From c42128b4a7ffd165171bdfb581025cdd1c62754c Mon Sep 17 00:00:00 2001 From: Antonio de la Rosa Date: Fri, 28 Feb 2025 02:03:51 +0100 Subject: [PATCH] Fixes --- paramecio/libraries/db/formsutils.py | 10 +++--- paramecio/libraries/db/simplequery.py | 44 +++++++++++++++++++++++++++ paramecio/libraries/httputils.py | 14 ++++----- paramecio/libraries/i18n.py | 2 +- paramecio/libraries/mtemplates.py | 15 +++++++-- paramecio/libraries/sessionplugin.py | 37 +++++++++++++--------- 6 files changed, 93 insertions(+), 29 deletions(-) create mode 100644 paramecio/libraries/db/simplequery.py diff --git a/paramecio/libraries/db/formsutils.py b/paramecio/libraries/db/formsutils.py index b821797..ba5678d 100644 --- a/paramecio/libraries/db/formsutils.py +++ b/paramecio/libraries/db/formsutils.py @@ -3,7 +3,7 @@ from paramecio.libraries.db import corefields from paramecio.libraries.db.coreforms import PasswordForm from paramecio.libraries.i18n import I18n -from paramecio.libraries.sessions import get_session +from paramecio.libraries.sessionplugin import get_session from paramecio.libraries.keyutils import create_key_encrypt from bottle import request @@ -123,9 +123,9 @@ def csrf_token(token_id='csrf_token'): s=get_session() - if not 'csrf_token' in s: - s['csrf_token']=create_key_encrypt() - s.save() + #if not 'csrf_token' in s: + s['csrf_token']=create_key_encrypt() + #s.save() return '' @@ -135,7 +135,7 @@ def generate_csrf(): if not 'csrf_token' in s: s['csrf_token']=create_key_encrypt() - s.save() + #s.save() return s['csrf_token'] diff --git a/paramecio/libraries/db/simplequery.py b/paramecio/libraries/db/simplequery.py new file mode 100644 index 0000000..7c8aaad --- /dev/null +++ b/paramecio/libraries/db/simplequery.py @@ -0,0 +1,44 @@ + +# A more simple set for make queries + +def insert(model, db, dict_values): + + final_values={} + + for k in model.fields.keys(): + final_values[k]=model.fields[k].check(dict_values.get(k, '')) + + del final_values[model.name_field_id] + + str_fields="`"+"`, `".join(final_values.keys())+"`" + + str_query='insert into {} ({}) VALUES ({})'.format(model.name, str_fields, ", ".join(['%s']*len(final_values))) + + success=False + + with db.query(str_query, list(final_values.values())) as cursor: + + if cursor.rowcount>0: + + model.last_id=cursor.lastrowid + success=True + + return success + + +def select(model, db, dict_fields=[], where_sql='', limit='', dict_values=[]): + + if len(dict_fields)==0: + dict_fields=['`'+field+'`' for field in model.fields.keys()] + + str_fields=", ".join(dict_fields) + + str_query='select {} from {} {} limit 1'.format(str_fields, model.name, where_sql) + + arr_result=[] + + with db.query(str_query, dict_values) as cursor: + + arr_result=cursor.fetchall() + + return arr_result diff --git a/paramecio/libraries/httputils.py b/paramecio/libraries/httputils.py index 8a4accf..4055ebc 100644 --- a/paramecio/libraries/httputils.py +++ b/paramecio/libraries/httputils.py @@ -2,7 +2,7 @@ import json, re from bottle import request, response -from paramecio.libraries.sessions import get_session +from paramecio.libraries.sessionplugin import get_session from paramecio.libraries.keyutils import create_key_encrypt from bottle import HTTPResponse @@ -100,20 +100,20 @@ class GetPostFiles: self.post[post]=self.post.get(post, '') s=get_session() - + #print('s', s) if ignore_csrf_token==False and no_csrf==False: if 'csrf_token' in s: self.post['csrf_token']=self.post.get('csrf_token', '') - + if self.post['csrf_token']!=s['csrf_token'] or self.post['csrf_token'].strip()=="": # Clean csrf_token del s['csrf_token'] - s.save() + #s.save() #raise NameError('Error: you need a valid csrf_token') raise HTTPResponse(body=json.dumps({'error_csrf': 1, 'error': 1, 'token_invalid': 1}), status=200, headers={'Content-type': 'application/json'}) @@ -124,7 +124,7 @@ class GetPostFiles: del s['csrf_token'] - s.save() + #s.save() else: @@ -160,8 +160,8 @@ def check_csrf(post): del s['csrf_token'] - s.save() + #s.save() else: #raise NameError('Error: you don\'t send any valid csrf_token') - raise HTTPResponse(body=json.dumps({'error_csrf': 1, 'error': 1, 'token_invalid': 0}), status=200, headers={'Content-type': 'application/json'}) + raise HTTPResponse(body=json.dumps({'error_csrf': 1, 'error': 1, 'message': 'Error: csrf token invalid', 'token_invalid': 0}), status=200, headers={'Content-type': 'application/json'}) diff --git a/paramecio/libraries/i18n.py b/paramecio/libraries/i18n.py index a11d138..7733b17 100644 --- a/paramecio/libraries/i18n.py +++ b/paramecio/libraries/i18n.py @@ -20,7 +20,7 @@ along with this program. If not, see . """ from importlib import import_module -from paramecio.libraries.sessions import get_session +from paramecio.libraries.sessionplugin import get_session import json from bottle import request import gettext diff --git a/paramecio/libraries/mtemplates.py b/paramecio/libraries/mtemplates.py index d1a99a8..055c2aa 100644 --- a/paramecio/libraries/mtemplates.py +++ b/paramecio/libraries/mtemplates.py @@ -31,6 +31,7 @@ from paramecio.libraries.js import make_js_url from settings import config from os import path from collections import OrderedDict +from paramecio.wsgiapp import app # Preparing envs for views of modules, and views of @@ -85,13 +86,17 @@ def preload_templates(template_files, env): return templates +def url_for(name): + + return app.get_url(name) + class PTemplate: """A class used how shortcuts for Mako template functions. """ templates_loaded={} - def __init__(self, environment, app=None): + def __init__(self, environment): """A class used how shortcuts for Mako template functions. @@ -188,7 +193,7 @@ class PTemplate: module_env=self.env.directories[1].replace('/templates', '') - self.l=PGetText(module_env+'/index.py') + self.l=PGetText(module_env+'/app.py') self.add_filter(self._) @@ -197,6 +202,12 @@ class PTemplate: self.add_filter(self.i18n.slang) self.add_filter(self.i18n.tlang) + + #self.url_for=lambda name: app.get_url(name) + #x = lambda a : a + 10 + #print(self.url_for) + + self.add_filter(url_for) def _(self, text): diff --git a/paramecio/libraries/sessionplugin.py b/paramecio/libraries/sessionplugin.py index 8fcc61c..56e905a 100644 --- a/paramecio/libraries/sessionplugin.py +++ b/paramecio/libraries/sessionplugin.py @@ -16,6 +16,10 @@ class Session(dict): super(Session, self).__setitem__(item, value) self.changed=True +def get_session(): + + return request.environ.get('session', {}) + class SessionPlugin(object): name = 'session' @@ -52,32 +56,37 @@ class SessionPlugin(object): cookie=request.get_cookie(config.cookie_name) - s=None + safe=None if not cookie: session=Session() else: - s=URLSafeTimedSerializer(config.key_encrypt) - - session=Session(s.loads(cookie)) - - if type(session).__name__!='Session': - session=Session() + safe=URLSafeTimedSerializer(config.key_encrypt) + try: + session=Session(safe.loads(cookie)) - #except: - # session=Session() + if type(session).__name__!='Session': + session=Session() + + except: + session=Session() kwargs['session']=session + #For compatibility with old sessions server-side style. + + request.environ['session']=session + rv=callback(*args, **kwargs) if session.changed: - #print('changed') - if not s: - s=URLSafeTimedSerializer(config.key_encrypt) - #print(session) - response.set_cookie(config.cookie_name, s.dumps(session)) + print('changed') + if not safe: + safe=URLSafeTimedSerializer(config.key_encrypt) + + #if not max_age: + response.set_cookie(config.cookie_name, safe.dumps(session), path=config.session_opts['session.path'], httponly=True) return rv