def cabinet(username):
current_user = User.get(session['user'])
requested_user = User.get(username)
username = current_user.username
if not requested_user:
abort(404)
user = requested_user.username
if user == username:
is_owner = True
invites = friends.check_invites(user)
return render_template('profile/profile.html',
user=current_user,
invites=invites,
is_owner=is_owner)
else:
is_owner = False
isInvited = friends.isInvited(requested_user.username,
current_user.username)
isInvitedByOther = friends.isInvited(current_user.username,
requested_user.username)
return render_template('profile/profile.html',
user=requested_user,
user_guest=current_user,
isInvited=isInvited,
isInvitedByOther=isInvitedByOther,
is_owner=is_owner)
def test_delete_game():
headers = {
'Authorization': 'Bearer ' + pytest.users[2]["token"],
'Content-Type': 'text/plain'
}
response = client.delete("/games/100/delete", headers=headers)
assert response.status_code == 404
assert response.json() == {'detail': 'The game does not exist'}
response = client.delete(f"/games/{pytest.info['game']}/delete",
headers=headers)
assert response.status_code == 403
assert response.json() == {
'detail': 'The game does not belong to the current user'
}
headers['Authorization'] = 'Bearer ' + pytest.users[1]["token"]
response = client.delete(f"/games/{pytest.info['game']}/delete",
headers=headers)
assert response.status_code == 200
assert response.json() == {
"message": f"The game {pytest.info['game']} (Partida 1) was deleted"
}
with db_session:
Player.get(id=pytest.info['other_player']).delete()
Game.get(id=pytest.info['other_game']).delete()
for u in list(pytest.users.values())[:-1]:
User.get(id=u["user_id"]).delete()
def load_user(user_str, mod=""): # could also be an asynchronous function
user = user_str
with db_session:
if type(user) is not dict:
user = User.get(username=user_str)
if not user:
user = User.get(email=user_str)
if user:
return user.to_dict()
elif mod != "force":
user_db = User.get(id=user_str["id"])
if not user_db.verified:
return None
return user
def changeProfile(username):
current_user = User.get(session['user'])
user = current_user.username
if user != username:
return render_template(url_for('profile_page', username=username))
if request.method == "POST" and user:
email = request.form['email']
if email and current_user.email != email:
current_user.email = email
old_password = request.form['old-password']
password = request.form['password']
if password and current_user.password != hash_password(password):
if check_password(old_password, current_user.password):
current_user.password = hash_password(password)
fname = request.form['fname']
if fname and current_user.fname != fname:
current_user.fname = fname
lname = request.form['lname']
if lname and current_user.lname != lname:
current_user.lname = lname
current_user.update()
return redirect(url_for('profile_page',
username=current_user.username))
return render_template('profile/changeProfile.html', user=current_user)
async def get_current_user(token: str = Depends(oauth2_scheme)) -> UserEntity:
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials",
headers={"WWW-Authenticate": "Bearer"},
)
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[settings.ALGORITHM])
username: str = payload.get("sub")
if username is None:
raise credentials_exception
token_data = TokenData(username=username)
except JWTError:
raise credentials_exception
user = await UserPermPDModel.from_queryset_single(
User.get(username=username))
if user is None:
raise credentials_exception
return user
def reset():
'''
Reset password page.
[GET] Reset page.
[POST] Validate form & send reset email.
'''
form = ResetForm()
if form.validate_on_submit():
email = form.email.data
if User.exist(email=email):
user = User.get(email=email)
from src.mailer.mail import Mailer, ResetMail
msg = ResetMail(user.email)
mailer = Mailer(msg)
# Send email with reset uri.
mailer.send()
flash('An email sent to you.')
else:
flash('The email address is not registered.')
return render_template('reset.jinja2',
title='Password recovery.',
form=form,
template='login-page')
def get_user_scope(username):
with Request.pony_session:
user = User.get(name=username)
if user:
permission_id_list = Role.get_role_permission(user.role)[:]
permission_id_list = [str(p) for p in permission_id_list]
return permission_id_list
def get_user(username: str):
with Request.pony_session:
user = User.get(name=username)
# print('sec_user:'******'user_dict:', user_dict)
return UserInDB(**user_dict)
async def get_user(curr_user=Depends(manager)):
with db_session:
user = User.get(id=curr_user["id"])
return {
"id": user.id,
"username": user.username,
"useralias": user.useralias,
"email": user.email
}
async def get_users(request, id=None):
response = {'status': 'ok', 'message': '', 'payload': []}
args = request.args
print(args.get("limit", None))
response['payload'] = User.get(id, args.get("limit", None),
args.get("offset", None))
return json(response)
async def confirm(confirmation: ConfM):
with db_session:
decr_email = confirm_token(confirmation.code)
if not decr_email:
raise HTTPException(status_code=400, detail="invalid code")
user = User.get(email=decr_email)
if not user:
raise HTTPException(status_code=400, detail="user not found")
user.verified = True
return {"info": f'your account {user.username} has been activated!'}
async def login(data: UserM):
user = data.username
password = data.password
with db_session:
db_user = User.get(username=user)
if not db_user:
db_user = User.get(email=user)
user = load_user(user) # authentication file function
if not user or password != user['password'] or not db_user:
raise InvalidCredentialsException # Default credential exception
elif not db_user.verified:
raise HTTPException(
status_code=400,
detail="The user is not verified, please check your mail inbox"
)
access_token = manager.create_access_token(
data=dict(sub=user), expires_delta=timedelta(hours=4))
return {'access_token': access_token, 'token_type': 'bearer'}
def send_message(username):
current_user = User.get(session['user'])
message_text = request.form['message']
current_date = datetime.now()
new_message = Message(sender=current_user.username,
recipient=username,
text=message_text,
creation_time=current_date)
new_message.insert()
def get(self):
args = self.get_args('get')
post_ = Post.get(args['post_id'])
author = User.get(post_.user_id).username
post_data = {
'title': post_.title,
'text': post_.text,
'publish_date': post_.publish_date.strftime('%Y-%m-%d %H:%M:%S'),
'author': author
}
print(post_data)
return {'status': 200, 'msg': '成功', 'post': post_data}
def get_messages_from(username):
current_user = User.get(session['user'])
messages = current_user.get_messages()
if messages is not None:
messages_from_user = [
m for m in messages
if m.recipient == username or m.sender == username
]
if messages_from_user != []:
return render_template('/chat/messages.html',
messages=messages_from_user,
user=current_user)
return render_template('/chat/no_messages.html')
async def new_user(input_game: UserM):
with db_session:
user = User.get(username=input_game.username)
if not user:
user = User.get(email=input_game.email)
if not user:
curr_user = User(username=input_game.username,
useralias=input_game.useralias,
email=input_game.email,
password=input_game.password)
commit()
await simple_send([input_game.email],
generate_confirmation_token(
input_game.email), input_game.frontURL)
else:
raise HTTPException(status_code=400,
detail="Email already registered")
else:
raise HTTPException(status_code=400,
detail="Username already registered")
return {"id": curr_user.id, "message": "User created successfully"}
def test_user_get():
headers = {
'Authorization': 'Bearer ' + pytest.users[1]["token"],
'Content-Type': 'text/plain'
}
response = client.get("/users/me", headers=headers)
assert response.status_code == 200
with db_session:
user = User.get(id=pytest.users[1]["user_id"])
assert response.json() == {
"id": user.id,
"username": user.username,
"useralias": user.useralias,
"email": user.email
}
async def list_players(game_id: int, user=Depends(manager)):
status = {}
with db_session:
game = Game.get(id=game_id)
if game is None:
raise HTTPException(status_code=404, detail="Game not found")
players = game.players
parsed_players = [p.to_dict() for p in players]
parsed_players.sort(key=lambda x: x.get('id'))
for p in parsed_players:
user = User.get(id=p['user']).to_dict()
user.pop("password")
user.pop("email")
p.update(user=user)
return {'data': parsed_players}
async def mod_user(input_game: UserMod, user=Depends(manager)):
with db_session:
user = User.get(id=user["id"])
message = 'fields modified:'
if input_game.useralias:
user.useralias = input_game.useralias
message += " -useralias"
if input_game.newpassword:
if input_game.oldpassword and user.password == input_game.oldpassword:
user.password = input_game.newpassword
message += " -password"
else:
raise HTTPException(status_code=400,
detail="Old password dont match")
return {message}
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
user = User.get(username)
if user != None:
if check_password(password, user.password):
session['user'] = user.username
return redirect(url_for('profile_page',
username=user.username))
else:
return redirect(url_for('login'))
else:
return redirect(url_for('register'))
return render_template('authentication/login.html')
def register():
if request.method == 'POST':
password = request.form['password']
password_retry = request.form['password-retry']
username = request.form['username']
email = request.form['email']
if User.get(username) == None:
if password == password_retry:
user = User(username=username,
email=email,
password=hash_password(password))
user.insert()
session['user'] = user.username
return redirect(url_for('profile_page', username=username))
else:
return redirect(url_for('register'))
return render_template('authentication/register.html')
async def expelliarmus(in_vote: VoteM, game_id: int, user=Depends(manager)):
with db_session:
game = Game.get(id=game_id)
current_player = Player.user_player(user, game_id)
username = User.get(id=current_player["user"]).username
detail = f"The player {username} has played expelliarmus!"
if game is None:
raise HTTPException(status_code=404, detail="Game not found")
if not game.started:
raise HTTPException(status_code=400, detail="Game is not started")
if current_player["current_position"] != "minister" and current_player[
"current_position"] != "headmaster":
raise HTTPException(
status_code=400,
detail="this player is not the minister nor the headmaster")
if game.board.de_proc < 5 or game.status["phase"] != "headmaster play":
raise HTTPException(status_code=400,
detail="It is not time for expelliarmus!!!")
if "headmaster_expelliarmus" not in game.status.keys():
if current_player["current_position"] == 'headmaster':
game.status["headmaster_expelliarmus"] = in_vote.vote
else:
raise HTTPException(
status_code=400,
detail="The headmaster must play the expelliarmus first!")
else:
if current_player["current_position"] == 'minister':
game.status["minister_expelliarmus"] = in_vote.vote
else:
raise HTTPException(
status_code=400,
detail="The minister must confirm the expelliarmus!")
detail = "The expelliarmus has failed!"
if game.status["minister_expelliarmus"] and game.status[
"headmaster_expelliarmus"]:
cards = game.board.deck.split(',')[2:]
game.board.deck = ','.join(cards)
detail = "the expelliarmus was played succesfully!, cards discarded"
Player.reassign_minister(game)
return {detail}
async def process_price(message: types.Message, state: FSMContext):
async with state.proxy() as data:
data['price'] = message.text
user = User.get(User.external_id == message.from_user.values.get('id'))
Expense.create(**data, user=user)
# summary of saved expense
await bot.send_message(
message.chat.id,
md.text(
md.text('Gasto de ', md.bold(data['description']),
' guardado! '),
md.text('Categorias: ', md.code(data['categories'])),
md.text('Price: $', data['price']),
sep='\n',
),
parse_mode=ParseMode.MARKDOWN,
)
# Finish conversation
await state.finish()
def test_create_user():
for i, u in enumerate(pytest.users.values()):
with db_session:
response = client.post("/users/",
headers={},
json={
"username": u['username'],
"useralias": u["useralias"],
"email": u['email'],
"password": "******",
"frontURL": "ded"
})
with db_session:
for i, u in enumerate(pytest.users.values()):
user = User.get(email=u["email"])
user.verified = True
u["user_id"] = int(user.id)
response = client.post("/users/",
headers={},
json={
"username": "******",
"useralias": "andres",
"email": "*****@*****.**",
"password": "******",
"frontURL": "ded"
})
assert response.status_code == 400
assert response.json() == {"detail": "Username already registered"}
response = client.post("/users/",
headers={},
json={
"username": "******",
"useralias": "andres234",
"email": "*****@*****.**",
"password": "******",
"frontURL": "ded"
})
assert response.status_code == 400
assert response.json() == {"detail": "Email already registered"}
def recover(token=None):
'''
User login page.
param:
token (str): JWT token.
[GET] Change password page.
[POST] Validate form & change password.
'''
if request.method == 'GET':
from src.login.models import UserToken
email = UserToken.verify(token)
if not email:
flash('User not found.')
return redirect(url_for('auth_bp.login'))
form = RecoverForm()
if form.validate_on_submit():
email = form.email.data
if User.exist(email=email):
user = User.get(email=email)
# Change password and commit.
user.set_password(form.password.data)
db.session.commit()
flash('Password changed.')
return redirect(url_for('auth_bp.login'))
# Change password page.
return render_template('recover.jinja2',
title='Reset your password.',
form=form,
template='login-page')
def login(provider=None):
'''
User login page.
param:
provider (str): Login provider [ site | google | fb ]
[GET] Login page.
[POST] Validate form & user login.
'''
# User already logged in.
if current_user.is_authenticated:
return redirect(url_for('main_bp.main'))
form = LoginForm()
if provider:
sl = SocialLogin(provider)
response, result = sl.login(request)
if result:
if result.user:
# Update data from provider.
result.user.update()
email = result.user.email
if not User.exist(email=email):
# Create user.
create_u = CreateUser(email=email)
user = create_u.create(name=result.user.name,
login_type=provider)
else:
user = User.get(email=email)
# Login.
login_user(user=user)
next_page = request.args.get('next')
return redirect(next_page or url_for('main_bp.main'))
return response
else:
# Validate login attempt.
if form.validate_on_submit():
email = form.email.data
if User.exist(email=email):
user = User.get(email=email)
if user and user.confirmed and user.check_password(
form.password.data):
login_user(user)
# Logged in.
next_page = request.args.get('next')
return redirect(next_page or url_for('main_bp.main'))
flash('User not registered.')
# return redirect(url_for('auth_bp.login'))
# Login page.
return render_template('login.jinja2',
form=form,
title='Log in.',
template='login-page')
def chat():
current_user = User.get(session['user'])
friends = current_user.friends
return render_template('/chat/chat.html', friends=friends)
def test_choosehm_game():
with db_session:
game = Game.get(id=pytest.info['game'])
minister = game.status["minister"]
game.status["phase"] = "x"
headers = {
'Authorization': 'Bearer ' + pytest.users[1]["token"],
'Content-Type': 'text/plain'
}
response = client.post("/games/100/choosehm",
headers=headers,
json={'id': '2'})
assert response.status_code == 404
assert response.json() == {'detail': "Game not found"}
response = client.post(f"/games/{pytest.info['game']}/choosehm",
headers=headers,
json={'id': '2'})
assert response.status_code == 400
assert response.json() == {
'detail': "The headmaster only can be elected in the propose phase"
}
with db_session:
game = Game.get(id=pytest.info['game'])
game.status["phase"] = "propose"
for i in pytest.users.keys():
if pytest.users[i]["player_id"] != minister:
acc = i
break
headers['Authorization'] = 'Bearer ' + pytest.users[acc]["token"]
response = client.post(f"/games/{pytest.info['game']}/choosehm",
headers=headers,
json={'id': '2'})
assert response.status_code == 400
assert response.json() == {
'detail': "Only the minister can propose a headmaster"
}
for i in pytest.users.keys():
if pytest.users[i]["player_id"] == minister:
user_minister = i
break
headers['Authorization'] = 'Bearer ' + pytest.users[user_minister]["token"]
response = client.post(f"/games/{pytest.info['game']}/choosehm",
headers=headers,
json={"id": "300"})
assert response.status_code == 400
assert response.json() == {'detail': "The selected player does not exist"}
response = client.post(f"/games/{pytest.info['game']}/choosehm",
headers=headers,
json={"id": str(minister)})
assert response.status_code == 400
assert response.json() == {
'detail': "The minister can not be the headmaster"
}
with db_session:
other_guy = Player.get(id=pytest.users[acc]["player_id"])
other_guy.choosable = False
response = client.post(f"/games/{pytest.info['game']}/choosehm",
headers=headers,
json={"id": str(pytest.users[acc]["player_id"])})
assert response.status_code == 400
assert response.json() == {
'detail': "The player has been headmaster in the previous round"
}
with db_session:
user = User.get(id=pytest.users[user_minister]["user_id"])
new_game = Game(name="x",
created_by=pytest.users[acc]["user_id"],
started=False,
creation_date=datetime.datetime.now(),
player_amount=5,
status={})
new_player = Player(choosable=True,
current_position='',
role='',
is_voldemort=False,
alive=True,
user=user)
new_game.players.add(new_player)
other_guy = Player.get(id=pytest.users[acc]["player_id"])
other_guy.choosable = True
other_guy.alive = False
commit()
pytest.info['other_game'] = new_game.id
pytest.info['other_player'] = new_player.id
response = client.post(f"/games/{pytest.info['game']}/choosehm",
headers=headers,
json={"id": str(new_player.id)})
assert response.status_code == 400
assert response.json() == {
'detail': "The player does not belong to this game"
}
response = client.post(f"/games/{pytest.info['game']}/choosehm",
headers=headers,
json={"id": str(other_guy.id)})
assert response.status_code == 400
assert response.json() == {
'detail': "The player cannot be headmaster because is dead"
}
with db_session:
other_guy = Player.get(id=pytest.users[acc]["player_id"])
other_guy.alive = True
username = other_guy.user.username
response = client.post(f"/games/{pytest.info['game']}/choosehm",
headers=headers,
json={"id": str(other_guy.id)})
assert response.status_code == 200
assert response.json() == {
"message":
f"The player number {other_guy.id}: {username} was proposed as headmaster"
}
def users_list():
current_user = User.get(session['user'])
users = current_user.get_all()
return render_template('/users/users.html', users=users)
async def get_user(username: str):
return await User_Pydantic.from_queryset_single(User.get(username=username))
