Пример #1
0
def post_login( mongodb ):
	if helper.get_user( mongodb ):
		redirect( "/" )
	username = request.forms.get('username')
	password = request.forms.get('password')

	errors = []

	user = mongodb['users'].find_one( { 'name': username } )
	
	#Show same error for both: username does not exist AND incorrect password
	if not user or user['password'] != bcrypt.hashpw( password, user['password'] ):
		errors.append( "badpass" )
	
	if len( errors ) > 0:
		return helper.template( 'user/login', errors=errors, form=request.forms, errorMap=loginErrors )

	session_key = binascii.hexlify( os.urandom( 32 ) )

	mongodb['users'].update(
		{ "name": username },
		{
			"$set": { "session_key": session_key }
		}
	)

	helper.c_set( "session_key", session_key )

	redirect( "/" )
Пример #2
0
def admin(mongodb):
    user = helper.get_user(mongodb)

    if not user or "admin" not in user.get("roles", []):
        redirect("/")

    return helper.template("admin/admin", user=user)
Пример #3
0
def profile( mongodb ):
	user = helper.get_user( mongodb )

	if not user:
		redirect( "/" )

	return helper.template( 'user/profile', user=user )
Пример #4
0
def admin_users(mongodb, search="", index=0, count=10):
    user = helper.get_user(mongodb)

    if not user or "admin" not in user.get("roles", []):
        redirect("/")

    if len(search) == 0:
        users = mongodb["users"].find().skip(index).limit(count)
    else:
        users = mongodb["users"].find({"name": search}).skip(index).limit(count)

    return helper.template("admin/admin", user=user, main=template("admin/users", users=users))
Пример #5
0
def templates( mongodb, search="", index=0, count=10 ):
    user = helper.get_user( mongodb )

    if not user:
        redirect("/")

    if len( search ) == 0:
        templates = mongodb['templates'].find( { "owner": user['_id'] }).skip( index ).limit( count )
    else:
        templates = mongodb['templates'].find( { "owner": user['_id'], "name": { "$regex": search } } ).skip( index ).limit( count )

    return helper.template( 'templates/templates', user=user, templates=templates )
Пример #6
0
def post_signup( mongodb ):
	if helper.get_user( mongodb ):
		redirect( "/" )
	username = request.forms.get('username')
	password1 = request.forms.get('password1')
	password2 = request.forms.get('password2')
	email = request.forms.get('email')

	errors = []

	if len( username ) == 0:
		errors.append( "usernameblank" )

	if len( password1 ) == 0:
		errors.append( "password1blank" )

	if len( password2 ) == 0:
		errors.append( "password2blank" )
	
	if options.email_required and len( email ) == 0:
		errors.append( "emailblank" )

	if mongodb['users'].find( { "name": username } ).count() > 0:
		errors.append( "nametaken" )

	if password1 != password2:
		errors.append( "nomatch" )

	if len( errors ) > 0:
		return helper.template( 'user/signup', errors=errors, form=request.forms, errorMap=signupErrors )

	salt = bcrypt.gensalt()
	hash = bcrypt.hashpw( password1, salt )
	
	user_obj = { 
		'name': username, 
		'password': hash 
	}
		
	mongodb['users'].insert( user_obj )
	
	if email and len(email) > 0:
		helper.add_email( mongodb, username, email )
		helper.send_verification_email( mongodb, username, email )

	redirect( "/login" )
Пример #7
0
def editor( mongodb, filename=None ):
    user = helper.get_user( mongodb )

    if not user:
        redirect( '/' )

    if filename:
        template = mongodb['templates'].find_one( { "owner": user['_id'], "name": filename } )
    else:
        template = helper.new_template( user )

    return helper.template(
        "templates/editor",
        user=user,
        template=template,
        js=['markdown','codemirror.min','jquery.ba-dotimeout.min', 'render','plugins/basic'],
        css=['codemirror','document']
    )
Пример #8
0
def editor( mongodb, template_name=None, document_name=None ):
    user = helper.get_user( mongodb )

    if not user:
        redirect("/")

    if template_name:
        template = mongodb['templates'].find_one( { "owner": user['_id'], "name": template_name } )
        if not template:
            redirect( "/documents" )
        document = { "raw": template['raw'], "name": "", "form": {} }
    elif document_name:
        document = mongodb['document'].find_one( { "owner": user['_id'], "name": document_name } )
        if not document:
            redirect( "/documents" )
    else:
        redirect( "/documents" )

    return helper.template( 'documents/editor', user=user, document=document, js=['jquery.ba-dotimeout.min','markdown','render','plugins/basic'] )
Пример #9
0
def home( mongodb ):
	return helper.template('home', user=helper.get_user(mongodb) )
Пример #10
0
def login( mongodb ):
	if helper.get_user( mongodb ):
		redirect( "/" )
	return helper.template('user/login')
Пример #11
0
def signup( mongodb ):
	if helper.get_user( mongodb ):
		redirect( "/" )
	return helper.template( 'user/signup' )