def CompleteSignup(self, request, context):
"""
Completes user sign up by creating the user in question, then logs them in.
TODO: nice error handling for dupe username/email?
"""
with session_scope(self._Session) as session:
signup_token = (
session.query(SignupToken)
.filter(SignupToken.token == request.signup_token)
.filter(SignupToken.is_valid)
.one_or_none()
)
if not signup_token:
context.abort(grpc.StatusCode.NOT_FOUND, errors.INVALID_TOKEN)
# should be in YYYY-MM-DD format
try:
birthdate = datetime.fromisoformat(request.birthdate)
except ValueError:
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_BIRTHDATE)
# check email again
if not is_valid_email(signup_token.email):
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_EMAIL)
# check username validity
if not is_valid_username(request.username):
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_USERNAME)
# check name validity
if not is_valid_name(request.name):
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_NAME)
if not request.hosting_status:
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.HOSTING_STATUS_REQUIRED)
if not self._username_available(request.username):
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.USERNAME_NOT_AVAILABLE)
user = User(
email=signup_token.email,
username=request.username,
name=request.name,
city=request.city,
gender=request.gender,
birthdate=birthdate,
hosting_status=hostingstatus2sql[request.hosting_status],
)
# happens in same transaction
session.delete(signup_token)
# enforces email/username uniqueness
session.add(user)
session.commit()
token = self._create_session(context, session, user)
return auth_pb2.AuthRes(token=token, jailed=user.is_jailed)
def test_is_valid_name():
assert is_valid_name("a")
assert is_valid_name("a b")
assert is_valid_name("1")
assert is_valid_name("老子")
assert not is_valid_name(" ")
assert not is_valid_name("")
assert not is_valid_name(" ")
def UpdateProfile(self, request, context):
# users can't change gender themselves to avoid filter evasion
if request.HasField("gender"):
context.abort(grpc.StatusCode.PERMISSION_DENIED, errors.CANT_CHANGE_GENDER)
with session_scope() as session:
user = session.query(User).filter(User.id == context.user_id).one()
if request.HasField("name"):
if not is_valid_name(request.name.value):
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_NAME)
user.name = request.name.value
if request.HasField("city"):
user.city = request.city.value
if request.HasField("hometown"):
if request.hometown.is_null:
user.hometown = None
else:
user.hometown = request.hometown.value
if request.HasField("lat") and request.HasField("lng"):
if request.lat.value == 0 and request.lng.value == 0:
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_COORDINATE)
user.geom = create_coordinate(request.lat.value, request.lng.value)
if request.HasField("radius"):
user.geom_radius = request.radius.value
if request.HasField("avatar_key"):
if request.avatar_key.is_null:
user.avatar_key = None
else:
user.avatar_key = request.avatar_key.value
# if request.HasField("gender"):
# user.gender = request.gender.value
if request.HasField("pronouns"):
if request.pronouns.is_null:
user.pronouns = None
else:
user.pronouns = request.pronouns.value
if request.HasField("occupation"):
if request.occupation.is_null:
user.occupation = None
else:
user.occupation = request.occupation.value
if request.HasField("education"):
if request.education.is_null:
user.education = None
else:
user.education = request.education.value
if request.HasField("about_me"):
if request.about_me.is_null:
user.about_me = None
else:
user.about_me = request.about_me.value
if request.HasField("my_travels"):
if request.my_travels.is_null:
user.my_travels = None
else:
user.my_travels = request.my_travels.value
if request.HasField("things_i_like"):
if request.things_i_like.is_null:
user.things_i_like = None
else:
user.things_i_like = request.things_i_like.value
if request.HasField("about_place"):
if request.about_place.is_null:
user.about_place = None
else:
user.about_place = request.about_place.value
if request.hosting_status != api_pb2.HOSTING_STATUS_UNSPECIFIED:
user.hosting_status = hostingstatus2sql[request.hosting_status]
if request.meetup_status != api_pb2.MEETUP_STATUS_UNSPECIFIED:
user.meetup_status = meetupstatus2sql[request.meetup_status]
if request.languages.exists:
user.languages = "|".join(request.languages.value)
if request.countries_visited.exists:
user.countries_visited = "|".join(request.countries_visited.value)
if request.countries_lived.exists:
user.countries_lived = "|".join(request.countries_lived.value)
if request.HasField("additional_information"):
if request.additional_information.is_null:
user.additional_information = None
else:
user.additional_information = request.additional_information.value
if request.HasField("max_guests"):
if request.max_guests.is_null:
user.max_guests = None
else:
user.max_guests = request.max_guests.value
if request.HasField("last_minute"):
if request.last_minute.is_null:
user.last_minute = None
else:
user.last_minute = request.last_minute.value
if request.HasField("has_pets"):
if request.has_pets.is_null:
user.has_pets = None
else:
user.has_pets = request.has_pets.value
if request.HasField("accepts_pets"):
if request.accepts_pets.is_null:
user.accepts_pets = None
else:
user.accepts_pets = request.accepts_pets.value
if request.HasField("pet_details"):
if request.pet_details.is_null:
user.pet_details = None
else:
user.pet_details = request.pet_details.value
if request.HasField("has_kids"):
if request.has_kids.is_null:
user.has_kids = None
else:
user.has_kids = request.has_kids.value
if request.HasField("accepts_kids"):
if request.accepts_kids.is_null:
user.accepts_kids = None
else:
user.accepts_kids = request.accepts_kids.value
if request.HasField("kid_details"):
if request.kid_details.is_null:
user.kid_details = None
else:
user.kid_details = request.kid_details.value
if request.HasField("has_housemates"):
if request.has_housemates.is_null:
user.has_housemates = None
else:
user.has_housemates = request.has_housemates.value
if request.HasField("housemate_details"):
if request.housemate_details.is_null:
user.housemate_details = None
else:
user.housemate_details = request.housemate_details.value
if request.HasField("wheelchair_accessible"):
if request.wheelchair_accessible.is_null:
user.wheelchair_accessible = None
else:
user.wheelchair_accessible = request.wheelchair_accessible.value
if request.smoking_allowed != api_pb2.SMOKING_LOCATION_UNSPECIFIED:
user.smoking_allowed = smokinglocation2sql[request.smoking_allowed]
if request.HasField("smokes_at_home"):
if request.smokes_at_home.is_null:
user.smokes_at_home = None
else:
user.smokes_at_home = request.smokes_at_home.value
if request.HasField("drinking_allowed"):
if request.drinking_allowed.is_null:
user.drinking_allowed = None
else:
user.drinking_allowed = request.drinking_allowed.value
if request.HasField("drinks_at_home"):
if request.drinks_at_home.is_null:
user.drinks_at_home = None
else:
user.drinks_at_home = request.drinks_at_home.value
if request.HasField("other_host_info"):
if request.other_host_info.is_null:
user.other_host_info = None
else:
user.other_host_info = request.other_host_info.value
if request.sleeping_arrangement != api_pb2.SLEEPING_ARRANGEMENT_UNSPECIFIED:
user.sleeping_arrangement = sleepingarrangement2sql[request.sleeping_arrangement]
if request.HasField("sleeping_details"):
if request.sleeping_details.is_null:
user.sleeping_details = None
else:
user.sleeping_details = request.sleeping_details.value
if request.HasField("area"):
if request.area.is_null:
user.area = None
else:
user.area = request.area.value
if request.HasField("house_rules"):
if request.house_rules.is_null:
user.house_rules = None
else:
user.house_rules = request.house_rules.value
if request.HasField("parking"):
if request.parking.is_null:
user.parking = None
else:
user.parking = request.parking.value
if request.parking_details != api_pb2.PARKING_DETAILS_UNSPECIFIED:
user.parking_details = parkingdetails2sql[request.parking_details]
if request.HasField("camping_ok"):
if request.camping_ok.is_null:
user.camping_ok = None
else:
user.camping_ok = request.camping_ok.value
# save updates
session.commit()
return empty_pb2.Empty()
def CompleteSignup(self, request, context):
"""
Completes user sign up by creating the user in question, then logs them in.
TODO: nice error handling for dupe username/email?
"""
with session_scope() as session:
signup_token = (
session.query(SignupToken)
.filter(SignupToken.token == request.signup_token)
.filter(SignupToken.is_valid)
.one_or_none()
)
if not signup_token:
context.abort(grpc.StatusCode.NOT_FOUND, errors.INVALID_TOKEN)
# check birthdate validity (YYYY-MM-DD format and in the past)
try:
birthdate = datetime.fromisoformat(request.birthdate)
except ValueError:
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_BIRTHDATE)
if pytz.UTC.localize(birthdate) >= now():
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_BIRTHDATE)
# check email again
if not is_valid_email(signup_token.email):
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_EMAIL)
# check username validity
if not is_valid_username(request.username):
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_USERNAME)
# check name validity
if not is_valid_name(request.name):
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_NAME)
if not request.hosting_status:
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.HOSTING_STATUS_REQUIRED)
if not self._username_available(request.username):
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.USERNAME_NOT_AVAILABLE)
if request.lat == 0 and request.lng == 0:
context.abort(grpc.StatusCode.INVALID_ARGUMENT, errors.INVALID_COORDINATE)
user = User(
email=signup_token.email,
username=request.username,
name=request.name,
gender=request.gender,
birthdate=birthdate,
hosting_status=hostingstatus2sql[request.hosting_status],
city=request.city,
geom=create_coordinate(request.lat, request.lng),
geom_radius=request.radius,
accepted_tos=1 if request.accept_tos else 0,
)
# happens in same transaction
session.delete(signup_token)
# enforces email/username uniqueness
session.add(user)
session.commit()
token, expiry = self._create_session(context, session, user, False)
context.send_initial_metadata(
[
("set-cookie", create_session_cookie(token, expiry)),
]
)
return auth_pb2.AuthRes(jailed=user.is_jailed)
def UpdateProfile(self, request, context):
with session_scope(self._Session) as session:
user = session.query(User).filter(User.id == context.user_id).one()
if request.HasField("name"):
if not is_valid_name(request.name.value):
context.abort(grpc.StatusCode.INVALID_ARGUMENT,
errors.INVALID_NAME)
user.name = request.name.value
if request.HasField("city"):
user.city = request.city.value
if request.HasField("gender"):
user.gender = request.gender.value
if request.HasField("occupation"):
if request.occupation.is_null:
user.occupation = None
else:
user.occupation = request.occupation.value
if request.HasField("about_me"):
if request.about_me.is_null:
user.about_me = None
else:
user.about_me = request.about_me.value
if request.HasField("about_place"):
if request.about_place.is_null:
user.about_place = None
else:
user.about_place = request.about_place.value
if request.HasField("color"):
color = request.color.value.lower()
if not is_valid_color(color):
context.abort(grpc.StatusCode.INVALID_ARGUMENT,
errors.INVALID_COLOR)
user.color = color
if request.hosting_status != api_pb2.HOSTING_STATUS_UNSPECIFIED:
user.hosting_status = hostingstatus2sql[request.hosting_status]
if request.languages.exists:
user.languages = "|".join(request.languages.value)
if request.countries_visited.exists:
user.countries_visited = "|".join(
request.countries_visited.value)
if request.countries_lived.exists:
user.countries_lived = "|".join(request.countries_lived.value)
if request.HasField("max_guests"):
if request.max_guests.is_null:
user.max_guests = None
else:
user.max_guests = request.max_guests.value
if request.HasField("multiple_groups"):
if request.multiple_groups.is_null:
user.multiple_groups = None
else:
user.multiple_groups = request.multiple_groups.value
if request.HasField("last_minute"):
if request.last_minute.is_null:
user.last_minute = None
else:
user.last_minute = request.last_minute.value
if request.HasField("accepts_pets"):
if request.accepts_pets.is_null:
user.accepts_pets = None
else:
user.accepts_pets = request.accepts_pets.value
if request.HasField("accepts_kids"):
if request.accepts_kids.is_null:
user.accepts_kids = None
else:
user.accepts_kids = request.accepts_kids.value
if request.HasField("wheelchair_accessible"):
if request.wheelchair_accessible.is_null:
user.wheelchair_accessible = None
else:
user.wheelchair_accessible = request.wheelchair_accessible.value
if request.smoking_allowed != api_pb2.SMOKING_LOCATION_UNSPECIFIED:
user.smoking_allowed = smokinglocation2sql[
request.smoking_allowed]
if request.HasField("sleeping_arrangement"):
if request.sleeping_arrangement.is_null:
user.sleeping_arrangement = None
else:
user.sleeping_arrangement = request.sleeping_arrangement.value
if request.HasField("area"):
if request.area.is_null:
user.area = None
else:
user.area = request.area.value
if request.HasField("house_rules"):
if request.house_rules.is_null:
user.house_rules = None
else:
user.house_rules = request.house_rules.value
# save updates
session.commit()
return empty_pb2.Empty()