def POST(self): i = web.input() user_form = self.form() if not user_form.validates(): return render.admin(model.get_all_users(),user_form) if 'uid' in i: model.del_user(i.cin, i.uid) elif 'username' in i: uname, pwd, email = i.username.strip().lower(), i.password.strip(), i.email.strip() pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(BCRYPT_WLOAD)) model.add_user(i.cin, uname,pwd, email) return render.admin(model.get_all_users(), user_form)
def POST(self): i = web.input() form = self.form() if not form.validates() or i.username in [u.username for u in model.get_all_users()]: return render.register(form,model.get_all_users()) else: cin, uname, pwd, email = i.cin, i.username.strip().lower(), i.password.strip(), i.email.strip() #register parsing here pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(BCRYPT_WLOAD)) model.add_user(cin, uname,pwd, email) session.logged_in = True session.username = uname session.cin = cin raise web.seeother('/')
def POST(self): """ Compares given CIN, username and password to db entry """ i = web.input() form = self.form() logger.debug('Logged_in: %s', session.logged_in) output=[] if ospath.exists('banned_ip.chess'): with open('banned_ip.chess','r') as bfd: for line in bfd: if web.ctx['ip'] in line: t = line[line.find('|')+2:-1].strip() d = datetime.strptime(t,self.time_format) dc = datetime.utcnow() if d + self.bannedtimer <= dc: return "<h1>Too many failed login attempts.</h1><br /><h2>Please try again at a later time</h2>" else: output.append(line) with open('banned_ip.chess','w') as bfd: f.writelines(output) if not form.validates(): return render.login(form, users=model.get_all_users()) else: try: u = model.get_user_by_name(i.cin, i.username.strip().lower())[0] except IndexError: return render.login(form,"User does not exist! If you need an account, please contact your local admin.", users=model.get_all_users()) check = True if bcrypt.hashpw(i.password, u.password) == u.password else False #Check is user authentication was a great success if check: session.logged_in = True session.username = i.username session.cin = int(i.cin) session.priv = u.privilege raise web.seeother('/') else: try: session['loginfails'] += 1 except KeyError: session['loginfails'] = 0 if session['loginfails'] > MAX_LOGIN_ATTEMPTS: ip = web.ctx['ip'] logger.warning('IP %s has attempted too many unsuccessfull logins', ip) session['loginfails']=0 with open('banned_ip.chess','a') as bfd: bfd.write("%s | %s"%(web.ctx['ip'],datetime.utcnow())) return render.login(form,"login failed!", users=model.get_all_users())
def GET(self): page = 1 if not web.input().get('page') else web.input().get('page') user = self.getcurrentuser() if user.passwd == "qq" or user.passwd == "douban": raise web.seeother('/my') #fen ye if user.level == 3: page = int(page) perpage = 20 offset = (page - 1) * perpage users = model.get_all_users(offset=offset, limit=perpage) users_count = model.get_user_num() pages = users_count.count / perpage if users_count.count % perpage > 0: pages += 1 if page > pages: raise web.seeother('/admin') else: users = None pages = 0 return jjenv.get_template('admin.html').render( nickname=session.username, title="Admin", current='admin', user=user, users=users, pages=pages)
def GET(self): page = 1 if not web.input().get('page') else web.input().get('page') user = self.getcurrentuser() if user.passwd == "qq" or user.passwd == "douban": raise web.seeother('/my') #fen ye if user.level == 3: page = int(page) perpage = 20 offset = (page - 1) * perpage users = model.get_all_users(offset=offset,limit=perpage) users_count = model.get_user_num() pages = users_count.count / perpage if users_count.count % perpage > 0: pages += 1 if page > pages: raise web.seeother('/admin') else: users = None pages = 0 return jjenv.get_template('admin.html').render(nickname=session.username,title="Admin", current='admin', user=user, users=users, pages = pages)
def see_all_users(): if request.method == 'GET': content = model.get_all_users() content_len = len(content) print(content) return render_template('users.html', content=content, content_len=content_len) else: if 'username' not in session: flash('You must be logged in to follow users') return redirect('/login') else: user_to_follow = request.form['follow'] username = session['username'] user_to_follow_object = model.set_user_object_from_pk( user_to_follow) user_to_follow_username = user_to_follow_object.username if user_to_follow_username == username: flash(f'You can\'t follow yourself!') return redirect('/users') elif model.test_followed_object(username, user_to_follow_username): flash(f'You are already following that user!') return redirect('/users') else: try: model.follow_user(username, user_to_follow_username) flash(f'You are now following {user_to_follow_username}!') return redirect('/users') except: flash('Something went wrong, try again') return redirect('/users')
def GET(self): ret_users = [] users = model.get_all_users() for user in users: ret_users.append({ "fname": user['fname'], "lname": user['lname'], "address1": user['address1'], "address2": user['address2'], "city": user['city'], "state": user['state'], "zipcode": user['zipcode'], "country": user['country'], "registerDate": str(user['registerDate']) }) accept_header = web.ctx.env.get("HTTP_ACCEPT") if "text/html" in accept_header: # Show an HTML tabl return render.admin() elif "application/json" in accept_header: # Return a JSON tring return json.dumps(ret_users) else: # Return a 406 Not Acceptable because the client is # requesting data be returned in a media type that we # don't support web.ctx.status = '406 Not Acceptable' return
def GET(self): logger.debug('Logged_in: %s', session.logged_in) if logged_in(): web.seeother('/') else: form = self.form() return render.login(form,users=model.get_all_users())
def POST(self): if not check_priv_lvl(2): raise web.notfound("You don't have the right privilege level to access this") i = web.input(cin=None) user_form = self.form() client_form = self.cin_form() if 'uid' in i: logger.info("Deleting user") model.del_user(i.cin, i.uid) logger.debug('User Deleted: %d',i.uid) elif 'new_client' in i: if client_form.validates(): logger.info("Adding new client") model.add_client(i.new_client, i.client_name) logger.debug('Client Added: %d|%s',i.new_client, i.client_name) elif 'username' in i: logger.info("Adding user") if not user_form.validates(): return render.admin(model.get_all_users() if session.cin==0 else model.get_user_by_cin(session.cin), user_form, client_form) uname, pwd, email = i.username.strip().lower(), i.password.strip(), i.email.strip() pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(BCRYPT_WLOAD)) cin = i.cin if i.cin else session.cin ret = model.add_user(cin, uname,pwd, email, i.privilege) #Checks if CIN exists and if CIN/Username combination exists if ret == 0: raise web.notfound("No client exists with this CIN") elif ret == -1: raise web.notfound("Username exists with identical CIN") logger.debug('User added %s', uname) raise web.seeother('/admin')
def POST(self): op,p1,p2 = web.input().get('op'), web.input().get('p1'), web.input().get('p2') user = self.getcurrentuser() if user.level == 3: page = 1 perpage = 20 offset = (page - 1) * perpage users = model.get_all_users(offset=offset,limit=perpage) users_count = model.get_user_num() pages = users_count.count / perpage if users_count.count % perpage > 0: pages += 1 else: users = None pages = 0 if op is not None and p1 is not None and p2 is not None: #修改密码 if user.passwd != hashlib.md5(op).hexdigest(): tips = "原密码错误!" elif p1 != p2: tips = "两次密码不一致!" else: tips = "修改成功!" passwd = hashlib.md5(p1).hexdigest() model.update_user_passwd(user.k_id,passwd) return jjenv.get_template('admin.html').render(nickname=session.username,title="Admin",current='admin',user=user,users=users,chpwdtips=tips,pages = pages) else: return self.GET()
def GET(self): if not logged_in(): raise web.seeother('/login') if not check_priv_lvl(2): raise web.notfound("You don't have the right privilege level to access this") users = model.get_user_by_cin(session.cin) client_form = self.cin_form() user_form = self.form() return render.admin(model.get_all_users() if session.cin==0 else users, user_form, client_form)
def invite_to_circlet(): if 'user_id' not in session or 'circlet' not in session: return "you need to be logged in and creating a circlet to invite users" all_users = get_all_users() all_other_users = [] for user in all_users: if user.user_id != int(session['user_id']): all_other_users.append(user) return render_template('invite_to_circlet.html', users=all_other_users)
def GET(self): user = self.getcurrentuser() users = model.get_all_users( ) if user.level == 3 else None #是管理员就得到用户列表 return jjenv.get_template('admin.html').render( nickname=session.username, title="Admin", current='admin', user=user, users=users)
def POST(self): """ Compares given CIN, username and password to db entry TODO: Rewrite me: I need to get rid of authenticate_user as it seems to be just doubling my code """ i = web.input() form = self.form() if not form.validates(): return render.login(form, users=model.get_all_users()) else: try: u = model.get_user_by_name(i.cin, i.username.strip().lower())[0] except IndexError: return render.login(form,"User does not exist! Need an account? <a href='/register'>Register Here</a>", users=model.get_all_users()) check = True if bcrypt.hashpw(i.password, u.password) == u.password else False print bcrypt.hashpw(i.password, u.password) if check: session.logged_in = True session.username = i.username session.cin = i.cin raise web.seeother('/admin') else: return render.login(form,"login failed!", users=model.get_all_users())
def get(self): models = model.get_devices() prefs = model.get_preferences() usrrpt = model.get_user_report_counts() users = model.get_all_users() curusr = model.get_user_by_uname(self.current_user) for post in models: post['m_count'] = model.get_devices_counts_byname(post['m_device']) post['m_detail'] = {'version':""} mdtop = model.get_roms_by_devicesname(post['m_device'],5) for itm in mdtop: post['m_detail'] = itm break netpref=config.netpref netpref['diskuseage'] = utils.run('df -h') self.render("publish_index.html", models=models, prefs=prefs, netpref=netpref, usrrpt=usrrpt,users=users,curusr=curusr, strtime=utils.strtime, getStatuStr=config.getStatuStr, accessAdmin = self.accessAdmin())
def POST(self): op,p1,p2 = web.input().get('op'), web.input().get('p1'), web.input().get('p2') user = self.getcurrentuser() users = model.get_all_users() if user.level == 3 else None if op is not None and p1 is not None and p2 is not None: #修改密码 if user.passwd != hashlib.md5(op).hexdigest(): tips = "原密码错误!" elif p1 != p2: tips = "两次密码不一致!" else: tips = "修改成功!" passwd = hashlib.md5(p1).hexdigest() model.update_user_passwd(user.k_id,passwd) return jjenv.get_template('admin.html').render(nickname=session.username,title="Admin",current='admin',user=user,users=users,chpwdtips=tips) else: return self.GET()
def get(self,modname): a = self.get_argument("a","") f = self.get_argument('f','') if (a=='del'): fname = "static/downloads/" + modname + '/'+ f utils.run('rm -f '+ fname) self.logW("删除文件:%s:%s"%(modname, fname)) f1 = str(utils.run('ls -l '+ "static/downloads/" + modname)) filelist = [] f2 = f1.split('\\n') if(len(f2)<2): return for finfo in f2[1:-1]: f3 = {} f3['info'] = finfo f3['filename'] = finfo.split(' ')[-1] filelist.append(f3) users = model.get_all_users() self.render("publish_romlistfiles.html", netpref=config.netpref, name=modname, filelist=filelist,users=users, ptitle ="统一管理上传的文件", strdate=utils.strtime, getStatuStr=config.getStatuStr)
def POST(self): op, p1, p2 = web.input().get('op'), web.input().get( 'p1'), web.input().get('p2') user = self.getcurrentuser() users = model.get_all_users() if user.level == 3 else None if op is not None and p1 is not None and p2 is not None: #修改密码 if user.passwd != hashlib.md5(op).hexdigest(): tips = "原密码错误!" elif p1 != p2: tips = "两次密码不一致!" else: tips = "修改成功!" passwd = hashlib.md5(p1).hexdigest() model.update_user_passwd(user.k_id, passwd) return jjenv.get_template('admin.html').render( nickname=session.username, title="Admin", current='admin', user=user, users=users, chpwdtips=tips) else: return self.GET()
def POST(self): op, p1, p2 = web.input().get('op'), web.input().get( 'p1'), web.input().get('p2') user = self.getcurrentuser() if user.level == 3: page = 1 perpage = 20 offset = (page - 1) * perpage users = model.get_all_users(offset=offset, limit=perpage) users_count = model.get_user_num() pages = users_count.count / perpage if users_count.count % perpage > 0: pages += 1 else: users = None pages = 0 if op is not None and p1 is not None and p2 is not None: #修改密码 if user.passwd != hashlib.md5(op).hexdigest(): tips = "原密码错误!" elif p1 != p2: tips = "两次密码不一致!" else: tips = "修改成功!" passwd = hashlib.md5(p1).hexdigest() model.update_user_passwd(user.k_id, passwd, user.name) return jjenv.get_template('admin.html').render( nickname=session.username, title="Admin", current='admin', user=user, users=users, chpwdtips=tips, pages=pages) else: return self.GET()
def GET(self): user = self.getcurrentuser() users = model.get_all_users() if user.level == 3 else None #是管理员就得到用户列表 return jjenv.get_template('admin.html').render(nickname=session.username,title="Admin", current='admin', user=user, users=users)
def show_all_users(): model.connect_to_db() users = model.get_all_users() return render_template("all_user.html", users=users)
def getusers(): return dumps({"users": get_all_users()})
def GET(self): form = self.form() return render.register(form,model.get_all_users())
def get(self,modname): romlists = model.get_roms_by_devicesname(modname,-1) users = model.get_all_users() self.render("publish_romlist.html", netpref=config.netpref, name=modname, roms=romlists,users=users, ptitle ="已经发布的更新列表", strdate=utils.strtime, getStatuStr=config.getStatuStr)
def GET(self): if logged_in(): web.seeother('/') else: form = self.form() return render.login(form,users=model.get_all_users())
def GET(self): users = model.get_all_users() user_form = self.form() return render.admin(users, user_form)
def all_users(): model.conn_db() list_of_users = model.get_all_users() html = render_template("all_users.html",list_of_users=list_of_users) return html
def index(): return render_template('index.html', user_list=get_all_users())
def get_more_users(offset): user_list = model.get_all_users(int(offset)) return render_template("more_users.html", users=user_list)
def get_users(): user_list = model.get_all_users(0) return render_template("user_list.html", users=user_list)
def user_list(): all_users=model.get_all_users() return render_template('user_list.html', all_users=all_users)