def bef(): if session: req = str(request) if ('static' in req) or (request.method == 'GET' and 'subfunction' in request.args and request.args.get('subfunction') == 'get_mess'): pass else: name = session['username'] last_seen = time.time() query = f"UPDATE accounts SET last_seen='{last_seen}' WHERE name='{name}'" pgdb(query) else: pass
def tokens(): data = request.form if ('token' in data) and ('secret_key' in data): token, key = data['token'], data['secret_key'] if key != 'very_secret_key': response = { 'status': 'fail', 'name': 'wrong secret key between apps!' } elif active_keys.exists(token) == 0: response = { 'status': 'fail', 'name': 'token not in active_keys(no such active user)' } else: name = active_keys.get(token).decode('utf-8') query = f"SELECT avatar, user_id FROM accounts where name='{name}'" dbresponse = pgdb(query) avatar = dbresponse[-1][-2] user_id = dbresponse[-1][-1] response = { 'status': 'success', 'name': name, 'avatar': avatar, 'user_id': user_id } else: response = { 'status': 'fail', 'name': 'wrong request! missed token or secret_key!' } return response
def auth(): if 'username' in session: # возможно это надо переместить в гет return redirect(url_for('base')) elif request.method == 'POST': data = request.form if data['subfunction'] == 'auth': name = data.get('in_name') password = data['in_password'] query = f"SELECT COUNT(*) FROM accounts where name='{name}' AND password='******' AND status = true;" dbresponse = pgdb(query) if dbresponse[-1][-1] == 1: session['username'] = name return json.dumps({'status': str(dbresponse[-1][-1])}) elif data['subfunction'] == 'sendmail': name = data['in_name'] query = f"select count(*) from accounts where name='{name}'" dbresponse = pgdb(query) if dbresponse[-1][-1] > 0: return json.dumps({'status': 'это имя уже занято!'}) email = data['in_email'] password = data['in_password'] checkcode = random.randint(100, 1000) body = f"Это письмо для регистрации! Проверочный код:{checkcode} Если вы это" \ f" не вы, просто проигнорируйте это письмо! :) " msg = Message(f"Wasmoh registration for {name}", recipients=[f"{email}"]) msg.body = f"{body}" try: mail.send(msg) query = (email, name, password, checkcode) query = f"INSERT INTO accounts (email, name, password, checkcode) VALUES {query}" pgdb(query) return json.dumps({'status': 'sent'}) except Exception as err: print(err) return json.dumps( {'status': 'письмо не отправилось, извините!'}) elif request.method == 'GET': if 'subfunction' not in request.args: info = active_keys.get('auth').decode('utf-8') data = {'title': 'Аутентификация', 'info': info} return render_template('Authentification.html', data=data) elif request.args['subfunction'] == 'validation': checkcode = request.args.get('code') name = request.args.get('name') query = f"SELECT COUNT(*) FROM accounts WHERE name='{name}' AND checkcode='{checkcode}' " dbresponse = pgdb(query) if dbresponse[-1][-1] != 1: return json.dumps({'status': 'валидация не прошла!'}) else: query = f"UPDATE accounts SET status=true WHERE name='{name}' AND checkcode={checkcode}" pgdb(query) session['username'] = name return json.dumps({'status': 'валидация успешна!'})
def base(): if request.method == 'GET': if 'subfunction' not in request.args: name = session['username'] query = f"SELECT avatar from accounts WHERE name='{name}'" dbresponse = pgdb(query) avatar = dbresponse[-1][-1] data = {'name': name, 'avatar': avatar, 'title': 'чатик'} return render_template('base.html', data=data) elif request.args.get('subfunction') == 'get_mess': last_id = request.args.get('last_id') query = f"SELECT messages.id, messages.name, message, posting_time, avatar, user_id " \ f"FROM messages join accounts on " \ f"messages.name=accounts.name WHERE messages.id>{last_id} AND address_id=0 " \ f"order by messages.id LIMIT 100 " dbresponse = pgdb(query) if dbresponse and dbresponse[-1][-1] == -404: posts = {'posts': '-404'} return json.dumps(posts) else: posts = [{ 'id': i[0], 'author': i[1], 'body': i[2], 'posttime': i[3], 'avatar': i[4], 'user_id': i[5] } for i in dbresponse] posts = {'posts': posts} return json.dumps(posts) elif request.args.get('subfunction') == 'logout': session.pop('username', None) return json.dumps({'status': 'logout'}) elif request.method == 'POST': data = request.form name = session['username'] if data['subfunction'] == 'send_mess' and data['text']: query = (name, data['text'], time.time()) query = f"INSERT INTO messages (name, message, posting_time) VALUES {query}" dbresponse = pgdb(query) return {'status': str(dbresponse[-1][-1])}
def allusers(): if request.method == 'GET': if 'subfunction' not in request.args: name = session['username'] query = f"SELECT * FROM accounts WHERE status=true" dbresponse = pgdb(query) users = [{ 'username': i[0], 'avatar': i[5], 'last_seen': i[7] } for i in dbresponse] print(users) data = {'users': users, 'name': name, 'title': 'список юзеров'} return render_template("allusers.html", data=data)
def settings(): if request.method == 'GET': if 'subfunction' not in request.args: name = session['username'] query = f"SELECT avatar, full_avatar FROM accounts where name='{name}'" dbresponse = pgdb(query) avatar = dbresponse[-1][0] full_avatar = dbresponse[-1][1] data = { 'name': name, 'avatar': avatar, 'full_avatar': full_avatar, 'title': f'Настройки {name}' } return render_template("settings.html", data=data) elif request.args.get( 'subfunction' ) == 'get_pictures': # TODO переделать в коллекцию, пофиксить path = 'app/static/images' pictures = [i for i in os.walk(path)] data = {'pictures': pictures[-1][-1]} return json.dumps(data) elif request.args.get('subfunction') == 'change_avatar': name = session['username'] avatar = request.args.get('avatar') query = f"UPDATE accounts SET avatar='{avatar}' WHERE name='{name}'" pgdb(query) return json.dumps({'status': '??'}) elif request.method == 'POST': name = session['username'] data = imgrout(request.files['file'], app.config['UPLOAD_FOLDER']) avatar = data['avatar'] full_avatar = data['full_avatar'] query = f"UPDATE accounts SET avatar='{avatar}', full_avatar='{full_avatar}' WHERE name='{name}'" pgdb(query) return redirect(url_for('settings'))
def profile(user_id): query = f"SELECT * FROM accounts where user_id='{user_id}'" dbresponse = pgdb(query) if len(dbresponse) > 0: user_id = dbresponse[-1][8] user = dbresponse[-1][0] name = session['username'] full_avatar = dbresponse[-1][6] data = { 'user_id': user_id, 'name': name, 'user': user, 'full_avatar': full_avatar, 'title': f'Профиль {user}' } return render_template("profile.html", data=data) else: return "такого челика нету!"