def bef():
if session:
req = str(request)
if ('static'
in req) or (request.method == 'GET'
and 'subfunction' in request.args
and request.args.get('subfunction') == 'get_mess'):
pass
else:
name = session['username']
last_seen = time.time()
query = f"UPDATE accounts SET last_seen='{last_seen}' WHERE name='{name}'"
pgdb(query)
else:
pass
def tokens():
data = request.form
if ('token' in data) and ('secret_key' in data):
token, key = data['token'], data['secret_key']
if key != 'very_secret_key':
response = {
'status': 'fail',
'name': 'wrong secret key between apps!'
}
elif active_keys.exists(token) == 0:
response = {
'status': 'fail',
'name': 'token not in active_keys(no such active user)'
}
else:
name = active_keys.get(token).decode('utf-8')
query = f"SELECT avatar, user_id FROM accounts where name='{name}'"
dbresponse = pgdb(query)
avatar = dbresponse[-1][-2]
user_id = dbresponse[-1][-1]
response = {
'status': 'success',
'name': name,
'avatar': avatar,
'user_id': user_id
}
else:
response = {
'status': 'fail',
'name': 'wrong request! missed token or secret_key!'
}
return response
def auth():
if 'username' in session: # возможно это надо переместить в гет
return redirect(url_for('base'))
elif request.method == 'POST':
data = request.form
if data['subfunction'] == 'auth':
name = data.get('in_name')
password = data['in_password']
query = f"SELECT COUNT(*) FROM accounts where name='{name}' AND password='******' AND status = true;"
dbresponse = pgdb(query)
if dbresponse[-1][-1] == 1:
session['username'] = name
return json.dumps({'status': str(dbresponse[-1][-1])})
elif data['subfunction'] == 'sendmail':
name = data['in_name']
query = f"select count(*) from accounts where name='{name}'"
dbresponse = pgdb(query)
if dbresponse[-1][-1] > 0:
return json.dumps({'status': 'это имя уже занято!'})
email = data['in_email']
password = data['in_password']
checkcode = random.randint(100, 1000)
body = f"Это письмо для регистрации! Проверочный код:{checkcode} Если вы это" \
f" не вы, просто проигнорируйте это письмо! :) "
msg = Message(f"Wasmoh registration for {name}",
recipients=[f"{email}"])
msg.body = f"{body}"
try:
mail.send(msg)
query = (email, name, password, checkcode)
query = f"INSERT INTO accounts (email, name, password, checkcode) VALUES {query}"
pgdb(query)
return json.dumps({'status': 'sent'})
except Exception as err:
print(err)
return json.dumps(
{'status': 'письмо не отправилось, извините!'})
elif request.method == 'GET':
if 'subfunction' not in request.args:
info = active_keys.get('auth').decode('utf-8')
data = {'title': 'Аутентификация', 'info': info}
return render_template('Authentification.html', data=data)
elif request.args['subfunction'] == 'validation':
checkcode = request.args.get('code')
name = request.args.get('name')
query = f"SELECT COUNT(*) FROM accounts WHERE name='{name}' AND checkcode='{checkcode}' "
dbresponse = pgdb(query)
if dbresponse[-1][-1] != 1:
return json.dumps({'status': 'валидация не прошла!'})
else:
query = f"UPDATE accounts SET status=true WHERE name='{name}' AND checkcode={checkcode}"
pgdb(query)
session['username'] = name
return json.dumps({'status': 'валидация успешна!'})
def base():
if request.method == 'GET':
if 'subfunction' not in request.args:
name = session['username']
query = f"SELECT avatar from accounts WHERE name='{name}'"
dbresponse = pgdb(query)
avatar = dbresponse[-1][-1]
data = {'name': name, 'avatar': avatar, 'title': 'чатик'}
return render_template('base.html', data=data)
elif request.args.get('subfunction') == 'get_mess':
last_id = request.args.get('last_id')
query = f"SELECT messages.id, messages.name, message, posting_time, avatar, user_id " \
f"FROM messages join accounts on " \
f"messages.name=accounts.name WHERE messages.id>{last_id} AND address_id=0 " \
f"order by messages.id LIMIT 100 "
dbresponse = pgdb(query)
if dbresponse and dbresponse[-1][-1] == -404:
posts = {'posts': '-404'}
return json.dumps(posts)
else:
posts = [{
'id': i[0],
'author': i[1],
'body': i[2],
'posttime': i[3],
'avatar': i[4],
'user_id': i[5]
} for i in dbresponse]
posts = {'posts': posts}
return json.dumps(posts)
elif request.args.get('subfunction') == 'logout':
session.pop('username', None)
return json.dumps({'status': 'logout'})
elif request.method == 'POST':
data = request.form
name = session['username']
if data['subfunction'] == 'send_mess' and data['text']:
query = (name, data['text'], time.time())
query = f"INSERT INTO messages (name, message, posting_time) VALUES {query}"
dbresponse = pgdb(query)
return {'status': str(dbresponse[-1][-1])}
def allusers():
if request.method == 'GET':
if 'subfunction' not in request.args:
name = session['username']
query = f"SELECT * FROM accounts WHERE status=true"
dbresponse = pgdb(query)
users = [{
'username': i[0],
'avatar': i[5],
'last_seen': i[7]
} for i in dbresponse]
print(users)
data = {'users': users, 'name': name, 'title': 'список юзеров'}
return render_template("allusers.html", data=data)
def settings():
if request.method == 'GET':
if 'subfunction' not in request.args:
name = session['username']
query = f"SELECT avatar, full_avatar FROM accounts where name='{name}'"
dbresponse = pgdb(query)
avatar = dbresponse[-1][0]
full_avatar = dbresponse[-1][1]
data = {
'name': name,
'avatar': avatar,
'full_avatar': full_avatar,
'title': f'Настройки {name}'
}
return render_template("settings.html", data=data)
elif request.args.get(
'subfunction'
) == 'get_pictures': # TODO переделать в коллекцию, пофиксить
path = 'app/static/images'
pictures = [i for i in os.walk(path)]
data = {'pictures': pictures[-1][-1]}
return json.dumps(data)
elif request.args.get('subfunction') == 'change_avatar':
name = session['username']
avatar = request.args.get('avatar')
query = f"UPDATE accounts SET avatar='{avatar}' WHERE name='{name}'"
pgdb(query)
return json.dumps({'status': '??'})
elif request.method == 'POST':
name = session['username']
data = imgrout(request.files['file'], app.config['UPLOAD_FOLDER'])
avatar = data['avatar']
full_avatar = data['full_avatar']
query = f"UPDATE accounts SET avatar='{avatar}', full_avatar='{full_avatar}' WHERE name='{name}'"
pgdb(query)
return redirect(url_for('settings'))
def profile(user_id):
query = f"SELECT * FROM accounts where user_id='{user_id}'"
dbresponse = pgdb(query)
if len(dbresponse) > 0:
user_id = dbresponse[-1][8]
user = dbresponse[-1][0]
name = session['username']
full_avatar = dbresponse[-1][6]
data = {
'user_id': user_id,
'name': name,
'user': user,
'full_avatar': full_avatar,
'title': f'Профиль {user}'
}
return render_template("profile.html", data=data)
else:
return "такого челика нету!"