示例#1
0
    def successful_login(self, user, assumed_by=None):
        login_rec = model.Login(user)
        login_rec.successful = True
        login_rec.session_id = str(uuid.uuid4())
        login_rec.assumed_by = assumed_by
        #session_id = "session_id:{}".format(login_rec.session_id)
        session_id_signature = actual_hmac_creation(login_rec.session_id)
        session_id_signed = login_rec.session_id + ":" + session_id_signature
        logger.debug("session_id_signed:", session_id_signed)

        session = dict(login_time = time.time(),
                       user_id = user.id,
                       user_email_address = user.email_address)

        key = UserSession.cookie_name + ":" + login_rec.session_id
        logger.debug("Key when signing:", key)
        Redis.hmset(key, session)
        if self.remember_me:
            expire_time = self.remember_time
        else:
            expire_time = THREE_DAYS
        Redis.expire(key, expire_time)
        db_session.add(login_rec)
        db_session.commit()
        return session_id_signed
示例#2
0
 def add_traits(self, params, collection_name):
     print("---> params are:", params.keys())
     print("     type(params):", type(params))
     if collection_name=="Default":
         uc = g.user_session.user_ob.get_collection_by_name("Default")
         # Doesn't exist so we'll create it
         if not uc:
             return create_new("Default")
     else:
         uc = model.UserCollection.query.get(params['existing_collection'])
     members =  uc.members_as_set() #set(json.loads(uc.members))
     len_before = len(members)
 
     traits = process_traits(params['traits'])
 
     members_now = list(members | traits)
     len_now = len(members_now)
     uc.members = json.dumps(members_now)
 
     uc.changed_timestamp = datetime.datetime.utcnow()
 
     db_session.commit()
 
     print("added to existing, now set is:" + str(uc.members))
     report_change(len_before, len_now)
     
     # Probably have to change that
     return redirect(url_for('view_collection', uc_id=uc.id))
示例#3
0
def remove_traits():

    params = request.form
    print("params are:", params)

    if "uc_id" in params:
        uc_id = params['uc_id']
        uc = model.UserCollection.query.get(uc_id)
        traits_to_remove = params.getlist('traits[]')
        print("traits_to_remove are:", traits_to_remove)
        traits_to_remove = process_traits(traits_to_remove)
        print("\n\n  after processing, traits_to_remove:", traits_to_remove)
        all_traits = uc.members_as_set()
        print("  all_traits:", all_traits)
        members_now = all_traits - traits_to_remove
        print("  members_now:", members_now)
        print("Went from {} to {} members in set.".format(len(all_traits), len(members_now)))
        uc.members = json.dumps(list(members_now))
        uc.changed_timestamp = datetime.datetime.utcnow()
        db_session.commit()
    else:
        members_now = AnonCollection().remove_traits(params)
             

    # We need to return something so we'll return this...maybe in the future
    # we can use it to check the results
    return str(len(members_now))
示例#4
0
    def add_traits(self, params, collection_name):
        print("---> params are:", params.keys())
        print("     type(params):", type(params))
        if collection_name == "Default":
            uc = g.user_session.user_ob.get_collection_by_name("Default")
            # Doesn't exist so we'll create it
            if not uc:
                return create_new("Default")
        else:
            uc = model.UserCollection.query.get(params['existing_collection'])
        members = uc.members_as_set()  #set(json.loads(uc.members))
        len_before = len(members)

        traits = process_traits(params['traits'])

        members_now = list(members | traits)
        len_now = len(members_now)
        uc.members = json.dumps(members_now)

        uc.changed_timestamp = datetime.datetime.utcnow()

        db_session.commit()

        print("added to existing, now set is:" + str(uc.members))
        report_change(len_before, len_now)

        # Probably have to change that
        return redirect(url_for('view_collection', uc_id=uc.id))
示例#5
0
def password_reset_step2():
    logger.debug("in password_reset request.url is:", request.url)

    errors = []

    user_encode = request.form['user_encode']
    verification_code, separator, hmac = user_encode.partition(':')

    hmac_verified = actual_hmac_creation(verification_code)
    logger.debug("locals are:", locals())


    assert hmac == hmac_verified, "Someone has been naughty"

    user = DecodeUser.actual_get_user(ForgotPasswordEmail.key_prefix, verification_code)
    logger.debug("user is:", user)

    password = request.form['password']

    set_password(password, user)
    db_session.commit()

    flash("Password changed successfully. You can now sign in.", "alert-info")
    response = make_response(redirect(url_for('login')))

    return response
示例#6
0
def password_reset_step2():
    logger.debug("in password_reset request.url is:", request.url)

    errors = []

    user_encode = request.form['user_encode']
    verification_code, separator, hmac = user_encode.partition(':')

    hmac_verified = actual_hmac_creation(verification_code)
    logger.debug("locals are:", locals())

    assert hmac == hmac_verified, "Someone has been naughty"

    user = DecodeUser.actual_get_user(ForgotPasswordEmail.key_prefix,
                                      verification_code)
    logger.debug("user is:", user)

    password = request.form['password']

    set_password(password, user)
    db_session.commit()

    flash("Password changed successfully. You can now sign in.", "alert-info")
    response = make_response(redirect(url_for('login')))

    return response
示例#7
0
    def successful_login(self, user, assumed_by=None):
        login_rec = model.Login(user)
        login_rec.successful = True
        login_rec.session_id = str(uuid.uuid4())
        login_rec.assumed_by = assumed_by
        #session_id = "session_id:{}".format(login_rec.session_id)
        session_id_signature = actual_hmac_creation(login_rec.session_id)
        session_id_signed = login_rec.session_id + ":" + session_id_signature
        logger.debug("session_id_signed:", session_id_signed)

        session = dict(login_time=time.time(),
                       user_id=user.id,
                       user_email_address=user.email_address)

        key = UserSession.cookie_name + ":" + login_rec.session_id
        logger.debug("Key when signing:", key)
        Redis.hmset(key, session)
        if self.remember_me:
            expire_time = self.remember_time
        else:
            expire_time = THREE_DAYS
        Redis.expire(key, expire_time)
        db_session.add(login_rec)
        db_session.commit()
        return session_id_signed
示例#8
0
def remove_traits():

    params = request.form
    print("params are:", params)

    if "uc_id" in params:
        uc_id = params['uc_id']
        uc = model.UserCollection.query.get(uc_id)
        traits_to_remove = params.getlist('traits[]')
        print("traits_to_remove are:", traits_to_remove)
        traits_to_remove = process_traits(traits_to_remove)
        print("\n\n  after processing, traits_to_remove:", traits_to_remove)
        all_traits = uc.members_as_set()
        print("  all_traits:", all_traits)
        members_now = all_traits - traits_to_remove
        print("  members_now:", members_now)
        print("Went from {} to {} members in set.".format(
            len(all_traits), len(members_now)))
        uc.members = json.dumps(list(members_now))
        uc.changed_timestamp = datetime.datetime.utcnow()
        db_session.commit()
    else:
        members_now = AnonCollection().remove_traits(params)

    # We need to return something so we'll return this...maybe in the future
    # we can use it to check the results
    return str(len(members_now))
示例#9
0
def add_to_existing():
    params = request.args
    print("---> params are:", params.keys())
    print("     type(params):", type(params))
    uc = model.UserCollection.query.get(params['existing_collection'])
    members = set(json.loads(uc.members))
    len_before = len(members)

    traits = process_traits(params['traits'])

    members_now = list(members | traits)
    len_now = len(members_now)
    uc.members = json.dumps(members_now)

    uc.changed_timestamp = datetime.datetime.utcnow()

    db_session.commit()

    print("added to existing, now set is:" + str(uc.members))

    new_length = len_now - len_before
    if new_length:
        flash("We've added {} to your collection.".format(
            numify(new_length, 'new trait', 'new traits')))
    else:
        flash("No new traits were added.")

    return redirect(url_for('view_collection', uc_id=uc.id))
def delete_collection():
    params = request.form
    print("params:", params)
    if g.user_session.logged_in:
        uc_id = params['uc_id']
        if len(uc_id.split(":")) > 1:
            for this_uc_id in uc_id.split(":"):
                uc = model.UserCollection.query.get(this_uc_id)
                collection_name = uc.name
                db_session.delete(uc)
                db_session.commit()
        else:
            uc = model.UserCollection.query.get(uc_id)
            # Todo: For now having the id is good enough since it's so unique
            # But might want to check ownership in the future
            collection_name = uc.name
            db_session.delete(uc)
            db_session.commit()
    else:
        collection_name = params['collection_name']
        user_manager.AnonUser().delete_collection(collection_name)

    flash("We've deleted the collection: {}.".format(collection_name), "alert-info")

    return redirect(url_for('list_collections'))
示例#11
0
    def __init__(self, kw):
        self.thank_you_mode = False
        self.errors = []
        self.user = Bunch()

        self.user.email_address = kw.get('email_address', '').strip()
        if not (5 <= len(self.user.email_address) <= 50):
            self.errors.append(
                'Email Address needs to be between 5 and 50 characters.')

        self.user.full_name = kw.get('full_name', '').strip()
        if not (5 <= len(self.user.full_name) <= 50):
            self.errors.append(
                'Full Name needs to be between 5 and 50 characters.')

        self.user.organization = kw.get('organization', '').strip()
        if self.user.organization and not (5 <= len(self.user.organization) <=
                                           50):
            self.errors.append(
                'Organization needs to be empty or between 5 and 50 characters.'
            )

        password = str(kw.get('password', ''))
        if not (6 <= len(password)):
            self.errors.append('Password needs to be at least 6 characters.')

        if kw.get('password_confirm') != password:
            self.errors.append("Passwords don't match.")

        if self.errors:
            return

        logger.debug("No errors!")

        set_password(password, self.user)

        self.user.registration_info = json.dumps(basic_info(), sort_keys=True)

        self.new_user = model.User(**self.user.__dict__)
        db_session.add(self.new_user)

        try:
            db_session.commit()
        except sqlalchemy.exc.IntegrityError:
            # This exception is thrown if the email address is already in the database
            # To do: Perhaps put a link to sign in using an existing account here
            self.errors.append(
                "An account with this email address already exists. "
                "Click the button above to sign in using an existing account.")
            return

        logger.debug("Adding verification email to queue")
        #self.send_email_verification()
        VerificationEmail(self.new_user)
        logger.debug("Added verification email to queue")

        self.thank_you_mode = True
示例#12
0
def make_superuser():
    super_only()
    params = request.args
    user_id = params['user_id']
    user = model.User.query.get(user_id)
    superuser_info = basic_info()
    superuser_info['crowned_by'] = g.user_session.user_id
    user.superuser = json.dumps(superuser_info, sort_keys=True)
    db_session.commit()
    flash("We've made {} a superuser!".format(user.name_and_org))
    return redirect(url_for("manage_users"))
示例#13
0
def make_superuser():
    super_only()
    params = request.args
    user_id = params['user_id']
    user = model.User.query.get(user_id)
    superuser_info = basic_info()
    superuser_info['crowned_by'] = g.user_session.user_id
    user.superuser = json.dumps(superuser_info, sort_keys=True)
    db_session.commit()
    flash("We've made {} a superuser!".format(user.name_and_org))
    return redirect(url_for("manage_users"))
示例#14
0
def verify_email():
    user = DecodeUser(VerificationEmail.key_prefix).user
    user.confirmed = json.dumps(basic_info(), sort_keys=True)
    db_session.commit()

    # As long as they have access to the email account
    # We might as well log them in

    session_id_signed = LoginUser().successful_login(user)
    response = make_response(render_template("new_security/thank_you.html"))
    response.set_cookie(UserSession.cookie_name, session_id_signed)
    return response
示例#15
0
def verify_email():
    user = DecodeUser(VerificationEmail.key_prefix).user
    user.confirmed = json.dumps(basic_info(), sort_keys=True)
    db_session.commit()

    # As long as they have access to the email account
    # We might as well log them in

    session_id_signed = LoginUser().successful_login(user)
    response = make_response(render_template("new_security/thank_you.html"))
    response.set_cookie(UserSession.cookie_name, session_id_signed)
    return response
示例#16
0
 def import_traits_to_user(self):
     collections_list = json.loads(Redis.get(self.key))
     for collection in collections_list:
         uc = model.UserCollection()
         uc.name = collection['name']
         collection_exists = g.user_session.user_ob.get_collection_by_name(uc.name)
         if collection_exists:
             continue
         else:
             uc.user = g.user_session.user_id
             uc.members = json.dumps(collection['members'])
             db_session.add(uc)
             db_session.commit()
 def import_traits_to_user(self):
     collections_list = json.loads(Redis.get(self.key))
     for collection in collections_list:
         uc = model.UserCollection()
         uc.name = collection['name']
         collection_exists = g.user_session.user_ob.get_collection_by_name(uc.name)
         if collection_exists:
             continue
         else:
             uc.user = g.user_session.user_id
             uc.members = json.dumps(collection['members'])
             db_session.add(uc)
             db_session.commit()
示例#18
0
def delete_collection():
    params = request.form
    print("params:", params)
    uc_id = params['uc_id']
    uc = model.UserCollection.query.get(uc_id)
    # Todo: For now having the id is good enough since it's so unique
    # But might want to check ownership in the future
    collection_name = uc.name
    db_session.delete(uc)
    db_session.commit()
    flash("We've deletet the collection: {}.".format(collection_name), "alert-info")

    return redirect(url_for('list_collections'))
示例#19
0
    def __init__(self, kw):
        self.thank_you_mode = False
        self.errors = []
        self.user = Bunch()

        self.user.email_address = kw.get('email_address', '').strip()
        if not (5 <= len(self.user.email_address) <= 50):
            self.errors.append('Email Address needs to be between 5 and 50 characters.')

        self.user.full_name = kw.get('full_name', '').strip()
        if not (5 <= len(self.user.full_name) <= 50):
            self.errors.append('Full Name needs to be between 5 and 50 characters.')

        self.user.organization = kw.get('organization', '').strip()
        if self.user.organization and not (5 <= len(self.user.organization) <= 50):
            self.errors.append('Organization needs to be empty or between 5 and 50 characters.')

        password = str(kw.get('password', ''))
        if not (6 <= len(password)):
            self.errors.append('Password needs to be at least 6 characters.')

        if kw.get('password_confirm') != password:
            self.errors.append("Passwords don't match.")

        if self.errors:
            return

        logger.debug("No errors!")

        set_password(password, self.user)

        self.user.registration_info = json.dumps(basic_info(), sort_keys=True)

        self.new_user = model.User(**self.user.__dict__)
        db_session.add(self.new_user)

        try:
            db_session.commit()
        except sqlalchemy.exc.IntegrityError:
            # This exception is thrown if the email address is already in the database
            # To do: Perhaps put a link to sign in using an existing account here
            self.errors.append("An account with this email address already exists. "
                               "Click the button above to sign in using an existing account.")
            return

        logger.debug("Adding verification email to queue")
        #self.send_email_verification()
        VerificationEmail(self.new_user)
        logger.debug("Added verification email to queue")

        self.thank_you_mode = True
示例#20
0
def delete_collection():
    params = request.form
    print("params:", params)
    uc_id = params['uc_id']
    uc = model.UserCollection.query.get(uc_id)
    # Todo: For now having the id is good enough since it's so unique
    # But might want to check ownership in the future
    collection_name = uc.name
    db_session.delete(uc)
    db_session.commit()
    flash("We've deletet the collection: {}.".format(collection_name),
          "alert-info")

    return redirect(url_for('list_collections'))
示例#21
0
def create_new(collection_name):
    params = request.args
    uc = model.UserCollection()
    uc.name = collection_name
    print("user_session:", g.user_session.__dict__)
    uc.user = g.user_session.user_id
    unprocessed_traits = params['traits']

    traits = process_traits(unprocessed_traits)

    uc.members = json.dumps(list(traits))
    print("traits are:", traits)

    db_session.add(uc)
    db_session.commit()

    print("Created: " + uc.name)
    return redirect(url_for('view_collection', uc_id=uc.id))
示例#22
0
def create_new(collection_name):
    params = request.args
    uc = model.UserCollection()
    uc.name = collection_name
    print("user_session:", g.user_session.__dict__)
    uc.user = g.user_session.user_id
    unprocessed_traits = params['traits']

    traits = process_traits(unprocessed_traits)

    uc.members = json.dumps(list(traits))
    print("traits are:", traits)

    db_session.add(uc)
    db_session.commit()

    print("Created: " + uc.name)
    return redirect(url_for('view_collection', uc_id=uc.id))
示例#23
0
    def __init__(self, kw):
        self.thank_you_mode = False
        self.errors = []
        self.user = Bunch()

        self.user.email_address = kw.get('email_address', '').strip()
        if not (5 <= len(self.user.email_address) <= 50):
            self.errors.append('Email Address needs to be between 5 and 50 characters.')

        self.user.full_name = kw.get('full_name', '').strip()
        if not (5 <= len(self.user.full_name) <= 50):
            self.errors.append('Full Name needs to be between 5 and 50 characters.')

        self.user.organization = kw.get('organization', '').strip()
        if self.user.organization and not (5 <= len(self.user.organization) <= 50):
            self.errors.append('Organization needs to be empty or between 5 and 50 characters.')

        password = str(kw.get('password', ''))
        if not (6 <= len(password)):
            self.errors.append('Password needs to be at least 6 characters.')

        if kw.get('password_confirm') != password:
            self.errors.append("Passwords don't match.")

        if self.errors:
            return

        print("No errors!")

        set_password(password, self.user)

        self.user.registration_info = json.dumps(basic_info(), sort_keys=True)

        self.new_user = model.User(**self.user.__dict__)
        db_session.add(self.new_user)
        db_session.commit()

        print("Adding verification email to queue")
        #self.send_email_verification()
        VerificationEmail(self.new_user)
        print("Added verification email to queue")

        self.thank_you_mode = True
示例#24
0
def create_new(collection_name):
    params = request.args

    unprocessed_traits = params['traits']
    traits = process_traits(unprocessed_traits)

    if g.user_session.logged_in:
        uc = model.UserCollection()
        uc.name = collection_name
        print("user_session:", g.user_session.__dict__)
        uc.user = g.user_session.user_id
        uc.members = json.dumps(list(traits))
        db_session.add(uc)
        db_session.commit()
        return redirect(url_for('view_collection', uc_id=uc.id))
    else:
        current_collections = user_manager.AnonUser().get_collections()
        ac = AnonCollection(collection_name)
        ac.changed_timestamp = datetime.datetime.utcnow().strftime('%b %d %Y %I:%M%p')
        ac.add_traits(params)
        return redirect(url_for('view_collection', collection_id=ac.id))
def create_new(collection_name):
    params = request.args

    unprocessed_traits = params['traits']
    traits = process_traits(unprocessed_traits)

    if g.user_session.logged_in:
        uc = model.UserCollection()
        uc.name = collection_name
        print("user_session:", g.user_session.__dict__)
        uc.user = g.user_session.user_id
        uc.members = json.dumps(list(traits))
        db_session.add(uc)
        db_session.commit()
        return redirect(url_for('view_collection', uc_id=uc.id))
    else:
        current_collections = user_manager.AnonUser().get_collections()
        ac = AnonCollection(collection_name)
        ac.changed_timestamp = datetime.datetime.utcnow().strftime('%b %d %Y %I:%M%p')
        ac.add_traits(params)
        return redirect(url_for('view_collection', collection_id=ac.id))
示例#26
0
 def unsuccessful_login(self, user):
     login_rec = model.Login(user)
     login_rec.successful = False
     db_session.add(login_rec)
     db_session.commit()
示例#27
0
 def unsuccessful_login(self, user):
     login_rec = model.Login(user)
     login_rec.successful = False
     db_session.add(login_rec)
     db_session.commit()