Created
May 12, 2013 19:24
-
-
Save davekpython/5564604 to your computer and use it in GitHub Desktop.
udacity hw 5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import webapp2 | |
import re | |
import os | |
import jinja2 | |
import re | |
import hashlib | |
import hmac | |
import random | |
import string | |
from google.appengine.ext import db | |
import json | |
secret = 'imsosecret' | |
template_dir = os.path.join(os.path.dirname(__file__), 'templates') | |
jinja_env = jinja2.Environment(loader = jinja2.FileSystemLoader(template_dir), | |
autoescape = True) | |
USER_RE = re.compile(r"^[a-zA-Z0-9_-]{3,20}$") | |
PASS_RE = re.compile(r"^.{3,20}$") | |
EMAIL_RE = re.compile(r"^[\S]+@[\S]+\.[\S]+$") | |
class User(db.Model): | |
username = db.StringProperty() | |
password_hash = db.StringProperty() | |
email = db.StringProperty() | |
hashish = db.StringProperty() | |
subject = db.StringProperty() | |
content = db.TextProperty() | |
created = db.DateTimeProperty(auto_now_add = True) | |
def valid_username(username): | |
return USER_RE.match(username) | |
def valid_password(password): | |
return PASS_RE.match(password) | |
def valid_email(email): | |
return EMAIL_RE.match(email) | |
def make_salt(): | |
return ''.join(random.choice(string.letters) for x in xrange(5)) | |
def make_pw_hash(name, pw, salt=None): | |
if not salt: | |
salt = make_salt() | |
h = hashlib.sha256(name + pw + salt).hexdigest() | |
return '%s,%s' % (h, salt) | |
def valid_pw(name, pw, h): | |
print h, "h" | |
old_salt = h.split(',')[1] | |
return h == make_pw_hash(name, pw, old_salt) | |
def hash_str(s): | |
return hmac.new(secret, s).hexdigest() | |
def make_secure_val(s): | |
return "%s|%s" % (s, hash_str(s)) | |
def check_secure_val(h): | |
val = h.split('|')[0] | |
if h == make_secure_val(val): | |
return val | |
class Handler(webapp2.RequestHandler): | |
def write(self, *a, **kw): | |
self.response.out.write(*a, **kw) | |
def render_str(self, template, **params): | |
t = jinja_env.get_template(template) | |
return t.render(params) | |
def render(self, template, **kw): | |
self.write(self.render_str(template, **kw)) | |
class MainPage(Handler): | |
def render_front(self, username="", email="", error=""): | |
self.render("front.html", username=username, email=email, error=error) | |
def get(self): | |
self.response.headers['Content-Type'] = 'text/html' | |
self.render_front() | |
self.redirect('/signup') | |
class SignUpPage(Handler): | |
def render_newfront(self, username="", email="", error=""): | |
self.render("front.html", username=username, email=email, error=error) | |
def get(self): | |
self.response.headers['Content-Type'] = 'text/html' | |
self.render_newfront() | |
def post(self): | |
username = self.request.get("username") | |
password = self.request.get("password") | |
verify = self.request.get("verify") | |
email = self.request.get("email") | |
v_username = valid_username(username) | |
v_password = valid_password(password) | |
v_email = valid_email(email) | |
error = '' | |
valid = False | |
if not v_username: | |
error = "That is not a valid Username" | |
self.render_newfront(username, email, error) | |
elif not v_password: | |
error = "That is not a valid Password." | |
self.render_newfront(username, email, error) | |
elif password != verify: | |
error = "Your Password does not match the Verify Password." | |
self.render_newfront(username, email, error) | |
elif email == "": | |
email = "None" | |
valid = True | |
elif not v_email: | |
error = "Your email is lacking validation capacity!" | |
self.render_newfront(username, email, error) | |
else: | |
valid = True | |
if valid == True: | |
users = User.all() | |
old_user = False | |
for p in users: | |
print p.username | |
if p.username == username: | |
old_user = True | |
if old_user == True: | |
error = "That user already exists." | |
self.render_newfront('', '', error) | |
else: | |
user_id = None | |
user_id_cookie_str = self.request.cookies.get('user_id') | |
if user_id_cookie_str: | |
cookie_val = check_secure_val(user_id_cookie_str) | |
if cookie_val: | |
user_id = str(cookie_val) | |
self.redirect("/welcome") | |
else: | |
self.render_newfront() | |
hashish = None | |
pw_hashish_salt = make_pw_hash(username, password, hashish) | |
password_hash = pw_hashish_salt.split(',')[0] | |
hashish = pw_hashish_salt.split(',')[1] | |
a = User(username = username, password_hash = password_hash, hashish = hashish, email = email) | |
a_key = a.put() | |
new_cookie_val = make_secure_val(str(a_key.id())) | |
self.response.headers.add_header('Set-Cookie', 'user_id=%s; Path=/' % new_cookie_val) | |
self.redirect('/welcome') | |
class LoginPage(Handler): | |
def render_newfront(self, username="", error=""): | |
self.render("login.html", username=username, error=error) | |
def get(self): | |
self.response.headers['Content-Type'] = 'text/html' | |
self.render_newfront() | |
def post(self): | |
username = self.request.get("username") | |
password = self.request.get("password") | |
v_username = valid_username(username) | |
v_password = valid_password(password) | |
error = '' | |
valid = False | |
if not v_username: | |
error = "That is not a valid Username" | |
self.render_newfront(username, error) | |
elif not v_password: | |
error = "That is not a valid Password." | |
self.render_newfront(username, error) | |
else: | |
valid = True | |
if valid == True: | |
users = User.all() | |
old_user = False | |
for p in users: | |
print p.username | |
if p.username == username: | |
old_user = True | |
if old_user == True: | |
error = "That user already exists." | |
self.render_newfront('', error) | |
else: | |
user_id = None | |
user_id_cookie_str = self.request.cookies.get('user_id') | |
print user_id_cookie_str, "cookie str" | |
if user_id_cookie_str: | |
cookie_val = check_secure_val(user_id_cookie_str) | |
if cookie_val: | |
user_id = str(cookie_val) | |
self.redirect("/welcome") | |
else: | |
self.render_newfront() | |
hashish = None | |
pw_hashish_salt = make_pw_hash(username, password, hashish) | |
password_hash = pw_hashish_salt.split(',')[0] | |
hashish = pw_hashish_salt.split(',')[1] | |
a = User(username = username, password_hash = password_hash, hashish = hashish) | |
a_key = a.put() | |
new_cookie_val = make_secure_val(str(a_key.id())) | |
print new_cookie_val, "new_cookie_val" | |
self.response.headers.add_header('Set-Cookie', 'user_id=%s; Path=/' % new_cookie_val) | |
self.redirect('/blog') | |
class Blog(Handler): | |
def render_blogpage(self, subject="", content="", error=""): | |
blogs=db.GqlQuery("SELECT * FROM User ORDER By created Desc") | |
blogs = list(blogs) | |
self.render("blog.html", subject=subject, content=content, error=error, blogs=blogs) | |
def get(self): | |
self.render_blogpage() | |
class JsonBlog(Handler): | |
def get(self): | |
blogs=db.GqlQuery("SELECT * FROM User ORDER By created Desc limit 10") | |
timeformat = '%a %b %d %H:%M:%S %y' | |
pythondict = [{"subject": p.subject, | |
"content":p.content, | |
"created":p.created.strftime(timeformat)} | |
for p in blogs] | |
jsonString = json.dumps(pythondict) | |
self.response.headers['Content-Type'] = 'application/json; charset=UTF-8' | |
self.response.out.write(jsonString) | |
class Json(Handler): | |
def get(self): | |
blogs=db.GqlQuery("SELECT * FROM User ORDER By created Desc limit 10") | |
timeformat = '%a %b %d %H:%M:%S %y' | |
pythondict = [{"subject": p.subject, | |
"content":p.content, | |
"created":p.created.strftime(timeformat)} | |
for p in blogs] | |
jsonString = json.dumps(pythondict) | |
self.response.headers['Content-Type'] = 'application/json; charset=UTF-8' | |
self.response.out.write(jsonString) | |
class PostPage(Handler): | |
def render_postpage(self, subject="", content="", error=""): | |
blogs=db.GqlQuery("SELECT * FROM User ORDER By created Desc") | |
blogs = list(blogs) | |
self.render("newpost.html", subject=subject, content=content, error=error, blogs=blogs) | |
def get(self): | |
self.render_postpage() | |
def post(self): | |
subject = self.request.get("subject") | |
content = self.request.get("content") | |
if subject and content: | |
post = User(subject = subject, content = content) | |
post.put() | |
self.redirect("/newpost/%s" % post.key().id()) | |
else: | |
error = "We need both a subject and your content!" | |
self.render_postpage(subject, content, error) | |
class LatestPost(Handler): | |
def get(self, post_id): | |
post=User.get_by_id(int(post_id)) | |
self.render("latestpost.html", post=post) | |
class WelcomePost(Handler): | |
def render_welcome_post(self, username=""): | |
self.render("welcome.html", username=username) | |
def get(self): | |
user_id_cookie_str = self.request.cookies.get('user_id') | |
print user_id_cookie_str | |
if user_id_cookie_str: | |
cookie_val = check_secure_val(user_id_cookie_str) | |
if cookie_val: | |
user_id = str(cookie_val) | |
user = User.get_by_id(int(user_id.split('|')[0])) | |
username = user.username | |
self.render('welcome.html', username = username) | |
else: | |
self.redirect('/signup') | |
class LogOutPage(Handler): | |
def get(self): | |
new_cookie_val = "" | |
self.response.headers.add_header('Set-Cookie', 'user_id=%s; Path=/' % new_cookie_val) | |
self.redirect('/signup') | |
app = webapp2.WSGIApplication([('/', MainPage), ('.json', Json), ('/.json', JsonBlog), ('/blog', Blog), ('/blog.json', JsonBlog), ('/newpost', PostPage), ('/newpost/(\d+)', LatestPost), ('/signup', SignUpPage),('/welcome', WelcomePost), ('/login', LoginPage), ('/logout', LogOutPage)], debug = True) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment