def del_user(message):
try:
user = Users.get(Users.user_id == message.chat.id)
user.delete_instance()
return True
except:
return False
def log_in(username, password, verbose=False):
'''
Try to log in using the specified credentials
If login is successfull the corresponding Users row is returned
Else False is returned
'''
try:
user = Users.get(Users.username == username)
hashed_password, salt = crypt.salt_hash(
plaintext=password,
salt=user.salt
)
# if verbose:
# print('HASHED_PW:', hashed_password, '\n',
# 'USER PW: ', user.password, '\n',
# 'SALT: ', salt, '\n'
# 'USER SALT', user.salt, '\n',
# 'PASSWORD :'******'\n',
# file=sys.stderr)
if user.password == hashed_password:
return user
else:
return False
except Users.DoesNotExist:
return False
return False
def done(message):
if active:
user = Users.get_or_none(tel_id=message.from_user.id)
if user == None:
Users.create(tel_id=message.from_user.id,
name=message.from_user.first_name,
username=message.from_user.username)
user = Users.get(tel_id=message.from_user.id)
bot.send_message(message.chat.id,
user.name + " был зарегистрирован.")
if not user.done_today:
if user.sick:
bot.reply_to(message, "Видимо вы больше не больны.")
user.sick = False
user.done_today = True
user.done += 1
user.save()
bot.reply_to(
message, f"Тренировка засчитана! Всего выполнено: {user.done}")
fileID = message.photo[-1].file_id
file = bot.get_file(fileID)
downloaded = bot.download_file(file.file_path)
new_img = open("received_img.jpg", "wb")
new_img.write(downloaded)
new_img.close()
bot.reply_to(
message,
f"Предположитнльная продлжительность: {recognise(Image.open('received_img.jpg'))}."
)
else:
bot.reply_to(
message,
f"2 раза за день перебор) Всего выполнено: {user.done}")
def delete_index(username):
user = Users.get(username)
if user:
current_user.delete_index()
return "index for {} deleted".format(username)
else:
return "no user {}".format(username)
def logout(username):
user = Users.get(username)
user_id = user.id
username = user.username
current_user.uncache()
logout_user()
flash("user '{}' ({}) logged out".format(username, user_id))
return redirect(url_for("splash"))
def delete_index(username):
user = Users.get(username)
if user:
current_user.delete_index()
EventLogger.new_event(msg="index for {} deleted".format(user.id))
return "index for {} deleted".format(username)
else:
return "no user {}".format(username)
def test_patch(self):
u = Users.get()
r = requests.patch('http://localhost:9091/user',
json={
"user_id": u.user_id,
"unliked_film_id": u.liked[0]
})
self.assertEqual(r.text, "ok")
def delete_user(userid):
"""
Used to delete an existing user
"""
user = Users.get({"_id":userid})
user.delete()
return redirect(request.referrer)
def deactivate_user(userid):
"""
Used to deactivate a user
"""
user = Users.get({"_id":userid})
user.update({"$set":{user.active.dbfield:False}})
return redirect(request.referrer)
def activate_user(userid):
"""
Used to activate an existing user
"""
user = Users.get({"_id":userid})
user.update({"$set":{user.active.dbfield:True}})
return redirect(request.referrer)
def api_delete_user(user_id):
check_admin()
user = Users.get(user_id)
if not user:
raise APIResourceNotFoundError('user')
localauth = LocalAuth.find_first('where user_id=?',user_id)
user.delete()
localauth.delete()
return dict(user_id=user_id)
def view_for_user(user_id):
'''
Generates the Board and Invite information for the Board Dashboard.
arg: user_id - The User who's Dashboard will be rendered.
return: render_view
'''
user = Users.get(user_id)
board_List = Boards.get_user_boards(user_id)
invite_list = Invitations.get_by_user(user_id)
return render_view('boards/dashboard.html', board_List=board_List, invite_list=invite_list)
def update_share_status(username):
status = request.args.get("status")
user = Users.get(username)
# set user's share status
user.share_profile = (status == "public")
db_sql.session.commit()
user.cache()
log.info("share status for {} set to {}".format(user, status))
return jsonify(user=user.id, share=user.share_profile)
def delete(username):
user = Users.get(username)
username = user.username
user_id = user.id
logout_user()
# the current user is now logged out
try:
user.delete()
except Exception as e:
flash(str(e))
else:
flash("user '{}' ({}) deleted".format(username, user_id))
EventLogger.new_event(msg="{} deleted".format(user_id))
return redirect(url_for("splash"))
def test_post(self):
u = Users.get()
f = Films.get()
r = requests.post('http://localhost:9091/mark',
json={
"user_id": u.user_id,
"film_id": f.film_id,
"result": 1,
})
self.assertEqual(r.text, "ok")
r = requests.post('http://localhost:9091/mark',
json={
"film_id": f.film_id,
"event": "trailer",
})
self.assertEqual(r.text, "ok")
def group_stream(username, activity_id):
def go(user, pool, out_queue):
with app.app_context():
user.related_activities(activity_id,
streams=True,
pool=pool,
out_queue=out_queue)
pool.join()
out_queue.put(None)
out_queue.put(StopIteration)
user = Users.get(username)
pool = gevent.pool.Pool(app.config.get("CONCURRENCY"))
out_queue = gevent.queue.Queue()
gevent.spawn(go, user, pool, out_queue)
gevent.sleep(0)
return Response((sse_out(a) if a else sse_out() for a in out_queue),
mimetype='text/event-stream')
def authenticate():
i = ctx.request.input(remember='')
email = i.email.strip().lower()
password = hashlib.md5(i.password).hexdigest()
remember = i.remember
localauth = LocalAuth.find_first('where user_email=?', email)
print localauth
if localauth is None:
raise APIError('auth:failed', 'email', 'Invalid email')
elif password != localauth.user_password:
raise APIError('auth:failed', 'password', 'Invalid password')
# make session cookie:
max_age = 608400 if remember == 'true' else None
cookie = make_signed_cookie(localauth.user_id, password, max_age)
ctx.response.set_cookie(__COOKIE_NAME, cookie, max_age)
user = Users.get(localauth.user_id)
# print user
return user
def parse_signed_cookie(cookie_str):
try:
L = cookie_str.split('-')
if len(L) != 3:
return None
id, expires, md5 = L
if int(expires) < time.time():
return None
user = Users.get(id)
if user is None:
return None
if md5 != hashlib.md5(
'%s-%s-%s-%s' %
(id, user.email, expires, _COOKIE_KEY)).hexdigest():
return None
return user
except:
return None
def parse_signed_cookie(cookie_str):
'''解析得到的cookie_str对比用户已有的id密码和有效期,如果符合则返回用户的的实例对象'''
try:
L = cookie_str.split('-')
if len(L) != 3:
return None
id, expires, md5 = L
if int(expires) < time.time():
return None
user = Users.get(id)
if user is None:
return None
if md5 != hashlib.md5(
'%s-%s-%s-%s' %
(id, user.password, expires, _COOKIE_KEY)).hexdigest():
return None
return user
except:
return None
def go(query_obj, pool, out_queue):
with app.app_context():
pool2 = gevent.pool.Pool(4)
for username, options in query_obj.items():
user = Users.get(username)
if not user:
continue
# app.logger.debug("async job querying {}: {}"
# .format(user, options))
options.update({"pool": pool, "out_queue": out_queue})
pool2.spawn(user.query_activities, **options)
# user.query_activities(**options)
gevent.sleep(0)
pool2.join()
pool.join()
out_queue.put(None)
out_queue.put(StopIteration)
def resetlink():
"""
Generates and handles the password reset page
"""
form = ResetPassForm()
if form.validate_on_submit():
try:
user = Users.get({"email":form.email.data})
token = user.generate_reset_token()
send_email(user.email,'Resetare parola','users/email/passwdreset',user=user,token=token)
flash('Parola a fost resetata! Va rugam urmati instructiunile primite pe email!',category='alert-success')
return redirect(request.referrer)
except Exception as err:
flash('Adresa de email gresita!',category='alert-danger')
return redirect(request.referrer)
return render_template('users/login.html',pagetitle='Resetare parola',form=form,login=False)
def edit_user(userid):
"""
Used to edit an existing user
"""
user = Users.get({"_id":userid})
form = UserForm()
if form.validate_on_submit():
try:
user.populate_from_form(form)
user.save()
flash('Utilizatorul modificat!', category='alert-success')
return redirect(url_for('users.list_users'))
except Exception as err:
print err
flash('Modificarile nu pot fi salvate!', category='alert-danger')
form = user.fill_form()
return render_template('users/edit.html', pagetitle='Detalii utilizator', form=form)
def parse_signed_cookie(cookie_str):
"""
解析COOKIE
:param cookie_str:
:return:
"""
try:
L = cookie_str.split('-')
if len(L) != 3:
return None
id, expires, md5 = L
if int(expires) < time.time():
return None
user = Users.get(id)
localauth = LocalAuth.find_first('where user_id=?', id)
if user is None:
return None
if md5 != hashlib.md5('%s-%s-%s-%s' % (id, localauth.user_password, expires, __COOKIE_KEY)).hexdigest():
return None
return user
except:
return None
def post(self):
email = self.get_body_argument('email')
password = self.get_body_argument('password')
user = self.user_exists(email)
messages = []
# if user does not exist
if not user:
messages.append("Invalid Email/Password")
return self.render_template("login.html",
{'messages': tuple(messages)})
user = Users.get(Users.email == email)
# https://github.com/pyca/bcrypt#password-hashing
matched = bcrypt.checkpw(tornado.escape.utf8(password),
tornado.escape.utf8(user.hashed_password))
# if incorrect password
if not matched:
messages.append("Invalid Email/Password")
return self.render_template("login.html",
{'messages': tuple(messages)})
# Log in user
self.set_secure_cookie("blog_user", str(user.id))
return self.redirect("/")
def query_activities(username, out_type):
user = Users.get(username)
if user:
options = {
k: toObj(request.args.get(k))
for k in request.args if toObj(request.args.get(k))
}
if not options:
options = {"limit": 10}
anon = current_user.is_anonymous
if anon or (not current_user.is_admin()):
EventLogger.log_request(request,
cuid="" if anon else current_user.id,
msg="{} query for {}: {}".format(
out_type, user.id, options))
else:
return
if out_type == "json":
return jsonify(list(user.query_activities(**options)))
else:
def go(user, pool, out_queue):
options["pool"] = pool
options["out_queue"] = out_queue
user.query_activities(**options)
pool.join()
out_queue.put(None)
out_queue.put(StopIteration)
pool = gevent.pool.Pool(app.config.get("CONCURRENCY"))
out_queue = gevent.queue.Queue()
gevent.spawn(go, user, pool, out_queue)
gevent.sleep(0)
return Response((sse_out(a) if a else sse_out() for a in out_queue),
mimetype='text/event-stream')
def resetpassword(email,token):
"""
Handles the password reset for a given email and token
"""
form = NewPassForm()
if form.validate_on_submit():
try:
user = Users.get({"email":email})
if user.resetpass(token):
user.password = form.password.data
user.save()
flash('Parola schimbata!',category='alert-success')
return redirect(url_for('users.login'))
else:
raise Exception
except:
flash('Token invalid!',category='alert-danger')
return redirect(url_for('users.resetlink'))
return render_template('users/login.html',pagetitle='Resetare parola',form=form,login=False)
def login():
"""
Generates and handles the login for the user
"""
form = LoginForm()
if form.validate_on_submit():
try:
user = Users.get({"email":form.email.data})
if not user.active.value:
flash('Contul tau a expirat! Te rugam contacteaza-ne!', category='alert-danger')
return redirect(request.referrer)
if user.verify_password(form.password.data):
login_user(user,form.remember_me.data)
user.ping()
return redirect('/')
else:
raise Exception('Not authorised',form.email.data)
except Exception as err:
print err
flash('Parola sau adresa de email este invalida!', category='alert-danger')
return render_template('users/login.html', pagetitle='Login',form=form,login=True, current_user=current_user)
async def update_user(user_id: int, user: UserIn_Pydantic):
await Users.filter(id=user_id).update(**user.dict(exclude_unset=True))
return await User_Pydantic.from_queryset_single(Users.get(id=user_id))
async def get_user(user_id: int):
return await User_Pydantic.from_queryset_single(Users.get(id=user_id))
def user_profile(username):
user = Users.get(username)
output = user.info() if user else {}
return jsonify(output)
def settings(user_id):
name = request.form['name']
email = request.form['email']
Users.update(user_id, name, email)
session['user'] = Users.get(user_id)
return '{"status":"success"}'
def activities(username):
user = Users.get(username)
if request.args.get("rebuild"):
user.delete_index()
return render_template("activities.html", user=user)
def main(username):
if current_user.is_authenticated:
# If a user is logged in from a past session but has no record in our
# database (was deleted), we log them out and consider them anonymous
try:
assert current_user.id
except AssertionError:
logout_user()
else:
current_user.update_usage()
user = None
key = username if redis.get("Q:" + username) else ""
if not key:
# note: 'current_user' is the user that is currently logged in.
# 'user' is the user we are displaying data for.
user = Users.get(username)
if not user:
flash("user '{}' is not registered with this app".format(username))
return redirect(url_for('splash'))
date1 = request.args.get("date1") or request.args.get("after", "")
date2 = request.args.get("date2") or request.args.get("before", "")
preset = request.args.get("preset", "")
limit = request.args.get("limit", "")
baselayer = request.args.getlist("baselayer")
ids = request.args.get("id", "")
group = "multi" if key else request.args.get("group", "")
if not ids:
if (not date1) and (not date2):
if preset:
try:
preset = int(preset)
except ValueError:
flash("'{}' is not a valid preset".format(preset))
preset = 7
elif limit:
try:
limit = int(limit)
except ValueError:
flash("'{}' is not a valid limit".format(limit))
limit = 1
elif group:
pass
else:
limit = 10
c1 = request.args.get("c1", "")
c2 = request.args.get("c2", "")
sz = request.args.get("sz", "")
lat = request.args.get("lat")
lng = request.args.get("lng")
zoom = request.args.get("zoom")
autozoom = request.args.get("autozoom") in ["1", "true"]
if (not lat) or (not lng):
lat, lng = app.config["MAP_CENTER"]
zoom = app.config["MAP_ZOOM"]
autozoom = "1"
if current_user.is_anonymous or (not current_user.is_admin()):
event = {
"ip": request.access_route[-1],
"agent": vars(request.user_agent),
"msg": Utility.href(request.url, request.full_path)
}
if not current_user.is_anonymous:
event.update({
"profile": current_user.profile,
"cuid": current_user.id
})
EventLogger.new_event(**event)
paused = request.args.get("paused") in ["1", "true"]
return render_template('main.html',
user=user,
lat=lat,
lng=lng,
zoom=zoom,
ids=ids,
group=group,
key=key,
preset=preset,
date1=date1,
date2=date2,
limit=limit,
autozoom=autozoom,
paused=paused,
baselayer=baselayer,
c1=c1,
c2=c2,
sz=sz)
def view(user_id):
user = Users.get(user_id)
return render_view('users/view.html', user=user)
def __init__(self, username, verbose=False):
self.user = Users.get(username=username)
self.verbose = verbose
def load_user(user_id):
user = Users.get(user_id)
return user
import requests
from models import Users, Films
u = Users.get()
f = Films.get()
r = requests.post('http://localhost:9091/mark',
json={
"user_id": u.user_id,
"film_id": f.film_id,
"result": 1,
})
