1 | import json |
---|
2 | from calendar import month_name |
---|
3 | from datetime import datetime, timezone, timedelta |
---|
4 | from decimal import Decimal |
---|
5 | from io import BytesIO |
---|
6 | |
---|
7 | from pyramid.httpexceptions import HTTPFound, HTTPNotFound |
---|
8 | from pyramid.view import view_config |
---|
9 | from pyramid.security import remember, forget |
---|
10 | from pyramid.response import Response |
---|
11 | from pyramid.i18n import TranslationStringFactory |
---|
12 | from pyramid_simpleform import Form, State |
---|
13 | from pytz import common_timezones |
---|
14 | from PIL import Image |
---|
15 | |
---|
16 | from ..models.user import User |
---|
17 | from ..schemas.user import ( |
---|
18 | UserProfileSchema, |
---|
19 | ChangePasswordSchema, |
---|
20 | SignUpSchema, |
---|
21 | ) |
---|
22 | from ..models.root import OpenWorkouts |
---|
23 | from ..views.renderers import OWFormRenderer |
---|
24 | from ..utilities import ( |
---|
25 | timedelta_to_hms, |
---|
26 | get_verification_token, |
---|
27 | get_available_locale_names |
---|
28 | ) |
---|
29 | from ..mail import send_verification_email |
---|
30 | |
---|
31 | _ = TranslationStringFactory('OpenWorkouts') |
---|
32 | |
---|
33 | |
---|
34 | @view_config(context=OpenWorkouts) |
---|
35 | def dashboard_redirect(context, request): |
---|
36 | """ |
---|
37 | Send the user to his dashboard when accesing the root object, |
---|
38 | send to the login page if the user is not logged in. |
---|
39 | """ |
---|
40 | if request.authenticated_userid: |
---|
41 | user = request.root.get_user_by_uid(request.authenticated_userid) |
---|
42 | if user: |
---|
43 | return HTTPFound(location=request.resource_url(user)) |
---|
44 | else: |
---|
45 | # an authenticated user session, for an user that does not exist |
---|
46 | # anymore, logout! |
---|
47 | return HTTPFound(location=request.resource_url(context, 'logout')) |
---|
48 | return HTTPFound(location=request.resource_url(context, 'login')) |
---|
49 | |
---|
50 | |
---|
51 | @view_config( |
---|
52 | context=OpenWorkouts, |
---|
53 | name='login', |
---|
54 | renderer='ow:templates/login.pt') |
---|
55 | def login(context, request): |
---|
56 | # messages is a dict of pre-defined messages we would need to show to the |
---|
57 | # user when coming back to the login page after certain actions |
---|
58 | messages = { |
---|
59 | 'already-verified': _('User has been verified already'), |
---|
60 | 'link-sent': _('Verification link sent, please check your inbox'), |
---|
61 | 'max-tokens-sent': _( |
---|
62 | 'We already sent you the verification link more than three times') |
---|
63 | } |
---|
64 | message = request.GET.get('message', '') |
---|
65 | if message: |
---|
66 | message = messages.get(message, '') |
---|
67 | email = request.GET.get('email', '') |
---|
68 | password = '' |
---|
69 | return_to = request.params.get('return_to') |
---|
70 | redirect_url = return_to or request.resource_url(request.root) |
---|
71 | # If the user still has to verify the account, this will be set to the |
---|
72 | # proper link to re-send the verification email |
---|
73 | resend_verify_link = None |
---|
74 | |
---|
75 | if 'submit' in request.POST: |
---|
76 | email = request.POST.get('email', None) |
---|
77 | user = context.get_user_by_email(email) |
---|
78 | if user: |
---|
79 | if user.verified: |
---|
80 | password = request.POST.get('password', None) |
---|
81 | if password is not None and user.check_password(password): |
---|
82 | # look for the value of locale for this user, to set the |
---|
83 | # LOCALE cookie, so the UI appears on the pre-selected lang |
---|
84 | default_locale = request.registry.settings.get( |
---|
85 | 'pyramid.default_locale_name') |
---|
86 | locale = getattr(user, 'locale', default_locale) |
---|
87 | request.response.set_cookie('_LOCALE_', locale) |
---|
88 | # log in the user and send back to the place he wanted to |
---|
89 | # visit |
---|
90 | headers = remember(request, str(user.uid)) |
---|
91 | request.response.headers.extend(headers) |
---|
92 | redirect_url = return_to or request.resource_url(user) |
---|
93 | return HTTPFound(location=redirect_url, |
---|
94 | headers=request.response.headers) |
---|
95 | else: |
---|
96 | message = _('Wrong password') |
---|
97 | else: |
---|
98 | message = _('You have to verify your account first') |
---|
99 | resend_verify_link = request.resource_url( |
---|
100 | user, 'resend-verification-link' |
---|
101 | ) |
---|
102 | else: |
---|
103 | message = _('Wrong email address') |
---|
104 | |
---|
105 | return { |
---|
106 | 'message': message, |
---|
107 | 'email': email, |
---|
108 | 'password': password, |
---|
109 | 'redirect_url': redirect_url, |
---|
110 | 'resend_verify_link': resend_verify_link |
---|
111 | } |
---|
112 | |
---|
113 | |
---|
114 | @view_config(context=OpenWorkouts, name='logout') |
---|
115 | def logout(context, request): |
---|
116 | request.response.delete_cookie('_LOCALE_') |
---|
117 | headers = forget(request) |
---|
118 | request.response.headers.extend(headers) |
---|
119 | return HTTPFound(location=request.resource_url(context), |
---|
120 | headers=request.response.headers) |
---|
121 | |
---|
122 | |
---|
123 | @view_config( |
---|
124 | context=OpenWorkouts, |
---|
125 | name='signup', |
---|
126 | renderer='ow:templates/signup.pt') |
---|
127 | def signup(context, request): |
---|
128 | state = State(emails=context.lowercase_emails, |
---|
129 | names=context.lowercase_nicknames) |
---|
130 | form = Form(request, schema=SignUpSchema(), state=state) |
---|
131 | |
---|
132 | if 'submit' in request.POST and form.validate(): |
---|
133 | user = form.bind(User(), exclude=['password_confirm']) |
---|
134 | user.verified = False |
---|
135 | user.verification_token = get_verification_token() |
---|
136 | context.add_user(user) |
---|
137 | # send a verification link to the user email address |
---|
138 | send_verification_email(request, user) |
---|
139 | user.verification_tokens_sent += 1 |
---|
140 | # Send to login |
---|
141 | return HTTPFound(location=request.resource_url(context)) |
---|
142 | |
---|
143 | return { |
---|
144 | 'form': OWFormRenderer(form) |
---|
145 | } |
---|
146 | |
---|
147 | |
---|
148 | @view_config( |
---|
149 | context=User, |
---|
150 | name="verify", |
---|
151 | renderer='ow:templates/verify.pt') |
---|
152 | def verify(context, request): |
---|
153 | redirect_url = request.resource_url(context) |
---|
154 | |
---|
155 | # user has been verified already, send to dashboard |
---|
156 | if getattr(context, 'verified', False): |
---|
157 | return HTTPFound(location=redirect_url) |
---|
158 | |
---|
159 | # Look for a verification token, then check if we can verify the user with |
---|
160 | # that token |
---|
161 | verified = len(request.subpath) > 0 |
---|
162 | token = getattr(context, 'verification_token', False) |
---|
163 | verified = verified and token and str(token) == request.subpath[0] |
---|
164 | if verified: |
---|
165 | # verified, log in automatically and send to the dashboard |
---|
166 | context.verified = True |
---|
167 | headers = remember(request, str(context.uid)) |
---|
168 | return HTTPFound(location=redirect_url, headers=headers) |
---|
169 | |
---|
170 | # if we can not verify the user, show a page with some info about it |
---|
171 | return {} |
---|
172 | |
---|
173 | |
---|
174 | @view_config( |
---|
175 | context=User, |
---|
176 | name="resend-verification-link") |
---|
177 | def resend_verification_link(context, request): |
---|
178 | """ |
---|
179 | Send an email with the verification link, only if the user has not |
---|
180 | been verified yet |
---|
181 | """ |
---|
182 | # the message to be shown when the user gets back to the login page |
---|
183 | query = {'message': 'already-verified'} |
---|
184 | if not context.verified: |
---|
185 | tokens_sent = getattr(context, 'verification_tokens_sent', 0) |
---|
186 | if tokens_sent > 3: |
---|
187 | # we already sent the token 3 times, we don't send it anymore |
---|
188 | query = {'message': 'max-tokens-sent', 'email': context.email} |
---|
189 | else: |
---|
190 | if context.verification_token is None: |
---|
191 | # for some reason the verification token is not there, get one |
---|
192 | context.verification_token = get_verification_token() |
---|
193 | send_verification_email(request, context) |
---|
194 | context.verification_tokens_sent = tokens_sent + 1 |
---|
195 | query = {'message': 'link-sent', 'email': context.email} |
---|
196 | # Send to login |
---|
197 | url = request.resource_url(request.root, 'login', query=query) |
---|
198 | return HTTPFound(location=url) |
---|
199 | |
---|
200 | |
---|
201 | @view_config( |
---|
202 | context=OpenWorkouts, |
---|
203 | name='forgot-password', |
---|
204 | renderer='ow:templates/forgot_password.pt') |
---|
205 | def recover_password(context, request): # pragma: no cover |
---|
206 | # WIP |
---|
207 | Form(request) |
---|
208 | |
---|
209 | |
---|
210 | @view_config( |
---|
211 | context=User, |
---|
212 | permission='view', |
---|
213 | renderer='ow:templates/dashboard.pt') |
---|
214 | def dashboard(context, request): |
---|
215 | """ |
---|
216 | Render a dashboard for the current user |
---|
217 | """ |
---|
218 | # Look at the year we are viewing, if none is passed in the request, |
---|
219 | # pick up the latest/newer available with activity |
---|
220 | viewing_year = request.GET.get('year', None) |
---|
221 | if viewing_year is None: |
---|
222 | available_years = context.activity_years |
---|
223 | if available_years: |
---|
224 | viewing_year = available_years[0] |
---|
225 | else: |
---|
226 | # ensure this is an integer |
---|
227 | viewing_year = int(viewing_year) |
---|
228 | |
---|
229 | # Same for the month, if there is a year set |
---|
230 | viewing_month = None |
---|
231 | if viewing_year: |
---|
232 | viewing_month = request.GET.get('month', None) |
---|
233 | if viewing_month is None: |
---|
234 | available_months = context.activity_months(viewing_year) |
---|
235 | if available_months: |
---|
236 | # we pick up the latest month available for the year, |
---|
237 | # which means the current month in the current year |
---|
238 | viewing_month = available_months[-1] |
---|
239 | else: |
---|
240 | # ensure this is an integer |
---|
241 | viewing_month = int(viewing_month) |
---|
242 | |
---|
243 | # pick up the workouts to be shown in the dashboard |
---|
244 | workouts = context.workouts(viewing_year, viewing_month) |
---|
245 | |
---|
246 | return { |
---|
247 | 'current_year': datetime.now(timezone.utc).year, |
---|
248 | 'current_day_name': datetime.now(timezone.utc).strftime('%a'), |
---|
249 | 'month_name': month_name, |
---|
250 | 'viewing_year': viewing_year, |
---|
251 | 'viewing_month': viewing_month, |
---|
252 | 'workouts': workouts |
---|
253 | } |
---|
254 | |
---|
255 | |
---|
256 | @view_config( |
---|
257 | context=OpenWorkouts, |
---|
258 | name='profile', |
---|
259 | permission='view', |
---|
260 | renderer='ow:templates/profile.pt') |
---|
261 | @view_config( |
---|
262 | context=User, |
---|
263 | permission='view', |
---|
264 | name='profile', |
---|
265 | renderer='ow:templates/profile.pt') |
---|
266 | def profile(context, request): |
---|
267 | """ |
---|
268 | "public" profile view, showing some workouts from this user, her |
---|
269 | basic info, stats, etc |
---|
270 | """ |
---|
271 | if isinstance(context, OpenWorkouts): |
---|
272 | nickname = request.subpath[0] |
---|
273 | user = request.root.get_user_by_nickname(nickname) |
---|
274 | if user is None: |
---|
275 | return HTTPNotFound() |
---|
276 | else: |
---|
277 | user = context |
---|
278 | now = datetime.now(timezone.utc) |
---|
279 | year = int(request.GET.get('year', now.year)) |
---|
280 | month = int(request.GET.get('month', now.month)) |
---|
281 | week = request.GET.get('week', None) |
---|
282 | workouts = user.workouts(year, month, week) |
---|
283 | totals = { |
---|
284 | 'distance': Decimal(0), |
---|
285 | 'time': timedelta(0), |
---|
286 | 'elevation': Decimal(0) |
---|
287 | } |
---|
288 | |
---|
289 | for workout in workouts: |
---|
290 | totals['distance'] += ( |
---|
291 | getattr(workout, 'distance', Decimal(0)) or Decimal(0)) |
---|
292 | totals['time'] += ( |
---|
293 | getattr(workout, 'duration', timedelta(0)) or timedelta(0)) |
---|
294 | totals['elevation'] += ( |
---|
295 | getattr(workout, 'uphill', Decimal(0)) or Decimal(0)) |
---|
296 | |
---|
297 | return { |
---|
298 | 'user': user, |
---|
299 | 'workouts': workouts, |
---|
300 | 'current_month': '{year}-{month}'.format( |
---|
301 | year=str(year), month=str(month).zfill(2)), |
---|
302 | 'current_week': week, |
---|
303 | 'totals': totals |
---|
304 | } |
---|
305 | |
---|
306 | |
---|
307 | @view_config( |
---|
308 | context=User, |
---|
309 | name='picture', |
---|
310 | permission='view') |
---|
311 | def profile_picture(context, request): |
---|
312 | if context.picture is None: |
---|
313 | return HTTPNotFound() |
---|
314 | |
---|
315 | size = request.GET.get('size', 0) |
---|
316 | # we will need a tuple, it does not matter if both values are the same, |
---|
317 | # Pillow will keep aspect ratio |
---|
318 | size = (int(size), int(size)) |
---|
319 | |
---|
320 | image = Image.open(context.picture.open()) |
---|
321 | |
---|
322 | if size > (0, 0) and size < image.size: |
---|
323 | # resize only if they are asking for smaller size, prevent |
---|
324 | # someone asking for a "too big" image |
---|
325 | image.thumbnail(size) |
---|
326 | |
---|
327 | body_file = BytesIO() |
---|
328 | image.save(body_file, format=image.format) |
---|
329 | return Response(content_type='image', body=body_file.getvalue()) |
---|
330 | |
---|
331 | |
---|
332 | @view_config( |
---|
333 | context=User, |
---|
334 | permission='edit', |
---|
335 | name='edit', |
---|
336 | renderer='ow:templates/edit_profile.pt') |
---|
337 | def edit_profile(context, request): |
---|
338 | default_locale = request.registry.settings.get( |
---|
339 | 'pyramid.default_locale_name') |
---|
340 | available_locale_names = get_available_locale_names() |
---|
341 | current_locale = request.cookies.get('_LOCALE_', default_locale) |
---|
342 | # if not given a file there is an empty byte in POST, which breaks |
---|
343 | # our blob storage validator. |
---|
344 | # dirty fix until formencode fixes its api.is_empty method |
---|
345 | if isinstance(request.POST.get('picture', None), bytes): |
---|
346 | request.POST['picture'] = '' |
---|
347 | |
---|
348 | nicknames = request.root.lowercase_nicknames |
---|
349 | if context.nickname: |
---|
350 | # remove the current user nickname from the list, preventing form |
---|
351 | # validation error |
---|
352 | nicknames.remove(context.nickname.lower()) |
---|
353 | state = State(emails=request.root.lowercase_emails, names=nicknames) |
---|
354 | form = Form(request, schema=UserProfileSchema(), state=state, obj=context) |
---|
355 | |
---|
356 | if 'submit' in request.POST and form.validate(): |
---|
357 | # No picture? do not override it |
---|
358 | if not form.data['picture']: |
---|
359 | del form.data['picture'] |
---|
360 | form.bind(context) |
---|
361 | # reindex |
---|
362 | request.root.reindex(context) |
---|
363 | # set the cookie for the locale/lang |
---|
364 | request.response.set_cookie('_LOCALE_', form.data['locale']) |
---|
365 | current_locale = form.data['locale'] |
---|
366 | # Saved, send the user to the public view of her profile |
---|
367 | return HTTPFound(location=request.resource_url(context, 'profile'), |
---|
368 | headers=request.response.headers) |
---|
369 | |
---|
370 | # prevent crashes on the form |
---|
371 | if 'picture' in form.data: |
---|
372 | del form.data['picture'] |
---|
373 | |
---|
374 | return {'form': OWFormRenderer(form), |
---|
375 | 'timezones': common_timezones, |
---|
376 | 'available_locale_names': available_locale_names, |
---|
377 | 'current_locale': current_locale} |
---|
378 | |
---|
379 | |
---|
380 | @view_config( |
---|
381 | context=User, |
---|
382 | permission='edit', |
---|
383 | name='passwd', |
---|
384 | renderer='ow:templates/change_password.pt') |
---|
385 | def change_password(context, request): |
---|
386 | form = Form(request, schema=ChangePasswordSchema(), |
---|
387 | state=State(user=context)) |
---|
388 | if 'submit' in request.POST and form.validate(): |
---|
389 | context.password = form.data['password'] |
---|
390 | return HTTPFound(location=request.resource_url(context, 'profile')) |
---|
391 | return {'form': OWFormRenderer(form)} |
---|
392 | |
---|
393 | |
---|
394 | @view_config( |
---|
395 | context=User, |
---|
396 | permission='view', |
---|
397 | name='week') |
---|
398 | def week_stats(context, request): |
---|
399 | stats = context.week_stats |
---|
400 | json_stats = [] |
---|
401 | for day in stats: |
---|
402 | hms = timedelta_to_hms(stats[day]['time']) |
---|
403 | day_stats = { |
---|
404 | 'name': day.strftime('%a'), |
---|
405 | 'time': str(hms[0]).zfill(2), |
---|
406 | 'distance': int(round(stats[day]['distance'])), |
---|
407 | 'elevation': int(stats[day]['elevation']), |
---|
408 | 'workouts': stats[day]['workouts'] |
---|
409 | } |
---|
410 | json_stats.append(day_stats) |
---|
411 | return Response(content_type='application/json', |
---|
412 | charset='utf-8', |
---|
413 | body=json.dumps(json_stats)) |
---|
414 | |
---|
415 | |
---|
416 | @view_config( |
---|
417 | context=User, |
---|
418 | permission='view', |
---|
419 | name='monthly') |
---|
420 | def last_months_stats(context, request): |
---|
421 | """ |
---|
422 | Return a json-encoded stream with statistics for the last 12 months |
---|
423 | """ |
---|
424 | stats = context.yearly_stats |
---|
425 | # this sets which month is 2 times in the stats, once this year, once |
---|
426 | # the previous year. We will show it a bit different in the UI (showing |
---|
427 | # the year too to prevent confusion) |
---|
428 | repeated_month = datetime.now(timezone.utc).date().month |
---|
429 | json_stats = [] |
---|
430 | for month in stats: |
---|
431 | hms = timedelta_to_hms(stats[month]['time']) |
---|
432 | name = month_name[month[1]][:3] |
---|
433 | if month[1] == repeated_month: |
---|
434 | name += ' ' + str(month[0]) |
---|
435 | month_stats = { |
---|
436 | 'id': str(month[0]) + '-' + str(month[1]).zfill(2), |
---|
437 | 'name': name, |
---|
438 | 'time': str(hms[0]).zfill(2), |
---|
439 | 'distance': int(round(stats[month]['distance'])), |
---|
440 | 'elevation': int(stats[month]['elevation']), |
---|
441 | 'workouts': stats[month]['workouts'], |
---|
442 | 'url': request.resource_url( |
---|
443 | context, 'profile', |
---|
444 | query={'year': str(month[0]), 'month': str(month[1])}) |
---|
445 | } |
---|
446 | json_stats.append(month_stats) |
---|
447 | return Response(content_type='application/json', |
---|
448 | charset='utf-8', |
---|
449 | body=json.dumps(json_stats)) |
---|
450 | |
---|
451 | |
---|
452 | @view_config( |
---|
453 | context=User, |
---|
454 | permission='view', |
---|
455 | name='weekly') |
---|
456 | def last_weeks_stats(context, request): |
---|
457 | """ |
---|
458 | Return a json-encoded stream with statistics for the last 12-months, but |
---|
459 | in a per-week basis |
---|
460 | """ |
---|
461 | stats = context.weekly_year_stats |
---|
462 | # this sets which month is 2 times in the stats, once this year, once |
---|
463 | # the previous year. We will show it a bit different in the UI (showing |
---|
464 | # the year too to prevent confusion) |
---|
465 | repeated_month = datetime.now(timezone.utc).date().month |
---|
466 | json_stats = [] |
---|
467 | for week in stats: |
---|
468 | hms = timedelta_to_hms(stats[week]['time']) |
---|
469 | name = month_name[week[1]][:3] |
---|
470 | if week[1] == repeated_month: |
---|
471 | name += ' ' + str(week[0]) |
---|
472 | week_stats = { |
---|
473 | 'id': '-'.join( |
---|
474 | [str(week[0]), str(week[1]).zfill(2), str(week[2])]), |
---|
475 | 'week': str(week[3]), # the number of week in the current month |
---|
476 | 'name': name, |
---|
477 | 'time': str(hms[0]).zfill(2), |
---|
478 | 'distance': int(round(stats[week]['distance'])), |
---|
479 | 'elevation': int(stats[week]['elevation']), |
---|
480 | 'workouts': stats[week]['workouts'], |
---|
481 | 'url': request.resource_url( |
---|
482 | context, 'profile', |
---|
483 | query={'year': str(week[0]), |
---|
484 | 'month': str(week[1]), |
---|
485 | 'week': str(week[2])}) |
---|
486 | } |
---|
487 | json_stats.append(week_stats) |
---|
488 | return Response(content_type='application/json', |
---|
489 | charset='utf-8', |
---|
490 | body=json.dumps(json_stats)) |
---|