2 # -*- coding: utf-8 -*-
4 from flask
import Flask
, request
, session
, g
, redirect
, url_for
, abort
, \
7 from datetime
import date
, timedelta
8 from contextlib
import closing
10 locale
.setlocale(locale
.LC_ALL
, '')
12 DATABASE
= '/tmp/cavote.db'
13 SECRET_KEY
= '{J@uRKO,xO-PK7B,jF?>iHbxLasF9s#zjOoy=+:'
17 app
.config
.from_object(__name__
)
20 return sqlite3
.connect(app
.config
['DATABASE'])
27 def teardown_request(exception
):
32 return render_template('index.html')
34 def query_db(query
, args
=(), one
=False):
35 cur
= g
.db
.execute(query
, args
)
36 rv
= [dict((cur
.description
[idx
][0], value
)
37 for idx
, value
in enumerate(row
)) for row
in cur
.fetchall()]
38 return (rv
[0] if rv
else None) if one
else rv
41 with
closing(connect_db()) as db
:
42 with app
.open_resource('schema.sql') as f
:
43 db
.cursor().executescript(f
.read())
49 def valid_login(username
, password
):
50 return query_db('select * from users where email = ? and password = ?', [username
, password
], one
=True)
52 def connect_user(user
):
53 session
['userid'] = user
['id']
54 session
['username'] = user
['name']
55 session
['email'] = user
['email']
56 session
['organization'] = user
['organization']
57 if user
['is_admin'] == 1:
58 session
['is_admin'] = True
60 def disconnect_user():
61 session
.pop('username', None)
62 session
.pop('is_admin', None)
64 @app.route('/login', methods
=['GET', 'POST'])
66 if request
.method
== 'POST':
67 user
= valid_login(request
.form
['username'], request
.form
['password'])
69 flash('Invalid username/password', 'error')
72 flash('You were logged in', 'success')
73 return redirect(url_for('home'))
74 return render_template('login.html')
79 flash('You were logged out', 'info')
80 return redirect(url_for('home'))
85 @app.route('/password/lost', methods
=['GET', 'POST'])
88 if request
.method
== 'POST':
89 user
= query_db('select * from users where email = ?', [request
.form
['email']], one
=True)
91 flash('Cet utilisateur n\'existe pas !', 'error')
93 # :TODO:maethor:120528: Générer la clé, la mettre dans la base de données et envoyer le mail
94 flash(u
"Un mail a été envoyé à " + user
['email'], 'info')
95 return render_template('password_lost.html')
97 @app.route('/login/<username>/<key>')
98 def login_key(username
, key
):
99 user
= query_db('select * from users where email = ? and key = ?', [username
, key
], one
=True)
104 # :TODO:maethor:120528: Remplacer la clé pour qu'elle ne puisse plus être utilisée
105 return redirect(url_for('home'))
110 @app.route('/user/settings/<username>')
111 def show_user(username
):
112 if username
!= session
.get('username'):
114 return render_template('user_settings.html')
123 @app.route('/votes/<votes>')
124 def show_votes(votes
):
127 votes
= query_db('select title, description, date_begin, date_end from votes order by id desc')
128 elif votes
== 'archive':
129 votes
= query_db('select title, description, date_begin, date_end from votes where date_end < (?) order by id desc', [today
])
130 elif votes
== 'current':
131 votes
= query_db('select title, description, date_begin, date_end from votes where date_end >= (?) order by id desc', [today
])
134 return render_template('show_votes.html', votes
=votes
)
139 @app.route('/votes/admin/new')
141 if not session
.get('is_admin'):
143 return render_template('new_vote.html')
145 @app.route('/votes/admin/add', methods
=['POST'])
147 if not session
.get('is_admin'):
149 date_begin
= date
.today()
150 date_end
= date
.today() + timedelta(days
=int(request
.form
['days']))
154 if 'transparent' in request
.form
.keys():
156 if 'public' in request
.form
.keys():
158 if 'multiplechoice' in request
.form
.keys():
160 g
.db
.execute('insert into votes (title, description, date_begin, date_end, is_transparent, is_public, is_multiplechoice) values (?, ?, ?, ?, ?, ?, ?)',
161 [request
.form
['title'], request
.form
['description'], date_begin
, date_end
, transparent
, public
, multiplechoice
])
163 flash('New entry was successfully posted', 'info')
164 return redirect(url_for('home'))
169 if __name__
== '__main__':