def profile(): db = auth.get_website_firestore_client() userEmail = None userId = None email_cookie_key = get_email_cookie_key("profile") id_cookie_key = get_id_cookie_key("profile") members_ref = db.collection("members") if email_cookie_key in request.cookies: userEmail = request.cookies[email_cookie_key] if id_cookie_key in request.cookies: userId = request.cookies[id_cookie_key] if not auth.is_authenticated(userEmail, userId, members_ref): return redirect("/auth/profile/") member = Member.get_member(userEmail, userId, db) peopleYml = getYml('./data/people.yml') if request.method == "GET": people: list = peopleYml["people"] person_dict = next( (person for person in people if "email" in person and person["email"] == member.email), None) if person_dict is not None: member.merge_people_dict(person_dict) contributionsJson = "[\n\n]" if member.contributions is not None: contributionsJson = json.dumps(member.contributions, indent=4) return render_template("profile.html", page=pageData["profile"][0], site=site, member=member, contributionsJson=contributionsJson, CLIENT_ID=constants.get_google_client_id(), responded=True) elif request.method == "POST": try: if "photo_upload" in request.files: photo = request.files["photo_upload"] if photo.filename: filetype = photo.filename.split(".")[-1] storage_client = auth.get_website_storage_client() bucket = storage_client.bucket("hodp-member-images") uploaded_filename = "{}.{}".format(member.member_id, filetype) blob = bucket.blob(uploaded_filename) temp = tempfile.NamedTemporaryFile(delete=False) photo.save(temp.name) blob.upload_from_file(temp) os.remove(temp.name) blob.make_public() member.img_url = blob._get_download_url() member.update_from_form(request.form) member.save(db) members_cache.populate(db, peopleYml) return redirect("/profile/") except Exception as e: return make_response("Failed to update profile: {}".format(e), 400)
def authenticate_google_signin(token : str): # this is a google library for verifying stuff idinfo = id_token.verify_oauth2_token(token, requests.Request(), constants.get_google_client_id()) userId = idinfo["sub"] userEmail = idinfo["email"] hd = idinfo["hd"] if hd is None or hd not in ["college.harvard.edu"]: raise Exception("Not a @college.harvard.edu email!") return (userEmail, userId)
def demographics(): userEmail = None userId = None db = auth.get_survey_firestore_client() emails_ref = db.collection("emails") email_cookie_key = get_email_cookie_key("demographics") id_cookie_key = get_id_cookie_key("demographics") if request.method == 'GET': if email_cookie_key in request.cookies: userEmail = request.cookies[email_cookie_key] if id_cookie_key in request.cookies: userId = request.cookies[id_cookie_key] if not auth.is_authenticated(userEmail, userId, emails_ref): return redirect("/auth/surveygroup/") responsesDict = auth.get_responses_dict(userEmail, db) return render_template("demographics.html", page=pageData["demographics"][0], site=site, demographics=responsesDict["demographics"], questions=demographicQuestions(), CLIENT_ID=constants.get_google_client_id(), responded=False) else: userEmail = request.cookies[email_cookie_key] userId = request.cookies[id_cookie_key] if auth.is_authenticated(userEmail, userId, emails_ref): server.demographics.update_demographics(userEmail, request.form, demographicQuestions(), db) responsesDict = auth.get_responses_dict(userEmail, db) return render_template("demographics.html", page=pageData["demographics"][0], site=site, demographics=responsesDict["demographics"], questions=demographicQuestions(), CLIENT_ID=constants.get_google_client_id(), responded=True) else: # this happens if for some reason they've tried to f**k with their email or something gets corrupted abort( "User credentials improper. Please sign out and sign back in")
def signin(request_url): title_dict = { "surveygroup": "Survey Group", "demographics": "Demographics", "profile": "My Profile", "predictions": "Predictions" } if request.method == "GET": return render_template('auth.html', title=title_dict[request_url], page=pageData["auth"][0], site=site, CLIENT_ID=constants.get_google_client_id(), request_url=request_url) else: try: email_cookie_key = None id_cookie_key = None token = request.data userEmail, userId = auth.authenticate_google_signin(token) email_dict = None if request_url in ["surveygroup", "demographics"]: email_cookie_key = get_email_cookie_key("demographics") id_cookie_key = get_id_cookie_key("demographics") db = auth.get_survey_firestore_client() auth.create_respondent(userEmail, userId, db) elif request_url in ["profile"]: email_cookie_key = get_email_cookie_key("profile") id_cookie_key = get_id_cookie_key("profile") db = auth.get_website_firestore_client() Member.get_member(userEmail, userId, db) elif request_url in ["predictions"]: email_cookie_key = get_email_cookie_key("predictions") id_cookie_key = get_id_cookie_key("predictions") db = auth.get_survey_firestore_client() auth.create_prediction_user(userEmail, userId, db) # set the values of cookies to persist sign in response = make_response("SUCCESS", 201) response.set_cookie(email_cookie_key, userEmail) response.set_cookie(id_cookie_key, userId) return response except Exception as e: print(e) # if there is an error, delete their cookies and indicate failure response = make_response("FAILURE", 406) response.set_cookie(email_cookie_key, expires=0) response.set_cookie(id_cookie_key, expires=0) return response
def predictions(): userEmail = None userId = None db = auth.get_survey_firestore_client() prediction_users_ref = db.collection("prediction_users") email_cookie_key = get_email_cookie_key("predictions") id_cookie_key = get_id_cookie_key("predictions") current_time = datetime.datetime.now(tz=easternTime()) questions = sorted(getYml("./data/predictions.yml"), key=lambda x: x["deadline"], reverse=False) if request.method == 'GET': if email_cookie_key in request.cookies: userEmail = request.cookies[email_cookie_key] if id_cookie_key in request.cookies: userId = request.cookies[id_cookie_key] if not auth.is_authenticated(userEmail, userId, prediction_users_ref): return render_template( "webapps/predictions.html", site=site, page=pageData["predictions"][0], questions=questions, predictions={}, CLIENT_ID=constants.get_google_client_id(), responded=False, signed_in=False, current_time=current_time, to_datetime=yml_str_to_datetime, to_display_str=datetime_to_display_str, get_points=server.predictions.calculate_points, user_score=None, leaders=[], consent_checked=False, username=None) predictionsDict = auth.get_predictions_dict(userEmail, db) user_score = server.predictions.get_user_score(userEmail, db) consent_checked = server.predictions.can_be_displayed(userEmail, db) leaders = server.predictions.get_leaderboard(db) username = userEmail.split("@")[0] return render_template("webapps/predictions.html", site=site, page=pageData["predictions"][0], questions=questions, predictions=predictionsDict, CLIENT_ID=constants.get_google_client_id(), responded=False, signed_in=True, current_time=current_time, to_datetime=yml_str_to_datetime, to_display_str=datetime_to_display_str, get_points=server.predictions.calculate_points, user_score=user_score, leaders=leaders, consent_checked=consent_checked, username=username) else: userEmail = request.cookies[email_cookie_key] userId = request.cookies[id_cookie_key] if auth.is_authenticated(userEmail, userId, prediction_users_ref): server.predictions.update_predictions( userEmail, request.form, getYml("./data/predictions.yml"), db) predictionsDict = auth.get_predictions_dict(userEmail, db) user_score = server.predictions.get_user_score(userEmail, db) consent_checked = server.predictions.can_be_displayed( userEmail, db) leaders = server.predictions.get_leaderboard(db) username = userEmail.split("@")[0] return render_template( "webapps/predictions.html", site=site, page=pageData["predictions"][0], questions=questions, predictions=predictionsDict, CLIENT_ID=constants.get_google_client_id(), responded=True, signed_in=True, current_time=current_time, to_datetime=yml_str_to_datetime, to_display_str=datetime_to_display_str, get_points=server.predictions.calculate_points, user_score=user_score, leaders=leaders, consent_checked=consent_checked, username=username) else: # this happens if for some reason they've tried to f**k with their email or something gets corrupted abort( "User credentials improper. Please sign out and sign back in")