def get_api_key(self): if Config.is_testing: # We can't use the datastore. return "testapikey" elif Config.is_dev: return keymaster.get("spreedly:hackerdojotest") else: return keymaster.get("spreedly:hackerdojo")
def __init__(self): try: self.is_dev = os.environ['SERVER_SOFTWARE'].startswith('Dev') except: self.is_dev = False self.is_prod = not self.is_dev if self.is_dev: self.SPREEDLY_ACCOUNT = 'hackerdojotest' self.SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojotest') self.PLAN_IDS = {'full': '1957'} else: self.SPREEDLY_ACCOUNT = 'hackerdojo' self.SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojo') self.PLAN_IDS = {'full': '1987', 'hardship': '2537', 'supporter': '1988', 'family': '3659', 'worktrade': '6608', 'comped': '15451', 'threecomp': '18158', 'yearly':'18552', 'fiveyear': '18853', 'thielcomp': '19616'}
def post(self): def fail(what, details): mail.send_mail(sender=EMAIL_FROM, to="Internal Dev <*****@*****.**>", subject="[hd-signup] CreateUserTask failure", body=details) def retry(countdown=None): retries = int(self.request.get('retries', 0)) + 1 if retries <= 5: taskqueue.add(url='/tasks/create_user', method='POST', countdown=countdown, params={'hash': self.request.get('hash'), 'retries': retries}) else: fail("Too many retries") membership = Membership.get_by_hash(self.request.get('hash')) if membership is None or membership.username: return if not membership.spreedly_token: return retry(300) try: username, password = memcache.get(hashlib.sha1(membership.hash+SPREEDLY_APIKEY).hexdigest()).split(':') except (AttributeError, ValueError): return fail("Account information expired") try: resp = urlfetch.fetch('http://domain.hackerdojo.com/users', method='POST', payload=urllib.urlencode({ 'username': username, 'password': password, 'first_name': membership.first_name, 'last_name': membership.last_name, 'secret': keymaster.get('*****@*****.**'), }), deadline=10) except urlfetch.DownloadError, e: return retry()
def get(self): units = {"AC1":"EDD9A758", "AC2":"B65D8121", "AC3":"0BA20EDC", "AC5":"47718E38"} modes = ["Off","Heat","Cool"] master = units["AC3"] key = keymaster.get('thermkey') url = "https://api.bayweb.com/v2/?id="+master+"&key="+key+"&action=data" result = urlfetch.fetch(url) if result.status_code == 200: thdata = json.loads(result.content) inside_air_temp = thdata['iat'] mode = thdata['mode'] if inside_air_temp <= 66 and modes[mode] == "Cool": for thermostat in units: url = "https://api.bayweb.com/v2/?id="+units[thermostat]+"&key="+key+"&action=set&heat_sp=69&mode="+str(modes.index("Heat")) result = urlfetch.fetch(url) notify_hvac_change(inside_air_temp,"Heat") if inside_air_temp >= 75 and modes[mode] == "Heat": for thermostat in units: url = "https://api.bayweb.com/v2/?id="+units[thermostat]+"&key="+key+"&action=set&cool_sp=71&mode="+str(modes.index("Cool")) result = urlfetch.fetch(url) notify_hvac_change(inside_air_temp,"Cold") self.response.out.write("200 OK") else: notify_hvac_change(result.status_code,"ERROR connecting to BayWeb API") self.response.out.write("500 Internal Server Error")
def post(self, hash): username = self.request.get('username') password = self.request.get('password') if password != self.request.get('password_confirm'): self.redirect(self.request.path + "?message=Passwords don't match") elif len(password) < 6: self.redirect(self.request.path + "?message=Password must be 6 characters or longer") else: m = Membership.all().filter('hash =', hash).get() if m and m.spreedly_token: try: resp = urlfetch.fetch('http://domain.hackerdojo.com/users', method='POST', payload=urllib.urlencode({ 'username': username, 'password': password, 'first_name': m.first_name, 'last_name': m.last_name, 'secret': keymaster.get('*****@*****.**'), }), deadline=10) out = resp.content except urlfetch.DownloadError, e: out = str(e) usernames = fetch_usernames(False) if username in usernames: m.username = username m.put() self.redirect('/success/%s?email' % hash) else: mail.send_mail(sender=EMAIL_FROM, to="Jeff Lindsay <*****@*****.**>", subject="Error creating account for %s" % username, body=out if m.spreedly_token else "Attempt to make user without paying: " + self.request.remote_addr) self.redirect(self.request.path + "?message=There was a problem creating your account. Please contact an admin.")
def get(self, hash): m = Membership.all().filter('hash =', hash).get() if m.username: self.redirect('/success/%s' % hash) else: s = spreedly.Spreedly(SPREEDLY_ACCOUNT, token=SPREEDLY_APIKEY) valid_acct = False try: subscriber = s.subscriber_details(sub_id=int(m.key().id())) valid_acct = subscriber['active'] == 'true' except spreedly.SpreedlyResponseError: pass if valid_acct: user = users.get_current_user() if user: m.username = user.nickname().split('@')[0] m.put() self.redirect(users.create_logout_url('/success/%s' % hash)) else: if not keymaster.get('api-secret'): keymaster.request('api-secret') message = self.request.get('message') p = re.compile(r'[^\w]') username = '******'.join([p.sub('', m.first_name), p.sub('', m.last_name)]).lower() if username in fetch_usernames(): username = m.email.split('@')[0] if self.request.get('u'): pick_username = True login_url = users.create_login_url(self.request.path) self.response.out.write(template.render('templates/account.html', locals())) else: self.redirect("/")
def restore(username): conf = Config() if conf.is_testing: # Don't do this if we're testing. return resp = urlfetch.fetch("http://%s/restore/%s" % \ (conf.DOMAIN_HOST, username), method="POST", deadline=10, payload=urllib.urlencode({"secret": keymaster.get("api")}), follow_redirects=False) if resp.status_code != 200: # The domain app will handle retrying for us, so we don't block the queue. logging.error("User restoration failed with status %d." % \ (resp.status_code)) # Alert the events app that the user's status has changed. query = {"username": username, "status": "active"} response = urlfetch.fetch("http://%s/api/v1/status_change" % \ (conf.EVENTS_HOST), method="POST", payload=urllib.urlencode(query), follow_redirects=False) if response.status_code != 200: logging.warning("Notifying events app failed.")
def post(self): def fail(what, details): mail.send_mail(sender=EMAIL_FROM, to=INTERNAL_DEV_EMAIL, subject="[%s] CreateUserTask failure" % APP_NAME, body=details) def retry(countdown=None): retries = int(self.request.get('retries', 0)) + 1 if retries <= 5: taskqueue.add(url='/tasks/create_user', method='POST', countdown=countdown, params={'hash': self.request.get('hash'), 'retries': retries}) else: fail("Too many retries") membership = Membership.get_by_hash(self.request.get('hash')) if membership is None or membership.username: return if not membership.spreedly_token: return retry(300) try: username, password = memcache.get(hashlib.sha1(membership.hash+SPREEDLY_APIKEY).hexdigest()).split(':') except (AttributeError, ValueError): return fail("Account information expired") try: resp = urlfetch.fetch('http://%s/users' % DOMAIN_HOST, method='POST', payload=urllib.urlencode({ 'username': username, 'password': password, 'first_name': membership.first_name, 'last_name': membership.last_name, 'secret': keymaster.get(DOMAIN_USER), }), deadline=10) except urlfetch.DownloadError, e: return retry()
def __init__(self, *args, **kwargs): super(BaseApp, self).__init__(*args, **kwargs) # If we're unit testing, use the same one every time for consistent results. if Config().is_testing: secret = "notasecret" else: # Check that we have a secret key for generating tokens. try: secret = keymaster.get("token_secret") except keymaster.KeymasterError: logging.warning("Found no token secret, generating one.") secret = security.generate_random_string(entropy=128) keymaster.Keymaster.encrypt("token_secret", secret) # Configure webapp2. my_config = { "webapp2_extras.auth": { "user_model": "membership.Membership", "user_attributes": ["first_name", "last_name", "email"] }, "webapp2_extras.sessions": { "secret_key": secret } } self.config = webapp2.Config(my_config)
def get(self): units = { "AC1": "EDD9A758", "AC2": "B65D8121", "AC3": "0BA20EDC", "AC5": "47718E38" } modes = ["Off", "Heat", "Cool"] master = units["AC3"] key = keymaster.get('thermkey') url = "https://api.bayweb.com/v2/?id=" + master + "&key=" + key + "&action=data" result = urlfetch.fetch(url) if result.status_code == 200: thdata = json.loads(result.content) inside_air_temp = thdata['iat'] mode = thdata['mode'] if inside_air_temp <= 66 and modes[mode] == "Cool": for thermostat in units: url = "https://api.bayweb.com/v2/?id=" + units[ thermostat] + "&key=" + key + "&action=set&heat_sp=69&mode=" + str( modes.index("Heat")) result = urlfetch.fetch(url) notify_hvac_change(inside_air_temp, "Heat") if inside_air_temp >= 75 and modes[mode] == "Heat": for thermostat in units: url = "https://api.bayweb.com/v2/?id=" + units[ thermostat] + "&key=" + key + "&action=set&cool_sp=71&mode=" + str( modes.index("Cool")) result = urlfetch.fetch(url) notify_hvac_change(inside_air_temp, "Cold") self.response.out.write("200 OK") else: notify_hvac_change(result.status_code, "ERROR connecting to BayWeb API") self.response.out.write("500 Internal Server Error")
def __init__(self, name, price_per_month, description, human_name=None, aliases=[], signin_limit=None, member_limit=None, legacy=None, selectable=True, full=False, admin_only=False, desk=False, create_events=True): """ The name of the plan in PinPayments. """ self.name = name """ The user-facing name of this plan. """ if human_name: self.human_name = human_name else: self.human_name = self.name.capitalize() """ The ID of the plan in PinPayments. """ if not Config().is_testing: self.plan_id = str(keymaster.get("plan.%s" % (self.name, ))) else: # Just use the name as the ID for testing. self.plan_id = self.name logging.debug("Using plan_id for %s: %s" % (self.name, self.plan_id)) """ A description of the plan. """ self.description = description """ Any other names that this plan could be referred to by. """ self.aliases = aliases """ None if this is not a legacy plan, otherwise the non-legacy version of the plan. """ self.legacy = legacy if self.legacy: self.legacy_pairs.add((self, self.legacy)) """ Whether only an admin can put people on this plan. """ self.admin_only = True if self.legacy else admin_only """ Whether this plan is available for general selection. """ self.selectable = False if (self.legacy or self.admin_only) else selectable """ Whether this plan is currently full. """ self.full = full """ Whether a user on this plan can create new events. """ self.create_events = create_events """ The monthly price of this plan. """ self.price_per_month = price_per_month """ Whether this plan comes with a private desk. """ self.desk = desk """ Maximum number of times these people can sign in per month. """ self.signin_limit = signin_limit """ Maximum number of people that can be on this plan at once. """ self.member_limit = member_limit Plan.all_plans.append(self)
def post(self): def fail(exception): logging.error("CreateUserTask failed: %s" % exception) mail.send_mail( sender=EMAIL_FROM, to=INTERNAL_DEV_EMAIL, subject="[%s] CreateUserTask failure" % APP_NAME, body=str(exception), ) def retry(countdown=None): retries = int(self.request.get("retries", 0)) + 1 if retries <= 5: taskqueue.add( url="/tasks/create_user", method="POST", countdown=countdown, params={"hash": self.request.get("hash"), "retries": retries}, ) else: fail(Exception("Too many retries for %s" % self.request.get("hash"))) membership = Membership.get_by_hash(self.request.get("hash")) if membership is None or membership.username: return if not membership.spreedly_token: logging.warn("CreateUserTask: No spreedly token yet, retrying") return retry(300) try: username, password = memcache.get(hashlib.sha1(membership.hash + SPREEDLY_APIKEY).hexdigest()).split(":") except (AttributeError, ValueError): return fail(Exception("Account information expired for %s" % membership.email)) try: logging.info("CreateUserTask: About to create user " + username) resp = urlfetch.fetch( "http://%s/users" % DOMAIN_HOST, method="POST", payload=urllib.urlencode( { "username": username, "password": password, "first_name": membership.first_name, "last_name": membership.last_name, "secret": keymaster.get(DOMAIN_USER), } ), deadline=10, ) membership.username = username membership.put() logging.warn("CreateUserTask: I think that worked: " + resp.content) except urlfetch.DownloadError, e: logging.warn("CreateUserTask: API response error or timeout, retrying") return retry()
def get(self): self.response.headers['Content-type'] = "text/csv; charset=utf-8" self.response.headers['Content-disposition'] = "attachment;filename=HackerDojoMembers.csv" if keymaster.get('csvkey') == self.request.get('csvkey'): users = Membership.all().filter('status =', 'active').filter('username !=', '').fetch(10000) for u in users: twitter = '' if u.twitter: twitter = u.twitter self.response.out.write(u.first_name+","+u.last_name+","+u.username+"@hackerdojo.com,"+twitter+"\r\n")
def get(self): self.response.headers["Content-type"] = "text/csv; charset=utf-8" self.response.headers["Content-disposition"] = "attachment;filename=HackerDojoMembers.csv" if keymaster.get("csvkey") == self.request.get("csvkey"): users = Membership.all().filter("status =", "active").filter("username !=", "").fetch(10000) for u in users: twitter = "" if u.twitter: twitter = u.twitter self.response.out.write( u.first_name + "," + u.last_name + "," + u.username + "@hackerdojo.com," + twitter + "\r\n" )
def get(self): if self.request.get("maglock:key") != keymaster.get("maglock:key"): self.response.out.write("Access denied") else: rfid_tag = self.request.get("rfid_tag") if rfid_tag: m = Membership.all().filter("rfid_tag ==", rfid_tag).get() if m: username = m.username if "active" in m.status: success = True else: success = False subject = "Reactivate your RFID key now - renew your Hacker Dojo Subscription!" body = """ Hi %s, It looks like you just tried using your RFID key to open the doors to Hacker Dojo. One teeny tiny issue, it looks like your membership has lapsed! This can happen by mistake sometimes, so no worries at all. The good news is you can reactivate your membership with only a few clicks: %s With warmest regards, The Lobby Door """ % ( m.first_name, m.subscribe_url(), ) deferred.defer( mail.send_mail, sender="Maglock <*****@*****.**>", to=m.email, subject=subject, body=body, _queue="emailthrottle", ) else: username = "******" + rfid_tag + ")" success = False rs = RFIDSwipe(username=username, rfid_tag=rfid_tag, success=success) rs.put() if "mark.hutsell" in username or "some.other.evilguy" in username: deferred.defer( mail.send_mail, sender="Maglock <*****@*****.**>", to="Emergency Paging System <*****@*****.**>", subject="RFID Entry: " + username, body="Lobby entry", _queue="emailthrottle", ) urlfetch.fetch("http://www.dustball.com/call/call.php?str=RFID+Entry+" + username) self.response.out.write("OK")
def post(self): def fail(exception): logging.error("CreateUserTask failed: %s" % exception) mail.send_mail(sender=EMAIL_FROM, to=INTERNAL_DEV_EMAIL, subject="[%s] CreateUserTask failure" % APP_NAME, body=str(exception)) def retry(countdown=3): retries = int(self.request.get('retries', 0)) + 1 if retries <= 5: taskqueue.add(url='/tasks/create_user', method='POST', countdown=countdown, params={'hash': self.request.get('hash'), 'retries': retries}) else: fail(Exception("Too many retries for %s" % self.request.get('hash'))) c = Config() user_hash = self.request.get('hash') membership = Membership.get_by_hash(user_hash) if membership is None or membership.username: return if not membership.spreedly_token: logging.warn("CreateUserTask: No spreedly token yet, retrying") return retry(300) try: username, password = memcache.get(hashlib.sha1(membership.hash+c.SPREEDLY_APIKEY).hexdigest()).split(':') except (AttributeError, ValueError): return fail(Exception("Account information expired for %s" % membership.email)) try: url = 'http://%s/users' % DOMAIN_HOST payload = urllib.urlencode({ 'username': username, 'password': password, 'first_name': membership.first_name, 'last_name': membership.last_name, 'secret': keymaster.get('api'), }) logging.info("CreateUserTask: About to create user: "******"CreateUserTask: URL: "+url) logging.info("CreateUserTask: Payload: "+payload) resp = urlfetch.fetch(url, method='POST', payload=payload, deadline=120) membership.username = username membership.put() logging.warn("CreateUserTask: I think that worked: HTTP "+str(resp.status_code)) # Send the welcome email. SuccessHandler.send_email(membership) except urlfetch.DownloadError, e: logging.warn("CreateUserTask: API response error or timeout, retrying") return retry()
def post(self, hash): username = self.request.get('username') password = self.request.get('password') if password != self.request.get('password_confirm'): self.redirect(self.request.path + "?message=Passwords don't match") elif len(password) < 6: self.redirect(self.request.path + "?message=Password must be 6 characters or longer") else: if not keymaster.get('api-secret'): self.redirect(self.request.path + "?message=There was a caching error, please try again.") else: m = Membership.all().filter('hash =', hash).get() try: resp = urlfetch.fetch('http://hackerdojo-domain.appspot.com/users', method='POST', payload=urllib.urlencode({ 'username': username, 'password': password, 'first_name': m.first_name, 'last_name': m.last_name, 'secret': keymaster.get('api-secret'), }), deadline=10) if 'try again' in resp.content: self.redirect(self.request.path + "?message=There was a caching error, please try again.") return except urlfetch.DownloadError: pass usernames = fetch_usernames(False) if username in usernames: m.username = username m.put() self.redirect('/success/%s?email' % hash) else: mail.send_mail(sender=EMAIL_FROM, to="Jeff Lindsay <*****@*****.**>", subject="Error creating account", body=resp.content) self.redirect(self.request.path + "?message=There was a problem creating your account. Please contact an admin.")
def __init__(self, name, price_per_month, description, human_name=None, aliases=[], signin_limit=None, member_limit=None, legacy=None, selectable=True, full=False, admin_only=False, desk=False, create_events=True): """ The name of the plan in PinPayments. """ self.name = name """ The user-facing name of this plan. """ if human_name: self.human_name = human_name else: self.human_name = self.name.capitalize() """ The ID of the plan in PinPayments. """ if not Config().is_testing: self.plan_id = str(keymaster.get("plan.%s" % (self.name,))) else: # Just use the name as the ID for testing. self.plan_id = self.name logging.debug("Using plan_id for %s: %s" % (self.name, self.plan_id)) """ A description of the plan. """ self.description = description """ Any other names that this plan could be referred to by. """ self.aliases = aliases """ None if this is not a legacy plan, otherwise the non-legacy version of the plan. """ self.legacy = legacy if self.legacy: self.legacy_pairs.add((self, self.legacy)) """ Whether only an admin can put people on this plan. """ self.admin_only = True if self.legacy else admin_only """ Whether this plan is available for general selection. """ self.selectable = False if (self.legacy or self.admin_only) else selectable """ Whether this plan is currently full. """ self.full = full """ Whether a user on this plan can create new events. """ self.create_events = create_events """ The monthly price of this plan. """ self.price_per_month = price_per_month """ Whether this plan comes with a private desk. """ self.desk = desk """ Maximum number of times these people can sign in per month. """ self.signin_limit = signin_limit """ Maximum number of people that can be on this plan at once. """ self.member_limit = member_limit Plan.all_plans.append(self)
def get(self, key): logging.debug("Getting list of users for maglock.") # The maglock is requesting a list of users. if key != keymaster.get("maglock:key"): self._rest_error("Unauthorized", "Invalid maglock key.", 401) return # Our key is valid. Give it the list. query = db.GqlQuery("SELECT * FROM Membership WHERE rfid_tag != NULL" \ " AND status IN ('active', 'no_visits')") response = [] for member in query.run(): response.append({"rfid_tag": member.rfid_tag, "username": member.username}) self.response.out.write(json.dumps(response))
def restore(username): conf = Config() def fail(exception): mail.send_mail(sender=conf.EMAIL_FROM, to=conf.INTERNAL_DEV_EMAIL, subject="[%s] User restore failure: " % (conf.APP_NAME, username), body=str(exception)) logging.error("User restore failure: %s" % (exception)) try: resp = urlfetch.fetch("http://%s/restore/%s" % \ (conf.DOMAIN_HOST, username), method="POST", deadline=10, payload=urllib.urlencode({"secret": keymaster.get("api")}), follow_redirects=False) except Exception, e: return fail(e)
def post(self): def fail(what, details): mail.send_mail( sender=EMAIL_FROM, to=INTERNAL_DEV_EMAIL, subject="[%s] CreateUserTask failure" % APP_NAME, body=details ) def retry(countdown=None): retries = int(self.request.get("retries", 0)) + 1 if retries <= 5: taskqueue.add( url="/tasks/create_user", method="POST", countdown=countdown, params={"hash": self.request.get("hash"), "retries": retries}, ) else: fail("Too many retries") membership = Membership.get_by_hash(self.request.get("hash")) if membership is None or membership.username: return if not membership.spreedly_token: return retry(300) try: username, password = memcache.get(hashlib.sha1(membership.hash + SPREEDLY_APIKEY).hexdigest()).split(":") except (AttributeError, ValueError): return fail("Account information expired") try: resp = urlfetch.fetch( "http://%s/users" % DOMAIN_HOST, method="POST", payload=urllib.urlencode( { "username": username, "password": password, "first_name": membership.first_name, "last_name": membership.last_name, "secret": keymaster.get(DOMAIN_USER), } ), deadline=10, ) except urlfetch.DownloadError, e: return retry()
def get(self): if self.request.get('id'): m = Membership.all().filter('rfid_tag ==', self.request.get('id')).filter('status =', 'active').get() if self.request.get('callback'): # jsonp callback support self.response.out.write(self.request.get('callback')+"("); if m: email = '%s@%s' % (m.username, APPS_DOMAIN) gravatar_url = "http://www.gravatar.com/avatar/" + hashlib.md5(email.lower()).hexdigest() self.response.out.write(simplejson.dumps({"gravatar": gravatar_url,"auto_signin":m.auto_signin, "status" : m.status, "name" : m.first_name + " " + m.last_name, "rfid_tag" : m.rfid_tag, "username" : m.username })) else: self.response.out.write(simplejson.dumps({})) if self.request.get('callback'): self.response.out.write(")"); else: if self.request.get('maglock:key') == keymaster.get('maglock:key'): self.response.out.write(simplejson.dumps([ {"rfid_tag" : m.rfid_tag, "username" : m.username } for m in Membership.all().filter('rfid_tag !=', None).filter('status =', 'active')])) else: self.response.out.write("Access denied")
def get(self): if self.request.get('id'): m = Membership.all().filter('rfid_tag ==', self.request.get('id')).filter('status =', 'active').get() if self.request.get('callback'): # jsonp callback support self.response.out.write(self.request.get('callback')+"("); if m: email = m.username + "@hackerdojo.com" gravatar_url = "http://www.gravatar.com/avatar/" + hashlib.md5(email.lower()).hexdigest() self.response.out.write(simplejson.dumps({"gravatar": gravatar_url,"status" : m.status, "name" : m.first_name + " " + m.last_name, "rfid_tag" : m.rfid_tag, "username" : m.username })) else: self.response.out.write(simplejson.dumps({})) if self.request.get('callback'): self.response.out.write(")"); else: if self.request.get('maglock:key') == keymaster.get('maglock:key'): self.response.out.write(simplejson.dumps([ {"rfid_tag" : m.rfid_tag, "username" : m.username } for m in Membership.all().filter('rfid_tag !=', None).filter('status =', 'active')])) else: self.response.out.write("Access denied")
def restore(self, username): def fail(exception): mail.send_mail( sender=EMAIL_FROM, to=INTERNAL_DEV_EMAIL, subject="[%s] User restore failure: " % (APP_NAME, username), body=str(exception), ) logging.error("User restore failure: " + str(exception)) try: resp = urlfetch.fetch( "http://%s/restore/%s" % (DOMAIN_HOST, username), method="POST", deadline=10, payload=urllib.urlencode({"secret": keymaster.get(DOMAIN_USER)}), ) except Exception, e: return fail(e)
def get(self, key): logging.debug("Getting list of users for maglock.") # The maglock is requesting a list of users. if key != keymaster.get("maglock:key"): self._rest_error("Unauthorized", "Invalid maglock key.", 401) return # Our key is valid. Give it the list. query = db.GqlQuery("SELECT * FROM Membership WHERE rfid_tag != NULL" \ " AND status IN ('active', 'no_visits')") response = [] for member in query.run(): response.append({ "rfid_tag": member.rfid_tag, "username": member.username }) self.response.out.write(json.dumps(response))
def get(self): if self.request.get("id"): m = Membership.all().filter("rfid_tag ==", self.request.get("id")).filter("status =", "active").get() if self.request.get("callback"): # jsonp callback support self.response.out.write(self.request.get("callback") + "(") if m: email = "%s@%s" % (m.username, APPS_DOMAIN) gravatar_url = "http://www.gravatar.com/avatar/" + hashlib.md5(email.lower()).hexdigest() self.response.out.write( simplejson.dumps( { "gravatar": gravatar_url, "auto_signin": m.auto_signin, "status": m.status, "name": m.first_name + " " + m.last_name, "rfid_tag": m.rfid_tag, "username": m.username, } ) ) else: self.response.out.write(simplejson.dumps({})) if self.request.get("callback"): self.response.out.write(")") else: if self.request.get("maglock:key") == keymaster.get("maglock:key"): if self.request.get("machine"): members = ( Membership.all() .filter("rfid_tag !=", None) .filter("status =", "active") .filter("extra_" + self.request.get("machine") + " =", "True") ) else: members = Membership.all().filter("rfid_tag !=", None).filter("status =", "active") self.response.out.write( simplejson.dumps([{"rfid_tag": m.rfid_tag, "username": m.username} for m in members]) ) else: self.response.out.write("Access denied")
def get(self): if self.request.get('id'): m = Membership.all().filter('rfid_tag ==', self.request.get('id')).filter('status =', 'active').get() if self.request.get('callback'): # jsonp callback support self.response.out.write(self.request.get('callback')+"("); if m: email = '%s@%s' % (m.username, APPS_DOMAIN) gravatar_url = "http://www.gravatar.com/avatar/" + hashlib.md5(email.lower()).hexdigest() self.response.out.write(json.dumps({"gravatar": gravatar_url,"auto_signin":m.auto_signin, "status" : m.status, "name" : m.first_name + " " + m.last_name, "rfid_tag" : m.rfid_tag, "username" : m.username })) else: self.response.out.write(json.dumps({})) if self.request.get('callback'): self.response.out.write(")"); else: if self.request.get('maglock:key') == keymaster.get('maglock:key'): if self.request.get('machine'): members = Membership.all().filter('rfid_tag !=', None).filter('status =', 'active').filter("extra_"+self.request.get('machine')+' =',"True") else: members = Membership.all().filter('rfid_tag !=', None).filter('status =', 'active') self.response.out.write(json.dumps([ {"rfid_tag" : m.rfid_tag, "username" : m.username } for m in members])) else: self.response.out.write("Access denied")
def post(self): def fail(exception): logging.error("CreateUserTask failed: %s" % exception) mail.send_mail(sender=EMAIL_FROM, to=INTERNAL_DEV_EMAIL, subject="[%s] CreateUserTask failure" % APP_NAME, body=str(exception)) def retry(countdown=None): retries = int(self.request.get('retries', 0)) + 1 if retries <= 5: taskqueue.add(url='/tasks/create_user', method='POST', countdown=countdown, params={'hash': self.request.get('hash'), 'retries': retries}) else: fail(Exception("Too many retries for %s" % self.request.get('hash'))) membership = Membership.get_by_hash(self.request.get('hash')) if membership is None or membership.username: return if not membership.spreedly_token: logging.warn("CreateUserTask: No spreedly token yet, retrying") return retry(300) try: username, password = memcache.get(hashlib.sha1(membership.hash+SPREEDLY_APIKEY).hexdigest()).split(':') except (AttributeError, ValueError): return fail(Exception("Account information expired for %s" % membership.email)) try: resp = urlfetch.fetch('http://%s/users' % DOMAIN_HOST, method='POST', payload=urllib.urlencode({ 'username': username, 'password': password, 'first_name': membership.first_name, 'last_name': membership.last_name, 'secret': keymaster.get(DOMAIN_USER), }), deadline=10) except urlfetch.DownloadError, e: logging.warn("CreateUserTask: API response error or timeout, retrying") return retry()
def __init__(self): try: # Check if we are running on the local dev server. Config.is_dev = os.environ["SERVER_SOFTWARE"].startswith("Dev") except KeyError: pass try: self.APP_NAME = app_identity.get_application_id() except AttributeError: # We're calling code outside of GAE, so we must be testing. self.APP_NAME = "testbed-test" if self.APP_NAME == "testbed-test": Config.is_testing = True if not Config.is_dev: # Check if we are running on the dev application. Config.is_dev = "-dev" in self.APP_NAME Config.is_prod = not (Config.is_dev or Config.is_testing) self.ORG_NAME = "Hacker Dojo" self.EMAIL_FROM = "Dojo Signup <no-reply@%s.appspotmail.com>" % \ self.APP_NAME self.EMAIL_FROM_AYST = "Billing System <*****@*****.**>" self.DAYS_FOR_KEY = 0 self.INTERNAL_DEV_EMAIL = "Internal Dev <*****@*****.**>" self.DOMAIN_HOST = "hd-domain-hrd.appspot.com" self.DOMAIN_USER = "******" self.SUCCESS_HTML_URL = \ "http://hackerdojo.pbworks.com/api_v2/op/GetPage/page/\ SubscriptionSuccess/_type/html" self.PAYPAL_EMAIL = "PayPal <*****@*****.**>" self.APPS_DOMAIN = "hackerdojo.com" self.SIGNUP_HELP_EMAIL = "*****@*****.**" self.TREASURER_EMAIL = "*****@*****.**" self.GOOGLE_ANALYTICS_ID = "UA-11332872-2" # How many visits per month we allow on the lite membership. #TODO(danielp): Figure out the real number here. self.LITE_VISITS = 8 # How many people can have desks in the hive at any one time. self.HIVE_MAX_OCCUPANCY = 15 # How long someone can be suspended in days before we stop counting them # when calculating whether their plan is full or not. self.PLAN_USER_IGNORE_THRESHOLD = 30 if Config.is_testing: self.SPREEDLY_ACCOUNT = "hackerdojotest" # We can't use the datastore. self.SPREEDLY_APIKEY = "testapikey" logging.debug("Is testing.") elif Config.is_dev: self.SPREEDLY_ACCOUNT = "hackerdojotest" self.SPREEDLY_APIKEY = keymaster.get("spreedly:hackerdojotest") logging.debug("Is dev server.") else: self.SPREEDLY_ACCOUNT = "hackerdojo" self.SPREEDLY_APIKEY = keymaster.get("spreedly:hackerdojo") logging.debug("Is production server.")
def suspend(self, username): def fail(self, exception): mail.send_mail(sender=EMAIL_FROM, to=INTERNAL_DEV_EMAIL, subject="[%s] User suspension failure: " % (APP_NAME,username), body=str(exception)) logging.error("User suspension failure: "+str(exception)) try: resp = urlfetch.fetch('http://%s/suspend/%s' % (DOMAIN_HOST,username), method='POST', deadline=10, payload=urllib.urlencode({'secret': keymaster.get('api')})) except Exception, e: return fail(e)
def post(self, hash): username = self.request.get('username') password = self.request.get('password') c = Config() if password != self.request.get('password_confirm'): self.redirect(str(self.request.path + "?message=Passwords don't match")) elif len(password) < 8: self.redirect(str(self.request.path + "?message=Password must be 8 characters or longer")) else: membership = Membership.get_by_hash(hash) if membership.username: self.redirect(str(self.request.path + "?message=You already have a user account")) return # Yes, storing their username and password temporarily so we can make their account later memcache.set(str(hashlib.sha1(str(membership.hash)+c.SPREEDLY_APIKEY).hexdigest()), '%s:%s' % (username, password), time=3600) if membership.status == 'active': taskqueue.add(url='/tasks/create_user', method='POST', params={'hash': membership.hash}, countdown=3) self.redirect(str('http://%s/success/%s' % (self.request.host, membership.hash))) else: customer_id = membership.key().id() # This code is not weird... if "1337" in membership.referrer: if len(membership.referrer) !=16: error = "<p>Error: code must be 16 digits." error += "<p>Please contact "+ SIGNUP_HELP_EMAIL+" if you believe this message is in error and we can help!" error += "<p><a href='/'>Start again</a>" self.response.out.write(render('templates/error.html', locals())) return serial = membership.referrer[4:8] hash = membership.referrer[8:16] confirmation_hash = re.sub('[a-f]','',hashlib.sha1(serial+keymaster.get('code:hash')).hexdigest())[:8] if hash != confirmation_hash: error = "<p>Error: this code was invavlid: "+ membership.referrer error += "<p>Please contact "+ SIGNUP_HELP_EMAIL+" if you believe this message is in error and we can help!" error += "<p><a href='/'>Start again</a>" uc = UsedCode(code=membership.referrer,email=membership.email,extra="invalid code") uc.put() self.response.out.write(render('templates/error.html', locals())) return previous = UsedCode.all().filter('code =', membership.referrer).get() if previous: error = "<p>Error: this code has already been used: "+ membership.referrer error += "<p>Please contact "+ SIGNUP_HELP_EMAIL+" if you believe this message is in error and we can help!" error += "<p><a href='/'>Start again</a>" uc = UsedCode(code=membership.referrer,email=membership.email,extra="2nd+ attempt") uc.put() self.response.out.write(render('templates/error.html', locals())) return headers = {'Authorization': "Basic %s" % base64.b64encode('%s:X' % c.SPREEDLY_APIKEY), 'Content-Type':'application/xml'} # Create subscriber data = "<subscriber><customer-id>%s</customer-id><email>%s</email></subscriber>" % (customer_id, membership.email) resp = urlfetch.fetch("https://spreedly.com/api/v4/%s/subscribers.xml" % (c.SPREEDLY_ACCOUNT), method='POST', payload=data, headers = headers, deadline=5) # Credit data = "<credit><amount>95.00</amount></credit>" resp = urlfetch.fetch("https://spreedly.com/api/v4/%s/subscribers/%s/credits.xml" % (c.SPREEDLY_ACCOUNT, customer_id), method='POST', payload=data, headers=headers, deadline=5) uc = UsedCode(code=membership.referrer,email=membership.email,extra='OK') uc.put() query_str = urllib.urlencode({'first_name': membership.first_name, 'last_name': membership.last_name, 'email': membership.email, 'return_url': 'http://%s/success/%s' % (self.request.host, membership.hash)}) # check if they are active already since we didn't create a new member above # apparently the URL will be different self.redirect(str("https://spreedly.com/%s/subscribers/%s/subscribe/%s/%s?%s" % (c.SPREEDLY_ACCOUNT, customer_id, c.PLAN_IDS[membership.plan], username, query_str)))
DOMAIN_USER = '******' SUCCESS_HTML_URL = 'http://hackerdojo.pbworks.com/api_v2/op/GetPage/page/SubscriptionSuccess/_type/html' PAYPAL_EMAIL = 'PayPal <*****@*****.**>' APPS_DOMAIN = 'hackerdojo.com' SIGNUP_HELP_EMAIL = '*****@*****.**' TREASURER_EMAIL = '*****@*****.**' GOOGLE_ANALYTICS_ID = 'UA-11332872-2' try: is_dev = os.environ['SERVER_SOFTWARE'].startswith('Dev') except: is_dev = False if is_dev: SPREEDLY_ACCOUNT = 'hackerdojotest' SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojotest') PLAN_IDS = {'full': '1957'} else: SPREEDLY_ACCOUNT = 'hackerdojo' SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojo') PLAN_IDS = {'full': '1987', 'hardship': '2537', 'supporter': '1988', 'family': '3659', 'minor': '3660', 'full-check': '6479', 'hardship-check': '6480', 'worktrade': '6608' } is_prod = not is_dev def fetch_usernames(use_cache=True): usernames = memcache.get('usernames') if usernames and use_cache: return usernames else: resp = urlfetch.fetch('http://%s/users' % DOMAIN_HOST, deadline=10) if resp.status_code == 200:
def post(self, hash): username = self.request.get("username") password = self.request.get("password") plan = self.request.get("plan") plan_object = plans.Plan.get_by_name(plan) account_url = str("/account/%s" % hash) conf = Config() if password != self.request.get("password_confirm"): self.response.out.write(self.render("templates/account.html", locals(), message="Passwords do not match.")) self.response.set_status(422) return elif len(password) < 8: self.response.out.write( self.render("templates/account.html", locals(), message="Password must be at least 8 characters.") ) self.response.set_status(422) return membership = Membership.get_by_hash(hash) if membership.domain_user: logging.warning("Duplicate user '%s' should have been caught" " in first step." % (membership.username)) self.response.out.write( self.render("templates/account.html", locals(), message="You already have an account.") ) self.response.set_status(422) return # Start saving the parameters for new-style accounts now, so that these # people won't have to re-enter anything when we make the transition. membership.set_password(password) # Set a username and password in the datastore. membership.username = username membership.password = password membership.put() if membership.status in ("active", "no_visits"): taskqueue.add( url="/tasks/create_user", method="POST", params={"hash": membership.hash, "username": username, "password": password}, countdown=3, ) self.redirect(str("http://%s/success/%s" % (self.request.host, membership.hash))) return customer_id = membership.key().id() # All our giftcards start out with 1337. if membership.referrer and "1337" in membership.referrer: if len(membership.referrer) != 16: message = "<p>Error: code must be 16 digits." message += ( "<p>Please contact %s if you believe this \ message is in error and we can help!" % (conf.SIGNUP_HELP_EMAIL) ) message += '<p><a href="/">Start again</a>' internal = False self.response.out.write(self.render("templates/error.html", locals())) self.response.set_status(422) return # A unique number on all the giftcards. serial = membership.referrer[4:8] # How we know it's valid. hash = membership.referrer[8:16] confirmation_hash = re.sub("[a-f]", "", hashlib.sha1(serial + keymaster.get("code:hash")).hexdigest())[:8] if hash != confirmation_hash: message = "<p>Error: this code was invalid: %s" % (membership.referrer) message += ( "<p>Please contact %s if you believe this \ message is in error and we can help!" % (conf.SIGNUP_HELP_EMAIL) ) message += '<p><a href="/">Start again</a>' internal = False uc = UsedCode(code=membership.referrer, email=membership.email, extra="invalid code") uc.put() self.response.out.write(self.render("templates/error.html", locals())) self.response.set_status(422) return previous = UsedCode.all().filter("code =", membership.referrer).get() if previous: message = "<p>Error: this code has already been used: " + membership.referrer message += "<p>Please contact %s if you believe this" " message is in error and we can help!" % ( conf.SIGNUP_HELP_EMAIL ) message += '<p><a href="/">Start again</a>' internal = False uc = UsedCode(code=membership.referrer, email=membership.email, extra="2nd+ attempt") uc.put() self.response.out.write(self.render("templates/error.html", locals())) self.response.set_status(422) return # If we're testing, I don't want it doing random things on # pinpayments. if not Config().is_testing: headers = { "Authorization": "Basic %s" % base64.b64encode("%s:X" % conf.get_api_key()), "Content-Type": "application/xml", } # Create subscriber data = "<subscriber><customer-id>%s</customer-id><email>%s</email></subscriber>" % ( customer_id, membership.email, ) resp = urlfetch.fetch( "https://subs.pinpayments.com" "/api/v4/%s/subscribers.xml" % (conf.SPREEDLY_ACCOUNT), method="POST", payload=data, headers=headers, deadline=5, ) # Credit data = "<credit><amount>95.00</amount></credit>" resp = urlfetch.fetch( "https://subs.pinpayments.com/api/v4" "/%s/subscribers/%s/credits.xml" % (conf.SPREEDLY_ACCOUNT, customer_id), method="POST", payload=data, headers=headers, deadline=5, ) uc = UsedCode(code=membership.referrer, email=membership.email, extra="OK") uc.put() # Redirect them to the PinPayments page, where they actually pay. self.redirect(membership.new_subscribe_url(self.request.host, plan=plan))
DOMAIN_USER = "******" SUCCESS_HTML_URL = "http://hackerdojo.pbworks.com/api_v2/op/GetPage/page/SubscriptionSuccess/_type/html" PAYPAL_EMAIL = "PayPal <*****@*****.**>" APPS_DOMAIN = "hackerdojo.com" SIGNUP_HELP_EMAIL = "*****@*****.**" TREASURER_EMAIL = "*****@*****.**" GOOGLE_ANALYTICS_ID = "UA-11332872-2" try: is_dev = os.environ["SERVER_SOFTWARE"].startswith("Dev") except: is_dev = False if is_dev: SPREEDLY_ACCOUNT = "hackerdojotest" SPREEDLY_APIKEY = keymaster.get("spreedly:hackerdojotest") PLAN_IDS = {"full": "1957"} else: SPREEDLY_ACCOUNT = "hackerdojo" SPREEDLY_APIKEY = keymaster.get("spreedly:hackerdojo") PLAN_IDS = { "full": "1987", "hardship": "2537", "supporter": "1988", "family": "3659", "worktrade": "6608", "comped": "15451", "threecomp": "18158", "yearly": "18552", "fiveyear": "18853", "thielcomp": "19616",
import keymaster import base64 import sys APP_NAME = 'hd-signup' EMAIL_FROM = "Dojo Signup <no-reply@%s.appspotmail.com>" % APP_NAME DAYS_FOR_KEY = 60 try: is_dev = os.environ['SERVER_SOFTWARE'].startswith('Dev') except: is_dev = False if is_dev: SPREEDLY_ACCOUNT = 'hackerdojotest' SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojotest') PLAN_IDS = {'full': '1957'} else: SPREEDLY_ACCOUNT = 'hackerdojo' SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojo') PLAN_IDS = {'full': '1987', 'hardship': '2537', 'supporter': '1988', 'family': '3659', 'minor': '3660', 'full-check': '6479', 'hardship-check': '6480', 'worktrade': '6608' } is_prod = not is_dev def fetch_usernames(use_cache=True): usernames = memcache.get('usernames') if usernames and use_cache: return usernames else: resp = urlfetch.fetch('http://domain.hackerdojo.com/users', deadline=10) if resp.status_code == 200:
def post(self, hash): username = self.request.get("username") password = self.request.get("password") plan = self.request.get("plan") plan_object = plans.Plan.get_by_name(plan) account_url = str("/account/%s" % hash) conf = Config() if password != self.request.get("password_confirm"): self.response.out.write( self.render("templates/account.html", locals(), message="Passwords do not match.")) self.response.set_status(422) return elif len(password) < 8: self.response.out.write( self.render("templates/account.html", locals(), message="Password must be at least 8 characters.")) self.response.set_status(422) return membership = Membership.get_by_hash(hash) if membership.domain_user: logging.warning( "Duplicate user '%s' should have been caught" \ " in first step." % (membership.username)) self.response.out.write( self.render("templates/account.html", locals(), message="You already have an account.")) self.response.set_status(422) return # Start saving the parameters for new-style accounts now, so that these # people won't have to re-enter anything when we make the transition. membership.set_password(password) # Set a username and password in the datastore. membership.username = username membership.password = password membership.put() if membership.status in ("active", "no_visits"): taskqueue.add(url="/tasks/create_user", method="POST", params={ "hash": membership.hash, "username": username, "password": password }, countdown=3) self.redirect( str("http://%s/success/%s" % (self.request.host, membership.hash))) return customer_id = membership.key().id() # All our giftcards start out with 1337. if (membership.referrer and "1337" in membership.referrer): if len(membership.referrer) != 16: message = "<p>Error: code must be 16 digits." message += "<p>Please contact %s if you believe this \ message is in error and we can help!" % \ (conf.SIGNUP_HELP_EMAIL) message += "<p><a href=\"/\">Start again</a>" internal = False self.response.out.write( self.render("templates/error.html", locals())) self.response.set_status(422) return # A unique number on all the giftcards. serial = membership.referrer[4:8] # How we know it's valid. hash = membership.referrer[8:16] confirmation_hash = re.sub( "[a-f]", "", hashlib.sha1(serial + keymaster.get("code:hash")).hexdigest())[:8] if hash != confirmation_hash: message = "<p>Error: this code was invalid: %s" % \ (membership.referrer) message += "<p>Please contact %s if you believe this \ message is in error and we can help!" % \ (conf.SIGNUP_HELP_EMAIL) message += "<p><a href=\"/\">Start again</a>" internal = False uc = UsedCode(code=membership.referrer, email=membership.email, extra="invalid code") uc.put() self.response.out.write( self.render("templates/error.html", locals())) self.response.set_status(422) return previous = UsedCode.all().filter("code =", membership.referrer).get() if previous: message = "<p>Error: this code has already been used: " + membership.referrer message += "<p>Please contact %s if you believe this" \ " message is in error and we can help!" % \ (conf.SIGNUP_HELP_EMAIL) message += "<p><a href=\"/\">Start again</a>" internal = False uc = UsedCode(code=membership.referrer, email=membership.email, extra="2nd+ attempt") uc.put() self.response.out.write( self.render("templates/error.html", locals())) self.response.set_status(422) return # If we're testing, I don't want it doing random things on # pinpayments. if not Config().is_testing: headers = {"Authorization": "Basic %s" % \ base64.b64encode("%s:X" % conf.get_api_key()), "Content-Type":"application/xml"} # Create subscriber data = "<subscriber><customer-id>%s</customer-id><email>%s</email></subscriber>" % ( customer_id, membership.email) resp = \ urlfetch.fetch("https://subs.pinpayments.com" "/api/v4/%s/subscribers.xml" % \ (conf.SPREEDLY_ACCOUNT), method="POST", payload=data, headers = headers, deadline=5) # Credit data = "<credit><amount>95.00</amount></credit>" resp = \ urlfetch.fetch("https://subs.pinpayments.com/api/v4" "/%s/subscribers/%s/credits.xml" % \ (conf.SPREEDLY_ACCOUNT, customer_id), method="POST", payload=data, headers=headers, deadline=5) uc = UsedCode(code=membership.referrer, email=membership.email, extra="OK") uc.put() # Redirect them to the PinPayments page, where they actually pay. self.redirect( membership.new_subscribe_url(self.request.host, plan=plan))