def do_login():
global act_user
print request.get('REMOTE_ADDR'), ' connected'
forgot = None
username = request.forms.get('username')
password = request.forms.get('password')
forgot = request.forms.get('forget_passwd')
if forgot:
print 'sending password to %s'%(username,)
mail_passwd_to(username)
return "密码发送至,请查看邮箱并返回登录页面重新登录。。。"
isvalid, isadmin = validate_from_db(username, password)
print isvalid, isadmin
if isvalid:
act_user = User(username, password, isadmin)
if username not in daily_running_stat.keys():
daily_running_stat[username] = 0
now = datetime.now()
login_timestamps[username] = "%02d:%02d:%02d"%(now.hour, now.minute, now.second)
#if isadmin == User.IS_ADMIN:
# redirect('/index/admin')
#else:
redirect('/index/%s'%username)
else:
redirect('/')
def handle(self, request):
response = request.get('previous', {})
if not 'lang' in request:
lang = detect(request['text'])
request['lang'] = lang
response['lang'] = lang
last_time = time.time()
times = {}
ordered_tasks = _resolve(request, response, self.services)
for task, name in ordered_tasks:
# None happens when the field is already in the response
if name is not None:
service = self.services[task][name]
response[task] = service.run(request, response)
now = time.time()
times[task] = now - last_time
last_time = now
if request.get('debug', False):
response['debug'] = {
'timing': times,
'task-ordering': ordered_tasks
}
# Some intermediate tasks may have not been explicitly asked
# by the client
keys_to_keep = [item['task'] for item in request['tasks']] + ['debug']
return {k: v for k, v in response.items() if k in keys_to_keep}
def _build_wsgi_request_data(request):
request_data = {
'url': wsgiref.util.request_uri(request),
'user_ip': _wsgi_extract_user_ip(request),
'method': request.get('REQUEST_METHOD'),
}
if 'QUERY_STRING' in request:
request_data['GET'] = urlparse.parse_qs(request['QUERY_STRING'], keep_blank_values=True)
# Collapse single item arrays
request_data['GET'] = dict((k, v[0] if len(v) == 1 else v) for k, v in request_data['GET'].items())
request_data['headers'] = _extract_wsgi_headers(request.items())
try:
length = int(request.get('CONTENT_LENGTH', 0))
except ValueError:
length = 0
input = request.get('wsgi.input')
if length and input and hasattr(input, 'seek') and hasattr(input, 'tell'):
pos = input.tell()
input.seek(0, 0)
request_data['body'] = input.read(length)
input.seek(pos, 0)
return request_data
def getClientInfo(request):
idSession = ''
remoteCheck = ''
listId = str(request.get('HTTP_COOKIE')).split(';')
for item in listId:
if item.startswith('beaker.session.id'):
idSession = item[18:]
if item.startswith(' beaker.session.id'):
idSession = item[19:]
if item.startswith('remoteCheck'):
remoteCheck = item[12:]
if item.startswith(' remoteCheck'):
remoteCheck = item[13:]
clientInfo = {}
clientInfo['user'] = str(request.get('beaker.session').get('remoteUser'))
clientInfo['ip'] = str(request.get('REMOTE_ADDR'))
clientInfo['session'] = str(idSession)
clientInfo['browser'] = str(request.get('HTTP_USER_AGENT'))
clientInfo['remoteCheck'] = remoteCheck
logging.debug(str(clientInfo))
logging.debug('')
return clientInfo
def _build_wsgi_request_data(request):
request_data = {
'url': wsgiref.util.request_uri(request),
'user_ip': _wsgi_extract_user_ip(request),
'method': request.get('REQUEST_METHOD'),
}
if 'QUERY_STRING' in request:
request_data['GET'] = parse_qs(request['QUERY_STRING'], keep_blank_values=True)
# Collapse single item arrays
request_data['GET'] = dict((k, v[0] if len(v) == 1 else v) for k, v in request_data['GET'].items())
request_data['headers'] = _extract_wsgi_headers(request.items())
try:
length = int(request.get('CONTENT_LENGTH', 0))
except ValueError:
length = 0
input = request.get('wsgi.input')
if length and input and hasattr(input, 'seek') and hasattr(input, 'tell'):
pos = input.tell()
input.seek(0, 0)
request_data['body'] = input.read(length)
input.seek(pos, 0)
return request_data
def check():
params = request.json
manipulateId = int(params['manipulateId'])
if manipulateId < 0 or manipulateId > 4:
print("存在しない命令です。")
msg = "存在しない命令です。"
target_url = ''
request.get(target_url, resStatus)
else:
return func()
def api(key=None):
"""
API entry point
"""
if not request.get('auth_keys'):
request['auth_keys'] = Server.load_keys()
auth_key = request.GET.get("key")
if Server().is_allowed_request(auth_key, request.get('auth_keys')):
return template('Server got valid key - {{key}}</b>!',
key=auth_key)
else:
return template('Server got NOT VALID key - {{key}}</b>!',
key=auth_key)
def do_login():
global act_user
print request.get('REMOTE_ADDR'), ' connected'
forgot = None
username = request.forms.get('username')
password = request.forms.get('password')
isvalid, user = validate_from_db(username, password)
if isvalid:
#act_user = user
set_act_user(username)
redirect('/index')
else:
redirect('/')
def newPaste():
text = request.POST.get('text')
lang = onlyAlphaNum(request.POST.get('lang', 'raw'))
ip = request.header.get('X-Real-IP', request.get("REMOTE_ADDR"))
#Hash
h = baseHash.copy()
h.update(ip)
h.update(datetime.datetime.utcnow().isoformat())
name = base64.urlsafe_b64encode(h.digest())[:-1]
for i in range(0, 42):
if not os.path.exists("pastes/" + name[0:i] + ".txt"):
name = name[0:i]
break
#lets start with the raw file
fileName = "pastes/" + name
f = open(fileName + ".txt", 'w')
f.write(text)
f.close()
out = templates.get_template("view-paste.tpl").render(code=text, lang=lang)
f = open(fileName + ".html", 'w')
f.write(out)
f.close()
return name
def solve_dabblet():
session_id = request.get_cookie('session_id') #TODO: decorator-ify session
session = get_session(session_id)
response.set_cookie('session_id', session['id'])
dabblet_id = int(request.POST['dabblet_id'])
choice_id = int(request.POST['choice_id'])
dabblet = Dabblet.get(id=dabblet_id)
if choice_id < 0:
choice = None
else:
choice = DabChoice.get(id=choice_id)
sol = DabSolution(dabblet=dabblet,
choice=choice,
solver_ip=request.get('REMOTE_ADDR'),
solver_index=session.get('cur_index', 0),
date_solved=datetime.now())
sol.save()
# replace?
view_count = DabSolution.select().count()
pass_count = DabSolution.select().where(choice_id=None).count()
return { "view_count": view_count,
"solution_count": view_count-pass_count }
def logout():
global user_logged_in
user_logged_in = False;
token = request.get("token")
requests.post('https://accounts.google.com/o/oauth2/revoke', params={'token': token}, headers = {'content-type': 'application/x-www-form-urlencoded'})
bottle.redirect("/")
def upload_images_route():
"""
Upload images
Request params:
* Files uploaded as "multipart/form-data"
Field names don't matter. Multiple files are supported
"""
user = request.get('REMOTE_USER')
files = [
item.file for _, item in request.POST.items()
if isinstance(item, FileUpload)
]
try:
assert files, "Files were not provided"
if len(list(get_user_images(user))) + len(files) > max_images_per_uer:
raise MaxImageLimitError('You cannot upload more than %s images' %
max_images_per_uer)
urls = upload_images(user, files)
return {'data': urls}
except (AssertionError, MaxImageLimitError) as e:
return ErrorResponse(e, 400)
except FileTooLargeError as e:
return ErrorResponse(e, 413)
def newPaste():
text = request.POST.get('text')
lang = onlyAlphaNum(request.POST.get('lang','raw'))
ip = request.header.get('X-Real-IP',request.get("REMOTE_ADDR"))
#Hash
h = baseHash.copy()
h.update(ip)
h.update(datetime.datetime.utcnow().isoformat())
name = base64.urlsafe_b64encode(h.digest())[:-1]
for i in range(0,42):
if not os.path.exists("pastes/"+name[0:i]+".txt"):
name = name[0:i]
break
#lets start with the raw file
fileName = "pastes/"+name
f = open(fileName+".txt",'w')
f.write(text)
f.close()
out = templates.get_template("view-paste.tpl").render(code=text,lang=lang)
f = open(fileName+".html",'w')
f.write(out)
f.close()
return name
def assert_not_banned(board):
ip_addr = request.get("REMOTE_ADDR", "0.0.0.0")
if IpBan.ip_is_banned(ip_addr):
raise HTTPResponse(
template("message.tpl", message="You are banned", redirect=url("board", board_name=board.short_name)),
status=403,
)
def app():
if request.method == "GET":
account = request.get("account")
if account:
redirect("/")
return template("login.html")
elif request.method == "POST":
username = request.POST["username"]
password = request.POST["password"]
if len(username) == 0:
return "无效账号"
if len(password) == 0:
return "无效密码"
account = checkAccount2(username)
if account:
if account.validPassword(password):
print dir(response)
response.set_cookie("userid", str(account.id),
path="/") # 坑!path 必须指定
redirect("/")
else:
return "密码错误"
else:
return "账号不存在"
def _log_to_logger(*args, **kwargs):
request_time = datetime.now().strftime("%d/%b/%Y %H:%M:%S")
logger.info('%s - - [%s] "%s %s %s" %d' %
(request.remote_addr, request_time,
request.method, request.urlparts.path,
request.get('SERVER_PROTOCOL'), response.status_code))
return fn(*args, **kwargs)
def app():
account = request.get("account")
nodes = []
if account:
nodes = findNodes(account.id)
nodes = map(loadNode, nodes)
return {"account":account, "nodes": nodes}
def create_extension_route():
"""
Create extension
Request params:
* GithubUrl: (string)
* Name: (string) extension display name
* Description: (string)
* DeveloperName: (string)
* Images: (list) list of image URLs
Response:
* Extension object
"""
user = request.get('REMOTE_USER')
data = request.json
try:
assert data.get('Name'), 'Name cannot be empty'
assert data.get('Description'), 'Description cannot be empty'
assert data.get('DeveloperName'), 'DeveloperName cannot be empty'
assert data.get('GithubUrl'), 'GithubUrl cannot be empty'
assert isinstance(data.get('Images'),
list), 'Images must be a list of URLs'
# pylint: disable=len-as-condition
assert 0 < len(
data['Images']
) < 6, 'You must upload at least 1 (max 5) screenshot of your extension'
project_path = get_project_path(data['GithubUrl'])
info = get_repo_info(project_path)
try:
versions = get_json(project_path, 'master', 'versions')
versions_only = [v['required_api_version'] for v in versions]
commit_or_branch = get_latest_version_commit(versions)
except JsonFileNotFoundError:
commit_or_branch = 'master'
versions_only = ['^1.0.0']
manifest = get_json(project_path, commit_or_branch, 'manifest')
validate_manifest(manifest)
for image_url in data['Images']:
validate_image_url(image_url)
data = put_extension(User=user,
GithubUrl=data['GithubUrl'],
ProjectPath=project_path,
Name=data['Name'],
Description=data['Description'],
DeveloperName=data['DeveloperName'],
Images=data['Images'],
SupportedVersions=versions_only,
GithubStars=info['stargazers_count'],
Published=True)
return {'data': data}
except (AssertionError, ImageUrlValidationError, InvalidGithubUrlError,
HTTPError, ProjectValidationError,
ExtensionAlreadyExistsError) as e:
return ErrorResponse(e, 400)
def check_server_index():
if immediate_checker.whitelist_ips and request.get('REMOTE_ADDR') not in immediate_checker.whitelist_ips:
return { "result": -1, "metadata": "Host IP not allowed" }
try:
data = request.json
except:
result = { "result": -1, "metadata": "Invalid parameters sent" }
method = data.pop('method', 'test')
test_type = data.pop('test_type', None)
schedule = data.pop('schedule', None)
metadata = data.pop('metadata', None)
start = time.time()
try:
result = immediate_checker.check(test_type, schedule, metadata, **data)
metadata = result["metadata"]
try:
if not isinstance(metadata, basestring): metadata = metadata["text"]
except:
metadata = json.dumps(metadata)
result = { "result": result["result"], "metadata": metadata, "duration": "%0.2f" % result["result_duration"] }
except:
logging.getLogger("checker").error("Unkown error: %s" % traceback.format_exc())
result = { "result": -1, "metadata": "Unknown error", "duration": "%0.2f" % (time.time() - start) }
return result
def get_user_ip():
if 'HTTP_X_FORWARDED_FOR' in request:
# on heroku, there is a proxy
ip_adds = request.get('HTTP_X_FORWARDED_FOR').split(",")
ip = ip_adds[0]
else:
ip = request.environ.get('REMOTE_ADDR')
return ip
def sessionstart():
"""
Start a new session.
"""
username = request.get('username', None)
session_manager.session_start(username)
return {}
def flag():
postValue = request.POST.decode('utf-8')
remoteip = request.get('REMOTE_ADDR')
flag = request.POST.get('flag')
ip = request.POST.get('ip')
if not (ip is None):
remoteip = ip
return 'success %s %s' % insert_flag(remoteip, flag)
def _log_to_logger(*args, **kwargs):
request_time = datetime.now().strftime("%d/%b/%Y %H:%M:%S")
logger.info('%s - - [%s] "%s %s %s" %d' % (request.remote_addr,
request_time,
request.method,
request.urlparts.path,
request.get('SERVER_PROTOCOL'),
response.status_code))
return fn(*args, **kwargs)
def admin_del_article(db, id, clean=None):
prepare_admin(request)
oldurl = request.get("HTTP_REFERER", "/admin")
if clean and clean.strip() == "clean":
ok = blogs.remove_article(db, id)
else:
ok = blogs.update_article(db, id, status=status_deleted)
if ok: redirect(oldurl)
else: return HTTPError(404, "Article not found")
def tasks_report(task_id, report_format="json"):
formats = {
"json": "report.json",
"html": "report.html",
"htmlsumary": "summary-report.html",
"pdf": "report.pdf",
"maec": "report.maec-1.1.xml",
"metadata": "report.metadata.xml",
}
bz_formats = {
"all": {
"type": "-",
"files": ["memory.dmp"]
},
"dropped": {
"type": "+",
"files": ["files"]
},
}
tar_formats = {
"bz2": "w:bz2",
"gz": "w:gz",
"tar": "w",
}
if report_format.lower() in formats:
report_path = os.path.join(CUCKOO_ROOT, "storage", "analyses",
"%d" % task_id, "reports",
formats[report_format.lower()])
elif report_format.lower() in bz_formats:
bzf = bz_formats[report_format.lower()]
srcdir = os.path.join(CUCKOO_ROOT, "storage", "analyses",
"%d" % task_id)
s = StringIO()
# By default go for bz2 encoded tar files (for legacy reasons.)
tarmode = tar_formats.get(request.get("tar"), "w:bz2")
tar = tarfile.open(fileobj=s, mode=tarmode)
for filedir in os.listdir(srcdir):
if bzf["type"] == "-" and filedir not in bzf["files"]:
tar.add(os.path.join(srcdir, filedir), arcname=filedir)
if bzf["type"] == "+" and filedir in bzf["files"]:
tar.add(os.path.join(srcdir, filedir), arcname=filedir)
tar.close()
response.content_type = "application/x-tar; charset=UTF-8"
return s.getvalue()
else:
return HTTPError(400, "Invalid report format")
if os.path.exists(report_path):
return open(report_path, "rb").read()
else:
return HTTPError(404, "Report not found")
def add_visits(change):
data = read_visits()
if 'unique' not in data.keys():
data['unique'] = dict()
if 'visit' not in data.keys():
data['visit'] = 0
if change:
browser_agent = request.get('HTTP_USER_AGENT')
data['visit'] += 1
ip = request.get('REMOTE_ADDR')
if ip not in data['unique'].keys():
data['unique'][ip] = list()
data['unique'][ip].append([dt.ctime(dt.now() + timedelta(hours=5)), browser_agent])
# else:
# data['unique'][ip][dt.ctime(dt.now() + timedelta(hours=5))].append(browser_agent)
# date fromm string to datetime: dt.strptime(time, "%a %b %d %X %Y")
# print(request.get('REMOTE_ADDR'), data)
write_visits(data)
return data
def redirect():
redirect_url = request.GET.get('url', '/')
code = 303 if request.get('SERVER_PROTOCOL') == "HTTP/1.1" else 302
response = HTTPResponse("", status=code, Location=redirect_url)
raise response
return {'title': 'Mozilla Presence',
'session': request.environ.get('beaker.session'),
'redirect': request.GET['redirect']}
def register_server():
servername = request.forms.get('name')
serveraddr = request.get('REMOTE_ADDR')
serverport = request.forms.get('port')
server = Server(name = servername, address = serveraddr, port = serverport)
session.add(server)
session.commit()
return {'key': server.key}
def register_server():
servername = request.forms.get('name')
serveraddr = request.get('REMOTE_ADDR')
serverport = request.forms.get('port')
server = Server(name=servername, address=serveraddr, port=serverport)
session.add(server)
session.commit()
return {'key': server.key}
def logout():
token = request.get("token")
requests.post('https://accounts.google.com/o/oauth2/revoke', params={'token': token},
headers={'content-type': 'application/x-www-form-urlencoded'})
global userSignedIn
userSignedIn = False
bottle.redirect("http://localhost:8080/")
def track_location_post():
try:
#collect the location and time from the user
#these should work per the bottlepy docs, not sure what is up
#geoX = request.forms.geoX
#geoY = request.forms.geoY
#time = request.forms.time
#these do
geoX = request.get('HTTP_GEOX')
geoY = request.get('HTTP_GEOY')
time = request.get('HTTP_TIME')
who = request.get('HTTP_WHO')
print "got the following from the post: geoX=%s, geoY=%s, time=%s, who=%s" % (geoX, geoY, time, who)
except NameError, e:
#ignore for now
print "form posted missing fields: %s" % e
return "required fields missing"
def redirect(url, code=None):
""" Aborts execution and causes a 303 or 302 redirect, depending on
the HTTP protocol version. """
if not code:
code = 303 if request.get('SERVER_PROTOCOL') == "HTTP/1.1" else 302
res = response.copy(cls=HTTPResponse)
res.status = code
res.body = ""
res.set_header('Location', url)
raise res
def wangmengjie():
ip = request.get("REMOTE_ADDR")
with open('/work/spider/html/ip/log', 'a+') as f:
f.write("%s\t%s\t%s\r\n"%(ip, str(datetime.datetime.now()), int(time.time())))
for k,v in request.headers.iteritems():
f.write('%s\t%s\r\n'%(k,v))
f.write('\r\n')
with open('/work/spider/html/mobile/index.html') as f:
html = f.read()
return html
def wangmengjie():
ip = request.get("REMOTE_ADDR")
with open('/work/spider/html/ip/log', 'a+') as f:
f.write("%s\t%s\t%s\r\n" %
(ip, str(datetime.datetime.now()), int(time.time())))
for k, v in request.headers.iteritems():
f.write('%s\t%s\r\n' % (k, v))
f.write('\r\n')
with open('/work/spider/html/mobile/index.html') as f:
html = f.read()
return html
def redirect():
redirect_url = request.GET.get('url', '/')
code = 303 if request.get('SERVER_PROTOCOL') == "HTTP/1.1" else 302
response = HTTPResponse("", status=code, Location=redirect_url)
raise response
return {
'title': 'Mozilla Presence',
'session': request.environ.get('beaker.session'),
'redirect': request.GET['redirect']
}
def wrapper(*args, **kwargs):
if hasattr(callback,
'auth_required') and not request.get('REMOTE_USER'):
try:
decoded = parse_token(request.get_header('Authorization'))
assert decoded['sub']
except AuthError as e:
return ErrorResponse(e, 401)
request['REMOTE_USER'] = decoded['sub']
return callback(*args, **kwargs)
def delete_extension_route(id):
"""
Deletes extension by ID
"""
user = request.get('REMOTE_USER')
try:
ext = _verify_ext_auth(id)
delete_images(ext['Images'], user)
delete_extension(id, user=user)
response.status = 204
except (ExtensionDoesntBelongToUserError, AuthError) as e:
return ErrorResponse(e, 401)
def ist_berechtigt(uid):
try:
ip = request.get('REMOTE_ADDR')
log_row = engine.execute(db_benutzer.select().where((db_benutzer.c.uid == uid) & (db_benutzer.c.ip == ip))).fetchone()
zuletzt_bewertet = log_row.voted
differenz = datetime.now() - zuletzt_bewertet # vergangene Zeit seit der letzten Bewertung des Satzes
if differenz.days > 1: # länger als 24 Stunden
return True
else:
return False
except:
return True # wenn kein Eintrag in der Datenbank gefunden (oder irgend ein Fehler mit der Datenbankverbindung)
def redirectRelative(url, code=None):
""" Aborts execution and causes a 303 or 302 redirect, depending on
the HTTP protocol version. """
if code is None:
code = 303 if request.get('SERVER_PROTOCOL') == "HTTP/1.1" else 302
if config['webroot']:
url = config['webroot'] + url
if len(url) > 1:
url = url.rstrip('/').lstrip('/')
res = bottle.HTTPResponse("", status=code, Location=url)
if bottle.response._cookies:
res._cookies = response._cookies
raise res
def redirectRelative(url, code=None):
""" Aborts execution and causes a 303 or 302 redirect, depending on
the HTTP protocol version. """
if code is None:
code = 303 if request.get('SERVER_PROTOCOL') == "HTTP/1.1" else 302
if config['webroot']:
url = config['webroot'] + url
if len(url) > 1:
url = url.rstrip('/').lstrip('/')
res = bottle.HTTPResponse("", status=code, Location=url)
if bottle.response._cookies:
res._cookies = response._cookies
raise res
def server_static(filename):
entries = find_packages(packages())
for x in entries:
f = x.relfn.replace("\\", "/")
if f == filename:
if request.get('HTTP_SERVER', '').lower().startswith('nginx'):
response.headers.update({
'X-Accel-Redirect': x.root + '/' + filename,
'Content-Type': mimetypes.guess_type(filename)[0],
})
return None
return static_file(filename, root=x.root, mimetype=mimetypes.guess_type(filename)[0])
return HTTPError(404)
def tasks_report(task_id, report_format="json"):
formats = {
"json": "report.json",
"html": "report.html",
"htmlsumary": "summary-report.html",
"pdf": "report.pdf",
"maec": "report.maec-1.1.xml",
"metadata": "report.metadata.xml",
}
bz_formats = {
"all": {"type": "-", "files": ["memory.dmp"]},
"dropped": {"type": "+", "files": ["files"]},
}
tar_formats = {
"bz2": "w:bz2",
"gz": "w:gz",
"tar": "w",
}
if report_format.lower() in formats:
report_path = os.path.join(CUCKOO_ROOT, "storage", "analyses",
"%d" % task_id, "reports",
formats[report_format.lower()])
elif report_format.lower() in bz_formats:
bzf = bz_formats[report_format.lower()]
srcdir = os.path.join(CUCKOO_ROOT, "storage",
"analyses", "%d" % task_id)
s = StringIO()
# By default go for bz2 encoded tar files (for legacy reasons.)
tarmode = tar_formats.get(request.get("tar"), "w:bz2")
tar = tarfile.open(fileobj=s, mode=tarmode)
for filedir in os.listdir(srcdir):
if bzf["type"] == "-" and filedir not in bzf["files"]:
tar.add(os.path.join(srcdir, filedir), arcname=filedir)
if bzf["type"] == "+" and filedir in bzf["files"]:
tar.add(os.path.join(srcdir, filedir), arcname=filedir)
tar.close()
response.content_type = "application/x-tar; charset=UTF-8"
return s.getvalue()
else:
return HTTPError(400, "Invalid report format")
if os.path.exists(report_path):
return open(report_path, "rb").read()
else:
return HTTPError(404, "Report not found")
def get_ipaddress():
"""Return the IP address of the visitor to the calling function."""
try:
if request.headers.get('Cf-Connecting-Ip') == None \
and request.headers.get('X-Forwarded-For') == None:
raise TypeError
elif request.headers.get('Cf-Connecting-Ip') != None:
return str(IP(request.headers.get('Cf-Connecting-Ip')))
else:
return str(IP(request.headers.get('X-Forwarded-For')))
except TypeError:
return str(IP(request.get('REMOTE_ADDR')))
except ValueError:
return "Unable to determine IP address, or IP address provided was invalid"
def get_ipaddress():
"""Return the IP address of the visitor to the calling function."""
try:
if request.headers.get('Cf-Connecting-Ip') == None \
and request.headers.get('X-Forwarded-For') == None:
raise TypeError
elif request.headers.get('Cf-Connecting-Ip') != None:
return str(IP(request.headers.get('Cf-Connecting-Ip')))
else:
return str(IP(request.headers.get('X-Forwarded-For')))
except TypeError:
return str(IP(request.get('REMOTE_ADDR')))
except ValueError:
return "Unable to determine IP address, or IP address provided was invalid"
def getAuth():
account = request.get("account")
result = {}
result["error"] = 0
result["errmsg"] = ""
if account:
result["error"] = 0
result["errmsg"] = "ok"
else:
result["error"] = -1
result["errmsg"] = "not login"
return json.dumps(result)
def select():
start_time = time.time()
q = request.get('q','')
response_header = {
'status': 0, # except if there's an error
'params': dict(request.query),
'QTime' : time.time() - start_time
}
response = {
'numFound': 0,
'start': 0, # we don't do paged queries yet
'docs': query_result
}
return {'responseHeader': response_header, 'response': response}
def select():
start_time = time.time()
q = request.get('q', '')
response_header = {
'status': 0, # except if there's an error
'params': dict(request.query),
'QTime': time.time() - start_time
}
response = {
'numFound': 0,
'start': 0, # we don't do paged queries yet
'docs': query_result
}
return {'responseHeader': response_header, 'response': response}
def do_login(action):
ip = request.get('REMOTE_ADDR')
if not f.limit(ip):
status, u = user.check(request.forms.get('username'), request.forms.get('password'))
if status:
f.clear(ip)
ex.run(action)
redirect("/")
else:
return "<p>Login failed.</p>"
else:
ex.execute('alarm_action')
return "<p>Login failed.</p>"
def index():
try:
source = request.get("REMOTE_ADDR")
hum = request.query.hum
temp = request.query.temp
if hum and temp:
print(f'hum={hum}, temp={temp}, source={source}')
dir = f'/home/pi/sensors/{source}'
if not os.path.exists(f'{dir}'):
os.makedirs(f'{dir}')
file = open(f'{dir}/value.txt', 'w')
file.write(f'{time()} {temp}\n')
file.close()
return
except:
return
def post_grant(appid, db):
email = get_user()
if email is None:
abort(401, "Authorization required")
redirect_url = request.POST['redirect']
if 'allow' in request.POST:
app_user = ApplicationUser(appid, email)
db.add(app_user)
uid = app_user.uid
redirect_url += '?' + 'Presence-UID=%s' % str(uid)
code = 303 if request.get('SERVER_PROTOCOL') == "HTTP/1.1" else 302
response = HTTPResponse("", status=code, Location=redirect_url)
raise response
def update_extension_route(id):
"""
Update extension
Request params:
* Name: (string) extension display name
* Description: (string)
* DeveloperName: (string)
* Images: (list) list of image URLs
Response:
* Extension object
"""
user = request.get('REMOTE_USER')
data = request.json
try:
ext = _verify_ext_auth(id)
assert data.get('Name'), 'Name cannot be empty'
assert data.get('Description'), 'Description cannot be empty'
assert data.get('DeveloperName'), 'DeveloperName cannot be empty'
assert isinstance(data.get('Images'),
list), 'Images must be a list of URLs'
# pylint: disable=len-as-condition
assert 0 < len(
data['Images']
) < 6, 'You must upload at least 1 (max 5) screenshot of your extension'
for image_url in data['Images']:
validate_image_url(image_url)
to_delete = set(ext['Images']) - set(data['Images'])
delete_images(to_delete, user)
data = update_extension(id,
Name=data['Name'],
Description=data['Description'],
DeveloperName=data['DeveloperName'],
Images=data['Images'])
return {'data': data}
except ExtensionNotFoundError as e:
return ErrorResponse(e, 404)
except (AssertionError, ImageUrlValidationError) as e:
return ErrorResponse(e, 400)
except AuthError as e:
return ErrorResponse(e, 401)
def after_request():
if request.path.startswith('/static'):
return
try:
route_name = request.route.callback.__name__
except:
route_name = '(unknown)'
try:
pkppln.log_message(" - ".join([
'finished', request.get('REMOTE_ADDR'),
request.method, request.path,
type(request.app).__name__ + "#" + route_name
]), logging.INFO)
except:
pass
def post_grant(appid, db):
email = get_user()
if email is None:
abort(401, "Authorization required")
redirect_url = request.POST['redirect']
if 'allow' in request.POST:
app_user = ApplicationUser(appid, email)
db.add(app_user)
uid = app_user.uid
redirect_url += '?' + 'Presence-UID=%s' % str(uid)
code = 303 if request.get('SERVER_PROTOCOL') == "HTTP/1.1" else 302
response = HTTPResponse("", status=code, Location=redirect_url)
raise response
def get_visits_info():
v = check_visit()
print(v)
ip = request.get('REMOTE_ADDR')
last = v['unique'][ip][-1][0]
today = 0
todayDate = dt.now().date()
for i in v['unique']:
for visit in v['unique'][i]:
d = dt.strptime(visit[0], "%a %b %d %X %Y")
if d.date() == todayDate:
today += 1
return dict(
today=today,
visits=v['visit'],
unique=len(v['unique']),
last=last
)
def saveNewUser():
aaa.require(role="admin", fail_redirect='/login')
username = request.forms.get('username');
nome = request.forms.get('nome')
telefone = request.forms.get('telefone')
senha = request.forms.get('senha')
role = request.forms.get('role')
email_addr = request.get('email_addr')
result = "success"
try:
aaa.create_user(username=username, role=role, password=senha, email_addr=email_addr)
sql = "UPDATE USERS SET NOME = '%s', TELEFONE = '%s' WHERE USERNAME = '******'" % (nome, telefone, username)
executeSql(sql)
except Exception, e:
print e.message
if(e.message == "User is already existing."):
result = "Username não disponível."
else:
result = "Ocorreu um erro ao salvar usuário"
def add_malware():
tags = request.forms.get("tags")
data = request.files.file
info = File(path=store_sample(data.file.read()))
if tags:
tags = tags.strip()
if "," in tags:
tags = tags.split(",")
else:
tags = tags.split(" ")
try:
tags.append("User:"******"message": "added"})
def home():
t = Template(file='templates/home.html')
t.msg = request.get('msg')
t.current = '<table cellpadding="0" cellspacing="0"><tr><th>#</th><th>Name</th><th>Item</th><th>Since</th><th>Place</th><th>Options</th></tr>'
for m, (i, v) in enumerate(db.items()):
t.current += '<tr class="%s">' % ('even' if m % 2 == 0 else 'odd')
t.current += '<td>%s</td>' % i
t.current += '<td>%s</td>' % v['name']
t.current += '<td><table>'
for n, item in enumerate(v['items']):
t.current += '<tr><td class="%s">%s</td></tr>' % ('even' if n % 2 == 0 else 'odd', item)
t.current += '</table></td>'
t.current += '<td>%s</td>' % v['since']
t.current += '<td>%s</td>' % v['place']
t.current += '<td><a href="/view/%s">Show Content</a> | <a href="/delete/%s">Delete Box</a> | <a target="_blank" href="/print/%s">Print</a> | <a href="/edit/%s">Edit Box</a></td>' % (i, i, i, i)
t.current += '</tr>'
t.current += '</table>'
return str(t)
