def routes_login():
if request.method == "POST":
if request.headers.get("TOKEN_ONLY", default="false") == "true":
username = request.headers.get("Username")
password = request.headers.get("Password")
if username != ADMIN_USER or auth.get_hash(
ADMIN_PASS) != auth.get_hash(password):
return "Unauthorized", 401
token = auth.generate_token()
res = Response()
res.headers.set("Content-Type", "application/json")
res.set_data(json.dumps({"token": str(token, encoding="utf8")}))
return res
else:
username = request.form.get('admin_username')
password = request.form.get('admin_passwd')
if username != ADMIN_USER or auth.get_hash(
ADMIN_PASS) != auth.get_hash(password):
return render_template("login.html",
errors=["Bad Credentials"])
token = auth.generate_token()
res = make_response(redirect("/creator"))
res.set_cookie("authorization",
"Bearer " + str(token, encoding="utf8"))
return res
elif request.method == "GET":
return render_template("login.html"), 200
def test_generate_token():
SECRET = 'aaaaaddeeeiiklmmnnnnnorrsy'
clear()
token = generate_token(0)
decoded = jwt.decode(token, SECRET, algorithms='HS256')
assert decoded['u_id'] == 0
def flush_standup(channel_id):
'''
Input: channel_id (int)
Returns: Nothing
Purpose: Helper function to concat messages in a standup and send them
at once
'''
with STANDUP_LOCK:
standups = get_standup()
try:
[to_flush
] = list(filter(lambda x: x['channel_id'] == channel_id,
standups))
to_send = '\n'.join(to_flush['messages'])
# message is empty.. do not bother
if not to_send:
standups.remove(to_flush)
return
# get the token given u_id
user_token = get_token(to_flush['u_id'])
if user_token is None:
# generate a temporary token
user_token = generate_token(to_flush['u_id'])
get_tokens()[user_token] = to_flush['u_id']
message_send(user_token, channel_id, to_send)
auth_logout(user_token)
else:
message_send(user_token, channel_id, to_send)
standups.remove(to_flush)
except ValueError:
pass
def register_user():
if mail_validation(user.email):
pass
else:
quit()
insert_user_into_table()
token = auth.generate_token(user.password, user.email)
# Send mail with veryficaton token (link from front-end)
link = '\nhttps://pythonhosted.org/itsdangerous/#itsdangerous.TimestampSigner'
body, subject = mail.template_veryfication(token, link)
mail.send_email(user.email, body, subject)
cursor.execute('''UPDATE users SET confirmation_sent = ? where email = ?''', (datetime.now(), user.email))
db.commit()
# Artificial waiting for confirmation-------
time.sleep(2)
#-------------------------------
(confirmed, token_email) = auth.confirm_token(token, expiration, user.password)
if confirmed:
user_confirmed(token_email)
print("User registered")
get_data_from_REGON(user.nip)
else:
print('User not registered')
def post(self):
username, password = extract_credentials(self.json_request)
while True:
got_it = yield tornado.gen.Task(self.signup_lock.acquire, blocking=True)
if got_it:
break
else:
yield gen.sleep(10)
inserted = yield tornado.gen.Task(
self.redis_conn.setnx,
username,
auth.encrypt_password(password)
)
if inserted == 0:
raise tornado.web.HTTPError(409, 'Such a username already exists')
yield gen.Task(self.signup_lock.release)
self.reply({
'status': 'ok',
'token': auth.generate_token(username).decode('ascii')
}, status_code=201)
def API_login():
# Check if the email exists
users = get_session().query(User).filter_by(
email=request.form["email"]).all()
if (len(users) < 1):
return json.dumps({
"state": "error",
"message": "Invalid e-mail or password."
})
our_user = users[0]
# Check if the password supplied is the same as the password in the User model
if (our_user.password != hash_multiple(
[request.form["email"], request.form["password"]])):
return json.dumps({
"state": "error",
"message": "Invalid e-mail or password."
})
session['token'] = generate_token(our_user.id)
return json.dumps({
"state": "ok",
"message": "",
"token": session['token']
})
def get_token():
incoming = request.get_json()
user = User.get_user_with_email_and_password(incoming["email"],
incoming["password"])
if user:
return jsonify(token=generate_token(user))
return jsonify(error=True), 403
def api_login(error=None):
content = request.get_json(silent=True)
username = content.get('username')
password = content.get('password')
if auth.try_login(username, password):
new_token = auth.generate_token(username)
response = {'status': 'success', 'token': new_token}
return jsonify(**response)
else:
raise InvalidRequestData('Invalid username or password (mismatched).')
def create_user():
incoming = request.get_json()
user = User(email='*****@*****.**', password='******')
db.session.add(user)
try:
db.session.commit()
except IntegrityError:
return jsonify(message="User with that email already exists"), 409
new_user = User.query.filter_by(email=incoming["email"]).first()
return jsonify(id=user.id, token=generate_token(new_user))
def login_expired():
test_only()
#This endpoint will log the user in with expired token
res = jsonify({
"success": True,
"result": "setting expired token successfully"
})
expired_token = generate_token(user_id=1,
secret=SECRET,
expiration_delta=timedelta(days=-7),
issued_at=datetime.now())
res.headers.add('Authorization', expired_token["result"])
return res, 200
def post(self):
email = squeeze(self.get_argument('email', ''))
password = squeeze(self.get_argument('password', ''))
action = self.get_argument('action')
response = {'status': 'failed'}
if not email or not password:
response['error'] = 'Email and password are mandatory'
self.write(json_encode(response))
return
if action == 'Login':
id = get_identity(email, password)
if not id:
response['error'] = 'Wrong Username/Email and password combination'
self.write(json_encode(response))
return
user = User.objects.find(id=id)
if user:
token = generate_token()
user.authenticate(token)
self.set_secure_cookie("auth", token)
self.redirect('/')
elif action == 'Signup':
already_exists = email_exists(email)
if not already_exists:
fullname = email.split('@')[0].replace('.', ' ').replace('_', ' ')
user = User.objects.create('', fullname)
store_credentials(user.id, email, password)
token = generate_token()
user.authenticate(token)
self.set_secure_cookie("auth", token)
self.redirect('/signup')
def test_generate_token_uniqueness():
clear()
token1 = generate_token(0)
token2 = generate_token(1)
token3 = generate_token(2)
token4 = generate_token(3)
token5 = generate_token(4)
token6 = generate_token(5)
token7 = generate_token(6)
tokens = [token1, token2, token3, token4, token5, token6, token7]
assert len(tokens) == len(set(tokens))
def post(self):
username, password = extract_credentials(self.json_request)
stored_password = yield tornado.gen.Task(
self.redis_conn.get,
username
)
if (
stored_password is not None and
stored_password == auth.encrypt_password(password)
):
self.reply({
'status': 'ok',
'token': auth.generate_token(username).decode('ascii')
})
else:
raise tornado.web.HTTPError(401, 'Wrong password')
def register():
# Get parameters
email = request.form.get('email')
username = request.form.get('username')
password = request.form.get('password')
# Generate hashed password
hash = hashlib.sha256(password.encode()).hexdigest()
# Connect to database
connection = psycopg2.connect(user="******", password=os.environ.get("DATABASE_PASSWORD"), host="localhost", port="5432", database="twitterbrief")
cursor = connection.cursor()
if not auth.check_unique_credentials(username, email, cursor):
return dumps({ "Error": "Credentials already exist!" }), 500
# Get followed user
response = auth.get_followed_twitter_accounts(username)
if response.status_code != 200:
print(response.json())
return dumps({ "Error": "Invalid Twitter Account" }), 500
# Add user to database
auth.register_user(username, email, hash, cursor)
follows = response.json()
# Add followed accounts
auth.add_accounts(follows['ids'], cursor)
auth.populate_followed_users(username, follows['ids'], cursor)
# Close database connection
connection.commit()
cursor.close()
connection.close()
# Return token
return auth.generate_token(username)
def authenticate(self, prefix, social_id, username, fullname, pic):
connection = Redis.get_connection()
new_user = False
key = '{0}:{1}'.format(prefix, unsalted_hash(social_id))
id = connection.get(key)
if id:
user = User.objects.find(id=id.decode())
else:
new_user = True
user = User.objects.create(
'',
fullname,
pic)
connection.set(key, user.id)
token = generate_token()
user.authenticate(token)
self.set_secure_cookie("auth", token)
self.render("redirect.html", new_user=new_user)
def login():
"""Login using a POST request, else prompt for credentials """
if request.method == 'GET':
raise CredentialsRequired()
# handle POST login
username = request.form.get('username')
password = request.form.get('password')
if auth.check_auth(username, password):
return {
'message': [
auth.SERVICE_MESSAGES['login'],
{
'available endpoints':
app.config.get('AVAILABLE_ENDPOINTS')
}
],
'token': auth.generate_token(username, password)
}
else:
raise AuthenticationFailed()
def login():
# Get parameters
username = request.args.get('username')
password = request.args.get('password')
# Generate hashed password
hash = hashlib.sha256("mypassword".encode()).hexdigest()
# Connect to database
connection = psycopg2.connect(user="******", password=os.environ.get("DATABASE_PASSWORD"), host="localhost", port="5432", database="twitterbrief")
cursor = connection.cursor()
findUserQuery = "select username, password from users where username = '******'".format(username)
cursor.execute(findUserQuery)
user = cursor.fetchone()
if user[1] != hash:
return {'Error': 'invalid credentials'}, 401
return auth.generate_token(username)
def login(login, password):
# 1 - Проверить, есть ли пользователь с таким логином
# 2 - Выполнить подтверждение пароля
# 3 - Если не ок, то возвращаем (False, 'Invalid login and/or password')
# 4 - Генерируем новый токен
# 5 - Ищем по дереву(словарю) токенов имеющийся токен по данному логину
# 6 - Заменяем или создаем новый токен и помещаем в дерево(словарь)
# 7 - Возвращаем пользователю рожденный токен
# TODO Надо получить доступ над циклом исполнения в Торнадо, что бы направить этот поток на служебные цели:
# Проверка времени жизни токенов: если токены долго бездействуют - удаляем
user = database.find_user_by_login(login)
if user is None:
return False, 'Invalid login and/or password'
else:
if auth.compare_password(password, user.password, user.salt):
new_token = auth.generate_token()
auth.insert_new_token(login, new_token)
return True, new_token
else:
return False, 'Invalid login and/or password'
def home():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
try:
assert (len(username) >= 2 and len(username) <= 40)
assert (len(password) >= 2 and len(password) <= 40)
token = auth.generate_token(username, password)
response = make_response(
render_template('index.html', data=auth.validate_token(token)))
response.set_cookie('token', token)
return response
except:
return 'invalid username and/or password'
else:
token = request.cookies.get('token')
if token:
return render_template('index.html',
data=auth.validate_token(token))
else:
return render_template('index.html')
def API_register():
# Check if the email already exists
if (len(get_session().query(User).filter_by(
email=request.form["email"]).all()) > 0):
return json.dumps({
"state": "error",
"message": "E-mail already registered!"
})
password = hash_multiple([request.form["email"], request.form["password"]])
user = User(email=request.form["email"],
fullname=request.form["fullname"],
password=password)
push_model(user)
# Get back the users, I shouldn't do it like this
db_users = get_session().query(User).filter_by(
email=request.form["email"]).all()
session['token'] = generate_token(db_users[0].id)
return json.dumps({
"state": "ok",
"message": "",
"token": session['token']
})
def test_token(self):
token = generate_token(userid='12345', secret=secret_string)
self.assertTrue(validate_token(token=token, secret=secret_string))
def playlist_to_genres(user_id, playlist_id):
'''
Function to iterate through a playlist, pull 30-second samples of songs,
and separate them out into their genres. Some songs have multiple
genres, so they will appear in multiple folders.
'''
token = generate_token()
spotify = spotipy.Spotify(auth=token) # Authorization token
results = spotify.user_playlist(user=user_id,
playlist_id=playlist_id)
# Getting track, url, and artists on a track
tracks = results['tracks']
# Setting cols for DataFrame
track_info_cols = ['id', 'genre', 'track_name', 'preview_url', 'location', 'filename', 'artist', 'artist_uri', 'album', 'release_date', # Track info
'danceability', 'energy', 'key', 'loudness', 'mode', 'speechiness', 'acousticness', 'instrumentalness', 'liveness', 'valence', 'tempo'] # Audio features
# Setting a timestamp for .csv versioning
timestamp = time.ctime().replace(' ', '_').replace(':', '_')
# Set filepath name
filepath = f'./data/song_genres.csv'
# -------------MAIN LOOP-------------
while True:
# We need to create a dataframe to store the results, going to store the
# results at each stage in case the process gets interrupted
song_df = pd.DataFrame(columns=track_info_cols)
for track in tqdm(tracks['items']):
track_info = track['track']
# Some songs don't have ids, apparently?
try:
track_id = track_info['id']
except:
continue
# Some songs don't have preview_urls
try:
url = track_info['preview_url'] # 30-sec song sample
except:
continue
artists = track_info['artists']
album_name = track_info['album']['name']
release_date = track_info['album']['release_date']
# This returns the audio features Spotify has created for each song
audio_features = spotify.audio_features(track_info['uri'])[0]
# Looping through each artist, getting their name and uri (Spotify's unique identifier)
for artist in artists:
artist_name = artist['name']
artist_uri = artist['uri']
track_name = track_info['name']
try:
genres = spotify.artist(artist_uri)['genres']
except:
continue
# urls would throw AttributeError occasionally, some songs don't have previews
try:
# There are multiple genres per artist
for genre in genres:
# Add info to dictionary
row = {'id' : track_id,
'genre' : genre,
'track_name' : track_name,
'preview_url' : url,
'location' : f'./scrapes/{genre}/{track_name}.mp3',
'filename' : f'{track_name}.mp3',
'artist' : artist_name,
'artist_uri' : artist_uri,
'album' : album_name,
'release_date' : release_date
}
# Need to create a dictionary for the audio features
audio_feature_dict = {key: value for key, value in audio_features.items() if key in track_info_cols}
# Combine the above row and audio_feature_dict into one
row.update(audio_feature_dict)
song_df = song_df.append(row, ignore_index=True)
except AttributeError:
pass
if tracks['next']:
tracks = spotify.next(tracks) # updates the offset by 100
song_df.to_csv(filepath,
mode='a',
index=False)
else:
break
song_df.to_csv(filepath,
mode='a',
index=False)
