def login(): # Get information about user and try to find him username = request.json.get("username") password = request.json.get("password") user = User.find_by_username(username) # Validate user if not user or not user.verify_password(password): error_log.error("Login failed!") return jsonify( success=False, message="Incorrect username or password"), 403 # forbidden # Check if user is verified if user.verified == False: error_log.error("Login failed!") return jsonify(success=False, message="Account is not verified!"), 403 # forbidden # Update session session["LOGGED_IN"] = True session["USERNAME"] = username info_log.info("%s logged in successfully" % username) return jsonify(success=True, message="%s logged in successfully" % username)
def create_giveaway(): # Get user from session username = session.get("USERNAME") user = User.get_from_db(username) user_id = user.get('_id') # Get image from request image = request.files["image"] # Check image type description = request.args.get("description") required_id = request.args.get("required_id") # Get time of post creation now = datetime.datetime.now() # Validate image if allowed_image(image.filename): values = ( None, user_id, None, now, # date now.strftime("%m-%d-%Y-%H-%M-%S"), # image_path description, required_id, True, None, # deadline None) Giveaway(*values).create() # Define path where the image will go ("public/images/{user"s username}/) path = os.path.join(upload_folder, username) # Name for the picture filename = now # Check if path exists and create one if it doesn"t if not os.path.exists(path): os.makedirs(path) # Save image image.save(os.path.join(path, now.strftime("%m-%d-%Y-%H-%M-%S"))) info_log.info("%s added a new giveaway" % username) return jsonify(success=True, message="%s added a new giveaway" % username) else: error_log.error("Image extension is not allowed or doesn't exist!") return jsonify( success=False, message="Allowed extensions: 'pdf', 'png', 'jpeg', 'jpg', 'gif'" ), 403
def create_survey(): # Get user from session username = session.get("USERNAME") user = User.get_from_db(username) user_id = user.get('_id') # Get image from request image = request.files["image"] # Get information about the future survey result = json.loads(request.form["data"]) # Get time of post creation now = datetime.datetime.now() # Validate image if allowed_image(image.filename): # Tuple with user's information values = ( None, #_id user_id, None, #votes now, #date now.strftime("%m-%d-%Y-%H-%M-%S"), # image_path result.get('description'), result.get('required_id'), result.get('options'), None, #open/closed None, #deadline None #winner ) Survey(*values).create() # Define path where the image will go ("public/images/{user"s username}/) path = os.path.join(upload_folder, username) # Name for the picture filename = now # Check if path exists and create one if it doesn"t if not os.path.exists(path): os.makedirs(path) # Save image image.save(os.path.join(path, now.strftime("%m-%d-%Y-%H-%M-%S"))) info_log.info("%s added a new survey" % username) return jsonify(success=True, message='Successfully created a new survey!') else: error_log.error("Image extension is not allowed or doesn't exist!") return jsonify(success=False, message="Allowed extensions: 'pdf', 'png', 'jpeg', 'jpg', 'gif'"), 403
def register(): # Get information about user username = request.get_json().get("username") password = request.get_json().get("password") name = request.get_json().get("name") email = request.get_json().get("email") # Put information about user in a tuple values = (None, username, User.hash_password(password), name, email, None, False) try: # Create user and update session User(*values).create() user_id = User.get_from_db(username).get('_id') Info.create(user_id) info_log.info("User %s registered successfully." % username) if main.app.config['TESTING'] == False: msg = Message('Testing Email Verification', recipients=[email], html=render_template('activation_email.html', username=username, host=FLASK_RUN_HOST, port=FLASK_RUN_PORT)) main.mail.send(msg) info_log.info("Sent activation email to %s" % username) return jsonify(success=True, message="Registration successful") except pymongo.errors.DuplicateKeyError as e: # Catch pymongo exception key = list(e.details.get('keyValue').keys())[0] value = e.details.get('keyValue').get(key) error_log.error("Duplicate %s: %s" % (key, value)) return jsonify(success=False, message="Duplicate %s: %s" % (key, value)), 403 # forbidden
def upload_picture(): # Get image from request image = request.files["image"] # Check image type picture_type = request.args.get("type") # Get user username = session.get("USERNAME") # Validate image if allowed_image(image.filename): # Define path where the image will go ("public/images/{user"s username}/) path = os.path.join(upload_folder, username) # Name for the picture filename = picture_type + "_picture" # Check if path exists and create one if it doesn"t if not os.path.exists(path): os.makedirs(path) # Save image image.save(os.path.join(path, filename)) info_log.info("New %s picture saved for %s" % (picture_type, username)) return jsonify(success=True, message="New %s picture saved for %s" % (picture_type, username)) else: error_log.error("Image extension is not allowed or doesn't exist!") return jsonify( success=False, message="Allowed extensions: 'pdf', 'png', 'jpeg', 'jpg', 'gif'" ), 403