def post(self, menu_identifier=None): if menu_identifier is None or not Menu.isRightIdentifier(menu_identifier): self.siteError( SiteErrorType.ERROR_MENU_NOT_EXIST ) return user = self.context['user'].get_current_user() if not user: self.redirect( users.create_login_url("/write/"+menu_identifier ) ) remote_addr = self.request.remote_addr if not remote_addr: self.siteError( getSiteErrorMessage("invalid_access") ) return self.context['menu_id'] = Menu.getMenuIdWithIdentifier( menu_identifier ) self.context['menu_label'] = Menu.getLabel( self.context['menu_id'] ) self.context['menu_identifier'] = menu_identifier if self.context['user'] and User.isUserNeedCaptcha( self.get_current_user() ): entry_form = EntryRecaptchaForm(remote_addr, data=self.request.POST) else: entry_form = EntryForm(data=self.request.POST) if entry_form.is_valid(): # insert # check user User.insertUser(user, remote_addr) menu_id = self.context['menu_id'] Entry.insert( entry_form.cleaned_data['title'], entry_form.cleaned_data['link'], entry_form.cleaned_data['content'], menu_id, user, remote_addr ) self.redirect("/list/"+Menu.getMenuIdentifier( menu_id) ) else: self.createCSRFToken() self.context['entry_form'] = entry_form self.render( "write.html" )
def get(self, id): if not self.id_valid(id): return {'message': 'User not found', 'data': {}}, 404 user_result = get_user(id) user = User(user_result) return {'message': 'User', 'data': user.serialize()}, 200
def findUser(self, username): sql = "SELECT * FROM USERS WHERE NAME = '%s'" % (username) self.cursor.execute(sql) result = self.cursor.fetchall() from models.UserModel import User user = None for row in result: name = row[1] password = row[2] charge = row[3] user = User(name, password) user.charge = charge return user
def findAllUsers(self): users = [] sql = "SELECT * FROM USERS" self.cursor.execute(sql) results = self.cursor.fetchall() for row in results: name = row[1] password = row[2] charge = row[3] from models.UserModel import User user = User(name, password) user.addCharge(charge) users.append(user) return users
def get(self, type, site_user_id, cursor=None): logging.info( type ) if type != "entry" and type != "comment": self.siteError( SiteErrorType.ERROR_INVALID_ACCESS ) return if cursor: cursor = urllib.unquote(cursor).decode('utf-8') self.context['siteUser'] = User.get_by_id( int( site_user_id ) ) if type == "entry": query = Entry.all() query.filter("site_user_id", int( site_user_id) ) query.filter("is_removed", False) query.order("-created_on") elif type == "comment": query = Comment.all() query.filter("site_user_id", int( site_user_id) ) query.order("-created_on") logging.info( query.__dict__ ) paging = Paging( query ) paging.setLimit(10) paging.setCurrentCursor(cursor) paging.execute() self.context['paging'] = paging if type == "entry": self.render( "admin/entry.html" ) elif type == "comment": self.render( "admin/comment.html" )
def post(self, entry_index=None): entry = Entry.get_entry(entry_index) if not entry or entry.is_removed: self.siteError( SiteErrorType.ERROR_ENTRY_NOT_EXIST ) return is_spam = self.request.get('is_spam') if is_spam: # block user siteUser = User.getSiteUser( entry.user ) siteUser.status = UserStatus.USER_BANED siteUser.put() site_user_id = siteUser.key().id() # delete user's comment Comment.delete_with_user_id(site_user_id) # delete user's entry Entry.delete_with_user_id(site_user_id) #delete comment for comment in entry.comments: comment.delete() Entry.delete_entry(entry_index) self.redirect( "/admin/entry" )
def wrapper(self, *args, **kw): user = users.get_current_user() if user: siteUser = User.getSiteUser(user) if siteUser and siteUser.status > UserStatus.USER_NORMAL: self.redirect("/error/user_banned") return func(self, *args, **kw)
def get(self): user_result = get_users() users = [] for res in user_result: users.append(User(res).serialize()) return {'message': 'Success', 'data': users}, 200
def post(self, index=None): if not self.context['user'].get_current_user(): self.siteError( SiteErrorType.ERROR_INVALID_ACCESS ) return self.context['index'] = index entry = Entry.get_entry( index ) if not entry or entry.is_removed: self.siteError( getSiteErrorMessage("entry_not_exist") ) return remote_addr = self.request.remote_addr if not remote_addr: self.siteError( getSiteErrorMessage("invalid_access") ) return user = self.context['user'].get_current_user() User.insertUser(user, remote_addr) if self.context['user'] and User.isUserNeedCaptcha( self.get_current_user() ): comment_form = CommentRecaptchaForm(self.request.remote_addr, data = self.request.POST) else: comment_form = CommentForm(data = self.request.POST) if comment_form.is_valid(): comment = Comment.insert(entry, comment_form.cleaned_data['content'], user, remote_addr) entry.comment_count = entry.comment_count + 1 entry.updated_on = datetime.datetime.now() entry.put() PagingCursorMasterKey.clearModelKey("Comment") self.redirect("/entry/%s#comment%d"%(index, comment.id())) else: self.createCSRFToken() self.context['entry'] = entry self.context['comment_form'] = comment_form self.render("view.html")
def register(): if request.method == 'POST': email = request.json['email'] password = request.json['password'] # check if user with the email exists in the database user_exists = User.query.filter_by(email = email).first() if user_exists: return jsonify({'message': 'user email already exists'}), 404 user = User(email, password, '', '', datetime.timestamp(datetime.now()), datetime.timestamp(datetime.now())) user.hash_password(password) db.session.add(user) db.session.commit() access_token = create_access_token(identity=user.id, fresh=True) refresh_token = create_refresh_token(user.id) return jsonify({'access_token': access_token, 'refresh_token': refresh_token}), 200
def createAccount(self): userName=self.loginEntry.get() password=self.passwordEntry.get() user=User(userName, password) try: if(UserController().saveUserToDatabase(user)): messagebox.showinfo("Message", "ACCOUNT CREATED") else: messagebox.showinfo("ERROR", "LOGIN ALREADY TAKEN") except: messagebox.showinfo("ERROR","IDK ERR")
def get_token(): request_data = request.get_json() username = str(request_data['username']) password = str(request_data['password']) match = User.username_password_match(username, password) if match: expiration_date = datetime.datetime.utcnow() + datetime.timedelta(seconds=300) token = jwt.encode({'exp': expiration_date}, app.config['SECRET_KEY'], algorithm='HS256') return token else: return Response('', 401, mimetype='application/json')
def registerUser(): try: user = User( **{a: request.json[a] for a in User.attributes() if a != 'id'}) # Checking if user already exists v.validateUser(User, user.email) # Hashing the password user.password = pbkdf2_sha256.hash(user.password) db.session.add(user) db.session.commit() return jsonify({'status': 'success'}, { 'message': f'Thanks for using Products API, {user.firstName}.Now you\'re registered and can log in' }), 201 except Exception as e: return jsonify({'status': 'fail'}, {'message': str(e)}), 404
def createCSRFToken(self): if not self.context['user'].get_current_user(): return siteUser = User.getSiteUser( self.context['user'].get_current_user() ) if not siteUser: siteUser = User.insertUser( self.context['user'].get_current_user(), self.request.remote_addr ) m = hashlib.md5() # prepare salt if siteUser.last_write_on: m.update( siteUser.last_write_on.strftime("%Y/%m/%d %H:%M:%S.%f") ) else: m.update( siteUser.join_on.strftime("%Y/%m/%d %H:%M:%S.%f") ) m.update( str( siteUser.key().id() ) ) self.context['csrf_token'] = m.hexdigest() cookies = Cookies( self ) cookies['csrf_token'] = self.context['csrf_token']
def post(self): user = User() user.FirstName = self.request.get('firstname') user.LastName = self.request.get('lastname') user.Mail = self.request.get('email') user.Password = str(md5HashSum().valueToHash(self.request.get('password'))) try: user.put() except EmailIsAlreadyRegistred,e: self.response.out.write( 'Email: ' + e.__str__() + ' already registred..') return;
def get(self, cursor=None): siteUser = User.getSiteUser( self.context['user'].get_current_user() ) if not siteUser: siteUser = User.insertUser(self.context['user'].get_current_user(), self.request.remote_addr ) self.context['siteUser'] = siteUser LIST_NUMS = 10 query = Entry.all() query.filter("site_user_id", User.getSiteUserId( self.context['user'].get_current_user() ) ) query.filter("is_removed", False ) query.order("-created_on") paging = Paging( query ) paging.setCurrentCursor( cursor ) paging.setLimit( LIST_NUMS ) paging.execute() self.context['paging'] = paging self.render("user.html")
def get(self, cursor=None): if cursor: cursor = urllib.unquote(cursor).decode('utf-8') query = User.all() query.order("-join_on") paging = Paging( query ) paging.setLimit(20) paging.setCurrentCursor(cursor) paging.execute() self.context['paging'] = paging self.render( "admin/user.html" )
def put(self, user_id, title): if not self.id_valid(user_id): return {'message': 'User not found', 'data': {}}, 404 user_result = get_user(user_id) user = User(user_result) parser = reqparse.RequestParser() parser.add_argument('title', required=True) parser.add_argument('comment', required=True) # Parser arguments into obj args = parser.parse_args() note = { 'title': args['title'] + "*" + str(user_id), 'author': f'{user.first_name} {user.last_name}', 'comment': args['comment'], 'expiration': '2020-12-02' } updated = PauliusNoteService().update_note(title + "*" + str(user_id), note) if updated is None: return { 'message': 'Unknown error occurred try again later', 'data': args }, 500 if updated == 202: new_title = args['title'] + "*" + str(user_id) old_title = title + "*" + str(user_id) update_user_note(old_title, new_title) return {'message': 'Success', 'data': args}, 200 if updated == 409: return { 'message': 'A note with this title already exists', 'data': args }, 404 if updated == 404: return {'message': 'Note not found', 'data': {}}, 404
def get(self, user_id): if not self.id_valid(user_id): return {'message': 'User not found', 'data': {}}, 404 notes = PauliusNoteService().get_all_notes() user_result = get_user(user_id) user = User(user_result) user_notes_results = get_user_notes(user_id) user_notes = [] for note in notes: for res in user_notes_results: if note.title == res[2]: user_notes.append(note) return { 'message': 'User notes', 'data': UserNotes(user, user_notes).serialize() }, 200
def get(self): user_result = get_users() users = [User(res) for res in user_result] notes = PauliusNoteService().get_all_notes() users_notes = [] for user in users: note_results = get_user_notes(user.id) # if paulius note title matches with user note table title, then add it to user_notes user_notes = [] for note in notes: for res in note_results: if note.title == res[2]: user_notes.append(note) users_notes.append(UserNotes(user, user_notes).serialize()) return {'message': 'Success', 'data': users_notes}, 200
def get(self, index): entry = Entry.get_entry(index) if not entry or entry.is_removed: self.siteError( SiteErrorType.ERROR_ENTRY_NOT_EXIST ) return if self.context['user'] and User.isUserNeedCaptcha( self.get_current_user() ): comment_form = CommentRecaptchaForm(self.request.remote_addr) else: comment_form = CommentForm() self.context['comment_form'] = comment_form self.context['entry'] = entry if self.context['user']: self.createCSRFToken() self.render( "view.html" )
def do_regis(request): tel = request.form.get("telephone") un = request.form.get("username") pwd1 = request.form.get("password1") pwd2 = request.form.get("password2") if tel and un and pwd1 and pwd2: if User.query.filter_by(telephone=tel).first(): return "exit" else: if pwd1 == pwd2: user = User(telephone=tel, username=un, password=pwd1) try: db.session.add(user) db.session.commit() return "ok" except Exception as e: print(e) db.session.rollback() return "fall" else: return "ns" else: return "nf"
def post(self, comment_id=None): comment_id = int( comment_id ) comment = Comment.get_by_id( comment_id ) if not comment: self.siteError( SiteErrorType.ERROR_COMMENT_NOT_EXIST ) return siteUser = User.getSiteUser( comment.user ) Comment.delete_comment(comment) is_spam = self.request.get('is_spam') if is_spam: siteUser.status = UserStatus.USER_BANED siteUser.put() site_user_id = siteUser.key().id() # delete user's comment Comment.delete_with_user_id(site_user_id) # delete user's entry Entry.delete_with_user_id(site_user_id) self.redirect( '/admin/comment' )
def get(self, menu_identifier=None): if menu_identifier is None or not Menu.isRightIdentifier(menu_identifier): self.siteError( SiteErrorType.ERROR_MENU_NOT_EXIST ) return self.context['menu_id'] = Menu.getMenuIdWithIdentifier( menu_identifier ) self.context['menu_label'] = Menu.getLabel( self.context['menu_id'] ) self.context['menu_identifier'] = menu_identifier self.createCSRFToken() if self.context['user'] and User.isUserNeedCaptcha( self.get_current_user() ): entry_form = EntryRecaptchaForm(self.request.remote_addr) else: entry_form = EntryForm() self.context['entry_form'] = entry_form self.render( "write.html" )