def signin():
error = None
if request.method == 'POST':
email = request.form['email']
name = request.form['name']
password = request.form['password']
password1 = request.form['password1']
if (password != password1):
flash('两次输入的密码不一致')
return render_template('signin.html')
if not check_the_password(password):
flash('密码不符合要求,密码长度应该在4到25之间并不能仅为数字')
return render_template('signin.html')
if not check_the_email(email):
flash('邮箱格式错误')
return render_template('signin.html')
check_email = User.query.filter(User.email == email).first()
if check_email:
flash('邮箱已被注册>_<')
else:
flash('已经发送邮件到你的邮箱,请立刻激活帐号')
new_user = User(name, email, password)
session['unconfirm'] = True
session['user_email'] = new_user.email
db_session.add(new_user)
db_session.commit()
"""
send_email_for_confirm(email, new_user.email, new_user.reg_time,
new_user.confirm)
"""
return redirect(url_for('signined'))
return render_template('signin.html')
def createUser(login_session):
newUser = User(name=login_session['username'],
email=login_session['email'],
picture=login_session['picture'])
session.add(newUser)
session.commit()
user = session.query(User).filter_by(email=login_session['email']).one()
return user.id
def setUp(self):
application.app_context().push()
application.config['TESTING'] = True
application.config['WTF_CSRF_ENABLED'] = True
application.config['DEBUG'] = False
# using test database
application.config['SQLALCHEMY_DATABASE_URI'] = TEST_DB
self.client = application.test_client()
db.drop_all()
db.create_all()
# create a testing user
db.session.add(User('*****@*****.**', 'testing', '123456'))
db.session.commit()
self.assertEqual(application.debug, False)
def signup():
form = RegistrationForm()
if form.validate_on_submit():
user = User(email=form.email.data,
username=form.username.data,
password=form.password.data)
try:
form.check_email(form.email, form.username)
flash("Thank for registration!")
except validators.ValidationError as e:
flash(str(e))
return redirect(url_for('signup'))
db.session.add(user)
db.session.commit()
return redirect(url_for('login'))
return render_template('signup.html', form=form)
def setUp(self):
application.app_context().push()
application.config['TESTING'] = True
application.config['WTF_CSRF_ENABLED'] = True
application.config['DEBUG'] = False
# using test database
application.config['SQLALCHEMY_DATABASE_URI'] = TEST_DB
self.client = application.test_client()
db.drop_all()
db.create_all()
# create a testing user and testing dogs
db.session.add(User('*****@*****.**', 'testing', '123456'))
db.session.add(Dogs(1, "testDog1", "Male", "Adult", "http/pic"))
db.session.add(Dogs(2, "testDog2", "Male", "Adult", "http/pic"))
db.session.commit()
user = User.query.filter_by(email='*****@*****.**').first()
#login_user(user)
user_id = user.id
db.session.add(Favorites(1, 2))
db.session.add(Favorites(1, 1))
db.session.commit()
self.assertEqual(application.debug, False)
# declaratives can be accessed through a DBSession instance
Base.metadata.bind = engine
DBSession = sessionmaker(bind=engine)
# A DBSession() instance establishes all conversations with the database
# and represents a "staging zone" for all the objects loaded into the
# database session object. Any change made against the objects in the
# session won't be persisted into the database until you call
# session.commit(). If you're not happy about the changes, you can
# revert all of them back to the last commit by calling
# session.rollback()
session = DBSession()
# Add 1 user
user1 = User(name="Oliver", email="*****@*****.**", picture="")
session.add(user1)
session.commit()
category1 = MusicCategory(name="Rock",
description="broad genre of popular music that originated as 'rock and roll' in the United "
"States in the early 1950s, and developed into a range of different styles in "
"the 1960s")
session.add(category1)
session.commit()
song1 = Song(name="Chop Suey",
band="System of a down",
lyrics="Wake up \
Grab a brush and put a little (makeup)\
def login(provider):
"""Logs in the user with the given provider.
Args: provider as string (currently only supports 'google')
Stores the user info in the session."""
# Parse the auth code
auth_code = request.data
if provider == 'google':
# Exchange for a token
try:
# Upgrade the authorization code into a credentials object
oauth_flow = \
flow_from_clientsecrets(json_url, scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(auth_code)
except FlowExchangeError:
response = \
make_response(
json.dumps('Failed to upgrade the authorization code.'),
401
)
response.headers['Content-Type'] = 'application/json'
return response
# Check that the access token is valid.
access_token = credentials.access_token
url = \
('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s'
% access_token)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
# If there was an error in the access token info, abort.
if result.get('error') is not None:
response = make_response(json.dumps(result.get('error')), 500)
response.headers['Content-Type'] = 'application/json'
# # Verify that the access token is used for the intended user.
gplus_id = credentials.id_token['sub']
if result['user_id'] != gplus_id:
response = \
make_response(
json.dumps("Token's user ID doesn't match given user ID."),
401
)
response.headers['Content-Type'] = 'application/json'
return response
# # Verify that the access token is valid for this app.
if result['issued_to'] != CLIENT_ID:
response = \
make_response(
json.dumps("Token's client ID does not match app's."), 401
)
response.headers['Content-Type'] = 'application/json'
return response
stored_credentials = session.get('access_token')
stored_gplus_id = session.get('gplus_id')
if stored_credentials is not None and gplus_id == stored_gplus_id:
response = \
make_response(
json.dumps('Current user is already connected.'), 200
)
response.headers['Content-Type'] = 'application/json'
return response
# store the credentials
session['access_token'] = access_token
session['gplus_id'] = gplus_id
# Find User or make a new one
# Get user info
userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"
params = {'access_token': credentials.access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = answer.json()
name = data['name']
picture = data['picture']
email = data['email']
# store user info
session['username'] = name
session['email'] = email
session['picture'] = picture
# see if user exists, if it doesn't make a new one
user = db.session.query(User).filter_by(email=email).first()
if not user:
user = User(username=name, picture=picture, email=email)
db.session.add(user)
db.session.commit()
session['user_id'] = user.id
# Make token - not really using this for anything anymore (since I
# couldn't figure out how to store it
token = user.generate_auth_token(600)
# request.headers['WWW-Authenticate'] = token
# user.token = token.decode('ascii')
# db.session.commit()
# Send back token to the client
flash('You are now logged in as ' + name, 'success')
return jsonify({'token': token.decode('ascii')})
else:
return 'Unrecognized Provider'
