def user_list():
args = parser.parse({
'email': wf.Str(missing=None),
'permissions': wf.DelimitedList(wf.Str(), delimiter=',', missing=[]),
})
user_dbs, cursors = model.User.get_dbs(
email=args['email'], prev_cursor=True,
)
permissions = list(UserUpdateForm._permission_choices)
permissions += args['permissions']
return flask.render_template(
'user/user_list.html',
html_class='user-list',
title='User List',
user_dbs=user_dbs,
next_url=util.generate_next_url(cursors['next']),
prev_url=util.generate_next_url(cursors['prev']),
api_url=flask.url_for('api.admin.user.list'),
permissions=sorted(set(permissions)),
)
###############################################################################
# User Update
###############################################################################
python类User()的实例源码
def user_profile(user_id):
"""Show user profile"""
user_info = User.query.filter_by(user_id=user_id).first()
account_created = user_info.account_created
account_created = str(account_created)[:11]
system_info = UserSystem.query.filter_by(user_id=user_id).all()
rating_info = (db.session.query(Game.name, Rating.score, Game.game_id)
.join(Rating).filter(Rating.user_id==user_id)
.all())
num_games = (db.session.query(func.count(Rating.user_id))
.filter(Rating.user_id == user_id)
.first())
num_games = int(num_games[0])
return render_template("user_profile.html", user_info=user_info,
system_info=system_info,
rating_info=rating_info,
account_created=account_created,
user_id=user_id,
num_games=num_games)
def login():
"""Attempt to log the user in"""
email = request.form.get("email")
password = request.form.get("password")
existing_email = User.query.filter_by(email=email).first()
if existing_email is not None and existing_email.password == password:
# add user to session
session["user_id"] = existing_email.user_id
flash("Successfully logged in!")
return redirect('/homepage')
elif existing_email is None:
flash("Incorrect email.")
return redirect('/')
else:
flash("Incorrect password.")
return redirect('/')
def user_list():
args = parser.parse({
'email': wf.Str(missing=None),
'permissions': wf.DelimitedList(wf.Str(), delimiter=',', missing=[]),
})
user_dbs, cursors = model.User.get_dbs(
email=args['email'], prev_cursor=True,
)
permissions = list(UserUpdateForm._permission_choices)
permissions += args['permissions']
return flask.render_template(
'user/user_list.html',
html_class='user-list',
title='User List',
user_dbs=user_dbs,
next_url=util.generate_next_url(cursors['next']),
prev_url=util.generate_next_url(cursors['prev']),
api_url=flask.url_for('api.admin.user.list'),
permissions=sorted(set(permissions)),
)
###############################################################################
# User Update
###############################################################################
def user_list():
args = parser.parse({
'email': wf.Str(missing=None),
'permissions': wf.DelimitedList(wf.Str(), delimiter=',', missing=[]),
})
user_dbs, cursors = model.User.get_dbs(
email=args['email'], prev_cursor=True,
)
permissions = list(UserUpdateForm._permission_choices)
permissions += args['permissions']
return flask.render_template(
'user/user_list.html',
html_class='user-list',
title='User List',
user_dbs=user_dbs,
next_url=util.generate_next_url(cursors['next']),
prev_url=util.generate_next_url(cursors['prev']),
api_url=flask.url_for('api.admin.user.list'),
permissions=sorted(set(permissions)),
)
###############################################################################
# User Update
###############################################################################
def before_request(self,*args):
"""Verfies that the API is Vaild for the correct user
and the IP address hasn't changed since log in"""
signer = TimestampSigner(SECRET_KEY)
api_key = request.headers['API_KEY']
Client_id = request.headers['Client_ID']
ip_address = request.remote_addr
user = User.query.filter_by(Client_id=Client_id).first()
if user == None:
return make_response(jsonify({'Failure': 'Invaild User'}), 400)
if api_key != user.api_key:
return make_response(jsonify({'Failure': 'Incorrect API Key'}), 400)
if ip_address != user.current_login_ip:
return make_response(jsonify({'Failure': 'Incorrect IP for Client, Please Re-login in'}), 400)
try:
signer.unsign(api_key, max_age=86164)
except:
return make_response(jsonify({'Failure': 'Invaild API Key, please request new API Key'}), 400)
def login_processed():
"""Processes old users."""
email = request.form["email"]
password = request.form["password"]
user = User.query.filter_by(email=email).first()
if not user:
flash("Oops, you don't exist yet! Please sign up.")
return redirect('/enter_phone')
if user.password != password:
flash("The password you have given is incorrect.")
return redirect('/login')
session['id'] = user.user_id
flash("Welcome back, %s. You have successfully logged in." % user.first_name)
return redirect("/")
def sumbit_login():
"""checks for login info to log in and if not present, creates user"""
username = request.form.get("username")
password = request.form.get("password")
user = User.query.filter_by(email=username).first()
# if user already exists, checks password and logs them in if correct. If not, prompts
# for password again
if user:
if user.password == password:
session['user'] = user.user_id
flash("You are now logged in")
return redirect('/users/' + str(user.user_id))
else:
flash("Password incorrect")
return redirect('/login')
else:
#instantiates new user and passes user_id to session
user = User(email=username, password=password)
db.session.add(user)
db.session.commit()
session['user'] = user.user_id
flash("Your account has been created")
return redirect('/')
def submit_login():
"""Logs in user or directs to sign up form if no email"""
email = request.form.get("email")
password = request.form.get("password")
user = User.query.filter_by(email=email).first()
# if user already exists, checks password and logs them in if correct. If not, prompts
# for password again
if user:
if user.verify_password(password):
session['user'] = user.user_id
flash("You are now logged in")
return redirect('/')
else:
flash("Password incorrect")
return redirect('/')
else:
return render_template('sign_up_form.html', email=email, password=password)
def invite_user():
"""Allows user to invite other member to group by email"""
email = request.form.get('invite')
user = User.query.filter_by(email=email).first()
group_id = request.form.get('group_id')
group = Group.query.filter_by(group_id=group_id).first()
if user:
user_search = UserGroup.query.filter_by(user_id=user.user_id, group_id=group_id).first()
if user_search:
flash("User is already in this group")
else:
new_user = UserGroup(user_id=user.user_id, group_id=group_id)
db.session.add(new_user)
db.session.commit()
flash("Added new user " + email + " to " + group.group_name)
else:
flash("No such user")
return redirect('/')
def get_user_info(user_id):
"""Retrieves user data based on the user ID."""
user = User.query.get(user_id)
user = user.__dict__
if '_sa_instance_state' in user:
del user['_sa_instance_state']
user_plants = get_user_plants(user_id)
user['plants'] = user_plants
# adds a key to dictionary that has a value of true/false depending on
# whether reminder was set
for plant in user['plants']:
user['plants'][plant]['reminder_status'] = str(get_reminder_status(user['user_id'], user['plants'][plant]['plant_id']))
return jsonify(user)
def process_login():
"""Processes user input and either logs user in if input is in database"""
# gets the user input from the username field and looks it up in the database
username = request.form.get('username')
user = User.query.filter_by(username=username).first()
# if username entered exists in db, gets the password entered and compares
# it to the one in the database
if user:
# if password is correct, adds user to the current session and redirects to home page
if bcrypt.hashpw(request.form.get('password').encode('utf-8'), user.password.encode('utf-8')).decode() == user.password:
session['logged_in'] = user.user_id
print 'logged in'
return jsonify(session)
# if password is incorrect, redirects to login page
else:
return 'error'
# if username is not in the database, redirects to the registration form
else:
return 'error'
def update_user():
"""Saves updated user info."""
user_id = request.form.get('id')
user_to_update = User.query.get(int(user_id))
if bcrypt.hashpw(request.form.get('password').encode('utf-8'), user_to_update.password.encode('utf-8')).decode() == user_to_update.password:
if request.form.get('email'):
user_to_update.email = request.form.get('email')
if request.form.get('phone'):
user_to_update.phone = request.form.get('phone')
else:
return "bad password"
db.session.commit()
return "ok"
# PlantUser Routes *********************************
def add_reminder():
"""Adds a watering reminder for a particular PlantUser"""
user_id = int(request.form.getlist('user_id')[0].encode('utf-8'))
if User.query.get(user_id).phone:
plant_id = int(request.form.getlist('plant_id')[0].encode('utf-8'))
days = request.form.getlist('days')[0].encode('utf-8')
plant_user = PlantUser.query.filter(PlantUser.user_id == user_id, PlantUser.plant_id == plant_id).first()
plant_user.watering_schedule = days
db.session.commit()
return 'ok'
else:
return 'phone number missing'
def create_user_db(auth_id, name, username, email='', verified=False, password='', **props):
"""Saves new user into datastore"""
if password:
password = util.password_hash(password)
email = email.lower()
user_db = model.User(
name=name,
email=email,
username=username,
auth_ids=[auth_id] if auth_id else [],
verified=verified,
token=util.uuid(),
password_hash=password,
**props
)
user_db.put()
task.new_user_notification(user_db)
return user_db
def create_or_get_user_db(auth_id, name, username, email='', **kwargs):
"""This function will first lookup if user with given email already exists.
If yes then it will append auth_id for his record and saves it.
If not we'll make sure to find unique username for this user (for the case of signing up via social account)
and then store it into datastore"""
user_db = model.User.get_by('email', email.lower())
if user_db:
user_db.auth_ids.append(auth_id)
user_db.put()
return user_db
if isinstance(username, str):
username = username.decode('utf-8')
username = unidecode.unidecode(username.split('@')[0].lower()).strip()
username = re.sub(r'[\W_]+', '.', username)
new_username = username
suffix = 1
while not model.User.is_username_available(new_username):
new_username = '%s%d' % (username, suffix)
suffix += 1
return create_user_db(auth_id, name, new_username, email=email, **kwargs)
def seed_user(profile, user_id):
first_name = profile['names'][0].get("givenName")
last_name = profile['names'][0].get("familyName")
user_exists = User.query.get(user_id)
if user_exists is None:
user = User(user_id=user_id,
first_name=first_name,
last_name=last_name)
db.session.add(user)
db.session.commit()
return user_id
def get_master_recoverinfo():
username = request.form.get("username",None)
if username is None:
return json.dumps({'success':'false', 'message':'username field is required.'})
else:
user = User.query.filter_by(username=username).first()
return json.dumps({'success':'true', 'uid':user.id, 'groupname':user.user_group})
def billing_beans():
logger.info("handle request: /billing/beans/")
form = request.form
owner_name = form.get("owner_name",None)
billing = int(form.get("billing",None))
if owner_name is None or billing is None:
return json.dumps({'success':'false', 'message':'owner_name and beans fields are required.'})
# update users' tables in database
owner = User.query.filter_by(username=owner_name).first()
if owner is None:
logger.warning("Error!!! Billing User %s doesn't exist!" % (owner_name))
else:
#logger.info("Billing User:"+str(owner))
oldbeans = owner.beans
owner.beans -= billing
#logger.info(str(oldbeans) + " " + str(owner.beans))
if oldbeans > 0 and owner.beans <= 0 or oldbeans >= 100 and owner.beans < 100 or oldbeans >= 500 and owner.beans < 500 or oldbeans >= 1000 and owner.beans < 1000:
# send mail to remind users of their beans if their beans decrease to 0,100,500 and 1000
data = {"to_address":owner.e_mail,"username":owner.username,"beans":owner.beans}
# request_master("/beans/mail/",data)
beansapplicationmgr.send_beans_email(owner.e_mail,owner.username,int(owner.beans))
try:
db.session.commit()
except Exception as err:
db.session.rollback()
logger.warning(traceback.format_exc())
logger.warning(err)
return json.dumps({'success':'false', 'message':'Fail to wirte to databases.'})
#logger.info("Billing User:"+str(owner))
if owner.beans <= 0:
# stop all vcluster of the user if his beans are equal to or lower than 0.
logger.info("The beans of User(" + str(owner) + ") are less than or equal to zero, all his or her vclusters will be stopped.")
auth_key = env.getenv('AUTH_KEY')
form = {'username':owner.username, 'auth_key':auth_key}
request_master("/cluster/stopall/",form)
return json.dumps({'success':'true'})
def signup():
next_url = util.get_next_url()
form = None
if config.CONFIG_DB.has_email_authentication:
form = form_with_recaptcha(SignUpForm())
save_request_params()
if form.validate_on_submit():
user_db = model.User.get_by('email', form.email.data)
if user_db:
form.email.errors.append('This email is already taken.')
if not form.errors:
user_db = create_user_db(
None,
util.create_name_from_email(form.email.data),
form.email.data,
form.email.data,
)
user_db.put()
task.activate_user_notification(user_db)
cache.bump_auth_attempt()
return flask.redirect(flask.url_for('welcome'))
if form and form.errors:
cache.bump_auth_attempt()
title = 'Sign up' if config.CONFIG_DB.has_email_authentication else 'Sign in'
return flask.render_template(
'auth/auth.html',
title=title,
html_class='auth',
next_url=next_url,
form=form,
**urls_for_oauth(next_url)
)
###############################################################################
# Sign out stuff
###############################################################################
def form_with_recaptcha(form):
should_have_recaptcha = cache.get_auth_attempt() >= config.RECAPTCHA_LIMIT
if not (should_have_recaptcha and config.CONFIG_DB.has_recaptcha):
del form.recaptcha
return form
###############################################################################
# User related stuff
###############################################################################
def create_user_db(auth_id, name, username, email='', verified=False, **props):
email = email.lower() if email else ''
if verified and email:
user_dbs, cursors = model.User.get_dbs(email=email, verified=True, limit=2)
if len(user_dbs) == 1:
user_db = user_dbs[0]
user_db.auth_ids.append(auth_id)
user_db.put()
task.new_user_notification(user_db)
return user_db
if isinstance(username, str):
username = username.decode('utf-8')
username = unidecode.unidecode(username.split('@')[0].lower()).strip()
username = re.sub(r'[\W_]+', '.', username)
new_username = username
n = 1
while not model.User.is_username_available(new_username):
new_username = '%s%d' % (username, n)
n += 1
user_db = model.User(
name=name,
email=email,
username=new_username,
auth_ids=[auth_id] if auth_id else [],
verified=verified,
token=util.uuid(),
**props
)
user_db.put()
task.new_user_notification(user_db)
return user_db
def get_user_db_from_email(email, password):
user_dbs, cursors = model.User.get_dbs(email=email, active=True, limit=2)
if not user_dbs:
return None
if len(user_dbs) > 1:
flask.flash('''We are sorry but it looks like there is a conflict with
your account. Our support team is already informed and we will get
back to you as soon as possible.''', category='danger')
task.email_conflict_notification(email)
return False
user_db = user_dbs[0]
if user_db.password_hash == util.password_hash(user_db, password):
return user_db
return None
def user_verify(token):
user_db = auth.current_user_db()
if user_db.token != token:
flask.flash('That link is either invalid or expired.', category='danger')
return flask.redirect(flask.url_for('profile'))
user_db.verified = True
user_db.token = util.uuid()
user_db.put()
flask.flash('Hooray! Your email is now verified.', category='success')
return flask.redirect(flask.url_for('profile'))
###############################################################################
# User Forgot
###############################################################################
def user_forgot(token=None):
if not config.CONFIG_DB.has_email_authentication:
flask.abort(418)
form = auth.form_with_recaptcha(UserForgotForm(obj=auth.current_user_db()))
if form.validate_on_submit():
cache.bump_auth_attempt()
email = form.email.data
user_dbs, cursors = util.get_dbs(
model.User.query(), email=email, active=True, limit=2,
)
count = len(user_dbs)
if count == 1:
task.reset_password_notification(user_dbs[0])
return flask.redirect(flask.url_for('welcome'))
elif count == 0:
form.email.errors.append('This email was not found')
elif count == 2:
task.email_conflict_notification(email)
form.email.errors.append(
'''We are sorry but it looks like there is a conflict with your
account. Our support team is already informed and we will get back to
you as soon as possible.'''
)
if form.errors:
cache.bump_auth_attempt()
return flask.render_template(
'user/user_forgot.html',
title='Forgot Password?',
html_class='user-forgot',
form=form,
)
###############################################################################
# User Reset
###############################################################################
def user_reset(token=None):
user_db = model.User.get_by('token', token)
if not user_db:
flask.flash('That link is either invalid or expired.', category='danger')
return flask.redirect(flask.url_for('welcome'))
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
form = UserResetForm()
if form.validate_on_submit():
user_db.password_hash = util.password_hash(user_db, form.new_password.data)
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
flask.flash('Your password was changed succesfully.', category='success')
return auth.signin_user_db(user_db)
return flask.render_template(
'user/user_reset.html',
title='Reset Password',
html_class='user-reset',
form=form,
user_db=user_db,
)
###############################################################################
# User Activate
###############################################################################
def user_activate(token):
if auth.is_logged_in():
login.logout_user()
return flask.redirect(flask.request.path)
user_db = model.User.get_by('token', token)
if not user_db:
flask.flash('That link is either invalid or expired.', category='danger')
return flask.redirect(flask.url_for('welcome'))
form = UserActivateForm(obj=user_db)
if form.validate_on_submit():
form.populate_obj(user_db)
user_db.password_hash = util.password_hash(user_db, form.password.data)
user_db.token = util.uuid()
user_db.verified = True
user_db.put()
return auth.signin_user_db(user_db)
return flask.render_template(
'user/user_activate.html',
title='Activate Account',
html_class='user-activate',
user_db=user_db,
form=form,
)
###############################################################################
# User Merge
###############################################################################
def register_process():
"""Get information from registration form."""
username = request.form.get("username")
email = request.form.get("email")
password = request.form.get("password")
systems = request.form.getlist("systems")
account_created = datetime.now()
existing_username = User.query.filter_by(username=username).first()
existing_email = User.query.filter_by(email=email).first()
# check if the username is in use
if existing_username is None and existing_email is None:
#check if the email is in use
new_user = User(username=username, email=email, password=password,
account_created=account_created)
db.session.add(new_user)
db.session.commit()
get_user_rating(games)
for system in systems:
# add each system to the database for the specific user
system_id = db.session.query(System.system_id).filter(System.name==system).first()
new_user_system = UserSystem(user_id=new_user.user_id, system_id=system_id)
db.session.add(new_user_system)
db.session.commit()
flash("Successfully registered " + username + "!")
return redirect("/")
else:
flash("Username or email already in use")
# TODO probably handle this in AJAX on the form and be more specific
# as to whether it was the username or email that failed
return redirect("/")
def signup():
next_url = util.get_next_url()
form = None
if config.CONFIG_DB.has_email_authentication:
form = form_with_recaptcha(SignUpForm())
save_request_params()
if form.validate_on_submit():
user_db = model.User.get_by('email', form.email.data)
if user_db:
form.email.errors.append('This email is already taken.')
if not form.errors:
user_db = create_user_db(
None,
util.create_name_from_email(form.email.data),
form.email.data,
form.email.data,
)
user_db.put()
task.activate_user_notification(user_db)
cache.bump_auth_attempt()
return flask.redirect(flask.url_for('welcome'))
if form and form.errors:
cache.bump_auth_attempt()
title = 'Sign up' if config.CONFIG_DB.has_email_authentication else 'Sign in'
return flask.render_template(
'auth/auth.html',
title=title,
html_class='auth',
next_url=next_url,
form=form,
**urls_for_oauth(next_url)
)
###############################################################################
# Sign out stuff
###############################################################################
def form_with_recaptcha(form):
should_have_recaptcha = cache.get_auth_attempt() >= config.RECAPTCHA_LIMIT
if not (should_have_recaptcha and config.CONFIG_DB.has_recaptcha):
del form.recaptcha
return form
###############################################################################
# User related stuff
###############################################################################
