178 lines
5.6 KiB
Python
178 lines
5.6 KiB
Python
# -*- coding: utf-8 -*-
|
|
import pymongo
|
|
import sessionDAO
|
|
import userDAO
|
|
import homeoffice
|
|
import comics
|
|
import library
|
|
import medien
|
|
import tradingcards
|
|
import ConfigParser
|
|
import bottle
|
|
import cgi
|
|
import re
|
|
|
|
|
|
__author__ = 'tpeetz'
|
|
|
|
app = bottle.Bottle()
|
|
|
|
|
|
def index():
|
|
cookie = bottle.request.get_cookie("session")
|
|
username = sessions.get_username(cookie)
|
|
return bottle.template('kontor', dict(username=username))
|
|
|
|
|
|
def show_signup():
|
|
return bottle.template("signup", dict(username="",
|
|
password="",
|
|
password_error="",
|
|
email="",
|
|
username_error="",
|
|
email_error="",
|
|
verify_error =""))
|
|
|
|
|
|
def process_signup():
|
|
email = bottle.request.forms.get("email")
|
|
username = bottle.request.forms.get("username")
|
|
password = bottle.request.forms.get("password")
|
|
verify = bottle.request.forms.get("verify")
|
|
|
|
# set these up in case we have an error case
|
|
errors = {'username': cgi.escape(username), 'email': cgi.escape(email)}
|
|
if validate_signup(username, password, verify, email, errors):
|
|
|
|
if not users.add_user(username, password, email):
|
|
# this was a duplicate
|
|
errors['username_error'] = "Username already in use. Please choose another"
|
|
return bottle.template("signup", errors)
|
|
|
|
session_id = sessions.start_session(username)
|
|
print session_id
|
|
bottle.response.set_cookie("session", session_id)
|
|
bottle.redirect("/welcome")
|
|
else:
|
|
print "user did not validate"
|
|
return bottle.template("signup", errors)
|
|
|
|
|
|
def show_login():
|
|
return bottle.template('login', dict(username="", password="", login_error=""))
|
|
|
|
def process_login():
|
|
username = bottle.request.forms.get("username")
|
|
password = bottle.request.forms.get("password")
|
|
|
|
print "user submitted ", username, "pass ", password
|
|
|
|
user_record = users.validate_login(username, password)
|
|
if user_record:
|
|
# username is stored in the user collection in the _id key
|
|
session_id = sessions.start_session(user_record['_id'])
|
|
|
|
if session_id is None:
|
|
bottle.redirect("/internal_error")
|
|
|
|
cookie = session_id
|
|
|
|
# Warning, if you are running into a problem whereby the cookie being set here is
|
|
# not getting set on the redirect, you are probably using the experimental version of bottle (.12).
|
|
# revert to .11 to solve the problem.
|
|
bottle.response.set_cookie("session", cookie)
|
|
|
|
bottle.redirect("/")
|
|
|
|
else:
|
|
return bottle.template("login", dict(username=cgi.escape(username), password="", login_error="Invalid Login"))
|
|
|
|
|
|
def process_logout():
|
|
cookie = bottle.request.get_cookie("session")
|
|
sessions.end_session(cookie)
|
|
bottle.response.set_cookie("session", "")
|
|
bottle.redirect("/")
|
|
|
|
|
|
def send_stylesheet(filename):
|
|
return bottle.static_file(filename, root='.', mimetype='text/css')
|
|
|
|
|
|
def setup_routing(app):
|
|
app.route('/', 'GET', index)
|
|
app.route('/signup', 'GET', show_signup)
|
|
app.route('/signup', 'POST', process_signup)
|
|
app.route('/login', 'GET', show_login)
|
|
app.route('/login', 'POST', process_login)
|
|
app.route('/logout', 'GET', process_logout)
|
|
app.route('/css/<filename:re:.*\.css>', 'GET', send_stylesheet)
|
|
|
|
|
|
# validates that the user information is valid for new signup, return True of False
|
|
# and fills in the error string if there is an issue
|
|
def validate_signup(username, password, verify, email, errors):
|
|
USER_RE = re.compile(r"^[a-zA-Z0-9_-]{3,20}$")
|
|
PASS_RE = re.compile(r"^.{3,20}$")
|
|
EMAIL_RE = re.compile(r"^[\S]+@[\S]+\.[\S]+$")
|
|
|
|
errors['username_error'] = ""
|
|
errors['password_error'] = ""
|
|
errors['verify_error'] = ""
|
|
errors['email_error'] = ""
|
|
|
|
if not USER_RE.match(username):
|
|
errors['username_error'] = "invalid username. try just letters and numbers"
|
|
return False
|
|
|
|
if not PASS_RE.match(password):
|
|
errors['password_error'] = "invalid password."
|
|
return False
|
|
if password != verify:
|
|
errors['verify_error'] = "password must match"
|
|
return False
|
|
if email != "":
|
|
if not EMAIL_RE.match(email):
|
|
errors['email_error'] = "invalid email address"
|
|
return False
|
|
return True
|
|
|
|
|
|
setup_routing(app)
|
|
|
|
config = ConfigParser.ConfigParser()
|
|
config.read('kontor.properties')
|
|
server = config.get('host', 'server')
|
|
port = config.get('host', 'port')
|
|
|
|
db_server = config.get('database', 'server')
|
|
db_port = config.get('database', 'port')
|
|
db_admin = config.get('database', 'adminDB')
|
|
db_user = config.get('database', 'user')
|
|
db_password = config.get('database', 'password')
|
|
connection_string = "mongodb://"
|
|
if db_admin:
|
|
connection_string += db_user
|
|
connection_string += ':'
|
|
connection_string += db_password
|
|
connection_string += '@'
|
|
connection_string += db_server
|
|
connection_string += '?/authsource='
|
|
connection_string += db_admin
|
|
else:
|
|
connection_string += db_server
|
|
connection = pymongo.MongoClient(connection_string)
|
|
database = connection.kontor
|
|
|
|
users = userDAO.UserDAO(database)
|
|
sessions = sessionDAO.SessionDAO(database)
|
|
|
|
office_plugin = homeoffice.Plugin(app, database, sessions)
|
|
comics_plugin = comics.Plugin(app, database, sessions)
|
|
library_plugin = library.Plugin(app, database, sessions)
|
|
medien_plugin = medien.Plugin(app, database, sessions)
|
|
tradingcards_plugin = tradingcards.Plugin(app, database, sessions)
|
|
|
|
bottle.run(app, host=server, port=port, debug=True, reloader=True)
|
|
|