Example #1
0
def api_create_comment(id):
    data = toDict(json.loads(request.get_data(as_text=True)))
    try:
        if not data.content or not data.content.strip():
            raise APIValueError('content', 'Content is empty.')
    except APIValueError as e:
        r = make_response({'code': -1, 'message': e.message})
        r.content_type = 'application/json'
        return r
    user = request.__user__
    session = SessionFactory()
    blog = session.query(Blog).filter(Blog.id == id).one()
    try:
        if blog is None:
            raise APIResourceNotFoundError('Blog', 'Blog not found.')
    except APIResourceNotFoundError as e:
        session.close()
        r = make_response({'code': -1, 'message': e.message})
        r.content_type = 'application/json'
        return r
    comment = Comment(blog_id=blog.id,
                      user_id=user.id,
                      user_name=user.name,
                      user_image=user.image,
                      content=data.content.strip())
    session.add(comment)
    session.commit()
    session.close()
    r = make_response(json.dumps(comment, cls=AlchemyEncoder))
    r.content_type = 'application/json'
    return r
Example #2
0
def failed(msg='',**data):
    ret_val = {
        'status':Status.FAILED.value,
        'msg':msg,
    }
    ret_val.update(data)
    return toDict(ret_val)
Example #3
0
def error(msg = '',**data):
    ret_val = {
        'status':Status.ERROR.value,
        'msg':msg,
    }
    ret_val.update(data)
    return toDict(ret_val)
Example #4
0
def success(msg='',**data):
    ret_val = {
        'status':Status.SUCCESS.value,
        'msg':msg,
    }
    ret_val.update(data)
    return toDict(ret_val)
Example #5
0
def api_change_passwd():
    user = request.__user__
    if not user:
        return redirect("/signin")

    data = toDict(json.loads(request.get_data(as_text=True)))
    try:
        if not data.old_passwd or not _RE_SHA1.match(data.old_passwd):
            raise APIValueError('old_passwd')
        if not data.new_passwd or not _RE_SHA1.match(data.new_passwd):
            raise APIValueError('new_passwd')
    except APIValueError as e:
        r = make_response({'code': -1, 'message': e.message})
        r.content_type = 'application/json'
        return r

    session = SessionFactory()
    user = session.query(User).filter(User.id == user.id).one()
    try:
        if not user:
            raise APIError('change_passwd:failed', 'id',
                           'User does not exist in db.')
    except APIError as e:
        session.close()
        r = make_response({'code': -1, 'message': e.message})
        r.content_type = 'application/json'
        return r
    uid = user.id
    sha1_old_passwd = '%s:%s' % (uid, data.old_passwd)
    crypted_old_passwd = hashlib.sha1(
        sha1_old_passwd.encode('utf-8')).hexdigest()
    try:
        if crypted_old_passwd != user.passwd:
            raise APIError('change_passwd:failed', 'old_passwd',
                           'Old passwd is not correct.')
    except APIError as e:
        session.close()
        r = make_response({'code': -1, 'message': e.message})
        r.content_type = 'application/json'
        return r
    sha1_new_passwd = '%s:%s' % (uid, data.new_passwd)
    user.passwd = hashlib.sha1(sha1_new_passwd.encode('utf-8')).hexdigest()
    session.commit()
    session.close()
    r = make_response(json.dumps(user, cls=AlchemyEncoder))
    r.content_type = 'application/json'
    return r
Example #6
0
def api_update_blog(id):
    check_admin(request)
    data = toDict(json.loads(request.get_data(as_text=True)))
    session = SessionFactory()
    blog = session.query(Blog).filter(Blog.id==id).one()
    if not data.name or not data.name.strip():
        raise APIValueError('name', 'name cannot be empty.')
    if not data.summary or not data.summary.strip():
        raise APIValueError('summary', 'summary cannot be empty.')
    if not data.content or not data.content.strip():
        raise APIValueError('content', 'content cannot be empty.')
    blog.name = data.name.strip()
    blog.summary = data.summary.strip()
    blog.content = data.content.strip()
    session.commit()
    session.close()
    r = make_response(json.dumps(blog, cls=AlchemyEncoder))
    r.content_type = 'application/json'
    return r
Example #7
0
def authenticate():
    data = toDict(json.loads(request.get_data(as_text=True)))
    try:
        if not data.email:
            raise APIValueError('email', 'Invalid email.')
        if not data.passwd:
            raise APIValueError('passwd', 'Invalid password.')
    except APIValueError as e:
        r = make_response({'code': -1, 'message': e.message})
        r.content_type = 'application/json'
        return r
    session = SessionFactory()
    users = session.query(User).filter(User.email == data.email).all()
    session.close()
    try:
        if len(users) == 0:
            raise APIValueError('email', 'Email not exist.')
    except APIValueError as e:
        r = make_response({'code': -1, 'message': e.message})
        r.content_type = 'application/json'
        return r
    user = users[0]
    # check passwd:
    sha1 = hashlib.sha1()
    sha1.update(user.id.encode('utf-8'))
    sha1.update(b':')
    sha1.update(data.passwd.encode('utf-8'))
    try:
        if user.passwd != sha1.hexdigest():
            raise APIValueError('passwd', 'Invalid password.')
    except APIValueError as e:
        r = make_response({'code': -1, 'message': e.message})
        r.content_type = 'application/json'
        return r
    # authenticate ok, set cookie:
    cookie = user2cookie(user, 86400)
    user.passwd = '******'
    r = make_response(json.dumps(user, cls=AlchemyEncoder))
    r.set_cookie(COOKIE_NAME, cookie, max_age=86400, httponly=True)
    r.content_type = 'application/json'
    return r
Example #8
0
def api_register_user():
    data = toDict(json.loads(request.get_data(as_text=True)))
    try:
        if not data.name or not data.name.strip():
            raise APIValueError('name')
        if not data.email or not _RE_EMAIL.match(data.email):
            raise APIValueError('email')
        if not data.passwd or not _RE_SHA1.match(data.passwd):
            raise APIValueError('passwd')
    except APIValueError as e:
        r = make_response({'code': -1, 'message': e.message})
        r.content_type = 'application/json'
        return r
    session = SessionFactory()
    users = session.query(User).filter(User.email == data.email).all()
    try:
        if len(users) > 0:
            raise APIError('register:failed', 'email',
                           'Email is already in use.')
    except APIError as e:
        r = make_response({'code': -1, 'message': e.message})
        r.content_type = 'application/json'
        return r
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, data.passwd)
    user = User(id=uid,
                name=data.name.strip(),
                email=data.email,
                passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
                hashlib.md5(data.email.encode('utf-8')).hexdigest())
    session.add(user)
    session.commit()
    session.close()
    # make session cookie:
    cookie = user2cookie(user, 86400)
    user.passwd = '******'
    r = make_response(json.dumps(user, cls=AlchemyEncoder))
    r.set_cookie(COOKIE_NAME, cookie, max_age=86400, httponly=True)
    r.content_type = 'application/json'
    return r
Example #9
0
def api_create_blog():
    data = toDict(json.loads(request.get_data(as_text=True)))
    try:
        if not data.name or not data.name.strip():
            raise APIValueError('name', 'name cannot be empty.')
        if not data.summary or not data.summary.strip():
            raise APIValueError('summary', 'summary cannot be empty.')
        if not data.content or not data.content.strip():
            raise APIValueError('content', 'content cannot be empty.')
    except APIValueError as e:
        r = make_response({'code':-1, 'message': e.message})
        r.content_type ='application/json'
        return r
    blog = Blog(user_id=request.__user__.id, user_name=request.__user__.name, user_image=request.__user__.image, name=data.name.strip(), summary=data.summary.strip(), content=data.content.strip())
    session = SessionFactory()
    session.add(blog)
    session.commit()
    session.close()
    r = make_response(json.dumps(blog, cls=AlchemyEncoder))
    r.content_type = 'application/json'
    return r
Example #10
0
def error(msg="", **data):
    ret_val = {"status": Status.ERROR.value, "msg": msg}
    ret_val.update(data)
    return toDict(ret_val)
Example #11
0
def failed(msg="", **data):
    ret_val = {"status": Status.FAILED.value, "msg": msg}
    ret_val.update(data)
    return toDict(ret_val)
Example #12
0
def success(msg="", **data):
    ret_val = {"status": Status.SUCCESS.value, "msg": msg}
    ret_val.update(data)
    return toDict(ret_val)