Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import webapp2
- import json
- import hmac
- import re
- import time
- from google.appengine.ext import db
- from google.appengine.api import memcache
- start_time = time.time()
- HMAC_SECRET="OUIns325rmWS"
- USER_RE = re.compile(r"^[a-zA-Z0-9_-]{3,20}$")
- PASS_RE = re.compile(r"^.{3,20}$")
- EMAIL_RE = re.compile(r"^[\S]+@[\S]+\.[\S]+$")
- USER=""
- EMAIL=""
- form_newpost= """
- <form method="post">
- <h1>new post</h1>
- <label>Subject:<br>
- <input type="text" name="subject">
- </label>
- <br>
- <label>Blog:<br>
- <textarea name="content" style="height: 500px; width: 400px;"></textarea>
- </label>
- <br>
- <label>
- <input type="submit">
- </label>
- <div style="color:red">
- %(error)s
- </div>
- <br><br><br>
- Programmed by Srdan Letina, Aug 2012.
- </form>
- """
- form_showpost= """
- <form method="post">
- <h3>%(a)s</h3>
- <i>%(b)s</i><br>
- %(c)s
- <hr>
- </form>
- """
- form_signup= """
- <form method="post">
- <h1>Singup</h1>
- <br>
- <label>
- Username <input type="text" name="username" value=%(us)s>
- <div style="color:red">%(error1)s</div>
- <div style="color:red">%(error5)s</div>
- </label><br>
- <label>
- Password <input type="password" name="password">
- <div style="color:red">%(error2)s</div>
- </label><br>
- <label>
- Verify password <input type="password" name="verify">
- <div style="color:red">%(error3)s</div>
- </label><br>
- <label>
- Email (optional) <input type="text" name="email" value=%(email)s>
- <div style="color:red">%(error4)s</div>
- </label><br>
- <input type="submit">
- <br><br><br>
- Programmed by Srdan Letina, Aug 2012.
- </form>
- """
- form_login= """
- <form method="post">
- <h1>Login</h1>
- <br>
- <label>
- Username <input type="text" name="username_login" value=%(us_log)s>
- </label><br>
- <label>
- Password <input type="password" name="password_login">
- </label><br>
- <div style="color:red">%(error_log)s</div>
- <input type="submit">
- <br><br><br>
- Programmed by Srdan Letina, Aug 2012.
- </form>
- """
- form_rot13= """
- <form method="post">
- Enter some text to ROT13:
- <br>
- <textarea name="text" style="height: 100px; width: 400px;">%s</textarea>
- <input type="submit">
- <br><br><br>
- Programmed by Srdan Letina, Aug 2012.
- </form>
- """
- class Entry(db.Model): #database for blog posts
- subject=db.StringProperty(required = True)
- content=db.TextProperty(required = True)
- created=db.DateTimeProperty(auto_now_add=True)
- class User_DB(db.Model): #database for user accounts
- username=db.StringProperty(required = True)
- password=db.StringProperty(required = True)
- email=db.StringProperty()
- class MainPage(webapp2.RequestHandler): #main page
- def topPosts(self):
- global start_time
- key="top"
- entries=memcache.get(key)
- if entries is None:
- entries=db.GqlQuery('select * from Entry order by created desc limit 10')
- entries=list(entries)
- memcache.set(key,entries)
- start_time = time.time()
- return entries
- def get(self):
- self.response.out.write("<h1>CS253 BLOG (Programmed by Srdan Letina, Aug 2012.) :</h1>")
- self.response.out.write("<i>Scroll down to the bottom to se more details about the site and its functionality. You will learn how things work around here. :)</i>")
- self.response.out.write("<h3><a href='/newpost'>New post</a></h3>")
- for i in self.topPosts():
- self.response.out.write(form_showpost %{'a':i.subject,'b':i.created,'c':i.content})
- self.response.out.write("<i>Go to <b>/newpost</b> to create new post.</i><br>")
- self.response.out.write("<i>Go to <b>/x</b> to see individual post (where x is the post id).</i><br>")
- self.response.out.write("<i>Go to <b>/signup</b> to create new user account.</i><br>")
- self.response.out.write("<i>Go to <b>/login</b> to log in as existing user.</i><br>")
- self.response.out.write("<i>Go to <b>/logout</b> to log out.</i><br>")
- self.response.out.write("<i>Go to <b>/rot13</b> to encode or decode some text via ROT13 method.</i><br>")
- self.response.out.write("<br><br>Queried %f seconds ago."%(time.time()-start_time))
- class NewPost(webapp2.RequestHandler): #make new post to the blog
- def get(self,error=""):
- self.response.out.write(form_newpost %{'error':error})
- def post(self):
- if self.request.get("subject")=="" or self.request.get("content")=="":
- self.response.out.write(form_newpost %{'error':'We need both subject and content.'})
- else:
- esc1=self.escape_html(self.request.get("subject"))
- esc2=self.escape_newline(self.escape_html(self.request.get("content")))
- e=Entry(subject = esc1,content=esc2)
- e.put()
- id = e.key().id()
- self.redirect("/%s" %id)
- def escape_html(self, s):
- for(i,o) in (('&','&'),('>','>'),('<','<'),('"','"')):
- s=s.replace(i,o)
- return s
- def escape_newline(self, s):
- s=s.replace('\n','<br>')
- return s
- class MainPageJson(webapp2.RequestHandler):###
- def get(self):
- self.response.headers.add_header('Content-Type', 'application/json')
- entries=db.GqlQuery('select * from Entry order by created desc limit 10')
- j=[]
- for i in entries:
- j.append({"a":i.subject,"b":i.content})
- d=json.dumps(j)
- self.response.out.write(d)
- class Permalink(webapp2.RequestHandler): #permalink to post by its id
- def get(self, id):
- self.response.out.write("<h1><a href='/'>CS253 BLOG(Programmed by Srdan Letina, Aug 2012.):</a></h1>")
- id = int(self.request.path.split("/")[-1])
- key=str(id)
- temp=memcache.get(key)
- if temp is None:
- temp=(Entry.get_by_id (id, parent=None),time.time())
- memcache.set(key,temp)
- if temp:
- self.response.out.write(form_showpost %{'a':temp[0].subject,'b':temp[0].created,'c':temp[0].content})
- self.response.out.write("<br><br>Queried %f seconds ago."%(time.time()-temp[1]))
- else:
- self.redirect('/notfound')
- class PermalinkJson(webapp2.RequestHandler):###
- def get(self, id):
- self.response.headers.add_header('Content-Type', 'application/json')
- id = str(self.request.path.split("/")[-1])
- id = int(id.split(".")[0])
- temp=Entry.get_by_id (id, parent=None)
- if temp:
- j={"a":temp.subject,"b":temp.content}
- d=json.dumps(j)
- self.response.out.write(d)
- else:
- self.redirect('/notfound')
- class NotFound(webapp2.RequestHandler): #if permalink not found, you're redirected here
- def get(self):
- self.response.out.write("<h1>Error 404: NOT FOUND</h1>")
- class SignUp(webapp2.RequestHandler): #create user account
- def get(self,us="",email="",error1="",error2="",error3="",error4="",error5=""):
- self.response.out.write(form_signup %{"us":us,"email":email,"error1":error1,"error2":error2,"error3":error3,"error4":error4,"error5":error5})
- def unique_username(self,username):
- for i in db.GqlQuery('select * from User_DB'):
- if username==i.username:
- return False
- return True
- def valid_username(self,username):
- return USER_RE.match(username)
- def valid_password(self,password):
- return PASS_RE.match(password)
- def verify_password(self):
- if self.request.get('password')==self.request.get('verify'):
- return True
- else:
- return False
- def valid_email(self, email):
- if email:
- return EMAIL_RE.match(email)
- return True
- def escape_html(self, s):
- for(i,o) in (('&','&'),('>','>'),('<','<'),('"','"')):
- s=s.replace(i,o)
- return s
- def hash_str(self,s):
- return hmac.new(HMAC_SECRET, s).hexdigest()
- def make_secure_val(self,s):
- return "%s|%s" % (s, self.hash_str(s))
- def post(self):
- error1=""
- error2=""
- error3=""
- error4=""
- error5=""
- USER=self.request.get('username')
- PASS=self.request.get('password')
- EMAIL=self.request.get('email')
- if not self.unique_username(USER):
- error5="Username already exist."
- if not self.valid_username(USER):
- error1="That's not a valid username."
- if not self.valid_password(PASS):
- error2="That wasn't a valid password."
- if not self.verify_password():
- error3="Your passwords didn't match."
- if not self.valid_email(EMAIL):
- error4="That's not a valid email."
- if (self.valid_username(USER) and self.valid_password(PASS)
- and self.verify_password() and self.valid_email(EMAIL) and self.unique_username(USER)):
- User=self.escape_html(USER)
- PASS=self.escape_html(PASS)
- EMAIL=self.escape_html(EMAIL)
- user_entry=User_DB(username=USER,password=PASS,email=EMAIL)
- user_entry.put()
- self.response.headers.add_header('Set-Cookie', 'user_id=%s; path=/' % str(self.make_secure_val(USER)))
- self.redirect("/welcome")
- self.get(USER,EMAIL,error1,error2,error3,error4,error5)
- class Welcome(webapp2.RequestHandler): #welcome page for logged in user
- def hash_str(self,s):
- return hmac.new(HMAC_SECRET, s).hexdigest()
- def make_secure_val(self,s):
- return "%s|%s" % (s, self.hash_str(s))
- def check_secure_val(self, h):
- val = h.split('|')[0]
- if h == self.make_secure_val(val):
- return val
- def get(self):
- username = self.request.cookies.get('user_id', '')
- if username!='' and self.check_secure_val(username):
- self.response.out.write('Welcome, %s!' %self.check_secure_val(username))
- else:
- self.redirect('/signup')
- class Login(webapp2.RequestHandler): #login page
- def hash_str(self,s):
- return hmac.new(HMAC_SECRET, s).hexdigest()
- def make_secure_val(self,s):
- return "%s|%s" % (s, self.hash_str(s))
- def get(self, us_log="", error_log=""):
- self.response.out.write(form_login %{"us_log":us_log,"error_log":error_log})
- def post(self):
- USER=self.request.get('username_login')
- PASS=self.request.get('password_login')
- e=db.GqlQuery(" SELECT * FROM User_DB WHERE username=:1",USER)
- i=e.get()
- if i and i.password==PASS:
- self.response.headers.add_header('Set-Cookie', 'user_id=%s; path=/' % str(self.make_secure_val(USER)))
- self.redirect("/welcome")
- self.get(USER,"Invalid login")
- class Logout(webapp2.RequestHandler): #logout page
- def get(self):
- self.response.headers.add_header('Set-Cookie', 'user_id=; path=/')
- self.redirect('/signup')
- class Rot13(webapp2.RequestHandler): #rot13 page
- def get(self,s=""):
- self.response.out.write(form_rot13 %s)
- def escape_html(self, s):
- for(i,o) in (('&','&'),('>','>'),('<','<'),('"','"')):
- s=s.replace(i,o)
- return s
- def rot13(self,s):
- temp=""
- h=s
- for i in s:
- if i>='A' and i<='Z':
- if (ord(i)+13)<91:
- temp=temp+chr((ord(i)+13))
- else:
- temp=temp+chr(((ord(i)+13)%91)+65)
- elif i>='a' and i<='z':
- if (ord(i)+13)<123:
- temp=temp+chr((ord(i)+13))
- else:
- temp=temp+chr(((ord(i)+13)%123)+97)
- else:
- temp=temp+i
- return temp
- def post(self):
- input=self.request.get('text')
- rot13=self.rot13(input)
- final=self.escape_html(rot13)
- self.response.out.write(form_rot13 %final)
- class Flush(webapp2.RequestHandler):
- def get(self):
- memcache.flush_all()
- self.redirect('/')
- app = webapp2.WSGIApplication([('/',MainPage),
- ('/.json',MainPageJson),
- ('/newpost',NewPost),
- ('/(\d+)', Permalink),
- ('/(\d+).json', PermalinkJson),
- ('/signup',SignUp),
- ('/welcome',Welcome),
- ('/login', Login),
- ('/logout', Logout),
- ('/notfound', NotFound),
- ('/rot13', Rot13),
- ('/flush',Flush)],
- debug=True)
Add Comment
Please, Sign In to add comment