def load_logged_in_user(): user_id = session.get('user_id') if not user_id: g.user = None else: g.user = get_db().execute('SELECT * FROM user WHERE id = ?', (user_id, )).fetchone()
def configure(print): if req.method == 'POST': old_pw = req.form['old-pw'].lstrip().rstrip() new_pw = req.form['new-pw'].lstrip().rstrip() new_pw_confirm = req.form['new-pw-confirm'].lstrip().rstrip() username = g.user['username'] err = None if not check_password_hash(g.user['password'], old_pw): err = ERR.CONFIGURE.FAIL.PW if new_pw is not None and new_pw != new_pw_confirm: err = ERR.REGISTER.WRONG.PW if not err: db = get_db() err = ERR.CONFIGURE.SUCCESS if new_pw is not None: db.execute( "UPDATE user SET username = ?, password = ? WHERE email = ?", (username, generate_password_hash(new_pw), g.user['email'])) else: db.execute("UPDATE user SET username = ? WHERE email = ?", (username, )) db.commit() print("Success / user_id:{}".format(g.user['id'])) flash(err) print("Fail / user_id:{}".format(g.user['id'])) return redirect(url_for('auth.configure')) data = dict(VERIFIED=g.user['verified']) print("Access config page / user_id:{}".format(g.user['id'])) return render_template('auth/configure.html', data=data)
def login(print): if g.user: print("Already Login / user_id:{}".format(g.user['id'])) return redirect(url_for('mark.index')) if req.method == 'POST': pw = req.form['pw'].lstrip().rstrip() email = req.form['email'].lstrip().rstrip() db = get_db() err = None user = db.execute('SELECT * FROM user WHERE email = ?', (email, )).fetchone() if not user: err = ERR.LOGIN.INCORRECT.EMAIL elif not check_password_hash(user['password'], pw): err = ERR.LOGIN.INCORRECT.PW else: pass if not err: session.clear() session['user_id'] = user['id'] print("Login / user_i:{}".format(user['id'])) return redirect(url_for('mark.index')) flash(err) return render_template('auth/login.html')
def del_user(print): user_id = g.user['id'] email = g.user['email'] db = get_db() db.execute('DELETE FROM user WHERE id=?', (user_id, )) db.execute('DELETE FROM mark WHERE user_id=?', (user_id, )) db.commit() flash("{} {}".format(email, ERR.DEL.USER)) print("user_id:{}, email:{} removed".format(user_id, email)) return redirect(url_for('auth.logout'))
def get_ogtag(print, link): db = get_db() bin_og = db.execute('SELECT bin_meta FROM meta WHERE link=?', (link, )).fetchone() if not bin_og: return None else: bin_og = bin_og['bin_meta'] meta_og = mg.unpackb(bin_og, raw=False) meta_og = objFromDict(meta_og) return meta_og
def del_link(print, link): db = get_db() index = req.url.index('/del/') link = req.url[index + len('/del/'):] link = complete_link(link) db.execute('DELETE FROM mark WHERE user_id=? AND link=?', (g.user['id'], link)) db.commit() print("Delete / link:{}, user_id:{}".format(link, g.user['id'])) flash(ERR.DEL.LINK) return redirect(url_for('mark.index'))
def visit_link(print, link): db = get_db() index = req.url.index('/link/') link = req.url[index + len('/link/'):] link = complete_link(link) user_id = g.user['id'] db.execute( 'UPDATE mark SET view_count=view_count+1 WHERE user_id=? AND link=?', (user_id, link)) db.commit() print("link:{}, user_id:{}".format(link, user_id)) return redirect(link)
def verify(print): email_hash = req.args.get('h') #still thinking... is timestamp required? time = req.args.get('timestamp') if not email_hash or not time: abort(404) db = get_db() user = db.execute('SELECT id,email FROM user WHERE email_hash = ?', (email_hash, )).fetchone() if user: db.execute('UPDATE user SET verified=? WHERE id=?', (1, user['id'])) db.commit() print("Verified / user_id:{}, email:{}".format(user['id'], user['email'])) return render_template('auth/verified.html', email=user['email']) else: abort(404)
def add_tag(print): db = get_db() if req.method == 'POST': tag = req.form['tag'].lstrip().rstrip() link = complete_link(req.form['link'].lstrip().rstrip()) user_id = g.user['id'] if not tag: return redirect(url_for('mark.index')) tag = tag.replace(' ', '') if not tag.startswith('#'): tag = "#{}".format(tag) db.execute('UPDATE mark SET tag = tag||? WHERE user_id=? AND link=?', (tag, user_id, link)) db.commit() print("tag:{}, user_id:{}, link:{}".format(tag, user_id, link)) return redirect(url_for('mark.index'))
def sign_up(print): if req.method == 'POST': username = req.form['username'].lstrip().rstrip() pw = req.form['pw'].lstrip().rstrip() pw_confirm = req.form['pw-confirm'].lstrip().rstrip() email = req.form['email'].lstrip().rstrip() db = get_db() err = None if not username: err = ERR.REGISTER.REQUIRED.USERNAME elif not pw: err = ERR.REGISTER.REQUIRED.PW elif pw != pw_confirm: err = ERR.REGISTER.WRONG.PW elif not email: err = ERR.REGISTER.REQUIRED.EMAIL elif db.execute('SELECT id FROM user WHERE email = ?', (email, )).fetchone(): err = "{} {}".format(email, ERR.REGISTER.ENROLLED) elif db.execute( 'SELECT id FROM user WHERE username = ?', (username, )).fetchone() or not available_username(username): err = "{} {}".format(username, ERR.REGISTER.ENROLLED) else: pass if not err: email_hash = hash(email) try: db.execute( 'INSERT INTO user (username,email,email_hash,password) VALUES (?,?,?,?)', (username, email, email_hash, generate_password_hash(pw))) db.commit() #TODO : send email to verify email address flash(ERR.REGISTER.SUCCESS) print("Sign-up / username:{}, email:{}".format( username, email)) authenticate_user(username, email, email_hash, req.host) return redirect(url_for('auth.login')) except: print(tb.format_exc()) err = ERR.REGISTER.WRONG.EMAIL flash(err) print("Access register page") return render_template('auth/register.html')
def tag_index(print): db = get_db() tag = req.args.get('tag') user_id = g.user['id'] marks = db.execute( "SELECT * FROM mark WHERE user_id={} AND tag LIKE '%{}%' ORDER BY id DESC" .format(user_id, tag)).fetchall() tags = generate_tag_table(marks) all_tags = db.execute('SELECT tag FROM mark WHERE user_id = ?', (g.user['id'], )).fetchall() all_tags = generate_tag_table(all_tags) tag_counter = count_tag_table(all_tags) og_tags = {mark: get_ogtag(mark['link']) for mark in marks} data = dict(marks=marks, counts=len(marks), tags=tags, target_tag=tag, tag_counter=tag_counter, og_tags=og_tags) print("Tag selected / tag:{}, user_id:{}".format(tag, g.user['id'])) return render_template('mark/marks.html', data=data)
def del_tag(print): if req.method != 'POST': return redirect(url_for('mark.index')) link = req.form['link'].lstrip().rstrip() tag = req.form['tag'].lstrip().rstrip() db = get_db() if link is not None and tag is not None: user_id = g.user['id'] tags = db.execute('SELECT tag FROM mark WHERE user_id=? AND link=?', (user_id, link)).fetchone()['tag'] if tags: tags = tags.split('#') tags = [t for t in tags if t != tag] update_tag = "" for t in tags: update_tag += "#{}".format(t) db.execute('UPDATE mark SET tag=? WHERE user_id=? AND link=?', (update_tag, user_id, link)) db.commit() print("tag:{}, user_id:{}, link:{}".format(tag, user_id, link)) return redirect(url_for('mark.index'))
def add_ogtag(print, link, default_img=None): db = get_db() req = Request(link, headers={'User-Agent': 'Mozilla/5.0'}) print(req.__dict__) context = ssl._create_unverified_context() try: html = urlopen(req, context=context, timeout=2) meta_og = og.OpenGraph(html=html.read(), scrape=True) except: print(tb.format_exc()) meta_og = og.OpenGraph() if not meta_og.valid_attr('title'): meta_og.title = req.host if not meta_og.valid_attr('image'): meta_og.image = default_img if not meta_og.valid_attr('description'): meta_og.description = link print(meta_og) if meta_og.image is not None and not meta_og.image.startswith( 'http') and meta_og.image != "": if meta_og.image.startswith('/'): root = req.host else: root = req.host + req.selector[:req.selector.rfind('/')] imgsrc = "{}://{}/{}".format('http', root, meta_og.image) meta_og.image = imgsrc bin_og = mg.packb(meta_og, use_bin_type=True) already_inserted = db.execute('SELECT id FROM meta WHERE link=?', (link, )).fetchone() if already_inserted: db.execute('UPDATE meta SET bin_meta=? WHERE link=?', (bin_og, link)) else: db.execute('INSERT INTO meta (link,bin_meta)VALUES(?,?)', (link, bin_og)) db.commit() print("refresh og tag / link:{}".format(link)) return True
def index(print, link=None): db = get_db() if link is not None and '/' in link: index = link.index('/') username = link[:index] if not available_username(username): return abort(404) index = req.url.index("{}/".format(username)) link = req.url[index + len(username) + 1:] #complete link url to redirect link = complete_link(link) #return "{} {}".format(username,link) user = db.execute( 'SELECT id,email,verified FROM user WHERE username = ?', (username, )).fetchone() if not user: print("Not user / username:{}, link:{}".format(username, link)) return render_template('mark/no_user.html', username=username, link=link) if user['verified'] != 1: flash(ERR.UNVALID.VERIFY) print("Unverified / user_id:{}".format(user['id'])) return redirect(url_for('auth.login')) already_inserted = db.execute( 'SELECT link FROM mark WHERE user_id=? AND link=?', (user['id'], link)).fetchone() if already_inserted: print("Already_inserted / user_id:{}, link:{}".format( user['id'], link)) return render_template('mark/already_inserted.html', username=username, link=link) else: add_ogtag(link) db.execute('INSERT INTO mark (user_id,link) VALUES (?,?)', (user['id'], link)) db.commit() #TODO : send email print("Add link / user_id:{}, link:{}".format(user['id'], link)) return redirect(link) if link: abort(404) if not g.user: #render introduction print("Unknown user visits ppaa.me /") return render_template('mark/index.html') else: marks = db.execute( 'SELECT * FROM mark WHERE user_id = ? ORDER BY id DESC', (g.user['id'], )).fetchall() tags = generate_tag_table(marks) tag_counter = count_tag_table(tags) og_tags = {mark: get_ogtag(mark['link']) for mark in marks} data = dict(marks=marks, counts=len(marks), tags=tags, tag_counter=tag_counter, og_tags=og_tags) print("Access marks / user_id:{}".format(g.user['id'])) return render_template('mark/marks.html', data=data)