Beispiel #1
0
 def validateSession(cls, serializedSession: str) -> Models.Session:
     deserialized = cls.deserializeSession(serializedSession)
     # @TODO -- eventually implement timeout
     try:
         session = Models.Session.getById(deserialized.id)
     except:
         raise ApiExceptions.UnauthorizedException()
     if session is not None:
         return session
     else:
         raise ApiExceptions.UnauthorizedException()
Beispiel #2
0
 def convertIngredientToUnit(self):
     unit = flask.request.json.get('unit', None)
     ingredient = flask.request.json.get('ingredient', None)
     if unit is None or ingredient is None:
         raise ApiExceptions.BadRequestException()
     return self.makeResponse(
         RecipeApi.RecipeApi.convertIngredient(ingredient, unit))
Beispiel #3
0
 def changePassword(self, userId: str):
     oldPassword = flask.request.json.get('old')
     newPassword = flask.request.json.get('new')
     if self.userId != userId:
         raise ApiExceptions.ForbiddenException()
     PasswordChangeApi.PasswordChangeApi.changePasswordForUser(userId, oldPassword, newPassword)
     return '', 204
Beispiel #4
0
 def stageUser(cls, email: str, password: str) -> Models.StagedUser:
     passwordHash, salt, nonce = Encryption.encryptPassword(password)
     stagedUser = Models.StagedUser(email=email,
                                    password=passwordHash,
                                    salt=salt,
                                    nonce=nonce,
                                    created=int(time.time()),
                                    token=str(uuid.uuid4()))
     try:
         stagedUser.save()
     except pymongo.errors.DuplicateKeyError:
         raise ApiExceptions.ConflictException()
     # check that this name doesn't clash with another user
     matchingUser = cls.getByUsername(email)
     if matchingUser is not None:
         raise ApiExceptions.ConflictException()
     EmailSender.EmailSender.sendConfirmSignupToken(email, stagedUser.token)
     return stagedUser
Beispiel #5
0
 def changePasswordForUser(cls, userId: str, oldPassword: str, newPassword: str):
     user = Models.User.getById(userId)
     if user is None:
         raise ApiExceptions.NotFoundException()
     # verify the old password
     expectedPassword = user.password
     expectedSalt = user.salt
     expectedNonce = user.nonce
     if Encryption.comparePasswords(expectedPassword, expectedNonce, expectedSalt, oldPassword):
         cls._setPasswordOnUser(user, newPassword)
     else:
         raise ApiExceptions.ForbiddenException
Beispiel #6
0
 def loginUser(cls, username: str, password: str) -> (str, Models.User):
     userLookup = cls.getByUsername(username)
     if userLookup is not None:
         expectedPassword = userLookup.password
         expectedSalt = userLookup.salt
         expectedNonce = userLookup.nonce
         if Encryption.comparePasswords(expectedPassword, expectedNonce,
                                        expectedSalt, password):
             # generate a session for the user
             session = Models.Session(
                 owner=userLookup.id,
                 created=int(time.time()),
                 sessionType='login',
             )
             session.save()
             return SessionApi.SessionApi.serializeSession(
                 session), userLookup
         else:
             raise ApiExceptions.ForbiddenException()
     else:
         raise ApiExceptions.NotFoundException()
Beispiel #7
0
 def generateFromUrl(cls, url: str, userId: str) -> Models.Recipe:
     try:
         return RecipeFormatter.RecipeFormatter.parseScraperIntoRecipe(
             url, userId)
     except recipe_scrapers.NoSchemaFoundInWildMode:
         raise ApiExceptions.UnprocessableEntityException()
Beispiel #8
0
 def parseFromUrl(self):
     recipeUrl = flask.request.json.get('url', None)
     if recipeUrl is None:
         raise ApiExceptions.BadRequestException()
     return self.makeResponse(
         RecipeApi.RecipeApi.generateFromUrl(recipeUrl, self.userId))
Beispiel #9
0
 def getById(self, entityId: str):
     if self.userId != entityId:
         raise ApiExceptions.UnauthorizedException()
     if (entity := UserApi.UserApi.getById(entityId)) is None:
         raise ApiExceptions.NotFoundException