def post(self): data = request.form print data if len(set(['name', 'cost', 'payer', 'buyins']) & set([x for x in data])) == 4: # Validate that users involved have accounts # Extract payer id payer = User.objects(username=data['payer']) payer_id = payer[0].id # Extract ids of those who buy in buyins = User.objects(username__in=data['buyins']) buyin_ids = map(lambda x: x.id, buyins) purchase = Purchase(name=data['name'], cost=data['cost'], payer=payer_id, buyins=buyin_ids, time=datetime.datetime.now()) purchase.save() debt_up_to_date = self.updateDebt(purchase) return jsonify({'res': True, 'messsage': 'Purchase added', 'debts': debt_up_to_date}) return jsonify({'res': False, 'message': 'default'})
def test_user_password(self, testapp): """ Test password hashing and checking """ admin = User('admin', 'supersafepassword') assert admin.username == 'admin' assert admin.check_password('supersafepassword')
def qq_weibo_get_code(): code = request.args['code'] openid = request.args['openid'] openkey = request.args['openkey'] qqbot = db.session.query(Bot).filter(Bot.type == 1).one() bot = qqbot.build_bot() resp = bot.request_access_token(code) resp.openid = openid resp.openkey = openkey logger.debug(resp) u = db.session.query(User).filter(User.openid == openid) if u.count(): u = u.one() u.assign(resp) else: u = User() u.assign(resp) db.session.add(u) logger.info('Created new user <%s %s>' % (u.name, u.openid)) db.session.commit() if not u.token: u.generate_token() return 'your arm server token: %s' % (u.token)
def staff_group_add(cid, email, aid): assign = Assignment.query.filter_by(id=aid, course_id=cid).one_or_none() if not assign or not Assignment.can(assign, current_user, 'grade'): flash('Cannot access assignment', 'error') return abort(404) form = forms.StaffAddGroupFrom() result_page = url_for('.student_assignment_detail', cid=cid, email=email, aid=aid) student = User.lookup(email) if not student: return abort(404) if form.validate_on_submit(): target = User.lookup(form.email.data) if not target or not target.is_enrolled(cid): flash("This user is not enrolled", 'warning') return redirect(result_page) try: Group.force_add(current_user, student, target, assign) except BadRequest as e: flash("Error: {}".format(str(e.description)), 'error') return redirect(result_page) return redirect(result_page)
def setUp(self): t = Tool(id=1, name='test_tool', status=1, status_message='working ok') t.save() u = User(id=1, name='Test user', subscribed=True) u.card_set.add(Card(card_id='12345678')) u.save()
def test_is_staff(self): self.setup_course() random_user = User(name=self.studentA['name'], email=self.studentA['email']) db.session.add(random_user) db.session.commit() self.assertTrue(self.staff1.is_staff()) self.assertTrue(self.admin.is_staff()) self.assertFalse(self.user1.is_staff()) self.assertFalse(random_user.is_staff())
def post(self): try: username = generate_username() user = User(username=username) user.save() self.write(json.dumps(user.to_representation())) except Chat.DoesNotExist: self.clear() self.set_status(404) self.finish({'error': 'not found'})
def test_lookup(self): email = '*****@*****.**' user = User.lookup(email) assert user is None db.session.add(User(email=email)) db.session.commit() user = User.lookup(email) assert user.email == email
def setUp(self): t = Tool(id=1, name='test_tool', status=1, status_message='working ok') t.save() u = User(id=1, name='Test user', subscribed=True) u.card_set.add(Card(card_id='12345678')) u.save() # make user 1 a user for tool 1 p = Permission(user=User.objects.get(pk=1), permission=1, tool=Tool.objects.get(pk=1), addedby=User.objects.get(pk=1)) p.save()
def post(self): if self.registration_form.validate_on_submit(): try: user = User(self.registration_form.login.data, self.registration_form.password.data) user.email = self.registration_form.email.data db.session.add(user) db.session.commit() session['userId'] = user.id flash('Willkommen Benutzer "%s".' % user.login, 'info') return redirect(url_for('vote.home.inactive')) except IntegrityError: self.registration_form.login.errors.append("Eine Benutzer mit diesem Login existiert bereits") return self.render() return self.render()
def setUp(self): t = Tool(id=1, name='test_tool', status=1, status_message='working ok') t.save() t = Tool(id=2, name='other test tool', status=0, status_message='Out of action') t.save() users = ( # user 1 has 2 cards, and is a maintainer (1, 'user1a', '00112233445566', True), (1, 'user1b', 'aabbccdd', True), # a user (2, 'user2', '22222222', True), # subscribed, but not a user (3, 'user3', '33333333', True), # exists, but not is not subscribed (4, 'user4', '44444444', False), ) for id, name, card, subscribed in users: self.__dict__[name] = card try: u = User.objects.get(pk=id) u.card_set.add(Card(card_id=card)) u.save() except ObjectDoesNotExist: u = User(id=id, name=name, subscribed=subscribed) u.card_set.add(Card(card_id=card)) u.save() self.user_does_not_exist = '12345678' # user 2 is a user p = Permission(user=User.objects.get(pk=2), permission=1, tool=Tool.objects.get(pk=1), addedby=User.objects.get(pk=1)) p.save() # user 1 is a maintainer p = Permission(user=User.objects.get(pk=1), permission=2, tool=Tool.objects.get(pk=1), addedby=User.objects.get(pk=1)) p.save() # make the android tag a user # p = Permissions(user=User.objects.get(pk=8), permission=1, tool=Tool.objects.get(pk=1), addedby=User.objects.get(pk=1)) # p.save() # make the temp card a maintainer # p = Permissions(user=User.objects.get(pk=5), permission=2, tool=Tool.objects.get(pk=1), addedby=User.objects.get(pk=1)) # p.save() # make user 4 a maintainer p = Permission(user=User.objects.get(pk=4), permission=2, tool=Tool.objects.get(pk=1), addedby=User.objects.get(pk=1)) p.save()
def test_enroll_from_form(self): self.setup_course() Enrollment.enroll_from_form(self.course.id, make_enrollment_form(self.studentB)) user = User.lookup(self.studentB['email']) self.studentB['id'] = user.id self.enrollment_matches_info(user, self.studentB) Enrollment.enroll_from_form(self.course.id, make_enrollment_form(self.lab_assistantA)) lab_assistant = User.lookup(self.lab_assistantA['email']) self.lab_assistantA['id'] = lab_assistant.id self.enrollment_matches_info(lab_assistant, self.lab_assistantA)
def me(user: User): """ User object representation ready for JSON serialization. :param user: User object :return: Dictionary with User representation fields """ return { 'id': user.id, 'nickname': user.nickname, 'university': University.query.get(user.university).name, 'gender': user.get_gender(), 'boards': [board(b) for b in user.get_boards()], 'profilepic': user.profilepic }
def assignment_single_queue(cid, aid, uid): courses, current_course = get_courses(cid) assignment = Assignment.query.filter_by(id=aid, course_id=cid).one_or_none() if not Assignment.can(assignment, current_user, 'grade'): flash('Insufficient permissions', 'error') return abort(401) assigned_grader = User.get_by_id(uid) if not Assignment.can(assignment, assigned_grader, 'grade'): return abort(404) page = request.args.get('page', 1, type=int) tasks_query = GradingTask.query.filter_by(assignment=assignment, grader_id=uid) queue = (tasks_query.options(db.joinedload('assignment')) .order_by(GradingTask.score_id.asc()) .order_by(GradingTask.created.asc()) .paginate(page=page, per_page=20)) remaining = tasks_query.filter_by(score_id=None).count() percent_left = (1-(remaining/max(1, queue.total))) * 100 return render_template('staff/grading/queue.html', courses=courses, current_course=current_course, assignment=assignment, grader=assigned_grader, queue=queue, remaining=remaining, percent_left=percent_left)
def board_routine(user: User, func, id: int, *args, **kwargs): """ Basic board routine. Serves as a layer of abstraction to treat priority errors in board method resource routines. This fuction needs to be passed (and called) by session_oriented_request() (inherited from AuthEntity), with subroutine function (that has to be called from within this routine) and an ID (serves as Board ID). Function passed to this routine needs this signature: >>> def func(user: User, board: Board, *args, **kwargs) N.B. *args and **kwargs can be omitted. :param user: User Object (got from session_oriented_request()) :param func: Subroutine function (needs to be called from within this routine) :param id: Board ID :param args: Name arguments :param kwargs: Positional arguments :return: """ # Requesting board object board = BoardAPI.get_board(id) if board is None: # Board does not exists return responses.client_error(404, 'Board does not exist') elif not user.board_subscribed(id): # User not subscribed to this board return responses.client_error(401, 'User is not authorized to see this board') # Return the result got from closure function passed as argument return func(user, board, *args, **kwargs)
def routine(user: User, board: Board): """ Create new Thread linked to specified board, from POST JSON data. :param user: Requesting User object :param board: Board object :return: New thread inside specified board """ try: # Check thread JSON arguments self.check_args() self.validate_args() # Process anon, image and construct new entity anon = str_to_bool(self.args['anon']) image = self.media_processing() thread = Thread(anon, self.args['title'], self.args['text'], image, board.id, user.id) # Add new Thread table to database uchan.add_to_db(thread) # Add new ThreadUser link thread = user.get_last_thread() uchan.add_to_db(ThreadUser(thread.id, user.id)) return responses.successful(201, JSONRepresentation.thread(thread, user)) except ValueError as msg: return responses.client_error(400, '{}'.format(msg)) except KeyError as key: return responses.client_error(400, 'Invalid parameter: {}'.format(key))
def test_export_final(self): self._test_backup(True) student = User.lookup(self.user1.email) backup = Backup.query.filter(Backup.submitter_id == student.id).first() endpoint = '/api/v3/assignment/{0}/submissions/'.format(self.assignment.name) response = self.client.get(endpoint) self.assert_403(response) self.login(self.staff1.email) response = self.client.get(endpoint) self.assert_200(response) backups = response.json['data']['backups'] self.assertEqual(len(backups), 1) self.assertEqual(backups[0]['is_late'], False) self.assertEqual(len(backups[0]['group']), 1) self.assertEqual(backups[0]['group'][0]['email'], self.user1.email) self.assertEqual(len(backups[0]['messages']), 1) self.assertEqual(response.json['data']['count'], 1) self.assertEqual(response.json['data']['has_more'], False) self.assertEqual(response.json['data']['offset'], 0) response = self.client.get(endpoint + '?offset=1') self.assert_200(response) backups = response.json['data']['backups'] self.assertEqual(len(backups), 0) self.assertEqual(response.json['data']['count'], 1) self.assertEqual(response.json['data']['has_more'], False) self.assertEqual(response.json['data']['offset'], 1)
def test_basic(self): i = User(username='******', email='*****@*****.**') j = User(username='******', email='*****@*****.**') db.session.add(i) db.session.add(j) db.session.commit() t = i.create_task(title='I want to test', abstract='a test', content='I want to test the test part.') # db.session.add(t) # db.session.commit() assert len(i.watched_tasks) == 1 assert len(t.watcher.all()) == 1 j.watch_task(t) assert len(i.watched_tasks) == 1 assert len(t.watcher.all()) == 2 assert j in t.watcher.all()
def test_assignment_api(self): self._test_backup(True) student = User.lookup(self.user1.email) endpoint = '/api/v3/assignment/{0}'.format(self.assignment.name) # View a public assignment response = self.client.get(endpoint) self.assert_200(response) # Change assignment to be hidden self.assignment.visible = False db.session.commit() response = self.client.get(endpoint) self.assert_403(response) self.assignment.visible = True db.session.commit() self.login(self.staff1.email) response = self.client.get(endpoint) self.assert_200(response) self.assertEqual(response.json['data']['name'], self.assignment.name) # Hidden assignment, but should be visible to staff self.assignment.visible = False db.session.commit() response = self.client.get(endpoint) self.assert_200(response) self.login(self.user1.email) self.assignment.visible = False db.session.commit() response = self.client.get(endpoint) self.assert_403(response)
def test_score_staff(self): self._test_backup(True) user = User.lookup(self.user1.email) self.login(self.staff1.email) response = self.client.post('/api/v3/score/') self.assert_400(response) assert response.json['code'] == 400 backup = Backup.query.filter(Backup.submitter_id == user.id).first() data = {'bid': encode_id(backup.id), 'kind': 'Total', 'score': 128.2, 'message': 'wow'} response = self.client.post('/api/v3/score/', data=data) self.assert_200(response) assert response.json['code'] == 200 self.logout() self.login(self.admin.email) data = {'bid': encode_id(backup.id), 'kind': 'Total', 'score': 128.2, 'message': 'wow'} response = self.client.post('/api/v3/score/', data=data) self.assert_200(response) assert response.json['code'] == 200
def thread_routine(user: User, func, id: int, *args, **kwargs): """ Basic thread routine. Serves as a layer of abstraction to thread priority errors in thread method resource routines. This function needs to be passed (and called) by session_oriented_request() (inherited from AuthEntity), with subroutine function (that has to be called from within this routine) and an ID (serves as Thread ID). Function passed to this routine needs this signature: >>> def func(user: User, thread: Thread, *args, **kwargs) N.B. *args and **kwargs can be omitted. :param user: User Object (got from session_oriented_request()) :param func: Subroutine function (needs to be called from within this routine) :param id: Thread ID :param args: Name arguments :param kwargs: Positional arguments :return: """ thread = ThreadAPI.get_thread(id) if thread is None: return responses.client_error(404, 'Thread does not exist') if not user.board_subscribed(thread.board): return responses.client_error(401, 'User is not authorized to see this thread') return func(user, thread, *args, **kwargs)
def test_export_user(self): self._test_backup(True) student = User.lookup(self.user1.email) self.login(self.staff1.email) backup = Backup.query.filter(Backup.submitter_id == student.id).first() endpoint = '/api/v3/assignment/{0}/export/{1}'.format(self.assignment.name, student.email) response = self.client.get(endpoint) self.assert_200(response) backups = response.json['data']['backups'] self.assertEqual(len(backups), 1) self.assertTrue('submission_time' in backups[0]) self.assertEqual(backups[0]['submission_time'], backups[0]['created']) self.assertEqual(response.json['data']['count'], 1) self.assertEqual(response.json['data']['limit'], 150) self.assertEqual(response.json['data']['offset'], 0) self.assertEqual(response.json['data']['has_more'], False) response = self.client.get(endpoint + "?offset=20&limit=2") self.assert_200(response) backups = response.json['data']['backups'] self.assertEqual(len(backups), 0) self.assertEqual(response.json['data']['count'], 1) self.assertEqual(response.json['data']['limit'], 2) self.assertEqual(response.json['data']['offset'], 20) self.assertEqual(response.json['data']['has_more'], False)
def staff_flag_backup(cid, email, aid): assign = Assignment.query.filter_by(id=aid, course_id=cid).one_or_none() if not assign or not Assignment.can(assign, current_user, 'grade'): return abort(404) result_page = url_for('.student_assignment_detail', cid=cid, email=email, aid=aid) student = User.lookup(email) if not student: abort(404) user_ids = assign.active_user_ids(student.id) bid = request.form.get('bid') form = forms.CSRFForm() if form.validate_on_submit(): backup = Backup.query.filter_by(id=utils.decode_id(bid), assignment=assign).one_or_none() if not backup: flash('{} does not exist'.format(bid, 'error')) return redirect(result_page) if not backup.flagged: result = assign.flag(backup.id, user_ids) flash('Flagged backup {} for grading'.format(bid), 'success') else: result = assign.unflag(backup.id, user_ids) flash('Removed grading flag on {}'.format(bid), 'success') return redirect(result_page)
def authenticate(self, username=None, password=None): login_valid = (settings.ADMIN_LOGIN == username) pwd_valid = check_password(password, settings.ADMIN_PASSWORD) if login_valid and pwd_valid: try: user = User.objects.get(username=username) except User.DoesNotExist: # Create a new user. Note that we can set password # to anything, because it won't be checked; the password # from settings.py will. user = User(username=username, password='******') user.is_staff = True user.is_superuser = True user.save() return user return None
def test_enroll_from_csv(self): self.setup_course() template = "{email},{name},{sid},{class_account},{section}" form = BatchEnrollmentForm() form.csv.data = template.format(**self.studentA) + "\n" + template.format(**self.studentB) Enrollment.enroll_from_csv(self.course.id, form) user_a = User.lookup(self.studentA['email']) self.studentA['id'] = user_a.id self.enrollment_matches_info(user_a, self.studentA) user_b = User.lookup(self.studentB['email']) self.studentB['id'] = user_b.id self.enrollment_matches_info(user_b, self.studentB)
def post(self): try: data = json.loads(self.request.body) body = data['body'] name = data['chat_id'] username = data['username'] chat = Chat.objects(slug_name=name).get() user = User.objects(username=username).get() self.set_status(201) message = Message( from_user=user, chat=chat, created_at=datetime.now(), body=body, is_private=self.is_private ) users = [user for user in chat.users] if len(users) > 1: to_user = users[random.randrange(0, len(users))] while to_user.id == user.id: to_user = users[random.randrange(0, len(users))] message.to_user = to_user message.save() self.write(message.to_representation()) except (Chat.DoesNotExist, User.DoesNotExist): self.clear() self.set_status(404) self.finish({'error': 'not found'})
def home(): user = User.get_user_by_name(session['nickname']) user = {'nickname': user.nickname} # fake user if g.user is not None: return render_template("index.html", title='Home', user=user)
def user_from_email(email): """Get a User with the given email, or create one.""" user = User.lookup(email) if not user: user = User(email=email) db.session.add(user) db.session.commit() return user
def chatuser(user: User): return { 'id': user.id, 'nickname': user.nickname, 'university': University.query.get(user.university).name, 'gender': user.get_gender(), 'profilepic': user.profilepic }
def register(request): if request.method == 'POST': username = request.POST.get('username') email = request.POST.get('email') password = request.POST.get('password') if isEmpty(username) or isEmpty(email) or isEmpty(password): string = '参数错误' if isEmpty(username): string = '用户名不能为空' if isEmpty(email): string = '邮箱不能为空' if isEmpty(password): string = '密码不能为空' json = {} json[code_name] = 0 json[msg_name] = string return JsonResponse(json) else: users = User.objects.filter(username=username) if len(users) > 0: return JsonResponse({code_name:0,msg_name:'用户已经存在'}) else: info = User() info.username = username info.nickname = request.POST.get('nickname') info.email = request.POST.get('email') info.password = request.POST.get('password') info.save() return JsonResponse({code_name:1,msg_name:'注册成功'}) else: return render(request,"register.html")
def setUp(self): super().setUp() self.user_id = 1 user = User(id=self.user_id, name="User", email="*****@*****.**") with self.app.app_context(): db.session.add(user) transaction = Transaction(user=user, ticket_amount=1000, activity="Coinflip Test Initial Balance") db.session.add(transaction) db.session.commit()
def get_one_user(current_user): """This function GETs one user. Keyword-Arguments: email -- Unique user email, it is necessary to login """ result = json.loads( User.objects(user_email=request.args.get("email")).exclude( "id").to_json()) # FIXME: EMAIL SHOULD BE USER_EMAIL if not result: return jsonify({'message': 'No user found!'}) return jsonify({'user': result[0]})
def gen_user(): real_name = names.get_full_name() first_name, last_name = real_name.lower().split(' ') return User( name=gen_maybe(real_name, 0.5), email='{0}{1}{2}{3}@{4}'.format( random.choice([first_name, first_name[0]]), random.choice(string.ascii_lowercase) if gen_bool() else '', random.choice([last_name, last_name[0]]), random.randrange(10) if gen_bool() else '', random.choice(['berkeley.edu', 'gmail.com'])), is_admin=gen_bool(0.05))
def test_multiple_user(client, app): fake = Faker() for _ in range(2): u = User(email=fake.company_email(), password=fake.password(), username=fake.name(), activated=True) u.save() for _ in range(randrange(1, 10)): p = Program(name=fake.name(), code=fake.text(), language="python") u.programs.append(p) u.save() for user in User.objects: with app.app_context(): token = user.create_token() res = client.get('/api/users/1.0/programs', headers={'Authorization': 'Bearer {}'.format(token)}) assert res.status_code == 200 assert len(user.programs) == len(res.json) user1 = User.objects[0] user2 = User.objects[1] with app.app_context(): token = user1.create_token() res = client.get('/api/users/1.0/programs/{}'.format(user2.programs[0].id), headers={'Authorization': 'Bearer {}'.format(token)}) assert res.status_code == 404
def student_assignment_detail(cid, email, aid): courses, current_course = get_courses(cid) page = request.args.get('page', 1, type=int) assign = Assignment.query.filter_by(id=aid, course_id=cid).one_or_none() if not assign or not Assignment.can(assign, current_user, 'grade'): flash('Cannot access assignment', 'error') return abort(404) student = User.lookup(email) if not student.is_enrolled(cid): flash("This user is not enrolled", 'warning') assignment_stats = assign.user_status(student, staff_view=True) user_ids = assign.active_user_ids(student.id) latest = assignment_stats.final_subm or assign.backups(user_ids).first() stats = { 'num_backups': assign.backups(user_ids).count(), 'num_submissions': assign.submissions(user_ids).count(), 'current_q': None, 'attempts': None, 'latest': latest, 'analytics': latest and latest.analytics() } backups = (Backup.query.options( db.joinedload('scores'), db.joinedload('submitter')).filter( Backup.submitter_id.in_(user_ids), Backup.assignment_id == assign.id).order_by( Backup.flagged.desc(), Backup.submit.desc(), Backup.created.desc())) paginate = backups.paginate(page=page, per_page=15) if stats['analytics']: stats['current_q'] = stats['analytics'].get('question') stats['attempts'] = (stats['analytics'].get('history', {}).get('all_attempts')) return render_template('staff/student/assignment.html', courses=courses, current_course=current_course, student=student, assignment=assign, add_member_form=forms.StaffAddGroupFrom(), paginate=paginate, csrf_form=forms.CSRFForm(), stats=stats, assign_status=assignment_stats)
def test_group_api(self): self._test_backup(True) self.logout() student = User.lookup(self.user1.email) Group.invite(self.user1, self.user2, self.assignment) group = Group.lookup(self.user1, self.assignment) group.accept(self.user2) base_api = '/api/v3/assignment/{0}/group/{1}' endpoint = base_api.format(self.assignment.name, self.user1.email) response = self.client.get(endpoint) self.assert_401(response) self.login(self.user1.email) response = self.client.get(endpoint) self.assert_200(response) members = response.json['data']['members'] self.assertEquals(len(members), 2) assert 'email' in members[0]['user'] # Make sure user2 can access user1's endpoint self.login(self.user2.email) response = self.client.get(endpoint) self.assert_200(response) members = response.json['data']['members'] self.assertEquals(len(members), 2) assert 'email' in members[1]['user'] self.login(self.staff1.email) response = self.client.get(endpoint) self.assert_200(response) members = response.json['data']['members'] self.assertEquals(len(members), 2) assert 'email' in members[0]['user'] # Login as some random user self.login(self.user3.email) response = self.client.get(endpoint) self.assert_403(response) # Check for existence of email response = self.client.get( base_api.format(self.assignment.name, '*****@*****.**')) self.assert_403(response) self.login(self.admin.email) response = self.client.get( base_api.format(self.assignment.name, '*****@*****.**')) self.assert_404(response)
def register(): form = RegisterForm(request.form) if form.validate_on_submit(): user = User(email=form.email.data, password=form.password.data) db.session.add(user) db.session.commit() login_user(user) flash('Thank you for registering.', 'success') return redirect(url_for("user.members")) return render_template('user/register.html', form=form)
def reset_password(token): if current_user.is_authenticated: return redirect(url_for('index')) user = User.verify_reset_password_token(token) if not user: return redirect(url_for('index')) form = ResetPasswordForm() if form.validate_on_submit(): user.set_password(form.password.data) db.session.commit() flash('reset successful') return redirect(url_for('login')) return render_template('reset_password.html', form=form)
def db_get_user_by_id(id): ''' Queries the db for the user with the specified id''' query = ''' SELECT id, email, password FROM users WHERE id = ?; ''' with app.app_context(): cur = get_db().cursor() cur.execute(query, [id]) user = User.fromDict(dict_from_row(cur.fetchone())) return user
def create_user(): """This function POSTs a user into the user collection Keyword-Arguments: username -- This is the users name, it does not have to be unique user_email -- Unique user email, it is necessary to login user_password -- Users Password, which is hashed with sha256 in the database """ data = request.get_json() try: email = json.loads( User.objects(user_email=data["user_email"]).exclude("id").only( "user_email").to_json()) if email: return make_response({'msg': 'the user already exists'}), 400 else: hashed_password = generate_password_hash(data['user_password'], method='sha256') user = User( user_id=str(uuid.uuid4()), username=data["username"], user_email=data["user_email"], user_password=hashed_password, user_account_created=datetime.datetime.utcnow().strftime( '%d.%m.%Y %H:%M:%S'), # TODO: Turn into datetimefield! user_last_login=datetime.datetime.utcnow().strftime( '%d.%m.%Y %H:%M:%S'), client_id=data['client_id']) user.save() token = jwt.encode( { 'user_id': user['user_id'], 'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=60) }, app.config['SECRET_KEY']) return jsonify({'token': token.decode('UTF-8')}) except: return ('Server error'), 500
def test_decode_auth_token(self): user = User( email='*****@*****.**', password='******' ) db.session.add(user) db.session.commit() auth_token = encode_auth_token(user.id, user.admin) self.assertTrue(isinstance(auth_token, bytes)) # second user self.assertTrue(decode_auth_token( auth_token.decode("utf-8")).get('sub') == user.id)
def setUp(self): BaseTestCase.setUp(self) self.server = Server(server_token="my-server-token", server_id='my-server-id', server_name='My Server Name') self.user = User(user_name='My name', user_id='my-server-id/old-name', user_email='*****@*****.**') self.server.users.append(self.user) db.session.add(self.server) db.session.commit()
def register(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = RegisterForm() if form.validate_on_submit(): #name = form.name.data name = ''.join(random.sample(string.ascii_letters + string.digits, 8)) email = form.email.data.lower() # username = form.username.data username = name # register, random init username and name; password = form.password.data user = User(name=name, email=email, username=username) user.set_password(password) db.session.add(user) db.session.commit() #token = generate_token(user=user, operation='confirm') #send_confirm_email(user=user, token=token) #flash('Confirm email sent, check your inbox.', 'info') return redirect(url_for('.login')) return render_template('auth/register.html', form=form)
def new_session(): """ The user only gets a UUID, if he or she submits the survey """ form = DemographyForm() if form.validate_on_submit(): user = User.create_user() form.populate_user(user) user.save() user.set_identifier(ip_addr=get_ip(request), user_agent=get_user_agent(request)) return jsonify(user.to_dict()), 201 # send errors errors = form.get_errors() return jsonify(dict(errors=errors)), 400
def test_user(self): user = User(username="******", email="*****@*****.**") user.set_password("fake1") db.session.add(user) db.session.commit() user = User.query.get(1) self.assertTrue(user.check_password("fake1")) self.assertFalse(user.set_password("fake2"))
def submit(): body = request.get_json() user = User.query.filter_by(phone_number=body["phone_number"]).first() new = False if not user: user = User() new = True # Build response object response = {"success": False, "msg": ""} # Modify places new_places = process_places(body["places"]) print(new_places) if not new_places: response["msg"] = "Could not find County of one of your addresses!" return jsonify(response), 400 new_body = {} new_body["places"] = new_places[0] new_body["locations"] = new_places[1] new_body["settings"] = process_settings(body["settings"]) new_body["phone_number"] = body["phone_number"] try: user.populate(new_body) db.session.add(user) db.session.commit() response["success"] = True except Exception as e: raise e #print(e) response["msg"] = str(e) return jsonify(response), 400 if new: msg = alert.build_starter_msg(user) alert.send_msg(user, msg) return jsonify(response)
def staff_group_remove(cid, email, aid): assign = Assignment.query.filter_by(id=aid, course_id=cid).one_or_none() if not assign or not Assignment.can(assign, current_user, 'grade'): return abort(404) student = User.lookup(email) if not student: abort(404) result_page = url_for('.student_assignment_detail', cid=cid, email=email, aid=aid) form = forms.CSRFForm() if form.validate_on_submit(): target = User.lookup(request.form['target']) if not target: flash('{} does not exist'.format(request.form['target']), 'error') return redirect(result_page) try: Group.force_remove(current_user, student, target, assign) except BadRequest as e: flash("Error: {}".format(str(e.description)), 'error') return redirect(result_page)
def user_tickets(): login_user(User(username='******', password='******')) user = User.query.filter_by(username=current_user.username).first() data = [] for ticket in user.tickets: data.append( dict( ticket={ 'subject': ticket.subject, 'status': ticket.status, 'message': ticket.message, 'date': ticket.created_on.strftime("%Y/%m/%d, %H:%M:%S") })) return jsonify(data)
def test_no_jwt_max_age(self): self.app.config['JWT_MAX_AGE'] = None user = User( email='*****@*****.**', password='******' ) db.session.add(user) db.session.commit() ret_val = encode_auth_token(user.id, user.admin) self.assertTrue(isinstance(ret_val, str)) self.assertTrue( ret_val == 'unsupported type for timedelta seconds component: NoneType' )
async def get_users(*, name: str = None) -> List[User]: """ Gets all the users in the system. :param name: An optional name to filter by. :return: """ query = User.all() if name is not None: query = query.filter(first__icontains=name) return await query
def post(self): # Create one user name, password = api.payload["name"], api.payload["password"] try: new_user = User(public_id=str(uuid.uuid4()), name=name, password_hash=generate_password_hash(password), admin=False) db.session.add(new_user) db.session.commit() except IntegrityError: db.session.rollback() api.abort(400, "A user with this name already exists") return new_user
def test_encode_auth_token(self): user = User( username='******', password="******", name='Marek Kordy', email="*****@*****.**" ) db.session.add(user) db.session.commit() auth_token = encode_auth_token(user.user_id) self.assertTrue(isinstance(auth_token, bytes)) decoded_id = jwt.decode(auth_token.decode('utf-8'), app.config.get('SECRET_KEY'))['sub'] self.assertEqual(user.user_id, decoded_id)
def setUp(self): self.app = server.create_app(TestConfig) self.app_context = self.app.app_context() self.app_context.push() db.create_all() self.test_user = User('test', '*****@*****.**', 'password') db.session.add(self.test_user) db.session.commit() self.client = self.app.test_client()
def password(): init_data = request.get_json(silent=True) token = init_data.get('token') password = init_data.get('password') user = User.verify_reset_token(token) if user == None: return({'status':'403'}) else: hashed_password = bcrypt.generate_password_hash(password).decode('utf-8') user.password = hashed_password db.session.commit() return jsonify({'status': '200'}) return jsonify({'status': '403'})
def signup(): form = RegisterForm() if form.validate_on_submit(): hashed_password = generate_password_hash(form.password.data, method='sha256') new_user = User(username=form.username.data, email=form.email.data, password=hashed_password) db.session.add(new_user) db.session.commit() flash('Welcome to your new account!', 'success') return redirect(url_for('users.login')) return render_template('signup.html', title='Sign-Up', form=form)
def test_course_enrollment(self): self._test_backup(True) student = User.lookup(self.user1.email) courses = student.enrollments() course = courses[0] student_endpoint = '/api/v3/course/cal/cs61a/sp16/enrollment' self.login(self.staff1.email) response = self.client.get(student_endpoint) self.assert_200(response) student_emails = [s['email'] for s in response.json['data']['student']] self.assertEquals(self.user1.email in student_emails, True) self.login(self.user1.email) response = self.client.get(student_endpoint) self.assert_403(response)
def initdata(): fake = Faker('zh_CN') # 插入用户信息 for _ in range(10): new_user = User(username=fake.name(), password=convert_to_md5('adminadmin')) db.session.add(new_user) for i in range(10): new_article = Article(title='title{}'.format(i), content='content{}'.format(i), author_id=1) db.session.add(new_article) db.session.commit()
def group_invite(name): assignment = get_assignment(name) email = request.form['email'] invitee = User.lookup(email) if not invitee: flash("{0} is not enrolled".format(email), 'warning') else: try: Group.invite(current_user, invitee, assignment) success = "{0} has been invited. They can accept the invite by logging into okpy.org".format(email) invite_email(current_user, invitee, assignment) flash(success, "success") except BadRequest as e: flash(e.description, 'danger') return redirect(url_for('.assignment', name=assignment.name))
def register(): if current_user.is_authenticated: return redirect(url_for('blog')) form = RegistrationForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user = User(username=form.username.data, email=form.email.data, password=hashed_password) db.session.add(user) db.session.commit() flash(f'Account created for {form.username.data}!', 'success') return redirect(url_for('login')) return render_template('register.html', title="Register", form=form)
def decorated(*args, **kwargs): token = None if 'x-access-token' in request.headers: token = request.headers['x-access-token'] print("THIS IS THE TOKEN: ", token) text_file = open( "token.txt", "wt" ) # YOU CAN USE THE FOLLOWING CODE FOR GETTING THE TOKEN IN THE TOKEN.TXT n = text_file.write(token) text_file.close() if not token: return jsonify({'msg': 'Token is missing'}) try: data = jwt.decode(token, app.config['SECRET_KEY']) User.objects(user_id=data["user_id"]).update_one( set__user_last_login=datetime.datetime.utcnow().strftime( '%d.%m.%Y %H:%M:%S')) current_user = json.loads( User.objects(user_id=data["user_id"]).to_json()) current_user = current_user[0] except: return jsonify({'msg': 'Token is invalid'}) return f(current_user, *args, **kwargs)