def recover_password(): email = request.form['email'] exists = sess.query(Users).filter_by(email=email).count() if exists == 0: return jsonify("Can't find that email address") elif exists > 1: return jsonify("Something terrible has happened") else: userid = sess.query(Users).filter_by(email=email).one().userid now = datetime.datetime.utcnow() m = hashlib.sha256() for i in [str(userid), str(now), email]: m.update(i.encode("utf-8")) token = m.hexdigest() newrequest = PasswordReset(userid=userid, token=token, date=now, used='f') sess.add(newrequest) sess.commit() resetlink = "https://cartoforum.com/resetpassword?token={}".format( token) msg = Message('Hello', sender='Cartoforum', recipients=[email]) msg.body = resetlink mail.send(msg) return render_template('index.html', status='resetlinksent')
def request_invite(): gid = request.form['gid'] newinvite = InviteMe(userid=session['userid'], groupid=gid, date=datetime.datetime.utcnow()) sess.add(newinvite) sess.commit() return render_template("discovery.html", invite="sent")
def cast_vote(): post = request.args.get('post', 0, type=int) vote = request.args.get('vote', 0, type=int) v = sess.query(Votes).filter_by(userid=session['userid']).filter_by(postid=post) if v.count() > 0: v = sess.query(Votes).filter_by(userid=session['userid']).filter_by(postid=post).first() v.vote = vote else: v = Votes(postid=post, userid=session['userid'], vote=vote) sess.add(v) sess.commit() pid = sess.query(Votes).filter_by(userid=session['userid']).filter_by(postid=post).one().postid oid = sess.query(Post).filter_by(postid=pid).one().objectid score_ind = carto.update_object_stats(oid) return jsonify(score_ind)
def create_account(): username = request.form['username'] email = request.form['email'] if email in ['email address', '']: email = None password = request.form['password'] m = hashlib.sha256() m.update(password.encode("utf-8")) hashpass = m.hexdigest() emailexists = sess.query(Users).filter_by(email=email).count() if emailexists > 0 and email is not None: return render_template(email) else: newuser = Users(email=email, password=hashpass, username=username) sess.add(newuser) sess.commit() return render_template('index.html', account='created')
def save_thread(): nick = request.args.get('nick', 0, type=str) name = request.args.get('name', 0, type=str) ug = sess.query(UsersGroups).filter_by(userid=session['userid']).filter_by(groupid=session['groupid']).one().userid if not ug: return jsonify("user not permitted to do this") t_exists = sess.query(Thread).filter_by(nickname=nick).filter_by(groupid=session['groupid']).count() if t_exists == 1: return jsonify("group already exists") try: insert_thread = Thread(nickname=nick, groupid=session['groupid']) sess.add(insert_thread) sess.commit() return jsonify("success") except: return jsonify("something went wrong")
def select_username_for_twitter(): alt_name = request.form['username'] userquery = sess.query(Users).filter_by( username='******'.format(alt_name)).count() if userquery == 0: # move on with their alt twitterid = sess.query(TwitterUsers).filter_by( username=session['twitter_user']).one().oauth_uid newuser = Users(username='******'.format(alt_name), password='******', twitterid=twitterid) sess.add(newuser) sess.commit() tulogged = sess.query(Users).filter_by( username='******'.format(alt_name)).one() session['userid'] = tulogged.userid session['logged_in'] = True return render_template('groupselect.html', username=alt_name) else: # offer them a different name alt_name = utils.get_alternate_username(session['twitter_user']) return render_template('select_username.html', alt_name=alt_name)
def save_post(): threadid = request.form['threadid'] replyID = request.form['replyID'] objid = request.form['objid'] if not objid: objid = 0 text = request.form['text'] ug = sess.query(UsersGroups).filter_by(userid=session['userid']).filter_by(groupid=session['groupid']).one().userid if not ug: return jsonify("user not permitted to do this") if replyID: thread_id = sess.query(Post).filter_by(postid=replyID).one().threadid insert_post = Post(userid=session['userid'], groupid=session['groupid'], date=datetime.datetime.utcnow(), responseto=replyID, objectid=objid, postcontent=text, threadid=thread_id) else: insert_post = Post(userid=session['userid'], groupid=session['groupid'], date=datetime.datetime.utcnow(), objectid=objid, postcontent=text, threadid=threadid) sess.add(insert_post) sess.commit() return jsonify("success")
def invite_user(): invitee = request.args.get('invitee', type=str) try: inviteeuserid = sess.query(Users).filter_by( username=invitee).one().userid except: return jsonify(response="user doesn't exist") inviteexists = sess.query(GroupRequests).filter_by(invitee=inviteeuserid).\ filter_by(groupid=session['groupid']).count() if inviteexists > 0: return jsonify(response='invite already exists') useringroup = sess.query(UsersGroups).filter_by( groupid=session['groupid']).filter_by(userid=inviteeuserid).count() if useringroup > 0: return jsonify(response='user already in group') newinvite = GroupRequests(requester=session['userid'], invitee=inviteeuserid, groupid=session['groupid'], dateissued=datetime.datetime.utcnow(), complete='f') sess.add(newinvite) sess.commit() return jsonify(response='invite sent')
def oauth_callback(): provider = 'google' oauth = OAuthSignIn.get_provider(provider) username, email = oauth.callback() if email is None: # I need a valid email address for my user identification flash('Authentication failed.') return redirect(url_for('index')) # Look if the user already exists nickname = username if username is None or username == "": nickname = email.split('@')[0] googleuser = sess.query(TwitterUsers).filter_by(username=nickname).filter_by(oauth_provider='google')\ .count() # log in oauth database if googleuser == 0: gu = TwitterUsers(oauth_provider='google', username=nickname, oauth_uid=nickname) sess.add(gu) sess.commit() else: gu = sess.query(TwitterUsers).filter_by(username=nickname).filter_by(oauth_provider='google').first() sess.commit() # log in users table userquery = sess.query(Users).filter_by(username='******'.format(nickname)).count() if userquery == 0: newuser = Users(username='******'.format(nickname), password='******') sess.add(newuser) sess.commit() tulogged = sess.query(Users).filter_by(username='******'.format(nickname)).one() session['userid'] = tulogged.userid session['logged_in'] = True # check if there's a session groupid, if so they probably came from a viewmap. # add them to the group and send them there if it's open if session['groupid']: opengroup = sess.query(Group).filter_by(groupid=session['groupid']).one().opengroup if opengroup: adduser_group = UsersGroups(userid=session['userid'], groupid=session['groupid']) sess.add(adduser_group) sess.commit return redirect(url_for('go_to_group')) return render_template('groupselect.html', username=nickname)
def oauth_authorized(resp): next_url = request.args.get('next') or url_for('index') if resp is None: flash(u'You denied the request to sign in.') return redirect(next_url) session['twitter_token'] = (resp['oauth_token'], resp['oauth_token_secret']) username = resp['screen_name'] session['twitter_user'] = username if session.has_key('groupid'): open = sess.query(Group).filter_by(groupid=session['groupid']) # check if twitter user has already logged in to cartoforum twitteruser = sess.query(TwitterUsers).filter_by(username=username).count() flash('You were signed in as %s' % username) if twitteruser == 0: tu = TwitterUsers(oauth_provider='twitter', username=username, oauth_uid=resp['user_id'], oauth_token=resp['oauth_token'], oauth_secret=resp['oauth_token_secret']) sess.add(tu) sess.commit() else: tu = sess.query(TwitterUsers).filter_by(username=username).first() tu.oauth_token = resp['oauth_token'] tu.oauth_secret = resp['oauth_token_secret'] sess.commit() # check if the twitter users screen name has already been taken. userquery = sess.query(Users).filter_by( username='******'.format(username)).count() if userquery == 0: # move on with their twitter screen name newuser = Users(username='******'.format(username), password='******', twitterid=resp['user_id']) sess.add(newuser) sess.commit() else: # this username exists, is the twitterid different from what we have logged? twitterid = sess.query(TwitterUsers).filter_by( username='******'.format(username)).count() if twitterid == 0: # offer them a different name alt_name = utils.get_alternate_username(session['twitter_user']) if not session['groupid']: return render_template('select_username.html', alt_name=alt_name) else: username = sess.query(Users).filter_by( twitterid=resp['user_id']).one().username tulogged = sess.query(Users).filter_by( username='******'.format(username)).one() session['userid'] = tulogged.userid session['logged_in'] = True if session.has_key('groupid'): cur.execute("INSERT INTO usersgroups VALUES ({},{})".format( session['userid'], session['groupid'])) cur.execute( "SELECT groupname,bounds from groups where groupid = {}".format( session['groupid'])) pgconnect.commit() response = cur.fetchall() for row in response: groupname = row[0] bounds = row[1] # Check for group membership, return group name and bounds and username user = sess.query(Users).filter_by(userid=session['userid']).one() username = user.username basemap = user.basemap color = user.color # TODO: check that user is a member of group return render_template('map.html', groupid=session['groupid'], userid=session['userid'], username=username, basemap=basemap, color=color, groupname=groupname, bounds=bounds) else: return render_template('groupselect.html', username=username)