Пример #1
0
def recover_password():
    email = request.form['email']
    exists = sess.query(Users).filter_by(email=email).count()
    if exists == 0:
        return jsonify("Can't find that email address")
    elif exists > 1:
        return jsonify("Something terrible has happened")
    else:
        userid = sess.query(Users).filter_by(email=email).one().userid
        now = datetime.datetime.utcnow()
        m = hashlib.sha256()
        for i in [str(userid), str(now), email]:
            m.update(i.encode("utf-8"))
        token = m.hexdigest()
        newrequest = PasswordReset(userid=userid,
                                   token=token,
                                   date=now,
                                   used='f')
        sess.add(newrequest)
        sess.commit()
        resetlink = "https://cartoforum.com/resetpassword?token={}".format(
            token)
        msg = Message('Hello', sender='Cartoforum', recipients=[email])
        msg.body = resetlink
        mail.send(msg)
        return render_template('index.html', status='resetlinksent')
Пример #2
0
def request_invite():
    gid = request.form['gid']
    newinvite = InviteMe(userid=session['userid'],
                         groupid=gid,
                         date=datetime.datetime.utcnow())
    sess.add(newinvite)
    sess.commit()
    return render_template("discovery.html", invite="sent")
Пример #3
0
def cast_vote():
    post = request.args.get('post', 0, type=int)
    vote = request.args.get('vote', 0, type=int)
    v = sess.query(Votes).filter_by(userid=session['userid']).filter_by(postid=post)
    if v.count() > 0:
        v = sess.query(Votes).filter_by(userid=session['userid']).filter_by(postid=post).first()
        v.vote = vote
    else:
        v = Votes(postid=post, userid=session['userid'], vote=vote)
        sess.add(v)
    sess.commit()
    pid = sess.query(Votes).filter_by(userid=session['userid']).filter_by(postid=post).one().postid
    oid = sess.query(Post).filter_by(postid=pid).one().objectid
    score_ind = carto.update_object_stats(oid)
    return jsonify(score_ind)
Пример #4
0
def create_account():
    username = request.form['username']
    email = request.form['email']
    if email in ['email address', '']:
        email = None
    password = request.form['password']
    m = hashlib.sha256()
    m.update(password.encode("utf-8"))
    hashpass = m.hexdigest()
    emailexists = sess.query(Users).filter_by(email=email).count()
    if emailexists > 0 and email is not None:
        return render_template(email)
    else:
        newuser = Users(email=email, password=hashpass, username=username)
        sess.add(newuser)
        sess.commit()
        return render_template('index.html', account='created')
Пример #5
0
def save_thread():
    nick = request.args.get('nick', 0, type=str)
    name = request.args.get('name', 0, type=str)
    ug = sess.query(UsersGroups).filter_by(userid=session['userid']).filter_by(groupid=session['groupid']).one().userid
    if not ug:
        return jsonify("user not permitted to do this")

    t_exists = sess.query(Thread).filter_by(nickname=nick).filter_by(groupid=session['groupid']).count()
    if t_exists == 1:
        return jsonify("group already exists")
    try:
        insert_thread = Thread(nickname=nick, groupid=session['groupid'])
        sess.add(insert_thread)
        sess.commit()
        return jsonify("success")
    except:
        return jsonify("something went wrong")
Пример #6
0
def select_username_for_twitter():
    alt_name = request.form['username']
    userquery = sess.query(Users).filter_by(
        username='******'.format(alt_name)).count()
    if userquery == 0:
        # move on with their alt
        twitterid = sess.query(TwitterUsers).filter_by(
            username=session['twitter_user']).one().oauth_uid
        newuser = Users(username='******'.format(alt_name),
                        password='******',
                        twitterid=twitterid)
        sess.add(newuser)
        sess.commit()
        tulogged = sess.query(Users).filter_by(
            username='******'.format(alt_name)).one()
        session['userid'] = tulogged.userid
        session['logged_in'] = True
        return render_template('groupselect.html', username=alt_name)
    else:
        # offer them a different name
        alt_name = utils.get_alternate_username(session['twitter_user'])
        return render_template('select_username.html', alt_name=alt_name)
Пример #7
0
def save_post():
    threadid = request.form['threadid']
    replyID = request.form['replyID']
    objid = request.form['objid']
    if not objid:
        objid = 0
    text = request.form['text']
    ug = sess.query(UsersGroups).filter_by(userid=session['userid']).filter_by(groupid=session['groupid']).one().userid
    if not ug:
        return jsonify("user not permitted to do this")

    if replyID:
        thread_id = sess.query(Post).filter_by(postid=replyID).one().threadid
        insert_post = Post(userid=session['userid'], groupid=session['groupid'], date=datetime.datetime.utcnow(),
                           responseto=replyID, objectid=objid, postcontent=text, threadid=thread_id)

    else:
        insert_post = Post(userid=session['userid'], groupid=session['groupid'], date=datetime.datetime.utcnow(),
                           objectid=objid, postcontent=text, threadid=threadid)
    sess.add(insert_post)
    sess.commit()
    return jsonify("success")
Пример #8
0
def invite_user():
    invitee = request.args.get('invitee', type=str)
    try:
        inviteeuserid = sess.query(Users).filter_by(
            username=invitee).one().userid
    except:
        return jsonify(response="user doesn't exist")
    inviteexists = sess.query(GroupRequests).filter_by(invitee=inviteeuserid).\
        filter_by(groupid=session['groupid']).count()
    if inviteexists > 0:
        return jsonify(response='invite already exists')
    useringroup = sess.query(UsersGroups).filter_by(
        groupid=session['groupid']).filter_by(userid=inviteeuserid).count()
    if useringroup > 0:
        return jsonify(response='user already in group')
    newinvite = GroupRequests(requester=session['userid'],
                              invitee=inviteeuserid,
                              groupid=session['groupid'],
                              dateissued=datetime.datetime.utcnow(),
                              complete='f')
    sess.add(newinvite)
    sess.commit()
    return jsonify(response='invite sent')
Пример #9
0
def oauth_callback():
    provider = 'google'
    oauth = OAuthSignIn.get_provider(provider)
    username, email = oauth.callback()
    if email is None:
        # I need a valid email address for my user identification
        flash('Authentication failed.')
        return redirect(url_for('index'))
    # Look if the user already exists
    nickname = username
    if username is None or username == "":
        nickname = email.split('@')[0]

    googleuser = sess.query(TwitterUsers).filter_by(username=nickname).filter_by(oauth_provider='google')\
        .count()
    # log in oauth database
    if googleuser == 0:
        gu = TwitterUsers(oauth_provider='google', username=nickname, oauth_uid=nickname)
        sess.add(gu)
        sess.commit()
    else:
        gu = sess.query(TwitterUsers).filter_by(username=nickname).filter_by(oauth_provider='google').first()
        sess.commit()
    # log in users table
    userquery = sess.query(Users).filter_by(username='******'.format(nickname)).count()
    if userquery == 0:
        newuser = Users(username='******'.format(nickname), password='******')
        sess.add(newuser)
        sess.commit()
    tulogged = sess.query(Users).filter_by(username='******'.format(nickname)).one()
    session['userid'] = tulogged.userid
    session['logged_in'] = True
    # check if there's a session groupid, if so they probably came from a viewmap.
    # add them to the group and send them there if it's open
    if session['groupid']:
        opengroup = sess.query(Group).filter_by(groupid=session['groupid']).one().opengroup
        if opengroup:
            adduser_group = UsersGroups(userid=session['userid'], groupid=session['groupid'])
            sess.add(adduser_group)
            sess.commit
            return redirect(url_for('go_to_group'))
    return render_template('groupselect.html', username=nickname)
Пример #10
0
def oauth_authorized(resp):
    next_url = request.args.get('next') or url_for('index')
    if resp is None:
        flash(u'You denied the request to sign in.')
        return redirect(next_url)

    session['twitter_token'] = (resp['oauth_token'],
                                resp['oauth_token_secret'])
    username = resp['screen_name']
    session['twitter_user'] = username
    if session.has_key('groupid'):
        open = sess.query(Group).filter_by(groupid=session['groupid'])
    # check if twitter user has already logged in to cartoforum
    twitteruser = sess.query(TwitterUsers).filter_by(username=username).count()

    flash('You were signed in as %s' % username)
    if twitteruser == 0:
        tu = TwitterUsers(oauth_provider='twitter',
                          username=username,
                          oauth_uid=resp['user_id'],
                          oauth_token=resp['oauth_token'],
                          oauth_secret=resp['oauth_token_secret'])
        sess.add(tu)
        sess.commit()

    else:
        tu = sess.query(TwitterUsers).filter_by(username=username).first()
        tu.oauth_token = resp['oauth_token']
        tu.oauth_secret = resp['oauth_token_secret']
        sess.commit()

    # check if the twitter users screen name has already been taken.
    userquery = sess.query(Users).filter_by(
        username='******'.format(username)).count()

    if userquery == 0:
        # move on with their twitter screen name
        newuser = Users(username='******'.format(username),
                        password='******',
                        twitterid=resp['user_id'])
        sess.add(newuser)
        sess.commit()
    else:
        # this username exists, is the twitterid different from what we have logged?
        twitterid = sess.query(TwitterUsers).filter_by(
            username='******'.format(username)).count()
        if twitterid == 0:
            # offer them a different name
            alt_name = utils.get_alternate_username(session['twitter_user'])
            if not session['groupid']:
                return render_template('select_username.html',
                                       alt_name=alt_name)
        else:
            username = sess.query(Users).filter_by(
                twitterid=resp['user_id']).one().username

    tulogged = sess.query(Users).filter_by(
        username='******'.format(username)).one()
    session['userid'] = tulogged.userid
    session['logged_in'] = True
    if session.has_key('groupid'):
        cur.execute("INSERT INTO usersgroups VALUES ({},{})".format(
            session['userid'], session['groupid']))
        cur.execute(
            "SELECT groupname,bounds from groups where groupid = {}".format(
                session['groupid']))
        pgconnect.commit()
        response = cur.fetchall()
        for row in response:
            groupname = row[0]
            bounds = row[1]
        # Check for group membership, return group name and bounds and username
        user = sess.query(Users).filter_by(userid=session['userid']).one()
        username = user.username
        basemap = user.basemap
        color = user.color
        # TODO: check that user is a member of group
        return render_template('map.html',
                               groupid=session['groupid'],
                               userid=session['userid'],
                               username=username,
                               basemap=basemap,
                               color=color,
                               groupname=groupname,
                               bounds=bounds)
    else:
        return render_template('groupselect.html', username=username)