save_room_settings() - Code Metrics - Inspection of "Added ability to change roomName" - Deathangel908/pychat - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 5b64a2...6b636f )

by Andrew

created 2018-02-18 16:17 UTC

save_room_settings() B

↳ Parent: Project

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	5
c	1
b	0
f	0
dl	0
loc	21
rs	8.439

# -*- encoding: utf-8 -*-
import datetime
import json
import logging

import os
from django.conf import settings
from django.contrib.auth import authenticate
from django.contrib.auth import login as djangologin
from django.contrib.auth import logout as djangologout
from django.core.mail import send_mail, mail_admins

from chat.templatetags.md5url import md5url

try:
	from django.template.context_processors import csrf
except ImportError:
	from django.core.context_processors import csrf
from django.core.exceptions import ObjectDoesNotExist, ValidationError, PermissionDenied
from django.db import transaction
from django.db.models import Count, Q, F
from django.http import Http404
from django.utils.timezone import utc
from django.http import HttpResponse
from django.http import HttpResponseRedirect
from django.shortcuts import render_to_response
from django.template import RequestContext
from django.views.decorators.http import require_http_methods
from django.views.generic import View
from chat import utils
from chat.decorators import login_required_no_redirect
from chat.forms import UserProfileForm, UserProfileReadOnlyForm
from chat.models import Issue, IssueDetails, IpAddress, UserProfile, Verification, Message, Subscription, \
	SubscriptionMessages, RoomUsers, Room
from django.conf import settings
from chat.utils import hide_fields, check_user, check_password, check_email, extract_photo, send_sign_up_email, \
	create_user_model, check_captcha, send_reset_password_email, get_client_ip, get_or_create_ip

logger = logging.getLogger(__name__)
RECAPTCHA_SITE_KEY = getattr(settings, "RECAPTCHA_SITE_KEY", None)
RECAPTHCA_SITE_URL = getattr(settings, "RECAPTHCA_SITE_URL", None)
GOOGLE_OAUTH_2_CLIENT_ID = getattr(settings, "GOOGLE_OAUTH_2_CLIENT_ID", None)
GOOGLE_OAUTH_2_JS_URL = getattr(settings, "GOOGLE_OAUTH_2_JS_URL", None)
FACEBOOK_APP_ID = getattr(settings, "FACEBOOK_APP_ID", None)
FACEBOOK_JS_URL = getattr(settings, "FACEBOOK_JS_URL", None)

# TODO doesn't work
def handler404(request):
	return HttpResponse("Page not found", content_type='text/plain')


@require_http_methods(['POST'])
def validate_email(request):
	"""
	POST only, validates email during registration
	"""
	email = request.POST.get('email')
	try:
		utils.check_email(email)
		response = settings.VALIDATION_IS_OK
	except ValidationError as e:
		response = e.message
	return HttpResponse(response, content_type='text/plain')


@require_http_methods(['POST'])
@login_required_no_redirect(False)
@transaction.atomic
def save_room_settings(request):
	"""
	POST only, validates email during registration
	"""
	logger.debug('save_room_settings request,  %s', request.POST)
	room_id = request.POST['roomId']
	room_name = request.POST.get('roomName')
	updated = RoomUsers.objects.filter(room_id=room_id, user_id=request.user.id).update(
		volume=request.POST['volume'],
		notifications=request.POST['notifications'] == 'true',
	)
	if updated != 1:
		raise PermissionDenied
	if room_name is not None:
		room_name = room_name.strip()
		if room_name and int(room_id) != settings.ALL_ROOM_ID:
			Room.objects.filter(id=room_id).update(name = room_name)
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')


@require_http_methods('GET')
@transaction.atomic
def get_firebase_playback(request):
	registration_id = request.META['HTTP_AUTH']
	logger.debug('Firebase playback, id %s', registration_id)
	query_sub_message = SubscriptionMessages.objects.filter(subscription__registration_id=registration_id, received=False).order_by('-message__time')[:1]
	sub_message = query_sub_message[0]
	SubscriptionMessages.objects.filter(id=sub_message.id).update(received=True)
	message = Message.objects.select_related("sender__username", "room__name").get(id=sub_message.message_id)
	data = {
		'title': message.sender.username,
		'options': {
			'body': message.content,
			'icon': md5url('images/favicon.ico'),
			'data': {
				'id': sub_message.message_id,
				'sender': message.sender.username,
				'room': message.room.name,
				'roomId': message.room_id
			},
			'requireInteraction': True
		},
	}
	return HttpResponse(json.dumps(data), content_type='application/json')


def test(request):
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')


@require_http_methods('POST')
def register_subscription(request):
	logger.debug('Subscription request,  %s', request)
	registration_id = request.POST['registration_id']
	agent = request.POST['agent']
	is_mobile = request.POST['is_mobile']
	ip = get_or_create_ip(get_client_ip(request), logger)
	Subscription.objects.update_or_create(
		registration_id=registration_id,
		defaults={
			'user': request.user,
			'inactive': False,
			'updated': datetime.datetime.now(),
			'agent': agent,
			'is_mobile': is_mobile == 'true',
			'ip': ip
		}
	)
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')

@require_http_methods('POST')
def validate_user(request):
	"""
	Validates user during registration
	"""
	try:
		username = request.POST.get('username')
		utils.check_user(username)
		# hardcoded ok check in register.js
		message = settings.VALIDATION_IS_OK
	except ValidationError as e:
		message = e.message
	return HttpResponse(message, content_type='text/plain')


def get_service_worker(request):  # this stub is only for development, this is replaced in nginx for prod
	worker = open(os.path.join(settings.STATIC_ROOT, 'js', 'sw.js'), 'rb')
	response = HttpResponse(content=worker)
	response['Content-Type'] = 'application/javascript'
	return response

@require_http_methods('GET')
@login_required_no_redirect(False)
def home(request):
	"""
	Login or logout navbar is creates by means of create_nav_page
	@return:  the x intercept of the line M{y=m*x+b}.
	"""
	context = csrf(request)
	up = UserProfile.objects.defer('suggestions', 'highlight_code', 'embedded_youtube', 'online_change_sound', 'incoming_file_call_sound', 'message_sound', 'theme').get(id=request.user.id)
	context['suggestions'] = up.suggestions
	context['highlight_code'] = up.highlight_code
	context['message_sound'] = up.message_sound
	context['incoming_file_call_sound'] = up.incoming_file_call_sound
	context['online_change_sound'] = up.online_change_sound
	context['theme'] = up.theme
	context['embedded_youtube'] = up.embedded_youtube
	context['extensionId'] = settings.EXTENSION_ID
	context['extensionUrl'] = settings.EXTENSION_INSTALL_URL
	context['defaultRoomId'] = settings.ALL_ROOM_ID
	context['manifest'] = hasattr(settings, 'FIREBASE_API_KEY')
	return render_to_response('chat.html', context, context_instance=RequestContext(request))


@login_required_no_redirect(True)
def logout(request):
	"""
	POST. Logs out into system.
	"""
	registration_id = request.POST.get('registration_id')
	if registration_id is not None:
		Subscription.objects.filter(registration_id=registration_id).delete()
	djangologout(request)
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')

@require_http_methods(['POST'])
def auth(request):
	"""
	Logs in into system.
	"""
	username = request.POST.get('username')
	password = request.POST.get('password')
	user = authenticate(username=username, password=password)
	if user is not None:
		djangologin(request, user)
		message = settings.VALIDATION_IS_OK
	else:
		message = 'Login or password is wrong'
	logger.debug('Auth request %s ; Response: %s', hide_fields(request.POST, ('password',)), message)
	return HttpResponse(message, content_type='text/plain')


def send_restore_password(request):
	"""
	Sends email verification code
	"""
	logger.debug('Recover password request %s', request)
	try:
		username_or_password = request.POST.get('username_or_password')
		check_captcha(request)
		user_profile = UserProfile.objects.get(Q(username=username_or_password) | Q(email=username_or_password))
		if not user_profile.email:
			raise ValidationError("You didn't specify email address for this user")
		verification = Verification(type_enum=Verification.TypeChoices.password, user_id=user_profile.id)
		verification.save()
		send_reset_password_email(request, user_profile, verification)
		message = settings.VALIDATION_IS_OK
		logger.debug('Verification email has been send for token %s to user %s(id=%d)',
				verification.token, user_profile.username, user_profile.id)
	except UserProfile.DoesNotExist:
		message = "User with this email or username doesn't exist"
		logger.debug("Skipping password recovery request for nonexisting user")
	except (UserProfile.DoesNotExist, ValidationError) as e:
		logger.debug('Not sending verification email because %s', e)
		message = 'Unfortunately we were not able to send you restore password email because {}'.format(e)
	return HttpResponse(message, content_type='text/plain')


def get_html_restore_pass():
	""""""

class RestorePassword(View):

	def get_user_by_code(self, token):
		"""
		:param token: token code to verify
		:type token: str
		:raises ValidationError: if token is not usable
		:return: UserProfile, Verification: if token is usable
		"""
		try:
			v = Verification.objects.get(token=token)
			if v.type_enum != Verification.TypeChoices.password:
				raise ValidationError("it's not for this operation ")
			if v.verified:
				raise ValidationError("it's already used")
			# TODO move to sql query or leave here?
			if v.time < datetime.datetime.utcnow().replace(tzinfo=utc) - datetime.timedelta(days=1):
				raise ValidationError("it's expired")
			return UserProfile.objects.get(id=v.user_id), v
		except Verification.DoesNotExist:
			raise ValidationError('Unknown verification token')

	@transaction.atomic
	def post(self, request):
		"""
		Sends email verification token
		"""
		token = request.POST.get('token', False)
		try:
			logger.debug('Proceed Recover password with token %s', token)
			user, verification = self.get_user_by_code(token)
			password = request.POST.get('password')
			check_password(password)
			user.set_password(password)
			user.save(update_fields=('password',))
			verification.verified = True
			verification.save(update_fields=('verified',))
			logger.info('Password has been change for token %s user %s(id=%d)', token, user.username, user.id)
			response = settings.VALIDATION_IS_OK
		except ValidationError as e:
			logger.debug('Rejecting verification token %s because %s', token, e)
			response = "".join(("You can't reset password with this token because ", str(e)))
		return HttpResponse(response, content_type='text/plain')

	def get(self, request):
		token = request.GET.get('token', False)
		logger.debug('Rendering restore password page with token  %s', token)
		try:
			user = self.get_user_by_code(token)[0]
			response = {
				'message': settings.VALIDATION_IS_OK,
				'restore_user': user.username,
				'token': token
			}
		except ValidationError as e:
			logger.debug('Rejecting verification token %s because %s', token, e)
			response = {'message': "Unable to confirm email with token {} because {}".format(token, e)}
		return render_to_response('reset_password.html', response, context_instance=RequestContext(request))


@require_http_methods('GET')
def confirm_email(request):
	"""
	Accept the verification token sent to email
	"""
	token = request.GET.get('token', False)
	logger.debug('Processing email confirm with token  %s', token)
	try:
		try:
			v = Verification.objects.get(token=token)
		except Verification.DoesNotExist:
			raise ValidationError('Unknown verification token')
		if v.type_enum != Verification.TypeChoices.register:
			raise ValidationError('This is not confirm email token')
		if v.verified:
			raise ValidationError('This verification token already accepted')
		user = UserProfile.objects.get(id=v.user_id)
		if user.email_verification_id != v.id:
			raise ValidationError('Verification token expired because you generated another one')
		v.verified = True
		v.save(update_fields=['verified'])
		message = settings.VALIDATION_IS_OK
		logger.info('Email verification token %s has been accepted for user %s(id=%d)', token, user.username, user.id)
	except Exception as e:
		logger.debug('Rejecting verification token %s because %s', token, e)
		message = ("Unable to confirm email with token {} because {}".format(token, e))
	response = {'message': message}
	return render_to_response('confirm_mail.html', response, context_instance=RequestContext(request))


@require_http_methods('GET')
def show_profile(request, profile_id):
	try:
		user_profile = UserProfile.objects.get(pk=profile_id)
		form = UserProfileReadOnlyForm(instance=user_profile)
		form.username = user_profile.username
		return render_to_response(
			'show_profile.html',
			{'form': form},
			context_instance=RequestContext(request)
		)
	except ObjectDoesNotExist:
		raise Http404


@require_http_methods('GET')
def statistics(request):
	pie_data = IpAddress.objects.values('country').filter(country__isnull=False).annotate(count=Count("country"))
	return HttpResponse(json.dumps(list(pie_data)), content_type='application/json')


@login_required_no_redirect()
@transaction.atomic
def report_issue(request):
	logger.info('Saving issue: %s', hide_fields(request.POST, ('log',), huge=True))
	issue_text = request.POST['issue']
	issue = Issue.objects.get_or_create(content=issue_text)[0]
	issue_details = IssueDetails(
		sender_id=request.user.id,
		browser=request.POST.get('browser'),
		issue=issue,
		log=request.POST.get('log')
	)
	try:
		mail_admins("{} reported issue".format(request.user.username), issue_text, fail_silently=True)
	except Exception as e:
		logging.error("Failed to send issue email because {}".format(e))
	issue_details.save()
	return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')


class ProfileView(View):

	@login_required_no_redirect()
	def get(self, request):
		user_profile = UserProfile.objects.get(pk=request.user.id)
		form = UserProfileForm(instance=user_profile)
		c = csrf(request)
		c['form'] = form
		c['date_format'] = settings.DATE_INPUT_FORMATS_JS
		return render_to_response('change_profile.html', c, context_instance=RequestContext(request))

	@login_required_no_redirect()
	def post(self, request):
		logger.info('Saving profile: %s', hide_fields(request.POST, ("base64_image", ), huge=True))
		user_profile = UserProfile.objects.get(pk=request.user.id)
		image_base64 = request.POST.get('base64_image')

		if image_base64 is not None:
			image = extract_photo(image_base64)
			request.FILES['photo'] = image

		form = UserProfileForm(request.POST, request.FILES, instance=user_profile)
		if form.is_valid():
			profile = form.save()
			response = profile. photo.url if 'photo' in  request.FILES else settings.VALIDATION_IS_OK
		else:
			response = form.errors
		return HttpResponse(response, content_type='text/plain')


class RegisterView(View):

	def get(self, request):
		logger.debug(
			'Rendering register page with captcha site key %s and oauth key %s',
			RECAPTCHA_SITE_KEY, GOOGLE_OAUTH_2_CLIENT_ID
		)
		c = csrf(request)
		c['captcha_key'] = RECAPTCHA_SITE_KEY
		c['captcha_url'] = RECAPTHCA_SITE_URL
		c['oauth_url'] = GOOGLE_OAUTH_2_JS_URL
		c['oauth_token'] = GOOGLE_OAUTH_2_CLIENT_ID
		c['fb_app_id'] = FACEBOOK_APP_ID
		c['fb_js_url'] = FACEBOOK_JS_URL
		return render_to_response("register.html", c, context_instance=RequestContext(request))

	@transaction.atomic
	def post(self, request):
		try:
			rp = request.POST
			logger.info('Got register request %s', hide_fields(rp, ('password', 'repeatpassword')))
			(username, password, email) = (rp.get('username'), rp.get('password'), rp.get('email'))
			check_user(username)
			check_password(password)
			check_email(email)
			user_profile = UserProfile(username=username, email=email, sex_str=rp.get('sex'))
			user_profile.set_password(password)
			create_user_model(user_profile)
			# You must call authenticate before you can call login
			auth_user = authenticate(username=username, password=password)
			message = settings.VALIDATION_IS_OK  # redirect
			if email:
				send_sign_up_email(user_profile, request.get_host(), request)
			djangologin(request, auth_user)
		except ValidationError as e:
			message = e.message
			logger.debug('Rejecting request because "%s"', message)
		return HttpResponse(message, content_type='text/plain')


1			# -- encoding: utf-8 --
2			import datetime
3			import json
4			import logging
5
6			import os
7			from django.conf import settings
8			from django.contrib.auth import authenticate
9			from django.contrib.auth import login as djangologin
10			from django.contrib.auth import logout as djangologout
11			from django.core.mail import send_mail, mail_admins
12
13			from chat.templatetags.md5url import md5url
14
15			try:
16			from django.template.context_processors import csrf
17			except ImportError:
18			from django.core.context_processors import csrf
19			from django.core.exceptions import ObjectDoesNotExist, ValidationError, PermissionDenied
20			from django.db import transaction
21			from django.db.models import Count, Q, F
22			from django.http import Http404
23			from django.utils.timezone import utc
24			from django.http import HttpResponse
25			from django.http import HttpResponseRedirect
26			from django.shortcuts import render_to_response
27			from django.template import RequestContext
28			from django.views.decorators.http import require_http_methods
29			from django.views.generic import View
30			from chat import utils
31			from chat.decorators import login_required_no_redirect
32			from chat.forms import UserProfileForm, UserProfileReadOnlyForm
33			from chat.models import Issue, IssueDetails, IpAddress, UserProfile, Verification, Message, Subscription, \
34			SubscriptionMessages, RoomUsers, Room
35			from django.conf import settings
36			from chat.utils import hide_fields, check_user, check_password, check_email, extract_photo, send_sign_up_email, \
37			create_user_model, check_captcha, send_reset_password_email, get_client_ip, get_or_create_ip
38
39			logger = logging.getLogger(__name__)
40			RECAPTCHA_SITE_KEY = getattr(settings, "RECAPTCHA_SITE_KEY", None)
41			RECAPTHCA_SITE_URL = getattr(settings, "RECAPTHCA_SITE_URL", None)
42			GOOGLE_OAUTH_2_CLIENT_ID = getattr(settings, "GOOGLE_OAUTH_2_CLIENT_ID", None)
43			GOOGLE_OAUTH_2_JS_URL = getattr(settings, "GOOGLE_OAUTH_2_JS_URL", None)
44			FACEBOOK_APP_ID = getattr(settings, "FACEBOOK_APP_ID", None)
45			FACEBOOK_JS_URL = getattr(settings, "FACEBOOK_JS_URL", None)
46
47			# TODO doesn't work
48			def handler404(request):
49			return HttpResponse("Page not found", content_type='text/plain')
50
51
52			@require_http_methods(['POST'])
53			def validate_email(request):
54			"""
55			POST only, validates email during registration
56			"""
57			email = request.POST.get('email')
58			try:
59			utils.check_email(email)
60			response = settings.VALIDATION_IS_OK
61			except ValidationError as e:
62			response = e.message
63			return HttpResponse(response, content_type='text/plain')
64
65
66			@require_http_methods(['POST'])
67			@login_required_no_redirect(False)
68			@transaction.atomic
69			def save_room_settings(request):
70			"""
71			POST only, validates email during registration
72			"""
73			logger.debug('save_room_settings request, %s', request.POST)
74			room_id = request.POST['roomId']
75			room_name = request.POST.get('roomName')
76			updated = RoomUsers.objects.filter(room_id=room_id, user_id=request.user.id).update(
77			volume=request.POST['volume'],
78			notifications=request.POST['notifications'] == 'true',
79			)
80			if updated != 1:
81			raise PermissionDenied
82			if room_name is not None:
83			room_name = room_name.strip()
84			if room_name and int(room_id) != settings.ALL_ROOM_ID:
85			Room.objects.filter(id=room_id).update(name = room_name)
86			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
87
88
89			@require_http_methods('GET')
90			@transaction.atomic
91			def get_firebase_playback(request):
92			registration_id = request.META['HTTP_AUTH']
93			logger.debug('Firebase playback, id %s', registration_id)
94			query_sub_message = SubscriptionMessages.objects.filter(subscription__registration_id=registration_id, received=False).order_by('-message__time')[:1]
95			sub_message = query_sub_message[0]
96			SubscriptionMessages.objects.filter(id=sub_message.id).update(received=True)
97			message = Message.objects.select_related("sender__username", "room__name").get(id=sub_message.message_id)
98			data = {
99			'title': message.sender.username,
100			'options': {
101			'body': message.content,
102			'icon': md5url('images/favicon.ico'),
103			'data': {
104			'id': sub_message.message_id,
105			'sender': message.sender.username,
106			'room': message.room.name,
107			'roomId': message.room_id
108			},
109			'requireInteraction': True
110			},
111			}
112			return HttpResponse(json.dumps(data), content_type='application/json')
113
114
115			def test(request):
116			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
117
118
119			@require_http_methods('POST')
120			def register_subscription(request):
121			logger.debug('Subscription request, %s', request)
122			registration_id = request.POST['registration_id']
123			agent = request.POST['agent']
124			is_mobile = request.POST['is_mobile']
125			ip = get_or_create_ip(get_client_ip(request), logger)
126			Subscription.objects.update_or_create(
127			registration_id=registration_id,
128			defaults={
129			'user': request.user,
130			'inactive': False,
131			'updated': datetime.datetime.now(),
132			'agent': agent,
133			'is_mobile': is_mobile == 'true',
134			'ip': ip
135			}
136			)
137			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
138
139			@require_http_methods('POST')
140			def validate_user(request):
141			"""
142			Validates user during registration
143			"""
144			try:
145			username = request.POST.get('username')
146			utils.check_user(username)
147			# hardcoded ok check in register.js
148			message = settings.VALIDATION_IS_OK
149			except ValidationError as e:
150			message = e.message
151			return HttpResponse(message, content_type='text/plain')
152
153
154			def get_service_worker(request): # this stub is only for development, this is replaced in nginx for prod
155			worker = open(os.path.join(settings.STATIC_ROOT, 'js', 'sw.js'), 'rb')
156			response = HttpResponse(content=worker)
157			response['Content-Type'] = 'application/javascript'
158			return response
159
160			@require_http_methods('GET')
161			@login_required_no_redirect(False)
162			def home(request):
163			"""
164			Login or logout navbar is creates by means of create_nav_page
165			@return: the x intercept of the line M{y=m*x+b}.
166			"""
167			context = csrf(request)
168			up = UserProfile.objects.defer('suggestions', 'highlight_code', 'embedded_youtube', 'online_change_sound', 'incoming_file_call_sound', 'message_sound', 'theme').get(id=request.user.id)
169			context['suggestions'] = up.suggestions
170			context['highlight_code'] = up.highlight_code
171			context['message_sound'] = up.message_sound
172			context['incoming_file_call_sound'] = up.incoming_file_call_sound
173			context['online_change_sound'] = up.online_change_sound
174			context['theme'] = up.theme
175			context['embedded_youtube'] = up.embedded_youtube
176			context['extensionId'] = settings.EXTENSION_ID
177			context['extensionUrl'] = settings.EXTENSION_INSTALL_URL
178			context['defaultRoomId'] = settings.ALL_ROOM_ID
179			context['manifest'] = hasattr(settings, 'FIREBASE_API_KEY')
180			return render_to_response('chat.html', context, context_instance=RequestContext(request))
181
182
183			@login_required_no_redirect(True)
184			def logout(request):
185			"""
186			POST. Logs out into system.
187			"""
188			registration_id = request.POST.get('registration_id')
189			if registration_id is not None:
190			Subscription.objects.filter(registration_id=registration_id).delete()
191			djangologout(request)
192			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
193
194			@require_http_methods(['POST'])
195			def auth(request):
196			"""
197			Logs in into system.
198			"""
199			username = request.POST.get('username')
200			password = request.POST.get('password')
201			user = authenticate(username=username, password=password)
202			if user is not None:
203			djangologin(request, user)
204			message = settings.VALIDATION_IS_OK
205			else:
206			message = 'Login or password is wrong'
207			logger.debug('Auth request %s ; Response: %s', hide_fields(request.POST, ('password',)), message)
208			return HttpResponse(message, content_type='text/plain')
209
210
211			def send_restore_password(request):
212			"""
213			Sends email verification code
214			"""
215			logger.debug('Recover password request %s', request)
216			try:
217			username_or_password = request.POST.get('username_or_password')
218			check_captcha(request)
219			user_profile = UserProfile.objects.get(Q(username=username_or_password) \| Q(email=username_or_password))
220			if not user_profile.email:
221			raise ValidationError("You didn't specify email address for this user")
222			verification = Verification(type_enum=Verification.TypeChoices.password, user_id=user_profile.id)
223			verification.save()
224			send_reset_password_email(request, user_profile, verification)
225			message = settings.VALIDATION_IS_OK
226			logger.debug('Verification email has been send for token %s to user %s(id=%d)',
227			verification.token, user_profile.username, user_profile.id)
228			except UserProfile.DoesNotExist:
229			message = "User with this email or username doesn't exist"
230			logger.debug("Skipping password recovery request for nonexisting user")
231			except (UserProfile.DoesNotExist, ValidationError) as e:
232			logger.debug('Not sending verification email because %s', e)
233			message = 'Unfortunately we were not able to send you restore password email because {}'.format(e)
234			return HttpResponse(message, content_type='text/plain')
235
236
237			def get_html_restore_pass():
238			""""""
239
240			class RestorePassword(View):
241
242			def get_user_by_code(self, token):
243			"""
244			:param token: token code to verify
245			:type token: str
246			:raises ValidationError: if token is not usable
247			:return: UserProfile, Verification: if token is usable
248			"""
249			try:
250			v = Verification.objects.get(token=token)
251			if v.type_enum != Verification.TypeChoices.password:
252			raise ValidationError("it's not for this operation ")
253			if v.verified:
254			raise ValidationError("it's already used")
255			# TODO move to sql query or leave here?
256			if v.time < datetime.datetime.utcnow().replace(tzinfo=utc) - datetime.timedelta(days=1):
257			raise ValidationError("it's expired")
258			return UserProfile.objects.get(id=v.user_id), v
259			except Verification.DoesNotExist:
260			raise ValidationError('Unknown verification token')
261
262			@transaction.atomic
263			def post(self, request):
264			"""
265			Sends email verification token
266			"""
267			token = request.POST.get('token', False)
268			try:
269			logger.debug('Proceed Recover password with token %s', token)
270			user, verification = self.get_user_by_code(token)
271			password = request.POST.get('password')
272			check_password(password)
273			user.set_password(password)
274			user.save(update_fields=('password',))
275			verification.verified = True
276			verification.save(update_fields=('verified',))
277			logger.info('Password has been change for token %s user %s(id=%d)', token, user.username, user.id)
278			response = settings.VALIDATION_IS_OK
279			except ValidationError as e:
280			logger.debug('Rejecting verification token %s because %s', token, e)
281			response = "".join(("You can't reset password with this token because ", str(e)))
282			return HttpResponse(response, content_type='text/plain')
283
284			def get(self, request):
285			token = request.GET.get('token', False)
286			logger.debug('Rendering restore password page with token %s', token)
287			try:
288			user = self.get_user_by_code(token)[0]
289			response = {
290			'message': settings.VALIDATION_IS_OK,
291			'restore_user': user.username,
292			'token': token
293			}
294			except ValidationError as e:
295			logger.debug('Rejecting verification token %s because %s', token, e)
296			response = {'message': "Unable to confirm email with token {} because {}".format(token, e)}
297			return render_to_response('reset_password.html', response, context_instance=RequestContext(request))
298
299
300			@require_http_methods('GET')
301			def confirm_email(request):
302			"""
303			Accept the verification token sent to email
304			"""
305			token = request.GET.get('token', False)
306			logger.debug('Processing email confirm with token %s', token)
307			try:
308			try:
309			v = Verification.objects.get(token=token)
310			except Verification.DoesNotExist:
311			raise ValidationError('Unknown verification token')
312			if v.type_enum != Verification.TypeChoices.register:
313			raise ValidationError('This is not confirm email token')
314			if v.verified:
315			raise ValidationError('This verification token already accepted')
316			user = UserProfile.objects.get(id=v.user_id)
317			if user.email_verification_id != v.id:
318			raise ValidationError('Verification token expired because you generated another one')
319			v.verified = True
320			v.save(update_fields=['verified'])
321			message = settings.VALIDATION_IS_OK
322			logger.info('Email verification token %s has been accepted for user %s(id=%d)', token, user.username, user.id)
323			except Exception as e:
324			logger.debug('Rejecting verification token %s because %s', token, e)
325			message = ("Unable to confirm email with token {} because {}".format(token, e))
326			response = {'message': message}
327			return render_to_response('confirm_mail.html', response, context_instance=RequestContext(request))
328
329
330			@require_http_methods('GET')
331			def show_profile(request, profile_id):
332			try:
333			user_profile = UserProfile.objects.get(pk=profile_id)
334			form = UserProfileReadOnlyForm(instance=user_profile)
335			form.username = user_profile.username
336			return render_to_response(
337			'show_profile.html',
338			{'form': form},
339			context_instance=RequestContext(request)
340			)
341			except ObjectDoesNotExist:
342			raise Http404
343
344
345			@require_http_methods('GET')
346			def statistics(request):
347			pie_data = IpAddress.objects.values('country').filter(country__isnull=False).annotate(count=Count("country"))
348			return HttpResponse(json.dumps(list(pie_data)), content_type='application/json')
349
350
351			@login_required_no_redirect()
352			@transaction.atomic
353			def report_issue(request):
354			logger.info('Saving issue: %s', hide_fields(request.POST, ('log',), huge=True))
355			issue_text = request.POST['issue']
356			issue = Issue.objects.get_or_create(content=issue_text)[0]
357			issue_details = IssueDetails(
358			sender_id=request.user.id,
359			browser=request.POST.get('browser'),
360			issue=issue,
361			log=request.POST.get('log')
362			)
363			try:
364			mail_admins("{} reported issue".format(request.user.username), issue_text, fail_silently=True)
365			except Exception as e:
366			logging.error("Failed to send issue email because {}".format(e))
367			issue_details.save()
368			return HttpResponse(settings.VALIDATION_IS_OK, content_type='text/plain')
369
370
371			class ProfileView(View):
372
373			@login_required_no_redirect()
374			def get(self, request):
375			user_profile = UserProfile.objects.get(pk=request.user.id)
376			form = UserProfileForm(instance=user_profile)
377			c = csrf(request)
378			c['form'] = form
379			c['date_format'] = settings.DATE_INPUT_FORMATS_JS
380			return render_to_response('change_profile.html', c, context_instance=RequestContext(request))
381
382			@login_required_no_redirect()
383			def post(self, request):
384			logger.info('Saving profile: %s', hide_fields(request.POST, ("base64_image", ), huge=True))
385			user_profile = UserProfile.objects.get(pk=request.user.id)
386			image_base64 = request.POST.get('base64_image')
387
388			if image_base64 is not None:
389			image = extract_photo(image_base64)
390			request.FILES['photo'] = image
391
392			form = UserProfileForm(request.POST, request.FILES, instance=user_profile)
393			if form.is_valid():
394			profile = form.save()
395			response = profile. photo.url if 'photo' in request.FILES else settings.VALIDATION_IS_OK
396			else:
397			response = form.errors
398			return HttpResponse(response, content_type='text/plain')
399
400
401			class RegisterView(View):
402
403			def get(self, request):
404			logger.debug(
405			'Rendering register page with captcha site key %s and oauth key %s',
406			RECAPTCHA_SITE_KEY, GOOGLE_OAUTH_2_CLIENT_ID
407			)
408			c = csrf(request)
409			c['captcha_key'] = RECAPTCHA_SITE_KEY
410			c['captcha_url'] = RECAPTHCA_SITE_URL
411			c['oauth_url'] = GOOGLE_OAUTH_2_JS_URL
412			c['oauth_token'] = GOOGLE_OAUTH_2_CLIENT_ID
413			c['fb_app_id'] = FACEBOOK_APP_ID
414			c['fb_js_url'] = FACEBOOK_JS_URL
415			return render_to_response("register.html", c, context_instance=RequestContext(request))
416
417			@transaction.atomic
418			def post(self, request):
419			try:
420			rp = request.POST
421			logger.info('Got register request %s', hide_fields(rp, ('password', 'repeatpassword')))
422			(username, password, email) = (rp.get('username'), rp.get('password'), rp.get('email'))
423			check_user(username)
424			check_password(password)
425			check_email(email)
426			user_profile = UserProfile(username=username, email=email, sex_str=rp.get('sex'))
427			user_profile.set_password(password)
428			create_user_model(user_profile)
429			# You must call authenticate before you can call login
430			auth_user = authenticate(username=username, password=password)
431			message = settings.VALIDATION_IS_OK # redirect
432			if email:
433			send_sign_up_email(user_profile, request.get_host(), request)
434			djangologin(request, auth_user)
435			except ValidationError as e:
436			message = e.message
437			logger.debug('Rejecting request because "%s"', message)
438			return HttpResponse(message, content_type='text/plain')
439

Deathangel908 / pychat

Push — master ( 5b64a2...6b636f )

save_room_settings() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like