, email=self.email ) if self.errors: self.render("signup.html", username=self.uname, email=self.email, **self.errors) else: # once validation goes through, a new entity is created in Users Kind with # encrypted username and salt encrypted password (hashlib and hmac alogorithms # used) Users.register_newuser( disname=self.disname, usrname=self.encrypted_uname, pwd=Crypto.encrypto(self.pwd), email=self.email ) self.response.headers.add_header( "Set-Cookie", "user_id = {username}".format(username=self.encrypted_uname) ) # providing 1 seconds for datastore to get updated time.sleep(DATASTORE_LATENCY) self.redirect("/mainpage") elif self.request.get("login"): # validates if user login and password are correct, if authenticated, sets cookie # and redirects to Welcome Page errors = validate_loginform(uname=self.encrypted_uname, pwd=self.pwd) if errors: self.render("signup.html", username=self.uname, **errors) else: self.response.headers.add_header( "Set-Cookie", "user_id = {username}".format(username=self.encrypted_uname) ) self.redirect("/mainpage") elif self.request.get("logout"): # Logs out, unset the cookie and re-direct to SingUp Page self.response.headers.add_header("Set-Cookie", "user_id = {username}".format(username="")) self.redirect("/signup")
def post(self): """ Handles forms with method post Fetches the user name and post and adds it to UserPosts Kind in datastore as an entity. """ if self.request.get("login"): self.uname = str(self.request.get("username")) self.pwd = str(self.request.get("password")) if self.uname and self.uname != "": # If user name is provided and defined, encrypts it for checking/writing to database # Also uses it for cookie to retrieve user data # Encryption is needed for security self.encrypted_uname = Crypto.encrypto_wo_salt(self.uname) errors = validate_loginform(uname=self.encrypted_uname, pwd=self.pwd) if errors: self.render("mainpage.html", username=self.uname, **errors) else: self.response.headers.add_header( "Set-Cookie", "user_id = {username}".format(username=self.encrypted_uname) ) self.redirect("/mainpage") if self.request.get("logout"): # unsets user_id cookie self.response.headers.add_header("Set-Cookie", "user_id = {username}".format(username="")) # redirects to mainpage self.redirect("/mainpage") if self.request.get("post"): self.usr = self.get_current_user() self.post = self.request.get("comment") if self.post and self.display_name: new_post = Posts(post=self.request.get("comment"), user=self.usr.dispname if self.usr else None) new_post.put() userposts.append(new_post) self.render("mainpage.html") else: self.render("mainpage.html", posterror="Null Comments are not allowed")
def validate_signupform(**kw): """ Validates sign up form while registration for correctness of the details """ errors = dict() password_elist = list() if not (kw.get("uname") and re.match("^[a-z0-9_\.]{5,20}$", kw.get("uname"))): errors["error_username"] = "******" elif Users.get_by_username(Crypto.encrypto_wo_salt(kw.get("uname"))): # If username (each username has its own encrypted version) already exists in database, # this sets an error errors["error_username"] = "******" if not (kw.get("disname") and re.match("^[a-zA-Z]{3,20}$", kw.get("disname"))): errors["error_dispname"] = "That is an invalid name" if not (kw.get("pwd") and re.match("^.{5,10}$", kw.get("pwd"))): password_elist.append("Character Limit of 5 (min) - 10 (max)") if not (re.match(".*[a-z].*", kw.get("pwd"))): password_elist.append("Password must contain atleast 1 small alphabet") if not (re.match(".*[A-Z].*", kw.get("pwd"))): password_elist.append("Password must contain atleast 1 Capital Letter") if not (re.match(".*[0-9].*", kw.get("pwd"))): password_elist.append("Password must contain atleast 1 number") if password_elist: errors["error_password"] = password_elist if not (kw.get("verify") and kw.get("verify") == kw.get("pwd")): errors["error_verify"] = "Passwords did not match" if kw.get("email"): if not re.match("^[\S]+@[\S]+\.[\S]+$", kw.get("email")): errors["error_email"] = "Not a valid email address" return errors