def register():
if current_user.is_authenticated:
return redirect(url_for("index"))
form = RegistrationForm()
if form.validate_on_submit():
if form.access_level.data == "599s1Z]76G4MVMX":
user = User(access_level=1,
username=form.username.data,
password=form.password.data,
fullname=form.fullname.data,
email=form.email.data,
phone_number=form.phone.data)
db.session.add(user)
db.session.commit()
flash("Congratulations, you are now a registered teacher!")
else:
user = User(access_level=0,
username=form.username.data,
password=form.password.data,
fullname=form.fullname.data,
email=form.email.data,
phone_number=form.phone.data)
db.session.add(user)
db.session.commit()
flash("Congratulations, you are now a registered student!")
return redirect(url_for("login"))
return render_template("register.html", title="Register", form=form)
def test_follows(self):
u1 = User(email='*****@*****.**', password='******')
u2 = User(email='*****@*****.**', password='******')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
self.assertFalse(u1.is_following(u2))
self.assertFalse(u1.is_followed_by(u2))
timestamp_before = datetime.utcnow()
u1.follow(u2)
timestamp_after = datetime.utcnow()
self.assertTrue(u1.is_following(u2))
self.assertFalse(u1.is_followed_by(u2))
self.assertTrue(u2.is_followed_by(u1))
self.assertTrue(u1.followed.count() == 2)
self.assertTrue(u2.followers.count() == 2)
f = u1.followed.all()[-1]
self.assertTrue(f.followed == u2)
self.assertTrue(timestamp_before <= f.timestamp <= timestamp_after)
f = u2.followers.all()[-1]
self.assertTrue(f.follower == u1)
u1.unfollow(u2)
self.assertTrue(u1.followed.count() == 1)
self.assertTrue(u2.followers.count() == 1)
self.assertTrue(Follow.query.count() == 2)
u2.follow(u1)
db.session.delete(u2)
db.session.commit()
self.assertTrue(Follow.query.count() == 1)
def test_invalid_confirmation_token(self):
u1 = User(password='******')
u2 = User(password='******')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u1.generate_confirmation_token()
self.assertFalse(u2.confirm(token))
def test_duplicate_email_change_token(self):
u1 = User(email='*****@*****.**', password='******')
u2 = User(email='*****@*****.**', password='******')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u2.generate_email_change_token('*****@*****.**')
self.assertFalse(u2.change_email(token))
self.assertTrue(u2.email == '*****@*****.**')
def test_follow_posts(self):
# make four users
u1 = User(nickname='john', email='*****@*****.**')
u2 = User(nickname='susan', email='*****@*****.**')
u3 = User(nickname='mary', email='*****@*****.**')
u4 = User(nickname='david', email='*****@*****.**')
db.session.add(u1)
db.session.add(u2)
db.session.add(u3)
db.session.add(u4)
# make four posts
utcnow = datetime.utcnow()
p1 = Post(body="post from john",
author=u1,
timestamp=utcnow + timedelta(seconds=1))
p2 = Post(body="post from susan",
author=u2,
timestamp=utcnow + timedelta(seconds=2))
p3 = Post(body="post from mary",
author=u3,
timestamp=utcnow + timedelta(seconds=3))
p4 = Post(body="post from david",
author=u4,
timestamp=utcnow + timedelta(seconds=4))
db.session.add(p1)
db.session.add(p2)
db.session.add(p3)
db.session.add(p4)
db.session.commit()
# setup the followers
u1.follow(u1) # john follows himself
u1.follow(u2) # john follows susan
u1.follow(u4) # john follows david
u2.follow(u2) # susan follows herself
u2.follow(u3) # susan follows mary
u3.follow(u3) # mary follows herself
u3.follow(u4) # mary follows david
u4.follow(u4) # david follows himself
db.session.add(u1)
db.session.add(u2)
db.session.add(u3)
db.session.add(u4)
db.session.commit()
# check the followed posts of each user
f1 = u1.followed_posts().all()
f2 = u2.followed_posts().all()
f3 = u3.followed_posts().all()
f4 = u4.followed_posts().all()
assert len(f1) == 3
assert len(f2) == 2
assert len(f3) == 2
assert len(f4) == 1
assert f1 == [p4, p2, p1]
assert f2 == [p3, p2]
assert f3 == [p4, p3]
assert f4 == [p4]
def test_make_unique_nickname(self):
u = User(nickname='john', email='*****@*****.**')
db.session.add(u)
db.session.commit()
nickname = User.make_unique_nickname('john')
assert nickname != 'john'
u = User(nickname=nickname, email='*****@*****.**')
db.session.add(u)
db.session.commit()
nickname2 = User.make_unique_nickname('john')
assert nickname2 != 'john'
assert nickname2 != nickname
def profile(username):
user1 = User(session.get('username'))
user2 = User(username)
posts = user2.recent_posts(5)
similar = []
common = {}
if user1.username == user2.username:
similar = user1.similar_users(3)
else:
common = user1.commonality_of_user(user2)
return render_template('profile.html', username=username, posts=posts, similar=similar, common=common)
def setUp(self):
app = create_app('testing')
self.context = app.test_request_context()
self.context.push()
self.client = app.test_client()
self.runner = app.test_cli_runner()
db.create_all()
Role.init_role()
admin_user = User(email='*****@*****.**',
name='Admin',
username='******')
admin_user.set_password('123')
admin_user.set_role()
normal_user = User(email='*****@*****.**',
name='Normal User',
username='******')
normal_user.set_password('123')
unconfirmed_user = User(
email='*****@*****.**',
name='Unconfirmed',
username='******',
)
unconfirmed_user.set_password('123')
locked_user = User(email='*****@*****.**',
name='Locked User',
username='******',
locked=True)
locked_user.set_password('123')
locked_user.lock()
blocked_user = User(email='*****@*****.**',
name='Blocked User',
username='******',
active=False)
blocked_user.set_password('123')
category = Category(name='test category')
post = Post(title='test post', body='Test post', category=category)
comment = Comment(body='test comment body',
post=post,
author=normal_user)
db.session.add_all([
admin_user, normal_user, unconfirmed_user, locked_user,
blocked_user
])
db.session.commit()
def signupc(request):
un = request.POST.get('username1')
em = request.POST.get('email')
pw1 = request.POST.get('password1')
pw2 = request.POST.get('password2')
print(pw2)
print(pw1)
filterResult = User.objects.filter(username=un)
if len(filterResult) > 0:
return render_to_response('CreativeWriting.html', {"errors2": "Username already exists!"})
else:
errors = []
if (pw2 != pw1):
errors.append("The password entered twice is inconsistent!")
return render_to_response('CreativeWriting.html', {'errors2': errors})
# 将表单写入数据库
user = User()
user.username = un
user.password = pw1
user.email = em
user.save()
# 返回注册成功页面
return render_to_response('CreativeWriting.html', {"errors": "registration success!"})
return render_to_response('CreativeWriting.html')
def add_user():
username = request.json.get('username')
email = request.json.get('email')
password = request.json.get('password')
profile_image = request.json.get('profile_image')
confirmed = request.json.get('confirmed')
if request.json is None:
return custom_error('Missing Arguments', 404)
if username is None and password is None:
return custom_error("Missing Arguments", 404)
if email is None:
return custom_error("Missing Arguments", 404)
if User.query.filter_by(username=username).first() is not None:
return custom_error('User already exists', 404)
try:
user = User(
username=username,
email=email,
password=bcrypt.generate_password_hash(password).decode('utf-8'),
profile_image=profile_image,
confirmed=confirmed)
db.session.add(user)
db.session.commit()
except:
return custom_error('An error occured while writing to database.', 404)
return jsonify({
'username': user.username,
'email': user.email
}), 201, {
'Location': url_for('api.get_user', user_id=user.id, _external=True)
}
def register(request):
if request.method == "POST":
uf = UserForm(request.POST)
if uf.is_valid():
#获取表单信息
username = uf.cleaned_data['username']
email = uf.cleaned_data['email']
password1 = uf.cleaned_data['password1']
password2 = uf.cleaned_data['password2']
filterResult = User.objects.filter(username=username)
if len(filterResult) > 0:
return render_to_response('register.html', {"errors": "用户名已存在"})
else:
errors = []
if (password2 != password1):
errors.append("两次输入的密码不一致!")
return render_to_response('register.html', {'errors': errors})
#将表单写入数据库
user = User()
user.username = username
user.password = password1
user.email = email
user.save()
#返回注册成功页面
return render_to_response('success.html',{'username':username,'operation':"注册"})
else:
uf = UserForm()
return render_to_response('register.html',{'uf':uf})
def test_user(self):
""" User creation and authentication
Create new user
Add to database
Login and out"""
# Make a new user
u = User(username, password, email)
with self.app.app_context():
# Add to db
db.session.add(u)
db.session.commit()
# Test queries
self.assertIsNotNone(User.query.filter_by(username=username).first())
self.assertIsNotNone(User.query.filter_by(email=email).first())
# Test password secturity
self.assertNotEqual(u.password, password)
self.assertTrue(u.check_password(password))
# Try an incorrect log in
rv = self.login(username, 'not_correct')
self.assertIn(b'Invalid username or password', rv.data)
# Try correct login
rv = self.login(username, password)
# Test if log in was succsessful
self.assertEqual(rv.status_code, 200)
self.assertIn(b"logged in", rv.data)
# Try logout
rv = self.logout()
self.assertIn(b'You were logged out', rv.data)
def test_delete_post(self):
user1 = User(
username="******",
email="*****@*****.**",
password=
"******")
db.session.add(user1)
db.session.commit()
post1 = Post(title="test blog", content="testdata", user_id=user1.id)
db.session.add(post1)
db.session.commit()
self.assertEqual(user1.posts, [post1]) # check user has post
# random key for this session only
app.config['SECRET_KEY'] = '64529050a317171fa534714b75b55b03'
with app.test_client() as c:
response = c.post('/login',
data=dict(email='*****@*****.**',
password='******',
remember=True,
form=""),
follow_redirects=True)
self.assertEqual(response.status_code, 200)
self.assertEqual(request.path, '/blog')
self.assertEqual(current_user.username,
'test') # check current user
post_before = Post.query.all()
# print("before deletion:",post_before) checking if post is available
#deleting
del_response = c.post('/blog/1/delete', follow_redirects=True)
self.assertEqual(request.path, '/blog')
post_after = Post.query.all()
# print("after deletion:",post_after) checking if post is deleted
self.assertEqual(post_after, [])
def adduser():
"""
Ask user for name, email address, and password (twice).
Check to make sure the user is not already stored in the database.
Make sure both passwords entered by user match.
Finally, create the user object and add it to our database.
"""
name = raw_input("Name: ")
email = raw_input("Email: ")
if session.query(User).filter_by(email=email).first():
print "User with that email address already exists"
return
password = raw_input("Password: "******"Re-enter password: "******"Password: "******"Re-enter password: "******"""
generate_password_hash function:
1) Function is used to hash our password
2) Hashing - process that converts our plain text password
into a string of characters
3) Passwords use only One-Way-Hashes: process works in one direction
"""
session.add(user)
session.commit()
def create_admin_user(self):
new_user = User(name='Superman',
email='*****@*****.**',
password=bcrypt.generate_password_hash('allpowerful'),
role='admin')
db.session.add(new_user)
db.session.commit()
def forge():
name = 'erfei'
movies = [
{
'title': '大赢家',
'year': '2020'
},
{
'title': '海贼王-顶上战争',
'year': '2019'
},
{
'title': '囧妈',
'year': '2020'
},
{
'title': '速度与激情8',
'year': '2019'
},
{
'title': '战狼',
'year': '2019'
},
]
user = User(name=name)
db.session.add(user)
for m in movies:
movie = Movies(title=m['title'], year=m['year'])
db.session.add(movie)
db.session.commit()
click.echo('导入数据库')
def signup(request):
if request.method=='POST':
name=request.POST['email']
password=request.POST['pass']
user = User(username=name,password=password)
user.save()
return HttpResponseRedirect(reverse('blog:blogindex'))
def test_invalid_reset_token(self):
u = User(password='******')
db.session.add(u)
db.session.commit()
token = u.generate_reset_token()
self.assertFalse(User.reset_password(token + 'a', 'horse'))
self.assertTrue(u.verify_password('cat'))
def test_valid_email_change_token(self):
u = User(email='*****@*****.**', password='******')
db.session.add(u)
db.session.commit()
token = u.generate_email_change_token('*****@*****.**')
self.assertTrue(u.change_email(token))
self.assertTrue(u.email == '*****@*****.**')
def test_valid_reset_token(self):
u = User(password='******')
db.session.add(u)
db.session.commit()
token = u.generate_reset_token()
self.assertTrue(User.reset_password(token, 'dog'))
self.assertTrue(u.verify_password('dog'))
def test_expired_confirmation_token(self):
u = User(password='******')
db.session.add(u)
db.session.commit()
token = u.generate_confirmation_token(1)
time.sleep(2)
self.assertFalse(u.confirm(token))
def newsletter():
form = NewsLetterForm()
if form.validate_on_submit():
user = User(username=form.username.data, email=form.email.data)
flash('Your email has been received. You will be recieving weekly blog newsletters. Thank you.', 'success')
return redirect(url_for('main.home'))
return render_template('newsletter.html', form=form, title='Subscribe To Newsletters')
def init_db():
db.create_all()
user1 = User(username="******")
user1.set_password("test")
user2 = User(username="******")
user2.set_password("password2")
post1 = Post(title="Post by user 1", contents="Contens from user 1", user=user1)
post2 = Post(title="Post by user 2", contents="Contens from user 2", user=user2)
db.session.add(user1, user2)
db.session.add(post1, post2)
db.session.commit()
def admin_user():
email = raw_input('输入管理员邮箱:')
inp = 1
while inp == 1:
pwd1 = raw_input('输入管理员密码:')
pwd2 = raw_input('确认管理员密码:')
if pwd1 == pwd2:
inp = 0
else:
print '两次输入的不一样,请重新输入'
continue
print '--------------------------------'
print '输入的管理员邮箱为:%s' % email
print '输入的管理员密码为:%s' % pwd1
print '--------------------------------'
if raw_input('确定(Y)').lower() == 'y':
pwd = User.make_random_passwd(email=email)
user = User(email=pwd['email'],
role=1,
nicename=email,
passwd=pwd['pwdmd5'],
is_locked=0,
salt=pwd['salt'])
user.register_date = datetime.now(),
db.session.add(user)
db.session.commit()
print '保存设置...[确定]'
else:
exit()
def register(request):
if request.method == "POST":
uf = UserForm(request.POST)
if uf.is_valid():
#获取表单信息
username = uf.cleaned_data['username']
password = uf.cleaned_data['password']
email = uf.cleaned_data['email']
#将表单写入数据库
user = User()
user.username = username
user.password = password
user.email = email
user.save()
# print 'register info:',user.username,user.password,user.email
#返回注册成功页面
return render_to_response('success.html', {
'username': username,
'action': '注册'
},
context_instance=RequestContext(request))
else:
uf = UserForm()
return render_to_response('register.html', {'uf': uf})
def test_user_check(self):
pwd = User.make_random_passwd(email='*****@*****.**')
user = User(email=pwd['email'], passwd=pwd['pwdmd5'], salt=pwd['salt'])
db.session.add(user)
db.session.commit()
is_true = User.user_check('*****@*****.**', pwd['pwd'])
assert is_true == True
def create_user(self):
hashed_password = bcrypt.generate_password_hash(
self.password.data).decode('utf-8')
user = User(username=self.username.data,
email=self.email.data,
password=hashed_password)
user.save_to_db()
def sign_up():
"""SIGN-UP page which allows users to register."""
if current_user.is_authenticated:
flash("You have alredy logged in.")
return redirect(url_for("app.home"))
else:
form = SignUpForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None:
user = User(username=form.username.data)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
login_user(user)
flash("Sucessfully registered.")
flash("Sucessfully logged in.")
return redirect(url_for("app.home"))
flash("A user already exists with that email address.")
return render_template(
"sign-up.html",
form=form,
page_title="SIGN-UP",
page_color="black",
)
def setUp(self):
self.new_user = User(firstname='wahala', password='******')
self.new_comment = Comment(id=12345,
post_id='2',
user_id='2',
post_comment='what food do you eat food?',
user=self.new_user)
def test_user_role(self):
u = User(email='*****@*****.**', password='******')
self.assertTrue(u.can(Permission.FOLLOW))
self.assertTrue(u.can(Permission.COMMENT))
self.assertTrue(u.can(Permission.WRITE))
self.assertFalse(u.can(Permission.MODERATE))
self.assertFalse(u.can(Permission.ADMIN))
