def home():
user_id = session.get('user', None)
user_tag = session.get('user_tag', None)
user_name = session.get('user_name', None)
if user_id is None:
return render_template('index.html')
else:
sql_result = sql.execute_query('''SELECT users.user_name, users.user_tag, TO_CHAR(posts.creation_date, \'dd-Mon-YYYY HH:mi:ss\'),
posts.content, posts.post_id, posts.likes, posts.comments, users.posts ,
users.following, users.followed FROM posts, users
WHERE (posts.user_id IN (SELECT user_id FROM friendship WHERE friend_id = %s) OR posts.user_id = %s)
AND users.user_id = posts.user_id
ORDER BY posts.creation_date DESC''', (user_id, user_id))
counts = sql.execute_query(
'SELECT users.posts, users.following, users.followed FROM users WHERE users.user_id = %s', (user_id,))
results = []
for post in sql_result:
my_like_post = 0;
post_like_users = sql.execute_query('select user_id from likes_posts lp where lp.post_id = %s', (post[4],))
for user in post_like_users:
if user[0] == user_id:
my_like_post = 1
break
post_new = post + (my_like_post,)
results.append(post_new)
return render_template('home.html',
user_tag=user_tag,
user_name=user_name,
counts=counts,
tweets=results)
def post():
error = None
post_data = None
user_id = session.get('user', None)
if user_id is None:
return redirect(url_for('home'))
if request.method == 'POST':
content = request.form.get('content', None)
if content is None:
error = INVALID_NO_CONTENT
elif len(content) <= 140:
results = sql.execute_query('INSERT INTO posts (user_id, content, creation_date) VALUES (%s, %s, NOW()) RETURNING post_id, content, TO_CHAR(creation_date,\'dd-Mon-YYYY HH:mi:ss\')', (user_id, content), commit=True)
if results is None or len(results) != 1:
error = INTERNAL_ERROR
else:
results = results[0]
post_data = dict()
post_data['post_id'] = results[0]
post_data['content'] = results[1]
post_data['creation_date'] = results[2]
else:
error = INVALID_CONTENT_SIZE
return json.dumps({'success': error is None, 'error': error, 'post_data': post_data})
def follow(following_id):
error = None
user_id = session.get('user', None)
if user_id is None:
return redirect(url_for('home'))
following_id = int(following_id)
if user_id == following_id:
error = CANNOT_FOLLOW_YOURSELF
return json.dumps({
"success": error is None,
"error": error,
})
if request.method == "POST":
friendship = sql.execute_query(
"""
SELECT * FROM friendship f
WHERE f.user_id = %s and f.friend_id = %s
""", (following_id, user_id))
if friendship:
error = ALREADY_FOLLOW
else:
results = sql.execute_update(
"""
INSERT INTO friendship VALUES (%s, %s)
""", (following_id, user_id))
return json.dumps({
"success": error is None,
"error": error,
})
def like_post(post_id):
error = None
user_id = session.get('user', None)
if user_id is None:
return redirect(url_for('home'))
if request.method == 'POST':
posts = sql.execute_query(
'SELECT post_id, user_id FROM posts p WHERE p.post_id = %s', (post_id,))
if(len(posts) < 1):
error = POST_NOT_FOUND
else:
like_rel = sql.execute_query('SELECT post_id, user_id FROM likes_posts lp WHERE lp.post_id = %s AND user_id = %s',
(post_id, user_id))
if(len(like_rel) > 0):
error = LIKED_POST
else:
results = sql.execute_update('INSERT INTO likes_posts (post_id, user_id) VALUES (%s, %s) ON CONFLICT DO NOTHING',
(post_id, user_id))
return json.dumps({'success': error is None, 'error': error})
def dislike_post(post_id):
error = None
user_id = session.get('user', None)
if user_id is None:
return redirect(url_for('home'))
if request.method == 'POST':
posts = sql.execute_query(
'SELECT post_id, user_id FROM posts p WHERE p.post_id = %s', (post_id,))
if (len(posts) < 1):
error = POST_NOT_FOUND
else:
like_rel = sql.execute_query(
'SELECT post_id, user_id FROM likes_posts lp WHERE lp.post_id = %s AND user_id = %s',
(post_id, user_id))
if (len(like_rel) < 1):
error = UNLIKED_POST
else:
results = sql.execute_update('DELETE FROM likes_posts WHERE user_id = %s AND post_id = %s',
(user_id, post_id))
return json.dumps({'success': error is None, 'error': error})
def login():
error = None
email = None
if session.get('user', None):
return redirect(url_for('home'))
if request.method == 'POST':
email = request.form.get('email', None)
password = request.form.get('password', None)
if email is None or password is None or not validate_email(
email) or len(email) > 256:
error = INVALID_EMAIL_OR_PASSWORD
else:
results = sql.execute_query(
'SELECT user_id, password, salt, user_tag, user_name FROM users WHERE email = %s',
(email, ))
if results is None:
error = sql.INTERNAL_ERROR
elif len(results) != 1:
error = INVALID_EMAIL_OR_PASSWORD
else:
res = results[0]
salt = uuid.UUID(res[2])
saved_password = res[1]
hashed_password = crypto.hash_password(password, salt)
if hashed_password != saved_password:
error = INVALID_EMAIL_OR_PASSWORD
else:
session['user'] = res[0]
session['user_tag'] = res[3]
session['user_name'] = res[4]
return redirect(url_for('home'))
return render_template('login.html', error=error, email=email)
def search_user(keyword):
error = None
user_id = session.get('user', None)
if user_id is None:
return redirect(url_for('home'))
if request.method == "GET":
keyword = '%' + keyword + '%'
results = sql.execute_query(
"""
SELECT user_id, user_tag, email FROM users
WHERE email LIKE %s OR user_tag LIKE %s
""", (keyword, keyword))
if results is None:
results = []
results = transTuple2Dict(results)
return json.dumps({
"success": error is None,
"error": error,
"results": results
})
def following_list():
error = None
user_id = session.get('user', None)
if user_id is None:
return redirect(url_for('home'))
if request.method == "GET":
results = sql.execute_query(
"""
SELECT u.user_id, u.user_tag, u.email
FROM users as u, friendship as f
WHERE u.user_id = f.user_id AND f.friend_id = %s
""", (user_id, ))
if results is None:
results = []
results = transTuple2Dict(results)
return json.dumps({
"success": error is None,
"error": error,
"results": results
})
def register():
error = None
tag = None
email = None
if session.get('user', None):
return redirect(url_for('home'))
if request.method == 'POST':
tag = request.form.get('tag', None)
email = request.form.get('email', None)
password = request.form.get('password', None)
password_confirm = request.form.get('password_confirm')
if email is None or password is None or tag is None:
error = INVALID_FORM
elif not validate_email(email) or len(email) > 256:
error = INVALID_EMAIL
elif len(password) < 6:
error = INVALID_PASSWORD
elif password != password_confirm:
error = PASSWORD_NOT_MATCHING
else:
# TODO Lock
results = sql.execute_query(
'SELECT email, user_tag FROM users WHERE email = %s OR user_tag = %s',
(email, tag)
)
if results is None:
error = sql.INTERNAL_ERROR
elif len(results) != 0:
result1 = results[0]
result2 = results[1] if len(results) == 2 else result1
if email == result1[0] or email == result2[0]:
error = EMAIL_ALREADY_IN_USE
else:
error = TAG_ALREADY_IN_USE
else:
salt = crypto.generate_salt()
hashed_password = crypto.hash_password(password, salt)
print(salt, hashed_password)
results = sql.execute_query(
'INSERT INTO users (user_tag, user_name, user_description, email, password, salt, creation_date)' +
'VALUES (%s, %s, %s, %s, %s, %s, NOW()) RETURNING user_id',
(tag, tag, '', email, hashed_password, str(salt)), commit=True
)
print(results)
if results is None or len(results) != 1:
error = sql.INTERNAL_ERROR
else:
session['user'] = results[0][0]
session['user_tag'] = tag
session['user_name'] = tag
return redirect(url_for('home'))
return render_template('register.html',
error=error,
email=email,
tag=tag)