def flask_exception_handler(ex):
"""
Handle exceptions that reach the top level of our Flask application and
return an appropriate error response.
:param ex: The exception caught at the top level.
:type ex: Exception
:rtype: flask.Response
"""
logger.critical("Exception: {}".format(ex))
error_type = 'UnknownError'
error_message = 'An unknown error occurred'
status_code = 400
if isinstance(ex, BaseApiException) or isinstance(ex, BaseInternalException):
error_type = ex.__class__.__name__.replace('Exception', '')
try:
status_code = ex.status_code
except:
status_code = 400
error_message = str(ex)
else:
logger.critical(ex)
return response.error(
errors={'type': error_type, 'message': error_message},
status_code=status_code
)
def import_lastfm_artists():
"""
Import artists from Last.FM
Arguments:
- username: last.FM username to import artists from
- period: ['7day', '1month', '3month', '6month', '12month', 'overall']
- (optional) limit: maximum 500, default 500
"""
user = g.user
import_processor = ImportProcessor()
username = request.json.get("username")
period = request.json.get("period")
limit = request.json.get("limit")
if username is None or period not in [
"7day",
"1month",
"3month",
"6month",
"12month",
"overall",
]:
return response.error("Username empty or period is incorrect.")
if limit is None or limit > 500:
limit = 500
result = import_processor.import_from_lastfm(user.id, username, limit, period)
return response.success({"artists_imported": result})
def route_weibo_index(request):
headers = {
'Content-Type': 'text/html',
}
# username = current_user(request)
# if username == '游客':
# # 没登录 不让看 重定向到 /
# return redirect('/login')
# else:
header = response_with_headers(headers)
user_id = request.query.get('user_id', -1)
user_id = int(user_id)
user = User.find(user_id)
if user is None:
return error(request)
# 找到 user 发布的所有 weibo
weibos = Weibo.find_all(user_id=user_id)
log('weibos', weibos)
def weibo_tag(weibo):
return '<p>{} from {}@{} <a href="/weibo/delete?id={}">删除</a></p>'.format(
weibo.content,
user.username,
weibo.created_time,
weibo.id,
)
weibos = '\n'.join([weibo_tag(w) for w in weibos])
body = template('weibo_index.html', weibos=weibos)
r = header + '\r\n' + body
return r.encode(encoding='utf-8')
def write_error(self, status_code, exc_info):
error_class = exc_info[0]
error_object = exc_info[1]
if issubclass(error_class, ApiException):
self.write_json(error_with(error_object.to_response()))
else:
self.write_json(error())
def post_delete_category(id):
# This is meant to be reached from AJAX request.
# We return a JSON response that will be used by
# The JS code making the request.
if not auth.is_user_admin():
return response.error('Unauthorized')
db_utils.delete_category(id)
return response.success()
def route_weibo_index(request):
headers = {
'Content-Type': 'text/html',
}
header = response_with_header(headers)
user_id = request.query.get('user_id', -1)
user_id = int(user_id)
user = User.find(user_id)
if user is None:
return error(request)
# 找到 user 发布的所有 weibo
weibos = Weibo.find_all(user_id=user.id)
# 任一 user 访问任一 index
current_username = current_user(request)
u = User.find_by(username=current_username)
if u is None:
return redirect('/login')
def weibo_tag(weibo):
comment_list = Comment.find_all(weibo_id=weibo.id)
comments = '<br>'.join([c.content for c in comment_list])
# format 函数的字典用法
# 注意 u.id 是 current_user
# user.username 是博主
w = {
'id': weibo.id,
'user_id': u.id,
'content': weibo.content,
'username': user.username,
'time': weibo.created_time,
'comments': comments,
}
# 手动处理 weibos 这个 list
# 把每个 weibo 以 <p> 的形式展现在页面
return """
<p>{content} from {username}@{time}
<a href="/weibo/delete?id={id}">删除</a>
<a href="/weibo/edit?id={id}">修改</a></p>
<button class="weibo-show-comment" data-id="{id}">评论</button>
<div>
{comments}
</div>
<div id="id-div-comment-{id}" class="weibo-comment-form weibo-hide">
<form action="/weibo/comment/add" method="post">
<input name="user_id" value="{user_id}" type="hidden">
<input name="weibo_id" value="{id}" type="hidden">
<textarea name="content"></textarea>
<button type="submit">添加评论</button>
</form>
</div>
</p>
""".format(**w)
# 用 join() 返回 str
weibos = '\n'.join([weibo_tag(w) for w in weibos])
body = template('weibo_index.html', weibos=weibos)
r = header + '\r\n' + body
return r.encode(encoding='utf-8')
def import_artists_endpoint():
"""
Import artists
Arguments:
- artists: [string]
- import_method: ['apple', 'spotify']
"""
import_processor = ImportProcessor()
artists = request.json.get("artists")
import_method = request.json.get("import_method")
if not artists or len(artists) == 0:
return response.error("Missing artists dictionary.")
if not import_method:
return response.error("Missing import_method")
saved_imports = import_processor.save_imports(g.user.id, artists, import_method)
return response.success({"artists_imported": saved_imports})
def import_artists_endpoint():
"""
Import artists
Arguments:
- artists: [string]
- import_method: ['apple', 'spotify']
"""
user = g.user
artists = request.json.get('artists')
import_method = request.json.get('import_method')
if not artists or len(artists) == 0:
return response.error("Missing artists dictionary.")
if not import_method:
return response.error("Missing import_method")
result = import_processing.import_artists(user, artists, import_method)
return response.success({'artists_imported': result})
def do_sign_in():
# This is meant to be reached from AJAX request.
# We return a JSON response that will be used by
# The JS code making the request.
if (request.form['signin_request_token'] !=
login_session['signin_request_token']):
return response.error('Invalid token.')
g_id_token = request.form['id_token']
try:
idinfo = id_token.verify_oauth2_token(g_id_token, requests.Request(),
CLIENT_ID)
if (idinfo['iss']
not in ['accounts.google.com', 'https://accounts.google.com']):
raise ValueError('Wrong issuer.')
if idinfo['aud'] != CLIENT_ID:
raise ValueError('Invalid client id.')
except ValueError:
return response.error('Could not sign in')
user_id = idinfo['sub']
stored_id_token = login_session.get('id_token')
stored_user_id = login_session.get('user_id')
user = db_utils.get_user(user_id)
if user is None:
# Add user to database if id does not exist.
db_utils.add_user(user_id, idinfo['email'], idinfo['name'])
if stored_id_token is not None and stored_user_id == user_id:
return response.success()
# Store the access token in the session for later use.
login_session['id_token'] = g_id_token
login_session['user_id'] = user_id
login_session['name'] = idinfo['name']
login_session['email'] = idinfo['email']
login_session['picture'] = idinfo['picture']
return response.success()
def new_user():
email = request.json.get("email")
password = request.json.get("password")
icloud = request.json.get("icloud")
if (email is None or password is None) and icloud is None:
return response.error("Proper account credentials were not provided.")
if icloud and repo.get_user_by_icloud(icloud):
return response.error("Registration failed.")
if email and repo.get_user_by_email(email):
return response.error("Registration failed.")
user = repo.insert_user(email, icloud, password)
if user:
aeon_app.logger.info("New user created: {}".format(user.id))
return response.success("New user created: {}".format(user.id))
else:
aeon_app.logger.error("New user failed to save.")
return response.error("An unknown error occurred when creating this account.")
def route_weibo_index(request):
headers = {
'Content-Type': 'text/html',
}
header = response_with_headers(headers)
user_id = request.query.get('user_id', -1)
user_id = int(user_id)
user = User.find(user_id)
if user is None:
return error(request)
# 找到 user 发布的所有 weibo
weibos = Weibo.find_all(user_id=user_id)
log('weibos', weibos)
current_username = current_user(request)
u = User.find_by(username=current_username)
if u is None:
return redirect('/login')
def weibo_tag(weibo):
comment_list = Comment.find_all(weibo_id=weibo.id)
comments = '<br>'.join([c.content for c in comment_list])
w = {
"id": weibo.id,
"user_id": u.id,
"content": weibo.content,
"username": user.username,
"time": weibo.created_time,
"comments": comments,
}
log('comments debug', comment_list)
return """
<p>{content} from {username}@{time}
<a href="/weibo/delete?id={id}">删除</a>
<a href="/weibo/edit?id={id}">修改</a>
<button class="gua-show-comment" data-id="{id}">评论</button>
<div>
{comments}
</div>
<div id="id-div-comment-{id}" class="gua-comment-form gua-hide">
<form action="/weibo/comment/add" method="post">
<input name="user_id" value="{user_id}" type="hidden">
<input name="weibo_id" value="{id}" type="hidden">
<textarea name="content"></textarea>
<button type="submit">添加评论</button>
</form>
</div>
</p>
""".format(**w)
weibos = '\n'.join([weibo_tag(w) for w in weibos])
body = template('weibo_index.html', weibos=weibos)
r = header + '\r\n' + body
return r.encode(encoding='utf-8')
def route_weibo_update(request):
username = current_user(request)
user = User.find_by(username=username)
form = request.form()
content = form.get('content', '')
weibo_id = int(form.get('id', -1))
w = Weibo.find(weibo_id)
if user.id != w.user_id:
return error(request)
w.content = content
w.save()
return redirect('/weibo?user_id={}'.format(user.id))
def route_weibo_delete(request):
username = current_user(request)
user = User.find_by(username=username)
# 删除微博
weibo_id = request.query.get('id', None)
weibo_id = int(weibo_id)
w = Weibo.find(weibo_id)
if w.user_id == user.id:
w.delete()
return redirect('/weibo?user_id={}'.format(user.id))
else:
return error(request)
def route_weibo_update(request):
username = current_user(request)
user = User.find_by(username=username)
form = request.form()
content = form.get('content', '')
weibo_id = int(form.get('id', -1))
w = Weibo.find(weibo_id)
if user.id != w.user_id:
return error(request)
w.content = content
w.save()
# 重定向到用户的主页
return redirect('/weibo?user_id={}'.format(user.id))
def route_weibo_edit(request):
headers = {
'Content-Type': 'text/html',
}
header = response_with_headers(headers)
weibo_id = request.query.get('id', -1)
weibo_id = int(weibo_id)
w = Weibo.find(weibo_id)
if w is None:
return error(request)
# 生成一个 edit 页面
body = template('weibo_edit.html', weibo_id=w.id, weibo_content=w.content)
r = header + '\r\n' + body
return r.encode(encoding='utf-8')
def wx_access(func):
"""
获取微信信息
"""
def _(self, *args, **kwargs):
try:
redirect_url = request.values.get("redirect_url", "http%3A%2F%2Fdata.haojin.in")
unionid = session["unionid"]
except Exception, e:
return render_template("qrlogin.html", redirect=redirect_url)
db = app.mongodb.bi
if db.wisemeuser.find({"unionid": unionid, "main": 1}).count():
return func(self, *args, **kwargs)
else:
return error(QFRET.SESSIONERR, respmsg="用户未经授权,请在蜂巢中授权", escape=False)
def get_item_json():
id = request.args.get('id')
if not id:
return response.error('Item id not specified.')
item = db_utils.get_item(id)
item_dict = {
'id': item.id,
'name': item.name,
'created_at': item.created_at,
'updated_at': item.updated_at,
'category_id': item.category_id,
'category_name': item.category.name,
'user_id': item.user_id,
'short_desc': item.short_desc,
'desc': item.desc
}
return jsonify(item_dict), 200
def route_weibo_edit(request):
headers = {
'Content-Type': 'text/html',
}
header = response_with_header(headers)
# 这个 query.get 是在 weibo_index路由 里面放上去的
# 用来指定要修改那一条微博
weibo_id = request.query.get('id', -1)
weibo_id = int(weibo_id)
w = Weibo.find(weibo_id)
if w is None:
return error(request)
# 生成一个 edit 页面
body = template('weibo_edit.html',
weibo_id=w.id,
weibo_content=w.content)
r = header + '\r\n' + body
return r.encode(encoding='utf-8')
def get_edit_category_page(id=0):
if request.method == 'GET':
if not auth.is_user_admin():
# Only admins can add and edit catories
return render_template('unauthorized.html')
if id and id != 0:
# id is specified, render edit category page
category = db_utils.get_category(id)
return render_template('edit-category.html',
category=category,
CLIENT_ID=CLIENT_ID,
signed_in=auth.is_signed_in(),
picture=login_session.get('picture'))
else:
return render_template('edit-category.html',
CLIENT_ID=CLIENT_ID,
signed_in=auth.is_signed_in(),
picture=login_session.get('picture'))
elif request.method == 'POST':
# This is meant to be reached from AJAX request.
# We return a JSON response that will be used by
# The JS code making the request.
if not auth.is_user_admin():
return response.error('Unauthorized')
if request.form['name'] and request.form['desc']:
if id and id != 0:
# id is specified, update existing category
category = db_utils.update_category(id, request.form['name'],
request.form['desc'])
categoryData = {
'id': category.id,
'name': category.name,
'desc': category.desc
}
return response.success(url_for('get_index'), categoryData)
else:
category = db_utils.add_category(request.form['name'],
request.form['desc'])
categoryData = {
'id': category.id,
'name': category.name,
'desc': category.desc
}
return response.success(url_for('get_index'), categoryData)
def import_lastfm_artists():
"""
Import artists from Last.FM
Arguments:
- username: last.FM username to import artists from
- period: ['7day', '1month', '3month', '6month', '12month', 'overall']
- (optional) limit: maximum 500, default 500
"""
user = g.user
username = request.json.get('username')
period = request.json.get('period')
limit = request.json.get('limit')
if username is None or period not in [
'7day', '1month', '3month', '6month', '12month', 'overall'
]:
return response.error("Username empty or period is incorrect.")
if limit is None or limit > 500:
limit = 500
result = import_processing.import_from_lastfm(user, username, limit,
period)
return response.success({'artists_imported': result})
def get_edit_item_page(id=0):
if request.method == 'GET':
if not auth.is_signed_in():
# Redirect to login page.
# The url to which we are redirected will contain a paramenter
# which will be the url to redirect back to
# after logging in
redirect_parameter = None
if id and id != 0:
redirect_parameter = 'redirect={}'.format(
url_for('edit_item', id=id))
else:
redirect_parameter = 'redirect={}'.format(url_for('new_item'))
url = '{path}?{parameter}'.format(
path=url_for('get_login_page'),
parameter=redirect_parameter)
return redirect(url, 302)
categories = db_utils.get_categories()
item = None
if id and id != 0:
item = db_utils.get_item(id)
if item is None:
return render_template('404.html')
else:
if (not auth.is_user_admin()
and item.user_id != auth.get_user_id()):
# Cannot edit item that does not belong to user
# But admins are allowed
return render_template('unauthorized.html')
return render_template('edit-item.html',
item=item,
categories=categories,
CLIENT_ID=CLIENT_ID,
signed_in=auth.is_signed_in(),
user_name=auth.get_user_name(),
picture=login_session.get('picture'))
elif request.method == 'POST':
# This is meant to be reached from AJAX request.
# We return a JSON response that will be used by
# The JS code making the request.
if not auth.is_signed_in():
return response.error('Unauthorized')
if id and id != 0:
# Update item
item = db_utils.get_item(id)
if (not auth.is_user_admin()
and item.user_id != auth.get_user_id()):
# Only item owners and admins allowed to update item
return response.error('Unauthorized')
if (request.form['name'] and request.form['desc']
and request.form['cat-id']):
item = db_utils.update_item(request.form['item-id'],
request.form['name'],
request.form['desc'],
request.form['cat-id'])
itemData = {
'id': item.id,
'name': item.name,
'desc': item.desc,
'short_desc': item.short_desc,
'category_id': item.category_id
}
return response.success(
url_for('get_item_page', id=itemData['id']), itemData)
else:
return response.error('Failed to save')
else:
# Create new item
if (request.form['name'] and request.form['desc']
and request.form['cat-id']):
item = db_utils.add_item(request.form['name'],
request.form['desc'],
request.form['cat-id'],
auth.get_user_id())
itemData = {
'id': item.id,
'name': item.name,
'desc': item.desc,
'short_desc': item.short_desc,
'category_id': item.category_id
}
return response.success(
url_for('get_item_page', id=itemData['id']), itemData)
else:
return response.error('Failed to save')
def not_found(error):
"""
Return the HTTP 404 Not Found error.
"""
return response.error(errors={'type': 'NotFound'}, status_code=404)
