def post(self): # Get POST data email = self.request.get("email") password = self.request.get("psw") # Check if user exists user = User.query(User.email == email).fetch() if not user: return self.write("Email or password is wrong") # Compare hashed password with value in database salt = "d9be95247" password = sha256(salt + password + salt).hexdigest() if password != user[0].password: return self.write("Email or password is wrong") # Create session token token = sha256(str(time.time()) + user[0].email).hexdigest() # Write new session in database new_session = Session(token=token, user_email=user[0].email) new_session.put() # Write token to cookie self.response.set_cookie("token", token) return self.redirect("/")
def test_data(): SQLModel.init_db() form = dict( username='******', password='******', role=UserRole.normal, ) u, result = User.register(form) Session.add(u.id) form = dict( title='test todo', user_id=u.id, ) t = TodoAjax.new(form) form = dict( content='test_weibo', user_id=u.id, ) w = Weibo.new(form) form = dict( content='test_comment', user_id=u.id, weibo_id=1, ) w = Comment.new(form)
def test_session_data(): form = dict( session_id='dsacbhdjshabzmsd', user_id=2, expired_time=time.time(), ) Session.new(form)
def login(): """ 登录页面的路由函数 """ form = request.form log('FORM\n{}'.format(form)) session_id = None u, result = User.login(form) if not u.is_guest(): # session ID的生成使用uuid的伪随机字符串生成器 session_id = str(uuid.uuid4()) form = dict( session_id=session_id, user_id=u.id, ) Session.new(form) log('USER\n{}'.format(u.username)) # cookie 范围 # /login # /login/user/view # /todo response = make_response( render_template('login.html', username=u.username, result=result)) if session_id is not None: response.set_cookie('session_id', session_id) return response
def post(self): login = request.headers["X-Login"] password = request.headers["X-Password"] if (login or password) is None: return '', 404 user_dict = mongo.db.users.find_one({ "password": self.hash_password(password), "login": login }) if user_dict is None: return '', 403 session_dict = mongo.db.sessions.find_one({ "user.login": login, "status": 0 }) """ we do not create a new session if already exists""" if session_dict is not None: return Session.session_from_dict(session_dict).format_http(), 201 user_dict["_id"] = str(user_dict["_id"]) user = User.user_from_dict(user_dict) session = Session.session_from_user(user) mongo.db.sessions.insert(session.format()) return session.format_http(), 201
def login(request): """ 登录页面的路由函数 """ form = request.form() u, result = User.login(form) # session 会话 # token 令牌 # 设置一个随机字符串来当令牌使用 session_id = random_string() form = dict( session_id=session_id, user_id=u.id, ) Session.new(form) # cookie 范围 # /login # /login/user/view # /todo headers = { 'Set-Cookie': 'session_id={}; path=/'.format( session_id ) } return redirect('/user/login/view?result={}'.format(result), headers)
def login(): try: email = request.json['email'] password = request.json['password'] except KeyError as e: return jsonify({'error': 'Missing field(s).', 'details': str(e)}), 401 try: if email != 'admin': user = User.find_one(email=email) if not user or not user.check_password(password): raise ValueError() role = user.role else: role = 'admin' if password != config.ADMIN_PASSWORD: raise ValueError() s = Session(email=email, role=role) s.save() session['token'] = s.token session['email'] = email return Response(status=200) except ValueError: return Response(status=401)
def post(self): login = request.headers["X-Login"] password = request.headers["X-Password"] if (login or password) is None: return '', 404 user_dict = mongo.db.users.find_one({"password": self.hash_password(password), "login": login}) if user_dict is None: return '', 403 session_dict = mongo.db.sessions.find_one({"user.login": login, "status": 0}) """ we do not create a new session if already exists""" if session_dict is not None: return Session.session_from_dict(session_dict).format_http(), 201 user_dict["_id"] = str(user_dict["_id"]) user = User.user_from_dict(user_dict) session = Session.session_from_user(user) mongo.db.sessions.insert(session.format()) return session.format_http(), 201
def create_posts(posts: [int, str, str]): tag = s.query(Tag).filter_by(name='Истории').one() for post in posts: post = Post(*post) post.tags.append(tag) s.add(post) s.commit()
def login(): """ 登录页面的路由函数 """ form = request.form u, result = User.login(form) # session 会话 # token 令牌 # 设置一个随机字符串来当令牌使用 print('u== ', u) redirect_to_login_view = redirect( '/user/login/view?result={}'.format(result)) response = current_app.make_response(redirect_to_login_view) if u.id is not None: print('session add') session_id = random_string() form = dict( session_id=session_id, user_id=u.id, ) Session.new(form) response.set_cookie('session_id', value=session_id) response.set_cookie('path', value='/') return response
def test(): connection = pymysql.connect(host='localhost', user='******', password='******', db='web8', charset='utf8mb4', cursorclass=pymysql.cursors.DictCursor) # with connection.cursor() as cursor: # cursor.execute('DROP DATABASE `web8`') # cursor.execute('CREATE DATABASE `web8` CHARACTER SET utf8mb4') # cursor.execute('USE `web8`') # cursor.execute(User.sql_create) # cursor.execute(Session.sql_create) # cursor.execute(Todo.sql_create) # cursor.execute(Comment.insert()) # connection.commit() # connection.close() form = dict( username='******', password='******', ) User.register_user(form) u, result = User.login_user(form) assert u is not None, result form = dict( username='******', password='******', ) User.register_user(form) session_id = random_string() form = dict( session_id=session_id, user_id=u.id, ) Session.new(form) s: Session = Session.one(session_id=session_id) assert s.session_id == session_id form = dict( title='test todo', user_id=u.id, ) t = Todo.add(form, u.id) assert t.title == 'test todo' form = dict(content='123', user_id=u.id, weibo_id=1) c = Comment.new(form) assert c.content == '123' form = dict( content='123', user_id=u.id, ) w = Weibo.new(form) assert w.user_id == 1
def signout(): if request.cookies.get('session'): ses = Session() ses.delete(request.cookies.get("session")) res = make_response(redirect("/authen/signin")) res.set_cookie("session", "", max_age=-1) return res return redirect("/authen/signin")
def route_logout(request): """ 注销登录 """ session = current_session(request) session_id = int(session.id) Session.delete(session_id) return redirect('/')
class SessionStore(SessionBase): """ A google appengine datastore based session store. """ def __init__(self, session_key=None): self._datastore_session = None if session_key: query = db.Query(Session) query = query.filter("session_key =", session_key) self._datastore_session = query.get() super(SessionStore, self).__init__(session_key) def load(self): session_data = {} if self._datastore_session: if self._datastore_session.expire_date > datetime.now(): if self._datastore_session.session_data: session_data = self.decode(self._datastore_session.session_data) else: session_data = None else: self.delete() return session_data or {} def save(self): time_till_expire = timedelta(seconds=60*60*24*7*2) expire_date = datetime.now() + time_till_expire if self._datastore_session: self._datastore_session.session_data = self.encode(self._session) else: self._datastore_session = Session(session_key=self.session_key, session_data=self.encode(self._session), expire_date=expire_date) self._datastore_session.put() def exists(self, session_key): query = db.Query(Session) query = query.filter("session_key =", session_key) session = query.get() if session: exists = True else: exists = False return exists def delete(self, session_key): query = db.Query(Session) query = query.filter("session_key =", session_key) session = query.get() if session: session.delete()
def signout(): if request.cookies.get('session'): ses = Session() ret = ses.delete(request.cookies.get('session')) res = make_response(redirect('/authen/signin')) res.set_cookie('session', '', max_age= -1) return res return redirect('authen/signin')
def test_multiple_session(self): user = User.create() sessions = [ Session.create(user = user), Session.create(user = user) ] for session in Session.find_by_user(user).all: assert session in sessions
def bootstrap_database(environment='development'): """Create the database.""" print green('Creating database') database.create() print green('Defining schema') with open('migrations/schema.sql') as f: sql = f.read().replace('\n', '') Session.execute(sql) Session.commit()
def change_password(**params): if request.method == "GET": token = request.cookies.get('my-simple-app-session') success, user, message = Session.verify_session(token) csrf_token = CSRFToken.generate_csrf_token(user) if success and csrf_token: params["current_user"] = user params["csrf_token"] = csrf_token return render_template("public/auth/change_password.html", **params) else: params["error_message"] = message return render_template("public/auth/error_page.html", **params) elif request.method == "POST": token = request.cookies.get('my-simple-app-session') success, user, message = Session.verify_session(token) current_email = user.email current_password = request.form.get("current_password") new_password = request.form.get("new_password") form_csrf_token = request.form.get("csrf_token") csrf_validation_success = CSRFToken.validate_csrf_token( form_csrf_token) if current_email and current_password and new_password and csrf_validation_success: # checks if user with this e-mail and password exists user = User.query.filter_by(email=current_email).first() if user and bcrypt.checkpw(current_password.encode("utf-8"), user.password.encode("utf-8")): success, message = User.update_password( current_email, new_password) if success: # if password was changed, logout the user so he has to login again # prepare the response message = "Your password has been changed, please login again." response = redirect( url_for("public.main.login", info_message=message)) # remove session cookie response.set_cookie('my-simple-app-session', '', expires=0) return response else: params["error_message"] = message return render_template("public/auth/error_page.html", **params) else: params[ "error_message"] = "You entered the wrong old password, please try again." return render_template("public/auth/error_page.html", **params)
def login_valid(): """ 验证登陆数据 """ # 接收POST数据 form = dict() for k, v in request.form.items(): form[k] = v log('FORM\n{}'.format(form)) # 验证验证码 vcode = form['code'] vcode = hashlib.sha256(vcode.encode('ascii')).hexdigest() vcode = 'static/code/{}.png'.format(vcode) img = form['img'] if img != vcode: return redirect( url_for('.log_info', result='验证码不正确', target=url_for('.login_view'))) form.pop('code') form.pop('img') session_id = None u, result = User.login(form) if result != '登录成功': return redirect( url_for('.log_info', result='用户名或者密码错误', target=url_for('.login_view'))) if not u.is_guest(): session_id = uuid.uuid4().hex form = dict( session_id=session_id, user_id=u.id, ) Session.new(form) # 生成csrf令牌 u = current_user() if u.id > 0: generate_csrf_token() log('更新CSRF令牌') log('USER\n{}'.format(u.username)) response = make_response( redirect( url_for('.log_info', result=result, target=url_for('public.index')))) if session_id is not None: response.set_cookie('session_id', session_id) return response
def set_contribution(contribution_info, politician): """ Given a dict of contribution information, returns a contribution object created from that information. Returns True if the contribution object was successfully created and added to the database. TODO: Add validations/checking and error handling. """ # First create the new contribution object and set its fields contribution = Contribution() contribution.date = datetime.strptime(contribution_info['date'], DATE_FORMAT) funder = Funder.get_by_name(contribution_info['funder']) if funder is not None: contribution.funder = funder else: # This funder doesn't exist yet, so we need to create it funder = Funder({'name': contribution_info['funder']}) Session.add(funder) Session.commit() contribution.funder = funder contribution.politician = politician # If this funder is a new one for the given politician, add it to his/her # funders list if funder not in politician.funders: politician.funders.append(funder) Session.add(contribution) Session.commit() return True
def doEditPassword(id): acc = Account() v = acc.getAccountById(id) usr = v['usr'] newpwd = request.form.get("pwd") + '#$%^&*$@' + usr newpwd = md5(newpwd.encode()) a = (newpwd.digest(), id) ret = acc.editPassword(a) if ret > 0: if request.cookies.get('session'): ses = Session() ses.delete(request.cookies.get("session")) res = make_response(redirect("/authen/signin")) res.set_cookie("session", "", max_age=-1) return res return "Failed"
def get_session(self, user_key: str, session_key: str) -> Session: # Sets up a document reference to a specified session. ref = db.document(f'users/{user_key}/sessions/{session_key}') # Converts the entries stored within the referenced document # into a dictionary. session_dict: dict = ref.get().to_dict() # Builds up a reference to the performance document of a # specified session. ref = db.document( f'users/{user_key}/sessions/{session_key}/data/performance') # Adds the performance entries to the session dictionary, # enabling the convertion from a dictionary to a Session # object. performance: Performance = Performance.from_dict(ref.get().to_dict()) # Creates a session which is based on the entries within the # previously updated dictionary. session: Session = Session.from_dict(session_dict, performance) # Return the newly created session. return session
def oauth2_callback(): if (request.args.get('error') == 'access_denied'): return 'You denied the access' token_data = fetch_access_token(request.args.get('code'), config.get("PROFILE_REDIRECT_URI")) headers = {'Authorization': 'Bearer {}'.format(token_data['access_token'])} url = 'https://www.googleapis.com/oauth2/v1/userinfo' res = urlfetch.fetch(url, headers=headers, method='GET') # Getting userinfo user_data = json.loads(res.content) email = user_data.get('email') user = User.get_by_id(email) if user: user.name = user_data.get('name') picture = user_data.get('picture') user.put() else: User.set_user(user_data) uuid = Session.set_session(user_data) res = redirect('/') res.set_cookie('sessionID', uuid) return res
def login(request): """ 登录页面的路由函数 """ form = request.form() u, result = User.login(form) session_id = random_string() form = dict( session_id=session_id, user_id=u.id, ) Session.new(form) headers = {'Set-Cookie': 'session_id={}; path=/'.format(session_id)} return redirect('/user/login/view?result={}'.format(result), headers)
def list_contacts(): session_id = request.cookies.get('sessionID') if not session_id or session_id == '': return jsonify(dict(success=False, error='unauthorized')) user = Session.get_by_id(session_id) if not user: return jsonify(dict(success=False, error='unauthorized')) email = user.email # logging.info('email : {}'.format(email)) cursor = request.args.get('cursor') if not cursor: cursor = None cursor = Cursor(urlsafe=cursor) query = Contacts.query(Contacts.owner == email).order(Contacts.name_lc) contacts, next_cursor, more = query.fetch_page(10, start_cursor=cursor) # logging.info('cursor: {} more: {}'.format(next_cursor, more)) if next_cursor: cursor = next_cursor.urlsafe() else: cursor = None data = [contact.to_dict() for contact in contacts] return jsonify({ 'cursor': cursor, 'more': more, 'contacts': data, 'success': True })
def route_login(request): """ 登录页面的路由函数 """ log('login, cookies', request.cookies) if request.method == 'POST': form = request.form() u = User(form) if u.validate_login(): session_id = random_str() u = User.find_by(username=u.username) s = Session.new(dict( session_id=session_id, user_id=u.id, )) s.save() log('session', s) headers = { 'Set-Cookie': 'sid={}'.format(session_id) } # 登录后定向到 / return redirect('/', headers) # 显示登录页面 body = template('login.html') return http_response(body)
def route_profile(request): headers = { 'Content-Type': 'text/html', } session_id = request.cookies.get('session_id', None) s = Session.find_by(session_id=session_id) if s is None: header = 'HTTP/1.x 302 Moved Temporarily\r\nLocation:http://127.0.0.1:3000/login\r\n' header += ''.join([ '{}: {}\r\n'.format(k, v) for k, v in headers.items() ]) body = '' r = '{}\r\n{}'.format(header, body) log('login 的响应', r) return r.encode() else: s = User.find_by(username=s.username) body = route_template('profile.html') body = body.replace('{{id}}', str(s.id)) body = body.replace('{{username}}', s.username) body = body.replace('{{note}}', s.note) header = formatted_with_headers(headers) r = '{}\r\n{}'.format(header, body) log('login 的响应', r) return r.encode()
def registration(**params): if request.method == "GET": token = request.cookies.get('my-simple-app-session') success, user, message = Session.verify_session(token) if success: params["current_user"] = user return render_template("public/auth/logged_in.html", **params) else: return render_template("public/auth/registration.html", **params) elif request.method == "POST": email = request.form.get("email") password = request.form.get("password") if email and password: success, user, message = User.create(email=email, password=password) if success: send_success = User.send_verification_code(user) if send_success: return render_template("public/auth/verify_email.html", **params) else: params["error_message"] = message return render_template("public/auth/error_page.html", **params)
def import_contacts(): uuid = request.cookies.get('sessionID') entity = Session.get_by_id(uuid) if entity: email = entity.email else: return redirect('/') if (request.args.get('error') == 'access_denied'): return 'You denied the access' token_data = fetch_access_token(request.args.get('code'), config.get("CONTACTS_REDIRECT_URI")) user = User.get_by_id(email) user.set_token(token_data) user.import_status = "importing" user.put() taskqueue.add(url='/fetch-contacts', params={ 'email': email, 'access_token': token_data.get('access_token') }, method='GET') return render_template('popup.html', success='true')
def current_user(request): session_id = request.cookies.get('user', '') sessions = Session.all() for s in sessions: if s.session_id == session_id: return s.username return '【游客】'
def route_login(request): headers = { 'Content-Type': 'text/html', } log('login, headers', request.headers) log('login, cookies', request.cookies) username = current_user(request) if request.method == 'POST': form = request.form() u = User.new(form) if u.validate_login(): session_id = random_string() session_date['username'] = u.username session_date['session_id'] = session_id log('这个才是session', session_date) s = Session.new(session_date) s.save() headers['Set-Cookie'] = 'session_id={}'.format(session_id) result = '登录成功' else: result = '用户名或者密码错误' else: result = '' body = template('login.html') body = body.replace('{{result}}', result) body = body.replace('{{username}}', username) header = response_with_headers(headers) r = '{}\r\n{}'.format(header, body) log('login 的响应', r) return r.encode()
def register(): """ 接受注册信息, 写入数据库 """ # 获取注册相关数据 form = dict() for k, v in request.form.items(): form[k] = v # 执行注册数据 user, result = User.register(form) log('Register result:', result, user) # 注册结果失败则返回到注册页面, 成功则自动登陆 if result == '注册成功': log(f'自动登陆用表单\n{form}') form = dict( session_id=uuid.uuid4().hex, user_id=user.id, ) s = Session.new(form) generate_csrf_token(user) response = make_response(redirect(url_for('public.index'))) response.set_cookie('session_id', s.session_id) return response else: return redirect( url_for('.loginfo', result=result, target=url_for('users.login')))
def current_user(request): if 'session_id' in request.cookies: session_id = request.cookies['session_id'] u = Session.find_user(session_id=session_id) return u else: return User.guest()
def query_sessions(self, request): """Query for sessions. This uses some filters to query the NDB Datastore, and applies other filters in memory. An arbitrary list of filters can be passed in, but the query won't work if the required indices for the query sent to NDB have not been created. Args: request (QueryForms): List of filters. Each filter has: - field: one of "TYPE" (type of session), "TIME" (in "HH:MM:SS" format) - operator: one of "EQ" (=), "GT" (>), "GTEQ" (>=), "LT" (<), "LTEQ" (<=), "NE" (!=) - value: the desired value to compare with Returns: SessionForms: List of sessions matching all the filters. """ # Run query with filters applied in memory if necessary plain_query = Session.query() sessions = self._generic_query(plain_query, request.filters, QUERY_FIELDS) return SessionForms( items = [s.to_form() for s in sessions] )
def user_role_change(user, params, token, device): uid = params.get("id", "") if device == "web": role, role_id = user.identify[0], int(user.identify[1:]) else: role, role_id = user.app_identify[0], int(user.app_identify[1:]) tmp_user = User.select().where(User.uuid==uid).first() identify = None if not tmp_user: tmp_team = Team.select().where(Team.uuid==uid).first() if not tmp_team or tmp_team.user != user: return {"error_code": 20332, "msg": "the role not change, not allowed"} if role == "f": identify = "c%s" % tmp_team.id else: if tmp_user.id != user.id: return {"error_code": 20332, "msg": "the role not change, not allowed"} if role == "c": identify = "f%s" % tmp_user.id if identify: if device == "web": user.identify = identify user.save() else: user.app_identify = identify user.save() if device in ("ios", "android"): qs = Session.delete().where(Session.user==user, Session.session_key!=token, Session.device << ("ios", "android")) qs.execute() return {"error_code": 0, "msg": "ok"}
def save(self): time_till_expire = timedelta(seconds=60*60*24*7*2) expire_date = datetime.now() + time_till_expire if self._datastore_session: self._datastore_session.session_data = self.encode(self._session) else: self._datastore_session = Session(session_key=self.session_key, session_data=self.encode(self._session), expire_date=expire_date) self._datastore_session.put()
def get(self): """ Returns a list of available lobbies. """ data = json.loads(self.request.body) cid = data["cid"] session = Session.query(Session.channel_id == cid).get() target_gold_amount = session.target_gold_amount print target_gold_amount response = {'target_gold_amount': target_gold_amount} self.response.out.write(json.dumps(response))
def initialize(self): token = self.get_cookie("session_token") self.is_mobile, self.is_desktop = False, False self.user = None if token: session = Session.select().where(Session.session_key==token, Session.expire_at>now()).first() if session: self.user = session.user self.params = {key: value[-1] for key, value in self.request.arguments.items()}
def parse_sesh(self): """Get the session form the cookie or the url""" sesh = Session() sid = "" # token in the request then use it sid = self.request.get(self.conf.URL_TOKEN_NAME, default_value="") # else get the token from the session if sid == "": if self.conf.TOKEN_NAME in self.request.cookies: sid = self.request.cookies[self.conf.TOKEN_NAME] if sid == "": # no sesion found so create one sesh.create() else: # got a session id so load from memcache or create a new one if its timed out sesh.load(sid) logging.debug("Session ID: " + sesh.id()) self.response.headers['Set-Cookie'] = str('%s=%s;path=/;expires=Sat, 1-Jan-2050 00:00:00 GMT;'%(self.conf.TOKEN_NAME, sesh.id())) return sesh
def client_login(params): code = params.get("code") if not code or len(code) != 36: return {"error_code":1, "msg":"params invalid"} key = "jump-%s" % code obj = misc.misc_get(key) if not obj: return {"error_code":1, "msg":"code not exists"} dic = utils.loads(obj.value) obj.delete_instance() if dic['expire_at'] < utils.stamp(): return {"error_code":1, "msg":"code expire"} user = User.select().where(User.id==dic['user_id']).first() res = {"error_code":0, "msg":"ok"} res['session_token'] = generate_token() sess = Session() sess.user = user sess.session_key = res['session_token'] sess.expire_at = utils.timedelta(utils.now(), days=1) res['expire_at'] = 0 sess.save() res['identify'] = user.identify return res
def im_session_verify(params): token = params.get("session_token") session = Session.select().where(Session.session_key==token, Session.expire_at>utils.now()).first() if not session: return {"error_code":1, "msg":"token not exist"} user = session.user role, tid = user.app_identify[0], int(user.app_identify[1:]) if role == "f": return {"error_code":0, "msg":"ok", "id":user.id} team = Team.select().where(Team.id == tid).first() if not team: return {"error_code":1, "msg":"token error"} return {"error_code":0, "msg":"ok", "id":team.id}
def store_politician(politician_data): """ Given a dict of politician data, stores the given data into the database. The passed in dict is assumed to contain the following fields: name, the name of the politician funders, an array of dicts representing contributions made by a politician's funders Returns True if the politician has been successfully added to the database. TODO: Check if we've already encountered this politician - then how do we respond? Assume we have new contributions/funders to add to its list? Also need to add validations Figure out how to respond to multiple politicians with the same name """ new_politician = Politician({'name': politician_data['name']}) if 'contributions' in politician_data: for contribution in politician_data['contributions']: set_contribution(contribution, new_politician) Session.add(new_politician) Session.commit() return True
def get_conference_sessions(self, websafe_conference_key): """Given a conference, return all sessions. Args: websafe_conference_key (string) Returns: SessionForms """ # Get Conference object conference = self.get_conference(websafe_conference_key) # Query sessions by ancestor conference sessions = Session.query(ancestor = conference.key) return SessionForms( items = [s.to_form() for s in sessions] )
def create_session(self, websafe_conference_key, request): """Create new session. Open only to the organizer of the conference. Args: websafe_conference_key (string) request (SessionForm) Returns: SessionForm updated with the new object's key Raises: endpoints.ForbiddenException if the user is not the conference owner """ # Get Conference object conference = self.get_conference(websafe_conference_key) # Verify that the user is the conference organizer user_id = self.get_user_id() if user_id != conference.organizerUserId: raise endpoints.ForbiddenException( 'Only the owner can update the conference.') # Allocate session ID and generate session key p_key = conference.key s_id = Conference.allocate_ids(size = 1, parent = p_key)[0] s_key = ndb.Key(Session, s_id, parent = p_key) # Create and store new session object session = Session.to_object(request) session.key = s_key # set the key since this is a new object session.put() # Check for featured speakers - delegate to a task if session.speakerKey: taskqueue.add( params={'websafeSpeakerKey': session.speakerKey.urlsafe(), 'websafeConferenceKey': conference.key.urlsafe()}, url='/tasks/set_feature_speaker' ) # Return form back return session.to_form()
def get_sessions_by_speaker(self, websafe_speaker_key): """Given a speaker, return all sessions given by this particular speaker, across all conferences. Args: websafe_speaker_key (string) Returns: SessionForms """ # Get Speaker object speaker = self.get_speaker(websafe_speaker_key) # Query sessions by speaker key property query = Session.query() sessions = query.filter(Session.speakerKey == speaker.key) return SessionForms( items = [s.to_form() for s in sessions] )
def get_conference_sessions_by_type(self, websafe_conference_key, type_of_session): """Given a conference, return all sessions of a specified type (e.g. lecture, keynote, workshop). Args: websafe_conference_key (string) type_of_session (string) Returns: SessionForms """ # Get Conference object conference = self.get_conference(websafe_conference_key) # Query sessions by ancestor and type property query = Session.query(ancestor = conference.key) sessions = query.filter(Session.typeOfSession == type_of_session) return SessionForms( items = [s.to_form() for s in sessions] )
def _cache_featured_speaker(websafe_speaker_key, websafe_conference_key): """Create featured speaker announcement & assign to memcache. Only adds an announcement if the speaker has more than one session by the speaker at the conference. Args: websafe_speaker_key (string) websafe_conference_key (string) Returns: Announcement message (string) """ # Get speaker speaker = ndb.Key(urlsafe = websafe_speaker_key).get() # Get conferenc e conference = ndb.Key(urlsafe = websafe_conference_key).get() # Get speaker sessions q = Session.query(ancestor = conference.key) sessions = q.filter(Session.speakerKey == speaker.key).fetch() # Only feature if the speaker has more than on session if len(sessions) > 1: announcement = "Featured speaker: " + speaker.name announcement += "\nSessions:" for s in sessions: announcement += "\n- " + s.name memcache.set(MEMCACHE_FEATURED_SPEAKER_KEY, announcement) else: # TODO: For a real app, do not replace the previous speaker with this announcement = "Not a featured speaker..." memcache.set(MEMCACHE_FEATURED_SPEAKER_KEY, announcement) return announcement
def get_sessions_by_conference_speaker(self, websafe_speaker_key, websafe_conference_key): """Given a speaker and a conference, return all sessions given by the speaker at the conference. Args: websafe_speaker_key (string) websafe_conference_key (string) Returns: SessionForms """ # Get Speaker object speaker = self.get_speaker(websafe_speaker_key) # Get Conference object conference = self.get_conference(websafe_conference_key) # Load sessions query = Session.query(ancestor = conference.key) sessions = query.filter(Session.speakerKey == speaker.key) return SessionForms( items = [s.to_form() for s in sessions] )
def get_conference_speakers(self, websafe_conference_key): """Given a conference, get the list of all speakers. Args: websafe_conference_key (string) Returns: SpeakerForms """ # Get Conference object conference = self.get_conference(websafe_conference_key) # Get all sessions for the conference sessions = Session.query(ancestor = conference.key).fetch() # Only use valid keys and ignore duplicates speaker_keys = set([s.speakerKey for s in sessions if s.speakerKey]) # Get the speakers speakers = ndb.get_multi(speaker_keys) return SpeakerForms( items = [s.to_form() for s in speakers] )
def login(uname, password): if not uname or not password: return {"error_code":20001, "msg":"parameters required"} user = User.select().where(User.username == uname or User.email == uname or User.phone == uname).first() if not user: return {"error_code":20002, "msg":"user not exists"} if not check_password(password, user.password, user.salt): return {"error_code":20003, "msg":"username or password invalid"} res = {"error_code":0, "msg":"ok"} res['session_token'] = generate_token() sess = Session() sess.user = user sess.session_key = res['session_token'] sess.expire_at = utils.timedelta(utils.now(), days=1) res['expire_at'] = 0 sess.save() return res
def logout(user): if user: Session.delete().where(Session.user==user) return {"error_code":0, "msg":"ok"}
def test_without_user(self): with pytest.raises(Exception): Session.create(user = None)
def test_duplicate_tokens(self): user = User.create() Session.create(user = user, token = 'test_token') with pytest.raises(Exception): Session.create(user = user, token = 'test_token')
def cleanup_session(body): now = utils.now() qs = Session.delete().where(Session.expire_at <= now) qs.execute()
def test_with_user(self): user = User.create() result = Session.create(user = user) assert result.user == user
def decorated_function(*args, **kwargs): session_id = request.cookies.get('session_id') if not Session.verify_session(session_id): return redirect("/login/form", code=302) Session.refresh_session(session_id) return f(*args, **kwargs)
def post(self): """ Start game by both users. Request uid - user_id lid - the game lobby both users are playing in Response """ data = json.loads(self.request.body) response = {} try: uid = data['uid'] except KeyError: self.error(400) response['status'] = 'error' response['msg'] = 'Missing uid (User id)' return self.response.out.write(json.dumps(response)) try: lobby_id = data['lid'] except KeyError: self.error(400) response['status'] = 'error' response['msg'] = 'Missing lid (Lobby id)' return self.response.out.write(json.dumps(response)) lobby = Lobby.query(Lobby.lobby_id == lobby_id).get() if lobby is None: logging.error( "User (" + str(uid) + ") attempted to join non-existent Lobby (" + str(lobby_id) + ").") else: ready = lobby.ready # This is a new user who is ready if uid not in ready: lobby.ready.append(uid) lobby.put() response = {} # The game is ready to be started if len(lobby.ready) == REQ_USERS: # TODO: Add logic for creating a Session here session = Session(channel_id=lobby_id, target_gold_amount="100", user_ids=[]) for i in range(len(lobby.ready)): session.user_ids.append(lobby.ready[i]) session.put() response['type'] = "info" response['data'] = {"ready": "true"} pubnub.subscribe(lobby_id, callback) pubnub.publish(lobby_id, response) pubnub.unsubscribe(lobby_id) self.response.out.write(json.dumps(response)) else: response['type'] = "info" response['data'] = {"ready": "false"} pubnub.subscribe(lobby_id, callback) pubnub.publish(lobby_id, callback) pubnub.unsubscribe(lobby_id) self.response.out.write(json.dumps(response))
def test_get_owner(self): user = User.create() session = Session.create(user = user) session = Session.find_by_id(session.id) assert user == session.fetch_user()