def home():
util.auth()
global story
global numberStories
numberStories = 0
for title in util.getAllStoryTitles():
numberStories = numberStories + 1
story = ""
if request.method=="GET":
return render_template("home.html", giveTitles = util.getAllStoryTitles(), giveNumber = numberStories)
if request.method=="POST":
button = request.form["button"]
if button == "AddScramble":
util.addStory(storyTitle)
for line in storyScramble:
util.addLine(storyTitle, line)
if button == "Ok":
story = str(request.form["storySelection"])
return render_template("home.html", titleStory = story, giveLines = util.getStoryLines(story), giveNumber = numberStories)
if button == "Add":
story = request.form["NewStory"]
util.addStory(story)
return render_template("home.html", giveTitles = util.getAllStoryTitles(), giveNumber = numberStories)
if button == "DropStories":
util.dropStories()
return render_template("home.html", giveTitles = util.getAllStoryTitles(), giveNumber = numberStories)
if button == "scramble":
storyTitle = ""
storyScramble = []
for thing in util.getAllStoryTitles():
storyTitle = storyTitle + " " + thing
for thing in util.getAllStoryTitles():
storyScramble.append(util.getLine(thing, randrange(0,util.getNumberLines(thing))))
return render_template("home.html", scrambledStory = storyScramble, scrambledStoryTitle = storyTitle)
if button:
util.addLine(button,request.form["NextLine"])
return render_template("home.html", giveTitles = util.getAllStoryTitles(), giveNumber = numberStories)
def update_user():
userID = request.form['userID']
session = request.form['session']
new_details = request.form['new_details']
user = util.auth(userID, session)
if user: # User is authed, do some stuff
new_details = json.loads(new_details)
update_query = {
"details": user['details'].update(new_details)
}
if util.update_user(user['_id'], update_query):
return "success"
else:
return "error"
def send(self, data, sender_pair, recipient, collection):
# authenticate the sender
sender = util.auth(sender_pair[0], sender_pair[1])
# die if the sender was not found
if not sender: return False
data = {
"data": data,
"sender": sender_pair[0],
"recipient": recipient,
"ts": time.time()
}
# store the message
self.store(data, collection, visible=True)
return data
def login():
if 'message' in session:
msg = session['message']
session['message'] = ""
else:
msg=""
if request.method == "GET":
return render_template("login.html", m = msg)
else:
f = request.form
username = f['u']
password = f['p']
if util.auth(username,password):
session["u"] = "logged in"
return redirect(url_for("secret"))
else:
return render_template("login.html", error = "Username or password incorrect")
def send(self, data, sender_pair, recipient, collection):
# authenticate the sender
sender = util.auth(sender_pair[0], sender_pair[1])
# die if the sender was not found
if not sender: return False
data = {
"data": data,
"sender": sender_pair[0],
"recipient": recipient,
"ts": time.time()
}
# store the message
self.store(
data,
collection,
visible=True
)
return data
def login():
if 'message' in session:
msg = session['message']
session['message'] = ""
else:
msg = ""
if request.method == "GET":
return render_template("login.html", m=msg)
else:
f = request.form
username = f['u']
password = f['p']
if util.auth(username, password):
session["u"] = "logged in"
return redirect(url_for("secret"))
else:
return render_template("login.html",
error="Username or password incorrect")
def change_password():
if request.method == "POST":
userID = request.form['userID']
session = request.form['session']
passw = request.form['passw']
new_passw = request.form['new_passw']
else:
return False
# Make sure the user is legit
user = util.auth(userID, session)
if user:
# check if the old password matches the current password
# it should be, but just in case they're cookie stealing
if util.sha512(user['user'] + passw) == user['passw']:
return util.update_user(
userID,
{"passw": util.sha512(user['user'] + new_passw)}
)
else:
return "incorrect password"
else:
return "invalid user"
