def run(self, data, user, session_key): search_form = SearchForm(data=data) filters_form = SearchFiltersForm(data=data) search_form.is_valid() filters_form.is_valid() keywords = search_form.cleaned_data.get( 'keywords', '').lower().strip().split() location = search_form.cleaned_data.get( 'location', '').lower().strip() job_position = filters_form.cleaned_data.get('job_position') experience_years = filters_form.cleaned_data.get('experience_years') distance = filters_form.cleaned_data.get('distance') full_time = filters_form.cleaned_data.get('full_time', False) part_time = filters_form.cleaned_data.get('part_time', False) visa = filters_form.cleaned_data.get('visa', False) was_search_button_clicked = data.get('_search', '0') == '1' self.user = user results = dict(results=[]) if len(keywords) > 0 or location != '' or was_search_button_clicked: queryset = self.get_queryset(keywords, location, job_position, experience_years, distance, full_time, part_time, visa) object_list = self.get_object_list(queryset) results['results'] = dict(object_list=object_list) session = SessionStore(session_key=session_key) session[constants.RESULTS_BEACON_TASK_DONE_SESSION_KEY] = results session.save()
def submit_upload(request): global rlock assert isinstance(request, HttpRequest) try: rlock.acquire() key = request.POST["key"] cID = request.POST["cID"] index_ = request.POST["index"] s = SessionStore(session_key=key) if s["type"]: pass s.set_expiry(globe_time) s.save() if int(s["type"]) != 3: raise Exception submit_time = datetime.datetime.now() deadline = Task.objects.filter(cid=int(cID),index=int(index_))[0].deadline if submit_time > deadline: raise Exception("beyond deadline!") filename = str(request.FILES["Filedata"]) file_path = "Center/www/upload/" + filename with connection.cursor() as cur: cur.execute("UPDATE worksubmit set FilePath=%s WHERE sID=%s and cID=%s and TaskIndex=%s", [file_path, int(s["ID"]), int(cID), int(index_)]) with open(file_path, "w+b") as fd: fd.write(request.FILES["Filedata"].file.read()) rlock.release() return HttpResponse("OK") except Exception as er: rlock.release() print("submit_upload", er.__class__, er) return HttpResponse("", status=400)
def test_post_success_creates_new_user_with_referrer(self): referrer_url = 'http://facebook.com' post_data = {'email' : '*****@*****.**'} session = SessionStore() session[referrer_url_session_key] = referrer_url session[referring_user_id_session_key] = '' session.save() self.client.cookies[settings.SESSION_COOKIE_NAME] = session.session_key self.assertEqual(User.objects.count(), 1) self.assertEqual(SocialLaunchProfile.objects.count(), 0) response = self.client.post(reverse('social_launch_index'), post_data, follow=True) users = User.objects.all() slps = SocialLaunchProfile.objects.all() self.assertEquals(len(users), 2) self.assertEquals(len(slps), 1) user = users[1] slp = slps[0] self.assertRedirects(response, reverse('social_launch_referral', kwargs={'referring_user_id' : user.id})) self.assertEquals(user.email, post_data['email']) self.assertEquals(user.username, post_data['email']) self.assertFalse(user.has_usable_password()) self.assertContains(response, user_successfully_created_msg) self.assertEquals(slp.user, user) self.assertEquals(slp.referrer_url, referrer_url) self.assertEquals(slp.referring_user, None)
def submit_download(request): global rlock assert isinstance(request, HttpRequest) try: rlock.acquire() key = request.GET["key"] cID = request.GET["cID"] sID = request.GET["sID"] index_ = request.GET["index"] s = SessionStore(session_key=key) if s["type"]: pass s.set_expiry(globe_time) s.save() if int(s["type"]) != 2: raise Exception submit = Worksubmit.objects.filter(cid=int(cID), sid=int(sID), taskindex=int(index_))[0] with open(submit.filepath, "r+b") as fd: data = fd.read() response = HttpResponse(data, content_type='application/octet-stream') response['Content-Disposition'] = "attachment; filename=\"{0}\"".format( urllib.parse.quote(submit.filepath.rsplit("/", 1)[-1], safe='/[]')) rlock.release() return response except Exception as er: rlock.release() print("submit_upload", er.__class__, er) return HttpResponse("", status=400)
def csv_progress(cls, argument_dict, request): key = request.session.session_key store = SessionStore(session_key=key) chunk_size = store['CSV_CHUNK_LINE_COUNT'] length = store['input_csv_length'] if length < chunk_size: store['csv_lines_processed'] = 0 store.save() return 'kill_progress_bar' lines_processed = store['csv_lines_processed'] # Boolean if less than 1000 lines left. Immediatly evaled. remaining_less_than_chunk_size = ((length - lines_processed) < chunk_size) if remaining_less_than_chunk_size: store['csv_lines_processed'] = 0 store.save() return 'kill_progress_bar' else: bar_percent = round(lines_processed/length*100) html = '<div class="progress">' html += '<div class="progress-bar progress-bar-striped active" ' html += 'role="progressbar"' html += ' aria-valuenow="' + str(bar_percent) + '"' html += 'aria-valuemin="0" aria-valuemax="100" style="width:' html += str(bar_percent) + '%">' + str(bar_percent) + '% complete' html += '</div></div>' return html
def view_course(request): assert isinstance(request, HttpRequest) try: data = json.loads(request.body.decode()) key = data["key"] s = SessionStore(session_key=key) if s["type"]: pass s.set_expiry(globe_time) s.save() courses = [] if int(s["type"]) == 3: courses_id = Studentcourse.objects.filter(sid=int(s["ID"])) for course_id in courses_id: c = Course.objects.filter(cid=course_id.cid.cid).values()[0] c["endday"] = c["endday"].strftime("%Y-%m-%d-%H") c["startday"] = c["startday"].strftime("%Y-%m-%d-%H") c["tname"] = Teacher.objects.filter(tid=c["teacherid_id"])[0].tname courses.append(c) elif int(s["type"]) == 2: for course in Course.objects.filter(teacherid=int(s["ID"])).values(): course["endday"] = course["endday"].strftime("%Y-%m-%d-%H") course["startday"] = course["startday"].strftime("%Y-%m-%d-%H") course["tname"] = Teacher.objects.filter(tid=course["teacherid_id"])[0].tname courses.append(course) except Exception as er: print("view_course", er.__class__, er) print(request.body) return HttpResponse("", status=400) return HttpResponse(json.dumps(courses))
def create_pre_authenticated_session(email): user = User.objects.create(email=email) session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session.save() return session.session_key
def logout_view(request): p=SessionStore(session_key=request.session["idkey"]) p["estado"]="desconectado" p["name"]="" p.save() logout(request) return HttpResponseRedirect("/")
def confirm(request): try: session_s, user_mail, user = None, None, None #Obtener llave de sesion y mail de usuario a partir del GET if request.method == 'GET': session_s = SessionStore(session_key=request.GET['']) user_mail = request.GET['email'] else: return C_error.raise_error(C_error.PERMISSIONDENIED) #Verificar que coinciden el email de sesion y el email que se entrega para obtener #al usuario a traves del email if session_s['user_mail'] == user_mail: user = User.objects.get(email=session_s['user_mail']) else: return C_error.raise_error(C_error.EXPIREDKEY) #Verificar que el usuario no este activo para activarlo. Una vez activado se borra #la sesion. if(user.is_active == False): user.is_active = True user.save() session_s.delete() form = LoginForm() c = { 'form': form, 'success':True} return render_to_response('user_login.html', c,context_instance = RequestContext(request) ) else: return C_error.raise_error(C_error.USERALREADYACTIVE) #Exceptions que se pueden producir por algun fallo durante la activacion de la cuenta. except KeyError: return C_error.raise_error(C_error.INVALIDEXPIREDKEY) except ObjectDoesNotExist: return C_error.raise_error(C_error.UNREGISTEREDUSER) except Exception as e: print '%s (%s)' % (e.message, type(e)) return C_error.raise_error(C_error.MAGICERROR)
def process_request2(self, request): user = None if request.path.startswith('/css') or request.path.startswith('/fav'): return #request.session.set_test_cookie() if request.user.id is not None and request.user.id>0: user = request.user.id try: sess=UserSession.objects.get(user__id=user) sess.session_key=request.session.session_key sess.time = datetime.now() sess.save() except: if request.session.session_key is None or len(request.session.session_key) >40: session_key = request.COOKIES.get(settings.SESSION_COOKIE_NAME, None) s = SessionStore(session_key) s['last_login'] = datetime.isoformat(datetime.now()) s.save() request.COOKIES['last_login'] = s['last_login'] else: s = request.session sess,created=UserSession.objects.get_or_create(user_id=user,session_key=s.session_key,board_id=None,thread_id=None) sess.time = datetime.now() sess.session_key=s.session_key sess.save() request.session = s d = timedelta(seconds=3600) deldate = datetime.now()-d UserSession.objects.filter(time__lt=deldate).delete() # delete all sessions that are not in the sessiontable UserSession.objects.raw('DELETE from users_usersession WHERE session_key not in (SELECT d.session_key FROM django_session d)')
def gr(request, id): """ Geo-Room: shows a group of users on the map updating their position. The Geo-Room MUST be created with the gr_new. Check if the user is already present in this georoom otherwise register inside it. """ gr = get_object_or_404(GeoRoom, idx=id) if not request.session.session_key: # if the user came for the first time then she doesn't have any cookie # and session_key configured # see <https://docs.djangoproject.com/en/1.4/topics/http/sessions/#using-sessions-out-of-views> from django.contrib.sessions.backends.db import SessionStore s = SessionStore() s.save() request.session = s gruser, created = GRUser.objects.get_or_create( session_key=request.session.session_key, ) gr.users.add(gruser) return render_to_response( 'places/gr.html', {}, context_instance=RequestContext(request))
def resend_confirmation(request): try: if request.method == 'POST': form = SendConfirmationForm(request.POST) if form.is_valid(): session_s = SessionStore() session_s['user_mail'] = form.cleaned_data['email'] session_s.set_expiry(SESSION_EXPIRY) session_s.save(must_create=True) user = User.objects.get(email=session_s['user_mail']) if(user.is_active == False): return send_registration_confirmation(session_s) else: return C_error.raise_error(C_error.USERALREADYACTIVE) else: form = SendConfirmationForm() c = { 'form': form } c.update(csrf(request)) return render_to_response('register_form.html', c) #Exceptions que se pueden producir por algun fallo durante el reenvio de la llave de confirmacion. except ObjectDoesNotExist as e: return C_error.raise_error(C_error.UNREGISTEREDUSER) except Exception: print '%s (%s)' % (e.message, type(e)) return C_error.raise_error(C_error.MAGICERROR)
def test_get_or_create7(self): """User session object get_or_create workspace cornercase. Defined user has preference over defined session.""" user = User(username='******', password='******') user.save() user2 = User(username='******', password='******') user2.save() session_store = SessionStore(session_key='other_session') session_store.save() user_session_object = UserSession.get_or_create( self.other_session_key, user=user) self.assertTrue(user_session_object.id) user_session_object_user = UserSession.get_or_create( self.session_key, user=user) self.assertEquals( user_session_object.id, user_session_object_user.id) # Don't find anything: create new workspace user_session_object_other = UserSession.get_or_create( self.other_session_key, user=user2) self.assertNotEquals( user_session_object.id, user_session_object_other.id)
def auth_view(request): params = request.GET vk_token = params.get("vk_token") if vk_token is not None: user = get_user_by_vk(vk_token) vkapi = vk.API(vk.Session(), access_token=vk_token) audios = vkapi.audio.get(owner_id=user.vk_id)[1:] genre_count = collections.defaultdict(int) for audio in audios: genre_count[audio.get("genre", 5000)] += 1 UserGenre.objects.filter(user=user).update( count=0, ) for genre, count in genre_count.items(): user_genre = UserGenre.objects.get_or_create( user_id=user.id, genre_id=genre, )[0] user_genre.count = count user_genre.save() else: raise TripsExc("auth_error") ss = SessionStore() ss["user_id"] = user.id ss.save() return { "auth_token": ss.session_key, "user": user.get_data(), }
def add_task(request): assert isinstance(request, HttpRequest) try: data = json.loads(request.body.decode()) s = SessionStore(session_key=data["key"]) if s["type"]: pass s.set_expiry(globe_time) s.save() old = Task.objects.filter(name=data["TaskName"]) if len(old): return HttpResponse({"index": old[0].index}) cid = int(data["cID"]) name = data["TaskName"] request = data["Description"] maxgrade = int(data["MaxPoint"]) release = datetime.datetime.now() deadline = datetime.datetime.strptime(data["DeadLine"], "%Y-%m-%dT%H:%M") index_ = -1 with connection.cursor() as cur: cur.execute("insert into task VALUES (%s,%s,%s,%s,%s,%s,%s,%s)", [cid, index_, name, request, release, deadline, "", maxgrade]) old_task = Task.objects.filter(cid__cid=cid, name=name)[0] return HttpResponse(json.dumps({"index": old_task.index})) except Exception as er: print("add_task", er.__class__, er) return HttpResponse("")
def task_upload(request): global rlock assert isinstance(request, HttpRequest) try: rlock.acquire() key = request.POST["key"] cID = int(request.POST["cID"]) index_ = int(request.POST["index"]) s = SessionStore(session_key=key) if s["type"]: pass s.set_expiry(globe_time) s.save() if int(s["type"]) != 2: raise Exception filename = str(request.FILES["Filedata"]) attachment = "Center/www/upload/" + filename with open(attachment, "w+b") as fd: fd.write(request.FILES["Filedata"].file.read()) with connection.cursor() as cur: cur.execute("update task set Attachment=%s WHERE cID=%s and `Index`=%s;", [attachment, cID, index_]) rlock.release() return HttpResponse("OK") except Exception as er: rlock.release() print("task_upload", er.__class__, er) return HttpResponse("", status=400)
def create_user_session(user): # Then create the authenticated session using the new user credentials session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session[HASH_SESSION_KEY] = user.get_session_auth_hash() session.save() return session
def create_pre_authenticated_session(self, email): user = User.objects.create(email=email) session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session.save() self.browser.get(self.server_url + "/404_no_such_url/") self.browser.add_cookie(dict(name=settings.SESSION_COOKIE_NAME, value=session.session_key,path='/',))
def newSessionHandler(argRequest, argUser): tmpToken = md5Encoding(tokenGenerator(16)) argRequest.session['id'] = tmpToken tmpSession = SessionStore() tmpSession.save() tmpSessionKey = tmpSession.session_key; argRequest.session._session_key = tmpSessionKey User.objects.filter(pk=argUser.id).update(session_key=tmpSessionKey)
def logout_view(request): cookie=SessionStore(session_key=request.session["idkey"]) cookie["estado"]="desconectado" #del request.cookie["idkey"] cookie["name"]="" cookie.save() logout(request) return HttpResponseRedirect("/")
def place_order(sender, **kwargs): """ collect basket, user, shipping_method and address, order_number, total and pass them to handle_order_placement, but first add payment events and sources """ request = kwargs.get('request', None) or HttpRequest() basket = sender user = basket.owner if basket.owner else AnonymousUser() guest_email = None strategy = selector.strategy(user=user) session_data = shipping_address = shipping_method = None log.debug("initialising: \n basket = %s \n usr = %s \n strategy = %s", basket, user, strategy) basket.strategy = strategy amount_allocated = kwargs['OutSum'] session_key = kwargs['session_key'] order_num = kwargs['order_num'] if session_key is not None: session = SessionStore(session_key = session_key) if len(session.items()): log.debug("Session %s successfully restored", session) request.session = session request.user = user session_data = CheckoutSessionData(request) if isinstance(user, AnonymousUser): guest_email = session_data.get_guest_email() order_placement = RobokassaOrderPlacement() order_placement.request = request if session_data is not None: order_placement.checkout_session = session_data shipping_address = order_placement.get_shipping_address(basket) shipping_method = order_placement.get_shipping_method( basket, shipping_address) total = order_placement.get_order_totals(basket, shipping_method) else: # session not found, lets try to place order anyway log.error(("Session was not restored, trying default order for " "basket #%s"), basket.id) basket.is_shipping_required = False total = prices.Price( currency=basket.currency, excl_tax=basket.total_excl_tax, incl_tax=basket.total_incl_tax) # now create payment source and events source_type, is_created = SourceType.objects.get_or_create( name=u'Робокасса', code='robokassa') source = Source(source_type=source_type, amount_allocated=amount_allocated, amount_debited=amount_allocated) order_placement.add_payment_source(source) order_placement.add_payment_event('allocated', amount_allocated) order_placement.add_payment_event('debited', amount_allocated) post_payment.send(sender=order_placement, user=user, source=source) # all done lets place an order order_placement.handle_order_placement( order_num, user, basket, shipping_address, shipping_method, total, guest_email=guest_email)
def upload_complete(self): if self.cache_key: try: s = SessionStore(session_key = self.request.session.session_key) except: return None data = s[self.cache_key] data['state'] = 'done' s.save()
def get_or_create(cls): s = SessionStore() try: return s['google_sync'] except KeyError: google_sync = cls() s['google_sync'] = google_sync s.save() return google_sync
def get(self, request, *args, **kwargs): #what does a get do here? s = SessionStore() s['last_login'] = DateTools.getNowAsString() s['userid'] = 1 #this should be set to the user id returned from authentication s.save() response = s.session_key + " | Last_login: " + s['last_login'] return HttpResponse(response)
def test_sesh(request): sessions = Session.objects.all() for session in sessions: key = session.session_key sesh = SessionStore(session_key=key) sesh['room'] = 'newroom' sesh.save() print sesh return render(request, 'test.html')
def create_pre_authenticated_session(email, password, *args, **kwargs): user = User.objects.create_user(username=email, email=email, password=password, *args, **kwargs) session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session.save() return session.session_key
def themes_enabled(self, request): """ Check if themes are enabled for the current session/request. """ if settings.DEBUG and request.GET.get('theme') == 'none': return False if 'sessionid' not in request.COOKIES: return True session = SessionStore(session_key=request.COOKIES['sessionid']) return session.get('django_diazo_theme_enabled', True)
def HandelSession(request): try: sessionid = request.COOKIES['sessionid'] except: sessionid = None if sessionid == None: s = SessionStore() s.save() sessionid = s.session_key
def create_pre_authenticated_session(email): """ Creates fixture-like session to pass by authentication system """ user = User.objects.create(email=email) session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session.save() return session.session_key
def enable_pre_authenticated_session(self, username): session = SessionStore() session[SESSION_KEY] = self.user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[3] session.save() ### to set a cookie we need to first visit the domain ## 404 pages load the quickest self.browser.get(self.server_url + "/404_no_such_url/") self.browser.add_cookie(dict(name=settings.SESSION_COOKIE_NAME, value=session.session_key, path="/"))
def create_pre_authenticated_session(self, email): user = User.objects.create(email=email) session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session.save() # 为了设定cookie,我们要先访问网站 # 而404页面是加载最快的(django2.2.3报错 + '/404_no_such_url/') self.driver.get(self.live_server_url) self.driver.add_cookie( dict( name=settings.SESSION_COOKIE_NAME, value=session.session_key, path='/', ))
def create_pre_authenticated_session(self, email): user = User.objects.create(email=email) session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session.save() ## to set a cookie we need to first visit the domain. ## 404 pages load the quickest! self.browser.get(self.live_server_url + "/404_no_such_url/") self.browser.add_cookie( dict( name=settings.SESSION_COOKIE_NAME, value=session.session_key, path='/', ))
def create_pre_authenticated_session(email): """ Creates session key :param email: email to associate with session :return: session key """ user = User.objects.create(email=email) session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session.save() return session.session_key
def create_session_cookie(username, password): user = User.objects.create_user(username=username, password=password) profile = Profile.objects.get(user=user) session = SessionStore() session[SESSION_KEY] = profile.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session[HASH_SESSION_KEY] = user.get_session_auth_hash() session.save() cookies = { "name": settings.SESSION_COOKIE_NAME, "value": session.session_key, "secure": False, "path": "/", } return cookies
def create_pre_authenticated_session(self, user): session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session.save() ## to set a cookie we need fo first visit the domain. ## 404 pages load the quicktest! self.browser.get('{0}/404_no_such_url/'.format(self.server_url)) self.browser.add_cookie( dict( name=settings.SESSION_COOKIE_NAME, value=session.session_key, path='/', )) return session.session_key
def create_pre_authenticated_session(self, email): user = User.objects.create(email=email) session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session.save() ## para definir um cookie, precisamos antes acessar o domínio. ## as páginas 404 são as que carregam mais rapidamente! self.browser.get(self.live_server_url + "/404_no_such_url/") self.browser.add_cookie( dict( name=settings.SESSION_COOKIE_NAME, value=session.session_key, path="/", ))
def authenticate_credentials(self, key): session = SessionStore(session_key=key) if not session.exists(key): raise exceptions.AuthenticationFailed("Invalid token.") user_id = session.get(SESSION_KEY) if user_id is None: raise exceptions.AuthenticationFailed("Invalid token.") try: user = User.objects.get(id=user_id) except User.DoesNotExist: raise exceptions.AuthenticationFailed("User inactive or deleted.") if not user.is_active: raise exceptions.AuthenticationFailed("User inactive or deleted.") return (user, None)
def test_signup_completed_profile(self): user = authenticate(username=self.user.username, password='******') request = self.factory.request() s = SessionStore() s.save() request.session = s login(request, user) request.user = user self.pleb.email_verified = True self.pleb.save() res = signup_view(request) self.assertIn(res.status_code, [status.HTTP_200_OK, status.HTTP_302_FOUND]) self.pleb.email_verified = False self.pleb.save()
def _update_current_session_key(self, r, request, user_str): ''' 本函数线程安全,django的wsgiserver是多线程的,当多个请求并发时此处要使用sychronized装饰器 :param r: :param request: :return: ''' # 此处的last_session_key需要重新获取,因为可能被其他线程更新 last_session_key = r.get(user_str).decode() if last_session_key != request.session.session_key: r.set(user_str, request.session.session_key, ex=EXPIRE_TIME) # delete session in db last_session = SessionStore(last_session_key) last_session.delete() return
def test_email_verification_view_success(self): cache.clear() user = authenticate(username=self.user.username, password='******') request = self.factory.request() s = SessionStore() s.save() request.session = s login(request, user) request.user = user pleb = Pleb.nodes.get(email=user.email) token = self.token_gen.make_token(user, pleb) res = email_verification(request, token) self.assertEqual(res.status_code, status.HTTP_302_FOUND)
def create_pre_authenticated_session(self, email): user = User.objects.create(email=email) session = SessionStore() session[SESSION_KEY] = user.pk session[BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] session.save() self.browser.get(self.server_url + '/404_no_such_url/') self.browser.add_cookie( dict( name=settings.SESSION_COOKIE_NAME, value=session.session_key, path='/', ))
def log_in_master_admin(self): master_admin_session = SessionStore() master_admin_session[SESSION_KEY] = self.master_admin.pk master_admin_session[ BACKEND_SESSION_KEY] = settings.AUTHENTICATION_BACKENDS[0] master_admin_session[ HASH_SESSION_KEY] = self.master_admin.get_session_auth_hash() master_admin_session.save() self.visit('') self.browser.add_cookie({ 'name': settings.SESSION_COOKIE_NAME, 'value': master_admin_session.session_key, 'path': '/' })
def save_off_message(request): ''' @description: 保存客户端发来的离线消息,一条一条保存 @param {type} post={"session_id":session_id,"from_email":xxx,"to_email":xxxx,"msg_enc":xxxx} @return: {"status":True,"msg":"保存成功"} or {"status":False,"msg":"网络错误"} ''' if request.method=="POST": session_id = request.POST.get("session_id","") if request.session.exists(session_id): # user_ip = get_ip(request) s = SessionStore(session_key=session_id) user_email = s["email"] user = Users.objects.get(email=user_email) # 获取到发送者的id记录,作为from _id msg = request.POST.get("msg",'') data = json.loads(msg) to_id = data["to_email"] msg_enc = data["msg_enc"] to_user = Users.objects.get(email=to_id) # 保存离线消息到数据库 new_entry = Off_msg.objects.create() new_entry.from_id=user_email new_entry.to_id = to_id new_entry.msg_enc=msg_enc new_entry.save() to_user.have_off_msg=1 # 设置对方有离线消息 to_user.save() msg = {"status":True,"msg":"保存成功"} else: msg = {"status":False,"msg":"非法用户请求"} else: msg={"status":False,"msg":"请求方法错误"} return HttpResponse(json.dumps(msg))
def del_friends(request): ''' @description: 响应删除好友,同时删除双方的表friends @param {type} POST:{"session_id":xxx,msg":{"friend_email":xxxx}} 请求一次删除email为friend_id的好友 @return: {"status":True,"msg":"删除成功"} or msg = {"status":False,"msg":"不存在该好友"} or {"status":False,"msg":"网络错误"} ''' if request.method=="POST": session_id = request.POST.get("session_id","") # user_ip = get_ip(request) if request.session.exists(session_id): s = SessionStore(session_key=session_id) user_email = s["email"] user = Users.objects.get(email=user_email) # 获取到当前client的记录 msg = request.POST.get("msg",'') # 获取到client发来的消息,如要删除那个好友 data = json.loads(msg) # {"friend_email":....} 要删除的好友id friend_email = data["friend_email"] try: friend_entry = Friends.objects.get(user_id=user_email,friend_id=friend_email) friend_entry.delete() friend_entry = Friends.objects.get(friend_id=user_email,user_id=friend_email) friend_entry.delete() msg = {"status":True,"msg":"删除成功"} except Friends.DoesNotExist: msg = {"status":False,"msg":"不存在该好友"} else: msg = {"status":False,"msg":"非法用户请求"} else: msg = {"status":False,"msg":"请求方法错误"} return HttpResponse(json.dumps(msg))
def get(self, request, format=None): try: # Get the session of the current user. session = SessionStore(session_key=request.COOKIES['sessionid']) # Try and get the session token, return 401 unauthorized if unable to. try: token = session['plexjocke_token'] if token: # See if the user only wants to see their requests try: useronly = request.GET['useronly'] if useronly == 'y': requests = Request.objects.all().filter( user=session['plexjocke_username']).order_by( '-id') else: requests = Request.objects.all().order_by('-id') except KeyError: requests = Request.objects.all().order_by('-id') serializer = MovieListSerializer(requests, many=True) return Response(serializer.data) else: return Response(status=status.HTTP_401_UNAUTHORIZED) except KeyError: return Response(status=status.HTTP_401_UNAUTHORIZED) except KeyError: return Response(status=status.HTTP_401_UNAUTHORIZED)
def query_make_friends_requests_response(request): ''' @description: 返回自己的好友申请记录的对方处理状态,[{"to_id":to_user_email,"result":1|2|3},{...},....],其中to_user_email是自己申请谁为好友,1,2,3分别代表为{未处理,已同意,已拒绝} @param {type} POST {"session_id":session_id} @return: {"status":True|False,"msg":[{"to_id":to_user_email,"result":1|2|3},{...},....]} ''' if request.method == "POST": session_id = request.POST.get("session_id") if request.session.exists(session_id): s = SessionStore(session_key=session_id) user_email = s['email'] res_make_friend_requests_set = Make_friends_requests.objects.filter(from_id=user_email).order_by('-add_time') msg_list = [] for res_make_friend_requests_entry in res_make_friend_requests_set: if res_make_friend_requests_entry.handled == 0: msg_list.append({"to_id":res_make_friend_requests_entry.to_id,"result":1}) else: if res_make_friend_requests_entry.result == 1: msg_list.append({"to_id":res_make_friend_requests_entry.to_id,"result":2}) else: msg_list.append({"to_id":res_make_friend_requests_entry.to_id,"result":3}) msg = {"status":True,"msg":msg_list} else: msg = {"status":False,"msg":"非法用户请求"} else: msg = {"status":False,"msg":"请求方法错误"} return HttpResponse(json.dumps(msg))
def friends(request): ''' @description: 响应在线client的好友列表,返回好友列表(以状态位标志online是否在线),列表的组织形式: @param {type} requests.POST(url,data={"session_id"=xxxx"}) @return: {"status":True,"msg":{[{"friend_email":xxxx,"online":0|1},{"friend_email":xxxx,"online":0|1},{......}]}} online = 1 表示该好友在线或者 {"status":False,"msg":错误提示} {"email":xxxx}为一个好友信息的返回 ''' if request.method == 'POST': # user_ip = get_ip(request) session_id = request.POST.get("session_id","") if request.session.exists(session_id): s = SessionStore(session_key=session_id) user_email = s["email"] try: friends_list = [] # "msg":[{"user_id":email},...] user = Users.objects.get(email=user_email) friends_set = Friends.objects.filter(user_id=user_email) # 返回好友集合 for friend in friends_set: friend_on_line = Users.objects.get(email=friend.friend_id) if friend_on_line.is_online == 1: friends_list.append({"friend_email":friend.friend_id,"online":1}) # 返回好友的id(email) else: friends_list.append({"friend_email":friend.friend_id,"online":0}) msg = {"status":True,"msg":friends_list} except Users.DoesNotExist: msg={"status":False,"msg":"连接数据库失败"} else: msg = {"status":False,"msg":"非法用户请求"} else: msg = {"status":False,"msg":"请求方法错误"} return HttpResponse(json.dumps(msg))
def Sessions(request, imageid="1"): image_list = Image.objects.all().order_by('?')[:259] print type(request.session.session_key) print request.session.session_key if request.session.session_key: person_id = Person.objects.get( session__pk=request.session.session_key).id else: return redirect('person') request.session["person_id"] = person_id listdb = request.session.get("image_id", []) print listdb print type(listdb) if len(listdb) == 1: request.session.set_expiry(10) listdb.append(imageid) request.session["image_id"] = listdb for i in Session.objects.all(): print SessionStore().decode(i.session_data) return render( request, 'image.html', { 'image_show': Image.objects.get(id=imageid), 'listdb': listdb, 'user_id': person_id, 'image_list': image_list })
def setup_request(self): """ Utility function for flushing and setting up request object for testing """ self.request = HttpRequest() self.request.user = AnonymousUser() self.request.session = SessionStore()
def test_register_view_returns_redirect(rf, user, django_user_model): # Get the request with the users data request = rf.post(reverse('blog_admin:register'), { 'username': user.username, 'email': user.email, 'password': user.password }) # Add session object for the proper work of login() request.session = SessionStore() request.session.create() # Make a new user object in order to mock the registration form new_user = django_user_model.objects.create_user(username=user.username, password=user.password) # Mock the Register form object form = MagicMock() form.save.return_value = new_user # Get an instance of the view and initialize it view = RegisterView() view.setup(request) response = view.form_valid(form) # When the new user object is created, it's last_login date would be None assert new_user.last_login is not None, \ "User is not logged in" assert response.status_code == 302, \ "Response is not redirect response" assert response.url == reverse('blog_admin:home'), \ "Response does not redirect to the correct page"
def wrapper(request, *args, **kwargs): try: uid = request.session['uid'] user = User.objects.get(pk=uid) except KeyError: user = None except User.DoesNotExist: return HttpResponseForbidden() if user and user.is_authenticated(): request.user = user return request_processor(request, *args, **kwargs) else: try: data = json.loads(request.body) username = data.get('username') password = data.get('password') user = auth_origin.authenticate(username=username, password=password) except ValueError: user = None if user and user.is_active: if 'remember' in request.POST: auth.login(request, user) request.session = SessionStore() request.session['uid'] = user.id request.user = user return request_processor(request, *args, **kwargs) else: return HttpResponseForbidden()
def delete(self, request, pk, format=None): sonarr = Sonarr(settings.SONARR_HOST, settings.SONARR_PORT, settings.SONARR_API_KEY) try: # Get the session of the current user. session = SessionStore(session_key=request.COOKIES['sessionid']) try: token = session['plexjocke_token'] if token: try: show = Request.objects.get(pk=pk) if sonarr.delete_show(show.sonarr_id): show.delete() return Response(sonarr.reply, status=status.HTTP_204_NO_CONTENT) else: return Response(sonarr.reply, status=status.HTTP_400_BAD_REQUEST) except Request.DoesNotExist: return Response(status=status.HTTP_404_NOT_FOUND) else: return Response(status=status.HTTP_401_UNAUTHORIZED) except KeyError: return Response(status=status.HTTP_401_UNAUTHORIZED) except MultiValueDictKeyError: return Response(status=status.HTTP_401_UNAUTHORIZED)
def test_login_blocked_for_non_standard_login_views_with_msg(self): """ Check that a view wich returns the expected status code and the expected message is causing the IP to be locked out. """ @watch_login(status_code=401, msg='Invalid credentials') def fake_api_401_login_view_without_msg(request): """ Fake the api login with 401 """ return HttpResponse('Sorry, Invalid credentials', status=401) request_factory = RequestFactory() request = request_factory.post('api/login') request.user = AnonymousUser() request.session = SessionStore() request.META['HTTP_X_FORWARDED_FOR'] = '192.168.24.24' for _ in range(3): fake_api_401_login_view_without_msg(request) data_out = utils.get_blocked_ips() self.assertEqual(data_out, []) fake_api_401_login_view_without_msg(request) data_out = utils.get_blocked_ips() self.assertEqual(data_out, ['192.168.24.24'])
def authenticate(self, request): session_id = getSessionId(request) sessionStore = SessionStore(session_key=session_id) uid = sessionStore.get('_auth_user_id', '') # Add the session object into request request.session = sessionStore if not uid: raise exceptions.AuthenticationFailed('Invalid session id') try: user = AppUser.objects.get(id=uid, is_active=True) except AppUser.DoesNotExist: raise exceptions.AuthenticationFailed('Invalid session id') return (user, None)
def repair_recommendations(): """ Checks if the recommendations contain links to documents no longer available. Removes those links when found. """ from django.contrib.sessions.models import Session from django.contrib.sessions.backends.db import SessionStore for session in Session.objects.all(): session_dict = session.get_decoded() if 'tracker' in session_dict: LOGGER.info("removing tracker for session '{}'".format( session.session_key)) del session_dict['tracker'] session.session_data = SessionStore().encode(session_dict) session.save() for _dict in ResourceCountDict.objects.all(): try: StorageObject.objects.get(identifier=_dict.lrid) except StorageObject.DoesNotExist: # remove recommendation LOGGER.info("removing recommendations dictionary for {}".format( _dict.lrid)) _dict.delete() for _pair in ResourceCountPair.objects.all(): try: StorageObject.objects.get(identifier=_pair.lrid) except StorageObject.DoesNotExist: # remove recommendation LOGGER.info("removing recommendations entry for {}".format( _pair.lrid)) _pair.delete()
def test_login_blocked_for_non_standard_login_views_without_msg(self): """ Check that a view wich returns the expected status code is causing the user to be locked out when we do not expect a specific message to be returned. """ @watch_login(status_code=401) def fake_api_401_login_view_without_msg(request): """ Fake the api login with 401 """ return HttpResponse(status=401) request_factory = RequestFactory() request = request_factory.post("api/login") request.user = AnonymousUser() request.session = SessionStore() request.META["HTTP_X_FORWARDED_FOR"] = "192.168.24.24" for _ in range(3): fake_api_401_login_view_without_msg(request) data_out = utils.get_blocked_ips() self.assertEqual(data_out, []) fake_api_401_login_view_without_msg(request) data_out = utils.get_blocked_ips() self.assertEqual(data_out, ["192.168.24.24"])
def login(self, **message): if not self.handshake: pass else: try: self.timestamp = float(message['timestamp']) except: self.timestamp = None self.request = HttpRequest() self.request.path = message.get('url', '/') # TODO(hamax): path_info is not always full path self.request.path_info = self.request.path self.request.method = 'GET' self.request.GET = parse_params(message.get('GET', '')) self.request.COOKIES = parse_cookies(message.get('cookies', '')) # set to XMLHttpRequest so that request.is_ajax() returns True self.request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' # auth self.request.session = {} self.request.user = AnonymousUser() if 'sessionid' in self.request.COOKIES: self.request.session = SessionStore( session_key=self.request.COOKIES['sessionid']) if '_auth_user_id' in self.request.session: self.request.user = User.objects.get( id=self.request.session['_auth_user_id']) self.handshake = False self.tracker.connect(self)
def query_make_friends_requests(request): ''' @description: 被申请加为好友的对方登录查询好友申请记录,返回好友申请列表 @param {type} POST,{"session_id":xxxx} @return: {"status":True,"msg":[{"from_user_email":xxxx},{"from_user_email":xxxx},{"from_user_email":xxxx},......]}或者{"status":False,"msg":"没有好友申请"} ''' if request.method =="POST": session_id = request.POST.get("session_id","") if request.session.exists(session_id): s = SessionStore(session_key=session_id) user_email = s["email"] # user_ip = get_ip(request) user = Users.objects.get(email=user_email) if user.have_friends_requests: query_set = Make_friends_requests.objects.filter(to_id=user_email,handled=0) # 被申请人且未处理的好友申请记录列表返回 query_list = [] for query_entry in query_set: from_user_email = query_entry.from_id query_list.append({"from_user_email":from_user_email}) msg = {"status":True,"msg":query_list} else: msg = {"status":False,"msg":"没有好友申请"} else: msg = {"status":False,"msg":"非法用户请求"} else: msg = {"status":False,"msg":"请求方法错误"} return HttpResponse(json.dumps(msg))
def request(self, **request): request["user"] = None request = super(RequestFactory, self).request(**request) request.user = AnonymousUser() request.session = SessionStore() request._messages = FallbackStorage(request) return request
def query_off_msg(request): ''' @description: client知道存在离线消息,用户查询 离线消息集合 的转发 @param {type} {"session_id":session_id} @return: {"status":True,"public_key":xxx,msg":[ {"msg_enc":xxxxxx}, {"msg_enc":xxxxx}...]} ''' if request.method=="POST": session_id = request.POST.get("session_id","") if request.session.exists(session_id): # user_ip = get_ip(request) s = SessionStore(session_key=session_id) user_email = s["email"] user = Users.objects.get(email=user_email) user_to_id = user_email # off_msg_set = Off_msg.objects.filter(to_id=user_to_id,is_read=0) off_msg_set = Off_msg.objects.filter(to_id=user_to_id) off_msg_list=[] for off_msg_entry in off_msg_set: msg_entry = {"msg_enc":off_msg_entry.msg_enc} off_msg_entry.is_read = 1 off_msg_entry.save() off_msg_list.append(msg_entry) user.have_off_msg = 0 user.save() msg = {"status":True,"msg":off_msg_list} else: msg = {"status":False,"msg":"非法用户请求"} else: msg = {"status":False,"msg":"请求方法错误"} return HttpResponse(json.dumps(msg))