def login():
pop_game_explorer_query()
error = None
if request.method == 'POST':
if DEBUG:
print("LOGGING IN with username=%(username)s, "
"password=%(password)s" % request.form)
cursor = g.db.cursor()
database.execSqlWithParams(cursor, database.sqlSelectUser,
request.form)
userInfo = cursor.fetchone()
cursor.close()
if userInfo == None:
error = 'Invalid username or password'
else:
uuid, username, password, email = userInfo
user = User()
user.id = uuid
user.username = username
user.password = password
user.email = email
login_user(user)
flash('Congratulations! You have successfully logged in.')
if 'redirectToCollectionExplorer' in session:
session.pop('redirectToCollectionExplorer')
return redirect(url_for('collection_explorer'))
else:
return redirect(url_for('game_explorer'))
return render_template('login.html', error=error)
def su_get_user(credentials):
conn = httplib2.Http()
credentials.authorize(conn)
resp, content = conn.request('http://www.southural.ru/oauth2/UserInfo',
'POST')
if resp.status != 200:
logging.error("Error getting user profile from su api: %d",
resp.status)
logging.error(content)
return None
data = json.loads(content)
if 'error' in data:
logging.error("Error getting user data from su")
logging.error(data['error'])
return None
user = g.users_dao.get(data['sub'], AUTH_SRC_SU)
if user is not None:
return user, False
user = UserMixin()
user.oauth_id = data['sub']
user.name = data['name']
user.src = AUTH_SRC_SU
user.location = data.get('city', None)
user.image_id = None
user.preview_id = None
user.id = g.users_dao.create(user)
return user, True
def login():
pop_game_explorer_query()
error = None
if request.method == 'POST':
if DEBUG:
print("LOGGING IN with username=%(username)s, "
"password=%(password)s" % request.form)
cursor = g.db.cursor()
database.execSqlWithParams(cursor, database.sqlSelectUser, request.form)
userInfo = cursor.fetchone()
cursor.close()
if userInfo == None:
error = 'Invalid username or password'
else:
uuid, username, password, email = userInfo
user = User()
user.id = uuid
user.username = username
user.password = password
user.email = email
login_user(user)
flash('Congratulations! You have successfully logged in.')
if 'redirectToCollectionExplorer' in session:
session.pop('redirectToCollectionExplorer')
return redirect(url_for('collection_explorer'))
else:
return redirect(url_for('game_explorer'))
return render_template('login.html', error=error)
def climbers(self, summit_id):
climbers = []
sql = """SELECT
year,
month,
day,
comment,
users.id,
users.name,
users.preview_id
FROM users LEFT JOIN climbs ON climbs.user_id=users.id
LEFT JOIN summits ON climbs.summit_id=summits.id
WHERE climbs.summit_id=%s
ORDER BY year, month, day;"""
with self.get_cursor() as cur:
cur.execute(sql, (summit_id,))
for row in cur:
u = UserMixin()
u.id = row["id"]
u.name = row["name"]
u.preview_id = row["preview_id"]
if row["year"] is not None:
date = InexactDate(row["year"], row["month"], row["day"])
else:
date = None
climbers.append({"user": u, "date": date, "comment": row["comment"]})
return climbers
def load_user(userid):
if userid == "superuser":
user = UserMixin()
user.id = "superuser"
return user
else:
return None
def load_user(userid): if userid == "superuser": user = UserMixin() user.id = "superuser" return user else: return None
def vk_get_user(credentials):
user = g.users_dao.get(unicode(credentials.token_response['user_id']),
AUTH_SRC_VK)
if user is not None:
return user, False
conn = httplib2.Http()
credentials.authorize(conn)
params = {
'v': '5.37',
'lang': 'ru',
'user_ids': credentials.token_response['user_id'],
'fields': 'photo_50, photo_200_orig, city'}
resp, content = conn.request('https://api.vk.com/method/users.get',
'POST',
urllib.urlencode(params))
if resp.status != 200:
logging.error("Error getting user profile from vk api: %d",
resp.status)
logging.error(content)
return None
data = json.loads(content)['response'][0]
if 'error' in data:
logging.error("Error getting profile data")
logging.error(data['error'])
return None
user = UserMixin()
user.oauth_id = unicode(credentials.token_response['user_id'])
user.name = u"{} {}".format(
data.get('first_name', ''),
data.get('last_name', ''))
user.src = AUTH_SRC_VK
if 'city' in data:
user.location = data['city']['title']
else:
user.location = None
fd = urllib.urlopen(data['photo_200_orig'])
if fd.getcode() == 200:
user.image_id = g.images_dao.create(fd.read(), fd.info().gettype())
else:
user.image_id = None
fd = urllib.urlopen(data['photo_50'])
if fd.getcode() == 200:
user.preview_id = g.images_dao.create(fd.read(), fd.info().gettype())
else:
user.preview_id = None
user.id = g.users_dao.create(user)
return user, True
def load_user(uuid):
cursor = g.db.cursor()
user_query = ("SELECT u.uuid, u.username, u.password, u.email "
"FROM Users u "
"WHERE u.uuid = %(uuid)s")
params = dict(uuid=uuid)
database.execSqlWithParams(cursor, user_query, params)
row = cursor.fetchone()
cursor.close()
if not row: return None
user = User()
user.id = row[0]
user.username = row[1]
user.password = row[2]
user.email = row[3]
return user
def top(self):
users = []
sql = """SELECT users.id, users.name, users.preview_id, COUNT(climbs.*) AS climbs
FROM users LEFT JOIN climbs ON users.id=climbs.user_id
GROUP BY users.id, users.name, users.preview_id
ORDER BY climbs DESC
"""
with self.get_cursor() as cur:
cur.execute(sql)
for row in cur:
u = UserMixin()
u.id = row["id"]
u.name = row["name"]
u.preview_id = row["preview_id"]
u.climbs = row["climbs"]
users.append(u)
return users
def load_user(uuid):
cursor = g.db.cursor()
user_query = (
"SELECT u.uuid, u.username, u.password, u.email "
"FROM Users u "
"WHERE u.uuid = %(uuid)s"
)
params = dict(uuid=uuid)
database.execSqlWithParams(cursor,user_query,params)
row = cursor.fetchone()
cursor.close()
if not row: return None
user = User()
user.id = row[0]
user.username = row[1]
user.password = row[2]
user.email = row[3]
return user
def login_user(token):
um = UserMixin()
um.id = token
login.login_user(um)
return um
def load_user(userid):
if userid == u'adr':
user = UserMixin()
user.id = userid
return user
return None
def load_user(user_id):
# Since they aren't stored in the DB, just assume the user really exists.
user = UserMixin()
user.id = user_id
return user
def load_user(userid):
if userid == u'adr':
user = UserMixin()
user.id = userid
return user
return None
