def person(request):
if request.method == "POST":
if request.body:
jsonData = json.loads(request.body.decode("utf-8"))
if jsonData["id"]:
client_id = bleach.clean(jsonData["id"])
try:
person = Person.objects.filter(client_id=client_id)[0]
response = {
**Person.admin_view(person),
**{
'success': True
}
}
return JsonResponse(response, safe=False)
except IndexError:
return JsonResponse({"Error": "Invalid"}, safe=False)
except:
print(sys.exc_info())
return JsonResponse({"Error": "Invalid"}, safe=False)
def authenticate(request):
error = False
#print(request.body.decode("utf-8"))
if request.method == "POST":
if request.body:
jsonData = json.loads(request.body.decode("utf-8"))
if jsonData["username"] and jsonData["password"]:
username = bleach.clean(jsonData["username"])
password = jsonData["password"]
try:
person = Person.objects.filter(username=username)[0]
if bcrypt.checkpw(password.encode('utf-8'),
bytes(person.hashed_password)):
response = {
**Person.admin_view(person),
**{
'success': True
}
}
return JsonResponse(response, safe=False)
else:
return JsonResponse({"Error": "Invalid Login"},
safe=False)
except IndexError:
return JsonResponse({"Error": "Invalid Login"}, safe=False)
except:
print(sys.exc_info())
return JsonResponse({"Error": "Invalid Login"}, safe=False)
instructions = {
0: "New post must be submitted as POST request with a json body.",
1: {
"Required Fields:": {
0: "username",
1: "password"
}
}
}
return JsonResponse(instructions, safe=False)
def new_person(request):
required_method_type = "POST"
if not check_method_type(request, required_method_type):
return invalid_method(required_method_type)
try:
parsed_body = json.loads(request.body.decode('utf-8'))
except:
return error('no body')
for field in Person.required_fields:
if field not in parsed_body:
return error('mising fields')
if 'api_key' in parsed_body:
admin = check_api_key(parsed_body['api_key'])
else:
admin = False
if not admin:
return error('Admin only action')
parsed_body['hashed_password'] = bcrypt.hashpw(
parsed_body['password'].encode('utf-8'), bcrypt.gensalt())
try:
del parsed_body['password']
del parsed_body['api_key']
except KeyError:
return error('cant delete')
person = Person(**parsed_body)
try:
person.save()
except:
print('ERROR: Can\'t create person.')
print(sys.exc_info())
return error('Can\'t create person.')
return JsonResponse(Person.admin_view(person))
