1 |
#!/usr/bin/python |
2 |
|
3 |
# Mouchak Server - |
4 |
# A Flask Application (http://flask.pocoo.org/) |
5 |
|
6 |
############################################################################### |
7 |
# TODO: While moving rendering, routing and controlling to server side, the API |
8 |
# has to change and improve. The API should be as follows:- |
9 |
# -- |
10 |
# For Pages |
11 |
# |
12 |
# [GET] /mouchak/api/v1a/pages/ - Retrieve list of all the pages |
13 |
# [GET] /mouchak/api/v1a/pages/<id> - Retrieve specfic page |
14 |
# [POST] /mouchak/api/v1a/pages - Create a new page, with data in payload |
15 |
# [PUT] /mouchak/api/v1a/pages/<id> - Update a specific page, with data in |
16 |
# payload |
17 |
# [DELETE] /mouchak/api/v1a/pages/<id> - Delete a specific page |
18 |
# -- |
19 |
# |
20 |
# For Sitemap (There is only one instance of sitemap in a given website, hence |
21 |
# the API is quite simple. |
22 |
# |
23 |
# [GET] /mouchak/api/v1a/sitemap - Retrieve the sitemap |
24 |
# [PUT] /mouchak/api/v1a/sitemap - Update the sitemap |
25 |
############################################################################### |
26 |
|
27 |
import flask |
28 |
import pymongo |
29 |
import bson |
30 |
import conf |
31 |
import os |
32 |
import json |
33 |
from werkzeug import secure_filename |
34 |
|
35 |
PLUGIN_UPLOAD_FOLDER = os.path.join(os.path.dirname(os.path.abspath(__file__)) |
36 |
+ '/static/user_plugins') |
37 |
PLUGIN_ALLOWED_EXTENSIONS = set(['js', 'css']) |
38 |
|
39 |
FILE_UPLOAD_FOLDER = os.path.join(os.path.dirname(os.path.abspath(__file__)) + |
40 |
'/static/uploads') |
41 |
|
42 |
app = flask.Flask(__name__) |
43 |
|
44 |
|
45 |
|
46 |
dbClient = pymongo.MongoClient() |
47 |
db = dbClient[conf.DB] |
48 |
siteContent = db['content'] |
49 |
siteMenu = db['menu'] |
50 |
if siteMenu.find_one() == None: |
51 |
siteMenu.insert({'customMenu': False, 'menuOrder': [], 'html': ''}) |
52 |
|
53 |
|
54 |
# handy reference to otherwise long name |
55 |
bson.ObjId = bson.objectid.ObjectId |
56 |
|
57 |
|
58 |
def getContent(): |
59 |
content = [] |
60 |
for i in siteContent.find(): |
61 |
objId = bson.ObjId(i['_id']) |
62 |
del(i['_id']) |
63 |
i['id'] = str(objId) |
64 |
content.append(i) |
65 |
|
66 |
menu = siteMenu.find_one() |
67 |
objId = bson.ObjId(menu['_id']) |
68 |
del(menu['_id']) |
69 |
menu['id'] = str(objId) |
70 |
|
71 |
return {'content': content, 'menu': menu} |
72 |
|
73 |
|
74 |
def allowed_file(filename): |
75 |
return '.' in filename and \ |
76 |
filename.rsplit('.', 1)[1] in PLUGIN_ALLOWED_EXTENSIONS |
77 |
|
78 |
|
79 |
@app.errorhandler(404) |
80 |
def pageNotFound(e): |
81 |
return flask.render_template('404.html'), 404 |
82 |
|
83 |
|
84 |
@app.route('/', methods=['GET']) |
85 |
def index(): |
86 |
return flask.render_template('index.html', content=getContent(), |
87 |
title=conf.SITE_TITLE, footer=conf.SITE_FOOTER) |
88 |
|
89 |
|
90 |
@app.route('/edit', methods=['GET']) |
91 |
def edit(): |
92 |
if "logged_in" in flask.session: |
93 |
flask.session['key'] = conf.SECRET_KEY |
94 |
return flask.render_template('editor.html', content=getContent(), |
95 |
title=conf.SITE_TITLE) |
96 |
else: |
97 |
return flask.redirect(flask.url_for('login')) |
98 |
|
99 |
|
100 |
@app.route('/pages', methods=['GET']) |
101 |
def listPages(): |
102 |
# if limit and offset are given as query string params, |
103 |
# send pages with that limit starting from the offset |
104 |
if flask.request.args.get('limit'): |
105 |
content = [] |
106 |
limit = int(flask.request.args.get('limit')) |
107 |
if flask.request.args.get('offset'): |
108 |
offset = int(flask.request.args.get('offset')) |
109 |
else: |
110 |
offset = 0 |
111 |
for page in siteContent.find().sort('_id', 1)[offset:offset+limit]: |
112 |
del(page['_id']) |
113 |
content.append(page) |
114 |
print len(content) |
115 |
return flask.make_response(json.dumps(content), '200 OK', |
116 |
{'Content-Type': 'application/json'}) |
117 |
else: |
118 |
content = getContent()['content'] |
119 |
return flask.make_response(json.dumps(content), '200 OK', |
120 |
{'Content-Type': 'application/json'}) |
121 |
|
122 |
@app.route('/pages/<_id>', methods=['GET']) |
123 |
def listPage(_id): |
124 |
try: |
125 |
page = siteContent.find_one({'_id': bson.ObjId(_id)}) |
126 |
del(page['_id']) |
127 |
print page |
128 |
return flask.jsonify(page) |
129 |
except: |
130 |
return flask.abort(404) |
131 |
|
132 |
|
133 |
@app.route('/page', methods=['POST']) |
134 |
def insertPage(): |
135 |
newpage = flask.request.json |
136 |
print newpage |
137 |
res = siteContent.insert(newpage) |
138 |
_id = bson.ObjId(res) |
139 |
newpage['id'] = str(_id) |
140 |
del(newpage['_id']) |
141 |
print newpage |
142 |
response = flask.jsonify(newpage) |
143 |
response.headers['Access-Control-Allow-Origin'] = '*' |
144 |
# FIXME: handle errors |
145 |
#return flask.jsonify(status='ok', page=newpage) |
146 |
return response |
147 |
|
148 |
|
149 |
@app.route('/page/<_id>', methods=['PUT', 'DELETE']) |
150 |
def updatePage(_id): |
151 |
if flask.request.method == 'PUT': |
152 |
changedPage = flask.request.json |
153 |
print changedPage |
154 |
print '=======' |
155 |
res = siteContent.update({'_id': bson.ObjId(_id)}, |
156 |
changedPage) |
157 |
print res |
158 |
if res['err'] == None: |
159 |
print changedPage |
160 |
#return flask.jsonify(status='ok', page=changedPage) |
161 |
return flask.jsonify(changedPage) |
162 |
|
163 |
elif flask.request.method == 'DELETE': |
164 |
delPage = flask.request.url |
165 |
print delPage |
166 |
print _id |
167 |
res = siteContent.remove({'_id': bson.ObjId(_id)}) |
168 |
print res |
169 |
if res['err'] == None: |
170 |
return flask.jsonify(status='ok') |
171 |
else: |
172 |
return flask.jsonify(error=res['err'], status='error') |
173 |
|
174 |
|
175 |
@app.route('/menu', methods=['POST']) |
176 |
def insertMenu(): |
177 |
#newmenu = flask.request.json |
178 |
#print newmenu |
179 |
#res = siteMenu.insert(newmenu) |
180 |
#print res |
181 |
#return flask.jsonify(status='success')#, content=getContent()) |
182 |
return '200 OK' |
183 |
|
184 |
|
185 |
@app.route('/menu/<_id>', methods=['PUT']) |
186 |
def updateMenu(_id): |
187 |
if flask.request.method == 'PUT': |
188 |
changedMenu = flask.request.json |
189 |
print "changed menu:" |
190 |
print changedMenu |
191 |
res = siteMenu.update({'_id': bson.ObjId(_id)}, changedMenu) |
192 |
print res |
193 |
#return flask.jsonify(status='ok', menu=changedMenu) |
194 |
return flask.jsonify(changedMenu) |
195 |
|
196 |
#elif flask.request.method == 'DELETE': |
197 |
# delMenu = flask.request.url |
198 |
# print delMenu |
199 |
# print _id |
200 |
# res = siteMenu.remove({'_id': bson.ObjId(_id)}) |
201 |
# return flask.jsonify(status='deleted') |
202 |
|
203 |
|
204 |
# Basic login for one single admin user whose credentials are in conf.py |
205 |
@app.route('/login', methods=['GET', 'POST']) |
206 |
def login(): |
207 |
error = None |
208 |
if flask.request.method == 'POST': |
209 |
print flask.request.form |
210 |
if flask.request.form['username'] != conf.ADMIN_USERNAME: |
211 |
error = 'Invalid username' |
212 |
elif flask.request.form['password'] != conf.ADMIN_PASSWORD: |
213 |
error = 'Invaid password' |
214 |
else: |
215 |
flask.session['logged_in'] = True |
216 |
flask.session['key'] = conf.SECRET_KEY |
217 |
flask.flash('You were logged in') |
218 |
return flask.redirect(flask.url_for('edit')) |
219 |
return flask.render_template('login.html', error=error) |
220 |
|
221 |
@app.route('/logout') |
222 |
def logout(): |
223 |
flask.session.pop('logged_in', None) |
224 |
flask.flash('You were logged out') |
225 |
return flask.redirect(flask.url_for('login')) |
226 |
|
227 |
|
228 |
#TODO: refactor these code to classes |
229 |
#TODO: find out if this is a good method for saving plugins.. |
230 |
@app.route('/static/user_plugins/<filename>', methods=['POST']) |
231 |
def savePlugin(filename): |
232 |
if flask.request.method == 'POST': |
233 |
if filename and allowed_file(filename): |
234 |
data = flask.request.form['code'] |
235 |
filename = secure_filename(filename) |
236 |
fh = open(os.path.join(PLUGIN_UPLOAD_FOLDER + '/' + filename), 'w') |
237 |
fh.write(data) |
238 |
fh.close() |
239 |
return flask.jsonify(saved = True) |
240 |
|
241 |
#TODO: find out if this is a good method for uploading plugins.. |
242 |
@app.route('/upload/plugin', methods=['POST']) |
243 |
def uploadPlugin(): |
244 |
if flask.request.method == 'POST': |
245 |
print flask.request.files |
246 |
file = flask.request.files['plugin-file'] |
247 |
if file and allowed_file(file.filename): |
248 |
filename = secure_filename(file.filename) |
249 |
file.save(os.path.join(app.config['PLUGIN_UPLOAD_FOLDER'], |
250 |
filename)) |
251 |
|
252 |
#return flask.redirect(flask.url_for('uploaded_file', |
253 |
# filename=filename)) |
254 |
return flask.jsonify(uploaded = True, |
255 |
path=flask.url_for('static', filename = |
256 |
'user_plugins/'+ filename)) |
257 |
|
258 |
@app.route('/robots.txt') |
259 |
@app.route('/crossdomain.xml') |
260 |
def static_from_root(): |
261 |
return flask.send_from_directory(app.static_folder, request.path[1:]) |
262 |
|
263 |
|
264 |
app.config.from_object(conf) |
265 |
app.config['PLUGIN_UPLOAD_FOLDER'] = PLUGIN_UPLOAD_FOLDER |
266 |
|
267 |
import logging,os |
268 |
from logging import FileHandler |
269 |
|
270 |
fil = FileHandler(os.path.join(os.path.dirname(__file__),'logme'),mode='a') |
271 |
fil.setLevel(logging.ERROR) |
272 |
app.logger.addHandler(fil) |
273 |
|
274 |
|
275 |
|
276 |
if __name__ == "__main__": |
277 |
app.run(debug=True, host=conf.HOST, port=conf.PORT) |