'navLinks':
sshtml.buildNavLinks(),
'accountLinks':
sshtml.buildAccountLinks(False),
'body':
sshtml.buildBody(data=data, aside=ASIDE, mobile=MOBILE)
}
sshttp.send200(sshtml.buildContainerPage(replace))
elif sshttp.is_post():
parameters = dict()
if redirect:
parameters['redirect'] = redirect
if 'email' not in args:
parameters['noemail'] = 1
sshttp.send302(sshttp.build_uri('/signin.py', parameters))
elif 'password' not in args:
parameters['nopassword'] = 1
sshttp.send302(sshttp.build_uri('/signin.py', parameters))
else:
users = userstable.SSUsers(DATABASE)
ssids = sessionstable.SSSessions(DATABASE)
email = args.getvalue('email').lower()
password = args.getvalue('password')
if not users.validate_user(email, password):
parameters['invalid'] = 1
sshttp.send302(sshttp.build_uri('/signin.py', parameters))
else:
users[user[0]] = user
import json, secretsanta
from secretsanta import SSRule, SSRuleType, SSMatchType
rules = list()
if 'rules[]' in args:
for rulejson in args.getlist('rules[]'):
rule = json.loads(rulejson)
if 'left' in rule and 'match' in rule and 'right' in rule:
if rule['match'] == 0:
rules.append(SSRule(SSRuleType.DIFFERS, SSMatchType.LITERAL, 'uid', rule['left'], rule['right']))
if rule['match'] == 1:
rules.append(SSRule(SSRuleType.MATCHES, SSMatchType.LITERAL, 'uid', rule['left'], rule['right']))
assignment = secretsanta.assign_partners(users, rules)
if assignment:
groupsdb.set_partners(gid, assignment)
sshttp.send302(sshttp.build_uri('/groups.py', {'gid' : gid}))
else:
parameters = dict()
parameters['gid'] = gid
parameters['failed'] = 1
sshttp.send302(sshttp.build_uri('/ssctl.py', parameters))
# Invalid http method
else:
sshttp.senderror(405);
# Invalid request (no gid)
else:
sshttp.senderror(400)
# Unauthorized
sshtml.buildAccountLinks(False),
'body':
sshtml.buildBody(data=DATA.format(formatting),
aside=ASIDE,
mobile=MOBILE)
}
sshttp.send200(sshtml.buildContainerPage(replace))
elif sshttp.is_post():
EMAIL_MATCH = re.compile(
r"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)")
parameters = dict()
if 'email' not in args:
parameters['noemail'] = 1
sshttp.send302(sshttp.build_uri('/register.py', parameters))
elif 'password' not in args:
parameters['nopassword'] = 1
sshttp.send302(sshttp.build_uri('/register.py', parameters))
elif 'retype' not in args:
parameters['noretype'] = 1
sshttp.send302(sshttp.build_uri('/register.py', parameters))
elif 'name' not in args:
parameters['noname'] = 1
sshttp.send302(sshttp.build_uri('/register.py', parameters))
elif not EMAIL_MATCH.fullmatch(args.getvalue('email')):
parameters['bademail'] = 1
sshttp.send302(sshttp.build_uri('/register.py', parameters))
elif args.getvalue('password') != args.getvalue('retype'):
parameters['passwordmismatch'] = 1
sshttp.send302(sshttp.build_uri('/register.py', parameters))
sshtml.buildDesktopNavLinks(),
'navLinks':
sshtml.buildNavLinks(),
'accountLinks':
sshtml.buildAccountLinks(True),
'body':
sshtml.buildBody(data=DATA.format(formatting),
aside=ASIDE,
mobile=MOBILE)
}
sshttp.send200(sshtml.buildContainerPage(replace))
# Unauthorized
else:
sshttp.send302(
sshttp.build_redirect_uri('/getacc.py',
'/groupctl.py?creategroup=1'))
# No function provided
else:
sshttp.senderror(400)
# POST method
elif sshttp.is_post():
if sessions.session_is_valid():
NAME_MATCH = re.compile(
r'^[a-zA-Z0-9 .,/<>?-_+"\'\[\]\\|!@#$%^&*()]+$')
parameters = dict()
# Create group
if 'creategroup' in args:
# @email [email protected] # from env import * import datetime import sshttp try: import sessions args = sshttp.get_parameters() redirect = sshttp.get_redirect() if sessions.session_is_valid(): if redirect: sshttp.send302(redirect) else: sshttp.send302('/') elif sshttp.has_cookies(): sshttp.send302(sshttp.build_redirect_uri('/signin.py', redirect), headers={ 'Set-Cookie': 'ssid=expired; Secure; Expires="{}"'.format( datetime.datetime.utcfromtimestamp(0)) }) else: sshttp.send302(sshttp.build_redirect_uri('/signin.py', redirect)) except: sshttp.senderror(500) import sys, traceback traceback.print_exc(file=sys.stderr)
#
from env import *
import datetime
import sessions, sshttp
try:
sessions.delete_session()
args = sshttp.get_parameters()
redirect = sshttp.get_redirect()
if redirect:
sshttp.send302(redirect,
headers={
'Set-Cookie':
'ssid=expired; Secure; Expires="{}"'.format(
datetime.datetime.utcfromtimestamp(0))
})
else:
sshttp.send302('/',
headers={
'Set-Cookie':
'ssid=expired; Secure; Expires="{}"'.format(
datetime.datetime.utcfromtimestamp(0))
})
except:
sshttp.senderror(500)
import sys, traceback
traceback.print_exc(file=sys.stderr)