def cabinet(username): current_user = User.get(session['user']) requested_user = User.get(username) username = current_user.username if not requested_user: abort(404) user = requested_user.username if user == username: is_owner = True invites = friends.check_invites(user) return render_template('profile/profile.html', user=current_user, invites=invites, is_owner=is_owner) else: is_owner = False isInvited = friends.isInvited(requested_user.username, current_user.username) isInvitedByOther = friends.isInvited(current_user.username, requested_user.username) return render_template('profile/profile.html', user=requested_user, user_guest=current_user, isInvited=isInvited, isInvitedByOther=isInvitedByOther, is_owner=is_owner)
def test_delete_game(): headers = { 'Authorization': 'Bearer ' + pytest.users[2]["token"], 'Content-Type': 'text/plain' } response = client.delete("/games/100/delete", headers=headers) assert response.status_code == 404 assert response.json() == {'detail': 'The game does not exist'} response = client.delete(f"/games/{pytest.info['game']}/delete", headers=headers) assert response.status_code == 403 assert response.json() == { 'detail': 'The game does not belong to the current user' } headers['Authorization'] = 'Bearer ' + pytest.users[1]["token"] response = client.delete(f"/games/{pytest.info['game']}/delete", headers=headers) assert response.status_code == 200 assert response.json() == { "message": f"The game {pytest.info['game']} (Partida 1) was deleted" } with db_session: Player.get(id=pytest.info['other_player']).delete() Game.get(id=pytest.info['other_game']).delete() for u in list(pytest.users.values())[:-1]: User.get(id=u["user_id"]).delete()
def load_user(user_str, mod=""): # could also be an asynchronous function user = user_str with db_session: if type(user) is not dict: user = User.get(username=user_str) if not user: user = User.get(email=user_str) if user: return user.to_dict() elif mod != "force": user_db = User.get(id=user_str["id"]) if not user_db.verified: return None return user
def changeProfile(username): current_user = User.get(session['user']) user = current_user.username if user != username: return render_template(url_for('profile_page', username=username)) if request.method == "POST" and user: email = request.form['email'] if email and current_user.email != email: current_user.email = email old_password = request.form['old-password'] password = request.form['password'] if password and current_user.password != hash_password(password): if check_password(old_password, current_user.password): current_user.password = hash_password(password) fname = request.form['fname'] if fname and current_user.fname != fname: current_user.fname = fname lname = request.form['lname'] if lname and current_user.lname != lname: current_user.lname = lname current_user.update() return redirect(url_for('profile_page', username=current_user.username)) return render_template('profile/changeProfile.html', user=current_user)
async def get_current_user(token: str = Depends(oauth2_scheme)) -> UserEntity: credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": "Bearer"}, ) try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM]) username: str = payload.get("sub") if username is None: raise credentials_exception token_data = TokenData(username=username) except JWTError: raise credentials_exception user = await UserPermPDModel.from_queryset_single( User.get(username=username)) if user is None: raise credentials_exception return user
def reset(): ''' Reset password page. [GET] Reset page. [POST] Validate form & send reset email. ''' form = ResetForm() if form.validate_on_submit(): email = form.email.data if User.exist(email=email): user = User.get(email=email) from src.mailer.mail import Mailer, ResetMail msg = ResetMail(user.email) mailer = Mailer(msg) # Send email with reset uri. mailer.send() flash('An email sent to you.') else: flash('The email address is not registered.') return render_template('reset.jinja2', title='Password recovery.', form=form, template='login-page')
def get_user_scope(username): with Request.pony_session: user = User.get(name=username) if user: permission_id_list = Role.get_role_permission(user.role)[:] permission_id_list = [str(p) for p in permission_id_list] return permission_id_list
def get_user(username: str): with Request.pony_session: user = User.get(name=username) # print('sec_user:'******'user_dict:', user_dict) return UserInDB(**user_dict)
async def get_user(curr_user=Depends(manager)): with db_session: user = User.get(id=curr_user["id"]) return { "id": user.id, "username": user.username, "useralias": user.useralias, "email": user.email }
async def get_users(request, id=None): response = {'status': 'ok', 'message': '', 'payload': []} args = request.args print(args.get("limit", None)) response['payload'] = User.get(id, args.get("limit", None), args.get("offset", None)) return json(response)
async def confirm(confirmation: ConfM): with db_session: decr_email = confirm_token(confirmation.code) if not decr_email: raise HTTPException(status_code=400, detail="invalid code") user = User.get(email=decr_email) if not user: raise HTTPException(status_code=400, detail="user not found") user.verified = True return {"info": f'your account {user.username} has been activated!'}
async def login(data: UserM): user = data.username password = data.password with db_session: db_user = User.get(username=user) if not db_user: db_user = User.get(email=user) user = load_user(user) # authentication file function if not user or password != user['password'] or not db_user: raise InvalidCredentialsException # Default credential exception elif not db_user.verified: raise HTTPException( status_code=400, detail="The user is not verified, please check your mail inbox" ) access_token = manager.create_access_token( data=dict(sub=user), expires_delta=timedelta(hours=4)) return {'access_token': access_token, 'token_type': 'bearer'}
def send_message(username): current_user = User.get(session['user']) message_text = request.form['message'] current_date = datetime.now() new_message = Message(sender=current_user.username, recipient=username, text=message_text, creation_time=current_date) new_message.insert()
def get(self): args = self.get_args('get') post_ = Post.get(args['post_id']) author = User.get(post_.user_id).username post_data = { 'title': post_.title, 'text': post_.text, 'publish_date': post_.publish_date.strftime('%Y-%m-%d %H:%M:%S'), 'author': author } print(post_data) return {'status': 200, 'msg': '成功', 'post': post_data}
def get_messages_from(username): current_user = User.get(session['user']) messages = current_user.get_messages() if messages is not None: messages_from_user = [ m for m in messages if m.recipient == username or m.sender == username ] if messages_from_user != []: return render_template('/chat/messages.html', messages=messages_from_user, user=current_user) return render_template('/chat/no_messages.html')
async def new_user(input_game: UserM): with db_session: user = User.get(username=input_game.username) if not user: user = User.get(email=input_game.email) if not user: curr_user = User(username=input_game.username, useralias=input_game.useralias, email=input_game.email, password=input_game.password) commit() await simple_send([input_game.email], generate_confirmation_token( input_game.email), input_game.frontURL) else: raise HTTPException(status_code=400, detail="Email already registered") else: raise HTTPException(status_code=400, detail="Username already registered") return {"id": curr_user.id, "message": "User created successfully"}
def test_user_get(): headers = { 'Authorization': 'Bearer ' + pytest.users[1]["token"], 'Content-Type': 'text/plain' } response = client.get("/users/me", headers=headers) assert response.status_code == 200 with db_session: user = User.get(id=pytest.users[1]["user_id"]) assert response.json() == { "id": user.id, "username": user.username, "useralias": user.useralias, "email": user.email }
async def list_players(game_id: int, user=Depends(manager)): status = {} with db_session: game = Game.get(id=game_id) if game is None: raise HTTPException(status_code=404, detail="Game not found") players = game.players parsed_players = [p.to_dict() for p in players] parsed_players.sort(key=lambda x: x.get('id')) for p in parsed_players: user = User.get(id=p['user']).to_dict() user.pop("password") user.pop("email") p.update(user=user) return {'data': parsed_players}
async def mod_user(input_game: UserMod, user=Depends(manager)): with db_session: user = User.get(id=user["id"]) message = 'fields modified:' if input_game.useralias: user.useralias = input_game.useralias message += " -useralias" if input_game.newpassword: if input_game.oldpassword and user.password == input_game.oldpassword: user.password = input_game.newpassword message += " -password" else: raise HTTPException(status_code=400, detail="Old password dont match") return {message}
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] user = User.get(username) if user != None: if check_password(password, user.password): session['user'] = user.username return redirect(url_for('profile_page', username=user.username)) else: return redirect(url_for('login')) else: return redirect(url_for('register')) return render_template('authentication/login.html')
def register(): if request.method == 'POST': password = request.form['password'] password_retry = request.form['password-retry'] username = request.form['username'] email = request.form['email'] if User.get(username) == None: if password == password_retry: user = User(username=username, email=email, password=hash_password(password)) user.insert() session['user'] = user.username return redirect(url_for('profile_page', username=username)) else: return redirect(url_for('register')) return render_template('authentication/register.html')
async def expelliarmus(in_vote: VoteM, game_id: int, user=Depends(manager)): with db_session: game = Game.get(id=game_id) current_player = Player.user_player(user, game_id) username = User.get(id=current_player["user"]).username detail = f"The player {username} has played expelliarmus!" if game is None: raise HTTPException(status_code=404, detail="Game not found") if not game.started: raise HTTPException(status_code=400, detail="Game is not started") if current_player["current_position"] != "minister" and current_player[ "current_position"] != "headmaster": raise HTTPException( status_code=400, detail="this player is not the minister nor the headmaster") if game.board.de_proc < 5 or game.status["phase"] != "headmaster play": raise HTTPException(status_code=400, detail="It is not time for expelliarmus!!!") if "headmaster_expelliarmus" not in game.status.keys(): if current_player["current_position"] == 'headmaster': game.status["headmaster_expelliarmus"] = in_vote.vote else: raise HTTPException( status_code=400, detail="The headmaster must play the expelliarmus first!") else: if current_player["current_position"] == 'minister': game.status["minister_expelliarmus"] = in_vote.vote else: raise HTTPException( status_code=400, detail="The minister must confirm the expelliarmus!") detail = "The expelliarmus has failed!" if game.status["minister_expelliarmus"] and game.status[ "headmaster_expelliarmus"]: cards = game.board.deck.split(',')[2:] game.board.deck = ','.join(cards) detail = "the expelliarmus was played succesfully!, cards discarded" Player.reassign_minister(game) return {detail}
async def process_price(message: types.Message, state: FSMContext): async with state.proxy() as data: data['price'] = message.text user = User.get(User.external_id == message.from_user.values.get('id')) Expense.create(**data, user=user) # summary of saved expense await bot.send_message( message.chat.id, md.text( md.text('Gasto de ', md.bold(data['description']), ' guardado! '), md.text('Categorias: ', md.code(data['categories'])), md.text('Price: $', data['price']), sep='\n', ), parse_mode=ParseMode.MARKDOWN, ) # Finish conversation await state.finish()
def test_create_user(): for i, u in enumerate(pytest.users.values()): with db_session: response = client.post("/users/", headers={}, json={ "username": u['username'], "useralias": u["useralias"], "email": u['email'], "password": "******", "frontURL": "ded" }) with db_session: for i, u in enumerate(pytest.users.values()): user = User.get(email=u["email"]) user.verified = True u["user_id"] = int(user.id) response = client.post("/users/", headers={}, json={ "username": "******", "useralias": "andres", "email": "*****@*****.**", "password": "******", "frontURL": "ded" }) assert response.status_code == 400 assert response.json() == {"detail": "Username already registered"} response = client.post("/users/", headers={}, json={ "username": "******", "useralias": "andres234", "email": "*****@*****.**", "password": "******", "frontURL": "ded" }) assert response.status_code == 400 assert response.json() == {"detail": "Email already registered"}
def recover(token=None): ''' User login page. param: token (str): JWT token. [GET] Change password page. [POST] Validate form & change password. ''' if request.method == 'GET': from src.login.models import UserToken email = UserToken.verify(token) if not email: flash('User not found.') return redirect(url_for('auth_bp.login')) form = RecoverForm() if form.validate_on_submit(): email = form.email.data if User.exist(email=email): user = User.get(email=email) # Change password and commit. user.set_password(form.password.data) db.session.commit() flash('Password changed.') return redirect(url_for('auth_bp.login')) # Change password page. return render_template('recover.jinja2', title='Reset your password.', form=form, template='login-page')
def login(provider=None): ''' User login page. param: provider (str): Login provider [ site | google | fb ] [GET] Login page. [POST] Validate form & user login. ''' # User already logged in. if current_user.is_authenticated: return redirect(url_for('main_bp.main')) form = LoginForm() if provider: sl = SocialLogin(provider) response, result = sl.login(request) if result: if result.user: # Update data from provider. result.user.update() email = result.user.email if not User.exist(email=email): # Create user. create_u = CreateUser(email=email) user = create_u.create(name=result.user.name, login_type=provider) else: user = User.get(email=email) # Login. login_user(user=user) next_page = request.args.get('next') return redirect(next_page or url_for('main_bp.main')) return response else: # Validate login attempt. if form.validate_on_submit(): email = form.email.data if User.exist(email=email): user = User.get(email=email) if user and user.confirmed and user.check_password( form.password.data): login_user(user) # Logged in. next_page = request.args.get('next') return redirect(next_page or url_for('main_bp.main')) flash('User not registered.') # return redirect(url_for('auth_bp.login')) # Login page. return render_template('login.jinja2', form=form, title='Log in.', template='login-page')
def chat(): current_user = User.get(session['user']) friends = current_user.friends return render_template('/chat/chat.html', friends=friends)
def test_choosehm_game(): with db_session: game = Game.get(id=pytest.info['game']) minister = game.status["minister"] game.status["phase"] = "x" headers = { 'Authorization': 'Bearer ' + pytest.users[1]["token"], 'Content-Type': 'text/plain' } response = client.post("/games/100/choosehm", headers=headers, json={'id': '2'}) assert response.status_code == 404 assert response.json() == {'detail': "Game not found"} response = client.post(f"/games/{pytest.info['game']}/choosehm", headers=headers, json={'id': '2'}) assert response.status_code == 400 assert response.json() == { 'detail': "The headmaster only can be elected in the propose phase" } with db_session: game = Game.get(id=pytest.info['game']) game.status["phase"] = "propose" for i in pytest.users.keys(): if pytest.users[i]["player_id"] != minister: acc = i break headers['Authorization'] = 'Bearer ' + pytest.users[acc]["token"] response = client.post(f"/games/{pytest.info['game']}/choosehm", headers=headers, json={'id': '2'}) assert response.status_code == 400 assert response.json() == { 'detail': "Only the minister can propose a headmaster" } for i in pytest.users.keys(): if pytest.users[i]["player_id"] == minister: user_minister = i break headers['Authorization'] = 'Bearer ' + pytest.users[user_minister]["token"] response = client.post(f"/games/{pytest.info['game']}/choosehm", headers=headers, json={"id": "300"}) assert response.status_code == 400 assert response.json() == {'detail': "The selected player does not exist"} response = client.post(f"/games/{pytest.info['game']}/choosehm", headers=headers, json={"id": str(minister)}) assert response.status_code == 400 assert response.json() == { 'detail': "The minister can not be the headmaster" } with db_session: other_guy = Player.get(id=pytest.users[acc]["player_id"]) other_guy.choosable = False response = client.post(f"/games/{pytest.info['game']}/choosehm", headers=headers, json={"id": str(pytest.users[acc]["player_id"])}) assert response.status_code == 400 assert response.json() == { 'detail': "The player has been headmaster in the previous round" } with db_session: user = User.get(id=pytest.users[user_minister]["user_id"]) new_game = Game(name="x", created_by=pytest.users[acc]["user_id"], started=False, creation_date=datetime.datetime.now(), player_amount=5, status={}) new_player = Player(choosable=True, current_position='', role='', is_voldemort=False, alive=True, user=user) new_game.players.add(new_player) other_guy = Player.get(id=pytest.users[acc]["player_id"]) other_guy.choosable = True other_guy.alive = False commit() pytest.info['other_game'] = new_game.id pytest.info['other_player'] = new_player.id response = client.post(f"/games/{pytest.info['game']}/choosehm", headers=headers, json={"id": str(new_player.id)}) assert response.status_code == 400 assert response.json() == { 'detail': "The player does not belong to this game" } response = client.post(f"/games/{pytest.info['game']}/choosehm", headers=headers, json={"id": str(other_guy.id)}) assert response.status_code == 400 assert response.json() == { 'detail': "The player cannot be headmaster because is dead" } with db_session: other_guy = Player.get(id=pytest.users[acc]["player_id"]) other_guy.alive = True username = other_guy.user.username response = client.post(f"/games/{pytest.info['game']}/choosehm", headers=headers, json={"id": str(other_guy.id)}) assert response.status_code == 200 assert response.json() == { "message": f"The player number {other_guy.id}: {username} was proposed as headmaster" }
def users_list(): current_user = User.get(session['user']) users = current_user.get_all() return render_template('/users/users.html', users=users)
async def get_user(username: str): return await User_Pydantic.from_queryset_single(User.get(username=username))