def account(user):
if request.method == 'GET':
udao = UserDAO()
if not udao.check_user_exists(user):
return render_template("errors/user_not_found.html")
rdao = RecipeDAO()
recipes = rdao.get_recipes_for_user(user)
valid_session_key = udao.check_user_session_key(user, request.cookies.get("session_key"))
allowEdit = False
user_bgr = udao.get_user_background(user)
sdao = SubscribeDAO()
subscribed = sdao.is_subscribed(request.cookies.get("user"), user)
if valid_session_key:
allowEdit = True
return render_template("account.html", signedIn = request.cookies.get("signedIn"),
user = request.cookies.get("user"),
recipes = recipes,
allowEdit = allowEdit,
userBackground = user_bgr,
subscribed = subscribed)
def unsubscribe(user):
if request.method == 'GET':
udao = UserDAO()
valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))
if valid_key:
sdao = SubscribeDAO()
sdao.unsubscribe(request.cookies.get("user"), user)
return redirect(f"/account/{user}")
def favourite_delete(user, recipeName, recipeID):
if request.method == 'DELETE':
udao = UserDAO()
valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))
if valid_key:
fdao = FavouriteDAO()
result = "Y" if fdao.delete_favourite(request.cookies.get("user"), recipeID) else "N"
return result
return "N"
def addRating(user, recipeName):
if request.method == 'GET':
udao = UserDAO();
valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))
if valid_key:
comment_id = request.args.get("cid")
rating = request.args.get("r")
if comment_id and rating:
cdao = CommentDAO()
result = cdao.add_comment_rating(request.cookies.get("user"), comment_id, int(rating))
return str(result)
return "N"
def favourite_add(user, recipeName):
if request.method == 'PUT':
udao = UserDAO()
valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))
if valid_key:
recipe_id = request.args.get("recipe")
print(recipe_id)
fdao = FavouriteDAO()
result = "Y" if fdao.add_favourite(request.cookies.get("user"), recipe_id) else "N"
return result
return "N"
def recipe_delete(user, recipeName):
if request.method == "DELETE":
ldao = LogDAO()
udao = UserDAO()
valid_key = udao.check_user_session_key(user, request.cookies.get("session_key"))
if valid_key:
dao = RecipeDAO()
dao.delete_recipe(user, recipeName.replace("-", " "))
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_DEL_RECIPE, 1)
return "Y"
else:
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_DEL_RECIPE, 0)
return "N"
def removeComment(user, recipeName):
if request.method == 'GET':
ldao = LogDAO()
udao = UserDAO()
valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))
if valid_key:
cdao = CommentDAO()
result = cdao.remove_comment(request.cookies.get("user"), user, recipeName)
if result:
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_DEL_COMMENT, 1)
return "Y"
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_DEL_COMMENT, 0)
return "N"
def delete_user(user):
if request.method == 'GET':
ldao = LogDAO()
udao = UserDAO()
valid_key = udao.check_user_session_key(user, request.cookies.get("session_key"))
if valid_key:
udao.delete_user(user)
resp = make_response(redirect("/"))
resp.delete_cookie("signedIn")
resp.delete_cookie("user")
resp.delete_cookie("session_key")
return resp
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_DEL_ACCOUNT, 0)
return redirect(f"/account/{user}/settings?alert=Account Delete Failed|Unable to delete your account.|alert-fail")
def addComment(user, recipeName):
if request.method == 'GET':
ldao = LogDAO()
udao = UserDAO()
valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))
if valid_key:
comment = request.args.get("comment")
if (comment):
cdao = CommentDAO()
cdao.add_comment(request.cookies.get("user"), user, recipeName, comment)
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_ADD_COMMENT, 1)
return "Y"
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_ADD_COMMENT, 1)
return "N"
def recipe_add(user, recipeName):
if request.method == 'PUT':
ldao = LogDAO()
udao = UserDAO()
valid_key = udao.check_user_session_key(user, request.cookies.get("session_key"))
if valid_key:
desc = request.args.get("desc")
ingredients = request.args.get("ingredients")
dao = RecipeDAO()
dao.add_recipe(user, recipeName, desc, ingredients)
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_ADD_RECIPE, 1)
return "Y"
else:
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_ADD_RECIPE, 0)
return "N"
def editComment(user, recipeName):
if request.method == 'GET':
ldao = LogDAO()
udao = UserDAO()
valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))
if valid_key:
comment = request.args.get("comment")
if comment:
cdao = CommentDAO()
result = cdao.edit_comment(request.cookies.get("user"), user, recipeName, comment)
if result:
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_EDIT_COMMENT, 1)
return "Y"
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_EDIT_COMMENT, 0)
return "N"
def change_password(user):
if request.method == 'POST':
ldao = LogDAO()
udao = UserDAO()
valid_key = udao.check_user_session_key(user, request.cookies.get("session_key"))
if valid_key:
cur_password = request.form['current_pass']
new_password = request.form['new_pass']
creds_correct = udao.check_users_password_matches(user, cur_password)
if not creds_correct:
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_PASSWORD_CHANGE, 0)
return redirect(f"/account/{user}/settings?alert=Password change failed!|The current password you entered was incorrect.|alert-fail")
udao.update_password(user, new_password)
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_PASSWORD_CHANGE, 1)
return redirect(f"/account/{user}/settings?alert=Password changed!|Password has been changed to new password.|alert-suc")
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_PASSWORD_CHANGE, 0)
return redirect(f"/account/{user}/settings?alert=Password change failed!|Something with your details is incorrect.|alert-fail")
def change_email(user):
if request.method == 'POST':
ldao = LogDAO()
udao = UserDAO()
valid_key = udao.check_user_session_key(request.cookies.get("user"), request.cookies.get("session_key"))
if valid_key:
email = request.form['email']
cur_password = request.form['email_pass']
creds_correct = udao.check_users_password_matches(user, cur_password)
if not creds_correct:
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_EMAIL_AUTH_CHANGE, 0)
return redirect(f"/account/{user}/settings?alert=Email change failed!|The password you entered is incorrect.|alert-fail")
udao.change_email(user, email)
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_EMAIL_AUTH_CHANGE, 1)
return redirect(f"/account/{user}/settings?alert=Email updated!|Successfully changed email linked to your account.|alert-suc")
ldao.add_log(request, request.cookies.get("user"), ldao.REQUEST_EMAIL_AUTH_CHANGE, 0)
return redirect(f"/account/{user}/settings?alert=Email authentication change failed!|Something with your details is incorrect.|alert-fail")
def account_settings(user):
if request.method == 'GET':
udao = UserDAO()
valid_key = udao.check_user_session_key(user, request.cookies.get("session_key"))
if valid_key:
alertParam = request.args.get("alert")
alert = None
if alertParam:
alertData = urllib.parse.unquote(alertParam)
alertData = alertData.split("|")
alert = Alert(alertData[0], alertData[1], alertData[2])
u = udao.get_user(user)
if u.email_auth == 1 and u.can_edit_settings == 0 and not alertParam:
eh = EmailHandler(u.email)
code = eh.send_settings_code()
if code:
udao.set_user_settings_code(u.id, code)
return render_template("settings.html",
signedIn = request.cookies.get("signedIn"),
user = request.cookies.get("user"),
alert = alert,
userobj = u)
else:
return "Not Your Page to Edit"
elif request.method == 'POST':
inputted_code = request.form['email_auth']
udao = UserDAO()
actual_code = udao.get_user_settings_code(user)
if inputted_code == actual_code:
udao.allow_edit_settings(user)
return redirect(f"/account/{user}/settings")
return redirect(f"/account/{user}/settings?alert=Incorrect Code!|Try inputting the code again.|alert-fail")