def create_chat():
req = request.get_json(force=True)
sender_public_key = current_user().public_key
username = current_user().username
user_id = current_user().id
sk_sym_1 = req.get("sk_sym_1", "")
sk_sym_2 = req.get("sk_sym_2", "")
receiver_username = req.get("receiver_username", "")
receiver_public_key = req.get("receiver_public_key", "")
# Safety check
if ((len(username) > 32) or (len(receiver_username) > 32)
or (len(sk_sym_1) > 500) or (len(sk_sym_2) > 500)):
return jsonify(error="Unable to create chat.")
if "" in [sk_sym_1, sk_sym_2, receiver_username, receiver_public_key]:
return jsonify(error="Unable to create chat.")
if receiver_username == username:
return jsonify(error="Can not create a chat with yourself.")
receiver = models.find_user_by_name(receiver_username)
if (receiver is None) or (receiver.public_key != receiver_public_key):
return jsonify(error="Unexpected error.")
# Check if such a chat already exists
existing_chat_id = models.find_chat_by_users(user_id, receiver.id)
if existing_chat_id is not None:
return jsonify(chat_id=existing_chat_id)
# Chat does not already exist; must create new chat
chat_id = models.create_chat(user_id, username, sk_sym_1, receiver.id,
receiver.username, sk_sym_2)
# Safety check
if chat_id is None:
return jsonify(error="Unable to create chat.")
return jsonify(chat_id=chat_id)
def create_chat():
if "logged_in" in session and "user" in session:
user_id = session["user"]["id"]
username = session["user"]["username"]
sender_public_key = session["user"]["public_key"]
else:
return jsonify(error="Unauthorized request.")
sk_sym_1 = request.form.get("sk_sym_1", "")
sk_sym_2 = request.form.get("sk_sym_2", "")
receiver_username = request.form.get("receiver_username", "")
receiver_public_key = request.form.get("receiver_public_key", "")
if ((len(username) > 32) or (len(receiver_username) > 32)
or (len(sk_sym_1) > 500) or (len(sk_sym_2) > 500)):
return jsonify(error="Unable to create chat.")
if "" in [sk_sym_1, sk_sym_2, receiver_username, receiver_public_key]:
return jsonify(error="Unable to create chat.")
if receiver_username == username:
return jsonify(error="Can not create a chat with yourself.")
receiver = models.find_user_by_name(receiver_username)
if (receiver is None) or (receiver.public_key != receiver_public_key):
return jsonify(error="Unexpected error.")
existing_chat_id = models.find_chat_by_users(user_id, receiver.id)
if existing_chat_id is not None:
return jsonify(chat_id=existing_chat_id)
chat_id = models.create_chat(user_id, username, sk_sym_1, receiver.id,
receiver.username, sk_sym_2)
if chat_id is None:
return jsonify(error="Unable to create chat.")
return jsonify(chat_id=chat_id)
def create_user():
# Check if user is already logged in
if "logged_in" in session and "user" in session:
return redirect(url_for("home"))
username = request.form.get("username")
password = request.form.get("password")
public_key = request.form.get("public_key")
user_data = request.form.get("user_data")
# Validate entered username and password
error = None
if None in [username, password, public_key, user_data]:
error = "Request missing a field!"
if len(username) == 0 or len(username) > 32:
error = "Invalid username. Must be nonempty and contain at most 32 characters."
if len([c for c in username if c.lower() not in VALID_USERNAME_CHARS]) > 0:
error = "Invalid username. Must contain only letters (a-z), numbers (0-9), dashes (-), underscores (_)."
if len(password) < 8 or len(password) > 128:
error = "Invalid password. Must be at least 8 characters and at most 128 characters."
if models.check_if_user_exists(username):
error = "Username already taken."
if error is not None:
return jsonify(error=error)
id = models.add_user_to_db(username, password, public_key, user_data)
if id is None:
return jsonify(error="Unexpected error.")
session["logged_in"] = True
session["user"] = models.find_user_by_name(username).to_dict()
return jsonify(error=None)
def create_chat():
# Check if user is logged in
if 'logged_in' in session and 'user' in session:
user_id = session['user']['id']
username = session['user']['username']
sender_public_key = session['user']['public_key']
else:
# User is not logged in, return error message
return jsonify(error="Unauthorized request.")
sk_sym_1 = request.form.get('sk_sym_1', '')
sk_sym_2 = request.form.get('sk_sym_2', '')
receiver_username = request.form.get('receiver_username', '')
receiver_public_key = request.form.get('receiver_public_key', '')
# Safety check
if (len(username) > 32) or (len(receiver_username) > 32) or (
len(sk_sym_1) > 500) or (len(sk_sym_2) > 500):
return jsonify(error="Unable to create chat.")
if '' in [sk_sym_1, sk_sym_2, receiver_username, receiver_public_key]:
return jsonify(error="Unable to create chat.")
if receiver_username == username:
return jsonify(error="Can not create a chat with yourself.")
receiver = models.find_user_by_name(receiver_username)
if (receiver is None) or (receiver.public_key != receiver_public_key):
return jsonify(error="Unexpected error.")
# Check if such a chat already exists
existing_chat_id = models.find_chat_by_users(user_id, receiver.id)
if existing_chat_id is not None:
return jsonify(chat_id=existing_chat_id)
# Chat does not already exist; must create new chat
chat_id = models.create_chat(user_id, username, sk_sym_1, receiver.id,
receiver.username, sk_sym_2)
# Safety check
if chat_id is None:
return jsonify(error="Unable to create chat.")
return jsonify(chat_id=chat_id)
def get_public_key():
sender_public_key = current_user().public_key
receiver_username = request.args.get('receiver-username', '')
# Make sure that the receiver exists
if not models.check_if_user_exists(receiver_username):
return jsonify(error="This user does not exist.")
# Find receiver user
receiver = models.find_user_by_name(receiver_username)
return jsonify(sender_public_key=sender_public_key,
receiver_public_key=receiver.public_key)
def login():
"""
Logs a user in by parsing a POST request containing user credentials and
issuing a JWT token.
"""
req = request.get_json(force=True)
username = req.get("username", None)
password = req.get("password", None)
user = guard.authenticate(username, password)
user_saved = models.find_user_by_name(username).to_dict()
return jsonify(token=guard.encode_jwt_token(user),
user_data=user_saved["user_data"])
def get_public_key():
# Check if user is logged in
if "logged_in" in session and "user" in session:
sender_public_key = session["user"]["public_key"]
else:
return jsonify(error="Unauthorized request.")
receiver_username = request.args.get("receiver_username", "")
if not models.check_if_user_exists(receiver_username):
return jsonify(error="This user does not exist.")
receiver = models.find_user_by_name(receiver_username)
return jsonify(sender_public_key=sender_public_key,
receiver_public_key=receiver.public_key)
def get_public_key():
# Check if user is logged in
if 'logged_in' in session and 'user' in session:
sender_public_key = session['user']['public_key']
else:
# User is not logged in, return error message
return jsonify(error="Unauthorized request.")
# Get receiver_username from request
receiver_username = request.args.get('receiver_username', '')
# Make sure that the receiver exists
if not models.check_if_user_exists(receiver_username):
return jsonify(error="This user does not exist.")
# Find receiver user
receiver = models.find_user_by_name(receiver_username)
return jsonify(sender_public_key=sender_public_key,
receiver_public_key=receiver.public_key)
def login():
# Check if user is already logged in
if "logged_in" in session and "user" in session:
return redirect(url_for("home"))
error = None
if request.method == "POST":
if (request.form["username"]
and request.form["password"] and models.user_authenticated(
request.form["username"], request.form["password"])):
session["logged_in"] = True
session["user"] = models.find_user_by_name(
request.form["username"]).to_dict()
encrypted_user_data = session["user"]["user_data"]
return jsonify(user_data=encrypted_user_data)
else:
return jsonify(error="Invalid username and/or password")
return render_template("login.html", error=error)
def login():
# Check if user is already logged in
if 'logged_in' in session and 'user' in session:
# If so, redirect to home page
return redirect(url_for('home'))
error = None
# Attempt to login a user
if request.method == 'POST':
# Check that entered username/password pair is valid
if request.form['username'] and request.form[
'password'] and models.user_authenticated(
request.form['username'], request.form['password']):
session['logged_in'] = True
session['user'] = models.find_user_by_name(
request.form['username']).to_dict()
encrypted_user_data = session['user']['user_data']
return jsonify(user_data=encrypted_user_data)
else:
return jsonify(error='Invalid username and/or password')
# Deliver login page
return render_template('login.html', error=error)
def create_user():
req = request.get_json(force=True)
username = req.get("username", None)
password = req.get("password", None)
public_key = req.get("public_key", None)
user_data = req.get("user_data", None)
# Validate entered username and password
error = None
if None in [username, password, public_key, user_data]:
error = "Request missing a field!"
if len(username) == 0 or len(username) > 32:
error = "Invalid username. Must be nonempty and contain at most 32 characters."
if len([c for c in username if c.lower() not in VALID_USERNAME_CHARS]) > 0:
error = "Invalid username. Must contain only letters (a-z), numbers (0-9), dashes (-), underscores (_)."
if len(password) < 8 or len(password) > 128:
error = "Invalid password. Must be at least 8 characters and at most 128 characters."
if models.check_if_user_exists(username):
error = "Username already taken."
# Invalid username or password
if error is not None:
return jsonify(error=error)
# Add new user to database
id = models.add_user_to_db(username, password, public_key, user_data)
if id is None:
# Database error
return jsonify(error="Unexpected error.")
# Return new user data
user_saved = models.find_user_by_name(username).to_dict()
user = guard.authenticate(username, password)
return jsonify(
token=guard.encode_jwt_token(user),
id=id,
username=username,
public_key=public_key,
user_data=user_data,
)
def create_user():
# Check if user is already logged in
if 'logged_in' in session and 'user' in session:
# If so, redirect to home page
return redirect(url_for('home'))
username = request.form.get('username')
password = request.form.get('password')
public_key = request.form.get('public_key')
user_data = request.form.get('user_data')
# Validate entered username and password
error = None
if None in [username, password, public_key, user_data]:
error = "Request missing a field!"
if len(username) == 0 or len(username) > 32:
error = "Invalid username. Must be nonempty and contain at most 32 characters."
if len([c for c in username if c.lower() not in VALID_USERNAME_CHARS]) > 0:
error = "Invalid username. Must contain only letters (a-z), numbers (0-9), dashes (-), underscores (_)."
if len(password) < 8 or len(password) > 128:
error = "Invalid password. Must be at least 8 characters and at most 128 characters."
if models.check_if_user_exists(username):
error = "Username already taken."
# Invalid username or password
if error is not None:
return jsonify(error=error)
# Add new user to database
id = models.add_user_to_db(username, password, public_key, user_data)
if id is None:
# Database error
return jsonify(error="Unexpected error.")
# Redirect new user to home page
session['logged_in'] = True
session['user'] = models.find_user_by_name(username).to_dict()
return jsonify(error=None)