def confirm_token(token, expiration=3600):
serializer = URLSafeTimedSerializer(web.get_config()['SECRET_KEY'])
try:
email = serializer.loads(
token,
salt=web.get_config()['SECURITY_PASSWORD'],
max_age=expiration
)
except:
return False
return email
def loginnormal():
config = web.get_config()
if request.method == 'POST':
user_email = request.form["user[email]"]
user_password = request.form["user[pwd]"]
manager = UserManager(web.get_db())
if manager.checkconfirm(user_email) is True:
login_user = manager.login_user(user_email, user_password, 'standard')
if login_user is not None:
id = login_user.get_id()
name = img(web.get_db()).all_name()
count = img(web.get_db()).all_count()
web.login_user(load_user(id))
session['u_email'] = user_email
return redirect('/user')
else:
return render_template("/inforPage.html",
infor="Sorry, login failed, please check your Email or password and try again!",
**dict(gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']))
else:
send = send_confirm_email
token = generate_confirmation_token(user_email)
confirm_url = url_for('confirm_email', token=token, _external=True)
send(user_email, confirm_url)
return render_template("/inforPage.html", infor="Sorry Please Confirm by email! Again. Email Send Again",
**dict(gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']))
def send_confirm_email(email, token):
sg = sendgrid.SendGridAPIClient(
apikey=web.get_config()['SENDGRID_API_KEY'])
data = {
"personalizations": [{
"to": [{
"email": email
}],
"subject": "welcome to sep,confirm your account"
}],
"from": {
"email": "*****@*****.**"
},
"content": [{
"type":
"text/HTML",
"value":
"<p>Welcome! Thanks for signing up. Please follow this link to activate your account:</p><br>"
+ token
}]
}
response = sg.client.mail.send.post(request_body=data)
print(response.status_code)
print(response.body)
print(response.headers)
def send_forgot_email(email):
sg = sendgrid.SendGridAPIClient(
apikey=web.get_config()['SENDGRID_API_KEY'])
if UserManager.getcodebyEmail(email) is not None:
code = UserManager.getcodebyEmail(email)
token = url_for('.forgotpassword', code=code)
data = {
"personalizations": [{
"to": [{
"email": email
}],
"subject":
"welcome to sep,confirm your account"
}],
"from": {
"email": "*****@*****.**"
},
"content": [{
"type": "text/HTML",
"value": token
}]
}
response = sg.client.mail.send.post(request_body=data)
print(response.status_code)
print(response.body)
print(response.headers)
else:
return None
def activity():
config = web.get_config()
if 'u_email' in session:
return render_template('activity/base.html',
gauth_key=config['GAUTH_KEY'],
fb_key=config['FB_KEY'],
is_logged_in=web.is_logged_in(),
user_email=session['u_email'])
return render_template("activity/base.html")
def example_messenger():
config = web.get_config()
if 'u_email' in session:
return render_template('message_example.html',
gauth_key=config['GAUTH_KEY'],
fb_key=config['FB_KEY'],
is_logged_in=web.is_logged_in(),
user_email=session['u_email'])
return render_template('message_example.html')
def adminpage():
config = web.get_config()
if 'u_email' in session:
return render_template('/admin/adminpage.html',
gauth_key=config['GAUTH_KEY'],
fb_key=config['FB_KEY'],
is_logged_in=web.is_logged_in(),
user_email=session['u_email'])
return redirect('/')
def forgotpwd():
config = web.get_config()
if request.method == 'POST':
useremail = request.form["user_email"]
newpassword = request.form["user[password_forgot]"]
manager = UserManager(web.get_db())
manager.changePasswordBynew(useremail, newpassword)
return render_template("/inforPage.html", infor="Password change successfully, please login again.", **dict(
gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']), is_logged_in=web.is_logged_in(),
user_email=session['u_email'])
else:
return render_template("/inforPage.html", infor="Password change failed.", **dict(
gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']), is_logged_in=web.is_logged_in(),
user_email=session['u_email'])
def changpassword():
if request.method == 'POST':
config = web.get_config()
useremail = request.form["change[email]"]
oldpassword = request.form["change[oldpassword]"]
newpassword = request.form["change[newpassword]"]
manager = UserManager(web.get_db())
if manager.changePassword(useremail, oldpassword, newpassword):
# should use log out here?
return render_template("/inforPage.html", infor="Change password successfully, please login again", **dict(
gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']))
else:
return render_template("/inforPage.html", infor="Oops! Failed to change password, please check!", **dict(
gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']))
def sendemailforgotpassword():
if request.method == 'POST':
config = web.get_config()
useremail = request.form["user[email_forgot]"]
manager = UserManager(web.get_db())
if manager.isUserbyEmail(useremail):
send = send_confirm_email
token = generate_confirmation_token(useremail)
confirm_url = url_for('forgot_confrimurl', token=token, _external=True)
send(useremail, confirm_url)
return render_template("/inforPage.html", infor="Email sent successfully.", **dict(
gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']))
else:
return render_template("/inforPage.html", infor="The email does not exist, please check your email"
, **dict(
gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY'])
)
def user():
config = web.get_config()
if 'u_email' in session:
user_profile = web.get_current_user()
playlist_manager = PlaylistManager(web.get_db())
playlists = playlist_manager.api_get_playlists()
if user_profile.u_isadmin:
return redirect('/admin/adminpage')
return render_template('user.html',
is_logged_in=web.is_logged_in(),
user_email=user_profile.u_email,
u_email=user_profile.u_email,
u_firstname=user_profile.u_firstname,
u_lastname=user_profile.u_lastname,
u_genre=user_profile.u_genre,
playlists=playlists)
return redirect('/')
def update_user_profile():
config = web.get_config()
if request.method == 'POST':
u_email = session['u_email']
new_firstname = request.form.get("new_fristname")
new_lastname = request.form.get("new_lastname")
new_genre = request.form.get("new_genre")
password = request.form.get("password")
new_password = request.form.get("new_password")
print(new_lastname,new_firstname,new_genre)
if UserManager(web.get_db()).update_profile(u_email, new_firstname, new_lastname, new_genre, password,
new_password):
return render_template("/inforPage.html", infor="Your profile was updated successfully!", **dict(
gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']), is_logged_in=web.is_logged_in(),
user_email=session['u_email'])
else:
return render_template("/inforPage.html",
infor="Failed to update your profile, please check and update again.", **dict(
gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']), is_logged_in=web.is_logged_in(),
user_email=session['u_email'])
def activity_memory():
config = web.get_config()
if request.method == 'POST':
db = web.get_db()
with db.session_scope() as sessions:
Playlist.l_name = request.form["playlistTitle"]
for track_detail in request.form.getlist('trackDetail'):
detail = json.loads(track_detail)
Track.t_title = detail['title']
Track.t_author = detail['author']
Track.t_url = detail['url']
sessions.commit()
if 'u_email' in session:
return render_template('memory.html',
gauth_key=config['GAUTH_KEY'],
fb_key=config['FB_KEY'],
is_logged_in=web.is_logged_in(),
user_email=session['u_email'])
else:
return render_template(
"index.html",
**dict(gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']))
def confirm_email(token):
try:
config = web.get_config()
email = confirm_token(token)
if email is False:
return render_template("/inforPage.html",
infor="Oops, link expired, please sign up again",
**dict(gauth_key=config['GAUTH_KEY'],
fb_key=config['FB_KEY']))
except:
flash('The confirmation link is invalid or has expired.', 'danger')
user = new_user(web.get_db()).getuser(email)
if user.u_isconfirmed:
return render_template("/inforPage.html",
infor="Account confirmed. Please login.", **dict(gauth_key=config['GAUTH_KEY'],
fb_key=config['FB_KEY']))
else:
new_user(web.get_db()).confirm(email)
return render_template("/inforPage.html",
infor="Congratulations! Confirmation complete. Thanks for your patient!",
**dict(gauth_key=config['GAUTH_KEY'],
fb_key=config['FB_KEY']))
def signup():
if request.method == 'POST':
config = web.get_config()
user_email = request.form["u_email"]
user_firstname = request.form["u_firstname"]
user_lastname = request.form["u_lastname"]
user_password = request.form["u_password"]
user_age = request.form["u_age"]
user_gender = request.form["user[gender]"]
if new_user(web.get_db()).check_email(user_email):
new_user(web.get_db()).user(user_email, user_firstname, user_lastname, user_password, user_age, user_gender)
send = send_confirm_email
token = generate_confirmation_token(user_email)
confirm_url = url_for('confirm_email', token=token, _external=True)
send(user_email, confirm_url)
return render_template("/inforPage.html",
infor="Please wait for a while and confirm your verification email. Thanks!",
**dict(gauth_key=config['GAUTH_KEY'],
fb_key=config['FB_KEY']))
else:
return render_template("/inforPage.html",
infor="Oops, this user has already existed!",
**dict(gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']))
def question_editor():
config = web.get_config()
return render_template(
"questions/base.html",
**dict(gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']))
def __init__(self):
self.engine = sqlalchemy.create_engine(web.get_config()['DB_URL'])
self.session_factory = sessionmaker(bind=self.engine)
schema.metadata.create_all(self.engine) # create the DDL
def login():
config = web.get_config()
return render_template(
'login.html',
**dict(gauth_key=config['GAUTH_KEY'], fb_key=config['FB_KEY']))
def generate_confirmation_token(email):
serializer = URLSafeTimedSerializer(web.get_config()['SECRET_KEY'])
return serializer.dumps(email, salt=web.get_config()['SECURITY_PASSWORD'])
def message_admin(self, user_from, content):
# TODO: how to get this?
admin_user = web.get_config()['ADMIN_USER']
self.send_message(user_from, admin_user, content)