def register(ctx, request): try: payload = request.json() nickname = payload['nickname'] mail = payload['mail'] password = payload['password'] except KeyError as e: raise HTTPBadRequest('{} is required'.format(e)) except Exception as e: raise HTTPBadRequest(e) user = User.query.filter(or_(User.nickname == nickname, User.mail == mail)).first() if user is not None: return jsonify(code=400, message='user exist') catalog = Catalog(name='notes') user = User(nickname=nickname, mail=mail, catalogs=[catalog], password=bcrypt.hashpw(password.encode(), bcrypt.gensalt())) db.session.add(user) try: db.session.commit() return jsonify(code=200) except Exception as e: logging.error(e) db.session.rollback() raise HTTPInternalServerError(e)
def delete(ctx, request): catalog = Catalog.query.filter(Catalog.id == request.args['id']).first_or_404() if catalog.user != request.principal.id: raise exc.HTTPForbidden() if Post.query.filter(Post.catalog == catalog.id).count(): return jsonify(code=422, message='posts not empty') Catalog.query.filter(Catalog.id == request.args['id']).delete() try: db.session.commit() except Exception as e: logging.error(e) db.session.rollback() raise exc.HTTPInternalServerError(e) return jsonify(code=200)
def get_all(ctx, request): page = request.params.get('page', 1) size = request.params.get('size', 50) posts = Post.query.filter(Post.status == 1).paginate(page, size) return jsonify( code=200, posts=posts.dictify(exclude={'author.password', 'author.catalogs'}))
def add_comment(ctx, request): try: payload = request.json() pid = payload['post'] ref_id = payload.get('ref') content = payload['content'] except Exception as e: raise exc.HTTPBadRequest(e) post = Post.query.filter(Post.id == pid).first_or_404( 'post {} not found'.format(pid)) ref = None if ref_id is not None: ref = Comment.query.filter(Comment.id == ref_id).first() comment = Comment(content=content, user=request.principal.id, ref=ref.id, post=pid, timestamp=datetime.datetime.now()) db.session.add(comment) try: db.session.commit() except Exception as e: logging.error(e) db.session.rollback() raise exc.HTTPInternalServerError(e) return jsonify( code=200, comment=comment.dictify(exclude={'user.password', 'user.catalogs'}))
def get(ctx, request): post = Post.query.filter(Post.id == request.args['id']).first_or_404() if post.status != 1: if request.principal is None or request.principal.id != post.author.id: raise exc.HTTPNotFound('post not exist or deleted') return jsonify( code=200, post=post.dictify(exclude={'author.password', 'author.catalogs'}))
def get_all(ctx, request): page = request.params.get('page', 1) size = request.params.get('size', 50) comments = Comment.query.filter( Comment.post == request.args['id']).paginate(page, size) return jsonify( code=200, comments=comments.dictify(exclude={'user.password', 'user.catalogs'}))
def edit(ctx, request): post = Post.query.filter(Post.id == request.args['id']).first_or_404() if post.author_id != request.principal.id: raise exc.HTTPForbidden('it is not your post') post.status = 0 db.session.add(post) try: db.session.commit() except Exception as e: logging.error(e) db.session.rollback() raise exc.HTTPInternalServerError(e) return jsonify( code=200, post=post.dictify(exclude={'author.password', 'author.catalogs'}))
def like(ctx, request): post = Post.query.filter(Post.id == request.args['id']).first_or_404() user = request.principal _like = Like.query.filter(Like.post_id == post.id).filter( Like.user_id == user.id).first() if _like is None: _like = Like(post_id=post, user_id=user) db.session.add(_like) try: db.session.commit() except Exception as e: logging.error(e) db.session.rollback() raise exc.HTTPInternalServerError(e) return jsonify(code=200)
def login(ctx, request): try: payload = request.json() mail = payload['mail'] password = payload['password'] except Exception as e: raise HTTPBadRequest(e) user = User.query.filter(User.email == mail).first_or_404('user {} not exist'.format(mail)) if bcrypt.hashpw(password.encode(), user.password.encode()) == user.password.encode(): key = ctx.config.get_string('auth.key') exp = datetime.datetime.utcnow() + datetime.timedelta(hours=ctx.config.get_int('auth.exp')) token = jwt.encode({'user': user.id, 'exp': exp}, key, 'HS512').decode() return jsonify(code=200, token=token) raise HTTPUnauthorized()
def create(ctx, request): user = request.security.principal catalog_id = int(request.params.get('catalog')) catalog = Catalog.query.filter( Catalog.id == catalog_id).first_or_404('catalog not found') post = Post(author=user, catalog=catalog, timestamp=datetime.datetime.now()) db.session.add(post) try: db.session.commit() return jsonify(code=200, post=post.dictify(relationships=False)) except Exception as e: logging.error(e) db.session.rollback() raise exc.HTTPInternalServerError(e)
def add(ctx, request): try: name = request.json()['name'] except Exception as e: raise exc.HTTPBadRequest(e) user = request.principal catalog = Catalog.query.filter(Catalog.user == user.id)\ .filter(Catalog.name == name).first() if catalog is None: catalog = Catalog(name=name, user=user.id) db.session.add(catalog) try: db.session.commit() except Exception as e: logging.error(e) db.session.rollback() raise exc.HTTPInternalServerError(e) return jsonify(code=200, catalog=catalog.dictify())
def update_post(request, status=0): try: payload = request.json() post_id = payload['post'] content = payload.get('content') title = payload.get('title') catalog_id = payload.get('catalog') except Exception as e: raise exc.HTTPBadRequest(e) post = Post.query.filter(Post.id == post_id).first_or_404() if post.author_id != request.principal.id: raise exc.HTTPForbidden('it is not your post') if post.status != 0: raise exc.HTTPBadRequest('post is published or deleted') if title is not None: post.title = title if catalog_id is not None: catalog = Catalog.query.filter(Catalog.id == catalog_id).first() if catalog is not None: post.catalog = catalog if content is not None: for line in content.splitlines(): m = img_re.search(line) if m: first_image = m.group(2) post.image = first_image break post_content = PostContent.query.filter( PostContent.id == post.id).first() if post_content is None: post_content = PostContent(content=content) post_content.content = content post.content = post_content post.timestamp = datetime.datetime.now() post.status = status db.session.add(post) try: db.session.commit() except Exception as e: raise exc.HTTPInternalServerError(e) return jsonify( code=200, post=post.dictify(exclude={'author.password', 'author.catalogs'}))
def get_all(ctx, request): page = request.params.get('page', 1) size = request.params.get('size', 50) catalogs = Catalog.query.filter(Catalog.user == request.principal.id)\ .paginate(page, size) return jsonify(code=200, catalogs=catalogs.dictify())
def reopen(ctx, request): id = request.args.get('id') ctx.storage.reopen(id) return jsonify(code=200, id=id)
def done(app, request): id = request.args.get('id') app.storage.done(id) return jsonify(code=200, id=id)
def list(ctx, request): filter = request.args.get('filter') todo = ctx.storage.list(filter) return jsonify(code=200, todo=todo)
def add(ctx, request): content = request.json()['content'] id = ctx.storage.add(content) return jsonify(code=200, id=id)
def get(ctx, request): name = request.args.get('name') user = User.query.filter(User.name == name).first_or_404( 'user {} not exist'.format(name)) return jsonify(code=200, user=user.dictify())