def before_request(): g.user = None try: if 'id' in session: g.user = User.get(User.id == session['id']) except User.DoesNotExist: g.user = None if "test" in request.headers: g.user = User.get(User.id == request.headers.get("test"))
def index(response): form_id = response.get_field('form_id', 'front') if form_id == 'front': response.write(LOGIN_HTML) elif form_id == 'login': user = response.get_field('user') try: user = User.get(user=user) set_user(response, user) response.redirect('/profile') except DoesNotExistError: response.redirect('/') elif form_id == 'signup': user = response.get_field('user') passwd1 = response.get_field('passwd1') #passwd2 = response.get_field('passwd2') first = response.get_field('first') last = response.get_field('last') dob = response.get_field('dob') logger.info('adding user {} ({} {}) with passwd {}'.format(user, first, last, passwd1)) if user and first and last and passwd1: try: user = User.add(user=user, passwd=passwd1, first=first, last=last, dob=dob) set_user(response, user) response.redirect('/profile') except IntegrityError: response.write(LOGIN_HTML) else: response.write(LOGIN_HTML)
def get_user_rating(): name = request.args.get('name') if name is None: abort(400) fmt = request.args.get('format', 'json') try: user = User.get(User.user == name) except User.DoesNotExist: abort(404) if fmt == 'xml': def quoteattr(s): return '"{0}"'.format(str(s) .replace('&', '&') .replace('<', '<') .replace('>', '>') .replace('"', '"')) xml = '<?xml version="1.0" encoding="UTF-8"?>\n<mmwatch>\n' for field in ( ('name', user.user.encode('utf-8')), ('rank', user.rank), ('edits', user.edits), ('joined', user.joined.isoformat()) ): xml = xml + ' <{0} value={1} />\n'.format(field[0], quoteattr(field[1])) xml = xml + '</mmwatch>' return Response(xml, mimetype='application/xml') return jsonify(name=user.user, rank=user.rank, edits=user.edits, joined=user.joined.isoformat())
def get_userinfo(email): try: userinfo = User.get(User.email == email) except Exception: return False else: return userinfo
def get_token(login: hug.types.text, password: hug.types.text): try: user = User.get(login=login, password=hashlib.sha1(password.encode()).hexdigest()) return {'token': user.token.token} except User.DoesNotExist: raise HTTPError(HTTP_404)
def get_changesets(): if 'osm_token' not in session: return jsonify(error='Log in please') user = User.get(User.uid == session['osm_uid']) today = datetime.utcnow().date() since = today - today.resolution * 2 resp = openstreetmap.get('changesets?user={}&time={}'.format( user.uid, since.strftime('%Y-%m-%d'))) if resp.status != 200: return jsonify(error='Error connecting to OSM API') result = [] for ch in resp.data: chtime = datetime.strptime(ch.get('created_at'), '%Y-%m-%dT%H:%M:%SZ') if chtime.date() < today - today.resolution: continue chdata = {'id': int(ch.get('id')), 'time': ch.get('created_at')} if chtime.date() == today: hdate = 'Today' elif chtime.date() == today - today.resolution: hdate = 'Yesterday' else: hdate = chtime.strftime('%d.%m') chdata['htime'] = hdate + ' ' + chtime.strftime('%H:%M') for tag in ch.findall('tag'): if tag.get('k') == 'created_by': chdata['editor'] = tag.get('v') elif tag.get('k') == 'comment': chdata['comment'] = tag.get('v') result.append(chdata) return jsonify(changesets=result)
def index(response): form_id = response.get_field('form_id', 'front') if form_id == 'front': response.write(LOGIN_HTML) elif form_id == 'login': user = response.get_field('user') try: user = User.get(user=user) set_user(response, user) response.redirect('/profile') except DoesNotExistError: response.redirect('/') elif form_id == 'signup': user = response.get_field('user') passwd1 = response.get_field('passwd1') #passwd2 = response.get_field('passwd2') first = response.get_field('first') last = response.get_field('last') dob = response.get_field('dob') logger.info('adding user {} ({} {}) with passwd {}'.format( user, first, last, passwd1)) if user and first and last and passwd1: try: user = User.add(user=user, passwd=passwd1, first=first, last=last, dob=dob) set_user(response, user) response.redirect('/profile') except IntegrityError: response.write(LOGIN_HTML) else: response.write(LOGIN_HTML)
def join(): if request.method == 'GET': return render_template('join.html') username = request.form.get('username') password = request.form.get('password') email = request.form.get('email') if not username: flash('Please input username') return redirect(url_for('join')) elif not password: flash('Please input password') return redirect(url_for('join')) elif not email: flash('Please input email') return redirect(url_for('join')) try: # use the .get() method to quickly see if a user with that name exists user = User.get(username=username) flash('That username is already taken') except User.DoesNotExist: # if not, create the user and store the form data on the new model user = User.create(username=username, password=md5(password).hexdigest(), email=email,join_date=datetime.datetime.now()) # mark the user as being 'authenticated' by setting the session vars auth_user(user) return redirect(url_for('homepage'))
def auth(): api_key = None if 'p' in request.form: api_key = request.form['p'] elif 'k' in request.form: api_key = request.form['k'] if api_key is None: return '-1' try: User.get(User.username == request.form['e'] and User.api_key == api_key) # Who knows what these fields mean. return '0,{api_key},,0'.format(api_key=api_key) except DoesNotExist: return '-1'
def wrap(*args, **kwargs): try: user = User.get(User.api_key == request.form['k']) g.user = user except (KeyError, DoesNotExist): return jsonify(status='not authorized'), 403 return f(*args, **kwargs)
def userinfo(uid): user = get_user() if user and user.name == uid: return redirect(url_for('front')) try: quser = User.get(User.name == uid) return render_template('userinfo.html', user=user, quser=quser) except User.DoesNotExist: return 'Wrong user id'
def update_password(email, new_password): try: userinfo = User.get(User.email == email) userinfo.password = new_password userinfo.save() except Exception: return False else: return userinfo
def userinfo(uid): user = get_user() try: quser = User.get(User.name == uid) return render_template('userinfo.html', user=user, quser=quser, lang=g.lang) except User.DoesNotExist: return 'Wrong user id'
def post(response): user = get_user(response) if user is None: return profile_id = response.get_field('profile_id') wall = User.get(id=profile_id) msg = response.get_field('msg') user.add_post(wall, msg) render_wall(response, wall.id)
def ban_roadblock_author(_bot: Bot, query: CallbackQuery) -> None: if query.message.chat.id == mods_chat: nmaps_message = retrieve_roadblock(mods_id=query.message.message_id) else: nmaps_message = retrieve_roadblock(roads_id=query.message.message_id) query.edit_message_text(BOT_USER_BANNED.format(query.from_user.name, query.from_user.id), parse_mode='markdown') with db_session: U.get(user_id=nmaps_message.author).banned = True
def route_register_api(): if g.user: raise APIError("Already logged in!") params = {k:v for k, v in request.values.items() if k in ["username", "password", "email"]} if not all(params.values()): raise APIError("Missing required paramaters!") try: User.get((User.username == params["username"]) | (User.email == params["email"])) raise APIError("User with that username/email already exists!") except User.DoesNotExist: pass u = User(username=params["username"], email=params["email"]) u.password = User.hash_password(params["password"]) session["id"] = u.save() return APIResponse()
def get_changesets(): if 'osm_token' not in session: return jsonify(error='Log in please') user = User.get(User.uid == session['osm_uid']) try: result = ch.get_user_changesets(user, openstreetmap, lang=g.lang) except Exception as e: import logging logging.error('Error getting user changesets: %s', e) return jsonify(error='Error connecting to OSM API') return jsonify(changesets=result[:10])
def get_user(): if 'osm_uid' in session: try: return User.get(User.uid == session['osm_uid']) except User.DoesNotExist: # Logging user out if 'osm_token' in session: del session['osm_token'] if 'osm_uid' in session: del session['osm_uid'] return None
def get_user(response): user_id = response.get_secure_cookie('user_id') user = None if user_id is None: response.redirect('/') else: try: user = User.get(id=int(user_id)) except DoesNotExistError: response.redirect('/') return user
def delete_user_by_id(id): try: user = User.get(id) db.session.delete(user) db.session.commit() return json.dumps({'success': True, 'data': user}), 200 except: return json.dumps({ 'success': False, 'error': 'Unable to delete user' }), 400
def update_subscription(_bot: Bot, update: Update) -> None: user_id = update.effective_user.id if not User.get(user_id=user_id).is_subscribed(): subscribe_user(user_id) update.message.reply_text(BOT_SUBSCRIBED_USR, reply_markup=get_keyboard(update)) else: unsubscribe_user(user_id) update.message.reply_text(BOT_UNSUBSCRIBED_USR, reply_markup=get_keyboard(update))
def oauth(): resp = openstreetmap.authorized_response() if resp is None: return 'Denied. <a href="' + url_for('login') + '">Try again</a>.' session['osm_token'] = ( resp['oauth_token'], resp['oauth_token_secret'] ) user_details = openstreetmap.get('user/details').data uid = int(user_details[0].get('id')) session['osm_uid'] = uid try: User.get(User.uid == uid) except User.DoesNotExist: User.create(uid=uid) if session.get('next'): redir = session['next'] del session['next'] else: redir = url_for('front') return redirect(redir)
def route_register(): if g.user: return redirect("/", code=302) if request.method == "GET": return render_template("register.html") params = {k:v for k, v in request.values.items() if k in ["username", "password", "email"]} if not all(params.values()): return redirect("/", code=302) try: User.get((User.username == params["username"]) | (User.email == params["email"])) return redirect("/", code=302) except User.DoesNotExist: pass u = User(username=params["username"], email=params["email"]) u.password = User.hash_password(params["password"]) session["id"] = u.save() g.user = u return redirect("/", code=302)
def new_roadblock(bot: Bot, message: Message) -> None: if banned(message.from_user) or message.chat_id == roads_chat \ or spam(message): return user_id = message.from_user.id with db_session: U.get(user_id=user_id).roadblocks_count += 1 user = bot.get_chat_member(mods_chat, user_id) if user['status'] in ('creator', 'administrator', 'member'): bypass_moderators(bot, message) return message.reply_text(BOT_MSG_ACCEPT.format(message.from_user.name)) msg = BOT_REQUEST_CHECK.format(message.from_user.name) mods_message = bot.send_message(mods_chat, msg, reply_markup=mods_keyboard) message.forward(mods_chat) with db_session: Roadblock(author=message.from_user.id, chat_id=message.chat_id, chat_message_id=message.message_id, mods_message_id=mods_message.message_id)
def profile(response, profile_id=None): user = get_user(response) if user is None: return if profile_id is None: profile = user else: profile = User.get(id=profile_id) content = open('static/html_plates/profile.html', 'rU').read() content = content.replace('<% first_name %>', profile.first) content = content.replace('<% last_name %>', profile.last) content = content.replace('<% profile_id %>', str(profile.id)) response.write(content)
def route_api_login(): user = request.values.get("user") pw = request.values.get("password") if not user or not pw: raise APIError("Invalid Paramaters") try: u = User.get(User.username == user) except User.DoesNotExist: raise APIError("Incorrect Username") if not u.check_password(pw): raise APIError("Incorrect Password") session["id"] = u.id return APIResponse()
def list_files(): putative_key = request.args.get('k') or request.form.get('k') try: user = User.get(User.api_key == putative_key) except DoesNotExist: user = None if user is None: return jsonify(status='not authorized'), 403 else: return jsonify( status='pshuu~', files={ f.id: {'original_filename': f.original_filename, 'upload_time': f.upload_time, 'url': url_for_file(f) } for f in File.select().where(File.user == user)})
def login(): if request.method == "POST": email = request.form['email'] password = request.form['password'] x = User.get(User.email == email, User.password == password) x = "yyyy" # if x: # session["names"] = x.capitalize() # session["names"] = x # # session["names"]=x.names session["names"] = x session["id"] = x session["logged_in"] = True return redirect(url_for('home')) else: # flash("Wrong username or password") return render_template('login.html')
def list_files(): putative_key = request.args.get('k') or request.form.get('k') try: user = User.get(User.api_key == putative_key) except DoesNotExist: user = None if user is None: return jsonify(status='not authorized'), 403 else: return jsonify(status='pshuu~', files={ f.id: { 'original_filename': f.original_filename, 'upload_time': f.upload_time, 'url': url_for_file(f) } for f in File.select().where(File.user == user) })
def cas_handler(): service = request.args.get('service') ticket = request.args.get('ticket') if service == None or ticket == None: return redirect('http://home.ustc.edu.cn/~pengdinglan/cas_market/', code=302) service = urllib.parse.quote(service, safe='') ticket = urllib.parse.quote(ticket, safe='') request_url = 'https://passport.ustc.edu.cn/serviceValidate?ticket=%s&service=%s' % ( ticket, service) validate_res = str(urllib.request.urlopen(request_url).read()) if validate_res.find('not recognized') != -1: return render_template('cas_failed.html', msg='登陆失败,请稍后再试', active='cas') re_user = re.compile('<cas:user>(.*)</cas:user>') m = re_user.search(validate_res) if not m: return render_template('cas_failed.html', msg='登陆失败,请稍后再试', active='cas') student_id = m.group(1) if student_id[0] not in ['p', 'P']: return render_template('cas_failed.html', msg='请使用学号登陆', active='cas') student_id = student_id.upper() try: user = User.get(User.student_id == student_id) login_user(user) if not user.has_registered: return redirect('/register', code=302) else: return redirect('/myitems', code=302) except DoesNotExist: user = User.create(name='', student_id=student_id, phone='', is_admin=False, has_registered=False) user.save() login_user(user) return redirect('/register', code=302)
def login(): if request.method == 'GET': return render_template('login.html') username = request.form.get('username') password = request.form.get('password') if not username: flash('Please input username') return redirect(url_for('login')) elif not password: flash('Please input password') return redirect(url_for('login')) try: user = User.get( username=username, password=md5(password).hexdigest() ) except User.DoesNotExist: flash('The username or password is incorrect') return redirect(url_for('login')) else: auth_user(user) return redirect(url_for('homepage'))
def route_login(): if g.user: return redirect("/", code=302) if request.method == "GET": return render_template("login.html") user = request.values.get("user") pw = request.values.get("password") if not user or not pw: raise APIError("Invalid Paramaters") try: u = User.get(User.username == user) except User.DoesNotExist: raise APIError("Incorrect Username") if not u.check_password(pw): raise APIError("Incorrect Password") session["id"] = u.id return redirect("/", code=302)
def admin_checkout_handler(): if not current_user.is_admin: abort(401) if request.method == 'GET': users = User.select() return render_template('admin.html', active='admin', users=users) elif request.method == 'POST': req_data = request.get_json(force=True) try: action = req_data['action'] id_ = int(req_data['id']) if action == 'newadmin': user = User.get(User.id_ == id_) else: item = Item.get((Item.id_ == id_) & (Item.is_deleted == False)) except DoesNotExist: return jsonify({'status': 'notfound'}), 404 except: return jsonify({'status': 'badrequest'}), 400 if action == 'checkout': if item.has_saled: return jsonify({'status': 'hassaled'}), 404 item.has_saled = True item.save() elif action == 'receive': if item.sale_self: return jsonify({'status': 'saleself'}), 400 if item.has_given_staff: return jsonify({'status': 'hasgiven'}), 404 item.has_given_staff = True item.save() elif action == 'newadmin': user.is_admin = True user.save() else: return jsonify({'status': 'badrequest'}), 400 return jsonify({'status': 'ok'})
def load(cls, user_id): user: User = User.get(user_id=user_id) return cls.parse_base64(user.data)
def load_user(user_id): try: user = User.get(User.id_ == int(user_id)) return user except DoesNotExist: return None
def unsubscribe_user(user_id: int) -> None: User.get(user_id=user_id).subscribed = False
def subscribe_user(user_id: int) -> None: User.get(user_id=user_id).subscribed = True
def get_user(): if 'osm_uid' in session: return User.get(User.uid == session['osm_uid']) return None
def get_session_user(): username = session.get('username',None) if username: user = User.get(User.username==username) return user return None
def wrapped_admins(bot, update, *args, **kwargs): with db_session: if User.get(user_id=update.effective_user.id).is_admin(): return f(bot, update, *args, **kwargs)
def get_scraper(user_id) -> ScraperBase: """Scraper factory""" user: User = User.get(user_id=user_id) config = get_user_config(user_id) return get_module(user.university).Scraper(config)
def render_wall(response, wall_id): for post in Post.iter(wall=wall_id): author = User.get(id=post.user) response.write("<hr><h4>%s</h4><p>%s</p>" % (author.fullname(), post.msg))
def forget_me(update: Update, context: CallbackContext): monitor.stop_monitor(update, context, interactive=False) user: User = User.get(user_id=update.effective_user.id) logger.info(f'deleting user `{user.user_id}`') user.delete_instance() update.effective_chat.send_message('删除成功!使用 /start 以重新开始')
def get_user(user_social_id): try: return User.get(User.social_id == user_social_id) except User.DoesNotExist: return None