def person(request): if request.method == "POST": if request.body: jsonData = json.loads(request.body.decode("utf-8")) if jsonData["id"]: client_id = bleach.clean(jsonData["id"]) try: person = Person.objects.filter(client_id=client_id)[0] response = { **Person.admin_view(person), **{ 'success': True } } return JsonResponse(response, safe=False) except IndexError: return JsonResponse({"Error": "Invalid"}, safe=False) except: print(sys.exc_info()) return JsonResponse({"Error": "Invalid"}, safe=False)
def authenticate(request): error = False #print(request.body.decode("utf-8")) if request.method == "POST": if request.body: jsonData = json.loads(request.body.decode("utf-8")) if jsonData["username"] and jsonData["password"]: username = bleach.clean(jsonData["username"]) password = jsonData["password"] try: person = Person.objects.filter(username=username)[0] if bcrypt.checkpw(password.encode('utf-8'), bytes(person.hashed_password)): response = { **Person.admin_view(person), **{ 'success': True } } return JsonResponse(response, safe=False) else: return JsonResponse({"Error": "Invalid Login"}, safe=False) except IndexError: return JsonResponse({"Error": "Invalid Login"}, safe=False) except: print(sys.exc_info()) return JsonResponse({"Error": "Invalid Login"}, safe=False) instructions = { 0: "New post must be submitted as POST request with a json body.", 1: { "Required Fields:": { 0: "username", 1: "password" } } } return JsonResponse(instructions, safe=False)
def new_person(request): required_method_type = "POST" if not check_method_type(request, required_method_type): return invalid_method(required_method_type) try: parsed_body = json.loads(request.body.decode('utf-8')) except: return error('no body') for field in Person.required_fields: if field not in parsed_body: return error('mising fields') if 'api_key' in parsed_body: admin = check_api_key(parsed_body['api_key']) else: admin = False if not admin: return error('Admin only action') parsed_body['hashed_password'] = bcrypt.hashpw( parsed_body['password'].encode('utf-8'), bcrypt.gensalt()) try: del parsed_body['password'] del parsed_body['api_key'] except KeyError: return error('cant delete') person = Person(**parsed_body) try: person.save() except: print('ERROR: Can\'t create person.') print(sys.exc_info()) return error('Can\'t create person.') return JsonResponse(Person.admin_view(person))