def register(username,password,email):
'''验证用户是否存在 ,不存在就添加到数据库'''
if User.is_exists(username):
return {'msg':'username already exits'}
hash_pass = hash_it(password)
User.add_user(username,hash_pass,email)
return {'msg':'ok'}
def register(username, password, email):
"""
把用户注册信息添加进数据库
"""
if User.is_exists(username):
return {'msg': 'username is exists'}
hash_pass = hash_it(password)
User.add_user(username, password=hash_pass, email=email)
return {'msg': 'ok'}
def register(db_session, username, password):
"""
用于处理注册逻辑,将用户信息保存到数据库
:param username:
:param password:
:return:
"""
if User.is_exist(db_session, username):
return 'user is existed'
else:
return User.add_user(db_session, username, hashed(password))
def post(self, *args, **kwargs):
username = self.get_argument('username', None) #获取账号密码
password = self.get_argument('password', None)
passed = authenticate(username, password) #存在:验证身份
if passed: #如果身份验证成功
self.session.set('user_info', username) #set一个session,内容为username
User.update_last_login(username)
next = self.get_argument('next', '/') #获取下next参数
self.redirect(next) #跳转到next
else: #验证身份失败:页面打印login fail
self.write('login fail')
def register(username, password):
"""
注册用户,增加用户信息到数据库
:param username:
:param password:
:return:
"""
if not User.is_exists(username):
User.add_user(username, hashed(password))
return {'msg': 'ok'}
else:
return {'msg': '用户名已存在,请重新注册. '}
def register(username, password):
"""
注册
:param username:
:param password:
:return:
"""
if User.is_exists(username):
return {'msg': username}
hash_pass = hash_it(password)
User.add(username, hash_pass)
return {'msg': 'ok'}
def authenticate(username, password):
'''
进行身份验证
:param username: 用户名
:param password: 密码
:return: 返回身份是否正确
'''
if username and password:
if User.get_password(username) and hash_it(
password) == User.get_password(username): #
return True
return False
def test_normal_scenario_with_two_users(self):
# First create some users
user1 = User.create_user(self.session, 'user1', 'abcd')
user2 = User.create_user(self.session, 'user2', 'abcd')
# Make sure user1 has 1 BTC for later deposit into a futures contract
btc = Asset.create_asset('BTC')
user1.increase_volume_of_asset(self.session, btc, Decimal('1'))
# Create a futures contract worth 1 BTC in +14 days
contract, asset = FuturesContract.create_contract(
self.session, user1,
datetime.now() + timedelta(days=14), btc, Decimal('1'), 'FUTURE',
Decimal('100'))
# This will fail if user1 has insufficient funds (i.e. < 1 BTC)
assert contract is not None
assert asset is not None
self.session.commit()
# Create an order for this contract (i.e. newly created asset)
usd = Asset.create_asset('USD')
ask_order = Order.create_order(self.session, user1, Decimal('20'), usd,
contract, Decimal('50'), False,
OrderType.limit_order.value)
# Make sure we have enough funds
assert ask_order is not None
self.session.commit()
# Put order into market
assert put_order(self.session, ask_order) is None
# Create a bid order from user2
user2.increase_volume_of_asset(self.session, usd, Decimal('20'))
bid_order1 = Order.create_order(self.session, user2, Decimal('20'),
usd, contract, Decimal('50'), True,
OrderType.limit_order.value)
# Make sure we have enough funds
assert bid_order1 is not None
transaction = put_order(self.session, bid_order1)
assert isinstance(transaction, Transaction)
assert transaction.ask_order is ask_order
assert transaction.bid_order is bid_order1
contract.expire(self.session)
assert user1.volume_of_asset(self.session, btc) == Decimal('0.5')
assert user2.volume_of_asset(self.session, btc) == Decimal('0.5')
# Run it again. Must be idempotent.
contract.expire(self.session)
assert user1.volume_of_asset(self.session, btc) == Decimal('0.5')
assert user2.volume_of_asset(self.session, btc) == Decimal('0.5')
def post(self, *args, **kwargs):
next_url = self.get_argument('next', '')
username = self.get_argument('username', '')
password = self.get_argument('password', '')
login_correct = login_verify(self.db_session, username, password)
if login_correct:
self.session.set('USER', username)
User.update_login_status(self.db_session, username)
self.redirect(next_url)
elif login_correct == None:
self.render('signup.html', msg='你还未注册')
else:
self.render('login.html', next_url=next_url)
def register(self, password):
"""
用户注册
:param password:
:return:
"""
if not User.user_is_exists(username=self.username, session=self.db):
User.add_user(username=self.username,
password=hashed(password),
session=self.db)
return {'msg': 'ok'}
else:
return {'msg': '此用户已经存在'}
def register():
username = request.form.get('username')
password = request.form.get('password')
password_repeat = request.form.get('password_repeat')
if not user or not password or not password_repeat:
return jsonify(code=101, msg=u'参数不全')
if password_repeat != password:
return jsonify(code=101, msg=u'密码不一致')
row = User(username=username)
row.set_password(password)
db.session.add(row)
db.session.commit()
return jsonify(code=200, msg=u'注册成功')
def test_normal_scenario_with_two_users(self):
# First create some users
user1 = User.create_user(self.session, "user1", "abcd")
user2 = User.create_user(self.session, "user2", "abcd")
# Make sure user1 has 1 BTC for later deposit into a futures contract
btc = Asset.create_asset("BTC")
user1.increase_volume_of_asset(self.session, btc, Decimal("1"))
# Create a futures contract worth 1 BTC in +14 days
contract, asset = FuturesContract.create_contract(
self.session, user1, datetime.now() + timedelta(days=14), btc, Decimal("1"), "FUTURE", Decimal("100")
)
# This will fail if user1 has insufficient funds (i.e. < 1 BTC)
assert contract is not None
assert asset is not None
self.session.commit()
# Create an order for this contract (i.e. newly created asset)
usd = Asset.create_asset("USD")
ask_order = Order.create_order(
self.session, user1, Decimal("20"), usd, contract, Decimal("50"), False, OrderType.limit_order.value
)
# Make sure we have enough funds
assert ask_order is not None
self.session.commit()
# Put order into market
assert put_order(self.session, ask_order) is None
# Create a bid order from user2
user2.increase_volume_of_asset(self.session, usd, Decimal("20"))
bid_order1 = Order.create_order(
self.session, user2, Decimal("20"), usd, contract, Decimal("50"), True, OrderType.limit_order.value
)
# Make sure we have enough funds
assert bid_order1 is not None
transaction = put_order(self.session, bid_order1)
assert isinstance(transaction, Transaction)
assert transaction.ask_order is ask_order
assert transaction.bid_order is bid_order1
contract.expire(self.session)
assert user1.volume_of_asset(self.session, btc) == Decimal("0.5")
assert user2.volume_of_asset(self.session, btc) == Decimal("0.5")
# Run it again. Must be idempotent.
contract.expire(self.session)
assert user1.volume_of_asset(self.session, btc) == Decimal("0.5")
assert user2.volume_of_asset(self.session, btc) == Decimal("0.5")
def register(name, password, email):
'''
注册
:param name: 用户名
:param password: 密码
:param email: 邮箱
:return: ok/user is exists
'''
if User.exists_it(name):
return 'user is exists'
pw = hash_it(password)
print(name, pw, password)
User.add_user(name, pw, email)
return 'ok'
def _gen_analytics(self):
log.info('Hourly Analytic Generator Stated')
hours = int(self.request.get('hours', 1))
for h in reversed(xrange(hours)):
log.info('Generation for hour %s', h)
start = datetime.now().replace(minute=0, second=0,
microsecond=0) - timedelta(hours=h)
log.info('Start Time: %s', start)
ana_count = 0
orgs = Organization.query()
for org in orgs.iter(keys_only=True, limit=3):
log.info('Generating Analytics for %s', org.id())
users = User.query(User.organization == org).order(
User.first_name)
for usr in users.iter(keys_only=True, limit=3):
ana_count += self._create_analytic(start=start,
org=org,
usr=usr)
ana_count += self._create_analytic(start=start)
log.info(
'Hourly Analytic Generator Finished: %s Analytics created',
ana_count)
def get(self, verification_id):
if not verification_id:
return HttpErrorException.bad_request('no verification id given')
if self.request.get('username') == '':
return HttpErrorException.bad_request('no username given')
user = User.get_by_id(self.request.get('username'))
if not user:
return HttpErrorException.bad_request('invilad username')
if user.email_verification.verify_id == verification_id:
user.email_verification.verified = True
user.put()
lr = tt_logging.construct_log(
msg_short='User has verified their email',
msg='User has verified their email: ' + user.email,
log_type=tt_logging.USER, affected_user=user
)
log.info(lr['dict_msg']['msg'], extra=lr)
self.redirect('/')
else:
return HttpErrorException.bad_request('invalid verification id')
def post(self, user_id=None):
if not user_id:
raise HttpErrorException.bad_request('no user id given')
user = User.get_by_id(user_id)
if not user:
raise HttpErrorException.bad_request('invalid user id given')
if user != self.user and not self.user.is_super_admin:
lr = tt_logging.construct_log(
msg_short='Non-Admin User try to Alter Another User\'s Billing',
msg='User (%s) attemped to change another user\'s (%s) '
'billing information' % (self.user.key.id(), user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user, affected_user=user,
request=self.request
)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
if self.json_request.get('subscribe'):
pay_plan = self.json_request.get('subscribe')
if user.is_billable_account():
raise HttpErrorException.bad_request('user already has billable account')
checkout_url = user.setup_billable_account(pay_plan)
self.write_json_response({'checkout_url': checkout_url})
def get(self, memberkey, *args, **kwargs):
member = User.getbykey(memberkey)
context = {
'member': member,
}
self.response.out.write(self.loadtemplate(context))
def test_cancel_contract(self):
# Create a user and asset
user = User.create_user(self.session, 'user', 'abcd')
usd = Asset.create_asset('USD')
self.session.add_all([user, usd])
self.session.commit()
# Add funds to user1 so that we can create a contract
user.increase_volume_of_asset(self.session, usd, Decimal('1'))
# Let this user create a contract
contract, asset = FuturesContract.create_contract(
self.session, user,
datetime.now() + timedelta(days=14), usd, Decimal('1'), 'FUTURE',
Decimal('100'))
assert contract is not None
assert asset is not None
# Now, money have been withdrawn from user1's account
assert user.volume_of_asset(self.session, usd) == Decimal('0')
# Cancel the contract
assert contract.cancel(self.session) is True
assert inspect(contract).deleted is True
assert user.volume_of_asset(self.session, usd) == Decimal('1')
# OK, the contract is cancelled.
# Now do the same thing, but this time, create an order and verify that the cancelled flag is set instead
contract, asset = FuturesContract.create_contract(
self.session, user,
datetime.now() + timedelta(days=14), usd, Decimal('1'), 'FUTURE',
Decimal('100'))
assert contract is not None
assert asset is not None
assert user.volume_of_asset(self.session, usd) == Decimal('0')
ask_order = Order.create_order(self.session, user, Decimal('20'), usd,
contract, Decimal('50'), False,
OrderType.limit_order.value)
assert ask_order is not None
assert user.volume_of_asset(self.session, asset) == Decimal('50')
# Assert that we cannot cancel the contract if there are created orders
assert contract.cancel(self.session) is False
# Put order into market
assert put_order(self.session, ask_order) is None
# Assert that we cannot cancel the contract if there are orders in the market
assert contract.cancel(self.session) is False
# It should be possible to cancel this order
assert ask_order.cancel(self.session) is True
assert user.volume_of_asset(self.session, asset) == Decimal('100')
# Check that order is in the expected state
assert contract.cancel(self.session) is True
assert inspect(contract).deleted is False
assert contract.cancelled is True
def authenticate(username,password):
'''密码验证 防止用户 输入空 密码'''
if username and password:
hash_password =User.get_pass(username)
if hash_password and hash_it(password)== hash_password:
return True
return False
def put(self, user=None):
gc = GlobalConfig.get_configs()
if not gc.allow_user_registration:
self.redirect('/register/disabled/', abort=True)
if self.json_request.get('organization'):
return HttpErrorException.forbidden()
User.new(self.json_request, request=self.request, worldshare_group=Group.get_worldshare_key())
creds = GenericCredentials(self.json_request.get('username'), self.json_request.get('password'))
if not creds.authenticate():
raise HttpErrorException.bad_request('faild to authinicate')
session = login(self.request, creds, User)
self.response.set_cookie('auth_user', base64.b64encode(creds.username))
self.response.set_cookie('user', creds.username)
self.response.set_cookie('auth_token', session.token)
def put(self, user_id=None):
if not self.user.is_admin:
lr = tt_logging.construct_log(
msg_short='Non-Admin User Try Create New User',
msg='User (%s) attemped to create a new user' % (self.user.key.id()),
log_type=tt_logging.SECURITY, request_user=self.user,
request=self.request
)
log.warning(lr['dict_msg']['msg'], extra=lr)
raise HttpErrorException.forbidden()
if self.json_request.get('username'):
org = None
if self.json_request.get('organization'):
org = Organization.get_by_id(self.json_request.get('organization'))
User.new(self.json_request, verify_email=False, request=self.request,
worldshare_group=Group.get_worldshare_key(), organization=org)
def test_cancel_contract(self):
# Create a user and asset
user = User.create_user(self.session, "user", "abcd")
usd = Asset.create_asset("USD")
self.session.add_all([user, usd])
self.session.commit()
# Add funds to user1 so that we can create a contract
user.increase_volume_of_asset(self.session, usd, Decimal("1"))
# Let this user create a contract
contract, asset = FuturesContract.create_contract(
self.session, user, datetime.now() + timedelta(days=14), usd, Decimal("1"), "FUTURE", Decimal("100")
)
assert contract is not None
assert asset is not None
# Now, money have been withdrawn from user1's account
assert user.volume_of_asset(self.session, usd) == Decimal("0")
# Cancel the contract
assert contract.cancel(self.session) is True
assert inspect(contract).deleted is True
assert user.volume_of_asset(self.session, usd) == Decimal("1")
# OK, the contract is cancelled.
# Now do the same thing, but this time, create an order and verify that the cancelled flag is set instead
contract, asset = FuturesContract.create_contract(
self.session, user, datetime.now() + timedelta(days=14), usd, Decimal("1"), "FUTURE", Decimal("100")
)
assert contract is not None
assert asset is not None
assert user.volume_of_asset(self.session, usd) == Decimal("0")
ask_order = Order.create_order(
self.session, user, Decimal("20"), usd, contract, Decimal("50"), False, OrderType.limit_order.value
)
assert ask_order is not None
assert user.volume_of_asset(self.session, asset) == Decimal("50")
# Assert that we cannot cancel the contract if there are created orders
assert contract.cancel(self.session) is False
# Put order into market
assert put_order(self.session, ask_order) is None
# Assert that we cannot cancel the contract if there are orders in the market
assert contract.cancel(self.session) is False
# It should be possible to cancel this order
assert ask_order.cancel(self.session) is True
assert user.volume_of_asset(self.session, asset) == Decimal("100")
# Check that order is in the expected state
assert contract.cancel(self.session) is True
assert inspect(contract).deleted is False
assert contract.cancelled is True
def authenticate(username, password):
"""
验证用户账号信息
"""
if username and password:
hash_pass = User.get_pass(username)
if hash_pass and hash_it(password) == hash_pass:
return True
return False
def post(self, user_id=None):
if not user_id:
raise HttpErrorException.bad_request('No user id given')
user = User.get_by_id(user_id)
if not user:
raise HttpErrorException.bad_request('invalid user id given')
user.edit(self.request, self.json_request, self.user)
def get(self):
email = self.request.get('email')
if email == '':
raise HttpErrorException.bad_request('no email given')
user = User.query(User.email == email).get()
if not user:
raise HttpErrorException.bad_request('invalid email given')
user.send_username_email()
def get(self, user_id=None):
if user_id is not None:
if user_id == 'anonymous':
self.write_json_response({'username': '******'})
else:
user = User.get_by_id(user_id)
if not user:
self.write_json_response({'username': '******'})
else:
self.write_json_response({'username': '******'})
else:
user_id = self.request.get('username')
if user_id is None or user_id == '' or user_id == 'anonymous':
self.response.write('false')
else:
user = User.get_by_id(user_id)
if not user:
self.response.write('true')
else:
self.response.write('false')
def getuser(self):
if hasattr(self, '_user'):
user = self._user
else:
user = users.get_current_user()
if user:
from models.account import User
query = User.query(User.userid == user.user_id())
user_obj = query.get()
if user_obj:
user = user_obj
else:
# Don't bother to save to the database until they change
# some settings.
user = User(userid=user.user_id(),
email=user.email())
self._user = user
return user
def step_impl(context):
context.email = '*****@*****.**'
context.password = '******'
with context.app.app_context():
context.user = User(
email=context.email,
password="******",
)
db.session.add(context.user)
db.session.commit()
def step_impl(context):
context.email = '*****@*****.**'
context.password = '******'
with context.app.app_context():
context.user = User(
email=context.email,
password=context.password,
)
db.session.add(context.user)
db.session.commit()
def authenticate(self, password):
"""
用户名和密码验证
:param password: 密码
:return: True 或者 False True代表验证通过,False代表验证没过
"""
hash_password = hashed(password)
if hash_password == User.get_password(username=self.username,
session=self.db):
return True
else:
return False
def authenticate(username, password, db_session):
"""
校验用户名和密码是否符合记录
:param username:
:param password:
:return:
"""
if username and password:
hashed_password = User.get_pass(username, db_session)
return hashed(password) == hashed_password
else:
return False
def add_post_for(username, img_url, thumb_url):
"""
posts表增加数据
:param username:
:param img_url:
:param thumb_url:
:return:
"""
user = User.query(username)
post = Post(img_url=img_url, user=user, thumb_url=thumb_url)
session.add(post)
session.commit()
return post
def get(self, *args, **kwargs):
members = {}
for rank in self.rankmodel.hierarchy():
query = User.query(User.rankkey == rank.key)
members[rank.name] = {}
members[rank.name]['results'] = query
members[rank.name]['hasmembers'] = query.count(1) > 0
context = {
'members': members,
'hierarchy': self.rankmodel.hierarchy(),
}
self.response.out.write(self.loadtemplate(context))
def run():
gc = GlobalConfig.get_configs()
users = User.query()
for user in users.iter():
log.info('Check ' + user.username + ' account status')
if runtime.is_shutting_down():
break
if user.account_status == payment.TRIAL or user.account_status == payment.TRIAL_EXPIRED:
expire_date = user.account_expire_date + timedelta(days=gc.trial_expiring_grace_period)
days_till_expire = (expire_date - datetime.now()).days
log.info(user.username + ' account expires in ' + str(days_till_expire))
if days_till_expire in gc.trial_expiring_email_intervales:
log.info(user.username + '\'s trial expires in ' + str(days_till_expire) + ' days')
mail.send_trial_ending_email(days_till_expire, user, gc)
elif days_till_expire == 0:
log.info(user.username + '\'s trial has expired')
user.account_statue = payment.TRIAL_EXPIRED
user.put()
mail.send_trial_ended_email(user, gc)
elif days_till_expire * -1 in gc.trial_expired_email_intervales:
user.account_statue = payment.TRIAL_EXPIRED
user.put()
mail.send_after_trial_ended_email(days_till_expire * -1, user, gc)
elif user.account_status != payment.ORG and user.account_status != payment.SUB:
expire_date = user.account_expire_date + timedelta(days=gc.acct_expiring_grace_period)
days_till_expire = (expire_date - datetime.now()).days
log.info(user.username + ' account expires in ' + str(days_till_expire))
if days_till_expire in gc.acct_expiring_email_intervales and user.account_status != payment.SUB:
log.info(user.username + '\'s account expires in ' + str(days_till_expire) + ' days')
mail.send_account_expiring_email(days_till_expire, user, gc)
elif days_till_expire == 0:
log.info(user.username + '\'s account has expired')
user.account_statue = payment.EXPIRED
user.put()
mail.send_account_expired_email(user, gc)
elif days_till_expire * -1 in gc.acct_expired_email_intervales:
user.account_statue = payment.EXPIRED
user.put()
mail.send_after_account_expired_email(days_till_expire * -1, user, gc)
else:
log.info('Nothing to check')
if runtime.is_shutting_down():
log.warning('Had to stop notifing users, backend receaved shut donw request')
def _distribute_spectra_points(self):
q = User.query()
users = []
for user in q.iter():
print user.username, user.spectra_count
user.spectra_count += 100
users.append(user)
if len(users) > 1000:
ndb.put_multi(users)
users = []
ndb.put_multi(users)
def test_insufficient_funds(self):
# Create a user and asset
user = User.create_user(self.session, "user", "abcd")
usd = Asset.create_asset("USD")
self.session.add_all([user, usd])
self.session.commit()
# This user creates a contract without proper funding
contract, asset = FuturesContract.create_contract(
self.session, user, datetime.now() + timedelta(days=14), usd, Decimal("1"), "FUTURE", Decimal("100")
)
# Assert that this does not work
assert contract is None
assert asset is None
def get(self, memberkey):
target = User.getbykey(memberkey)
return self.render(receiver=target)
def post(self, memberkey):
receiver = User.getbykey(memberkey)
return self.saveform(receiver=receiver)
def get(self, memberkey, *args, **kwargs):
member = User.getbykey(memberkey)
self.user.following.remove(member)
self.user.put()
self.redirect('/members/%s' % memberkey)
def _change_password(user, password):
user.token = create_token(16)
user.passwd = User.create_password(password)
account_login(user)
db.session.add(user)
