Esempio n. 1
0
def updatePassword():
    data = json.loads(request.data)

    currentPassword = data["currentPassword"]
    newPassword = data["newPassword"]
    confirmNewPassword = data["confirmNewPassword"]

    if not UserModel.checkPassword(getCurrentUid(), currentPassword):
        return json.dumps({
            "result": "fail",
            "msg": "Current password is not correct!"
        })

    if newPassword != confirmNewPassword:
        return json.dumps({"result": "fail", "msg": "Passwords don't match!"})

    if not isValidPassword(newPassword):
        return json.dumps({
            "result":
            "fail",
            "msg":
            "Password is not valid! It must be at least 6 characters."
        })

    UserModel.updatePassword(getCurrentUid(), newPassword)
    return json.dumps({
        "result": "success",
        "msg": "Password has updated successfully!"
    })
Esempio n. 2
0
def updateUsername():
    data = json.loads(request.data)
    newUsername = data["username"]
    password = data["password"]

    if not UserModel.checkPassword(getCurrentUid(), password):
        return json.dumps({
            "result": "fail",
            "msg": "Password is not correct!"
        })

    if not isValidUsername(newUsername):
        return json.dumps({
            "result":
            "fail",
            "msg":
            "Username is not valid! It should be at least 1 character alpha-numeric and can contain '-', '_'"
        })

    if newUsername != None and newUsername != "":
        UserModel.updateUsername(getCurrentUid(), newUsername)
        return json.dumps({
            "result": "success",
            "msg": "Username successfully updated!"
        })
    else:
        return json.dumps({
            "result": "fail",
            "msg": "You have to enter username to update it."
        })
Esempio n. 3
0
def updateEmail():
    data = json.loads(request.data)
    newEmail = data["email"]
    password = data["password"]

    if not UserModel.checkPassword(getCurrentUid(), password):
        return json.dumps({
            "result": "fail",
            "msg": "Password is not correct!"
        })

    if not isValidEmail(newEmail):
        return json.dumps({
            "result": "fail",
            "msg": "Please enter a valid email!"
        })

    if getCurrentUser()["email"] == newEmail:
        return json.dumps({
            "result": "fail",
            "msg": "This is your current email!"
        })

    UserModel.updateEmail(getCurrentUid(), newEmail)
    return json.dumps({
        "result":
        "success",
        "msg":
        "Email updated! You should activate your new email clicking the activation link we've sent you."
    })
Esempio n. 4
0
def userPhoto(uid):
    try:
        uid = int(uid)
    except ValueError:
        uid = getCurrentUid()

    user = UserModel.getUser(uid)

    if request.method == "POST":
        size = len(request.data) / 1000000
        if size > 2:
            return json.dumps({
                "result": "fail",
                "msg": "File can not be more than 2 MB"
            })

        newFileName = str(uid) + "_" + generateCode(10) + ".jpg"

        with open(UPLOAD_FOLDER + "/users/up/" + newFileName, "wb") as fh:
            fh.write(request.data)
            UserModel.updateProfilePhoto(getCurrentUid(), newFileName)

            #Delete old uploaded file
            if user["photo"] != None:
                try:
                    os.remove(UPLOAD_FOLDER + "/users/up/" + user["photo"])
                except:
                    print("File couldn't be removed!")
            return json.dumps({"result": "success"})
    return json.dumps({"result": "fail"})
Esempio n. 5
0
def login():
    if not isLoggedIn():
        if request.method == "POST":
            #User Login
            email = request.form.get("email")
            password = request.form.get("password")
            if (UserModel.login(email, password)):
                user = UserModel.getUserByEmail(email)

                if user["isEmailVerified"]:
                    createSession(email)
                    return redirect(url_for("index"))
                else:
                    flash("""
          You didn't activate your email address. Please activate your email address.
          If you didn't receive an email, <a href="/send-verification-mail/{}">click here.</a> 
          """.format(email))
                    return redirect(url_for("login"))

            else:
                flash("Email or password is not correct")
                return redirect(url_for("login"))
        else:
            return render_template("intro/login.html")
    else:
        return redirect(url_for("index"))
Esempio n. 6
0
def userProfile(username):
    currentUser = getCurrentUser()
    user = UserModel.getUserByUsername(username, getCurrentUid())

    if user == None:
        return render_template("not-found.html",
                               title="User Not Found!",
                               msg="The user you trying to access not found!",
                               currentUser=getCurrentUser())

    userLinks = UserModel.getUserLinks(user["uid"])
    userProjects = ProjectModel.getUserProjects(user["uid"])
    lastUserPosts = UserPostModel.getLastUserPosts(user["uid"], 10,
                                                   getCurrentUid())
    popularProjects = ProjectModel.getPopularProjects(10)
    whoToFollowList = UserModel.getWhoToFollowList(5, getCurrentUid())

    #Remove password and email fields
    user.pop("password")
    user.pop("email")

    return render_template("user-profile.html",
                           currentUser=currentUser,
                           user=user,
                           userLinks=userLinks,
                           userProjects=userProjects,
                           lastUserPosts=lastUserPosts,
                           popularProjects=popularProjects,
                           whoToFollowList=whoToFollowList)
Esempio n. 7
0
def userBio():
    bio = json.loads(request.data)["bio"]
    bio.strip()
    if bio != "":
        UserModel.updateBio(getCurrentUid(), bio)
        return json.dumps({"result": "success"})
    else:
        return json.dumps({"result": "fail"})
Esempio n. 8
0
def userFullName():
    fullname = request.args.get("full-name")
    if fullname != None:
        fullname.strip()
        if fullname != "":
            UserModel.updateFullname(getCurrentUid(), fullname)
            return json.dumps({"result": "success"})
    else:
        return json.dumps({"result": "fail"})
Esempio n. 9
0
def emailVerify():
  if request.method == "GET":
    email = request.args.get("email")
    hashCode = request.args.get("hash")
    
    if email != None and UserModel.isThereThisEmail(email) and hashCode != None:
      if hashCode == generateEmailVerificationHashCode(email):
        UserModel.verifyEmail(email)
        flash("Your email address verified successfully!", "success")
        return redirect(url_for("login"))

  return redirect(url_for("index"))
Esempio n. 10
0
def projectPage(projectName):
  currentUser = getCurrentUser()
  project = ProjectModel.getProjectByProjectName(projectName)

  if project == None:
    return render_template(
      "not-found.html",
      title = "Project Not Found!",
      msg = "The project you trying to access not found!",
      currentUser = getCurrentUser()
      )

  projectLinks = ProjectModel.getProjectLinks(project["pid"])
  lastProjectPosts = ProjectPostModel.getLastProjectPosts(project["pid"], 10, getCurrentUid())
  numberOfMembers = ProjectModel.getNumberOfMembers(project["pid"])
  numberOfEmptySeaters = SeaterModel.getProjectEmptySeaterNumber(project["pid"])
  popularProjects = ProjectModel.getPopularProjects(10)
  whoToFollowList = UserModel.getWhoToFollowList(5, getCurrentUid())


  return render_template(
    "project-page.html",
    currentUser = currentUser,
    project = project,
    projectLinks = projectLinks,
    lastProjectPosts = lastProjectPosts,
    numberOfMembers = numberOfMembers,
    numberOfEmptySeaters = numberOfEmptySeaters,
    popularProjects = popularProjects,
    whoToFollowList = whoToFollowList
    )
Esempio n. 11
0
def isThereThisUsername(username):
    data = dict()
    if UserModel.isThereThisUsername(username):
        data["result"] = True
    else:
        data["result"] = False

    return json.dumps(data)
Esempio n. 12
0
def sitemap():
    lastUsers = UserModel.getLastUsers(500)
    lastProjects = ProjectModel.getLastProjects(500)

    return render_template("sitemap.xml",
                           lastUsers=lastUsers,
                           lastProjects=lastProjects,
                           SITE_ADDR=SITE_ADDR)
Esempio n. 13
0
def isGlobalAdmin(uid):
    data = dict()
    if UserModel.isGlobalAdmin(uid):
        data["result"] = True
    else:
        data["result"] = False

    return json.dumps(data)
Esempio n. 14
0
def isThereThisEmail(email):
    data = dict()
    if UserModel.isThereThisEmail(email):
        data["result"] = True
    else:
        data["result"] = False

    return json.dumps(data)
Esempio n. 15
0
def generalSearch(query):
    userResults = UserModel.searchUsers(query, 5)
    projectResults = ProjectModel.searchProjects(query, 5)

    return json.dumps(
        {
            "userResults": userResults,
            "projectResults": projectResults
        },
        cls=DateTimeEncoder)
Esempio n. 16
0
def passwordReset():
  if request.method == "POST":
    email = request.form.get("email")
    hashCodeFromUser = request.form.get("hash")
    password = request.form.get("password")
    confirmPassword = request.form.get("confirm-password")

    if email != None and UserModel.isThereThisEmail(email):
      hashCode = generatePasswordResetHashCode(email)

      if hashCodeFromUser != None and password != None and confirmPassword != None:
        if hashCode == hashCodeFromUser and password == confirmPassword:
          #Get user id
          userId = UserModel.getUserByEmail(email)["uid"]

          #Update password
          UserModel.updatePassword(userId, password)

          flash("Your password updated succesfully. Now you can log in.", "success")
          return redirect(url_for("login"))

      else:
        #Send password reset mail

        sendMail({
          "To" : email,
          "Subject" : "Password Reset - devSeater",
          "Body" : render_template("mail/password-reset-mail.html", SITE_ADDR = SITE_ADDR, email = email, hashCode = hashCode)
        })
        
        #Show message
        flash("If you have entered your email address properly, we sent you an email. Please check your inbox.", "success")

    else:
      return redirect(url_for("index"))
        
    return redirect(url_for("passwordReset"))

  else:
    email = request.args.get("email")
    hashCode = request.args.get("hash")

    return render_template("intro/password-reset.html", email = email, hashCode = hashCode)
Esempio n. 17
0
def seaterPage(projectName, sid):
  project = ProjectModel.getProjectByProjectName(projectName)
  seater = SeaterModel.getSeater(sid, getCurrentUid())
  seater["skills"] = SkillModel.getSeaterSkills(sid)
  assignedUser = UserModel.getUser(seater["uid"])
  seater["isProjectAdmin"] = ProjectModel.isProjectAdmin(getCurrentUid(), project["pid"])

  return render_template(
    "seater-page.html",
    currentUser= getCurrentUser(),
    seater = seater,
    assignedUser = assignedUser
  )
Esempio n. 18
0
def getUser():
    if request.method == "GET":
        uid = request.args.get("uid")
        username = request.args.get("username")
        email = request.args.get("email")

        if uid != None:
            user = UserModel.getUser(uid)
        elif username != None:
            user = UserModel.getUserByUsername(username)
        elif email != None:
            user = UserModel.getUserByEmail(email)
        else:
            return render_template("private-api/unknown-request.html")
        try:
            user.pop("password")
        except:
            print("password field cannot be popped!")
            return
        return json.dumps(user, cls=DateTimeEncoder)

    return redirect(url_for("index"))
Esempio n. 19
0
def userLinks():
    if request.method == "GET":
        uid = request.args.get("uid")
        if uid == None:
            uid = getCurrentUid()
        #Getting all user's links
        links = UserModel.getUserLinks(uid)
        return json.dumps(links, cls=DateTimeEncoder)
    elif request.method == "POST":
        #Stripping
        data = json.loads(request.data)
        data["name"] = data["name"].strip()
        data["link"] = data["link"].strip()

        #Adding new user link
        if data["name"] != "" and data["link"] != "":
            ulid = UserModel.addUserLink(getCurrentUid(), data["name"],
                                         data["link"])
            return json.dumps({"result": "success", "ulid": ulid})

    elif request.method == "PUT":
        #Updating a user link
        data = json.loads(request.data)
        ulid = request.args.get("ulid")
        link = UserModel.getUserLink(ulid)

        if link["uid"] == getCurrentUid():
            UserModel.updateUserLink(ulid, data["name"], data["link"])
            return json.dumps({"result": "success"})
        else:
            return render_template("private-api/forbidden-request.html")

    else:
        #Delete a user link
        #DELETE request

        ulid = request.args.get("ulid")
        link = UserModel.getUserLink(ulid)

        if link["uid"] == getCurrentUid():
            UserModel.removeUserLink(ulid)
            return json.dumps({"result": "success"})
        else:
            return render_template("private-api/forbidden-request.html")
    return render_template("private-api/unknown-request.html")
Esempio n. 20
0
def unfollow(uid):
    UserModel.unFollow(getCurrentUid(), uid)

    return json.dumps({"result": "success"})
Esempio n. 21
0
def generatePasswordResetHashCode(email):
  user = UserModel.getUserByEmail(email)
  h = hashlib.sha256()
  stringToHash = user["email"] + user["password"] + user["full_name"] + user["username"]
  h.update(stringToHash.encode("utf-8"))
  return h.hexdigest()
Esempio n. 22
0
def checkUsernameAvailability(username):
    return json.dumps({"result": not UserModel.isThereThisUsername(username)})
Esempio n. 23
0
def index():
    if not isLoggedIn():
        if request.method == "POST":
            # USER REGISTRATION

            email = request.form.get("email").strip()
            name = request.form.get("name").strip()
            username = request.form.get("username").strip()
            password = request.form.get("password").strip()
            terms = request.form.get("terms")

            #Validate all values
            errorMessages = dict()
            if (not isValidEmail(email)):
                errorMessages["email"] = "Please enter a valid email address"
            elif (UserModel.isThereThisEmail(email)):
                errorMessages["email"] = "This email address is already taken"

            if (len(name) < 3):
                errorMessages["name"] = "Name should be at least 3 characters"

            if (not isValidUsername(username)):
                errorMessages[
                    "username"] = "******"
            elif (UserModel.isThereThisUsername(username)):
                errorMessages["username"] = "******"

            if not isValidPassword(password):
                errorMessages[
                    "password"] = "******"

            if (terms != "on"):
                errorMessages["terms"] = "You should accept terms"

            if (not errorMessages):
                UserModel.addUser({
                    "email": email,
                    "username": username,
                    "full_name": name,
                    "password": password
                })

                sendVerificationEmail(email)

                flash(
                    "User created successfully, please check your inbox for email verification",
                    "success")

                return redirect(url_for("login"))

            else:
                return render_template("intro/intro.html",
                                       form=request.form,
                                       errorMessages=errorMessages)

        else:
            return render_template("intro/intro.html")
    else:
        #Logged In

        #Get User Projects
        userProjects = ProjectModel.getUserProjects(session["uid"])
        lastFollowingPosts = UserPostModel.getLastFollowingPosts(
            session["uid"], 10)

        popularProjects = ProjectModel.getPopularProjects(10)
        whoToFollowList = UserModel.getWhoToFollowList(5, getCurrentUid())

        #Get Current User Informations
        currentUser = UserModel.getUser(session["uid"])

        return render_template("index.html",
                               userProjects=userProjects,
                               popularProjects=popularProjects,
                               lastFollowingPosts=lastFollowingPosts,
                               currentUser=currentUser,
                               whoToFollowList=whoToFollowList)