def post(postid=None):
isError = False
error = ""
curr_loc = database.get_location(postid)
print curr_loc
curr_comments = database.get_comments(postid)
if request.method == "GET":
if 'username' in session:
user = database.get_user(session['username']);
return render_template("post.html", location=curr_loc,get_timestamp=get_timestamp, comments=curr_comments, get_votes=database.get_votes_pst,postid=postid,session=session,user=user)
return render_template("post.html", location=curr_loc,get_timestamp=get_timestamp, comments=curr_comments, get_votes=database.get_votes_pst,postid=postid,session=session)
else:
if 'username' in session:
user=database.get_user(session['username']);
rated()
postid = postid
if "content" in request.form:
content = request.form['content']
if content == "":
error = "You didn't write anything!"
isError=True
return render_template("post.html", error=error, isError=isError, location=curr_loc, get_timestamp=get_timestamp, comments=curr_comments, get_votes=database.get_votes, postid=postid, session=session, user=user)
elif "username" in session:
author = session['username']
user = database.get_user(author)
database.add_comment(None, content, postid, author)
users.update(
user,
{'$push':{'comments':postid}}
)
#return redirect(url_for("post",postid=postid,session=session))
#return redirect(url_for("post",postid=postid))
return redirect(url_for("post",postid=postid,session=session, isError=isError, error=error))
def signin():
passs = None
uuuu = None
if "logged_in" in session and session['logged_in']:
return redirect(url_for("home_page"))
else:
if request.method == 'POST':
u = request.form['username']
p = request.form['password']
person = database.get_user(u)
if database.get_user(u) == None:
not_u = True
return render_template("login.html", not_u=not_u)
elif person.username == u and person.password == p:
a = database.get_photos_by_user_id(person.id)
session['logged_in'] = True
session['id'] = person.id
session['username'] = person.username
session['password'] = person.password
session['email'] = person.email
session['followers'] = person.followers
session['following'] = person.following
session['profile_pic'] = person.profile_pic
for b in a:
session['pics'] = b.pic
return redirect(url_for("home_page"))
elif person.username == u and person.password != p:
not_p = True
return render_template("login.html", not_p=not_p)
else:
return render_template("login.html")
def user_id_exists(message):
user_id = message.text
user = database.get_user(user_id)
admin_user = database.get_user(message.from_user.id)
if user == None:
bot.send_message(message.from_user.id,
Admin.SELECT_USER_STATUS_BY_ID_FAILED)
elif admin_user.status == Statuses.ADMIN and user.status in [
Statuses.ACTIVE, Statuses.BANNED, Statuses.PENDING
]:
keyboard = create_confirm_user_menu(user)
bot.send_message(message.from_user.id,
Admin.SELECT_USER_STATUS_BY_ID_SUCCESSFUL,
reply_markup=keyboard)
elif admin_user.status == Statuses.SUPERVISOR:
keyboard = create_confirm_user_menu(user)
botutils.add_keys(
keyboard, {
Admin.ADD_ADMIN: f'{Messages.ADD_ADMIN}:{user.telegram_id}',
})
bot.send_message(message.from_user.id,
Admin.SELECT_USER_STATUS_BY_ID_SUCCESSFUL,
reply_markup=keyboard)
else:
bot.send_message(message.from_user.id, Admin.NO_PERMITTIONS)
def edit_schedule():
if not google.authorized:
return redirect(url_for("home"))
user_info = google.get("/oauth2/v1/userinfo").json()
user = database.get_user(user_info["id"])
flash(
"If you have an advanced science lab during Study Hall, enter Study Hall.",
"warning")
try:
if int(user_info['email'][:2]) + 2000 > int(datetime.now().year) + 4:
flash(
"Middle school students are restricted to the manual entry option. Fill in your schedule with all periods (offteam and team) with the exception of Flex and lunch.",
"warning")
except:
pass
if user == None:
hits = 0
else:
last = int(user['_id'].generation_time.timestamp())
now = int(time.time())
if now - last > int(RATE_TIME):
hits = 0
else:
hits = user['hits']
if request.method == "POST":
if hits < int(RATE_NUM):
schedule = {}
for i in range(8):
schedule[str(i)] = {
"teacher_name": f"{request.form.get('t' + str(i))}"
}
if user == None:
PARAMS = {
'username':
"******",
"avatar_url":
"https://classreveal.com/static/img/favicon.png",
"content":
user_info['name'] + " (" +
str(13 - (int(user_info['email'][:2]) -
int(datetime.now().year - 2000))) +
"th grade) joined Class Reveal @ " + str(datetime.now())
}
requests.post(url=WEBHOOK, data=PARAMS)
database.add_user(user_info["id"], user_info["name"], hits + 1,
schedule)
else:
flash("Your account has been rate limited.", "danger")
return redirect(url_for("home"))
user = database.get_user(user_info["id"])
schedule = user["schedule"] if user else ""
return render_template("edit.html", schedule=schedule, user_id=True)
async def on_member_join(member):
server = member.server
print("[" + server.name + "]:", member.name, "(" + member.id + ") joined")
if config.WELCOME_MESSAGE:
# channel = server.get_channel(config.WELCOME_CHANNEL_ID)
channel = get_welcome_channel(server)
if channel is not None:
await client.send_message(channel, "Welcome to " + server.name + ", " + member.mention + "!")
# Register user
database.get_user(member.id)
def test_user(self):
# returns none when user does not exist
self.assertEqual(None, database.get_user("test"))
# is able to successfully create user in database
self.assertEqual(True, create_user("test", "test pass"))
self.assertEqual(UserInDB(username="******", password_hash="test pass"),
database.get_user("test"))
# fails to create duplicate
self.assertEqual(False, create_user("test", "test pass"))
def notify_all_admins_about_delete(admin_id, user_id):
user = database.get_user(user_id)
admin = database.get_user(admin_id)
if admin.status in [Statuses.ADMIN, Statuses.SUPERVISOR]:
subscribed = database.get_all_subscribed_admins()
for subscriber in subscribed:
bot.send_message(
int(subscriber.telegram_id),
Admin.ADMIN_NOTIFICATION_DELETE_USER(admin.character_name,
user.character_name,
user.telegram_id))
def verify_auth_token(token): s = Serializer(app.config['SECRET_KEY']) try: data = s.loads(token) except SignatureExpired: return None # valid token, but expired except BadSignature: facebook_user = db.check_if_FB_token(token) if(facebook_user): user = db.get_user(facebook_user) return user return None # invalid token user = db.get_user(data['username']) return user
def send_img(self, image_string, suffix=''):
file = open(
self.get_path(self.path,
self.xmodule_runtime.xqueue['default_queuename'],
self.location.block_id,
database.get_user(self.xmodule_runtime.user_id)) +
"json_data.txt", "w")
file.write(image_string)
file.close()
sub_analyse.sub_process(
self.path, database.get_user(self.xmodule_runtime.user_id),
self.xmodule_runtime.xqueue['default_queuename'],
self.location.block_id)
def user_mentors(screen_name):
logged_in = flask.session.get('screen_name') == screen_name
with db, db.cursor() as cursor:
user = database.get_user(cursor, screen_name)
if not user:
flask.abort(404)
if flask.request.method == 'POST':
if not logged_in:
flask.abort(403)
mentor_data = api.get(user,
'users/lookup',
screen_name=flask.request.form['screen_name'])
with db, db.cursor() as cursor:
twitter_ids = database.update_twitters(cursor, mentor_data)
database.add_user_mentors(cursor, user.id, twitter_ids)
with db, db.cursor() as cursor:
mentors = database.get_user_mentors(cursor, user.id)
return flask.render_template('user_mentors.html',
logged_in=logged_in,
mentors=mentors)
def login():
login_form = forms.LoginForm(request.form, prefix='login')
register_form = forms.RegisterForm(request.form, prefix='register')
if request.method == 'POST':
if 'login' in request.form:
login_form = forms.LoginForm(request.form, prefix='login')
if login_form.validate():
if login_form.authenticate():
session['username'] = login_form.username.data
return redirect(url_for('home'))
else:
login_form.errors[
'username'] = "******"
elif 'register' in request.form:
if register_form.validate():
if len(database.get_user(register_form.username.data)) == 0:
register_form.save()
session['username'] = register_form.username.data
return redirect(url_for('home'))
else:
register_form.errors[
'username'] = "******"
return render_template('login.html',
login_form=login_form,
register_form=register_form)
def edit_profile():
if 'username' not in session:
return redirect(url_for('login'))
update_form = forms.UpdateForm()
password_form = forms.PasswordForm()
user = database.get_user(session['username'])[0]
update_form.first_name.data = user[1]
update_form.last_name.data = user[2]
update_form.username.data = user[3]
update_form.email.data = user[4]
if request.method == 'POST':
if 'update_profile' in request.form:
update_form = forms.UpdateForm(request.form)
if update_form.validate():
update_form.save(session['username'])
session['username'] = update_form.username.data
elif 'change_password' in request.form:
password_form = forms.PasswordForm(request.form)
if password_form.validate():
password_form.save(session['username'])
elif 'remove' in request.form:
db = database.get_db()
db.execute('delete from users where id=?',
[database.get_user_id(session['username'])])
db.commit()
return redirect(url_for('logout'))
return render_template('edit_profile.html',
register_form=update_form,
password_form=password_form)
def do(self):
super().do()
if len(self.args) == 0:
return f"""Available packs: {', '.join([f"{k.capitalize()}: {database.packs[k]['cost']}" for k in database.packs.keys()])}"""
if len(self.args) == 1:
if database.get_user(self.sender.id) is None:
return "forgot to do !start"
elif self.args[0] not in database.packs.keys():
return f"Valid packs include: {str([k for k in database.packs.keys()])}"
elif database.get_balance(self.sender) - database.packs[self.args[0]]["cost"] < 0:
return "please do not put yourself in debt"
else:
count = database.packs[self.args[0]]["count"]
pack = database.buy_pack(self.sender, self.args[0], count)
if pack:
embed = discord.Embed(title=f"{(self.args[0]).capitalize()}: Discovery", color=discord.Color.green())
# change the values so they work in discord.py
embed.set_author(name=self.sender.name, icon_url=self.sender.avatar_url)
b = np.array(pack)
a = [f"{util.escape_underscore(s[0])} :: {s[1]} :: {s[2]}" for s in b[:, 2:]]
embed.add_field(name="Cards", value="\n".join(a), inline=False)
return None, embed
else:
return f"command {self.name} has too many or too few arguments ( {self.args})"
def get_user(username):
# escape username
username = escape(username)
result = database.get_user(username)
if result == []:
return "[]"
return dumps((result.name, str(result.id), result.score))
def register():
"""
Api.register method
arguments: [username, password]
returns: empty body
201 -- registration success
400 -- wrong arguments
409 -- username exists
500 -- internal error
"""
if not request.json \
or not 'username' in request.json or len(request.json['username']) == 0 \
or not 'password' in request.json or len(request.json['password']) == 0:
abort(400)
conn = conn_get()
user = database.get_user(conn, request.json['username'])
if user is not None:
abort(409)
user = {
'username': request.json['username'],
'password': generate_password_hash(request.json['password']),
}
database.add_user(conn, user)
conn.commit()
return "", 201
def change_password():
"""
Api.change_password method
arguments: [password]
returns: empty body
200 -- password changed
400 -- wrong arguments
403 -- wrong authorization
500 -- internal error
"""
if not request.json or not 'password' in request.json or len(
request.json['password']) == 0:
abort(400)
if not request.json['password'].isalnum():
abort(400)
conn = conn_get()
user = database.get_user(conn, AUTH.username())
user['password'] = generate_password_hash(request.json['password'])
database.update_user(conn, user)
conn.commit()
return ""
def register():
if logged_in():
return redirect(url_for('home'))
error = None
if request.method == 'POST':
email = request.form['email']
username = request.form['username']
password1 = request.form['password1']
password2 = request.form['password2']
if database.get_user(username):
error = 'Username already taken.'
elif password1 != password2:
error = 'Passwords do not match.'
else:
database.add_user(
email, username,
bcrypt.hashpw(password1.encode('utf-8'), bcrypt.gensalt()),
get_time(time.time()))
if not os.path.isdir(app.config['upload_folder'] + username + '/'):
os.mkdir(app.config['upload_folder'] + username + '/')
session['username'] = username
app.logger.info(username + ' account created')
return redirect(url_for('home'))
return render_template('register.html', pagetitle='Register', error=error)
def user_check_routine(message): if message.chat.type != 'private': bot.send_message(message.chat.id, 'Я працюю лише в особистих повідомленнях!') return False user = database.get_user(message.chat.id) if not user: bot.send_message(message.chat.id, 'Натисни /start, щоб почати.') return False if user['state'] == 'init': text = "Реєстрацію ще не завершено! Надішли мені своє ім'я, щоб я знав, як до тебе звертатися." bot.send_message(message.chat.id, text) return False if user['state'] == 'waiting_for_phone': text = "Реєстрацію ще не завершено! Надішли мені свій номер телефону (або 0, якщо не хочеш давати його) щоб наші оператори могли з тобою зв'язатися." bot.send_message(message.chat.id, text) return False if user['state'] == 'change_name': text = 'Спочатку потрібно закінчити зміну імені. Як до тебе звертатися?' bot.send_message(message.chat.id, text) return False if user['state'] == 'change_phone': text = 'Спочатку потрібно закінчити зміну номеру. Надішли мені номер телефону або 0, якщо не хочеш давати його.' bot.send_message(message.chat.id, text) return False return True
def set_language(user):
"""Sets message language when using callback
"""
if not db.get_user(user.id):
i18n.set('locale', user.lang)
else:
i18n.set('locale', db.get_user_setting(user.id, 'lang'))
def reset():
if logged_in():
return redirect(url_for('home'))
message = None
if request.method == 'POST':
email = request.form['email']
username = request.form['username']
password1 = request.form['password1']
password2 = request.form['password2']
user = database.get_user(username)
if not user:
message = 'User does not exist.'
elif password1 != password2:
message = 'Passwords do not match'
elif not user['email'] != email:
app.logger.info(username + ' used invalid email at reset')
message = 'Incorrect email'
else:
database.update_user(
username,
bcrypt.hashpw(password1.encode('utf-8'), bcrypt.gensalt()),
email, user['description'])
session['username'] = username
app.logger.info(username + ' password reset successful')
return redirect(url_for('home'))
return render_template('reset.html', pagetitle='Reset', message=message)
def authenticate_user(username: str, password: str):
user = database.get_user(username)
if user is None:
return None
if not pwd_context.verify(password, user.password_hash):
return None
return user
def login():
layout_login = [[sg.Text('Come on, log in to the system!')],
[sg.Text('Username:'******'username')],
[
sg.Text('Password:'******'password', password_char='*')
], [sg.Button('Login'),
sg.Button('Exit')]]
window_login = sg.Window('Login Hash', layout_login)
while True:
event, values = window_login.read()
if event in (None, 'Exit'):
break
elif event in ('Login'):
try:
username = values['username']
password = values['password']
layout_login_logged = [[sg.Text('Hey \'' + username + '\'!')],
[sg.Button('Exit')]]
if db.get_user(username, password):
window_login.close()
window_login = sg.Window('Login Hash', layout_login_logged)
else:
sg.Popup('User not found.')
except Exception as e:
print(e)
window_login.close()
main()
def read_user(credentials: HTTPBasicCredentials = Depends(security)):
logger.info("a user has accessed read_user account")
pipe = statsd_client.pipeline()
pipe.incr('read_user_counts')
pipe.send()
with statsd_client.timer('read_user_api_timer'):
try:
user_info = get_user(credentials.username)
except:
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
print(user_info)
hashed_password = user_info[5]
password = credentials.password.encode('utf8')
print(type(password))
if bcrypt.checkpw(password, hashed_password.encode()):
return {
'email': user_info[0],
'firstname': user_info[1],
'lastname': user_info[2],
'account_created': user_info[3],
'account_updated': user_info[4],
'user_id': user_info[6]
}
else:
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
def get_user(username):
# escape username
username = escape(username)
result = database.get_user(username)
if result == []:
return "[]"
return dumps((result.name, str(result.id), result.score))
def expire_user_challenges():
"""
POST /challenges/_expire
When invoked, this endpoint will go through all the expired challenges and
update the status of all users who have accepted this challenge.
:param challenge_id:
:param user_id:
:return:
"""
import ipdb
ipdb.set_trace()
expired_user_challenges = database.get_expired_challenges()
for user_challenge in expired_user_challenges:
user_id = user_challenge.get('userIdentifier')
user = database.get_user(user_id)
fitbit_api = fitbit.Fitbit('227QRF', 'aacdb90aaaa175c50e0556e1a50f35ab',
access_token=user.get('fitbit_access_token'))
activity_stats = fitbit_api.activity_stats(user_id=user.get('fitbit_id'))
steps = activity_stats['lifetime']['tracker']['steps']
challenge_id = user_challenge.get('challengeIdentifier')
uc = database.get_user_challenge(user_id, challenge_id)
challenge = database.get_challenge(challenge_id)
if (steps - uc.get('user_total_step_count_on_start')) >= challenge.get('steps_to_unlock'):
database.user_challenge_complete(user_id, challenge_id, challenge.get('reward_points'))
user = [{
'challengeId': 777,
'userId': 333
}]
return Response(json.dumps(user), status=httplib.CREATED, mimetype='application/json')
def get_user(username, type_="Student"):
db = current_app.config["db"]
user_id, username, password, typ = db.get_user(username, type_)
user = User(user_id, username, password, typ) if password else None
if user is not None:
user.is_admin = db.is_chief(user.username)
return user
def profile(username):
list1 = []
if "logged_in" in session and session['logged_in']:
a = True
following = False
user = database.get_user(username)
pics = database.get_photos_by_user_id(user.id)
followers = database.get_followers_for(user.id)
for i in pics:
a = i.id
list1.append(a)
list1.sort(reverse=True)
if user.id == session["id"]:
a = False
for i in range(len(followers)):
if followers[i].followed_by == session["id"]:
following = True
return render_template("profilepage.html",
user=user,
pics=pics,
a=a,
following=following)
else:
return redirect(url_for("home_page"))
async def upload_schedule(params, message):
send = message.channel.send
if len(params) > 0:
if params[0] == "help":
await send(upload_schedule_help + "\n\n" + rounding_warning)
elif params[0] == "example":
await send(upload_schedule_example)
else:
if len(message.attachments) == 0:
await send("Please attach the file with your message")
else:
user = database.get_user(message.author.id)
if user != 0:
attached = message.attachments[0]
schedule = await attachment_to_bytes(attached)
if process(schedule.decode("utf-8"), user) == 0:
await send(
"Failed to process schedule, please " +
"check that the formatting is correct, see " +
"'!upload_schedule example' for an example")
else:
await send(
"No errors detected while processing schedule")
else:
await send("Please set your time-zone before uploading")
async def show_schedule(params, message):
global loaded_intervals
global owner
owner = 0
loaded_intervals = []
user = database.get_user(message.author.id)
if not user or user.intervals == []:
await message.channel.send('No intervals found for %s.' %
message.author.name)
return
else:
await message.channel.send("%s's timezone is UTC%d" %
(message.author.name, user.timezone))
await message.channel.send("Intervals (UTC adjusted):")
text = ""
iterator = 0
owner = user.discord_id
for i in user.intervals:
text += "%d: %s\n" % (iterator, str(i))
loaded_intervals.append(i.get_id())
iterator += 1
await message.channel.send(text)
await message.channel.send(
"Use the left most number to delete the interval with !remove_interval"
)
def post(self):
json_data = request.get_json(force=True)
mood = json_data['mood']
username = json_data['user']
user = db.get_user(username)['user']
changed = db.change_mood(user, mood)
return changed
def post(self):
# Retrieve JSON Data
json_data = request.get_json(force=True)
text = json_data['text']
token = json_data['token']
username = json_data['user']
# Google Sentiment Results
results = analyze(text)
multiply = (10 * results['score']) * (10 * results['mag'])
# Instantiate Spotify & User objects
sp = spotipy.Spotify(auth=token)
currUser = db.get_user(username)['user']
# Return Songs to User Based on Mood
if multiply < -50:
mood = "negative"
elif multiply > 50:
mood = "positive"
else:
mood = "neutral"
if currUser.current == mood:
return ({"moodChanged": False, "data": m.get_songs(sp, currUser)})
else:
currUser.current = mood
db.write_updates(currUser)
return ({"moodChanged": True, "data": m.get_songs(sp, currUser)})
async def work(self, ctx):
user = get_user(ctx.author.id)
if user[5] == None:
embed_failure = discord.Embed(
title="Job",
description=f"You don't have a job. :x:",
colour=discord.Colour.red())
embed_failure.set_author(name=ctx.author,
icon_url=str(ctx.author.avatar_url))
return await ctx.send(embed=embed_failure)
job = get_job_by_id(user[5])
robux = randint(*job["robux_payment"])
self.give_robux(ctx.author.id, robux)
embed_success = discord.Embed(title="Job",
description=job["message"].format(robux),
colour=discord.Colour.green())
embed_success.set_author(name=ctx.author,
icon_url=str(ctx.author.avatar_url))
await ctx.send(embed=embed_success)
def select(update: Update, _: CallbackContext):
query = update.callback_query
user = query.from_user
user_fields = get_user(user.id)
user_skills = get_skills(user.id)
end_text = "*С вами хочет пообщаться пользователь, вот его анкета:*"
end_text += get_questionnaire({**user_fields, **user_skills})
reply_keyboard = [[
InlineKeyboardButton("Отменить",
callback_data='decline_' + str(user.id)),
InlineKeyboardButton("Подтвердить!",
callback_data='confirm_' + str(user.id))
]]
to_user = query.data.split('_')[1]
approve_create(user.id, to_user)
updater.bot.send_message(user.id,
"Ваша анкета отправлена пользователю")
updater.bot.send_message(to_user,
end_text,
reply_markup=InlineKeyboardMarkup(
reply_keyboard, one_time_keyboard=True),
parse_mode='Markdown')
def get(cls, username):
logging.info("Retrieving user {0}.".format(username))
result = get_user(username)
if result is not None:
username = result.username
hash = result.hash
return User(username, hash)
return None
def get_user():
user = database.get_user()
abc = {'user':'******'}
a=[]
for i in user:
a.append(i)
u = {'data':a}
print a
#return 'abc'
return jsonify(u)
def verify_password(username_or_token, password): # first try to authenticate by token user = User.verify_auth_token(username_or_token) if not user: # try to authenticate with username/password user = db.get_user(username_or_token) if not user or not user.verify_password(password): return False g.user = user return True
def login():
form = request.form
user = LoginUser(form)
uuids = get_user(user)
if uuids is None or len(uuids) != 1:
return redirect('/')
session['uuid'] = uuids[0]
return redirect('/home')
def myposts(username=None):
user = database.get_user(username)
ids = user['bizcuits'];
print ids
#locs = database.get_locations()
locs = [database.get_location(i) for i in ids]
locs = [x for x in locs if x != None]
print locs
#locs = [x for x in locs if x['author'] == user]
#print locs
#print user['username']
return render_template("myposts.html",locations=locs, session=session,get_timestamp=get_timestamp, username=username)
def rated():
if request.method == "POST":
if "username" in session:
user = database.get_user(session['username'])
if "upvote" in request.form:
_id = request.form['upvote']
loc = database.get_location(_id)
locations.update(loc,{'$pull':{'downvotes':user['_id']},'$push':{'upvotes':user['_id']}},upsert=False,multi=False)
#locations.update(loc,{'$push':{'upvotes':user['_id']}},upsert=False,multi=False)
elif "downvote" in request.form:
_id = request.form['downvote']
loc = database.get_location(_id)
locations.update(loc,{'$pull':{'upvotes':user['_id']},'$push':{'downvotes':user['_id']}},upsert=False,multi=False)
def main(user, mentors):
db = database.connect()
with db, db.cursor() as cursor:
user = database.get_user(cursor, user)
mentor_data = api.get(user, 'users/lookup', screen_name=','.join(mentors))
unknown = {m.lower() for m in mentors} - {m['screen_name'].lower() for m in mentor_data}
if unknown: logging.warning('unknown screen names: %s', unknown)
with db, db.cursor() as cursor:
mentor_ids = database.update_twitters(cursor, mentor_data)
database.add_user_mentors(cursor, user.id, mentor_ids)
def main(user, path, params):
db = database.connect()
with db, db.cursor() as cursor:
user = database.get_user(cursor, user)
all_data = []
cursor = -1 # cursor=-1 requests first page
while cursor: # cursor=0 means no more pages
logging.info('loading cursor=%d', cursor)
data = api.get(user, path, cursor=cursor, **params)
cursor = data['next_cursor']
all_data.append(data)
print(json.dumps(all_data, indent=2))
def get(self):
current_li = database.get_current_li()
item = db.get(db.Key.from_path('Item', int(self.request.get('item_id'))))
li = db.GqlQuery("SELECT * FROM LoginInformation WHERE user_id = :1", item.created_by_id).get()
token = ""
if database.users.get_current_user():
token = database.get_current_li().create_xsrf_token()
feedback = db.GqlQuery("SELECT * FROM ItemFeedback WHERE item_id = :1 ORDER BY created_at DESC", str(item.key().id()))
buyer = database.get_user(item.highest_bid_id)
rating = None
if current_li:
f = database.db.GqlQuery("SELECT * FROM UserFeedback WHERE for_user_id = :1 AND created_by_id = :2", li.user_id, current_li.user_id)
if f.count() > 0:
rating = int(f.get().rating)
database.render_template(self, 'items/view_item.html', {'item': item, 'li': li, 'feedback': feedback, 'buyer': buyer, 'rating':rating, 'xsrf_token' : token})
def index():
rated()
locs = database.get_locations()
locs = database.sort_votes(locs)
paginator = range(1, int(math.ceil(len(locs)/10.0))+1)
page=1
if request.method=="GET":
page = request.args.get('page')
if page==None:
page=1
page = int(page)
locs = database.paginate(locs, page)
if 'username' in session:
user = database.get_user(session['username']);
return render_template("front.html", session=session,users=users,locations=locs,get_timestamp=get_timestamp, get_votes=database.get_votes_pst,user=user, page=page, paginator=paginator)
return render_template("front.html", session=session,users=users,locations=locs,get_timestamp=get_timestamp, get_votes=database.get_votes_pst, page=page,paginator=paginator)
def login():
if request.method == 'GET':
return render_template('index.html')
elif request.method == 'POST':
f = request.form
if database.login(f['username'], f['password']):
session['username'] = f['username']
user = database.get_user(f['username'])
if user[2]: # user is staff
return render_template('staff-dashboard.html')
else:
return redirect('/search-books/')
else:
return render_template('index.html', login_error='Invalid username and password')
else:
return 'wtf!'
def login():
if request.method == 'POST':
current_app.logger.info("Logging in: {0}".format(request.form['username']))
user = get_user(request.form['username'])
if user is not None:
username = user.username
hash = user.hash
user = User(username, hash)
if user.is_correct_password(request.form['password']):
login_user(user, remember=True)
current_app.logger.info("Logged in: {0}".format(user.username))
next = request.args.get('next')
if not next_is_valid(next):
return abort(400)
return jsonify({'result': 'success'})
return render_template('layout.html')
def user_activity(user_id):
"""
GET /user/<user_id>/activity
:param user_id:
:param status:
:return:
"""
user = database.get_user(user_id)
print(user)
access_token = user.get('fitbit_access_token')
totalPoints = user.get('points')
fitbit_api = fitbit.Fitbit('4KRQ6L', 'aacdb90aaaa175c50e0556e1a50f35ab',access_token=access_token)
activity_stats = fitbit_api.activity_stats(user_id=user.get('fitbit_id'))
resp = {
'steps': activity_stats['lifetime']['tracker']['steps'],
'points': totalPoints
}
return Response(json.dumps(resp), status=httplib.OK, mimetype='application/json')
def submit():
error = ""
isError = False
if request.method == "POST":
name = request.form['locationName']
address = request.form['streetAddress']
zipcode = request.form['zipcode']
desc = request.form['desc']
if name == "" or address == "" or zipcode == "" or desc == "":
error = "You forgot to fill out something!"
return render_template("submit.html", error=error, isError=True)
postid = database.add_location(None, name, address, session['username'], zipcode, desc)
if postid:
#submission should work here
user = database.get_user(session['username'])
users.update(user,{'$push':{'bizcuits':postid}})
return redirect(url_for('post', postid=postid))
print "The location already exists."
return redirect(url_for("submit"))
elif request.method == "GET":
return render_template("submit.html", error=error, isError=isError)
def register():
"""
Rekisteröi uuden käyttäjän.
TODO
"""
username = request.form["username"]
key = request.form["key"]
# Validoidaan syötteet:
if not username:
return json("fail", {"username": "******"})
if not key or not (7 < len(key) < 500):
return json("fail", {"key": "invalid key"})
existing_user = db.get_user(username)
if existing_user:
return json("fail", {"username": "******"})
uid = db.add_user(username, key)
return json("success", {"id": str(uid)})
def user_mentors(screen_name):
logged_in = flask.session.get('screen_name') == screen_name
with db, db.cursor() as cursor:
user = database.get_user(cursor, screen_name)
if not user:
flask.abort(404)
if flask.request.method == 'POST':
if not logged_in:
flask.abort(403)
mentor_data = api.get(user, 'users/lookup', screen_name=flask.request.form['screen_name'])
with db, db.cursor() as cursor:
twitter_ids = database.update_twitters(cursor, mentor_data)
database.add_user_mentors(cursor, user.id, twitter_ids)
with db, db.cursor() as cursor:
mentors = database.get_user_mentors(cursor, user.id)
return flask.render_template('user_mentors.html', logged_in=logged_in, mentors=mentors)
def user_statistics(screen_name):
with db, db.cursor() as cursor:
user = database.get_user(cursor, screen_name)
if not user:
flask.abort(404)
follow_day_counts = as_timestamps(database.get_user_follow_day_counts(cursor, user.id))
unfollow_day_counts = as_timestamps(database.get_user_unfollow_day_counts(cursor, user.id))
follower_day_counts = as_timestamps(database.get_twitter_follower_day_counts(cursor,
user.twitter_id))
leader_day_counts = as_timestamps(database.get_twitter_leader_day_counts(cursor,
user.twitter_id))
follow_rate = average_daily_rate(follow_day_counts) or 0
follow_rate_week = average_daily_rate(follow_day_counts, days=7) or 0
unfollow_rate = average_daily_rate(unfollow_day_counts) or 0
unfollow_rate_week = average_daily_rate(unfollow_day_counts, days=7) or 0
follower_rate = average_daily_rate(follower_day_counts)
follower_rate_week = average_daily_rate(follower_day_counts, days=7)
leader_rate = average_daily_rate(leader_day_counts)
leader_rate_week = average_daily_rate(leader_day_counts, days=7)
return flask.render_template('user_statistics.html', **locals())
def index_user(id):
user = database.get_user(id)
user_email = user['email']
token = db.create_token(user['dbkey'],user['dbsecret'])
ds = database.DataStore()
session = db.get_session()
client = db.get_client(user,session)
blacklisted_paths = ['/1Password.agilekeychain']
ignore_extensions = ['.ppk','.pem','.pgp','.gpg','.ssh']
index_path = get_index_dir(id)
ix = None
if not os.path.exists(index_path):
print 'Creating index dir:',index_path
os.mkdir(index_path)
ix = create_in(index_path,get_schema())
else:
ix = open_dir(index_path)
def get_path(p):
path_data = ds.get_path_for_user(id,p)
if path_data:
print 'returning path from db'
hash = path_data['metadata']['hash']
try:
x = client.metadata(p,hash=hash)
except rest.ErrorResponse,e:
if e.status == 304: #Not modified - return last stored metadata
return path_data
else:
raise
metadata = client.metadata(p)
path_data = ds.set_path_for_user(id,p,metadata)
return path_data
def user_challenge(challenge_id, user_id):
"""
:param challenge_id:
:param user_id:
:return:
"""
# TODO: Prerna; Get users total step count from fitbit and set it to 'user_fitbit_total_steps' below
user = database.get_user(user_id)
action = fitbit_id = request.args.get('action', '')
if action == 'reject':
challenge = database.destroy_user_challenge(challenge_id, user_id)
user = {}
else:
access_token = user.get('fitbit_access_token')
fitbit_api = fitbit.Fitbit('227QRF', 'aacdb90aaaa175c50e0556e1a50f35ab',access_token=access_token)
activity_stats = fitbit_api.activity_stats(user_id=user.get('fitbit_id'))
steps = activity_stats['lifetime']['tracker']['steps']
database.user_challenge(user_id, challenge_id, user_fitbit_total_steps=steps)
user = {
'challengeId': challenge_id,
'userId': user_id
}
return Response(json.dumps(user), status=httplib.CREATED, mimetype='application/json')
def lookup_current_user():
flask.g.user = None
if "openid_url" in flask.session:
flask.g.user = database.get_user(flask.session["openid_url"])
def login(self):
cookie = self.request.cookies.get("user_id")
user = get_user(authenticate_cookie(cookie))
self.user = user
def lookup_current_user():
flask.g.user = None
if 'openid_url' in flask.session:
flask.g.user = database.get_user(flask.session['openid_url'])
def decorator(*args, **kwargs):
logging.error("\nNEW REQUEST:")
if not "Authorization" in request.headers:
logging.error("Authorization header missing")
return json("fail", {"authorization": "authorization header is required"})
# Poimitaan Authorization-headerin parametrit:
auth_header = request.headers["Authorization"]
auth_params = [param.split("=") for param in auth_header.split(",")]
auth_dict = {k: v[1:-1] for k, v in auth_params}
# Tarkastetaan timestamp:
if time.time() - float(auth_dict["timestamp"]) > TIMESTAMP_LIMIT:
logging.error("Old timestamp")
return json("fail", {"timestamp": "old timestamp"})
# Etsitään käyttäjä tietokannasta:
user = db.get_user(urllib.unquote(auth_dict["username"]))
if not user:
logging.error("User not found")
return json("fail", {"username": "******"})
# Etsitään asiakassovellus tietokannasta:
client = db.get_client(urllib.unquote(auth_dict["client"]))
if not client:
logging.error("Client not found")
return json("fail", {"client": "client not found"})
# Poimitaan pyynnön data:
method = request.method
if method in ["GET", "DELETE"]:
data_src = request.args
else:
data_src = request.form
data = {escape(k): escape(v) for k, v in data_src.iteritems()}
logging.error("DATA=" + str(data))
# Kerätään parametrit allekirjoitusta varten:
params = {
"username": auth_dict["username"],
"client": auth_dict["client"],
"timestamp": auth_dict["timestamp"],
}
signature_params = dict(params.items() + data.items())
# Kääritään parametrit yhteen merkkijonoon:
root_url = request.url.split("?")[0]
if not root_url.startswith("http://"):
root_url = "http://" + root_url
params_str = "&".join(["%s=%s" % (key, signature_params[key])
for key in sorted(signature_params)])
base_string = "&".join([method, escape(root_url), escape(params_str)])
logging.error("BASE_STR=" + base_string)
# Luodaan allekirjoitus:
signing_key = client["key"] + "&" + user["key"]
hashed = hmac.new(signing_key.encode("utf-8"), base_string.encode("utf-8"), sha1)
signature = escape(base64.b64encode(hashed.hexdigest()))
# Tarkastetaan vastaako luotu allekirjoitus pyynnön allekirjoitusta:
if signature != auth_dict["signature"]:
logging.error("Incorrect signature, base_string=" + base_string)
return json("fail", {"signature": "incorrect signature"})
# Allekirjoitus oikein -> autorisointi onnistui:
logging.error("Auth success")
g.user = user
return f(*args, **kwargs)
