def authenticate(self, login=None, password=None):
if login is not None:
res = db.fetchone("SELECT id, login FROM users.logins "
"WHERE lower(login)=%s AND password=%s;",
[login.lower(), self._passhash(password)])
if not res:
self.id = None
self.login = None
raise NotAuthorized
self.id = res['id']
self.login = res['login']
self._get_avatar()
elif not self.id:
raise NotAuthorized
sess = Session()
sess['id'] = self.id
sess['login'] = self.login
sess.save()
add_session(self, sess.sessid)
return sess.sessid
def profile():
errors = []
if env.request.method == 'POST':
if env.user.check_password_set():
try:
if not env.user.check_password(env.request.args(
'password', '')):
errors.append('password')
except KeyError:
errors.append('password')
if env.request.args('remove-avatar'):
old = env.user.get_info('avatar')
if old:
old = old.rsplit('?')[0]
remove_avatar(old)
env.user.set_info('avatar', None)
else:
if env.request.args('avatar'):
if not errors:
avatar = env.request.args('avatar', '')
if isinstance(avatar, (list, tuple)):
avatar = avatar[0]
ext = avatar.split('.').pop().lower()
if ext not in ['jpeg', 'jpg', 'gif', 'png']:
errors.append('filetype')
else:
filename = ('%s.%s' % (env.user.login, ext)).lower()
old = env.user.get_info('avatar')
if old:
old = old.rsplit('?')[0]
avatar_file = env.request.files('avatar')
if isinstance(avatar_file, (list, tuple)):
avatar_file = avatar_file[0]
make_avatar(avatar_file,
filename,
remove=True,
old=old)
env.user.set_info(
'avatar',
'%s?r=%d' % (filename, randint(1000, 9999)))
#try:
# bday = int(env.request.args('birthdate-day'))
# bmon = int(env.request.args('birthdate-month'))
# byear = int(env.request.args('birthdate-year'))
# env.user.set_info('birthdate', datetime(byear, bmon, bday))
#except (KeyError, ValueError):
# pass
#try:
# env.user.set_info('gender',
# {'1':True, '0':False, '':None}[env.request.args('gender')])
#except KeyError:
pass
for name, field in _info_form.iteritems():
v = env.request.args(name, '').decode('utf-8')
if v is None:
continue
if 'type' in field:
try:
v = field['type'](v)
except:
errors.append(name)
if 'check' in field and not field['check'](v):
errors.append(name)
continue
env.user.set_info(name, v)
for name, field in _profile_form.iteritems():
v = env.request.args(name, '').decode('utf-8')
if v is None:
continue
if 'type' in field:
try:
if field['type'] in (int, long, float) and v == '':
continue
v = field['type'](v)
except (TypeError, ValueError):
errors.append(name)
continue
if 'check' in field and not field['check'](v):
errors.append(name)
continue
env.user.set_profile(name, v)
new_password = env.request.args('new-password')
confirm = env.request.args('confirm')
if new_password:
if new_password != confirm:
errors.append('confirm')
else:
env.user.set_password(new_password)
if not errors:
blogcss = env.request.args('www.blogcss', '').strip()
env.user.set_profile('www.usercss', blogcss)
#if blogcss:
# try:
# fd = open(os.path.join(settings.blogcss_path,
# '%s.css' % env.user.login), 'w')
# fd.write(blogcss)
# fd.close()
# env.user.set_profile('www.blogcss',
# '%s.css?r=%d' % \
# (env.user.login, randint(1000, 9999)))
# except IOError:
# pass
#else:
# try:
# os.unlink(os.path.join(settings.blogcss_path,
# '%s.css' % env.user.login))
# except OSError:
# pass
# env.user.set_profile('www.blogcss', None)
usercss = env.request.args('www.usercss', '').strip()
env.user.set_profile('www.usercss', usercss)
#if usercss:
# try:
# fd = open(os.path.join(settings.usercss_path,
# '%s.css' % env.user.login), 'w')
# fd.write(usercss)
# fd.close()
# env.user.set_profile('www.usercss',
# '%s.css?r=%d' % \
# (env.user.login, randint(1000, 9999)))
# except IOError:
# pass
#else:
# try:
# os.unlink(os.path.join(settings.blogcss_path,
# '%s.css' % env.user.login))
# except OSError:
# pass
# env.user.set_profile('www.usercss', None)
if not errors:
new_login = env.request.args('login', '').strip()
if env.user.login != new_login:
sess = Session()
add_session(env.user, sess.sessid)
try:
users.rename(new_login)
except (UserLoginError, UserExists):
errors.append('invalid-login')
except RenameError:
#errors.append('rename-timeout')
pass
if not errors:
env.user.save()
return Response(redirect='%s://%s.%s/profile?saved=1' % \
(env.request.protocol, env.user.login, settings.domain))
saved = bool(env.request.args('saved'))
info = env.user.get_info()
profile = {}
for k in _profile_form:
val = env.user.get_profile(k)
if k.find('.') > -1:
t, k = k.split('.', 1)
#t = 'profile_%s' % t
if not t in profile:
profile[t] = {}
profile[t][k] = val
else:
profile[k] = val
#_profile = { k:env.user.get_profile(k) for k in keys }
#if env.request.method == 'GET':
#if profile['www']['blogcss']:
# try:
# with open(os.path.join(settings.blogcss_path,
# '%s.css' % env.user.login)) as fd:
# profile['www']['blogcss'] = fd.read()
# except IOError:
# profile['www']['blogcss'] = ''
#
#if profile['www']['usercss']:
# try:
# with open(os.path.join(settings.usercss_path,
# '%s.css' % env.user.login)) as fd:
# profile['www']['usercss'] = fd.read()
# except IOError:
# profile['www']['usercss'] = ''
return render('/profile/index.html',
saved=saved,
errors=errors,
info=info,
profile=profile,
tzlist=tzlist())
def profile():
errors = []
if env.request.method == 'POST':
if env.user.check_password_set():
try:
if not env.user.check_password(env.request.args('password', '')):
errors.append('password')
except KeyError:
errors.append('password')
if env.request.args('remove-avatar'):
old = env.user.get_info('avatar')
if old:
old = old.rsplit('?')[0]
remove_avatar(old)
env.user.set_info('avatar', None)
else:
if env.request.args('avatar'):
if not errors:
avatar = env.request.args('avatar', '')
if isinstance(avatar, (list, tuple)):
avatar = avatar[0]
ext = avatar.split('.').pop().lower()
if ext not in ['jpeg', 'jpg', 'gif', 'png']:
errors.append('filetype')
else:
filename = ('%s.%s' % (env.user.login, ext)).lower()
old = env.user.get_info('avatar')
if old:
old = old.rsplit('?')[0]
avatar_file = env.request.files('avatar')
if isinstance(avatar_file, (list, tuple)):
avatar_file = avatar_file[0]
make_avatar(avatar_file, filename, remove=True, old=old)
env.user.set_info('avatar',
'%s?r=%d' % (filename, randint(1000, 9999)))
#try:
# bday = int(env.request.args('birthdate-day'))
# bmon = int(env.request.args('birthdate-month'))
# byear = int(env.request.args('birthdate-year'))
# env.user.set_info('birthdate', datetime(byear, bmon, bday))
#except (KeyError, ValueError):
# pass
#try:
# env.user.set_info('gender',
# {'1':True, '0':False, '':None}[env.request.args('gender')])
#except KeyError:
pass
for name, field in _info_form.iteritems():
v = env.request.args(name, '').decode('utf-8')
if v is None:
continue
if 'type' in field:
try:
v = field['type'](v)
except:
errors.append(name)
if 'check' in field and not field['check'](v):
errors.append(name)
continue
env.user.set_info(name, v)
for name, field in _profile_form.iteritems():
v = env.request.args(name, '').decode('utf-8')
if v is None:
continue
if 'type' in field:
try:
if field['type'] in (int, long, float) and v == '':
continue
v = field['type'](v)
except (TypeError, ValueError):
errors.append(name)
continue
if 'check' in field and not field['check'](v):
errors.append(name)
continue
env.user.set_profile(name, v)
new_password = env.request.args('new-password')
confirm = env.request.args('confirm')
if new_password:
if new_password != confirm:
errors.append('confirm')
else:
env.user.set_password(new_password)
if not errors:
blogcss = env.request.args('www.blogcss', '').strip()
env.user.set_profile('www.usercss', blogcss)
#if blogcss:
# try:
# fd = open(os.path.join(settings.blogcss_path,
# '%s.css' % env.user.login), 'w')
# fd.write(blogcss)
# fd.close()
# env.user.set_profile('www.blogcss',
# '%s.css?r=%d' % \
# (env.user.login, randint(1000, 9999)))
# except IOError:
# pass
#else:
# try:
# os.unlink(os.path.join(settings.blogcss_path,
# '%s.css' % env.user.login))
# except OSError:
# pass
# env.user.set_profile('www.blogcss', None)
usercss = env.request.args('www.usercss', '').strip()
env.user.set_profile('www.usercss', usercss)
#if usercss:
# try:
# fd = open(os.path.join(settings.usercss_path,
# '%s.css' % env.user.login), 'w')
# fd.write(usercss)
# fd.close()
# env.user.set_profile('www.usercss',
# '%s.css?r=%d' % \
# (env.user.login, randint(1000, 9999)))
# except IOError:
# pass
#else:
# try:
# os.unlink(os.path.join(settings.blogcss_path,
# '%s.css' % env.user.login))
# except OSError:
# pass
# env.user.set_profile('www.usercss', None)
if not errors:
new_login = env.request.args('login', '').strip()
if env.user.login != new_login:
sess = Session()
add_session(env.user, sess.sessid)
try:
users.rename(new_login)
except UserLoginError:
errors.append('invalid-login')
except RenameError:
#errors.append('rename-timeout')
pass
if not errors:
env.user.save()
return Response(redirect='%s://%s.%s/profile?saved=1' % \
(env.request.protocol, env.user.login, settings.domain))
saved = bool(env.request.args('saved'))
info = env.user.get_info()
profile = {}
for k in _profile_form:
val = env.user.get_profile(k)
if k.find('.') > -1:
t, k = k.split('.', 1)
#t = 'profile_%s' % t
if not t in profile:
profile[t] = {}
profile[t][k] = val
else:
profile[k] = val
#_profile = { k:env.user.get_profile(k) for k in keys }
#if env.request.method == 'GET':
#if profile['www']['blogcss']:
# try:
# with open(os.path.join(settings.blogcss_path,
# '%s.css' % env.user.login)) as fd:
# profile['www']['blogcss'] = fd.read()
# except IOError:
# profile['www']['blogcss'] = ''
#
#if profile['www']['usercss']:
# try:
# with open(os.path.join(settings.usercss_path,
# '%s.css' % env.user.login)) as fd:
# profile['www']['usercss'] = fd.read()
# except IOError:
# profile['www']['usercss'] = ''
return render('/profile/index.html', saved=saved,
errors=errors, info=info, profile=profile, tzlist=tzlist())
