def socket():
if request.environ.get('wsgi.websocket'):
ws = request.environ['wsgi.websocket']
while True:
try:
message = ws.receive()
if message is not None:
try:
message = json.loads(message)
if message["type"] == "login":
token = message["data"]
user = database_helper.get_email(token)
# We want to log out any previous sessions
if user is not None:
if user in clients:
print("Telling previous user to leave")
msg = {"type": "signout"}
clients[user].send(json.dumps(msg))
clients[user] = ws
# User is None, sign them out anyways
else:
msg = {"type": "signout"}
ws.send(json.dumps(msg))
print(">> Active clients:")
for client in clients:
print(client)
if message["type"] == "get-stats":
token = message["data"]
email = database_helper.get_email(token)
send_stats(False, email)
except TypeError as te:
print te
return ""
else:
# Message is None
break
except WebSocketError, e:
print "Connection closed..."
print e
for user, s in clients.items():
if ws == s:
# Remove socket
del clients[user]
print("Closing socket...")
for user, s in clients.items():
if ws == s:
# Remove socket
del clients[user]
return ""
def is_signed_in():
print "checking if signed in..."
token = request.args.get('token')
email = database_helper.get_email(token)
if email is None:
return jsonify(success=False, message="Not logged in!")
return jsonify(success=True, message="User logged in")
def open_socket():
token = get_param_or_default('token')
email = db.get_email(token)[0]
if (db.is_connected_mail(email)):
db.update_token(email, token)
success("Socket opened")
return json.dumps(output)
def get_user_data_by_token():
token = request.args.get("token")
time_stamp = request.args.get("time")
email = database_helper.get_email(token)
if check_hash("", email, request.args.get("hash"), time_stamp):
return json.dumps({
'success':
False,
'message':
'You are trying to hack a user. You should be ashamed of yourself!'
})
if email is None:
return json.dumps({
'success': False,
'message': 'User is not logged in'
})
else:
data = database_helper.get_user(email)
retData = {
'firstname': data[0],
'familyname': data[1],
'email': data[2],
'gender': data[3],
'city': data[4],
'country': data[5]
}
return json.dumps({
'success': True,
'message': 'Data retrieval successful',
"data": retData
})
def changePass():
token = request.form['token']
token = verify_token(token)
old_Password = request.form['old_password']
new_Password = request.form['new_password']
email = database_helper.get_email(token)
email = email[0]
print email
curr_pw = database_helper.get_password(email)
curr_pw = curr_pw[0]
print curr_pw
if len(new_Password) < 7:
return jsonify(success=False, message="Too short password")
if not email:
return jsonify(success=False, message="Invalid token")
#pw_hash = database_helper.get_password(email)
if (bcrypt.check_password_hash(curr_pw, old_Password)):
#if curr_pw == old_Password:
new_pw_hash = bcrypt.generate_password_hash(new_Password)
database_helper.set_password(email, new_pw_hash)
return jsonify(success=True, message="Password changed successfully")
else:
return jsonify(success=False, message="Wrong password")
def delete_media():
print "Deleting media"
req = request.get_json(force=True)
token = req['token']
pic_id = req['id']
email = database_helper.get_email(token)
if email is None:
return jsonify(success=False, message='User not signed in')
# Get path of file with specific media id
filename = database_helper.retrieve_media(email, pic_id)
if filename is None:
return jsonify(success=False, message='Media file does not exist')
if not database_helper.delete_media(pic_id, email):
return jsonify(success=False, message='Failed to delete media file')
os.remove(filename['path'])
# Successfully deleted media, now download what remains
media_data = database_helper.retrieve_media(email)
if media_data is None:
return jsonify(success=False, message='Failed to download media')
data = create_media(media_data)
return jsonify(success=True, message='Media file deleted!', data=data)
def change_password():
req = request.get_json(force=True)
token = req['token']
old_password = req['old_password']
new_password = req['new_password']
# First see if passwords differ
if old_password == new_password:
return jsonify(success=False, message="Can't use the same password!")
# Is the new password long enough?
if not validate(new_password):
return jsonify(success=False, message="Password has to be at least 5 characters!")
# Use token to get email (also makes sure token is valid and that they are logged in)
email = database_helper.get_email(token)
if email is None:
return jsonify(success=False, message="User is not logged in!")
# Make sure old password is correct
if not database_helper.find_user(email, old_password):
return jsonify(success=False, message="Incorrect password!")
# Try changing the password
if not database_helper.change_password(new_password, email):
return jsonify(success=False, message="Failed to change password!")
return jsonify(success=True, message="Password successfully changed!")
def socket():
if request.environ.get('wsgi.websocket'):
ws = request.environ['wsgi.websocket']
while True:
try:
message = ws.receive()
try:
message = json.loads(message)
if message["type"] == "login":
token = message["data"]
user = database_helper.get_email(token)
# if user already has a connection, send 'signout'
if user in clients:
data = {"type": "signout"}
clients[user].send(json.dumps(data))
# update clients with new user
clients[user] = ws
print "new client logged in..."
for client in clients:
print(client)
if message["type"] == "stats":
# Send data to client
print "Client requested data"
except TypeError:
print("didn't get a JSON")
return ""
except WebSocketError:
print("failed I guess")
break
return ""
def change_password():
token = get_param_or_default("token")
userMail = db.get_email(token)
if userMail != None:
userMail = userMail[0]
oldPassword = get_param_or_default("oldPassword")
newPassword = get_param_or_default("newPassword")
user = db.find_user(userMail)
if user != None:
user = json.loads(user)
if user["password"] == oldPassword:
if len(newPassword) > 5:
db.change_password(userMail, newPassword)
success(SUC_PASSWORD_CHANGED)
else:
err(ERR_PASSWORD_TOO_SHORT)
else:
err(ERR_INVALID_PASSWORD)
else:
err(ERR_USER_NOT_FOUND)
else:
err(ERR_USER_NOT_CONNECTED)
return json.dumps(output)
def close_socket():
email = db.get_email(get_param_or_default('token'))
if email != None:
email = email[0]
socket_dict[email].close()
socket_dict.pop(email)
success("Socket closed")
return json.dumps(output)
def checkLogin(token):
email = database_helper.get_email(token)
email = email[0]
result = database_helper.get_loggedInUsers(email)
if not result:
return False
else:
return True
def autologout():
if request.environ.get('wsgi.websocket'):
ws = request.environ['wsgi.websocket']
while True:
message = ws.receive()
connection.append([ws, database_helper.get_email(message)])
print(connection)
ws.send(message)
return
def postMessage():
token = request.form['token']
message = request.form['message']
recepient = request.form['email']
sender = database_helper.get_email(token)
sender = sender[0]
if checkLogin(token):
database_helper.add_message(sender, recepient, message)
return jsonify(success=True, message="Message sent")
def getUserDataByToken():
token = request.form['token']
email = database_helper.get_email(token)
email = email[0]
if database_helper.get_loggedInUsers(email):
user = database_helper.get_user(email)
if user is None:
return jsonify(success=False, message="User not signed in!")
else:
return jsonify(success=True, message="User data retrieved.", data=user)
def remove_user():
token = get_param_or_default("token")
if db.is_connected(token):
email = db.get_email(token)[0]
db.logout_user(token)
db.remove_user(email)
success(SUC_USER_DELETED)
else:
err(ERR_USER_NOT_CONNECTED)
return json.dumps(output)
def get_user_data_by_token():
token = get_param_or_default("token")
if db.is_connected(token):
user_data = db.find_user(db.get_email(token)[0])
user_data = json.loads(user_data)
user_data.pop("password",None)
success(SUC_GET_USER_DATA,user_data)
else:
err(ERR_USER_NOT_CONNECTED)
return json.dumps(output)
def getUserDataByEmail():
token = request.form['token']
email = request.form['email']
checkuser = database_helper.get_email(token)
checklogin = database_helper.get_loggedInUsers(checkuser[0])
if checklogin:
user = database_helper.get_user(email)
if not user:
return jsonify(success=False, message="User not signed in!")
else:
return jsonify(success=True, message="User data retrieved.", data=user)
def change_profile_pic():
req = request.get_json(force=True)
token = req['token']
pic_id = req['id']
email = database_helper.get_email(token)
if email is None:
return jsonify(success=False, message='User not signed in')
if not database_helper.change_profile_pic(pic_id, email):
return jsonify(success=False, message='Failed to change picture')
return jsonify(success=True, message='Profile picture changed!')
def getUserMessageByToken():
token = request.form['token']
email = database_helper.get_email(token)
email = email[0]
if not email:
return jsonify(success=False, message="Error!")
else:
messages = database_helper.get_messages(email)
if not messages:
return jsonify(success=True, message="No messages for user")
else:
return jsonify(success=True, message="User messages retrieved.", data=messages)
def get_user_messages_by_email():
# Gets the parsed contents of query string
token = request.args.get('token')
email = request.args.get('email')
if database_helper.get_email(token) is None:
return jsonify(success=False, message="You are not logged in!")
user_data = database_helper.get_user_messages_by_email(email)
if user_data is None:
return jsonify(success=False, message="Failed to retrieve messages!")
return jsonify(success=True, message="Messages retrieved!", data=user_data)
def download_media_token():
req = request.get_json(force=True)
token = req['token']
email = database_helper.get_email(token)
if email is None:
return jsonify(success=False, message='User not signed in')
media_data = database_helper.retrieve_media(email)
if media_data is None:
return jsonify(success=False, message='Failed to download media')
data = create_media(media_data)
return jsonify(success=True, message='User media retrieved', data=data)
def post_message():
message = request.form['message']
token = request.form['token']
email = request.form['email']
sender = database_helper.get_email(token)[0]
if database_helper.get_logged_in(token):
if database_helper.in_users(email):
database_helper.post_message(message, token, sender, email)
return json.dumps({"success": True, "message": "Message posted."})
else:
return json.dumps({"success": False, "message": "No such user."})
else:
return json.dumps({"success": False, "message": "You are not signed in."})
def getUserDataByToken():
token = request.form['token']
token = verify_token(token)
print "token i getuserfan: ", token
email = database_helper.get_email(token)
email = email[0]
print "EMAIL 0: ", email
if database_helper.get_loggedInUsers(email):
user = database_helper.get_user(email)
if user is None:
return jsonify(success=False, message="User not signed in!")
else:
return jsonify(success=True, message="User data retrieved.", data=user)
def postMessage():
token = request.form['token']
token = verify_token(token)
check = request.form['check']
check = json.loads(check)
message = request.form['message']
recepient = request.form['email']
sender = database_helper.get_email(token)
sender = sender[0]
if checksum(message, token, check):
if checkLogin(token):
database_helper.add_message(sender, recepient, message)
return jsonify(success=True, message="Message sent")
return jsonify(success=False, message="Message ERROR!")
def connect():
#send message to client with the token
if request.environ.get('wsgi.websocket'):
ws = request.environ['wsgi.websocket']
while True:
user_token = ws.receive()
if user_token != None:
if (db.is_connected(user_token)):
email = db.get_email(user_token)[0]
if email in socket_dict:
db.update_token(email, user_token)
socket_dict[email].close()
socket_dict[email] = ws
success("Socket closed")
return json.dumps(output)
def change_password():
token = request.form['token']
pwd = request.form['pwd']
chgpwd = request.form['chgPwd']
if not database_helper.get_logged_in(token):
return json.dumps({'success': False, 'message': "You are not logged in."})
else:
if len(chgpwd) < 6:
return json.dumps({"success": False, "message": "Error: password must be at least 6 characters long"})
email = database_helper.get_email(token)
validlog = database_helper.check_pwd(email, pwd)
if not validlog:
return json.dumps({'success': False, 'message': "Wrong password."})
database_helper.modify_pwd(email[0], pwd, chgpwd)
return json.dumps({'success': True, 'message': "Password changed."})
def get_user_messages_by_token():
token = request.args.get("token")
time_stamp = request.args.get("time")
if check_hash("", database_helper.get_email(token),
request.args.get("hash"), time_stamp):
return json.dumps({
'success':
False,
'message':
'You are trying to hack a user. You should be ashamed of yourself!'
})
email = database_helper.get_email(token)
if email is None:
return json.dumps({
'success': False,
'message': 'User is not logged in'
})
else:
data = database_helper.get_messages(email)
return json.dumps({
'success': True,
'message': 'Data retrieval successful',
"data": data
})
def getUserMessageByToken():
token = request.form['token']
print "TOKEN I getUserMessagebyToken: ", token
token = verify_token(token)
print "token efter verify: ", token
email = database_helper.get_email(token)
email = email[0]
print "EMAIL I GETUSERMESSSAGEBYTOKEN: ", email
if not email:
return jsonify(success=False, message="Error!")
else:
messages = database_helper.get_messages(email)
if not messages:
return jsonify(success=True, message="No messages for user")
else:
return jsonify(success=True, message="User messages retrieved.", data=messages)
def post_message():
req = request.get_json(force=True)
token = req['token']
# Make sure token is valid
from_user = database_helper.get_email(token)
if from_user is None:
return jsonify(success=False, message="Log in to post a message!")
if not database_helper.post_message(req['message'], from_user, req['email']):
return jsonify(success=False, message="Failed to post message!")
if from_user == req['email']:
send_stats(False, from_user)
else:
send_stats(False, from_user, req['email'])
return jsonify(success=True, message="Message posted!")
def signout():
token = request.form['token']
# Get the email associated with the token, and delete
user = database_helper.get_email(token)
if user is not None:
if clients.get(user) is not None:
del clients[user]
print "removed client..."
for client in clients:
print(client)
if database_helper.signout_user(token):
return jsonify(success=True, message="Logout successful!")
else:
return jsonify(success=False, message="Failed to log out user!")
def post_message():
token = get_param_or_default("token")
receiver = get_param_or_default("email")
message = get_param_or_default("message")
if db.is_connected(token):
sender = db.get_email(token)[0]
if db.find_user(receiver) != None:
if message != "":
db.post_message(sender, receiver, message)
success(SUC_MESSAGE_POSTED)
else:
err(ERR_EMPTY_MESSAGE)
else:
err(ERR_USER_NOT_FOUND)
else:
err(ERR_USER_NOT_CONNECTED)
return json.dumps(output)
def sign_out():
if request.method == 'POST':
token = request.form['token']
i = 0
for user in connection:
if database_helper.get_email(token) == user[1]:
del connection[i]
print(connection)
i = i + 1
if database_helper.remove_token(token):
return json.dumps({
'success': True,
'message': 'signed out successfully!'
})
return json.dumps({
'success': False,
'message': '''token doesn't exist'''
})
def post_message():
token = request.form['token']
# Make sure token is valid
from_user = database_helper.get_email(token)
if from_user is None:
return jsonify(success=False, message="Log in to post a message!")
message_info = {
'message': request.form['message'],
'from_user': from_user,
'to_user': request.form['email']
}
if not database_helper.post_message(message_info):
return jsonify(success=False, message="Failed to post message!")
return jsonify(success=True, message="Message posted!")
def get_user_data_by_email():
# Gets the parsed contents of query string
token = request.args.get('token')
email = request.args.get('email')
if database_helper.get_email(token) is None:
return jsonify(success=False, message="You are not logged in!")
user_data = database_helper.get_user_data_by_email(email)
if user_data is None:
return jsonify(success=False, message="No such user!")
media = []
path = user_data['profile_pic']
media_extension = path.rsplit('.', 1)[1]
with open(path) as m:
media.append([base64.b64encode(m.read()), media_extension])
user_data['profile_pic'] = media
return jsonify(success=True, message="User data retrieved!", data=user_data)
def get_user_data_by_email():
# Gets the parsed contents of query string
token = request.args.get('token')
email = request.args.get('email')
if database_helper.get_email(token) is None:
return jsonify(success=False, message="You are not logged in!")
user_data = database_helper.get_user_data_by_email(email)
if user_data is None:
return jsonify(success=False, message="Failed to retrieve user data!")
data = {
'email': user_data[0],
'firstname': user_data[1],
'familyname': user_data[2],
'gender': user_data[3],
'city': user_data[4],
'country': user_data[5]
}
return jsonify(success=True, message="User data retrieved!", data=data)
def change_password():
if request.method == 'POST':
token = request.form['token']
old_password = request.form['old_password']
new_password = request.form['new_password']
email = database_helper.get_email(token)
if email == False:
return json.dumps({'success': False, 'message': "Invalid token"})
if len(new_password) < 7:
return json.dumps({
'success': False,
'message': '''Password is too short'''
})
db_current_hashed_password = database_helper.get_password(email)
hashed_old_password = hashlib.sha256(old_password).hexdigest()
if hashed_old_password == db_current_hashed_password:
hashed_new_password = hashlib.sha256(new_password).hexdigest()
database_helper.change_password(email, hashed_new_password)
return json.dumps({'success': True, 'message': "Password changed"})
return json.dumps({'success': False, 'message': "Wrong password"})
def signout():
req = request.get_json(force=True)
token = req['token']
# Get the email associated with the token, and delete
user = database_helper.get_email(token)
print ("signing out user..")
if user is not None:
if users.get(user) is not None:
del users[user]
print("3: Current users:")
for user in users:
print(user)
if database_helper.sign_out_user(token):
# Send stats to all users
send_stats(True)
return jsonify(success=True, message="Logout successful!")
else:
return jsonify(success=False, message="Failed to log out user!")
def signOut():
token = request.form['token']
print "TOKEN I SIGNOUT: ", token
token = verify_token(token)
print "TOKEN EFTER SIGNOUT: ", token
email = database_helper.get_email(token)[0]
#global session
if token:
response = database_helper.signOut(token)
del session[email]
if response:
return jsonify(success=True, message="User signed out successfully")
else:
return jsonify(success=False, message="Already logged out")
else:
print "fel i signout", token
return jsonify(success=False, message="No token!")
def post_message():
if request.method == 'POST':
token = request.form['token']
message = request.form['message']
email = request.form['email']
sender = database_helper.get_email(token)
if sender == False:
return json.dumps({
'success': False,
'message': '''Token doesn't exists'''
})
if database_helper.user_exists(email) == False:
return json.dumps({
'success': False,
'message': '''Receiver does not exists'''
})
result = database_helper.post_message(sender, message, email)
if result:
return json.dumps({
'success': True,
'message': '''Message posted successfully'''
})
return json.dumps({'success': False, 'message': '''Invalid message'''})
def changePass():
token = request.form['token']
old_Password = request.form['old_password']
new_Password = request.form['new_password']
email = database_helper.get_email(token)
email = email[0]
print email
curr_pw = database_helper.get_password(email)
curr_pw = curr_pw[0]
print curr_pw
if len(new_Password) < 7:
return jsonify(success=False, message="Too short password")
if not email:
return jsonify(success=False, message="Invalid token")
if curr_pw == old_Password:
database_helper.set_password(email, new_Password)
return jsonify(sucess=True, message="Password changed successfully")
else:
return jsonify(sucess=False, message="Wrong password")
def upload_media():
print("Uploading media file...")
token = request.form['token']
mfile = request.files['file']
email = database_helper.get_email(token)
if email is None:
return jsonify(success=False, message='User not signed in')
if mfile and allowed_format(mfile.filename):
if not os.path.exists(app.config['UPLOAD_FOLDER'] + "/" + email):
os.makedirs(app.config['UPLOAD_FOLDER'] + "/" + email)
filename = secure_filename(mfile.filename)
path = os.path.join(app.config['UPLOAD_FOLDER'] + '/' + email, filename)
errcode = database_helper.store_media(email, path)
if not errcode:
return jsonify(success=False, message='Failed to upload file')
if errcode is 'duplicate':
return jsonify(success=False, message='Filename already exists: ' + filename)
mfile.save(path)
return jsonify(success=True, message='Successfully uploaded file')
return jsonify(success=False, message='Unsupported file format')
def socket():
if request.environ.get('wsgi.websocket'):
ws = request.environ['wsgi.websocket']
while True:
try:
message = ws.receive()
if message is not None:
try:
message = json.loads(message)
if message["type"] == "login":
token = message["data"]
user = database_helper.get_email(token)
# We want to log out any previous sessions
if user is not None:
if user in users:
print("Telling previous user to leave")
msg = {"type": "signout"}
users[user].send(json.dumps(msg))
users[user] = ws
# User is None, sign them out anyways
else:
msg = {"type": "signout"}
ws.send(json.dumps(msg))
print(">> Active users:")
for user in users:
print(user)
if message["type"] == "get-stats":
token = message['token']
user = message.get('email')
visitor = database_helper.get_email(token)
print user
if visitor is not None:
if user is None:
# send to us
send_stats(False, visitor)
else:
# send to both visitor and user
send_stats(False, visitor, user)
else:
print "user logged out"
except TypeError as te:
print te
return ""
else:
# Message is None
break
except WebSocketError, e:
print "Connection closed..."
print e
break
print("Closing socket...")
for user, s in users.items():
if ws == s:
# Remove socket
del users[user]
return ""