def lecture_vtimetable():
current_year = datetime.now().year
recommend = []
if session.get_account():
try:
analogue = LectureAnalogue.objects(
campus_id=session.get_account().campus_id,
student_id=session.get_account().student_id
).get()
lectures1 = Lecture.objects(students__in=[session.get_account().student_id])
lectures2 = Lecture.objects(students__in=[analogue.target])
lectures1 = set([l.subject_code for l in lectures1])
lectures2 = set([l.subject_code for l in lectures2])
lectures = lectures2 - lectures1
for lecture in lectures:
try:
lecture = Lecture.objects(subject_code=lecture)[0]
recommend.append(lecture.subject_name)
except:
pass
except:
pass
return render_template('module/lecture/vtimetable.html', current_year=current_year, recommend=recommend)
def lecture_my():
if not session.get_account():
return abort(403)
lectures = []
c_lectures = []
year = -1
term = -1
for lecture in Lecture.objects(Q(students__in=[session.get_account().student_id]) | Q(admins__in=[session.get_account().id])).\
order_by('-year', '-term'):
if lecture.year != year or lecture.term != term:
lectures.append(c_lectures)
c_lectures = []
year = lecture.year
term = lecture.term
c_lectures.append(lecture)
lectures.append(c_lectures)
lectures = lectures[1:]
return render_template('module/lecture/my.html', lectures=lectures)
def account_mypage():
if not session.get_account():
return abort(403)
return render_template('module/account/information.html')
def account_logout():
if not session.get_account():
return abort(403)
session.del_account(session.get_account())
return redirect('/')
def oauth2_authorize():
client_id = request.args.get('client_id')
redirect_uri = request.args.get('redirect_uri')
response_type = request.args.get('response_type')
scope = [scope.strip() for scope in request.args.get('scope', '').split(',')]
if not (client_id and redirect_uri and response_type):
return jsonify({'error': 'invalid_request'}), 400
try:
client = ApplicationOAuth2Client.objects(id=client_id).get()
except ApplicationOAuth2Client.DoesNotExist:
return jsonify({'error': 'unauthorized_client'}), 400
check_redirect_uri = False
for accept_redirect_uri in client.redirect_uris:
if redirect_uri.startswith(accept_redirect_uri):
check_redirect_uri = True
if not check_redirect_uri:
return 'redirect_uri error', 400
if not session.get_account():
if request.method == 'GET':
return render_template('api/oauth2/login.html')
else:
account_id = request.form.get('account_id')
account_pw = request.form.get('account_pw')
from opencampus.module.account.models import Account
try:
Account.login(account_id, account_pw)
except:
return render_template('api/oauth2/login.html')
check_accept = True
try:
accept = OAuth2AccountAccept.objects(client_id=client_id, account_id=session.get_account().id).get()
for s in scope:
if accept and s not in accept.scope:
check_accept = False
except OAuth2AccountAccept.DoesNotExist:
check_accept = False
accept = None
if not check_accept:
if request.method == 'GET':
return render_template('api/oauth2/permission.html',
app=Application.objects(id=client.application_id).get(),
scope=scope,
scope_name=SCOPE)
elif request.method == 'POST':
token = session.get('csrf_token')
if not token or token != request.form.get('csrf_token'):
return abort(403)
if not accept:
accept = OAuth2AccountAccept()
accept.client_id = client_id
accept.account_id = session.get_account().id
accept.created_at = datetime.utcnow()
accept.scope = scope
accept.save()
if response_type == 'token':
token = OAuth2AccessToken.create_token('account', session.get_account().id, client_id=client.id, scope=accept.scope)
token.save()
return redirect(redirect_uri + '?access_token=' + token.access_token)
elif response_type == 'code':
code = OAuth2AuthorizationCode.create_code(client.id, session.get_account().id, scope=accept.scope)
return redirect(redirect_uri + '?code=' + code.code)
else:
return jsonify({'error': 'unsupported_response_type'}), 400
def lecture_my_sync_lecture():
if not session.get_account():
return abort(403)
request.campus.get_gateway().sync_student_lecture(session.get_account())
return redirect(url_for('campus.lecture_my'))
def lecture_auth_admin_method(year, term, code):
lecture = Lecture.get_lecture(year, term, code)
# TODO : Remove
lecture.email = '*****@*****.**'
lecture.phone = '+821051277004'
if not session.get_account():
return '<p>로그인 후 사용해주세요</p>'
from opencampus.module.lecture.authmodels import LectureAuthRequestInfo
if request.form.get('type') == 'email':
if not lecture.email:
return '강의정보에 이메일이 등록되어 있지 않습니다'
at_index = lecture.email.find('@')
email_view = '*' * (at_index-3) + lecture.email[at_index-3:]
if at_index < 3:
email_view = '*' * at_index + lecture.email[at_index:]
try:
from opencampus.common.sendmail import send_email
send_email('[오픈캠퍼스] 관리자 인증 메일 - %s년 %s학기 %s(%s)' % (lecture.year, lecture.get_term_text(),
lecture.code, lecture.subject_name),
render_template('module/lecture/detail/sendemail.html', lecture=lecture,
auth_code=LectureAuthRequestInfo.create_request(lecture.id, 'email', session.get_account().id)),
[lecture.email])
except Exception as e:
print(e)
return '<p>메일 발송 도중 에러가 발생하였습니다</p>'
return '<p>%s으로 이메일이 발송되었습니다.</p><p>이메일에 기재되어 있는 방법을 이용하여 인증을 진행하여 주십시오.</p>' % email_view
if request.form.get('type') == 'ars':
if not lecture.phone:
return '강의정보에 전화번호가 등록되어 있지 않습니다'
phone_view = lecture.phone[:7] + '*' * (len(lecture.phone) - 7)
body = '<p>%s으로 ARS가 발송되었습니다.</p><p>전화를 받으신 후 아래의 인증코드를 입력하신후 # 버튼을 눌러주세요.</p>' % phone_view
body += '<div class="well well-sm"><h2>3333</h2></div>'
return body
if request.form.get('type') == 'sms':
if not lecture.phone:
return '강의정보에 전화번호가 등록되어 있지 않거나 휴대폰 번호가 아닙니다'
phone_view = lecture.phone[:7] + '*' * (len(lecture.phone) - 7)
auth_code = LectureAuthRequestInfo.create_request(lecture.id, 'sms', session.get_account().id)
from twilio.rest import TwilioRestClient
account_sid = app.config.get('TWILIO_ACCOUNT_SID')
auth_token = app.config.get('TWILIO_AUTH_TOKEN')
client = TwilioRestClient(account_sid, auth_token)
message = client.messages.create(body="[오픈캠퍼스 인증] 인증번호 %s" % auth_code,
to=lecture.phone,
from_="+18559731333")
body = '<p>%s으로 SMS가 발송되었습니다.</p><p>수신된 인증코드를 입력하여 주시기 바랍니다.</p>' % phone_view
body += '<form action="%s" method="GET">' % url_for('campus.lecture_auth_admin_method_cb', year=year, term=term, code=code)
body += '<input type="number" name="auth_code" class="form-control input-lg" placeholder="인증번호">'
body += '<button type="submit" class="btn btn-danger btn-lg">인증</button>'
body += '</form>'
return body
if request.form.get('type') == 'manual':
body = '<p>해당 강의 정보와 관리자임을 증빙 할 수 있는 서류 등을 첨부하여</p>'
body += '<p><a href="mailto:[email protected]">[email protected]</a>로 보내주시기 바랍니다.</p>'
return body
return '비정상 접근'
def decorated(*args, **kwargs):
lecture = Lecture.get_lecture(kwargs.get('year', None), kwargs.get('term', None), kwargs.get('code', None))
if session.get_account().id not in lecture.admins:
return abort(403)
return f(*args, **kwargs)
