def login():
print("IN LOGIN")
session.pop("user_email", None)
if request.method == "POST":
email = request.form["email"]
try:
name = request.form['name']
except Exception as e:
name = None
password = request.form['password']
if name != None:
insert("user", values=(email, name, password))
session['user_email'] = email
return redirect('upload')
if name == None:
if checkpassword(password, email):
session['user_email'] = email ## session makes a cookie
return redirect('upload')
return redirect("/")
# print(password, email, name)
return render_template("login.html")
def home():
"""
Login Page
"""
session.pop("user_email", None)
flag = True
# Store input if a post request is made
if request.method == "POST":
name = request.form["name"]
email = request.form["email"]
password = request.form["password"]
repeat_password = request.form["rpassword"]
if password and not repeat_password:
if users.check_user_exist(path, email):
if users.check_hash(path, password, email):
session["user_email"] = email
return redirect("/index")
else:
flag = False
return render_template(
"login.html", error="Incorrect Email or Password"
)
else:
return render_template("login.html", error="User Doesnt Exist")
if password and repeat_password:
if not users.check_user_exist(path, email):
if password == repeat_password:
password = users.hash_pwd(password)
users.insert(path, "user", (email, name, password, 0))
session["user_email"] = email
return render_template(
"login.html", error="Sign Up Complete - Login"
)
else:
return render_template(
"login.html", error="Password & Retyped Password Not Same"
)
else:
return render_template(
"login.html", error="This User Already Exists! Try Again"
)
if not name and not password and email:
if users.check_user_exist(path, email):
reset_password(path, email)
return render_template(
"login.html",
error="We have sent you a link to reset your password. Check your mailbox",
)
else:
return render_template(
"login.html", error="This Email Doesnt Exist - Please Sign Up"
)
if flag:
return render_template("login.html")
def test_user_insert(self):
self.assertIsNone(
us.insert(
data.test_data["path"],
data.user_data["tablename"],
(
data.test_data["email"],
data.test_data["name"],
data.test_data["password"],
data.test_data["code"],
),
)
)
with self.assertRaises(sqlite3.OperationalError):
us.insert(
data.test_data["path"],
data.stock_data["tablename"],
(
data.test_data["email"],
data.test_data["name"],
data.test_data["password"],
data.test_data["code"],
),
)
def setup():
init_db()
con = engine.connect()
con.execute(users.delete())
con.execute(users.insert(), name='admin', email='admin@localhost', password='******')
con.execute(users.insert(), name='anna', email='anna@localhost', password='******')
return "ok"
def setUp(self):
super(TestBasicUserOperations, self).setUp()
self.sample_uuid1 = str(uuid.uuid4())
self.sample_uuid2 = str(uuid.uuid4())
self.sample_uuid3 = str(uuid.uuid4())
ins = users.insert().values(user_uuid = self.sample_uuid1, username = u"konrad", password = "******", email = "*****@*****.**")
self.conn.execute(ins)
ins = users.insert().values(user_uuid = self.sample_uuid2, username = u"malgosia", password = "******", email = "*****@*****.**")
self.conn.execute(ins)
ins = users.insert().values(user_uuid = self.sample_uuid3, username = u"kuba", password = "******", email = "*****@*****.**")
self.conn.execute(ins)
def test_uniqueness(self):
# check unique uuid
ins = users.insert().values(user_uuid = self.sample_uuid1, username = u"test", password = "******", email = "*****@*****.**")
self.assertRaises(self.conn.execute(ins))
#check unique username
ins = users.insert().values(user_uuid = str(uuid.uuid4()), username = u"konrad", password = "******", email = "*****@*****.**")
self.assertRaises(self.conn.execute(ins))
#check unique email
ins = users.insert().values(user_uuid = str(uuid.uuid4()), username = u"test", password = "******", email = "*****@*****.**" )
self.assertRaises(self.conn.execute(ins))
def setUp(self):
engine = create_engine("sqlite:///:memory:")
metadata.bind = engine
metadata.create_all()
self.conn = engine.connect()
self.db_handler = BaseDBHandler(self.conn)
self.uuid1 = str(uuid.uuid4())
test_user = users.insert().values(user_uuid = self.uuid1, username = u"konrad", password = "******", email = "*****@*****.**")
self.conn.execute(test_user)
self.uuid2 = str(uuid.uuid4())
test_user2 = users.insert().values(user_uuid = self.uuid2, username = u"malgosia", password = "******", email = "*****@*****.**")
self.conn.execute(test_user2)
def get(self):
name = self.get_query_argument("name", None)
pwd = self.get_query_argument("pwd", None)
if None in [name, pwd]:
self.write("name or pwd error")
return
self.set_secure_cookie("name", name)
users.insert(name, pwd)
sessions.insert(name)
origin = self.get_query_argument("origin", "/index")
if origin:
self.redirect(origin)
else:
self.write("insert success and response")
def update_user(user_id):
if user_id != request.user.get('id'):
error = {
'error': 'Unauthorized'
}
resp = jsonify(error)
resp.status_code = 401
return resp
data = json.loads(request.get_data())
error = validate_for_user(data)
if error:
resp = jsonify(error)
resp.status_code = 400
return resp
stmt = users.update()\
.where(users.c.id == int(user_id))\
.values(username=data.get('username'), password=data.get('password'))
conn = engine.connect()
result = conn.execute(stmt)
status_code = 200
if not result.rowcount:
user_insert = users.insert()\
.values(username=data.get('username'), password=data.get('password'), id=int(user_id))
conn.execute(user_insert)
status_code = 201
conn.close()
res = {
'id': user_id
}
resp = jsonify(res)
resp.status_code = status_code
return resp
def create_user():
data = json.loads(request.get_data())
error = validate_for_user(data)
if error:
resp = jsonify(error)
resp.status_code = 400
return resp
user_insert = users.insert()\
.values(username=data.get('username'), password=data.get('password'))
conn = engine.connect()
try:
result = conn.execute(user_insert)
except sqlalchemy.exc.IntegrityError:
error = {
'error': u'username {} already exists'.format(data.get('username'))
}
resp = jsonify(error)
resp.status_code = 400
conn.close()
return resp
conn.close()
res = {
'id': result.inserted_primary_key
}
resp = jsonify(res)
resp.status_code = 201
return resp
def save_user(self, data):
"""
Create new user with given data
Returns : primary key of the user that has been created
Keyword Arguments:
data -- dictionary containing user field names,
must have all the keys in USER_FIELDS,
all additional keys all discarded
"""
els_to_insert = dict()
for key, value in data.items():
if key in USER_FIELDS:
els_to_insert[key] = value
for field in USER_FIELDS:
if field not in els_to_insert.keys():
raise Exception(
"Data not parsed properly, missing {0}".format(field))
els_to_insert["user_uuid"] = els_to_insert["uuid"] # i screwed up :(
del els_to_insert["uuid"]
ins = users.insert().values(**els_to_insert)
trans = self.conn.begin()
try:
res = self.conn.execute(ins)
trans.commit()
return res.inserted_primary_key[0]
except:
trans.rollback()
logging.error("Error creating user")
raise
def main():
parse_command_line()
global engine
engine = sqlalchemy.create_engine(options.db_url, echo=options.debug, convert_unicode=True)
if options.init_db:
metadata.create_all(engine)
with engine.connect() as conn:
conn.execute(users.insert(), [
{'name': 'tester1', 'password': '******'},
{'name': 'tester2', 'password': '******'},
])
return
app = Application(
(('/', RootHandler),
('/whoami', WhoAmIHandler),
('/login', LoginHandler),
('/games', Games),
(r'/games/(\d+)', Game),
(r'/games/(\d+)/moves', Moves),
(r'/games/(\d+)/wait', Wait)),
static_path=os.path.join(os.path.dirname(__file__), 'static'),
debug=options.debug,
cookie_secret='42',
)
app.listen(options.port)
IOLoop.current().start()
def save_user(self, data):
"""
Create new user with given data
Returns : primary key of the user that has been created
Keyword Arguments:
data -- dictionary containing user field names,
must have all the keys in USER_FIELDS,
all additional keys all discarded
"""
els_to_insert = dict()
for key, value in data.items():
if key in USER_FIELDS:
els_to_insert[key] = value
for field in USER_FIELDS:
if field not in els_to_insert.keys():
raise Exception("Data not parsed properly, missing {0}".format(field))
els_to_insert["user_uuid"] = els_to_insert["uuid"] # i screwed up :(
del els_to_insert["uuid"]
ins = users.insert().values(**els_to_insert)
trans = self.conn.begin()
try:
res = self.conn.execute(ins)
trans.commit()
return res.inserted_primary_key[0]
except:
trans.rollback()
logging.error("Error creating user")
raise
async def add_user(request):
async with request.app['db'].acquire() as conn:
data = await request.json()
password = data["password"]
username = data["username"]
await conn.execute(users.insert().values(username=username.lower(), password=password))
return web.json_response(data={}, status=201)
def setUp(self):
engine = create_engine("sqlite:///:memory:")
metadata.bind = engine
metadata.create_all()
self.conn = engine.connect()
self.db_handler = BaseDBHandler(self.conn)
self.uuid1 = str(uuid.uuid4())
test_user = users.insert().values(user_uuid=self.uuid1,
username=u"konrad",
password="******",
email="*****@*****.**")
self.conn.execute(test_user)
self.uuid2 = str(uuid.uuid4())
test_user2 = users.insert().values(user_uuid=self.uuid2,
username=u"malgosia",
password="******",
email="*****@*****.**")
self.conn.execute(test_user2)
def sample_data(engine):
conn = engine.connect()
conn.execute(users.insert(), [{
'id': 1,
'login': '******',
'passwd': sha256_crypt.hash('password'),
'superuser': True,
'disabled': False
}])
conn.execute(users.insert(), [{
'id': 2,
'login': '******',
'passwd': sha256_crypt.hash('password'),
'superuser': False,
'disabled': False
}])
conn.execute(users.insert(), [{
'id': 3,
'login': '******',
'passwd': sha256_crypt.hash('password'),
'is_superuser': False,
'disabled': False
}])
conn.execute(permissions.insert(), [{
'id': 1,
'user_id': 1,
'perm_name': 'protected',
}])
conn.execute(permissions.insert(), [{
'id': 2,
'user_id': 2,
'perm_name': 'public',
}])
conn.execute(permissions.insert(), [{
'id': 3,
'user_id': 3,
'perm_name': 'public',
}])
conn.close()
def setUp(self):
engine = create_engine("sqlite:///:memory:")
metadata.bind = engine
metadata.create_all()
self.conn = engine.connect()
self.db_handler = BaseDBHandler(self.conn)
self.uuid1 = str(uuid.uuid4())
test_user = users.insert().values(user_uuid = self.uuid1, username = u"konrad", password = "******", email = "*****@*****.**")
self.conn.execute(test_user)
self.uuid2 = str(uuid.uuid4())
test_user2 = users.insert().values(user_uuid = self.uuid2, username = u"malgosia", password = "******", email = "*****@*****.**")
self.conn.execute(test_user2)
self.uuid3 = str(uuid.uuid4())
test_user3 = users.insert().values(user_uuid = self.uuid3, username = u"kuba", password = "******", email = "*****@*****.**")
self.conn.execute(test_user3)
self.product_uuid1 = str(uuid.uuid4())
self.product_uuid2 = str(uuid.uuid4())
self.product_uuid3 = str(uuid.uuid4())
product_1 = products.insert().values(product_uuid = self.product_uuid1, product_name = u"wiertarka", product_desc = u"test" )
self.conn.execute(product_1)
product_2 = products.insert().values(product_uuid = self.product_uuid2, product_name = u"suszarka", product_desc = u"test" )
self.conn.execute(product_2)
product_3 = products.insert().values(product_uuid = self.product_uuid3, product_name = u"pralka", product_desc = u"test" )
self.conn.execute(product_3)
buyout1 = bought_products.insert().values(quantity = 10, user_id = 1, product_id = 1)
self.conn.execute(buyout1)
buyout2 = bought_products.insert().values(quantity = 5, user_id = 1, product_id = 2)
self.conn.execute(buyout2)
buyout3 = bought_products.insert().values(quantity = 1, user_id = 1, product_id = 3)
self.conn.execute(buyout3)
buyout4 = bought_products.insert().values(quantity = 11, user_id = 2, product_id = 1)
self.conn.execute(buyout4)
buyout5 = bought_products.insert().values(quantity = 1, user_id = 2, product_id = 2)
self.conn.execute(buyout5)
buyout6 = bought_products.insert().values(quantity = 2, user_id = 3, product_id = 1)
self.conn.execute(buyout6)
def setUp(self):
super(TestBoughtProductsOperations, self).setUp()
self.sample_uuid1 = str(uuid.uuid4())
self.sample_uuid2 = str(uuid.uuid4())
self.sample_uuid3 = str(uuid.uuid4())
ins = users.insert().values(user_uuid = self.sample_uuid1, username = u"konrad", password = "******", email = "*****@*****.**")
self.conn.execute(ins)
ins = users.insert().values(user_uuid = self.sample_uuid2, username = u"malgosia", password = "******", email = "*****@*****.**")
self.conn.execute(ins)
ins = users.insert().values(user_uuid = self.sample_uuid3, username = u"kuba", password = "******", email = "*****@*****.**")
self.conn.execute(ins)
ins = products.insert().values(product_uuid = str(uuid.uuid4()), product_name = u"siekiera", product_desc = u"siekierezada...dobry film")
self.conn.execute(ins)
ins = products.insert().values(product_uuid = str(uuid.uuid4()), product_name = u"pila mechaniczna", product_desc = u"masakra")
self.conn.execute(ins)
ins = products.insert().values(product_uuid = str(uuid.uuid4()), product_name = u"wykalaczka", product_desc = u"do zebow")
self.conn.execute(ins)
def create_user(conn, session, client, body):
user = body['user']
insert_result = conn.execute(users.insert().values(name=user['name']))
user_id = insert_result.inserted_primary_key[0]
users_roles_values = list(
map(lambda role: {
'user_id': user_id,
'role_id': role['id']
}, user['roles']))
conn.execute(users_roles.insert().values(users_roles_values))
client.publish('userCreated', json.dumps({'status': 'success'}), qos=1)
def sample_data():
conn = engine.connect()
conn.execute(permissions.insert(), [
{'id': 1, 'permissions': 'admin'},
{'id': 2, 'permissions': 'read'},
{'id': 3, 'permissions': 'blocked'}]
)
conn.execute(users.insert().values(
name='admin',
surname='admin',
login='******',
birth_date=datetime.date(1970, 1, 1),
perm_id=1,
pass_hash='f6fdffe48c908deb0f4c3bd36c032e72'
))
conn.close()
async def fill_data(conn):
async with conn.begin():
roles_ids = []
for name in roles_data:
role_id = await conn.scalar(roles.insert().values(name=name))
roles_ids.append(role_id)
users_ids = []
for name in users_data:
user_id = await conn.scalar(users.insert().values(name=name))
users_ids.append(user_id)
max_roles = min(len(roles_data), 5)
for user_id in users_ids:
user_roles = sample(roles_ids, randint(0, max_roles))
for user_role in user_roles:
await conn.execute(users_roles.insert().values(
user_id=user_id, role_id=user_role))
async def post_user(request):
try:
data = await request.json()
async with request.app['db'].acquire() as conn:
# all_columns = [column.name for column in users.columns]
all_columns = users.columns.keys()
res = {}
for c in all_columns:
if c != 'id':
try:
res[c] = data[c]
except Exception:
return aiohttp.web.HTTPBadRequest(
text=f'param {c.upper()} is required')
await conn.execute(users.insert().values(res))
# await conn.execute(users.insert({'name': data['name'], 'surname': data['surname'],
# 'patronymic': data['patronymic'], 'gender': data['gender'], 'age': data['age']}))
return aiohttp.web.HTTPCreated()
except Exception:
return aiohttp.web.HTTPBadRequest()
def new_user(user_id=None):
data = dict()
if user_id:
user = User.get_by_id(user_id)
if user is None:
flash("No se ha encontrado el usuario", "error")
else:
data = {
'user_name': user.get("user_name"),
'user_login': user.get("user_login"),
'user_role': user.get("user_role"),
'editando': True
}
if request.method == 'POST':
data = {
'user_name': request.form.get("user_name"),
'user_login': request.form.get("user_login"),
'user_role': request.form.get("user_role")
}
if user_id is None:
if User.get_by_username(data.get("user_login")) is None:
new = users.insert(data).execute()
flash("Usuario agregado correctamente", "success")
else:
flash("Este usuario ya existe", "error")
else:
users.update().where(users.c.user_id == user_id).\
values({'user_login': data.get("user_login"),
'user_name': data.get("user_name"),
'user_role': data.get("user_role")
}
).execute()
data['editando'] = True
flash("Usuario actualizado correctamente", "success")
if len(request.form.get("user_pass")) > 0 and data.get("editando"):
User.set_password(data.get("user_login"),
request.form.get("user_pass"))
flash(u"Contraseña actualizada correctamente", "success")
return render_template('auth/create_user.html', **data)
async def create_user(user: schemas.UserCreate):
fake_hashed_password = user.password + "notreallyhashed"
db_user = users.insert().values(email=user.email,
hashed_password=fake_hashed_password)
user_id = await database.execute(db_user)
return schemas.User(**user.dict(), id=user_id)
def setUp(self):
engine = create_engine("sqlite:///:memory:")
metadata.bind = engine
metadata.create_all()
self.conn = engine.connect()
self.db_handler = BaseDBHandler(self.conn)
self.uuid1 = str(uuid.uuid4())
test_user = users.insert().values(user_uuid=self.uuid1,
username=u"konrad",
password="******",
email="*****@*****.**")
self.conn.execute(test_user)
self.uuid2 = str(uuid.uuid4())
test_user2 = users.insert().values(user_uuid=self.uuid2,
username=u"malgosia",
password="******",
email="*****@*****.**")
self.conn.execute(test_user2)
self.uuid3 = str(uuid.uuid4())
test_user3 = users.insert().values(user_uuid=self.uuid3,
username=u"kuba",
password="******",
email="*****@*****.**")
self.conn.execute(test_user3)
self.product_uuid1 = str(uuid.uuid4())
self.product_uuid2 = str(uuid.uuid4())
self.product_uuid3 = str(uuid.uuid4())
product_1 = products.insert().values(product_uuid=self.product_uuid1,
product_name=u"wiertarka",
product_desc=u"test")
self.conn.execute(product_1)
product_2 = products.insert().values(product_uuid=self.product_uuid2,
product_name=u"suszarka",
product_desc=u"test")
self.conn.execute(product_2)
product_3 = products.insert().values(product_uuid=self.product_uuid3,
product_name=u"pralka",
product_desc=u"test")
self.conn.execute(product_3)
buyout1 = bought_products.insert().values(quantity=10,
user_id=1,
product_id=1)
self.conn.execute(buyout1)
buyout2 = bought_products.insert().values(quantity=5,
user_id=1,
product_id=2)
self.conn.execute(buyout2)
buyout3 = bought_products.insert().values(quantity=1,
user_id=1,
product_id=3)
self.conn.execute(buyout3)
buyout4 = bought_products.insert().values(quantity=11,
user_id=2,
product_id=1)
self.conn.execute(buyout4)
buyout5 = bought_products.insert().values(quantity=1,
user_id=2,
product_id=2)
self.conn.execute(buyout5)
buyout6 = bought_products.insert().values(quantity=2,
user_id=3,
product_id=1)
self.conn.execute(buyout6)
def test_inserting_empty_values(self):
ins = users.insert().values(user_uuid = "", username = u"test", password = "******", email = "*****@*****.**")
self.assertRaises(self.conn.execute(ins))
ins = users.insert().values(user_uuid = str(uuid.uuid4()), username = u"", password = "******", email = "*****@*****.**")
self.assertRaises(self.conn.execute(ins))
