def delete_session(form):
if not assert_keys_in_form_exist(form, ['sessionID']):
return msg.error_msg("Please check your request body.")
sessions = SessionModel()
given_session_id = form['sessionID']
session_founded = sessions.get_session(session_id=given_session_id)
if session_founded is None:
return msg.error_msg("Failed to find given session")
if len(session_founded) == 0:
return msg.error_msg("Can't found the session.")
if session_founded[0]['end_time'] is not None:
return msg.error_msg("This session already canceled.")
end_time = datetime.utcnow()
res = sessions.end_session(session_id=given_session_id, end_time=end_time)
if res is None:
return msg.error_msg("Failed to end this session.")
return msg.success_msg({
"sessionID": given_session_id,
"endTime": str(end_time)
})
def delete_user(form):
users = UserModel()
sessions = SessionModel()
if not assert_keys_in_form_exist(form, ['sessionID', 'password']):
return msg.error_msg("Please check the inputs.")
password = form['password']
session_id = form['sessionID']
# Get User according to sessionID
session = sessions.get_session(session_id)
if len(session) == 0:
return msg.error_msg("Unable to find the session.")
(sessionid, uid, start_time, end_time) = session[0].values()
if end_time is not None:
return msg.error_msg("Expired SessionID")
# Verify password
if password.strip() == "":
return msg.error_msg("Password cannot be empty.")
findUser = users.get_user(uid=uid, password=encrypt(password), enable=True)
if findUser is None:
return msg.error_msg("Failed to find user.")
if len(findUser) == 0:
return msg.error_msg("Wrong password.")
# Delete User
ret = users.delete_user(uid)
if ret is None:
return msg.error_msg("Failed to delete user.")
# Revoke all sessions
sessions.end_session(uid=uid)
return msg.success_msg({"uid": uid, "sessionID": session_id})
