@@ -3,3 +3,8 @@ bower_components

 include

 lib

 local

+*.pyc

+.*.swp

+share

+pip-selfcheck.json

+src.twisted

new file mode 100644

Binary files /dev/null and b/db/.data.sql.swp differ

new file mode 100644

Binary files /dev/null and b/db/.schema.sql.swp differ

new file mode 100644

@@ -0,0 +1,31 @@

+INSERT INTO users (name, password, email) VALUES

+  ('user1', 'password', 'user1@example.com'),

+  ('user2', 'password', 'user2@example.com'),

+  ('user3', 'password', 'user2@example.com'),

+  ('user4', 'password', 'user2@example.com'),

+  ('user5', 'password', 'user2@example.com'),

+  ('user6', 'password', 'user2@example.com'),

+  ('user7', 'password', 'user2@example.com'),

+  ('user8', 'password', 'user2@example.com');

+

+SELECT * FROM put_link('user1', 'http://arguendo.com/this/is-link');

+SELECT * FROM put_link('user1', 'http://example.com/this/is-a-link');

+SELECT * FROM put_link('user1', 'http://google.com/is/is-a-link');

+SELECT * FROM put_link('user2', 'http://arguendo.com/this/is-link');

+SELECT * FROM put_link('user2', 'http://arguendo.com/this/is-link?a=we&b=34534');

+SELECT * FROM put_link('user2', 'http://example.com/this/is-a-link');

+SELECT * FROM put_link('user2', 'http://google.com/is/is-a-link');

+SELECT * FROM put_link('user3', 'http://arguendo.com/this/is-link');

+SELECT * FROM put_link('user3', 'http://arguendo.com/this/is-link?a=we&b=34534');

+SELECT * FROM put_link('user3', 'http://example.com/this/is-a-link');

+SELECT * FROM put_link('user3', 'http://google.com/is/is-a-link');

+SELECT * FROM put_link('user4', 'http://arguendo.com/this/is-link?a=we&b=34534');

+SELECT * FROM put_link('user5', 'http://arguendo.com/this/is-link?a=we&b=34534');

+SELECT * FROM put_link('user5', 'http://facebook.com');

+SELECT * FROM put_link('user5', 'http://google.com/is/is-a-link');

+SELECT * FROM put_link('user5', 'http://learn.knockoutjs.com/#/?tutorial=webmail');

+SELECT * FROM put_link('user5', 'http://python.org');

+SELECT * FROM put_link('user6', 'http://learn.knockoutjs.com/#/?tutorial=webmail');

+SELECT * FROM put_link('user6', 'http://stackoverflow.com/questions/13715743/psycopg2-not-actually-inserting-data');

+SELECT * FROM put_link('user7', 'http://learn.knockoutjs.com/#/?tutorial=webmail');

+SELECT * FROM put_link('user7', 'https://mail.google.com/mail/u/3/#inbox');

new file mode 100644

@@ -0,0 +1,64 @@

+DROP TABLE IF EXISTS user_links;

+DROP TABLE IF EXISTS users;

+CREATE TABLE users (

+  id SERIAL UNIQUE NOT NULL,

+  name TEXT UNIQUE NOT NULL,

+  password TEXT NOT NULL,

+  email TEXT NOT NULL,

+  PRIMARY KEY (id)

+);

+

+DROP TABLE IF EXISTS links;

+CREATE TABLE links (

+  id SERIAL UNIQUE NOT NULL,

+  url TEXT NOT NULL,

+  title TEXT DEFAULT '',

+  posted TIMESTAMP DEFAULT current_timestamp,

+  PRIMARY KEY (id)

+);

+CREATE INDEX url_index ON links (url);

+

+CREATE TABLE user_links (

+  id SERIAL UNIQUE NOT NULL,

+  user_id INTEGER REFERENCES users (id) NOT NULL,

+  link_id INTEGER REFERENCES links (id) NOT NULL,

+  UNIQUE (user_id, link_id),

+  PRIMARY KEY (id)

+);

+

+DROP FUNCTION IF EXISTS get_bone(text);

+CREATE OR REPLACE FUNCTION get_bone(username text)

+  RETURNS TABLE(name text, url text, title text, posted timestamp) AS $$

+BEGIN

+  RETURN QUERY SELECT users.name, links.url, links.title, links.posted

+      FROM users

+        INNER JOIN user_links ON user_links.user_id = users.id

+        INNER JOIN links ON user_links.link_id = links.id

+        WHERE users.name=username

+        ORDER BY links.posted DESC;

+END

+$$ LANGUAGE plpgsql;

+

+DROP FUNCTION IF EXISTS put_link(text,text,text);

+DROP TYPE IF EXISTS link_url_type;

+

+CREATE TYPE link_url_type AS (link_id int, user_id int);

+CREATE OR REPLACE FUNCTION put_link(username text, link_url text, link_title text default '')

+  RETURNS link_url_type

+AS $$

+DECLARE

+  n_link_id int;

+  n_user_id int;

+  result link_url_type;

+BEGIN

+  INSERT INTO links (url, title) VALUES

+    (link_url, link_title) RETURNING id INTO n_link_id;

+  SELECT users.id FROM users WHERE users.name = username INTO n_user_id;

+  INSERT INTO user_links (user_id, link_id) VALUES (n_user_id, n_link_id);

+

+  SELECT n_link_id INTO result.link_id;

+  SELECT n_user_id INTO result.user_id;

+  RETURN result;

+END

+$$ LANGUAGE plpgsql;

+

@@ -1,14 +1,10 @@

-[

-  {'url': 'http://www.wsj.com/articles/hillary-seems-tired-not-hungry-1426205650',

-   'title': 'Hillary Seems Tired, Not Hungry',

-   'short-url': 'http://themarrow.is/hillary-seems-tired'},

-  {'url': 'http://www.wsj.com/articles/hillary-seems-tired-not-hungry-1426205650',

-   'title': 'Hillary Seems Tired, But Capable',

-   'short-url': 'http://themarrow.is/hillary-seems-tired-but'},

-  {'url': 'http://example.com/some-page',

-   'title': 'The Page Title',

-   'short-url': 'http://themarrow.is/the-page-title'},

-  {'url': 'http://example.com/another-page',

-   'title': 'The Second Page Title',

-   'short-url': 'http://themarrow.is/the-second-page'}

-]

+{"user1": [

+  {"url": "http://www.wsj.com/articles/hillary-seems-tired-not-hungry-1426205650",

+    "title": "Hillary Seems Tired, Not Hungry"}

+  {"url": "http://www.wsj.com/articles/hillary-seems-tired-not-hungry-1426205650",

+    "title": "Hillary Seems Tired, But Capable"}

+  {"url": "http://example.com/some-page",

+    "title": "The Page Title"},

+  {"url": "http://example.com/another-page",

+    "title": "The Second Page Title"}

+]}

@@ -1,14 +1,31 @@

-from flask import Flask, session, redirect, url_for, escape, request, abort

+from flask import Flask, session, redirect, url_for, escape, request, abort, g

 import json

+import os

+import base64

+import psycopg2

+

+from marrow import database

+from marrow import user

+from marrow import bone

 app = Flask(__name__)

+app.teardown_appcontext(database.close_connection)

 app.config["APPLICATION_ROOT"] = "/api"

+app.secret_key = base64.b64encode(os.urandom(24))

+app.debug = True

+

+

+# Blueprints #

+user.get_users(app)

+app.register_blueprint(user.user_blueprint, url_prefix='/user')

+app.register_blueprint(bone.bone_blueprint, url_prefix='/bones')

+

 links = {}

 def get_feeds(filename):

     global links

     with open(filename) as f:

-        links = {'everyone': json.load(f)}

+        links = json.load(f)

 @app.route('/')

 def index():

@@ -18,84 +35,5 @@ def index():

 def humans():

     return 'blah'

-@app.route('/data/submit', methods=['POST'])

-def submit_link():

-    result = False

-    if 'username' in session:

-        obj = request.get_json()

-        links.setdefault(session['username'], []).append(dict(

-            title = obj.get('title',''), #TODO: get title somehow . . .

-            url = obj['url']

-        ))

-        result = True

-    return json.dumps(result)

-

-@app.route('/data/<username>')

-def user_data(username):

-    return json.dumps(links.get(username, []))

-

-@app.route('/data',methods=['GET'])

-def data():

-    result = {'marrow':[]}

-    if 'username' in session:

-        result['marrow'] = links.get(session['username'])

-    else:

-        result['marrow'] = links['everyone']

-    return json.dumps(result)

-

-users = {}

-def get_users(filename):

-    global users

-    with open(filename) as f:

-        users = {x['username']:x for x in json.load(f)}

-

-

-@app.route('/user/add', methods=['GET', 'POST'])

-def adduser():

-    if request.method == 'POST':

-        users[request.form['username']] = dict(username=request.form['username'],

-                                               password=request.form['password'])

-        return redirect(url_for('index'))

-    else:

-        return '''<form action="" method="post"><p>

-                    <input type=text name=username>

-                    <input type=text name=password>

-                    <p><input type=submit value='Add User'></form>'''

-

-@app.route('/user/check')

-def checkuser():

-    return json.dumps('username' in session)

-

-@app.route('/login', methods=['GET', 'POST'])

-def login():

-    if request.method == 'POST':

-        username, password = request.form['username'], request.form['password']

-        user = users.get(username, {})

-        rightPassword = user.get(password,None)

-        if password == rightPassword:

-            session['username'] = request.form['username']

-        else:

-            abort(403)

-        to = request.args.get('to', '/')

-        return redirect(to)

-    else:

-        return '''<form action="" method="post"><p>

-                    <label for=username>User:</label>

-                    <input type=text name=username>

-                    <label for=password>Passwod:</label>

-                    <input type=text name=password>

-                    <p><input type=submit value=Login></form>'''

-

-@app.route('/logout')

-def logout():

-    session.pop('username', None)

-    return redirect(url_for('index'))

-

-

-app.secret_key = 'Rp7ZKSO21AUDz6DUdROxVoWlZdUoGciX'

-

-get_users('sample_data/users.json')

-get_feeds('sample_data/sites.json')

-app.debug = True

 if __name__ == '__main__':

     app.run(host='0.0.0.0')

new file mode 100644

Binary files /dev/null and b/src/marrow/.bone.py.swp differ

new file mode 100644

Binary files /dev/null and b/src/marrow/.database.py.swp differ

new file mode 100644

Binary files /dev/null and b/src/marrow/.user.py.swp differ

new file mode 100644

new file mode 100644

@@ -0,0 +1,51 @@

+import flask

+from flask import Blueprint, session, redirect, url_for, escape, request, abort, g

+from . import database

+import json

+

+bone_blueprint = Blueprint('bone', __name__)

+

+@bone_blueprint.route('/submit', methods=['POST'])

+def submit_link():

+    result = False

+    if 'username' in session:

+        obj = request.get_json()

+        url, title = obj['url'],obj['title']

+        username = session['username']

+        db = database.get_db()

+        with db.cursor() as cur:

+            cur.callproc('put_link', (username, url, title))

+            cur.fetchall()

+            if cur.rowcount != -1:

+                db.commit()

+                result = True

+    return json.dumps(result)

+

+@bone_blueprint.route('',defaults={'username':None}, methods=['GET'])

+@bone_blueprint.route('/<username>', methods=['GET'])

+def data(username):

+    if username is None and 'username' in session:

+        username = session['username']

+

+    result = {'marrow':[]}

+    with database.get_db().cursor() as cur:

+        cur.execute("SELECT url, title, posted from get_bone(%s);", (username,))

+        result['marrow'] = [

+                dict(url=url,title=title,posted=posted.isoformat())

+                    for url,title,posted

+                    in cur.fetchall()

+        ]

+    return json.dumps(result)

+

+import random

+@bone_blueprint.route('/random')

+def random():

+    db = database.get_db()

+    with db.cursor() as cur:

+        if 'username' in session:

+            cur.execute('SELECT name FROM users WHERE name != %s ORDER BY random() LIMIT 1',

+                    (session['username'],))

+        else:

+            cur.execute('SELECT name FROM users ORDER BY random() LIMIT 1')

+        username = cur.fetchone()[0]

+        return redirect(url_for('bone.data', username=username))

new file mode 100644

@@ -0,0 +1,20 @@

+from flask import g

+import psycopg2

+

+def get_db():

+    db = getattr(g, '_database', None)

+    if db is None:

+        db = g._database = psycopg2.connect(

+          database="marrow",

+          user="marrow",

+          password="marrowpass",

+          host="pgsqlserver.elangley.org"

+        );

+    return db

+

+def close_connection(exception):

+    db = getattr(g, '_database', None)

+    if db is not None:

+        db.close()

+

+

new file mode 100644

@@ -0,0 +1,68 @@

+import flask

+from flask import Blueprint, session, redirect, url_for, escape, request, abort, g

+from . import database

+import json

+

+user_blueprint = Blueprint('user', __name__)

+

+users = {}

+def get_users(app):

+    with app.app_context(): _get_users()

+

+def _get_users():

+    global users

+    cur = database.get_db().cursor()

+    with cur:

+        cur.execute('SELECT name,password,email FROM users')

+        for username,password,email in cur.fetchall():

+            users[username] = dict(username=username, password=password, email=email)

+    

+#TODO: load this from somewhere

+user_env = {}

+@user_blueprint.route('/environment')

+def get_user_env():

+    if 'username' in session:

+        username = session['username']

+        env = user_env.setdefault(username, {})

+        env['username'] = username

+        return env

+        

+@user_blueprint.route('/list')

+def list_users():

+    return json.dumps([_ for _ in users.keys()])

+

+@user_blueprint.route('/add', methods=['POST'])

+def adduser():

+    db = database.get_db()

+    with db.cursor() as cur:

+        obj = request.get_json();

+        username, password = obj['username'], obj['password']

+        cur.execute('INSERT INTO users (name,password,email) VALUES (%s,%s,%s)',

+                    (username, password, 'abc@def.com'))

+        _get_users()

+        db.commit()

+        session['username'] = username

+        return json.dumps(True)

+

+@user_blueprint.route('/check')

+def checkuser():

+    return json.dumps('username' in session)

+

+@user_blueprint.route('/login', methods=['POST'])

+def login():

+    obj = request.get_json();

+    result = False

+    username, password = obj['username'], obj['password']

+    user = users.get(username, {})

+    rightPassword = user.get('password',None)

+    if password == rightPassword:

+        session['username'] = username

+        result = True

+    return json.dumps(result)

+

+@user_blueprint.route('/logout')

+def logout():

+    to = request.args.get('to', '/')

+    session.pop('username', None)

+    return redirect(to)

+

@@ -48,13 +48,31 @@ a {

   text-decoration: none;

 }

+.hidden {

+  display: none;

+}

+

+#login_form {

+  z-index: 100;

+  background: white;

+  position: absolute;

+  height:100%;

+  width:100%;

+  top: 0px;

+  left: 0px;

+}

+#login_form form {

+  position: absolute;

+  top:25%;

+  left:25%;

+}

+

 #sidebar{

   position: absolute;

   height: 25%;

   width: 10%;

   top: 37.5%;

   left: 0px;

-  background: #aaa;

 }

 #sidebar ul {

@@ -68,14 +86,18 @@ a {

   padding-bottom: 5px;

 }

-

-

 #main{

+  padding-left: 10px;

+  padding-top: 50px;

   position: absolute;

   height:100%;

   top:0px;

   right:0px;

   width: 90%;

-  background: #bbb;

-  

 }

+

+#main ul {

+  position:relative;

+}

+

+#main ul 

@@ -7,6 +7,15 @@

   <link rel="stylesheet" href="/css/main.css" media="screen" />

 </head>

 <body>

+  <div id="login_form">

+    <div class="message"></div>

+    <form data-bind="submit: login.login">

+      <input type="text" name="username" placeholder="Username" data-bind="value: login.username" />

+      <input type="text" name="password" placeholder="Password" data-bind="value: login.password" />

+      <button type="submit" >Log In</button>

+      <button data-bind="click: login.newuser">Add User</button>

+    </form>

+  </div>

   <div class="container">

     <section id="main">

       <ul data-bind='foreach: marrow'>

@@ -21,7 +30,8 @@

       <ul>

         <li><a href="/">Home</a></li>

         <li><a href="/mylists">My Lists</a></li>

-        <li><a href="/random">Random</a></li>

+        <li><a href="#" data-bind="click: random">Random</a></li>

+        <li><a href="/api/user/logout?to=/">Log Out</a></li>

       </ul>

     </section>

   </div>

@@ -5,21 +5,91 @@ function Marrow(data) {

   this.url = ko.observable(data.url);

 };

+function Login(master) {

+  var self = this;

+  self.username = ko.observable();

+  self.password = ko.observable();

+

+  self.check = function() {

+    $.getJSON("/api/user/check", function (logged_in) {

+      if (logged_in) {

+        master.update(function() {

+          $('#login_form').addClass('hidden');

+        });

+      }

+    });

+  };

+

+  self.login = function() {

+    var username = self.username();

+    var password = self.password();

+    $.ajax("/api/user/login", {

+      data: ko.toJSON({username:username,password:password}),

+      type: "post", contentType: "application/json",

+      success: function(login_succeeded) {

+        login_succeeded = JSON.parse(login_succeeded);

+        console.log(login_succeeded);

+        var login_form = $('#login_form');

+        if (login_succeeded === true) {

+          master.update(function() {

+            login_form.addClass('hidden');

+          });

+        } else {

+          login_form.children('.message').text('Login Failed!').addClass('err');

+        }

+          

+      }

+    });

+  };

+

+  self.newuser = function() {

+    var username = self.username();

+    var password = self.password();

+    $.ajax("/api/user/add", {

+      data: ko.toJSON({username:username,password:password}),

+      type: "post", contentType: "application/json",

+      success: function(creation_succeeded) {

+        creation_succeeded = JSON.parse(creation_succeeded);

+        console.log(creation_succeeded);

+        if (creation_succeeded === true) {

+          $('#login_form').addClass('hidden');

+        }

+      }

+    });

+  };

+};

+

 function Bone() {

   var self = this;

   self.marrow = ko.observableArray([]);

   self.newLink = ko.observable();

+  self.login = new Login(self);

+  self.login.check();

   self.add_marrow = function(link) {};

-  $.getJSON("/api/data", function(data) {

-    var otherMarrow = $.map(data.marrow, function(item) { return new Marrow(item) });

-    self.marrow(otherMarrow);

-  });

+  self.random = function() {

+    $.getJSON("/api/bones/random", function(data) {

+      if (data !== []) {

+        var theMarrow = $.map(data.marrow, function(item) { return new Marrow(item) });

+        self.marrow(theMarrow);

+      }

+    });

+  };

+

+  self.update = function(cb) {

+    $.getJSON("/api/bones", function(data) {

+      if (data !== []) {

+        var theMarrow = $.map(data.marrow, function(item) { return new Marrow(item) });

+        self.marrow(theMarrow);

+      }

+      cb();

+    });

+  };

   self.addLink = function() {

     var newLink = {url:self.newLink(),title:''};

-    $.ajax("/api/data/submit", {

+    $.ajax("/api/bones/submit", {

       data: ko.toJSON(newLink),

       type: "post", contentType: "application/json",

       success: function(result) {

new file mode 100644

@@ -0,0 +1,2 @@

+User-agent: *

+Disallow: /api/