Ejemplo n.º 1
0
    def post(self):
        if not request.json or 'name' not in request.json:
            abort(400)

        user = User.objects(email=request.json['email'])
        if len(user) > 0:
            return jsonify(
                ok=False,
                errors=['Email already in use. Account creation failed']), 403

        new_user = User(name=request.json['name'],
                        email=request.json['email'],
                        alive=True)

        new_user.description = request.json.get('description', None)
        new_user.location = request.json.get('location', None)
        new_user.phone = request.json.get('phone', None)
        new_user.public = True

        new_user.save()

        if 'password' in request.json:
            auth = Auth(user=new_user,
                        password=request.json['password'],
                        alive=False)

            auth.password = auth.hash_password(request.json['email'],
                                               request.json['password'])
            auth.save()

        return jsonify(ok=True, objects=[new_user.to_json()]), 201
Ejemplo n.º 2
0
 def post(self):
     if not request.json or 'name' not in request.json :
         abort(400)
     
     user = User.objects(email= request.json['email'])
     if len(user) > 0 :
         return jsonify(
                     ok=False,
                     errors=['Email already in use. Account creation failed']
                     ), 403
     
     new_user = User(name= request.json['name'],
                     email= request.json['email'],
                     alive=True
                     )
     
     new_user.description = request.json.get('description', None )
     new_user.location = request.json.get('location', None )
     new_user.phone = request.json.get('phone', None )
     new_user.public = True
     
     new_user.save()
     
     if 'password' in request.json :
         auth = Auth( user= new_user, password=request.json['password'], alive=False )
         
         auth.password = auth.hash_password(
                                 request.json['email'],
                                 request.json['password'])
         auth.save()
     
     return jsonify(ok=True, objects=[new_user.to_json()]), 201
Ejemplo n.º 3
0
 def put(self, id):
     """ Update a user's details """
     user = User.objects.get_or_404(id=id)
     #prevent non authorised users from editing other user's details
     _currentUser = Auth.getUser()
     
     if _currentUser != user :
         abort(401)
         
     if 'user' in request.json:
         # save the old details in history
         user.history.append( user )
         
         user.name = request.json['user']['name']
         user.description = request.json['user']['description']
         user.location = request.json['user']['location']
         user.phone = request.json['user']['phone']
         user.links = request.json['user'].get('links', [])
         user.alive = True
         user.save()
         
         # create an Auth account if it doesn't exist or
         # update the password if it does
         if 'password' in request.json['user'] :
             try:
                 auth = Auth.objects.get(user=user)
             except(Exception):
                 auth = Auth(user=user,
                             password=request.json['user']['password'],
                             alive=True
                             )
             
             auth.password = Auth.hash_password(user.email, auth.password)
             
             auth.save()
         
         return jsonify(ok=True),200
     abort(401)
Ejemplo n.º 4
0
    def put(self, id):
        """ Update a user's details """
        user = User.objects.get_or_404(id=id)
        #prevent non authorised users from editing other user's details
        _currentUser = Auth.getUser()

        if _currentUser != user:
            abort(401)

        if 'user' in request.json:
            # save the old details in history
            user.history.append(user)

            user.name = request.json['user']['name']
            user.description = request.json['user']['description']
            user.location = request.json['user']['location']
            user.phone = request.json['user']['phone']
            user.links = request.json['user'].get('links', [])
            user.alive = True
            user.save()

            # create an Auth account if it doesn't exist or
            # update the password if it does
            if 'password' in request.json['user']:
                try:
                    auth = Auth.objects.get(user=user)
                except (Exception):
                    auth = Auth(user=user,
                                password=request.json['user']['password'],
                                alive=True)

                auth.password = Auth.hash_password(user.email, auth.password)

                auth.save()

            return jsonify(ok=True), 200
        abort(401)
Ejemplo n.º 5
0
    def post (self):
        if not request.json :
            abort(400)
        
        email = request.json.get('email', None)
        password = request.json.get('password', None)

        if email == None or password == None :
            abort(400)
        
        ''' check authentication '''
        try:
            user = User.objects.get(email=email)
            password = Auth.hash_password(user.email, password)
        
            auth = Auth.objects.get(user=user, password=password)
            
            ''' setup a new session '''
            _session = Session(auth_id=str(auth.id),alive=True)
            _session.save()
        
            auth.sessions.append( _session )
            auth.alive = True
            auth.hash = str(auth.id) + str(_session.id)
            auth.save()

            response = make_response(jsonify(ok=True), 200 )
            response.set_cookie('yearplan_user', value=auth.hash)
            response.headers['X-yearplan-user'] = auth.hash
            
            return response
                
        except:
            pass
            
        return jsonify(ok=False,objects=['Invalid email and password combination']), 401