ticketfrei/user.py
2018-05-25 02:38:27 +02:00

250 lines
9.2 KiB
Python

from config import config
from bottle import response
from db import db
import jwt
from mastodon import Mastodon
from pylibscrypt import scrypt_mcf, scrypt_mcf_check
class User(object):
def __init__(self, uid):
# set cookie
response.set_cookie('uid', uid, secret=db.secret, path='/')
self.uid = uid
def check_password(self, password):
db.execute("SELECT passhash FROM user WHERE id=?;", (self.uid,))
passhash, = db.cur.fetchone()
return scrypt_mcf_check(passhash.encode('ascii'),
password.encode('utf-8'))
def password(self, password):
passhash = scrypt_mcf(password.encode('utf-8')).decode('ascii')
db.execute("UPDATE user SET passhash=? WHERE id=?;",
(passhash, self.uid))
db.commit()
password = property(None, password) # setter only, can't read back
@property
def enabled(self):
db.execute("SELECT enabled FROM user WHERE user_id=?;", (self.uid,))
return bool(db.cur.fetchone()[0])
@enabled.setter
def enabled(self, enabled):
db.execute("UPDATE user SET enabled=? WHERE id=?",
(1 if enabled else 0, self.uid))
db.commit()
@property
def emails(self):
db.execute("SELECT email FROM email WHERE user_id=?;", (self.uid,))
return (*db.cur.fetchall(),)
def delete_email(self, email):
db.execute("SELECT COUNT(*) FROM email WHERE user_id=?", (self.uid,))
if db.cur.fetchone()[0] == 1:
return False # don't allow to delete last email
db.execute("DELETE FROM email WHERE user_id=? AND email=?;",
(self.uid, email))
db.commit()
return True
def email_token(self, email):
return jwt.encode({
'email': email,
'uid': self.uid
}, db.secret).decode('ascii')
def is_appropriate(self, report):
db.execute("SELECT pattern FROM triggerpatterns WHERE user_id=?;",
(self.uid,))
for pattern, in db.cur.fetchall():
if pattern.search(report.text) is not None:
break
else:
# no pattern matched
return False
db.execute("SELECT word FROM badwords WHERE user_id=?;",
(self.uid,))
badwords = [word.lower() for word, in db.cur.fetchall()]
for word in report.text.lower().split():
if word in badwords:
return False
return True
def get_telegram_credentials(self):
db.execute("""SELECT api_token
FROM telegram_accounts
WHERE user_id = ? AND active = 1;""",
(self.uid,))
row = db.cur.fetchone()
return row[0]
def save_telegram_credentials(self, api_token):
db.execute("""INSERT INTO telegram_accounts (
user_id, api_token, active) VALUES(?, ?, 1);""",
(self.uid, api_token))
db.commit()
def get_telegram_subscribers(self):
db.execute("""SELECT subscriber_id
FROM telegram_subscribers
WHERE user_id = ? AND active = 1;""",
(self.uid,))
rows = db.cur.fetchall()
return rows
def add_telegram_subscribers(self, subscriber_id):
db.execute("""INSERT INTO telegram_subscribers (
user_id, subscriber_id) VALUES(?, ?);""",
(self.uid, subscriber_id))
db.commit()
def remove_telegram_subscribers(self, subscriber_id):
db.execute("""DELETE
FROM telegram_subscribers
WHERE user_id = ?
AND subscriber_id = ?;""",
(self.uid, subscriber_id))
db.commit()
def get_masto_credentials(self):
db.execute("""SELECT access_token, instance_id
FROM mastodon_accounts
WHERE user_id = ? AND active = 1;""",
(self.uid,))
row = db.cur.fetchone()
db.execute("""SELECT instance, client_id, client_secret
FROM mastodon_instances
WHERE id = ?;""",
(row[1],))
instance = db.cur.fetchone()
return instance[1], instance[2], row[0], instance[0]
def get_twitter_credentials(self):
keys = [config['twitter']['consumer_key'],
config['twitter']['consumer_secret']]
row = self.get_twitter_token()
keys.append(row[0])
keys.append(row[1])
return keys
def get_seen_toot(self):
db.execute("SELECT toot_id FROM seen_toots WHERE user_id = ?;",
(self.uid,))
return db.cur.fetchone()[0]
def save_seen_toot(self, toot_id):
db.execute("UPDATE seen_toots SET toot_id = ? WHERE user_id = ?;",
(toot_id, self.uid))
def get_seen_tweet(self):
db.execute("SELECT tweet_id FROM seen_tweets WHERE user_id = ?;",
(self.uid,))
return db.cur.fetchone()[0]
def save_seen_tweet(self, tweet_id):
db.execute("UPDATE seen_tweets SET tweet_id = ? WHERE user_id = ?;",
(tweet_id, self.uid))
def get_seen_dm(self):
db.execute("SELECT message_id FROM seen_dms WHERE user_id = ?;",
(self.uid,))
return db.cur.fetchone()
def save_seen_dm(self, tweet_id):
db.execute("UPDATE seen_dms SET message_id = ? WHERE user_id = ?;",
(tweet_id, self.uid))
def get_mailinglist(self):
db.execute("""SELECT email
FROM mailinglist
WHERE user_id = ? AND active = 1;""", (self.uid,))
return db.cur.fetchone()[0]
def get_seen_mail(self):
db.execute("""SELECT mail_date
FROM seen_mails WHERE user_id = ?;""", (self.uid,))
return db.cur.fetchone()[0]
def save_seen_mail(self, mail_date):
db.execute("UPDATE seen_mail SET mail_date = ? WHERE user_id = ?;",
(mail_date, self.uid))
def get_trigger_words(self, table):
db.execute("""SELECT words
FROM ? WHERE user_id = ?;""", (table, self.uid,))
return db.cur.fetchone()[0]
def state(self):
return dict(foo='bar')
def save_request_token(self, token):
db.execute("""INSERT INTO
twitter_request_tokens(
user_id, request_token, request_token_secret
) VALUES(?, ?, ?);""",
(self.uid, token["oauth_token"],
token["oauth_token_secret"]))
db.commit()
def get_request_token(self):
db.execute("""SELECT request_token, request_token_secret
FROM twitter_request_tokens
WHERE user_id = ?;""", (self.uid,))
request_token = db.cur.fetchone()
db.execute("""DELETE FROM twitter_request_tokens
WHERE user_id = ?;""", (self.uid,))
db.commit()
return {"oauth_token": request_token[0],
"oauth_token_secret": request_token[1]}
def save_twitter_token(self, access_token, access_token_secret):
db.execute(""""INSERT INTO twitter_accounts(
user_id, client_id, client_secret
) VALUES(?, ?, ?);""",
(self.uid, access_token, access_token_secret))
db.commit()
def get_twitter_token(self):
db.execute("""SELECT access_token, access_token_secret
FROM twitter_accouts WHERE user_id = ?;""",
(self.uid,))
return db.cur.fetchall()
def get_mastodon_app_keys(self, instance):
db.execute("""SELECT client_id, client_secret
FROM mastodon_instances
WHERE instance = ?;""", (instance,))
try:
row = db.cur.fetchone()
client_id = row[0]
client_secret = row[1]
return client_id, client_secret
except TypeError:
app_name = "ticketfrei" + str(db.secret)[0:4]
client_id, client_secret \
= Mastodon.create_app(app_name, api_base_url=instance)
db.execute("""INSERT INTO mastodon_instances(
instance, client_id, client_secret
) VALUES(?, ?, ?);""",
(instance, client_id, client_secret))
db.commit()
return client_id, client_secret
def save_masto_token(self, access_token, instance):
db.execute("""SELECT id
FROM mastodon_instances
WHERE instance = ?;""", (instance,))
instance_id = db.cur.fetchone()[0]
db.execute("INSERT INTO mastodon_accounts(user_id, access_token, instance_id, active) "
"VALUES(?, ?, ?, ?);", (self.uid, access_token, instance_id, 1))
db.commit()
def get_city(self):
db.execute("SELECT city FROM user WHERE id == ?;", (self.uid,))
return db.cur.fetchone()[0]