def signup():
'''
This creates an account for the user. This is used in adjunction with
javascript to create an ajax signup form
'''
form = Signup_Form(csrf_enabled=False)
if request.method == 'POST' and form.validate_on_submit():
username = request.form.get('username', None)
email = request.form.get('email', None)
password = request.form.get('password', None)
password_hash = User.gen_hash(password)
new_user = User(name=username, email=email,
password_hash=password_hash)
new_user.save()
login_user(new_user)
return jsonify(status="success", redirect=request.referrer)
else:
#we assume that there at most 1 error for any field
errors = {}
if len(form.email.errors) > 0:
errors["email_error"] = form.email.errors[0]
if len(form.username.errors) > 0:
errors["username_error"] = form.username.errors[0]
if len(form.password.errors) > 0:
errors["password_error"] = form.password.errors[0]
if errors:
errors["status"] = "error"
return jsonify(errors)
def signup():
'''
This creates an account for the user. This is used in adjunction with
javascript to create an ajax signup form
'''
form = Signup_Form(csrf_enabled=False)
if request.method == 'POST' and form.validate_on_submit():
username = request.form.get('username', None)
email = request.form.get('email', None)
password = request.form.get('password', None)
password_hash = User.gen_hash(password)
new_user = User(name=username,
email=email,
password_hash=password_hash)
new_user.save()
login_user(new_user)
return jsonify(status="success", redirect=request.referrer)
else:
#we assume that there at most 1 error for any field
errors = {}
if len(form.email.errors) > 0:
errors["email_error"] = form.email.errors[0]
if len(form.username.errors) > 0:
errors["username_error"] = form.username.errors[0]
if len(form.password.errors) > 0:
errors["password_error"] = form.password.errors[0]
if errors:
errors["status"] = "error"
return jsonify(errors)
def delete_deal(deal_id):
'''
This function is used by a user to delete a deal. The user trying to
delete this deal must be the author of the deal.
We are not sending this off to celery as a async task b'c we want to
ensure that this a deal is deleted immediately, rather at time delta
later
'''
msg = {}
user = User.objects(id=current_user.id).first()
if str(deal_id) not in user.deals_submitted:
msg['status'] = 'error'
msg['message'] = 'you cannot delete this deal b\'c you are not the author'
return jsonify(msg)
try:
deal = Deal.objects(id=deal_id).first()
deal.deleted = True
deal.save()
remove_deal(deal.sequence_num)
remove_deal_num_from_lists(deal.sequence_num)
except Exception as e:
print e
msg['status'] = 'error'
msg['message'] = 'error occured while deleting user object'
return jsonify(msg)
msg['status'] = 'success'
return jsonify(msg)
def validate(self):
rv = Form.validate(self)
num_errors = 0
if not rv:
num_errors = num_errors + 1
if not User.is_email_available(self.email.data):
self.email.errors.append('This email has been registered. Try a different one')
num_errors = num_errors + 1
if not User.is_username_available(self.username.data):
self.username.errors.append('This username has been registered. Try a different one')
num_errors = num_errors + 1
if num_errors > 0:
return False
return True
def validate(self):
rv = Form.validate(self)
if not rv:
return False
user = User.get_user(self.username.data, self.password.data)
if user is None:
return False
self.user = user
return True
def upvote(deal_id, user_id, remote_addr):
try:
new_vote = Vote(deal_id=str(deal_id), ip=remote_addr,
voter_id=str(user_id))
new_vote.save()
Deal.objects(id=deal_id).update_one(push__votes=str(new_vote.id))
user = User.objects(id=user_id).first()
user.votes.append(str(new_vote.id))
user.save()
except Exception, exc:
#log error here
upvote.retry(exc=exc, delay=task_retry_delay)
def forgot_password():
form = Password_Request_Form(csrf_enabled=False)
msg = {}
if request.method == "POST" and form.validate_on_submit():
username = request.form.get('username')
user = User.objects(name=username)
if user is not None:
token = signer.dumps(username)
# gen_passwod_reset_email(user.email, token)
msg['status'] = "success"
else:
msg['status'] = "error"
msg['email_error'] = form.email.errors[0]
return jsonify(msg)
def forgot_password():
form = Password_Request_Form(csrf_enabled=False)
msg = {}
if request.method == "POST" and form.validate_on_submit():
username = request.form.get('username')
user = User.objects(name=username)
if user is not None:
token = signer.dumps(username)
# gen_passwod_reset_email(user.email, token)
msg['status'] = "success"
else:
msg['status'] = "error"
msg['email_error'] = form.email.errors[0]
return jsonify(msg)
def show_user_profile(name, filter_by, page, sort):
'''
This method retrieve a list of deals shared or bookmarked by the
user. This method is used to show the user's history on the site.
A user's bookmark is private to the user's eye's only. Abort 404 will be
thrown if a users try to access some other user's bookmark.
'''
#sanity check our inputs
if sort not in sorts:
return abort(404)
#are we trying to retrieve the profile of a non-existent user?
page_owner = User.objects(name=name).first()
if page_owner is None:
return abort(404)
# if we are trying filtering by the correct categories?
if filter_by not in user_history_filters:
return abort(404)
#do not allow other users to see other user's bookmark
current_user = get_current_user()
if filter_by == 'bookmarked' and (current_user == None
or current_user.name != name):
return abort(404)
key = [name, '_', filter_by, '_', sort]
key = ''.join(key)
deal_seq_nums = None
if r.exists(key):
deal_seq_nums = r.lrange(key, 0, -1)
if deal_seq_nums == ['None']:
deal_seq_nums = []
else:
deal_queryset = query_for_deals(page_owner, filter_by, sort)
deal_seq_nums = [deal.sequence_num for deal in deal_queryset]
store_list_of_deals(key, deal_seq_nums)
for deal in deal_queryset:
store_deal(deal)
start = (page - 1) * per_page
end = page * per_page
has_next = True if end < len(deal_seq_nums) else False
has_previous = True if start > 0 else False
deal_seq_nums = deal_seq_nums[start:end]
return render_template('user_history.html',
current_filter=filter_by,
current_page=page,
current_sort=sort,
owner=page_owner,
deal_seq_nums=deal_seq_nums,
has_next=has_next,
has_previous=has_previous)
def show_user_profile(name, filter_by, page, sort):
'''
This method retrieve a list of deals shared or bookmarked by the
user. This method is used to show the user's history on the site.
A user's bookmark is private to the user's eye's only. Abort 404 will be
thrown if a users try to access some other user's bookmark.
'''
#sanity check our inputs
if sort not in sorts:
return abort(404)
#are we trying to retrieve the profile of a non-existent user?
page_owner = User.objects(name=name).first()
if page_owner is None:
return abort(404)
# if we are trying filtering by the correct categories?
if filter_by not in user_history_filters:
return abort(404)
#do not allow other users to see other user's bookmark
current_user = get_current_user()
if filter_by == 'bookmarked' and (current_user == None or
current_user.name != name):
return abort(404)
key = [name, '_', filter_by, '_', sort]
key = ''.join(key)
deal_seq_nums = None
if r.exists(key):
deal_seq_nums = r.lrange(key, 0, -1)
if deal_seq_nums == ['None']:
deal_seq_nums = []
else:
deal_queryset = query_for_deals(page_owner, filter_by, sort)
deal_seq_nums = [deal.sequence_num for deal in deal_queryset]
store_list_of_deals(key, deal_seq_nums)
for deal in deal_queryset:
store_deal(deal)
start = (page - 1) * per_page
end = page * per_page
has_next = True if end < len(deal_seq_nums) else False
has_previous = True if start > 0 else False
deal_seq_nums = deal_seq_nums[start:end]
return render_template('user_history.html', current_filter=filter_by,
current_page=page, current_sort=sort,
owner=page_owner, deal_seq_nums=deal_seq_nums,
has_next=has_next, has_previous=has_previous)
def reset_password():
token = request.args.get('token', None)
if token is None:
abort(404)
name = None
try:
# token must be < 2 days (or 172800 seconds) old
name = signer.loads(token, max_age=172800)
except Exception as e:
abort(404)
user = User.objects(name=name).first()
if user is None:
abort(404)
form = Password_Reset_Form()
if request.method == "POST" and form.validate_on_submit():
new_password = request.form.get('password')
user.change_password(new_password)
return redirect('change_password_success.html')
else:
return render_template('change_password.html', form=form)
def reset_password():
token = request.args.get('token', None)
if token is None:
abort(404)
name = None
try:
# token must be < 2 days (or 172800 seconds) old
name = signer.loads(token, max_age=172800)
except Exception as e:
abort(404)
user = User.objects(name=name).first()
if user is None:
abort(404)
form = Password_Reset_Form()
if request.method == "POST" and form.validate_on_submit():
new_password = request.form.get('password')
user.change_password(new_password)
return redirect('change_password_success.html')
else:
return render_template('change_password.html', form=form)
def load_user(user_id):
return User.objects(id=user_id).first()
def load_user(user_id):
return User.objects(id=user_id).first()