def login():
# Get information about user and try to find him
username = request.json.get("username")
password = request.json.get("password")
user = User.find_by_username(username)
# Validate user
if not user or not user.verify_password(password):
error_log.error("Login failed!")
return jsonify(
success=False,
message="Incorrect username or password"), 403 # forbidden
# Check if user is verified
if user.verified == False:
error_log.error("Login failed!")
return jsonify(success=False,
message="Account is not verified!"), 403 # forbidden
# Update session
session["LOGGED_IN"] = True
session["USERNAME"] = username
info_log.info("%s logged in successfully" % username)
return jsonify(success=True,
message="%s logged in successfully" % username)
def create_giveaway():
# Get user from session
username = session.get("USERNAME")
user = User.get_from_db(username)
user_id = user.get('_id')
# Get image from request
image = request.files["image"]
# Check image type
description = request.args.get("description")
required_id = request.args.get("required_id")
# Get time of post creation
now = datetime.datetime.now()
# Validate image
if allowed_image(image.filename):
values = (
None,
user_id,
None,
now, # date
now.strftime("%m-%d-%Y-%H-%M-%S"), # image_path
description,
required_id,
True,
None, # deadline
None)
Giveaway(*values).create()
# Define path where the image will go ("public/images/{user"s username}/)
path = os.path.join(upload_folder, username)
# Name for the picture
filename = now
# Check if path exists and create one if it doesn"t
if not os.path.exists(path):
os.makedirs(path)
# Save image
image.save(os.path.join(path, now.strftime("%m-%d-%Y-%H-%M-%S")))
info_log.info("%s added a new giveaway" % username)
return jsonify(success=True,
message="%s added a new giveaway" % username)
else:
error_log.error("Image extension is not allowed or doesn't exist!")
return jsonify(
success=False,
message="Allowed extensions: 'pdf', 'png', 'jpeg', 'jpg', 'gif'"
), 403
def create_survey():
# Get user from session
username = session.get("USERNAME")
user = User.get_from_db(username)
user_id = user.get('_id')
# Get image from request
image = request.files["image"]
# Get information about the future survey
result = json.loads(request.form["data"])
# Get time of post creation
now = datetime.datetime.now()
# Validate image
if allowed_image(image.filename):
# Tuple with user's information
values = (
None, #_id
user_id,
None, #votes
now, #date
now.strftime("%m-%d-%Y-%H-%M-%S"), # image_path
result.get('description'),
result.get('required_id'),
result.get('options'),
None, #open/closed
None, #deadline
None #winner
)
Survey(*values).create()
# Define path where the image will go ("public/images/{user"s username}/)
path = os.path.join(upload_folder, username)
# Name for the picture
filename = now
# Check if path exists and create one if it doesn"t
if not os.path.exists(path):
os.makedirs(path)
# Save image
image.save(os.path.join(path, now.strftime("%m-%d-%Y-%H-%M-%S")))
info_log.info("%s added a new survey" % username)
return jsonify(success=True, message='Successfully created a new survey!')
else:
error_log.error("Image extension is not allowed or doesn't exist!")
return jsonify(success=False, message="Allowed extensions: 'pdf', 'png', 'jpeg', 'jpg', 'gif'"), 403
def register():
# Get information about user
username = request.get_json().get("username")
password = request.get_json().get("password")
name = request.get_json().get("name")
email = request.get_json().get("email")
# Put information about user in a tuple
values = (None, username, User.hash_password(password), name, email, None,
False)
try:
# Create user and update session
User(*values).create()
user_id = User.get_from_db(username).get('_id')
Info.create(user_id)
info_log.info("User %s registered successfully." % username)
if main.app.config['TESTING'] == False:
msg = Message('Testing Email Verification',
recipients=[email],
html=render_template('activation_email.html',
username=username,
host=FLASK_RUN_HOST,
port=FLASK_RUN_PORT))
main.mail.send(msg)
info_log.info("Sent activation email to %s" % username)
return jsonify(success=True, message="Registration successful")
except pymongo.errors.DuplicateKeyError as e:
# Catch pymongo exception
key = list(e.details.get('keyValue').keys())[0]
value = e.details.get('keyValue').get(key)
error_log.error("Duplicate %s: %s" % (key, value))
return jsonify(success=False,
message="Duplicate %s: %s" %
(key, value)), 403 # forbidden
def upload_picture():
# Get image from request
image = request.files["image"]
# Check image type
picture_type = request.args.get("type")
# Get user
username = session.get("USERNAME")
# Validate image
if allowed_image(image.filename):
# Define path where the image will go ("public/images/{user"s username}/)
path = os.path.join(upload_folder, username)
# Name for the picture
filename = picture_type + "_picture"
# Check if path exists and create one if it doesn"t
if not os.path.exists(path):
os.makedirs(path)
# Save image
image.save(os.path.join(path, filename))
info_log.info("New %s picture saved for %s" % (picture_type, username))
return jsonify(success=True,
message="New %s picture saved for %s" %
(picture_type, username))
else:
error_log.error("Image extension is not allowed or doesn't exist!")
return jsonify(
success=False,
message="Allowed extensions: 'pdf', 'png', 'jpeg', 'jpg', 'gif'"
), 403