Exemplo n.º 1
0
def delete_url(url_id):
    #check_admin()
    url = Url.get(url_id)
    if url is None:
        raise APIResourceNotFoundError('url')
    close_url(url)
    raise seeother('/index')
Exemplo n.º 2
0
def callback():
    i = ctx.request.input(code="")
    code = i.code
    client = _create_client()
    r = client.request_access_token(code)
    logging.info("access token: %s" % json.dumps(r))
    access_token, expires_in, uid = r.access_token, r.expires_in, r.uid
    client.set_access_token(access_token, expires_in)
    u = client.users.show.get(uid=uid)
    logging.info("got user: %s" % uid)
    users = db.select("select * from users where id=?", uid)
    user = dict(
        name=u.screen_name,
        image_url=u.avatar_large or u.profile_image_url,
        statuses_count=u.statuses_count,
        friends_count=u.friends_count,
        followers_count=u.followers_count,
        verified=u.verified,
        verified_type=u.verified_type,
        auth_token=access_token,
        expired_time=expires_in,
    )
    if users:
        db.update_kw("users", "id=?", uid, **user)
    else:
        user["id"] = uid
        db.insert("users", **user)
    _make_cookie(uid, access_token, expires_in)
    raise seeother("/")
Exemplo n.º 3
0
def callback():
    i = ctx.request.input(code='')
    code = i.code
    client = _create_client()
    r = client.request_access_token(code)
    logging.info('access token: %s' % json.dumps(r))
    access_token, expires_in, uid = r.access_token, r.expires_in, r.uid
    client.set_access_token(access_token, expires_in)
    u = client.users.show.get(uid=uid)
    logging.info('got user: %s' % uid)
    users = db.select('select * from users where id=?', uid)
    user = dict(name=u.screen_name, \
            image_url=u.avatar_large or u.profile_image_url, \
            statuses_count=u.statuses_count, \
            friends_count=u.friends_count, \
            followers_count=u.followers_count, \
            verified=u.verified, \
            verified_type=u.verified_type, \
            auth_token=access_token, \
            expired_time=expires_in)
    if users:
        db.update_kw('users', 'id=?', uid, **user)
    else:
        user['id'] = uid
        db.insert('users', **user)
    _make_cookie(uid, access_token, expires_in)
    raise seeother('/')
Exemplo n.º 4
0
def auth_signin():
    '''
    Redirect to sina sign in page.
    '''
    ctx.response.set_cookie(COOKIE_REDIRECT, _get_referer())
    client = APIClient(app_key=APP_KEY, app_secret=APP_SECRET, redirect_uri=CALLBACK)
    raise seeother(client.get_authorize_url())
Exemplo n.º 5
0
def attachments():
    i = ctx.request.input(action='', page='1', size='20')
    if i.action == 'delete':
        delete_attachment(i.id)
        raise seeother('attachments')
    page = int(i.page)
    size = int(i.size)
    num = db.select_int('select count(id) from attachments where website_id=?',
                        ctx.website.id)
    if page < 1:
        raise APIValueError('page', 'page invalid.')
    if size < 1 or size > 100:
        raise APIValueError('size', 'size invalid.')
    offset = (page - 1) * size
    atts = db.select(
        'select * from attachments where website_id=? order by id desc limit ?,?',
        ctx.website.id, offset, size + 1)
    next = False
    if len(atts) > size:
        atts = atts[:-1]
        next = True
    return Template('templates/attachments.html',
                    attachments=atts,
                    page=page,
                    previous=page > 2,
                    next=next)
Exemplo n.º 6
0
def callback():
    i = ctx.request.input(code='')
    code = i.code
    client = _create_client()
    r = client.request_access_token(code)
    logging.info('access token: %s' % json.dumps(r))
    access_token, expires_in, uid = r.access_token, r.expires_in, r.uid
    client.set_access_token(access_token, expires_in)
    u = client.users.show.get(uid=uid)
    logging.info('got user: %s' % uid)
    users = db.select('select * from users where id=?', uid)
    user = dict(name=u.screen_name, \
            image_url=u.avatar_large or u.profile_image_url, \
            statuses_count=u.statuses_count, \
            friends_count=u.friends_count, \
            followers_count=u.followers_count, \
            verified=u.verified, \
            verified_type=u.verified_type, \
            auth_token=access_token, \
            expired_time=expires_in)
    if users:
        db.update_kw('users', 'id=?', uid, **user)
    else:
        user['id'] = uid
        db.insert('users', **user)
    _make_cookie(uid, access_token, expires_in)
    raise seeother('/')
Exemplo n.º 7
0
def articles():
    i = ctx.request.input(action='', page='1')
    if i.action == 'edit':
        article = _get_article(i.id)
        return Template('templates/articleform.html',
                        form_title=_('Edit Article'),
                        form_action='/api/articles/update',
                        categories=_get_categories(),
                        static=False,
                        **article)
    if i.action == 'delete':
        api_delete_article()
        raise seeother('articles')
    page = int(i.page)
    previous = page > 1
    next = False
    articles = _get_articles(page, 51, published_only=False)
    if len(articles) == 51:
        articles = articles[:-1]
        next = True
    return Template('templates/articles.html',
                    page=page,
                    previous=previous,
                    next=next,
                    categories=_get_categories(),
                    articles=articles)
Exemplo n.º 8
0
def index_interceptor(next):
    logging.info('try to check user from session cookie...')
    user = ctx.request.user
    if user is not None:
        logging.info('user is not None...')
        return next()
    raise seeother('/signin')
Exemplo n.º 9
0
def pages():
    i = ctx.request.input(action='')
    if i.action=='edit':
        page = _get_page(i.id)
        return Template('/templates/articleform.html', form_title=_('Edit Page'), form_action='/api/pages/update', static=True, **page)
    if i.action=='delete':
        api_delete_page()
        raise seeother('pages')
    return Template('templates/pages.html', pages=_get_pages())
Exemplo n.º 10
0
def signout():
    delete_session_cookie()
    redirect = ctx.request.get('redirect', '')
    if not redirect:
        redirect = ctx.request.header('REFERER', '')
    if not redirect or redirect.find('/admin/')!=(-1) or redirect.find('/signin')!=(-1):
        redirect = '/'
    logging.debug('signed out and redirect to: %s' % redirect)
    raise seeother(redirect)
Exemplo n.º 11
0
def auth_signin():
    '''
    Redirect to sina sign in page.
    '''
    ctx.response.set_cookie(COOKIE_REDIRECT, _get_referer())
    client = APIClient(app_key=APP_KEY,
                       app_secret=APP_SECRET,
                       redirect_uri=CALLBACK)
    raise seeother(client.get_authorize_url())
Exemplo n.º 12
0
def signout():
    delete_session_cookie()
    redirect = ctx.request.get('redirect', '')
    if not redirect:
        redirect = ctx.request.header('REFERER', '')
    if not redirect or redirect.find('/admin/')!=(-1) or redirect.find('/signin')!=(-1):
        redirect = '/'
    logging.debug('signed out and redirect to: %s' % redirect)
    raise seeother(redirect)
Exemplo n.º 13
0
def auth_callback():
    '''
    Callback from sina, then redirect to previous url.
    '''
    code = ctx.request.input(code='').code
    if not code:
        raise seeother('/s/auth_failed')
    client = APIClient(app_key=APP_KEY,
                       app_secret=APP_SECRET,
                       redirect_uri=CALLBACK)
    r = client.request_access_token(code)
    access_token = r.access_token
    expires = r.expires_in
    uid = r.uid
    # get user info:
    client.set_access_token(access_token, expires)
    account = client.users.show.get(uid=uid)
    image = account.get(u'profile_image_url', u'about:blank')
    logging.info('got account: %s' % str(account))
    name = account.get('screen_name', u'') or account.get('name', u'')

    id = u'weibo_%s' % uid
    user = auth.fn_load_user(id)
    if user:
        # update user if necessary:
        db.update('update user set name=?, oauth_image=?, oauth_access_token=?, oauth_expires=? where id=?', \
                name, image, access_token, expires, id)
    else:
        db.insert('user', \
                id = id, \
                name = name, \
                oauth_access_token = access_token, \
                oauth_expires = expires, \
                oauth_url = u'http://weibo.com/u/%s' % uid, \
                oauth_image = image, \
                admin = False)
    # make a signin cookie:
    cookie_str = auth.make_session_cookie(id, access_token, expires)
    logging.info('will set cookie: %s' % cookie_str)
    redirect = ctx.request.cookie(COOKIE_REDIRECT, '/')
    ctx.response.set_cookie(auth.COOKIE_AUTH, cookie_str, expires=expires)
    ctx.response.delete_cookie(COOKIE_REDIRECT)
    raise seeother(redirect)
Exemplo n.º 14
0
def auth_from_weibo():
    provider = 'SinaWeibo'
    p = sns.create_client(provider)
    redirect = _get_redirect(excludes='/auth/')
    callback = 'http://%s/auth/callback/weibo?redirect=%s' % (
        ctx.request.host, urllib.quote(redirect))
    jscallback = ctx.request.get('jscallback', '')
    if jscallback:
        callback = '%s&jscallback=%s' % (callback, jscallback)
    raise seeother(p.get_authorize_url(callback))
Exemplo n.º 15
0
def categories():
    i = ctx.request.input(action='')
    if i.action=='add':
        return Template('templates/categoryform.html', form_title=_('Add Category'), form_action='/api/categories/create')
    if i.action=='edit':
        cat = _get_category(i.id)
        return Template('templates/categoryform.html', form_title=_('Edit Category'), form_action='/api/categories/update', **cat)
    if i.action=='delete':
        api_delete_category()
        raise seeother('categories')
    return Template('templates/categories.html', categories=_get_categories())
Exemplo n.º 16
0
def open_url(url_id):
    #check_admin()
    url = Url.get(url_id)
    if url is None:
        raise APIResourceNotFoundError('url')
    ##之前不是关闭状态
    if url.status != 0:
        raise APIResourceNotFoundError('url')
    url.status = 1
    url.update()
    raise seeother('/index')
Exemplo n.º 17
0
def auth_callback():
    '''
    Callback from sina, then redirect to previous url.
    '''
    code = ctx.request.input(code='').code
    if not code:
        raise seeother('/s/auth_failed')
    client = APIClient(app_key=APP_KEY, app_secret=APP_SECRET, redirect_uri=CALLBACK)
    r = client.request_access_token(code)
    access_token = r.access_token
    expires = r.expires_in
    uid = r.uid
    # get user info:
    client.set_access_token(access_token, expires)
    account = client.users.show.get(uid=uid)
    image = account.get(u'profile_image_url', u'about:blank')
    logging.info('got account: %s' % str(account))
    name = account.get('screen_name', u'') or account.get('name', u'')

    id = u'weibo_%s' % uid
    user = auth.fn_load_user(id)
    if user:
        # update user if necessary:
        db.update('update user set name=?, oauth_image=?, oauth_access_token=?, oauth_expires=? where id=?', \
                name, image, access_token, expires, id)
    else:
        db.insert('user', \
                id = id, \
                name = name, \
                oauth_access_token = access_token, \
                oauth_expires = expires, \
                oauth_url = u'http://weibo.com/u/%s' % uid, \
                oauth_image = image, \
                admin = False)
    # make a signin cookie:
    cookie_str = auth.make_session_cookie(id, access_token, expires)
    logging.info('will set cookie: %s' % cookie_str)
    redirect = ctx.request.cookie(COOKIE_REDIRECT, '/')
    ctx.response.set_cookie(auth.COOKIE_AUTH, cookie_str, expires=expires)
    ctx.response.delete_cookie(COOKIE_REDIRECT)
    raise seeother(redirect)
Exemplo n.º 18
0
def manage_interceptor(next):
    """

    :param next:
    :return: :raise seeother:
    """
    user = ctx.request.user
    if user:
        localauth = LocalAuth.find_first('where user_id=?', user.user_id)
        if localauth.user_admin:
            return next()
    raise seeother('/signin')
Exemplo n.º 19
0
def pages():
    i = ctx.request.input(action='')
    if i.action == 'edit':
        page = _get_page(i.id)
        return Template('/templates/articleform.html',
                        form_title=_('Edit Page'),
                        form_action='/api/pages/update',
                        static=True,
                        **page)
    if i.action == 'delete':
        api_delete_page()
        raise seeother('pages')
    return Template('templates/pages.html', pages=_get_pages())
Exemplo n.º 20
0
def close_url(url_id):
    #check_admin()
    url = Url.get(url_id)
    if url is None:
        raise APIResourceNotFoundError('url')
    ##之前不是关闭状态
    if url.status != 1:
        raise APIResourceNotFoundError('url')
    url.status = 0

    ##todo:这里还有很多事情要做,比如关闭监听,需要删除之前抓的网页
    url.update()
    raise seeother('/index')
Exemplo n.º 21
0
def _manage(app, func):
    if ctx.user is None:
        raise seeother('/auth/signin')
    mod = _apps.get(app, None)
    if mod is None:
        raise notfound()
    fn = getattr(mod, func, None)
    if fn is None:
        raise notfound()
    r = fn()
    if isinstance(r, Template):
        r.model['__user__'] = ctx.user
        r.model['__apps__'] = _apps_list
        return r
Exemplo n.º 22
0
def _manage(app, func):
    if ctx.user is None:
        raise seeother('/auth/signin')
    mod = _apps.get(app, None)
    if mod is None:
        raise notfound()
    fn = getattr(mod, func, None)
    if fn is None:
        raise notfound()
    r = fn()
    if isinstance(r, Template):
        r.model['__user__'] = ctx.user
        r.model['__apps__'] = _apps_list
        return r
Exemplo n.º 23
0
def articles():
    i = ctx.request.input(action='', page='1')
    if i.action=='edit':
        article = _get_article(i.id)
        return Template('templates/articleform.html', form_title=_('Edit Article'), form_action='/api/articles/update', categories=_get_categories(), static=False, **article)
    if i.action=='delete':
        api_delete_article()
        raise seeother('articles')
    page = int(i.page)
    previous = page > 1
    next = False
    articles = _get_articles(page, 51, published_only=False)
    if len(articles)==51:
        articles = articles[:-1]
        next = True
    return Template('templates/articles.html', page=page, previous=previous, next=next, categories=_get_categories(), articles=articles)
Exemplo n.º 24
0
def categories():
    i = ctx.request.input(action='')
    if i.action == 'add':
        return Template('templates/categoryform.html',
                        form_title=_('Add Category'),
                        form_action='/api/categories/create')
    if i.action == 'edit':
        cat = _get_category(i.id)
        return Template('templates/categoryform.html',
                        form_title=_('Edit Category'),
                        form_action='/api/categories/update',
                        **cat)
    if i.action == 'delete':
        api_delete_category()
        raise seeother('categories')
    return Template('templates/categories.html', categories=_get_categories())
Exemplo n.º 25
0
def do_signin():
    i = ctx.request.input(remember='')
    email = i.email.strip().lower()
    passwd = i.passwd
    remember = i.remember
    if not email or not passwd:
        return dict(email=email, remember=remember, error=_('Bad email or password'))
    us = db.select('select id, passwd from users where email=?', email)
    if not us:
        return dict(email=email, remember=remember, error=_('Bad email or password'))
    u = us[0]
    if passwd != u.passwd:
        logging.debug('expected passwd: %s' % u.passwd)
        return dict(email=email, remember=remember, error=_('Bad email or password'))
    expires = time.time() + _SESSION_COOKIE_EXPIRES if remember else None
    make_session_cookie(u.id, passwd, expires)
    ctx.response.delete_cookie(_COOKIE_SIGNIN_REDIRECT)
    raise seeother(ctx.request.cookie(_COOKIE_SIGNIN_REDIRECT, '/'))
Exemplo n.º 26
0
def attachments():
    i = ctx.request.input(action='', page='1', size='20')
    if i.action=='delete':
        delete_attachment(i.id)
        raise seeother('attachments')
    page = int(i.page)
    size = int(i.size)
    num = db.select_int('select count(id) from attachments where website_id=?', ctx.website.id)
    if page < 1:
        raise APIValueError('page', 'page invalid.')
    if size < 1 or size > 100:
        raise APIValueError('size', 'size invalid.')
    offset = (page - 1) * size
    atts = db.select('select * from attachments where website_id=? order by id desc limit ?,?', ctx.website.id, offset, size+1)
    next = False
    if len(atts)>size:
        atts = atts[:-1]
        next = True
    return Template('templates/attachments.html', attachments=atts, page=page, previous=page>2, next=next)
Exemplo n.º 27
0
def auth_callback_weibo():
    provider = 'SinaWeibo'
    p = sns.create_client(provider)

    callback = 'http://%s/manage/setting/auth_callback_weibo' % ctx.request.host
    i = ctx.request.input(code='', state='')
    code = i.code
    if not code:
        raise IOError('missing code')
    state = i.state
    r = p.request_access_token(code, callback)
    thirdpart_id = r['uid']
    info = p.users.show.get(uid=thirdpart_id)
    name = info['screen_name']
    auth_id = '%s-%s' % (provider, thirdpart_id)
    auth_token = r['access_token']
    expires_time = r['expires']
    db.update('delete from snstokens where auth_provider=?', provider)
    SNSTokens(auth_id=auth_id, auth_provider=provider, auth_name=name, auth_token=auth_token, expires_time=expires_time).insert()
    raise seeother('/manage/setting/snstokens')
Exemplo n.º 28
0
def do_signin():
    i = ctx.request.input(remember='')
    email = i.email.strip().lower()
    passwd = i.passwd
    remember = i.remember
    if not email or not passwd:
        return dict(email=email,
                    remember=remember,
                    error=_('Bad email or password'))
    us = db.select('select id, passwd from users where email=?', email)
    if not us:
        return dict(email=email,
                    remember=remember,
                    error=_('Bad email or password'))
    u = us[0]
    if passwd != u.passwd:
        logging.debug('expected passwd: %s' % u.passwd)
        return dict(email=email,
                    remember=remember,
                    error=_('Bad email or password'))
    expires = time.time() + _SESSION_COOKIE_EXPIRES if remember else None
    make_session_cookie(u.id, passwd, expires)
    ctx.response.delete_cookie(_COOKIE_SIGNIN_REDIRECT)
    raise seeother(ctx.request.cookie(_COOKIE_SIGNIN_REDIRECT, '/'))
Exemplo n.º 29
0
def auth_callback_weibo():
    provider = 'SinaWeibo'
    p = sns.create_client(provider)

    callback = 'http://%s/manage/setting/auth_callback_weibo' % ctx.request.host
    i = ctx.request.input(code='', state='')
    code = i.code
    if not code:
        raise IOError('missing code')
    state = i.state
    r = p.request_access_token(code, callback)
    thirdpart_id = r['uid']
    info = p.users.show.get(uid=thirdpart_id)
    name = info['screen_name']
    auth_id = '%s-%s' % (provider, thirdpart_id)
    auth_token = r['access_token']
    expires_time = r['expires']
    db.update('delete from snstokens where auth_provider=?', provider)
    SNSTokens(auth_id=auth_id,
              auth_provider=provider,
              auth_name=name,
              auth_token=auth_token,
              expires_time=expires_time).insert()
    raise seeother('/manage/setting/snstokens')
Exemplo n.º 30
0
def manage_index():
	raise seeother('/manage/comments')
Exemplo n.º 31
0
def manage_interceptor(next):
    user = ctx.request.user
    if user and user.admin:
        return next()
    raise seeother('/signin')
Exemplo n.º 32
0
def signout():
    ctx.response.delete_cookie(_COOKIE_NAME)
    raise seeother('/')
Exemplo n.º 33
0
def signin():
    if ctx.request.user:
        raise seeother('/')
    return dict()
Exemplo n.º 34
0
def signin():
    client = _create_client()
    raise seeother(client.get_authorize_url())
Exemplo n.º 35
0
def signout():
    ctx.response.set_cookie(_COOKIE, "deleted", max_age=0)
    raise seeother("/")
Exemplo n.º 36
0
def manage_index():
    raise seeother('/manage/requests')
Exemplo n.º 37
0
 def _wrapper(*args, **kw):
     u = ctx.user
     if u and u.role<=role:
         return func(*args, **kw)
     raise seeother('/auth/signin')
Exemplo n.º 38
0
def auth_callback_weibo():
    provider = 'SinaWeibo'
    p = sns.create_client(provider)

    redirect = _get_redirect(excludes='/auth/')
    callback = 'http://%s/auth/callback/%s' % (ctx.request.host, provider)
    i = ctx.request.input(code='', state='')
    code = i.code
    if not code:
        raise IOError('missing code')
    state = i.state
    r = p.request_access_token(code, callback)

    thirdpart_id = r['uid']
    auth_id = '%s-%s' % (provider, thirdpart_id)
    auth_token = r['access_token']
    expires = r['expires']

    user = None
    auser = AuthUsers.select_one('where auth_id=?', auth_id)
    if auser:
        # already signed in before:
        auser.auth_token = auth_token
        auser.expires = expires
        auser.update()
        user = Users.get_by_id(auser.user_id)
        make_session_cookie(provider, auser._id, auth_token, expires)
    else:
        # not signed in before, so try to get info:
        info = p.users.show.get(uid=thirdpart_id)
        user_id = db.next_id()
        email = info['email'] if 'email' in info else '%s@tmp' % user_id
        name = info['screen_name']
        image_url = info['profile_image_url']
        user = Users(_id=user_id,
                     role=ROLE_GUEST,
                     binds=provider,
                     email=email,
                     name=name,
                     image_url=image_url,
                     passwd='')
        auser = AuthUsers( \
            user_id = user_id, \
            auth_id = auth_id, \
            auth_provider = provider, \
            auth_token = auth_token, \
            expires_time = expires \
        )
        with db.transaction():
            user.insert()
            auser.insert()
        make_session_cookie(provider, auser._id, auth_token, expires)
    jscallback = ctx.request.get('jscallback', '')
    if jscallback:
        ctx.response.write(
            r'''<html><body><script>
                window.opener.%s({'id': '%s', 'name': '%s', 'image_url': '%s'});
                self.close();
            </script></body></html>''' %
            (jscallback, user._id, user.name.replace('\'', '\\\'').replace(
                '\n', '').replace('\r', ''), user.image_url))
        return
    raise seeother('/')
Exemplo n.º 39
0
def auth_signout():
    '''
    Sign out and redirect to previous page.
    '''
    ctx.response.delete_cookie(auth.COOKIE_AUTH)
    raise seeother(_get_referer())
Exemplo n.º 40
0
def redirect_wikipage(pid):
    p = _get_wikipage(pid)
    if p is None:
        raise notfound()
    raise seeother('/wiki/%s/%s' % (p.wiki_id, pid))
Exemplo n.º 41
0
def index():
    raise seeother('/manage/')
Exemplo n.º 42
0
def manage_index():
    raise seeother('/manage/requests')
Exemplo n.º 43
0
def manage_index():
    raise seeother('/manage/pageviews')
Exemplo n.º 44
0
def index():
    raise seeother('/manage/')
Exemplo n.º 45
0
def manage_interceptor(next):
    logging.info('MANAGE_INTERCEPTOR')
    user = ctx.request.user
    if user and user.admin:
        return next()
    raise seeother('/signin')
Exemplo n.º 46
0
def manage_index():
    raise seeother('/manage/reviews')
Exemplo n.º 47
0
def signout():
    ctx.response.set_cookie(_COOKIE, 'deleted', max_age=0)
    raise seeother('/')
Exemplo n.º 48
0
def auth_signout():
    '''
    Sign out and redirect to previous page.
    '''
    ctx.response.delete_cookie(auth.COOKIE_AUTH)
    raise seeother(_get_referer())
Exemplo n.º 49
0
def manage_index():
    raise seeother('/manage/comments')
Exemplo n.º 50
0
def signin():
    client = _create_client()
    raise seeother(client.get_authorize_url())
Exemplo n.º 51
0
def register():
    if ctx.request.user:
        raise seeother('/')
    return dict()
Exemplo n.º 52
0
def signout():
    ctx.response.set_cookie(_COOKIE, 'deleted', max_age=0)
    raise seeother('/')
Exemplo n.º 53
0
def manage_index():
    raise seeother('/task_list')
Exemplo n.º 54
0
Arquivo: urls.py Projeto: zhu327/blog
def manage_index():
    raise seeother('/manage/blogs')
Exemplo n.º 55
0
def signout():
	ctx.response.delete_cookie(_COOKIE_NAME)
	raise seeother('/')
Exemplo n.º 56
0
def manage_interceptor(next):
    # 对URL/manage/进行拦截,检查当前用户是否是管理员身份
    user = ctx.request.user
    if user and user.admin:
        return next()
    raise seeother('/signin')
Exemplo n.º 57
0
def manage_interceptor(next):
	user = ctx.request.user
	if user and user.admin:
		return next()
	raise seeother('/signin')
Exemplo n.º 58
0
def manage_index():
    raise seeother('/manage/posts')