def add_comment(self, post, content): user = get_session().user if not user: raise AuthException('not logged in') c = Comment(user=user,post=post,content=content) d = {'i18n':i18n.i18n,'lang':get_session().language,'page':'comment','request': request, 'comment': c} return dict(comment=c)#bottle.template('comment', **d)
def owngetter(klass, ids=[]): klass = str2class(klass) # for data that only the logged-in user or admin can access # and *only* that data if isinstance(get_session().user, Admin) or klass == Game: return list(klass.select(IN(klass.q.id, ids))) if klass == Player: return [get_session().user] if klass == Tag: return [dict(tagger=x.tagger.username,taggee=x.taggee.username) for x in Tag.for_user(get_session().user)] if klass == Session: return [get_session()]
def add_comment(self, post, content): user = get_session().user if not user: raise AuthException('not logged in') c = Comment(user=user, post=post, content=content) d = { 'i18n': i18n.i18n, 'lang': get_session().language, 'page': 'comment', 'request': request, 'comment': c } return dict(comment=c) #bottle.template('comment', **d)
def owngetter(klass, ids=[]): klass = str2class(klass) # for data that only the logged-in user or admin can access # and *only* that data if isinstance(get_session().user, Admin) or klass == Game: return list(klass.select(IN(klass.q.id, ids))) if klass == Player: return [get_session().user] if klass == Tag: return [ dict(tagger=x.tagger.username, taggee=x.taggee.username) for x in Tag.for_user(get_session().user) ] if klass == Session: return [get_session()]
def auth(*args, **kwargs): info = get_session() setattr(request, 'logged_in', False) setattr(request, 'admin', None) setattr(request, 'station', None) setattr(request, 'player', None) setattr(request, 'user', None) setattr(request, 'session', info) if not info: return func(*args, **kwargs) if not info.user: return func(*args, **kwargs) request.user = info.user request.admin = isinstance(request.user, Admin) request.station = isinstance(request.user, Station) request.player = isinstance(request.user, Player) request.logged_in = True if request.station: info.ttl = 5 * 24 * 60 * 60 info.update_expires() set_cookie(info) # force Players to read the eula if they haven't already if 'eula' not in request.path and request.player and not ( request.user.liability and request.user.safety): # for i in ('liability', 'safety'): # response.set_cookie(i+'_read', '', path='/') redirect('/eula', 303) func_dict = func(*args, **kwargs) if func_dict and isinstance(func_dict, dict): if '/tag/' not in request.path: func_dict['user'] = request.user return func_dict
def login(self, user, passw): ac = valid_creds(user, passw) if not ac: return False get_session().user = ac allow_auth(lambda: None)() return True
def auth(*args, **kwargs): info = get_session() setattr(request, 'logged_in', False) setattr(request, 'admin', None) setattr(request, 'station', None) setattr(request, 'player', None) setattr(request, 'user', None) setattr(request, 'session', info) if not info: return func(*args, **kwargs) if not info.user: return func(*args, **kwargs) request.user = info.user request.admin = isinstance(request.user, Admin) request.station = isinstance(request.user, Station) request.player = isinstance(request.user, Player) request.logged_in = True if request.station: info.ttl = 5*24*60*60 info.update_expires() set_cookie(info) # force Players to read the eula if they haven't already if 'eula' not in request.path and request.player and not (request.user.liability and request.user.safety): # for i in ('liability', 'safety'): # response.set_cookie(i+'_read', '', path='/') redirect('/eula', 303) func_dict = func(*args, **kwargs) if func_dict and isinstance(func_dict, dict): if '/tag/' not in request.path: func_dict['user'] = request.user return func_dict
def register(self, *vals): tmap = [ 'email', 'hashed_pass', 'pass_confirm', 'username', 'name', 'student_num', 'twitter', 'cell', 'language' ] params = { tmap[x]: vals[x] for x in range(0, len(tmap) - 1) if vals[x] != '' } if params['hashed_pass'] != params['pass_confirm']: return dict(result='false', message='pass') del params['pass_confirm'] params['student_num'] = int(params['student_num']) user = (Account.from_username(params['username']) or Player.from_student_num(params['student_num']) or Account.from_email(params['email']) or Player.from_twitter(params['twitter']) or Player.from_cell(params['cell'])) if user: return dict(result='false', message='dup') try: u = Player(**params) get_session().user = u return dict(result='true', message=str(u.id)) except dberrors.DuplicateEntryError, e: return dict(result='false', message='dup')
def get_string(self, path): s = get_session() lang = s.language if not s.user else s.user.language parts = path.split('/') base = i18n.i18n[lang] for part in parts: base = base[part] return base
def do_forgot_password(): email = request.params.get('email',None) if not email: seterr('/forgot_password', 'noemail') u = Account.from_email(email) if not u: seterr('/forgot_password', 'nouser') p = PasswordReset() p.ttl = 24*60*60 # 24 hours p.update_expires() p.user = u msg = MIMEText(i18n.i18n[get_session().language]['passemail']['body'] % p.skey) msg['Subject'] = i18n.i18n[get_session().language]['passemail']['subject'] msg['From'] = '*****@*****.**' s = smtplib.SMTP_SSL(Game.email_host, 465) s.login(Game.email_user,Game.email_pass) s.sendmail(msg['From'], [u.email], msg.as_string()) redirect('/forgot_password?result=success')
def render(self, template, args): merged = {} for k in args: if isinstance(args[k], dict) and 'sqlref' in args[k]: merged[k] = getters[args[k]['sqlref']['name']](args[k]['sqlref']['items']) if 'one' in args[k]: merged[k] = merged[k][0] args.update(merged) args.update({'i18n':i18n.i18n,'lang':get_session().language,'page':template,'request': request}) return bottle.template(template, **args)
def do_login(): usern = request.params['username'] passw = request.params['password'] user = Account.from_username(usern) if not user: seterr('/login','nouser') if not user.verify_pass(passw): seterr('/login','nouser') sess = get_session() # protect against session fixation sess.destroySelf() sess = get_session() sess.user = user if isinstance(user, Station): sess.ttl = +(5*24*60*60) sess.update_expires() set_cookie(sess) loc = request.environ.get('HTTP_REFERER', '/index') if loc == '/': loc = '/index' response.set_header('Location', loc) response.status = 303 return None
def render(self, template, args): merged = {} for k in args: if isinstance(args[k], dict) and 'sqlref' in args[k]: merged[k] = getters[args[k]['sqlref']['name']]( args[k]['sqlref']['items']) if 'one' in args[k]: merged[k] = merged[k][0] args.update(merged) args.update({ 'i18n': i18n.i18n, 'lang': get_session().language, 'page': template, 'request': request }) return bottle.template(template, **args)
def register(self, *vals): tmap = ['email','hashed_pass','pass_confirm','username','name','student_num','twitter','cell','language'] params = {tmap[x]:vals[x] for x in range(0, len(tmap) - 1) if vals[x] != ''} if params['hashed_pass'] != params['pass_confirm']: return dict(result='false',message='pass') del params['pass_confirm'] params['student_num'] = int(params['student_num']) user = (Account.from_username(params['username']) or Player.from_student_num(params['student_num']) or Account.from_email(params['email']) or Player.from_twitter(params['twitter']) or Player.from_cell(params['cell'])) if user: return dict(result='false',message='dup') try: u = Player(**params) get_session().user = u return dict(result='true',message=str(u.id)) except dberrors.DuplicateEntryError, e: return dict(result='false',message='dup')
def lang(*args, **kwargs): i = get_session() if 'lang' in request.params: lang = request.params['lang'] if i.user: i.user.language = lang elif hasattr(request, 'user') and request.logged_in: lang = request.user.language else: lang = i.language i.language = lang func_dict = func(*args, **kwargs) if func_dict is not None and isinstance(func_dict, dict): func_dict['lang'] = lang if request.method == 'GET': func_dict['request'] = request func_dict['started'] = Game.is_started return func_dict
def playback(request, session_id=None): if not session_id: session_list = controller.get_session_list() if not session_list: raise Http404 return render_to_response('playback.html', { 'page_title': 'Playback sessions', 'session_list': session_list }, context_instance=RequestContext(request)) else: session = controller.get_session(session_id) if not session: raise Http404 return render_to_response( 'translate_playback.html', { 'src_document_url': session.src_document.url, 'src_language': session.src_document.language.code, 'tgt_language': session.tgt_language.code, 'session_log': session.log }, context_instance=RequestContext(request))
def playback(request, session_id=None): if not session_id: session_list = controller.get_session_list() if not session_list: raise Http404 return render_to_response( "playback.html", {"page_title": "Playback sessions", "session_list": session_list}, context_instance=RequestContext(request), ) else: session = controller.get_session(session_id) if not session: raise Http404 return render_to_response( "translate_playback.html", { "src_document_url": session.src_document.url, "src_language": session.src_document.language.code, "tgt_language": session.tgt_language.code, "session_log": session.log, }, context_instance=RequestContext(request), )
def self(self): return get_session().user
def logout(self): get_session().destroySelf() allow_auth(lambda: None)() return True
def logged_in(self): return get_session().user is not None
def do_logout(): get_session().destroySelf() redirect('/')
'email', 'hashed_pass', 'pass_confirm', 'username', 'name', 'student_num', 'twitter', 'cell', 'language' ] params = { tmap[x]: vals[x] for x in range(0, len(tmap) - 1) if vals[x] != '' } if params['hashed_pass'] != params['pass_confirm']: return dict(result='false', message='pass') del params['pass_confirm'] params['student_num'] = int(params['student_num']) user = (Account.from_username(params['username']) or Player.from_student_num(params['student_num']) or Account.from_email(params['email']) or Player.from_twitter(params['twitter']) or Player.from_cell(params['cell'])) if user: return dict(result='false', message='dup') try: u = Player(**params) get_session().user = u return dict(result='true', message=str(u.id)) except dberrors.DuplicateEntryError, e: return dict(result='false', message='dup') except Exception, e: return dict(result='false', message=str(e)) build_routes(API(), lambda: get_session().skey)
def post_dict(self, id_): p = Post.get(id_).to_dict() s = get_session() p['content'] = p[s.language if not s.user else s.user.language] return p
def language(self): s = get_session() return s.language if not s.user else s.user.language
def self(self): return get_session().user @property def language(self): s = get_session() return s.language if not s.user else s.user.language def register(self, *vals): tmap = ['email','hashed_pass','pass_confirm','username','name','student_num','twitter','cell','language'] params = {tmap[x]:vals[x] for x in range(0, len(tmap) - 1) if vals[x] != ''} if params['hashed_pass'] != params['pass_confirm']: return dict(result='false',message='pass') del params['pass_confirm'] params['student_num'] = int(params['student_num']) user = (Account.from_username(params['username']) or Player.from_student_num(params['student_num']) or Account.from_email(params['email']) or Player.from_twitter(params['twitter']) or Player.from_cell(params['cell'])) if user: return dict(result='false',message='dup') try: u = Player(**params) get_session().user = u return dict(result='true',message=str(u.id)) except dberrors.DuplicateEntryError, e: return dict(result='false',message='dup') except Exception, e: return dict(result='false',message=str(e)) build_routes(API(), lambda:get_session().skey)
cell = p.get('cell', None) answer = p['answer'] if not question.check(answer): seterr('/register','badanswer') user = (Account.from_username(username) or Player.from_student_num(studentn) or Account.from_email(email) or Player.from_twitter(twitter) or Player.from_cell(cell)) if user: seterr('/register','userexists') u = None try: u = Player(name=name,username=username,hashed_pass=password,language=language,student_num=studentn, email=email,twitter=twitter,cell=cell,liability=True,safety=True) except dberrors.DuplicateEntryError, e: seterr('/register', 'userexists') if hasattr(request, 'station') and not request.station and not request.admin: sess = get_session() sess.user = u set_cookie(sess) # only obliterate the form data when player is successfully created request.session.data = None redirect('/thanks',303) # end of non-auth pages @route('/thanks') @mview('thanks') @allow_auth @lang @require_auth def view_thanks(): return dict()