# Create your views here. from django.conf import settings from django.contrib import auth from django.http import HttpResponse from django.http import HttpResponsePermanentRedirect from django.template import loader from django.template import Context from django.shortcuts import render_to_response from django.views.decorators.http import require_POST from django.db.models import Q from datetime import datetime import sha from backend.models import SJLike from backend.models import SJRoom from backend.models import SJContent from backend.models import SJUserProfile API_HEADER = '#@scanjam 0.3b\n' ROOM_VIDEO_LOG_SIZE = 50 # # Common funtions # def set_cors_headers(response): """ Setup additional headers for response """ response['Access-Control-Allow-Origin'] = '*' response['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS' response['Access-Control-Allow-Headers'] = 'x-requested-with' response['Access-Control-Max-Age'] = '3628800' response['Content-type'] = 'text/plain; charset=UTF-8' def api_error_headers(error, response=None): """ Add API error name with setup headers to response """ if not response: response = HttpResponse() set_cors_headers(response) response.write(API_HEADER) response.write('0\t%s\n' % error) return response def api_ok_headers(response=None): """ Add API OK with setup headers to response """ if not response: response = HttpResponse() set_cors_headers(response) response.write(API_HEADER) response.write('OK\n') return response def check_form_fields(request, form_fields): """ Check form fields presence """ for field, value in request.POST.iteritems(): print field, '= "%s"' % value for field in form_fields: if field not in request.POST: return api_error_headers('incomplete form') if not request.POST[field]: return api_error_headers('no %s' % field) def user_response_str(request, user=None): """ Return API response string for user """ if not user: user = request.user if user.is_authenticated(): user_id = user.id username = user.username session_id = request.session.session_key user_access = user.get_profile().access else: user_id = 0 username = 'anonymous' session_id = sha.new('No valid session').hexdigest() user_access = 0 return '%d\t%s\t%s\t%d\n' % (user_id, username, session_id, user_access) # # AUTH API # @require_POST def api_auth_login(request): """ Log in user. Public API """ form_fields = ['username', 'password'] response = check_form_fields(request, form_fields) if response: return response user = auth.authenticate(username=request.POST['username'], password=request.POST['password']) if user: if user.is_active: auth.login(request, user) response = api_ok_headers() response.write(user_response_str(request)) return response else: return api_error_headers('user disabled') else: if auth.models.User.objects.filter(username=request.POST['username']): return api_error_headers('wrong password') else: return api_error_headers('no such user') @require_POST def api_auth_logout(request): """ Log out user. Public API """ auth.logout(request) return api_ok_headers() @require_POST def api_auth_sneakin(request): """ Sneak in user. Public API """ form_fields = ['userid', 'username'] response = check_form_fields(request, form_fields) if response: return response try: user = auth.models.User.objects.get(username=request.POST['username']) if user.id != int(request.POST['userid']): return api_error_headers('no match') except: return api_error_headers('no such user') # Hack to authenticate user manually for backend in auth.get_backends(): user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) break auth.login(request, user) response = api_ok_headers() response.write(user_response_str(request, user)) return response @require_POST def api_auth_register(request): """ Register new user. Public API """ form_fields = ['username', 'password'] response = check_form_fields(request, form_fields) if response: return response if auth.models.User.objects.filter(username=request.POST['username']): return api_error_headers('user exists') user = auth.models.User.objects.create_user(username=request.POST['username'], email='default@noemail.com', password=request.POST['password']) user.is_active = True try: user.save() except: return api_error_headers('db error') user_profile = SJUserProfile(user=user) try: user_profile.save() except: return api_error_headers('db error') response = api_ok_headers() response.write(user_response_str(request, user)) return response @require_POST def api_auth_available(request): """ Check if user exists. Public API """ form_fields = ['username'] response = check_form_fields(request, form_fields) if response: return response if auth.models.User.objects.filter(username=request.POST['username']): return api_error_headers('user exists') return api_ok_headers() @require_POST def api_auth_checkin(request): """ Check in user. Private API """ if request.user.is_authenticated(): response = api_ok_headers() response.write(user_response_str(request)) return response return HttpResponse() @require_POST def api_auth_password(request): """ Change user password. Private API """ form_fields = ['username', 'password'] response = check_form_fields(request, form_fields) if response: return response if request.user.is_authenticated() and request.user.username == request.POST['username']: try: user = auth.models.User.objects.get(username=request.POST['username']) user.set_password(request.POST['password']) user.save() user_profile = user.get_profile() user_profile.save() except auth.models.User.DoesNotExist: return api_error_headers('no such user') except: return api_error_headers('db error') return api_ok_headers() return HttpResponse() # # USER API # @require_POST def api_user_videos(request): """ Get list of user videos. Public API """ # form_fields = ['user'] # response = check_form_fields(request, form_fields) # if response: # return response # try: # query = Q(user=auth.models.User.objects.get(id=request.POST['user'])) # except auth.models.User.DoesNotExist: # return api_error_headers('no such user') # except: # return api_error_headers('db error') # if 'start' in request.POST: # try: # timestamp = float(request.POST['start']) # query = query & Q(date__lte=datetime.fromtimestamp(timestamp)) # except: # pass # videos = SJVideo.objects.filter(query).order_by('-date')[0:ROOM_VIDEO_LOG_SIZE] # if not videos: # return api_error_headers('no videos') # response = api_ok_headers() # response.write('\n'.join(['\t'.join([str(v.id), # str(v.date), # str(v.user.id), # v.user.username, # v.url, # v.title]) for v in videos])) # return response return HttpResponse('Not implemented yet!\n') @require_POST def api_user_likes(request): """ Get list of liked videos. Public API """ # form_fields = ['user'] # response = check_form_fields(request, form_fields) # if response: # return response # try: # query = Q(sjlike__user=auth.models.User.objects.get(id=request.POST['user'])) # except auth.models.User.DoesNotExist: # return api_error_headers('no such user') # except: # return api_error_headers('db error') # if 'start' in request.POST: # try: # timestamp = float(request.POST['start']) # query = query & Q(date__lte=datetime.fromtimestamp(timestamp)) # except: # pass # videos = SJVideo.objects.filter(query).order_by('-date')[0:ROOM_VIDEO_LOG_SIZE] # if not videos: # return api_error_headers('no videos') # response = api_ok_headers() # response.write('\n'.join(['\t'.join([str(v.user.id), # str(v.id), # str(v.date)]) for v in videos])) # return response return HttpResponse('Not implemented yet!\n') @require_POST def api_user_top(request): """ Public API """ form_fields = ['user'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_user_settings(request): """ Private API """ form_fields = ['user', 'bio', 'settings'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') # # ROOM API # @require_POST def api_room_watch(request): """ Public API """ form_fields = ['room', 'last'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_room_list(request): """ Public API """ return HttpResponse('Not implemented yet!\n') @require_POST def api_room_view(request): """ Private API """ form_fields = ['room', 'last'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_room_join(request): """ Private API """ form_fields = ['room', 'enqueue'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_room_read(request): """ Private API """ form_fields = ['room', 'enqueue'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_room_poll(request): """ Private API """ form_fields = ['room', 'last', 'cam'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_room_settings(request): """ Private API """ form_fields = ['room', 'settings'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_room_say(request): """ Private API """ form_fields = ['room', 'msg'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_room_video(request): """ Private API """ form_fields = ['room', 'msg'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') # # VIDEO API # @require_POST def api_video_date(request): """ Public API """ form_fields = ['day', 'month', 'year'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_video_view(request): """ Private API """ form_fields = ['video'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_video_like(request): """ Private API """ form_fields = ['video'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_video_unlike(request): """ Private API """ form_fields = ['video'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_video_remove(request): """ Private API """ form_fields = ['video', 'room'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') @require_POST def api_video_search(request): """ Private API """ form_fields = ['q', 'start', 'limit'] response = check_form_fields(request, form_fields) if response: return response return HttpResponse('Not implemented yet!\n') # # Common views # def stats(request): """ View statistics """ uptime = str(datetime.now() - settings.START_TIME) videos_today = None videos_total = None likes_today = None likes_total = None users_total = None users_today = None users_in_main_room = None new_users_today = None rooms_total = None main_room_peak = None return render_to_response('stats.html', {'users_total': users_total, 'users_today': users_today, 'new_users_today': new_users_today, 'videos_total': videos_total, 'videos_today': videos_today, 'likes_total': likes_total, 'likes_today': likes_today, 'rooms_total': rooms_total, 'main_room_peak': main_room_peak, 'uptime': uptime}) def redirect(request): """ Permanent redirect """ response = HttpResponsePermanentRedirect(redirect_to='http://scannerjammer.com') template = loader.get_template('redirect.html') response.write(template.render(Context())) return response