def static(request, file_path):
try:
with open(path.join('static', file_path), 'rb') as f:
content = f.read()
except FileNotFoundError:
return Response('not found', 404)
content_type, _ = mimetypes.guess_type(file_path)
return Response(body=content, content_type=content_type)
def static(request, filename):
if not filename.endswith('.js') and not filename.endswith('.css'):
return Response('not found', 404)
try:
with open(filename, 'rb') as f:
content = f.read()
except FileNotFoundError:
return Response('not found', 404)
content_type, _ = mimetypes.guess_type(filename)
return Response(body=content, content_type=content_type)
def accounts_update(request, user_id):
item = db.PlaidItem.query.get(int(request.body['plaid_item_id']))
if item.user_id != user_id:
return Response(code=403)
item.name = request.body['name'] or None
db.session.commit()
return Response.json(True)
def logout(request):
response = Response(code=303, location='/')
response.set_secure_cookie(request,
'user_id',
None,
secure=True,
max_age=datetime.timedelta())
return response
def login(request):
email = request.body['email']
password = request.body['password']
if 'register' in request.body:
user = db.User.register(email, password)
db.session.commit()
location = '/accounts'
else:
user = db.User.login(email, password)
if user is None:
return Response('bad email/password', 403)
location = '/outcomes'
response = Response(code=303, location=location)
response.set_secure_cookie(request,
'user_id',
user.user_id,
secure=True,
max_age=datetime.timedelta(days=30))
return response
def fetch_transactions(request, user_id):
relogin_items = transactions.process_user(user_id)
if len(relogin_items) > 0:
return Response.render(
request, 'relogin.jinja2', {
'environment': config.plaid.environment,
'plaid_public_key': config.plaid.public_key,
'relogin_items': relogin_items,
})
else:
return Response(code=303, location='/outcomes')
def _trace(code):
args = [
'../nsjail/nsjail', '--use_cgroupv2', '--cgroupv2_mount',
'/sys/fs/cgroup/NSJAIL', '-Mo', '--chroot', chroot_dir, '-E',
'LANG=en_US.UTF-8', '-R/usr', '-R/lib', '-R/lib64',
'-R%s:/traceface' % traceface_dir, '-D/traceface', '--user', 'nobody',
'--group', 'nogroup', '--time_limit', '2', '--disable_proc',
'--iface_no_lo', '--cgroup_mem_max',
str(50 * MB), '--cgroup_pids_max', '1', '--quiet', '--',
'/usr/bin/python3', '-q', 'traceface', '-s'
]
p = subprocess.run(args, input=code, capture_output=True, timeout=5)
return Response(p.stdout, content_type='text/html; charset=UTF-8')
def wrapped(request):
user_id = request.get_secure_cookie('user_id',
datetime.timedelta(days=30))
if user_id is None:
return Response(code=401)
return view_fn(request, int(user_id))
def fetch_transactions(request, user_id):
transactions.process_user(user_id)
return Response(code=303, location='/outcomes')
def trace(request):
if len(request.body['paste']) > 0:
return Response(code=303, location='/trace/' + request.body['paste'])
code = request.body['code'].encode('utf-8')
return _trace(code)
def root(request):
return Response(html, content_type='text/html; charset=UTF-8')
def plaid_link_token(request, user_id):
item = db.PlaidItem.query.get(int(request.body['plaid_item_id']))
if item.user_id != user_id:
return Response(code=403)
link_token = plaid.link_token(user_id, item.access_token)
return Response.json(link_token)
