def delete_task_by_id(task_id):
if ("WebAPIToken" not in session):
return _send_list_JSON({"error": "Login into system please"}, 403)
jsonbody = db.todos.find_one({"_id": ObjectId(task_id)})
if jsonbody["user_id"] == session["WebAPIToken"]:
db.todos.delete_one(jsonbody)
return _send_list_JSON({"message": "task was deleted"}, 200)
def get_task_by_id(task_id):
if ("WebAPIToken" not in session):
return _send_list_JSON({"error": "Login into system please"}, 403)
jsonbody = db.todos.find_one({"_id": ObjectId(task_id)})
del jsonbody["_id"]
del jsonbody["user_id"]
return _send_list_JSON(jsonbody)
def login():
jsonbody = request.get_json()
document = dict()
try:
document["id"] = str(db.users.find_one(jsonbody)["_id"])
session["WebAPIToken"] = document["id"]
encoded = jwt.encode(document, 'secret', algorithm='HS256')
return _send_list_JSON({"WebAPIToken": encoded})
except:
return _send_list_JSON({"error": "Login into system please"}, 403)
def tasks_list():
if ("WebAPIToken" not in session):
return _send_list_JSON({"error": "Login into system please"}, 403)
_items = db.todos.find({"user_id": session["WebAPIToken"]})
items = list()
for item in _items:
item["id"] = str(item["_id"])
del item["_id"]
del item["user_id"]
items.append(item)
return _send_list_JSON(items)
def put_task_by_id(task_id):
jsonbody = request.get_json()
if ("WebAPIToken" not in session):
return _send_list_JSON({"error": "Login into system please"}, 403)
elif (jwt.decode(jsonbody['WebAPIToken'], 'secret',
algorithms=['HS256'])['id'] == session["WebAPIToken"]):
try:
del jsonbody["WebAPIToken"]
db.todos.update({"_id": ObjectId(task_id)}, {"$set": jsonbody})
updateresult = db.todos.find_one({"_id": ObjectId(task_id)})
del updateresult["_id"]
return _send_list_JSON(updateresult)
except Exception, e:
return _send_list_JSON({"error": e}, 400)
def add_new_user():
jsonbody = request.get_json()
if ("username" in jsonbody) and ("password" in jsonbody):
result = db.users.insert_one(jsonbody)
document = dict()
document = db.users.find_one({"_id": result.inserted_id})
document["id"] = str(document["_id"])
del document["_id"]
return _send_list_JSON(document, 201)
def add_task():
if ("WebAPIToken" not in session):
return _send_list_JSON({"error": "Login into system please"}, 403)
jsonbody = request.get_json()
userToken = jwt.decode(jsonbody['WebAPIToken'],
'secret',
algorithms=['HS256'])
if (userToken["id"] == session["WebAPIToken"]):
jsonbody["user_id"] = session["WebAPIToken"]
del jsonbody['WebAPIToken']
try:
db.todos.insert(jsonbody)
jsonbody["id"] = str(jsonbody["_id"])
del jsonbody["_id"]
del jsonbody["user_id"]
return _send_list_JSON(jsonbody)
except Exception as e:
return _send_list_JSON({"error": e}, 400)
else:
return _send_list_JSON({"error": "Login into system please"}, 403)
return _send_list_JSON(jsonbody)
@taskRouter.route('/api/tasks/<task_id>', methods=['PUT'])
def put_task_by_id(task_id):
jsonbody = request.get_json()
if ("WebAPIToken" not in session):
return _send_list_JSON({"error": "Login into system please"}, 403)
elif (jwt.decode(jsonbody['WebAPIToken'], 'secret',
algorithms=['HS256'])['id'] == session["WebAPIToken"]):
try:
del jsonbody["WebAPIToken"]
db.todos.update({"_id": ObjectId(task_id)}, {"$set": jsonbody})
updateresult = db.todos.find_one({"_id": ObjectId(task_id)})
del updateresult["_id"]
return _send_list_JSON(updateresult)
except Exception, e:
return _send_list_JSON({"error": e}, 400)
else:
return _send_list_JSON({"error": "Access forbiden"}, 403)
@taskRouter.route('/api/tasks/<task_id>', methods=['DELETE'])
def delete_task_by_id(task_id):
if ("WebAPIToken" not in session):
return _send_list_JSON({"error": "Login into system please"}, 403)
jsonbody = db.todos.find_one({"_id": ObjectId(task_id)})
if jsonbody["user_id"] == session["WebAPIToken"]:
db.todos.delete_one(jsonbody)
return _send_list_JSON({"message": "task was deleted"}, 200)
def get_token():
session.pop("WebAPIToken", None)
return _send_list_JSON({"message": "User logged out"})