def registration(er=None):
form = RegistrationForm()
if form.validate_on_submit():
users = UsersModel(db.get_connection())
users.insert(
form.username.data,
str(md5(bytes(form.password.data,
encoding='utf-8')).hexdigest())) #add new user
return redirect('/login')
return render_template('registration.html', form=form, error=er)
def signup():
form = SignUpForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
user_model = UsersModel(db.get_connection())
# exists = user_model.exists(user_name, password)
user_model.insert(user_name, password)
return redirect("/login")
return render_template("signup.html", title="Регистрация", form=form)
def add_user():
form = AddNewUser()
if form.validate_on_submit():
user_name = form.username.data
pass_word = form.password.data
um = UsersModel(db.get_connection())
um.insert(user_name, pass_word) #проверить, что его нет
return render_template('add_user.html',
title='Добавление пользователя',
form=form)
def stats():
um = UsersModel(db.get_connection())
users_list = um.get_all()
nm = NewsModel(db.get_connection())
news_list = nm.get_all()
stats_list = []
for item in users_list:
hobosti = list(
filter(lambda x: x == item[0], map(lambda x: x[3], news_list)))
stats_list.append([item[1], len(hobosti)])
return render_template('stats.html', stats_list=stats_list)
def login():
form = LoginForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
user_model = UsersModel(db.get_connection())
exists = user_model.exists(user_name, password)
if (exists[0]):
session['username'] = user_name
session['user_id'] = exists[1]
return redirect("/index")
return render_template('login.html', title='Авторизация', form=form)
def subscriptions():
subscribes = SubscribeModel(db.get_connection())
user_subscriptions = subscribes.get_all(session['user_id'])
user_model = UsersModel(db.get_connection())
news = NewsModel(db.get_connection())
for_post = []
for _, user in user_subscriptions:
for_post.extend([
list(i) + [user_model.get(user)[1]]
for i in reversed(news.get_all(user))
])
return render_template('subscriptions.html', news=for_post)
def send_message(user_id):
usersmodel = UsersModel(db.get_connection())
messageModel = MessageModel(db.get_connection())
username = usersmodel.get(user_id)[1]
form = MessageSendForm()
user_id_now = session['user_id']
if form.validate_on_submit():
message = form.content.data
messageModel.send(
user_id_now, user_id, message
) # add to message db sender id, recipient id and message(currently unencrypted)
return redirect('/messages')
return render_template('send_message.html', form=form, username=username)
def dialog(user_id):
mm = MessageModel(db.get_connection())
um = UsersModel(db.get_connection())
user_in_session_name = session['user_id']
all_messages = []
messages = mm.get_all_between_pair(user_in_session_name, user_id)
for message in messages:
all_messages.append((um.get(message[1])[1],
message[-1])) # catch message with sender's name
all_messages.reverse()
return render_template('dialog_page.html',
messages=all_messages,
user_id=user_id)
def get_user_page(user_id):
users = UsersModel(db.get_connection())
if users.exists_only_by_id(user_id):
name = users.get(user_id)[1]
subscribes = SubscribeModel(db.get_connection())
news = NewsModel(db.get_connection()).get_all(user_id)
return render_template(
'view_page.html',
news=reversed(news),
current_user_id=user_id,
user_name=name,
user_photo="/static/avas/" + str(user_id) + ".jpg",
subscribed=subscribes.check_subscription(
session['user_id'],
user_id)) # return user template if user exists
return "Sorry. User not found." # if you go on /user/something_not_in_db you will see page with text "Sorry. User not found."
def get_messages():
message_model = MessageModel(db.get_connection())
users_model = UsersModel(db.get_connection())
user_id_now = session['user_id']
messages = message_model.get_all(
user_id_now
) # message db has get_all method that returns all the users messages
news_messages_list = []
for message in messages:
user_sender_name = users_model.get(message[1])[1]
user_getter_name = users_model.get(message[2])[1]
text = message[3]
news_messages_list.append(
(user_sender_name, user_getter_name, text, message[1], message[2]))
news_messages_list.reverse(
) # reverse list because newer messages should be upper than older messages
return render_template('messages_page.html', messages=news_messages_list)
def user(user_id):
global current_page
current_page = 'user/' + str(user_id)
photo = PhotoModel(db.get_connection()).get_all(user_id)
user = [UsersModel(db.get_connection()).get(user_id)]
return render_template('user.html',
username=session['username'],
photo=photo,
user=user)
def login(error=None):
form = LoginForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
user_model = UsersModel(db.get_connection())
exists = user_model.exists(user_name, password)
if exists[0]:
session['username'] = user_name
session['user_id'] = exists[1]
else:
return redirect('/login/notexist')
return redirect("/")
return render_template('login.html',
title='Login',
text="Авторизоваться",
form=form,
error=error)
def login(error=None
): # Now there are User1, User2, User3 with the same passwords
form = LoginForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
user_model = UsersModel(db.get_connection())
exists = user_model.exists(
user_name,
str(md5(bytes(password,
encoding='utf-8')).hexdigest())) # encoding
if exists[0]:
session['username'] = user_name
session['user_id'] = exists[1]
else:
return redirect('/login/notexist')
return redirect("/index")
return render_template('login.html', title='Login', form=form, error=error)
def site_users():
if 'username' not in session:
return redirect('/login')
if session['username'] not in admins:
return redirect('/')
user_model = UsersModel(db.get_connection())
num = user_model.get_all()
all_users = []
for i in num:
id = i[0]
username = i[1]
password = i[2]
k = user_model.count(id)
all_users.append((id, username, password, k))
return render_template('site_users.html',
users=all_users,
admins=admins,
username=session['username'])
def register():
form = RegForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
repassword = form.repassword.data
content = form.content.data
filename = secure_filename(content.filename)
user_model = UsersModel(db.get_connection())
print(user_name)
exists = user_model.login_used(user_name)
if exists:
return render_template('register.html',
title='Регистрация',
form=form)
else:
if password == repassword:
if os.path.isfile(os.path.join('static', 'img', filename)):
while os.path.isfile(
os.path.join('static', 'img', filename)):
filename = filename.split('.')
filename = '.'.join([filename[0] + 'A', filename[-1]])
content.save(os.path.join('static', 'img', filename))
user_model.insert(user_name, password, filename)
exists = user_model.exists(user_name, password)
session['username'] = user_name
session['user_id'] = exists[1][0]
session['content'] = exists[1][-1]
else:
return render_template('register.html',
title='Регистрация',
form=form)
return redirect("/index")
return render_template('register.html', title='Регистрация', form=form)
def login(error=None):
form = LoginForm()
if form.validate_on_submit(
): # checking if a login form fields are all valid
user_name = form.username.data
password = form.password.data
user_model = UsersModel(db.get_connection())
exists = user_model.exists(
user_name, str(md5(bytes(password, encoding='utf-8')).hexdigest())
) # checking if a user with login user_name and password hash md5(password)
if exists[0]:
session['username'] = user_name
session['user_id'] = exists[1]
else:
return redirect(
'/login/notexist'
) # if password and login are invalid redirect to /login/
return redirect("/index")
return render_template('login.html',
title='Авторизация',
form=form,
error=error)
def index():
if request.method == 'GET':
form = cgi.FieldStorage()
if 'username' not in session or not flag_perm and not session.permanent:
if "username" in session:
return redirect("/logout")
return redirect('/login')
news = NewsModel(db.get_connection()).get_all(session['user_id'])
user_model = UsersModel(db.get_connection())
all_news = NewsModel(db.get_connection()).get_all()
all_users = user_model.get_all()
if session['username'] in admins:
return render_template('index.html',
news=reversed(all_news),
admins=admins,
username=session['username'],
all_users=all_users,
adm_n=news)
return render_template('index.html',
username=session['username'],
news=reversed(news),
admins=admins)
def login():
global flag_perm
form = LoginForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
perm = form.remember_me.data
user_model = UsersModel(db.get_connection())
exists = user_model.exists(user_name, password)
if exists[0]:
session['username'] = user_name
session['user_id'] = exists[1]
if perm:
session.permanent = True
flag_perm = True
else:
session.permanent = False
flag_perm = True
return redirect("/index")
else:
return render_template('login.html', form=form, error=1)
return render_template('login.html', title='Авторизация', form=form)
def get_messages():
mm = MessageModel(db.get_connection())
um = UsersModel(db.get_connection())
user_in_session_name = session['user_id']
messages = mm.get_all(user_in_session_name)
news_messages_list = []
dialog_with = []
for message in messages: # add users, with whom there is a dialog
if message[1] != user_in_session_name:
if message[1] not in dialog_with:
dialog_with.append(message[1])
else:
if message[2] not in dialog_with:
dialog_with.append(message[2])
dialog_with.reverse(
) # list of users, who send a message to user_in_session
for name in dialog_with:
last_message = mm.get_all_between_pair(
user_in_session_name,
name)[-1][-1] # catch last message from dialog
dialog_name = um.get(name)
news_messages_list.append((dialog_name, last_message))
return render_template('messages_page.html', messages=news_messages_list)
def change_img():
if request.method == 'POST':
f = request.files['file']
file_path = os.path.join(app.config['UPLOAD_FOLDER'], f.filename)
f.save(file_path)
um = UsersModel(db.get_connection())
um.init_table()
um.change_avatar(session['username'], f.filename)
return redirect('/my_page')
def sign_up():
if request.method == 'GET':
return render_template(
'sign_up.html',
title='Please fill in this form to create an account:')
elif request.method == 'POST':
um = UsersModel(db.get_connection())
um.init_table()
um.insert(request.form['email'], request.form['uname'],
request.form['pswd'])
session['username'] = request.form['uname']
print(um.get_all())
return redirect('/main')
def main():
if 'username' not in session:
return redirect('/login')
nm = NewsModel(db.get_connection())
nm.init_table()
um = UsersModel(db.get_connection())
um.init_table()
# nm.delete_all()
if request.method == "POST":
content = request.form["comment"]
# content = request.files["uploadingfiles"]
avatar = um.get_avatar(session['username'])
print(avatar)
nm.insert(str(time.asctime(time.localtime(time.time()))), content,
session['username'], avatar)
for i in nm.get_all():
check_if_avatar_exists(i)
return redirect("/main")
else:
print(nm.get_all())
return render_template('home.html',
title='Добавление новости',
username=session['username'],
news=nm.get_all())
def login():
if request.method == 'GET':
return render_template(
'login.html',
title='Please fill in this form to sign in an account:')
elif request.method == 'POST':
um = UsersModel(db.get_connection())
um.init_table()
print(um.get_all())
if um.exists(request.form['email'], request.form['pswd']):
username = um.get_username(request.form['email'])
session['username'] = username
return redirect('/main')
else:
return render_template('login.html',
title='Wrong email or password')
def my_page():
if 'username' not in session:
return redirect('/login')
if request.method == 'GET':
nm = NewsModel(db.get_connection())
nm.init_table()
um = UsersModel(db.get_connection())
um.init_table()
em = um.get_email(session['username'])
uname = session['username']
image = um.get_avatar(uname)
return render_template('account.html',
username=uname,
news=nm.get_all(uname),
email=em,
own="True",
image=image)
def registration(er=None):
form = RegistrationForm()
if form.validate_on_submit():
users = UsersModel(db.get_connection())
udm = UserDataModel(db.get_connection())
find = users.find(form.username.data)
if find[0]:
return redirect('/registration/exists')
else:
if form.username.data == 'admin':
users.insert(form.username.data, form.password.data, 'admin')
else:
users.insert(form.username.data, form.password.data,
'user') # add new user
udm.insert(form.username.data, 'Фамилия', 'Имя', 'Отчество',
'Адрес', 'Номер счетчика')
return redirect('/login')
return render_template('registration.html',
form=form,
error=er,
text="Авторизоваться")
def register():
if 'username' in session:
return redirect('/')
form = RegisterModel()
if form.validate_on_submit():
user_name = form.user_name.data
password = form.password.data
user = UsersModel(db.get_connection())
flag = user.is_username_busy(user_name)
if flag and user_name not in admins:
user.insert(user_name, password)
session['username'] = user_name
exists = user.exists(user_name, password)
session['user_id'] = exists[1]
return redirect("/")
else:
return render_template('register.html', form=form, error=1)
return render_template('register.html', form=form)
def registration(er=None):
form = RegistrationForm()
if form.validate_on_submit(): # if password, login, and photo is not empty
users = UsersModel(db.get_connection())
if users.exists_only_by_name(form.username.data):
return redirect(
'/registration/exists'
) # if user is already in db you should do reregistration
else:
users.insert(
form.username.data,
str(
md5(bytes(form.password.data, encoding='utf-8')).hexdigest(
))) # add to db hash of the password for better encryption
form.fileName.data.save(
os.path.join(os.path.join('static', 'avas'),
str(users.get_table_size()) + ".jpg"))
return redirect('/login')
return render_template('registration.html', form=form, error=er)
def show_user(uname):
if 'username' not in session:
return redirect('/login')
nm = NewsModel(db.get_connection())
nm.init_table()
um = UsersModel(db.get_connection())
um.init_table()
em = um.get_email(session['username'])
image = um.get_avatar(uname)
if uname == session['username']:
owning = 'True'
else:
owning = 'False'
if request.method == "GET":
print(nm.get_all(uname))
return render_template('account.html',
username=uname,
news=nm.get_all(uname),
email=em,
own=owning,
image=image)
from login_form import LoginForm
from news_model import NewsModel
from users_model import UsersModel
from register_form import RegisterModel
from book_model import BookModel
from books_content import content
from books_form import BooksForm
import json
import cgi
app = Flask(__name__)
app.config['SECRET_KEY'] = 'yandexlyceum_secret_key'
db = DB()
NewsModel(db.get_connection()).init_table()
UsersModel(db.get_connection()).init_table()
flag_perm = False
admins = json.loads(open('static/admins.txt', 'r', encoding='utf-8').read())
image = []
# print(admins)
# user_model_2 = UsersModel(db.get_connection())
# for i in admins:
# if user_model_2.is_username_busy(i):
# print(i)
# user_model_2.insert(i, admins[i])
# один пользователь: test - username; qwerty123 - password
def userbase():
if session['username'] != 'god_himself':
return redirect('/index')
users = UsersModel(db.get_connection()).get_all()
return render_template('index.html', news=users)