Logging in. And stuff.

.gitignore

@@ -1,3 +1,4 @@
 olddata
 webapp/data.db
+config.py
 *pyc

webapp/__init__.py

@@ -3,13 +3,17 @@ import hmac
 
 from flask import Flask, request, abort
 from flask.ext.sqlalchemy import SQLAlchemy
+from flask.ext.login import LoginManager
 
 app = Flask(__name__)
 app.config.from_object("config.DevelopmentConfig")
 db = SQLAlchemy(app)
+login_manager = LoginManager()
+login_manager.init_app(app)
 
 import webapp.models
 
+
 def api_method(path, private=True):
     """A decorator that decodes the POST body as JSON.
     The decoded body is stored as request.decoded.
@@ -57,6 +61,29 @@ def api_method(path, private=True):
         return app.route(path, methods=["POST"])(wrapper)
     return decorator
 
+
+class User(object):
+    def __init__(self, username):
+        self.username = username
+
+    def is_authenticated(self):
+        return True
+
+    def is_active(self):
+        return True
+
+    def is_anonymous(self):
+        return False
+
+    def get_id(self):
+        return self.username
+
+
+@login_manager.user_loader
+def load_user(username):
+    return User(username)
+
+
 import webapp.views
 
 

webapp/banking.py

@@ -0,0 +1,74 @@
+#!/usr/bin/env/python2
+# -*- coding: utf-8 -*-
+
+import csv
+import datetime
+import re
+import hashlib
+import StringIO
+
+from webapp import app
+
+
+class BREParseError(Exception):
+    pass
+
+
+class BRERow(object):
+    BRE_IN = [772, 770]
+    SECRET = app.config["SECRET"]
+
+    def parse_data(self):
+        datar = self.data_raw.split(";")
+        data = {}
+        for d in datar[1:]:
+            kv = d.split(":")
+            k = kv[0].strip()
+            v = ":".join(kv[1:]).strip()
+            data[k] = v
+
+        if self._type in self.BRE_IN:
+            # in
+            self.type = "IN"
+            self.from_name = data["od"]
+            self.from_account = data["z rach."]
+            self.title = data["tyt."].lower()
+            self.tnr = int(data["TNR"].split(".")[0])
+
+        self.olduid = hashlib.sha256(self.SECRET + ','.join(self.raw).encode("utf-8")).hexdigest()
+        self.uid = hashlib.sha256(self.SECRET + data["TNR"]).hexdigest()
+
+    def __init__(self, row):
+        self.time = datetime.datetime.strptime(row[1], "%d/%m/%Y")
+        self.account = row[2]
+        # is this secure?
+        self.amount = int(float(row[3].replace(",", ".").replace(" ", "")) * 100)
+        self._type = int(row[6])
+        self.data_raw = row[5]
+        self.type = ""
+        self.raw = row
+
+
+class BREParser(object):
+    def __init__(self):
+        self.rows = []
+
+    def parse(self, snapshot):
+        c = csv.reader(StringIO.StringIO(snapshot), delimiter="|")
+        for row in c:
+            r = BRERow([r.decode("iso-8859-2") for r in row])
+            r.parse_data()
+            self.rows.append(r)
+
+    def get_by_type(self, y):
+        return [row for row in self.rows if row.type == "IN"]
+
+
+def guess_title(title):
+    m = re.match(ur"^([a-z0-9\-_\.]+) *\- *(fatty|starving) *z\- *([0-9a-z\-_ąężźćóżłśń]+$)", title.strip().lower())
+    if not m:
+        return None, None, None
+    member, _type, title = m.group(1), m.group(2), m.group(3)
+    if title in [u"składka", u"opłata", u"opłata miesięczna", "skladka"]:
+        return member, _type, None
+    return member, _type, title

webapp/forms.py

@@ -0,0 +1,6 @@
+from wtforms import Form, TextField, PasswordField, validators
+
+
+class LoginForm(Form):
+    username = TextField('Username', [validators.Required()])
+    password = PasswordField('Password', [validators.Required()])

webapp/templates/login.html

@@ -0,0 +1,9 @@
+<html>
+    <body>
+        <form method="post" action="/login">
+            {{ form.username()|safe }}
+            {{ form.password()|safe }}
+            <input type="submit" value="Login" />
+        </form>
+    </body>
+</html>

webapp/views.py

@@ -1,11 +1,14 @@
 import datetime
+import requests
 
-from webapp import app, api_method, models
-from flask import request, abort
+from webapp import app, api_method, models, login_manager, forms, User
+from flask.ext.login import login_user, login_required, logout_user
+from flask import request, abort, redirect, flash, render_template, url_for
 
 
 @app.route("/")
-def root():
+@login_required
+def index():
     return 'Hello.'
 
 @api_method("/members")
@@ -59,4 +62,24 @@ def manamana():
         amount = amount_all / len(mt.transfer.member_transfers)
         money_paid += amount
 
-    return dict(required=money_required, paid=money_paid/100)
+    return dict(required=money_required, paid=money_paid/100)
+
+
+@app.route("/login", methods=["POST", "GET"])
+def login():
+    form = forms.LoginForm(request.form)
+    if request.method == "POST" and form.validate():
+        if requests.get("https://capacifier.hackerspace.pl/staff/{}".format(form.username.data)).status_code == 200:
+            if requests.post("https://auth.hackerspace.pl/",
+                             dict(login=form.username.data, password=form.password.data)).status_code == 200:
+                user = User(form.username.data)
+                login_user(user)
+                flash('Logged in succesfully')
+                return redirect(request.args.get("next") or url_for("index"))
+    return render_template("login.html", form=form)
+
+@app.route("/logout")
+@login_required
+def logout():
+    logout_user()
+    return redirect(url_for("index"))