API tools faq
paste
Guest User

Untitled

a guest
Dec 15th, 2018
174
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 6.24 KB | None | 0 0
raw download clone embed print report
  1. class User:
  2.     table = 'users'
  3.     fields = {
  4.         'nickname': '',
  5.         'email': '',
  6.         'password': '',
  7.         'googlemail': None,
  8.         'facebookid': None,
  9.         'birthdate': '',
  10.         'vkontakteid': None,
  11.         'activate': False,
  12.         'activation_key': None,
  13.         'img': '',
  14.     }
  15.  
  16.     def __init__(self, user_id=0):
  17.         if user_id:
  18.             self.id = user_id
  19.             self.load()
  20.  
  21.     def load(self):
  22.         """
  23.        loads user's data
  24.        """
  25.         with db.connection as conn:
  26.             query = """
  27.                SELECT *
  28.                FROM """ + self.table + """
  29.                WHERE id = %(id)s
  30.            """
  31.             cursor = conn.cursor(cursor_factory=DictCursor)
  32.             cursor.execute(query, dict(id=self.id))
  33.             row = cursor.fetchone()
  34.             if row is not None:
  35.                 for field in self.fields:
  36.                     self.__setattr__(field, row[field])
  37.                # try:
  38.                # self.nickname = row['nickname']
  39.                # self.email = row['email']
  40.                # self.hashed_password = row['password']
  41.                # self.googlemail = row['googlemail']
  42.                # self.facebookid = row['facebookid']
  43.                # self.birthdate = row['birthdate']
  44.                # self.vkontakteid = row['vkontakteid']
  45.                # self.activate = row['activate']
  46.                # except:
  47.                #     logging.error(traceback.print_exc())
  48.  
  49.     def save(self):
  50.         """
  51.        saves user's data
  52.        """
  53.         params = {}
  54.         if self.id:
  55.             query = """
  56.                UPDATE """ + self.table + """
  57.                SET """ + ', '.join(['%s = %%(%s)s' % (field, field) for field in self.fields]) + """
  58.                WHERE id = %(id)s
  59.            """
  60.             params = {field: self.__dict__[field] for field in self.fields}
  61.             params['id'] = self.id
  62.         else:
  63.             query = """
  64.                INSERT INTO """ + self.table + """
  65.                (""" + ', '.join(['%s' % field for field in self.fields]) + """)
  66.                VALUES (""" + ', '.join(['%%(%s)s' % field for field in self.fields]) + """)
  67.            """
  68.             params = {field: self.__dict__[field] for field in self.fields}
  69.         with db.connection as conn:
  70.             cursor = conn.cursor()
  71.             cursor.execute(query, params)
  72.             logging.info(cursor.query.decode())
  73.             user_id = cursor.lastrowid
  74.             if user_id:
  75.                 self.id = user_id
  76.  
  77.     @staticmethod
  78.     def hash_password(password):
  79.         """
  80.        returns hashed user's password
  81.        """
  82.         md5 = hashlib.md5()
  83.         md5.update(password.encode('utf-8'))
  84.         return md5.hexdigest()
  85.  
  86.     def gen_password(self):
  87.         """
  88.        generates user's password and return it
  89.        """
  90.         #todo: generate random password
  91.         password = '123'
  92.         self.password = User.hash_password(password)
  93.         return password
  94.  
  95.     def check_password(self, password):
  96.         query = "SELECT TRUE FROM users WHERE id = %(user_id)s AND password = %(passwd)s"
  97.         params = {'user_id': self.id, 'passwd': User.hash_password(password)}
  98.         with db.connection as conn:
  99.             cursor = conn.cursor()
  100.             cursor.execute(query, params)
  101.             if cursor.fetchone():
  102.                 return True
  103.         return False
  104.  
  105.     @classmethod
  106.     def check(cls, email, password):
  107.         """
  108.        checks email+password combination and returns user id if them are correct, else - None
  109.        """
  110.         if not email or not password:
  111.             return None
  112.  
  113.         hashed_password = User.hash_password(password)
  114.         #Email/Password Validation:
  115.         query = """
  116.            SELECT id
  117.            FROM """ + cls.table + """
  118.            WHERE email = %(email)s AND password = %(password_hash)s AND activate = 't'
  119.        """
  120.         params = {'email': email, 'password_hash': hashed_password}
  121.         with db.connection as conn:
  122.             cursor = conn.cursor()
  123.             cursor.execute(query, params)
  124.             user_id = cursor.fetchone()
  125.             if user_id is not None:
  126.                 return user_id[0]
  127.         return None
  128.  
  129.     @classmethod
  130.     def reset_activation(cls, email):
  131.         sql = 'SELECT email FROM ' + cls.table + ' WHERE email = %(email)s'
  132.         params = {'email': email}
  133.         with db.connection as conn:
  134.             cursor = conn.cursor()
  135.             cursor.execute(sql, params)
  136.             if cursor.fetchone():
  137.                 activation_key = hashlib.new('md5')
  138.                 activation_key.update((email + str(datetime.datetime.now())).encode('utf-8'))
  139.                 activation_key = activation_key.hexdigest()
  140.                 sql = 'UPDATE ' + cls.table + ' SET activate = False, activation_key= %(hash)s WHERE email = %(email)s'
  141.                 params = {'hash': activation_key, 'email': email}
  142.                 cursor.execute(sql, params)
  143.                 return activation_key
  144.         return None  # in case of no such email
  145.  
  146.     @classmethod
  147.     def find_by_actkey(cls, key):
  148.         sql = """SELECT id FROM """ + cls.table + """ WHERE activation_key = %(key)s"""
  149.         params = {'key': key}
  150.         with db.connection as conn:
  151.             cursor = conn.cursor()
  152.             cursor.execute(sql, params)
  153.             row = cursor.fetchone()
  154.             if row is not None:
  155.                 return User(row[0])
  156.         return None
  157.  
  158.     @classmethod
  159.     def gen_actkey(cls,passwd,email):
  160.         md5 = hashlib.md5()
  161.         md5.update((passwd+email).encode('utf-8'))
  162.         return md5.hexdigest()
  163.  
  164.  
  165. class MyHandler(tornado.web.RequestHandler):
  166.  
  167.     def initialize(self):
  168.         self.user = None
  169.         self.db = db
  170.         sid = self.get_secure_cookie('sid')
  171.         if sid is not None:
  172.             sid = str(sid, 'UTF-8')
  173.             self.session = Session(sid=sid)
  174.             if self.session.user_id is not None:
  175.                 self.user = User(self.session.user_id)
  176.  
  177.     def get_template_path(self):
  178.         return os.path.join(os.path.dirname(__file__), 'templates')
  179.  
  180.     def get_current_user(self):
  181.         if self.user is not None:
  182.             return self.user.id
  183.         return None
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!