def post(self):
"""
Gets title and concept from the form
Validates all the fields, if there are no errors, adds to content to Concepts Kind
"""
ADMIN = [Crypto.encrypto_wo_salt("cranticumar")]
if self.get_current_user().username in ADMIN:
title = self.request.get("title")
concept = self.request.get("concept")
if title == "" or concept == "":
# If there are errors, renders it back with errors
self.render("addcontent.html", error="Please add both title and Concept", contentadd=True)
else:
# gets the current last/recently added concept (concept with last field set to True)
prnt = Concepts.query(Concepts.last == True).get()
if not prnt is None:
# create an entity with last field set to true and parent field set to recently added entity's key
tmp = Concepts(concept=generate_htmlstring(title, concept), title=title, parent=prnt.key, last=True)
# as there can be only one recently added concept, setting previous last concept entity last field to False
prnt.last = False
# committing the preivous recently/last added concept changes
prnt.put()
else:
# If this is the first time concept being added, entity creation happens without parent field
tmp = Concepts(concept=generate_htmlstring(title, concept), title=title, last=True)
# Commiting post to datastore
tmp.put()
self.redirect("/addcontent")
else:
self.render("addcontent.html", error="You are not admin to post the content", contentadd=True)
def post(self):
"""
Registration form to register a new user
Login form to sign in to the website.
Logout form to logout from the website.
Also does the validation of all fields during registration
Once logged in, redirects to Main Page.
"""
self.uname = str(self.request.get("username"))
self.pwd = str(self.request.get("password"))
if self.uname and self.uname != "":
# If user name is provided and defined, encrypts it for checking/writing to database
# Also uses it for cookie to retrieve user data
# Encryption is needed for security
self.encrypted_uname = Crypto.encrypto_wo_salt(self.uname)
else:
self.encrypted_uname = None
if self.request.get("signup"):
self.disname = str(self.request.get("dispname"))
self.verify = str(self.request.get("verify"))
self.email = str(self.request.get("email"))
self.errors = validate_signupform(
uname=self.uname, pwd=self.pwd, disname=self.disname, verify=self.verify, email=self.email
)
if self.errors:
self.render("signup.html", username=self.uname, email=self.email, **self.errors)
else:
# once validation goes through, a new entity is created in Users Kind with
# encrypted username and salt encrypted password (hashlib and hmac alogorithms
# used)
Users.register_newuser(
disname=self.disname, usrname=self.encrypted_uname, pwd=Crypto.encrypto(self.pwd), email=self.email
)
self.response.headers.add_header(
"Set-Cookie", "user_id = {username}".format(username=self.encrypted_uname)
)
# providing 1 seconds for datastore to get updated
time.sleep(DATASTORE_LATENCY)
self.redirect("/mainpage")
elif self.request.get("login"):
# validates if user login and password are correct, if authenticated, sets cookie
# and redirects to Welcome Page
errors = validate_loginform(uname=self.encrypted_uname, pwd=self.pwd)
if errors:
self.render("signup.html", username=self.uname, **errors)
else:
self.response.headers.add_header(
"Set-Cookie", "user_id = {username}".format(username=self.encrypted_uname)
)
self.redirect("/mainpage")
elif self.request.get("logout"):
# Logs out, unset the cookie and re-direct to SingUp Page
self.response.headers.add_header("Set-Cookie", "user_id = {username}".format(username=""))
self.redirect("/signup")
def post(self):
"""
Handles forms with method post
Fetches the user name and post and adds it to UserPosts Kind in datastore as an entity.
"""
if self.request.get("login"):
self.uname = str(self.request.get("username"))
self.pwd = str(self.request.get("password"))
if self.uname and self.uname != "":
# If user name is provided and defined, encrypts it for checking/writing to database
# Also uses it for cookie to retrieve user data
# Encryption is needed for security
self.encrypted_uname = Crypto.encrypto_wo_salt(self.uname)
errors = validate_loginform(uname=self.encrypted_uname, pwd=self.pwd)
if errors:
self.render("mainpage.html", username=self.uname, **errors)
else:
self.response.headers.add_header(
"Set-Cookie", "user_id = {username}".format(username=self.encrypted_uname)
)
self.redirect("/mainpage")
if self.request.get("logout"):
# unsets user_id cookie
self.response.headers.add_header("Set-Cookie", "user_id = {username}".format(username=""))
# redirects to mainpage
self.redirect("/mainpage")
if self.request.get("post"):
self.usr = self.get_current_user()
self.post = self.request.get("comment")
if self.post and self.display_name:
new_post = Posts(post=self.request.get("comment"), user=self.usr.dispname if self.usr else None)
new_post.put()
userposts.append(new_post)
self.render("mainpage.html")
else:
self.render("mainpage.html", posterror="Null Comments are not allowed")
def validate_signupform(**kw):
"""
Validates sign up form while registration for correctness of the details
"""
errors = dict()
password_elist = list()
if not (kw.get("uname") and re.match("^[a-z0-9_\.]{5,20}$", kw.get("uname"))):
errors["error_username"] = "******"
elif Users.get_by_username(Crypto.encrypto_wo_salt(kw.get("uname"))):
# If username (each username has its own encrypted version) already exists in database,
# this sets an error
errors["error_username"] = "******"
if not (kw.get("disname") and re.match("^[a-zA-Z]{3,20}$", kw.get("disname"))):
errors["error_dispname"] = "That is an invalid name"
if not (kw.get("pwd") and re.match("^.{5,10}$", kw.get("pwd"))):
password_elist.append("Character Limit of 5 (min) - 10 (max)")
if not (re.match(".*[a-z].*", kw.get("pwd"))):
password_elist.append("Password must contain atleast 1 small alphabet")
if not (re.match(".*[A-Z].*", kw.get("pwd"))):
password_elist.append("Password must contain atleast 1 Capital Letter")
if not (re.match(".*[0-9].*", kw.get("pwd"))):
password_elist.append("Password must contain atleast 1 number")
if password_elist:
errors["error_password"] = password_elist
if not (kw.get("verify") and kw.get("verify") == kw.get("pwd")):
errors["error_verify"] = "Passwords did not match"
if kw.get("email"):
if not re.match("^[\S]+@[\S]+\.[\S]+$", kw.get("email")):
errors["error_email"] = "Not a valid email address"
return errors
