def members(conn, headers, data, *, method):
cookies = parse_cookies(headers['ignored'].get("Cookie", ""))
has_valid_token = cookies.get("token", "") in db.database
if method == "GET":
if not has_valid_token:
_, page = server.routes["/403"]["GET"](conn, {}, "")
return ({"Status-code": 403, "Reason-phrase": "Forbidden"}, page)
error = parse_post(headers['request_uri'].query).get("error", "")
with open("root/public/members.html") as members:
return ({}, members.read().format(body='<br>'.join(
f"<p>{user} -- {hash_}</p>"
for hash_, user in db.database.items()),
error=error))
elif method == "POST":
post = parse_post(data)
if 'uname' not in post:
return ({
"Status-code": 301,
"Location": "/members?error=invalid post data"
}, "")
post['uname'] = escape(post['uname'])
if post['uname'] not in db.database.values():
return ({
"Status-code": 301,
"Location": "/members?error=user doesn't exist"
}, "")
db.remove_user(post['uname'])
shutil.rmtree(f"root/users/{conv_uname(post['uname'])}")
return ({"Status-code": 301, "Location": "/members"}, "")
def make_reply(conn, headers, data):
cookies = parse_cookies(headers['ignored'].get("Cookie", ""))
has_valid_token = (token := cookies.get("token", "")) in db.database
if not has_valid_token:
return ({
"Status-code": 301,
"Location": "/?error=you must log-in to chat"
}, "")
elif 'reply' not in (msg := parse_post(data)):
return ({
"Status-code": 301,
"Location": "/?error=invalid post parameters"
}, "")
def profile(conn, headers, data, *, method):
cookies = parse_cookies(headers['ignored'].get("Cookie", ""))
has_valid_token = (token := cookies.get("token", "")) in db.database
if not has_valid_token:
_, page = server.routes["/403"]["GET"](conn, {}, "")
return ({"Status-code": 403, "Reason-phrase": "Forbidden"}, page)
if method == "GET":
username = conv_uname(db.database[token])
messages = []
error = parse_post(headers['request_uri'].query).get("error", "")
for file_ in os.listdir(f"root/users/{username}"):
if not os.path.isfile(f"root/users/{username}/{file_}"):
continue
with open(f"root/users/{username}/{file_}") as msg:
messages.append(unquote(msg.read()))
shutil.move(f"root/users/{username}/{file_}",
f"root/users/{username}/seen/{file_}")
with open("root/public/profile.html") as profile:
return ({}, profile.read().format(
username=db.database[token],
inbox=f"<h3>{len(messages)} unread messages </h3><hr>" +
'<hr>'.join(messages),
error=error))
elif method == "POST":
post = parse_post(data)
if "recipient" not in post or "msg" not in post:
return ({
"Status-code": 301,
"Location": "/profile?error=invalid input"
}, "")
post['recipient'] = escape(post['recipient'])
post['msg'] = escape(unquote_plus(post['msg']))
if post['recipient'] not in db.database.values():
return ({
"Status-code": 301,
"Location": "/profile?error=user doesn't exist"
}, "")
with open(
f"root/users/{conv_uname(post['recipient'])}/{randint(0, 4294967296)}",
"w") as msg:
msg.write(
f"<p style='padding-left:5em'>{post['msg']}</p><br>sent from <i>{db.database[token]}</i>"
)
return ({"Status-code": 301, "Location": "/profile"}, "")
def login(conn, headers, data, *, method):
cookies = parse_cookies(headers['ignored'].get("Cookie", ""))
has_valid_token = cookies.get("token", "") in db.database
if method == "GET":
error = parse_post(headers['request_uri'].query).get("error", "")
with open("root/public/login.html") as login:
return ({}, login.read().format(
error=error,
is_logged="You're already logged in, do you want to <a href='/logout'>logout</a>?" if has_valid_token \
else """<form action="/login" method="post">
<label>Username:</label>
<input type="text" id="uname" name="uname"><br>
<label>Password:</label>
<input type="text" id="pword" name="pword"><br><br>
<input type="submit" value="Login">
</form>"""
))
elif method == "POST":
if has_valid_token:
return ({
"Status-code": 301,
"Location": "/login?error=already logged in"
}, "")
post = parse_post(data)
if "uname" not in post or "pword" not in post:
return ({
"Status-code": 301,
"Location": "/login?error=invalid login data"
}, "")
digest = sha512()
digest.update(f"{post['uname']}:{post['pword']}".encode())
if digest.hexdigest() in db.database:
return ({
"Status-code": 301,
"Set-Cookie": f"token={digest.hexdigest()}",
"Location": "/"
}, "")
return ({
"Status-code": 301,
"Location": "/login?error=invalid credentials"
}, "")
def register(conn, headers, data, *, method):
cookies = parse_cookies(headers['ignored'].get("Cookie", ""))
has_valid_token = cookies.get("token", "") in db.database
if method == "GET":
with open("root/public/register.html") as register:
return ({}, register.read().format(
is_registered=f"You are already registered<br>" if has_valid_token \
else """<form action="/register" method="post">
<label>Username:</label>
<input type="text" id="uname" name="uname"><br>
<label>Password:</label>
<input type="text" id="pword" name="pword"><br><br>
<input type="submit" value="Register">
</form>
""",
error=parse_post(q)['error'] if (q := headers["request_uri"].query) \
else ""
))
def index(conn, headers, data):
cookies = parse_cookies(headers['ignored'].get("Cookie", ""))
has_valid_token = (token := cookies.get("token", "")) in db.database
error = parse_post(headers['request_uri'].query).get("error", "")
unread = 0
if has_valid_token and os.path.exists(
f"root/users/{conv_uname(db.database[token])}"):
unread = len(
os.listdir(f"root/users/{conv_uname(db.database[token])}")) - 1
with open("root/public/index.html") as index:
return ({}, index.read().format(
if_logged_in_head="<a href='/login'>login</a> - <a href='/register'>register</a>" if not has_valid_token \
else f"logged in as <b>{db.database[token]}</b> - <a href='/logout'>logout</a> - <a href='/profile'>profile ({unread})</a>",
if_logged_in_body="" if not has_valid_token \
else "Since you're logged in, do you wanna <a href='/members'>look</a> at the user-list?",
timer="""window.onload = function() {
var fn = function() {
var frameElement = document.getElementById("chat");
frameElement.contentWindow.location.href = frameElement.src + "?_=" + Math.ceil(Math.random() * 10000);
};
setInterval (fn, 2500);
}""",
error=error
))
<input type="text" id="uname" name="uname"><br>
<label>Password:</label>
<input type="text" id="pword" name="pword"><br><br>
<input type="submit" value="Register">
</form>
""",
error=parse_post(q)['error'] if (q := headers["request_uri"].query) \
else ""
))
elif method == "POST":
if has_valid_token:
return ({
"Status-code": 301,
"Location": "/register?error=already logged in"
}, "")
post = parse_post(data)
post['uname'] = escape(post['uname'])
if "uname" not in post or "pword" not in post:
return ({
"Status-code": 301,
"Location": "/register?error=invalid login data"
}, "")
elif post['uname'] in db.database.values():
return ({
"Status-code": 301,
"Location": "/register?error=already existing username"
}, "")
t = db.add_user(post['uname'], post['pword'])
os.mkdir(f"root/users/{conv_uname(post['uname'])}")
os.mkdir(f"root/users/{conv_uname(post['uname'])}/seen")
print(f"[localhost:{port}] user {post['uname']} registered")