def playlistRemove():
songid = request.form['songid']
playlistID = request.form['playlistid']
user = session['user']
userid = database.fetchUser(user)
playlists = database.getPlaylists(userid)
if playlistID not in map(lambda x: str(x.pid), playlists):
return '', 400
database.removeFromPlaylist(playlistID, songid)
return ''
def userId(id):
if not viewFunctions.isLoggedIn():
return ''
conn = app.config['pool'].connection()
cur = conn.cursor()
user = db.fetchUser(cur,id)
# self ?
if int(id) == viewFunctions.getUid():
cur.execute('select fbId,fbName from user where user_id=%s',(id,))
res = cur.fetchone()
user['fbId'] = res[0]
user['fbName'] = res[1]
cur.close()
conn.close()
return flask.jsonify(user=user)
def register():
try:
email = request.form['email']
password = request.form['password']
except:
return response('', 400)
if not database.fetchUser(email) is None:
error = 'Error: Username already exists'
else:
database.addUser(email, password)
session['user'] = email
flash('Success: Logging in')
return redirect(url_for('mysite.index'))
return render_template('login.html', error=error)
def create():
defenses.setup(request, response)
csrftoken = defenses.csrfDefense.init(request, response)
defenses.csrfDefense.validate(request, csrftoken)
username = request.forms.get("username")
password = request.forms.get("password")
if not username or not password:
raise HTTPError(400, "Required field is empty")
if not re.match("[A-Za-z0-9]+$", username):
raise HTTPError(400, "Invalid username")
if database.fetchUser(username):
raise HTTPError(400, "User already exists")
if len(password) < 4:
raise HTTPError(400, "Password too short")
database.createUser(username, password)
if not database.validateUser(username, password):
raise HTTPError(403, "Account creation unsuccessful")
response.set_cookie("authuser", username, authSecret, httponly=True)
redirect("./")
def index():
if not viewFunctions.isLoggedIn():
return viewFunctions.displaySignup()
conn = app.config['pool'].connection()
cur = conn.cursor()
g = {}
uid = viewFunctions.getUid()
user = db.fetchUser(cur,uid)
g.update({'user_id':uid,'username':user['name'],'avatar':user['avatar_image'],'prestige':user['prestige'],'invites':user['invites']})
g.update({'categories':[]})
g.update({'newUsers':db.fetchNewUsers(cur)})
#g.update({'tasks':db.fetchTasks(cur,user['user_id'])})
g.update({'question':db.fetchQuestion(cur)})
cur.close()
conn.close()
return render_template('index.html',**g)
def login(create=False):
defenses.setup(request, response)
csrftoken = defenses.csrfDefense.init(request, response)
defenses.csrfDefense.validate(request, csrftoken)
username = request.forms.get("username")
password = request.forms.get("password")
if not username or not password:
raise HTTPError(400, "Required field is empty")
if not re.match("[A-Za-z0-9]+$", username):
raise HTTPError(400, "Invalid username")
if create:
if database.fetchUser(username):
raise HTTPError(400, "User already exists")
if len(password) < 4:
raise HTTPError(400, "Password too short")
database.createUser(username, password)
if not database.validateUser(username, password):
raise HTTPError(403, "Login unsuccessful")
response.set_cookie("authuser", username, authSecret, httponly=True)
redirect("./")
def library():
user = session.get('user')
userid = database.fetchUser(user)
playlists = database.getPlaylists(userid)
playlistID = request.args.get('playlist')
query = request.args.get('query')
order = request.args.get('sort')
toreverse = request.args.get('reversed')
if query is None:
query = ''
if playlistID is None or playlistID == "all" or playlistID not in map(
lambda x: str(x.pid), playlists):
songs = database.getSongs(query)
allselected = True
else:
songs = database.getSongs(query, playlistID)
allselected = False
if toreverse == 'true':
toreverse = True
else:
toreverse = False
if order == 'title':
songs = sorted(songs, key=lambda x: x.title, reverse=toreverse)
if order == 'artist':
songs = sorted(songs, key=lambda x: x.artist, reverse=toreverse)
if order == 'duration':
songs = sorted(songs, key=lambda x: x.get_length(), reverse=toreverse)
return render_template("library.html",
user=user,
playlists=playlists,
songs=songs,
allselected=allselected,
pid=playlistID,
numsongs=len(songs))
def category(category):
if not viewFunctions.isLoggedIn():
return ''
# fetch the category id/visibility from the name
category = category.replace('+',' ')
conn = app.config['pool'].connection()
cur = conn.cursor()
cur.execute('select cat_id,private from category where name=%s', (category,))
row = cur.fetchone()
cat_id = row[0]
isPrivate = bool(row[1])
self = db.fetchUser(cur,viewFunctions.getUid())
# verify that this user has access to this category
if not isPrivate or (isPrivate and cat_id in self['guilds']):
posts = db.fetchCategoryPosts(cur,cat_id)
category = ' '.join(c.capitalize() for c in category.split())
return flask.jsonify(posts=posts,id=cat_id,private=isPrivate)
return ''
def getUser():
username = request.get_cookie("authuser", None, secret=authSecret)
if username is None:
return None
return database.fetchUser(username)
def createPlaylist():
title = request.form['title']
userid = database.fetchUser(session['user'])
database.createPlaylist(userid, title)
return ''
def getUser():
username = request.get_cookie("authuser", None, secret=authSecret)
if username is None:
return None
return database.fetchUser(username)