def user_handler(self): if local.data['action'] == 'new': try: username = local.data['username'] password = local.data['password'] email = local.data['email'] firstname = local.data['firstname'] lastname = local.data['lastname'] institute = int(local.data['institute']) except KeyError: logger.warning('Missing parameters') return 'Bad request' token = self.hashpw(password) err = self.check_user(username) if err is not None: return err err = self.check_email(email) if err is not None: return err user = User( first_name=firstname, last_name=lastname, username=username, password=token, email=email, access_level=6, registration_time=make_datetime() ) user.institute_id = institute try: local.session.add(user) local.session.commit() except IntegrityError: return 'signup.user_exists' elif local.data['action'] == 'login': try: username = local.data['username'] password = local.data['password'] except KeyError: logger.warning('Missing parameter') return 'Bad request' token = self.hashpw(password) user = self.get_user(username, token) if user is None: return 'login.error' else: local.resp['token'] = token local.resp['user'] = self.get_user_info(user) elif local.data['action'] == 'get': user = local.session.query(User)\ .filter(User.username == local.data['username']).first() if user is None: return 'Not found' local.resp = self.get_user_info(user) # Append scores of tried tasks local.resp['scores'] = [] for ts in user.taskscores: taskinfo = dict() taskinfo['name'] = ts.task.name taskinfo['score'] = ts.score taskinfo['title'] = ts.task.title local.resp['scores'].append(taskinfo) elif local.data['action'] == 'list': query = local.session.query(User)\ .filter(User.hidden == False)\ .order_by(desc(User.score))\ .order_by(desc(User.id)) if 'institute' in local.data: query = query\ .filter(User.institute_id == local.data['institute']) users, local.resp['num'] = self.sliced_query(query) local.resp['users'] = map(self.get_user_info, users) elif local.data['action'] == 'update': if local.user is None: return 'Unauthorized' if 'institute' in local.data and \ local.data['institute'] is not None: local.user.institute_id = int(local.data['institute']) if 'email' in local.data and \ local.data['email'] != '' and \ local.user.email != local.data['email']: err = self.check_email(local.data['email']) if err is not None: return err local.user.email = local.data['email'] if 'old_password' in local.data and \ local.data['old_password'] != '': old_token = self.hashpw(local.data['old_password']) if local.user.password != old_token: return 'Wrong password' if len(local.data['password']) < 5: return 'Password\'s too short' new_token = self.hashpw(local.data['password']) local.user.password = new_token local.resp['token'] = new_token local.session.commit() else: return 'Bad request'
def user_handler(self): if local.data["action"] == "new": try: username = local.data["username"] password = local.data["password"] email = local.data["email"] firstname = local.data["firstname"] lastname = local.data["lastname"] institute = int(local.data["institute"]) except KeyError: logger.warning("Missing parameters") return "Bad request" token = self.hashpw(password) err = self.check_user(username) if err is not None: return err err = self.check_email(email) if err is not None: return err user = User( first_name=firstname, last_name=lastname, username=username, password=token, email=email, access_level=6, registration_time=make_datetime(), ) user.institute_id = institute try: local.session.add(user) local.session.commit() except IntegrityError: return "signup.user_exists" elif local.data["action"] == "login": try: username = local.data["username"] password = local.data["password"] except KeyError: logger.warning("Missing parameter") return "Bad request" token = self.hashpw(password) user = self.get_user(username, token) if user is None: return "login.error" else: local.resp["token"] = token local.resp["user"] = self.get_user_info(user) elif local.data["action"] == "get": user = local.session.query(User).filter(User.username == local.data["username"]).first() if user is None: return "Not found" local.resp = self.get_user_info(user) # Append scores of tried tasks local.resp["scores"] = [] for ts in user.taskscores: taskinfo = dict() taskinfo["name"] = ts.task.name taskinfo["score"] = ts.score taskinfo["title"] = ts.task.title local.resp["scores"].append(taskinfo) elif local.data["action"] == "list": query = ( local.session.query(User) .filter(User.hidden == False) .order_by(desc(User.score)) .order_by(desc(User.id)) ) if "institute" in local.data: query = query.filter(User.institute_id == local.data["institute"]) users, local.resp["num"] = self.sliced_query(query) local.resp["users"] = map(self.get_user_info, users) elif local.data["action"] == "update": if local.user is None: return "Unauthorized" if "institute" in local.data and local.data["institute"] is not None: local.user.institute_id = int(local.data["institute"]) if "email" in local.data and local.data["email"] != "" and local.user.email != local.data["email"]: err = self.check_email(local.data["email"]) if err is not None: return err local.user.email = local.data["email"] if "old_password" in local.data and local.data["old_password"] != "": old_token = self.hashpw(local.data["old_password"]) if local.user.password != old_token: return "Wrong password" if len(local.data["password"]) < 5: return "Password's too short" new_token = self.hashpw(local.data["password"]) local.user.password = new_token local.resp["token"] = new_token local.session.commit() else: return "Bad request"