def login():
"""Handles logging in to Drawrawr"""
if request.method == 'POST':
required_parameters = ["username","password"]
if not util.all_in_list(required_parameters, request.form):
return "0" #ERROR, A required form element wasn't found
user_result = users_model.get_one({'lowername' : request.form['username'].lower() })
if not user_result:
return "2" # No username match
if cryptography.encrypt_password(request.form['password'], True) != user_result['password']:
return "3" # No password match
session['username'] = user_result['username']
session['password'] = user_result['password']
session.permanent = True
# Add the user's IP to the front of the list of his IPs
ip = user_result["ip"]
try: ip.remove(request.remote_addr)
except ValueError: pass
ip.insert(0,request.remote_addr)
users_model.update({"lowername": user_result['lowername']}, {"ip": ip})
return "1"
def settings():
"""The user's settings page. Used for changing their profile, account settings, and homepage."""
if g.logged_in_user:
if request.method == 'GET':
if config.beta_key: beta_keys = beta_pass_model.get({"owner" : g.logged_in_user["username"] })
else: beta_keys = None
return render_template("settings.html", beta_keys = beta_keys)
elif request.method == 'POST':
# User Messages
messages = []
# User Icon
icon = request.files['icon_upload']
if icon:
print icon.content_length
if not icon.content_length <= config.max_icon_size:
flash(config.file_size_error + "Your icon must be at most " + config.max_icon_size_text + ". ")
else:
if not util.allowed_file(icon.filename,config.icon_extensions):
flash(config.file_type_error + "The allowed extensions are " + util.print_list(config.icon_extensions) + ". ")
else:
try: os.remove(os.path.join(config.icons_dir, g.logged_in_user['lowername'] + "." + g.logged_in_user["icon"]))
except:
if config.logging: logging.warning("Couldn't remove user \"" + g.logged_in_user['username']+ "\"'s old icon while attempting to upload a new icon. ")
fileName = g.logged_in_user['lowername']
fileType = util.fileType(icon.filename)
if fileType.lower() == "jpg": fileType = "jpeg" # Change filetype for PIL
(mimetype,i) = mimetypes.guess_type(icon.filename)
file_location = os.path.join(config.icons_dir, fileName)
users_model.update({"lowername": g.logged_in_user['lowername']}, {"icon": fileType} )
icon.save(file_location)
image = Image.open(file_location)
resized = image.resize(config.icon_size, Image.ANTIALIAS)
resized.save(file_location, fileType, quality=100)
storage.push(file_location, file_location, mimetype = mimetype )
messages.append("User Icon")
# Password
if request.form["change_pass_current"] and request.form["change_pass_new_1"] and request.form["change_pass_new_2"]:
if cryptography.encrypt_password(request.form["change_pass_current"], True) != g.logged_in_user['password']:
flash("The new password you gave didn't match the one in the database! ):")
elif request.form["change_pass_new_1"] != request.form["change_pass_new_2"]:
flash("The new passwords you gave don't match! Try retyping them carefully. ")
else:
hashed = cryptography.encrypt_password(request.form['change_pass_new_1'], True)
users_model.update({"_id": g.logged_in_user['_id']}, {"password": hashed} )
session['password']=hashed
messages.append("Password")
# Gender
if request.form["change_gender"] != g.logged_in_user["gender"]:
users_model.update({"_id": g.logged_in_user['_id']}, {"gender": request.form["change_gender"] })
messages.append("Gender")
# Location
if request.form["change_latitude"] != str(g.logged_in_user["latitude"]) or request.form["change_longitude"] != str(g.logged_in_user["longitude"]):
try:
latFloat = float(request.form["change_latitude"])
lonFloat = float(request.form["change_longitude"])
users_model.update({"_id": g.logged_in_user['_id']}, {"latitude": latFloat, "longitude": lonFloat } )
messages.append("Location")
except ValueError:
flash("The locations you gave were invalid latitude and longitude coordinates! ): ")
# Profile
if request.form["change_profile"] != g.logged_in_user["profile"]:
users_model.update({"_id": g.logged_in_user['_id']}, {"profile": request.form["change_profile"], "code_profile": usercode.parse(request.form["change_profile"]) })
messages.append("Profile")
# Color Theme
if request.form["change_color_theme"] != g.logged_in_user["theme"]:
users_model.update({"_id": g.logged_in_user['_id']}, {"theme": request.form["change_color_theme"]} )
messages.append("Color Theme")
# Layout
l1 = util.url_decode(request.form["change_layout"])
l2 = util.url_decode(request.form["change_layout_order"])
for key in l2: l2[key] = int(l2[key]) # Converts orderings to integers
layout = util.conc_dict_values(l1,l2)
if not util.compare_dicts(layout, g.logged_in_user["layout"]):
if util.compare_dict_keys(layout, g.logged_in_user["layout"]):
layout_to_push = {}
for key in layout:
layout_to_push["layout." + key] = layout[key]
users_model.update({"_id": g.logged_in_user['_id']}, layout_to_push)
messages.append("Layout")
return render_template("settings_success.html",messages=messages,len=len)
else: abort(401)
def signup():
"""Handles member signup requests"""
# Error Handling
required_parameters = ['username','password1','password2']
if config.captcha: required_parameters += ['recaptcha_challenge_field','recaptcha_response_field']
if config.beta_key: required_parameters += ['beta_code']
if not util.all_in_list(required_parameters, request.form):
return "0" #ERROR, A required form element wasn't found
username_len = len(request.form['username'])
if users_model.username_taken(request.form['username']) or username_len == 0 or username_len > 30:
return "2" #ERROR, User doesn't exist or username is too small
if request.form['password1'] != request.form['password2'] or not request.form['password1']:
return "3" #ERROR, Passwords don't match
if not 'tos_agree' in request.form:
return "4" #ERROR, Terms of Service wasn't checked
if config.captcha and not captcha.check(request.form['recaptcha_challenge_field'], request.form['recaptcha_response_field'],config.captcha_secret_key,request.remote_addr):
return "5" #ERROR, Captcha Fail
if config.beta_key:
beta_key = beta_pass_model.check(request.form["beta_code"])
if not beta_key:
return "6" #ERROR, Beta Code Fail
if g.logged_in_user:
return "7" #ERROR, User is already logged in
else: beta_key = None
# Add the user to the database
hashed = cryptography.encrypt_password(request.form['password1'], True)
icon_filepath = os.path.join(config.icons_dir, request.form['username'].lower())
storage.push("static/images/newby_icon.png", icon_filepath, mimetype="image/png")
if not config.using_S3: shutil.copyfile("static/images/newby_icon.png", icon_filepath)
users_model.insert({
"username" : request.form['username']
, "lowername" : request.form['username'].lower()
, "password" : hashed
, "email" : None #request.form['email']
, "ip" : [request.remote_addr]
, "dob" : None
, "beta_key" : beta_key
, "beta_keys" : config.starting_beta_keys
, "date_joined" : datetime.datetime.today()
, "show_ads" : True
, "layout" : {
# [CARDINAL LOCATION, ORDERING]
# t == top; l == left; r == right; b == bottom; h == hidden
"profile" : ["t",0]
, "gallery" : ["l",0]
, "watches" : ["r",0]
, "comments" : ["b",0]
, "nearby" : ["r",1]
, "journal" : ["l",1]
, "shout" : ["h",0]
, "friends" : ["h",0]
, "awards" : ["h",0]
, "shop" : ["h",0]
, "favorites" : ["h",0]
, "tips" : ["h",0]
, "chars" : ["h",0]
, "playlist" : ["h",0]
}
, "permissions" : {
"delete_comments" : True
, "edit_art" : True
, "delete_art" : True
, "delete_journal" : True
, "ban_users" : True
, "make_props" : True
, "vote" : True
, "generate_beta_pass" : True
, "crop_art" : True
}
, "latitude" : None
, "longitude" : None
, "theme" : "default"
, "profile" : ""
, "code_profile" : ""
, "page_views" : 0
, "watchers" : []
, "bground" : None
, "icon" : "png"
, "glued" : 1
# m == Male; f == Female; h == Hide Gender
, "gender" : "h"
})
session['username'] = request.form['username']
session['password'] = hashed
session.permanent = True
return "1" #SUCCESS
