-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathblog.py
203 lines (143 loc) · 6.22 KB
/
blog.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
#
# Copyright (c) 2008 - 2013 10gen, Inc. <http://10gen.com>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
import pymongo
import sessionDAO
import userDAO
import bottle
import cgi
import re
__author__ = 'aje'
# General Discussion on structure. This program implements a blog. This file is the best place to start to get
# to know the code. In this file, which is the controller, we define a bunch of HTTP routes that are handled
# by functions. The basic way that this magic occurs is through the decorator design pattern. Decorators
# allow you to modify a function, adding code to be executed before and after the function. As a side effect
# the bottle.py decorators also put each callback into a route table.
# These are the routes that the blog must handle. They are decorated using bottle.py
# This route is the main page of the blog
@bottle.route('/')
def blog_index():
cookie = bottle.request.get_cookie("session")
username = sessions.get_username(cookie)
# todo: this is not yet implemented at this point in the course
return bottle.template('blog_template', dict(username=username))
# displays the initial blog signup form
@bottle.get('/signup')
def present_signup():
return bottle.template("signup",
dict(username="", password="",
password_error="",
email="", username_error="", email_error="",
verify_error =""))
# displays the initial blog login form
@bottle.get('/login')
def present_login():
return bottle.template("login",
dict(username="", password="",
login_error=""))
# handles a login request
@bottle.post('/login')
def process_login():
username = bottle.request.forms.get("username")
password = bottle.request.forms.get("password")
print "user submitted ", username, "pass ", password
user_record = users.validate_login(username, password)
if user_record:
# username is stored in the user collection in the _id key
session_id = sessions.start_session(user_record['_id'])
if session_id is None:
bottle.redirect("/internal_error")
cookie = session_id
# Warning, if you are running into a problem whereby the cookie being set here is
# not getting set on the redirect, you are probably using the experimental version of bottle (.12).
# revert to .11 to solve the problem.
bottle.response.set_cookie("session", cookie)
bottle.redirect("/welcome")
else:
return bottle.template("login",
dict(username=cgi.escape(username), password="",
login_error="Invalid Login"))
@bottle.get('/internal_error')
@bottle.view('error_template')
def present_internal_error():
return {'error':"System has encountered a DB error"}
@bottle.get('/logout')
def process_logout():
cookie = bottle.request.get_cookie("session")
sessions.end_session(cookie)
bottle.response.set_cookie("session", "")
bottle.redirect("/signup")
@bottle.post('/signup')
def process_signup():
email = bottle.request.forms.get("email")
username = bottle.request.forms.get("username")
password = bottle.request.forms.get("password")
verify = bottle.request.forms.get("verify")
# set these up in case we have an error case
errors = {'username': cgi.escape(username), 'email': cgi.escape(email)}
if validate_signup(username, password, verify, email, errors):
if not users.add_user(username, password, email):
# this was a duplicate
errors['username_error'] = "Username already in use. Please choose another"
return bottle.template("signup", errors)
session_id = sessions.start_session(username)
print session_id
bottle.response.set_cookie("session", session_id)
bottle.redirect("/welcome")
else:
print "user did not validate"
return bottle.template("signup", errors)
@bottle.get("/welcome")
def present_welcome():
# check for a cookie, if present, then extract value
cookie = bottle.request.get_cookie("session")
username = sessions.get_username(cookie) # see if user is logged in
if username is None:
print "welcome: can't identify user...redirecting to signup"
bottle.redirect("/signup")
return bottle.template("welcome", {'username': username})
# Helper Functions
# validates that the user information is valid for new signup, return True of False
# and fills in the error string if there is an issue
def validate_signup(username, password, verify, email, errors):
USER_RE = re.compile(r"^[a-zA-Z0-9_-]{3,20}$")
PASS_RE = re.compile(r"^.{3,20}$")
EMAIL_RE = re.compile(r"^[\S]+@[\S]+\.[\S]+$")
errors['username_error'] = ""
errors['password_error'] = ""
errors['verify_error'] = ""
errors['email_error'] = ""
if not USER_RE.match(username):
errors['username_error'] = "invalid username. try just letters and numbers"
return False
if not PASS_RE.match(password):
errors['password_error'] = "invalid password."
return False
if password != verify:
errors['verify_error'] = "password must match"
return False
if email != "":
if not EMAIL_RE.match(email):
errors['email_error'] = "invalid email address"
return False
return True
connection_string = "mongodb://localhost"
connection = pymongo.MongoClient(connection_string)
database = connection.blog
users = userDAO.UserDAO(database)
sessions = sessionDAO.SessionDAO(database)
bottle.debug(True)
bottle.run(host='localhost', port=8082) # Start the webserver running and wait for requests