API tools faq
paste
Guest User

Untitled

a guest
Oct 3rd, 2018
101
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 11.04 KB | None | 0 0
raw download clone embed print report
  1. import webapp2
  2. import json
  3. import hmac
  4. import re
  5. import time
  6. from google.appengine.ext import db
  7. from google.appengine.api import memcache
  8.  
  9. start_time = time.time()
  10. HMAC_SECRET="OUIns325rmWS"
  11. USER_RE = re.compile(r"^[a-zA-Z0-9_-]{3,20}$")
  12. PASS_RE = re.compile(r"^.{3,20}$")
  13. EMAIL_RE = re.compile(r"^[\S]+@[\S]+\.[\S]+$")
  14. USER=""
  15. EMAIL=""
  16.  
  17. form_newpost= """
  18. <form method="post">
  19.     <h1>new post</h1>
  20.     <label>Subject:<br>
  21.         <input type="text" name="subject">
  22.     </label>
  23.     <br>
  24.     <label>Blog:<br>
  25.         <textarea name="content" style="height: 500px; width: 400px;"></textarea>
  26.     </label>
  27.     <br>
  28.     <label>
  29.         <input type="submit">
  30.     </label>
  31.     <div style="color:red">
  32.     %(error)s
  33.     </div>
  34.     <br><br><br>
  35.     Programmed by Srdan Letina, Aug 2012.
  36. </form>
  37. """
  38. form_showpost= """
  39. <form method="post">
  40.     <h3>%(a)s</h3>
  41.     <i>%(b)s</i><br>
  42.     %(c)s
  43.     <hr>
  44. </form>
  45. """
  46.  
  47. form_signup= """
  48. <form method="post">
  49.     <h1>Singup</h1>
  50.     <br>
  51.     <label>
  52.         Username <input type="text" name="username" value=%(us)s>
  53.         <div style="color:red">%(error1)s</div>
  54.         <div style="color:red">%(error5)s</div>
  55.     </label><br>
  56.     <label>
  57.         Password <input type="password" name="password">
  58.         <div style="color:red">%(error2)s</div>
  59.     </label><br>
  60.     <label>
  61.         Verify password <input type="password" name="verify">
  62.         <div style="color:red">%(error3)s</div>
  63.     </label><br>
  64.     <label>
  65.         Email (optional) <input type="text" name="email" value=%(email)s>
  66.         <div style="color:red">%(error4)s</div>
  67.     </label><br>
  68.     <input type="submit">
  69.    
  70.     <br><br><br>
  71.     Programmed by Srdan Letina, Aug 2012.
  72. </form>
  73. """
  74.  
  75. form_login= """
  76. <form method="post">
  77.     <h1>Login</h1>
  78.     <br>
  79.     <label>
  80.         Username <input type="text" name="username_login" value=%(us_log)s>
  81.     </label><br>
  82.     <label>
  83.         Password <input type="password" name="password_login">
  84.     </label><br>
  85.     <div style="color:red">%(error_log)s</div>
  86.     <input type="submit">
  87.    
  88.     <br><br><br>
  89.     Programmed by Srdan Letina, Aug 2012.
  90. </form>
  91. """
  92.  
  93. form_rot13= """
  94. <form method="post">
  95.     Enter some text to ROT13:
  96.     <br>
  97.     <textarea name="text" style="height: 100px; width: 400px;">%s</textarea>
  98.     <input type="submit">
  99.    
  100.     <br><br><br>
  101.     Programmed by Srdan Letina, Aug 2012.
  102. </form>
  103. """
  104.  
  105.  
  106. class Entry(db.Model): #database for blog posts
  107.     subject=db.StringProperty(required = True)
  108.     content=db.TextProperty(required = True)
  109.     created=db.DateTimeProperty(auto_now_add=True)
  110.    
  111. class User_DB(db.Model): #database for user accounts
  112.     username=db.StringProperty(required = True)
  113.     password=db.StringProperty(required = True)
  114.     email=db.StringProperty()
  115.  
  116. class MainPage(webapp2.RequestHandler): #main page
  117.     def topPosts(self):
  118.         global start_time
  119.         key="top"
  120.         entries=memcache.get(key)
  121.         if entries is None:
  122.             entries=db.GqlQuery('select * from Entry order by created desc limit 10')
  123.             entries=list(entries)
  124.             memcache.set(key,entries)
  125.             start_time = time.time()
  126.         return entries
  127.  
  128.     def get(self):
  129.         self.response.out.write("<h1>CS253 BLOG (Programmed by Srdan Letina, Aug 2012.) :</h1>")
  130.         self.response.out.write("<i>Scroll down to the bottom to se more details about the site and its functionality. You will learn how things work around here. :)</i>")
  131.         self.response.out.write("<h3><a href='/newpost'>New post</a></h3>")
  132.         for i in self.topPosts():
  133.             self.response.out.write(form_showpost %{'a':i.subject,'b':i.created,'c':i.content})
  134.         self.response.out.write("<i>Go to <b>/newpost</b> to create new post.</i><br>")
  135.         self.response.out.write("<i>Go to <b>/x</b> to see individual post (where x is the post id).</i><br>")
  136.         self.response.out.write("<i>Go to <b>/signup</b> to create new user account.</i><br>")
  137.         self.response.out.write("<i>Go to <b>/login</b> to log in as existing user.</i><br>")
  138.         self.response.out.write("<i>Go to <b>/logout</b> to log out.</i><br>")
  139.         self.response.out.write("<i>Go to <b>/rot13</b> to encode or decode some text via ROT13 method.</i><br>")
  140.         self.response.out.write("<br><br>Queried %f seconds ago."%(time.time()-start_time))
  141.        
  142. class NewPost(webapp2.RequestHandler): #make new post to the blog
  143.     def get(self,error=""):
  144.         self.response.out.write(form_newpost %{'error':error})
  145.     def post(self):
  146.         if self.request.get("subject")=="" or self.request.get("content")=="":
  147.             self.response.out.write(form_newpost %{'error':'We need both subject and content.'})
  148.         else:
  149.             esc1=self.escape_html(self.request.get("subject"))
  150.             esc2=self.escape_newline(self.escape_html(self.request.get("content")))
  151.             e=Entry(subject = esc1,content=esc2)
  152.             e.put()
  153.             id = e.key().id()
  154.             self.redirect("/%s" %id)
  155.     def escape_html(self, s):
  156.         for(i,o) in (('&','&'),('>','>'),('<','<'),('"','"')):
  157.             s=s.replace(i,o)
  158.         return s
  159.     def escape_newline(self, s):
  160.         s=s.replace('\n','<br>')
  161.         return s
  162.  
  163. class MainPageJson(webapp2.RequestHandler):###
  164.     def get(self):
  165.         self.response.headers.add_header('Content-Type', 'application/json')
  166.         entries=db.GqlQuery('select * from Entry order by created desc limit 10')
  167.         j=[]
  168.         for i in entries:
  169.             j.append({"a":i.subject,"b":i.content})
  170.         d=json.dumps(j)
  171.         self.response.out.write(d)
  172.  
  173. class Permalink(webapp2.RequestHandler): #permalink to post by its id
  174.     def get(self, id):
  175.         self.response.out.write("<h1><a href='/'>CS253 BLOG(Programmed by Srdan Letina, Aug 2012.):</a></h1>")
  176.         id =  int(self.request.path.split("/")[-1])
  177.         key=str(id)
  178.         temp=memcache.get(key)
  179.         if temp is None:
  180.             temp=(Entry.get_by_id (id, parent=None),time.time())
  181.             memcache.set(key,temp)
  182.         if temp:
  183.             self.response.out.write(form_showpost %{'a':temp[0].subject,'b':temp[0].created,'c':temp[0].content})
  184.             self.response.out.write("<br><br>Queried %f seconds ago."%(time.time()-temp[1]))
  185.         else:
  186.             self.redirect('/notfound')
  187.  
  188. class PermalinkJson(webapp2.RequestHandler):###
  189.     def get(self, id):
  190.         self.response.headers.add_header('Content-Type', 'application/json')
  191.         id =  str(self.request.path.split("/")[-1])
  192.         id = int(id.split(".")[0])
  193.         temp=Entry.get_by_id (id, parent=None)
  194.         if temp:
  195.             j={"a":temp.subject,"b":temp.content}
  196.             d=json.dumps(j)
  197.             self.response.out.write(d)
  198.         else:
  199.             self.redirect('/notfound')
  200.            
  201. class NotFound(webapp2.RequestHandler): #if permalink not found, you're redirected here
  202.     def get(self):
  203.         self.response.out.write("<h1>Error 404: NOT FOUND</h1>")
  204.  
  205. class SignUp(webapp2.RequestHandler): #create user account
  206.     def get(self,us="",email="",error1="",error2="",error3="",error4="",error5=""):
  207.         self.response.out.write(form_signup %{"us":us,"email":email,"error1":error1,"error2":error2,"error3":error3,"error4":error4,"error5":error5})
  208.        
  209.     def unique_username(self,username):
  210.         for i in db.GqlQuery('select * from User_DB'):
  211.             if username==i.username:
  212.                 return False
  213.         return True
  214.     def valid_username(self,username):
  215.         return USER_RE.match(username)
  216.     def valid_password(self,password):
  217.         return PASS_RE.match(password)
  218.     def verify_password(self):
  219.         if self.request.get('password')==self.request.get('verify'):
  220.             return True
  221.         else:
  222.             return False
  223.     def valid_email(self, email):
  224.         if email:
  225.             return EMAIL_RE.match(email)
  226.         return True
  227.     def escape_html(self, s):
  228.         for(i,o) in (('&','&'),('>','>'),('<','<'),('"','"')):
  229.             s=s.replace(i,o)
  230.         return s   
  231.     def hash_str(self,s):
  232.         return hmac.new(HMAC_SECRET, s).hexdigest()
  233.     def make_secure_val(self,s):
  234.         return "%s|%s" % (s, self.hash_str(s))
  235.     def post(self):
  236.         error1=""
  237.         error2=""
  238.         error3=""
  239.         error4=""
  240.         error5=""
  241.         USER=self.request.get('username')
  242.         PASS=self.request.get('password')
  243.         EMAIL=self.request.get('email')
  244.         if not self.unique_username(USER):
  245.             error5="Username already exist."
  246.         if not self.valid_username(USER):
  247.             error1="That's not a valid username."
  248.         if not self.valid_password(PASS):
  249.             error2="That wasn't a valid password."
  250.         if not self.verify_password():
  251.             error3="Your passwords didn't match."
  252.         if not self.valid_email(EMAIL):
  253.             error4="That's not a valid email."
  254.         if (self.valid_username(USER) and self.valid_password(PASS)
  255.             and self.verify_password() and self.valid_email(EMAIL) and self.unique_username(USER)):
  256.             User=self.escape_html(USER)
  257.             PASS=self.escape_html(PASS)
  258.             EMAIL=self.escape_html(EMAIL)
  259.             user_entry=User_DB(username=USER,password=PASS,email=EMAIL)
  260.             user_entry.put()           
  261.             self.response.headers.add_header('Set-Cookie', 'user_id=%s; path=/' % str(self.make_secure_val(USER)))
  262.             self.redirect("/welcome")
  263.         self.get(USER,EMAIL,error1,error2,error3,error4,error5)    
  264.  
  265. class Welcome(webapp2.RequestHandler): #welcome page for logged in user
  266.     def hash_str(self,s):
  267.         return hmac.new(HMAC_SECRET, s).hexdigest()
  268.     def make_secure_val(self,s):
  269.         return "%s|%s" % (s, self.hash_str(s))
  270.     def check_secure_val(self, h):
  271.         val = h.split('|')[0]
  272.         if h == self.make_secure_val(val):
  273.             return val
  274.     def get(self):
  275.         username = self.request.cookies.get('user_id', '')
  276.         if username!='' and self.check_secure_val(username):
  277.             self.response.out.write('Welcome, %s!' %self.check_secure_val(username))
  278.         else:
  279.             self.redirect('/signup')
  280.        
  281. class Login(webapp2.RequestHandler): #login page
  282.  
  283.     def hash_str(self,s):
  284.         return hmac.new(HMAC_SECRET, s).hexdigest()
  285.     def make_secure_val(self,s):
  286.         return "%s|%s" % (s, self.hash_str(s))
  287.    
  288.     def get(self, us_log="", error_log=""):
  289.         self.response.out.write(form_login %{"us_log":us_log,"error_log":error_log})
  290.     def post(self):
  291.         USER=self.request.get('username_login')
  292.         PASS=self.request.get('password_login')
  293.         e=db.GqlQuery(" SELECT * FROM User_DB WHERE username=:1",USER)
  294.         i=e.get()
  295.         if i and i.password==PASS:
  296.                 self.response.headers.add_header('Set-Cookie', 'user_id=%s; path=/' % str(self.make_secure_val(USER)))
  297.                 self.redirect("/welcome")
  298.         self.get(USER,"Invalid login")
  299.        
  300. class Logout(webapp2.RequestHandler): #logout page
  301.     def get(self):
  302.         self.response.headers.add_header('Set-Cookie', 'user_id=; path=/')
  303.         self.redirect('/signup')
  304.  
  305. class Rot13(webapp2.RequestHandler): #rot13 page
  306.     def get(self,s=""):
  307.         self.response.out.write(form_rot13 %s)
  308.        
  309.     def escape_html(self, s):
  310.         for(i,o) in (('&','&'),('>','>'),('<','<'),('"','"')):
  311.             s=s.replace(i,o)
  312.         return s
  313.    
  314.     def rot13(self,s):
  315.         temp=""
  316.         h=s
  317.         for i in s:
  318.             if i>='A' and i<='Z':
  319.                 if (ord(i)+13)<91:
  320.                     temp=temp+chr((ord(i)+13))
  321.                 else:
  322.                     temp=temp+chr(((ord(i)+13)%91)+65)
  323.             elif i>='a' and i<='z':
  324.                 if (ord(i)+13)<123:
  325.                     temp=temp+chr((ord(i)+13))
  326.                 else:
  327.                     temp=temp+chr(((ord(i)+13)%123)+97)
  328.             else:
  329.                 temp=temp+i
  330.         return temp
  331.        
  332.        
  333.     def post(self):
  334.         input=self.request.get('text')
  335.         rot13=self.rot13(input)
  336.         final=self.escape_html(rot13)
  337.         self.response.out.write(form_rot13 %final)
  338.  
  339. class Flush(webapp2.RequestHandler):
  340.     def get(self):
  341.         memcache.flush_all()
  342.         self.redirect('/')
  343.  
  344.  
  345. app = webapp2.WSGIApplication([('/',MainPage),
  346.                                 ('/.json',MainPageJson),
  347.                                 ('/newpost',NewPost),
  348.                                 ('/(\d+)', Permalink),
  349.                                 ('/(\d+).json', PermalinkJson),
  350.                                 ('/signup',SignUp),
  351.                                 ('/welcome',Welcome),
  352.                                 ('/login', Login),
  353.                                 ('/logout', Logout),
  354.                                 ('/notfound', NotFound),
  355.                                 ('/rot13', Rot13),
  356.                                 ('/flush',Flush)],
  357.                                 debug=True)
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!