-
Notifications
You must be signed in to change notification settings - Fork 0
/
private.py
160 lines (115 loc) · 3.99 KB
/
private.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
import json
from flask import request, render_template, redirect
from user import User, UserPassword
from passwordly import generatePassword, createHash
from util import db, app, log_event
@app.route('/<string:username>/sync', methods=['POST'])
def user_sync(username):
password = str(request.form['password'])
user = User.fetch(db, username)
user_password = user.getPassword(password)
if not user_password:
log_event('sync-fail', {'username': username})
return '{"result": false, "sites": {}}'
# Sync theirs into ours (where we don't have anything)
theirs = json.loads(request.form['sites'])
ours = user_password.getAllComments()
for site, comment in theirs.items():
if not site in ours:
user_password.setSite(site, comment)
ours[site] = comment
log_event('sync', {'username': username})
return json.dumps({"result": True, "sites": ours})
@app.route('/<string:username>/get-sites', methods=['POST'])
def user_get_sites(username):
password = str(request.form['password'])
user = User.fetch(db, username)
sites = user and user.getSites(password)
log_event('get-sites', {
'username': username,
'found': (sites is not None)
})
if sites is None:
return '{"result": false, "sites": []}'
else:
return json.dumps({"result": True, "sites": sites})
@app.route('/<string:username>')
def user_landing(username):
params = {
'username': username
}
return render_template('private/index.htm', **params)
@app.route('/<string:username>', methods=['POST'])
def user_post(username):
password = str(request.form['password'])
site = str(request.form['site'])
params = {
'username': username,
'password': password,
'site': site,
}
user_password = UserPassword.fetch(db, username, password)
if not user_password:
log_event('password-unknown', {
'username': username,
})
return render_template('private/unknown.htm', **params)
comment = user_password.getComment(site)
if comment is not None:
params['comment'] = comment
params['result'] = generatePassword(password, site)
log_event('user-generate', {
'username': username,
'new': (comment is not None)
})
return render_template('private/password.htm', **params)
@app.route('/<string:username>/add-password', methods=['POST'])
def add_password(username):
password = str(request.form['password'])
confirm_password = str(request.form['confirm_password'])
existing_password = str(request.form['existing_password'])
params = {
'username': username,
'password': password,
}
user = User.fetch(db, username)
error = None
if not user.getPassword(existing_password):
error = "The existing password you entered was not found."
if error is None and password != confirm_password:
error = "The password you entered to confirm was not the same as entered originally."
if error:
return render_template('private/unknown.htm', error=error, **params)
log_event('add-password', {
'username': username,
})
user.addPasswordHash(createHash(password))
params = {
'username': username,
'message': 'Your new password is now available.'
}
return render_template('private/index.htm', **params)
@app.route('/<string:username>/save-comment', methods=['POST'])
def save_comment(username):
password = str(request.form['password'])
site = str(request.form['site'])
comment = str(request.form['comment'])
params = {
'username': username,
'password': password,
'site': site,
}
user_password = UserPassword.fetch(db, username, password)
new = user_password.getComment(site) is None
if new:
params['message'] = 'Your new site was saved.'
else:
params['message'] = 'Your comment was saved.'
user_password.setSite(site, comment)
params['comment'] = user_password.getComment(site)
params['result'] = generatePassword(password, site)
log_event('save-comment', {
'username': username,
'new': new
})
return render_template('private/password.htm', **params)