Esempio n. 1
0
  def regist(self, **kwargs):
    result = {
      'code': 400,
      'message': 'bad request'
    }

    args_regist = ['email', 'password', 'nickname']

    # check parameter validation
    if len(set(self.arguments) & set(args_regist)) == len(args_regist):
      user = Users.find(self.arguments.get('email'))

      if user:
        result['code'] = 401
        result['message'] = 'already registered'
        #return self.createRes(401, result)

      else:
        # check password
        try:
          md5password = md5.md5(self.arguments.get('password')).hexdigest()
        except UnicodeEncodeError, e:
          logging.error("password = %s" % self.arguments.get('password'))
          return self.createRes(401, result)

        # insert as a new user
        user = Users(auto_id=True)
        user.password = md5password
        user.set(self.convertRequsetParameter(self.arguments, ['password']))

        if ('deviceInfo' in self.session) and ('appName' in self.session['deviceInfo']):
          deviceInfo = self.session['deviceInfo']

          # save reg_id in user
          setattr(user, re.sub('\.', '', '%s_regid' % self.arguments.get('appName')), deviceInfo['regId'])
          user.put()

          # save user in device
          device = ndb.Key(Devices, "%s|%s" % (self.arguments.get('appName'), deviceInfo['deviceId'])).get()
          if device is not None:
            setattr(device, 'user', user.key)
            device.put()

        message = '%s님이 하나시를 시작했습니다.' % user.nickname
        url = 'http://hanasee.com'
        Messages(user=user.key,
          action_user=user.key,
          action='regist',
          settings='system',
          app_name='hanasee',
          message=message,
          url=url).send(['MAIL','SNS'])
        self.session['user'] = user.to_obj(mine=True)
        result['code'] = 200
        result['message'] = 'OK'

      if result['code'] == 200:
        if self.session.get('returnTo', None):
          returnTo = self.session.pop('returnTo')
          return self.redirect(returnTo)
        else:
          result['code'] = 200
          result['message'] = 'OK'
          result['User'] = user.to_obj(mine=True)
          return self.createRes(200, result)
      else:
        if self.session.get('returnTo', None):
          options = {
            'returnTo': self.session.get('returnTo'),
            'message': result['message']
          };

          template = JINJA_ENVIRONMENT.get_template('signin.html')
          return self.response.write(template.render(options))
        else:
          return self.createRes(401, result)
Esempio n. 2
0
  def post(self, **kwargs):
    result = {
      'code': 400,
      'message': 'bad request'
    }
    
    # update user info
    if kwargs.get('uid'):
      if self.get_user() is None:
        result['code'] = 401
        result['message'] = 'unauthorized'
      else:
        
        uid = self.get_user().get('uid')
  
        if kwargs.get('uid') != 'me' and uid != int(kwargs.get('uid')):
          result['code'] = 400
          result['message'] = 'already exists'
          return self.createRes(400, result)
        
        reqInfo = self.arguments
          
        # get user info
        user = Users.get(id=uid)
        if type(user) == ndb.key.Key:
          result['code'] = 400
          result['message'] = 'bad request'
        
        else:
          # using API, user can modify nickname and picture
          available_list = ['nickname', 'picture', 'hanasee', 'language'] + [kwargs.get('attribute')]
    
          reqInfo = []
          for field in self.arguments:
            if field in available_list:
              if hasattr(self.arguments[field], 'FieldStorageClass'):
                dtCreated = datetime.datetime.now()
                filename = "%d" % (time.mktime(dtCreated.timetuple())*1e3 + dtCreated.microsecond/1e3)
                
                image_url = self.create_file(self.arguments.get(field).value, filename, self.arguments.get(field).type)
                setattr(user, field, image_url)
              elif field == 'password':
                if user.password == md5.md5(self.arguments.get('old_password')).hexdigest():
                  setattr(user, field, md5.md5(self.arguments.get('password')).hexdigest())
                else:
                  result['code'] = 401
                  result['message'] = 'invalid password'
              else:
                setattr(user, field, self.arguments.get(field))
          
          if result['code'] != 401:
            user.put()
            
            result['code'] = 200
            result['message'] = 'OK'
            result['User'] = user.to_obj(mine = True)
        
    else:
      arguments = self.arguments
      args_regist = ['email', 'password', 'nickname']
  
      # check parameter validation
      if len(set(arguments) & set(args_regist)) == len(args_regist):
        user = Users.find(self.request.get('email'))
  
        if user:
          result['code'] = 401
          result['message'] = 'already registered'
          #return self.createRes(401, result)
  
        else:
          # check password
          #md5password = md5.md5(self.arguments.get('password')).hexdigest()
  
          # insert as a new user
          user = Users(auto_id=True)
          #user.password = md5password
          user.password = self.arguments.get('password')
          user.set(self.convertRequsetParameter(self.arguments, ['password']))
  
          if ('deviceInfo' in self.session) and (appName in self.session['deviceInfo']):
            deviceInfo = self.session['deviceInfo'][self.request.get('appName')]
  
            # save reg_id in user
            setattr(user, re.sub('\.', '', self.request.get('appName')), deviceInfo['regId'])
            user.put()
  
            # save user in device
            device = ndb.Key(Devices, "%s|%s" % (self.request.get('appName'), deviceInfo['deviceId'])).get()
            setattr(device, 'user', user.key)
            device.put()
  
          self.session['user'] = user.to_obj(mine=True)
          result['code'] = 200
          result['message'] = 'OK'
  
    if result['code'] == 200:
      if self.arguments.get('returnTo', None):
        return self.redirect(str(self.arguments.get('returnTo')))
      else:
        return self.createRes(200, result)
    else:
      if self.arguments.get('returnTo', None):
        options = {
          'returnTo': self.arguments.get('returnTo'),
          'message': result['message']
        };

        if self.get_user():
          options['uid'] = self.get_user().get('uid')
        template = JINJA_ENVIRONMENT.get_template(self.arguments.get('dialog'))
        return self.response.write(template.render(options))
      else:
        return self.createRes(401, result)
Esempio n. 3
0
  def signin(self, **kwargs):
    logging.error("signin")
    result = {
      'code': 400,
      'message': 'bad request'
    }

    args_signin = ['email', 'password']
    args_device = ['deviceId', 'appName']
    args_oauth = ['type']

    # check parameter validation
    if len(set(self.arguments) & set(args_device)) == len(args_device):
      # device signin
      device_key = ndb.Key('Devices', '%s|%s' % (self.arguments.get('appName'), self.arguments.get('deviceId')))
      device = device_key.get()

      if device and getattr(device, 'user', None) is not None and getattr(device, 'user').get() is not None:
        user = getattr(device, 'user').get()
        self.session['user'] = user.to_obj(mine=True)
        setattr(user, '%s_regid' % self.arguments.get('appName'), device.regId)
        user.put()

        message = '로그인 하셨습니다'
        url = 'http://hanasee.com'
        Messages(user=user.key,
          action_user=user.key,
          action='signin',
          settings='system',
          app_name='hanasee',
          message=message,
          url=url)

        if hasattr(self.session, 'returnTo'):
          return self.redirect(self.session.pop('returnTo'))

        else:
          result['code'] = 200
          result['message'] = 'OK'
          result['User'] = user.to_obj(mine=True)
          return self.createRes(200, result)

      # no information in device
      elif self.arguments.get('returnTo') is not None:
        options = {
          'returnTo': self.arguments.get('returnTo'),
          'appName': self.arguments.get('appName'),
          'state': self.arguments.get('state')
        }

        template = JINJA_ENVIRONMENT.get_template('signin.html')
        return self.response.write(template.render(options))

      else:
        result['code'] = 401
        result['message'] = 'unauthorized'
        return self.createRes(401, result)

    elif len(set(self.arguments) & set(args_signin)) == len(args_signin):
      # email signin
      user = Users.find(self.arguments.get('email'))

      if not user:
        result['code'] = 401
        result['message'] = 'invalid email address' + self.arguments.get('email')
        #return self.createRes(401, result)

      else:
        # check password
        md5password = md5.md5(self.arguments.get('password')).hexdigest()
        if md5password != user.password:
          result['code'] = 401
          result['message'] = 'invalid password'
          #return self.createRes(401, result)

        else:
          # success to login
          # device info
          if ('deviceInfo' in self.session):
            deviceInfo = self.session['deviceInfo']

            # save reg_id in user
            setattr(user, re.sub('\.', '', '%s_regid' % deviceInfo.get('appName')), deviceInfo.get('regId'))
            user.put()

            # save user in device
            device_key = ndb.Key('Devices', '%s|%s' % (deviceInfo.get('appName'), deviceInfo.get('deviceId')))
            device = device_key.get()

            setattr(device, 'user', user.key)
            device.put()

            self.session.pop('deviceInfo')

          message = '로그인 하셨습니다'
          url = 'http://hanasee.com'
          Messages(
            user=user.key,
            action_user=user.key,
            action='signin',
            settings='system',
            app_name='hanasee',
            message=message,
            url=url)

          self.session['user'] = user.to_obj(mine=True)
          result['code'] = 200
          result['message'] = 'OK'

      if result['code'] == 200:
        if self.session.get('returnTo', None):
          returnTo = self.session.pop('returnTo')
          return self.redirect(returnTo)
        else:
          result['code'] = 200
          result['message'] = 'OK'
          result['User'] = user.to_obj(mine=True)
          return self.createRes(200, result)
      else:
        if self.session.get('returnTo', None):
          options = {
            'returnTo': self.session.get('returnTo'),
            'message': result['message'],
            'state': self.session.get('state')
          };

          template = JINJA_ENVIRONMENT.get_template('signin.html')
          return self.response.write(template.render(options))
        else:
          return self.createRes(401, result)
    elif kwargs.get('type'):
      authomatic = Authomatic(config=CONFIG, secret='a-long-secret-string')
      results = authomatic.login(Webapp2Adapter(self), kwargs.get('type'))
      if results:
        if results.error:
          pass
        elif results.user:
          if not results.user.id:
            results.user.update()

          # find existed connection
          connection = Connections.get(id="%s|%s" % (results.provider.name, results.user.id))
          user = None

          if type(connection) == ndb.key.Key:
            connection = Connections(id="%s|%s" % (results.provider.name, results.user.id))

          if connection.user is not None:
            user = connection.user.get()
          elif getattr(results.user, 'email') is not None:
            user = Users.find(results.user.email)

          isNewUser = False

          if user is None:
            user = Users(auto_id=True)
            user.email = getattr(results.user, 'email')
            isNewUser = True

          connection.user = user.key

          if getattr(user, 'nickname') is None:
            if results.provider.name == 'kakao':
              try:
                user.nickname = results.user.data.get(u'properties').get(u'nickname')
              except KeyError, e:
                logging.error('kakao error : ' + e)

                if self.session.get('returnTo', None):
                  template = JINJA_ENVIRONMENT.get_template('signin.html')
                  options = {
                    'returnTo': self.arguments.get('returnTo'),
                    'appName': self.arguments.get('appName'),
                    'state': self.arguments.get('state')
                  }
                  options['message'] = 'internal error'
                  return self.response.write(template.render(options))
                else:
                  result['code'] = 500
                  result['message'] = 'internal error'
                  return self.createRes(500, result)
            else:
              user.nickname = results.user.name

          if getattr(user, 'picture') is None:
            if results.provider.name == 'kakao':
              try:
                user.picture = results.user.data.get(u'properties').get(u'profile_image')
              except KeyError, e:
                logging.error(results.user.data)
            elif results.provider.name == 'fb':
              url = 'https://graph.facebook.com/{}?fields=picture'
              url = url.format(results.user.id)
              response = results.provider.access(url)
              user.picture = response.data.get('picture').get('data').get('url')
            elif results.provider.name == 'tw':
              url = 'https://api.twitter.com/1.1/users/show.json?user_id={}'
              url = url.format(results.user.id)
              response = results.provider.access(url)
              user.picture = response.data.get('profile_image_url')
            elif results.provider.name == 'google':
              user.picture = results.user.picture

          # device info
          if ('deviceInfo' in self.session):
            deviceInfo = self.session['deviceInfo']

            # save reg_id in user
            setattr(user, re.sub('\.', '', '%s_regid' % deviceInfo.get('appName')), deviceInfo.get('regId'))
            user.put()

            # save user in device
            device = ndb.Key(Devices, "%s|%s" % (deviceInfo.get('appName'), deviceInfo.get('deviceId'))).get()
            setattr(device, 'user', user.key)
            device.put()

            self.session.pop('deviceInfo')

          logging.error("qqqq")

          # registered: register message
          if isNewUser:
            logging.error("new user")
            message = '%s님이 하나시를 시작했습니다.' % user.nickname
            url = 'http://hanasee.com'
            Messages(user=user.key,
              action_user=user.key,
              action='regist',
              settings='system',
              app_name='hanasee',
              message=message,
              url=url).send(['MAIL','SNS'])

          # otherwise: sign-in message
          else:
            message = '로그인 하셨습니다'
            url = 'http://hanasee.com'
            Messages(
              user=user.key,
              action_user=user.key,
              action='signin',
              settings='system',
              app_name='hanasee',
              message=message,
              url=url)

          self.session['user'] = user.to_obj(mine=True)

          user.provider = results.provider.name
          setattr(user, results.provider.name, results.provider.credentials.serialize())

          connection.put()
          user.put()

          if self.session.get('returnTo', None):
            returnTo = self.session.pop('returnTo')
            return self.redirect(returnTo)
          else:
            result['code'] = 200
            result['message'] = 'OK'
            result['User'] = user.to_obj(mine=True)
            return self.createRes(200, result)