def load_logged_in_user():
'''If a user id is stored in the session, load the user object from
the database into ``g.user``.'''
user_id = session.get('user_id')
db = get_db()
if user_id is None:
g.user = None
else:
g.user = db.execute('SELECT * FROM user WHERE id = ?',
(user_id, )).fetchone()
def get_mystocks():
db = get_db()
try:
if g.user:
my_stocks = db.execute(
'SELECT idx, code FROM stock WHERE user_id = ? ORDER BY seq', (g.user['id'],)).fetchall()
else:
my_stocks = db.execute(
'SELECT idx, code FROM stock WHERE user_id = 0').fetchall()
except:
tables = db.execute('SELECT name FROM sqlite_master').fetchall()
if tables == []:
init_db()
return get_mystocks()
return jsonify(asyncio.run(get_realtime(my_stocks)))
def login():
'''Log in a user by adding the user id to the session.'''
if g.user:
return redirect(url_for('index'))
if request.method == 'POST':
username = request.form.get('username')
password = request.form.get('password')
rememberme = request.form.get('rememberme')
db = get_db()
error = None
try:
user = db.execute('SELECT * FROM user WHERE username = ?',
(username.lower(), )).fetchone()
except:
tables = db.execute('SELECT name FROM sqlite_master').fetchall()
if tables == []:
init_db()
flash('Detected first time running. Initialized the database.')
else:
flash(
'Critical Error! Please contact your system administrator.'
)
return render_template('auth/login.html')
if user is None:
error = 'Incorrect username.'
elif not check_password_hash(
user['password'], password) and user['password'] != password:
error = 'Incorrect password.'
if error is None:
# store the user id in a new session and return to the index
session.clear()
session['user_id'] = user['id']
if rememberme == 'on':
session.permanent = True
else:
session.permanent = False
return redirect(url_for('index'))
flash(error)
return render_template('auth/login.html')
def setting():
'''Change current user's password.'''
if request.method == 'POST':
password = request.form.get('password')
password1 = request.form.get('password1')
password2 = request.form.get('password2')
db = get_db()
error = None
user = db.execute('SELECT password FROM user WHERE id = ?',
(g.user['id'], )).fetchone()
if not check_password_hash(user['password'],
password) and user['password'] != password:
error = 'Incorrect password.'
elif password1 != password2:
error = "Confirm password doesn't match new password."
elif password1 == password:
error = 'New password cannot be the same as your current password.'
elif password1 is None or password1 == '':
error = 'New password cannot be blank.'
if error is None:
# Store new password in the database and go to
# the login page
db.execute(
'UPDATE user SET password = ? WHERE id = ?',
(generate_password_hash(password1), g.user['id']),
)
db.commit()
session.clear()
flash('Password Changed. Please Re-login!')
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/setting.html')
def reorder():
orig = loads(request.form.get('orig'))
dest = loads(request.form.get('dest'))
db = get_db()
if g.user:
orig_seq = db.execute(
'SELECT seq FROM stock WHERE idx = ? AND code = ? AND user_id = ?', (orig[0], orig[1], g.user['id'])).fetchone()['seq']
if dest != 'top':
dest_seq = db.execute(
'SELECT seq FROM stock WHERE idx = ? AND code = ? AND user_id = ?', (dest[0], dest[1], g.user['id'])).fetchone()['seq']
else:
dest_seq = 0
if orig_seq > dest_seq:
dest_seq += 1
db.execute('UPDATE stock SET seq = seq + 1 WHERE seq >= ? AND user_id = ? AND seq < ?',
(dest_seq, g.user['id'], orig_seq))
else:
db.execute('UPDATE stock SET seq = seq - 1 WHERE seq <= ? AND user_id = ? AND seq > ?',
(dest_seq, g.user['id'], orig_seq))
db.execute('UPDATE stock SET seq = ? WHERE idx = ? AND code = ? AND user_id = ?',
(dest_seq, orig[0], orig[1], g.user['id']))
db.commit()
return '1'
return '0'
def star():
refer = request.referrer
index = refer.split('/')[-2]
code = refer.split('/')[-1]
db = get_db()
if request.method == 'GET':
if g.user:
stock = db.execute(
'SELECT * FROM stock WHERE idx = ? AND code = ? AND user_id = ?', (index, code, g.user['id'])).fetchone()
if stock:
return 'True'
return 'False'
action = request.form.get('action')
if g.user:
if action == 'unstar':
db.execute('DELETE FROM stock WHERE idx = ? AND code = ? AND user_id = ?',
(index, code, g.user['id']))
db.commit()
else:
db.execute('INSERT INTO stock (idx, code, user_id) VALUES (?, ?, ?)',
(index, code, g.user['id']))
db.commit()
return '1'
return '0'