def register(ctx, request):
try:
payload = request.json()
nickname = payload['nickname']
mail = payload['mail']
password = payload['password']
except KeyError as e:
raise HTTPBadRequest('{} is required'.format(e))
except Exception as e:
raise HTTPBadRequest(e)
user = User.query.filter(or_(User.nickname == nickname,
User.mail == mail)).first()
if user is not None:
return jsonify(code=400, message='user exist')
catalog = Catalog(name='notes')
user = User(nickname=nickname,
mail=mail,
catalogs=[catalog],
password=bcrypt.hashpw(password.encode(), bcrypt.gensalt()))
db.session.add(user)
try:
db.session.commit()
return jsonify(code=200)
except Exception as e:
logging.error(e)
db.session.rollback()
raise HTTPInternalServerError(e)
def delete(ctx, request):
catalog = Catalog.query.filter(Catalog.id == request.args['id']).first_or_404()
if catalog.user != request.principal.id:
raise exc.HTTPForbidden()
if Post.query.filter(Post.catalog == catalog.id).count():
return jsonify(code=422, message='posts not empty')
Catalog.query.filter(Catalog.id == request.args['id']).delete()
try:
db.session.commit()
except Exception as e:
logging.error(e)
db.session.rollback()
raise exc.HTTPInternalServerError(e)
return jsonify(code=200)
def get_all(ctx, request):
page = request.params.get('page', 1)
size = request.params.get('size', 50)
posts = Post.query.filter(Post.status == 1).paginate(page, size)
return jsonify(
code=200,
posts=posts.dictify(exclude={'author.password', 'author.catalogs'}))
def add_comment(ctx, request):
try:
payload = request.json()
pid = payload['post']
ref_id = payload.get('ref')
content = payload['content']
except Exception as e:
raise exc.HTTPBadRequest(e)
post = Post.query.filter(Post.id == pid).first_or_404(
'post {} not found'.format(pid))
ref = None
if ref_id is not None:
ref = Comment.query.filter(Comment.id == ref_id).first()
comment = Comment(content=content,
user=request.principal.id,
ref=ref.id,
post=pid,
timestamp=datetime.datetime.now())
db.session.add(comment)
try:
db.session.commit()
except Exception as e:
logging.error(e)
db.session.rollback()
raise exc.HTTPInternalServerError(e)
return jsonify(
code=200,
comment=comment.dictify(exclude={'user.password', 'user.catalogs'}))
def get(ctx, request):
post = Post.query.filter(Post.id == request.args['id']).first_or_404()
if post.status != 1:
if request.principal is None or request.principal.id != post.author.id:
raise exc.HTTPNotFound('post not exist or deleted')
return jsonify(
code=200,
post=post.dictify(exclude={'author.password', 'author.catalogs'}))
def get_all(ctx, request):
page = request.params.get('page', 1)
size = request.params.get('size', 50)
comments = Comment.query.filter(
Comment.post == request.args['id']).paginate(page, size)
return jsonify(
code=200,
comments=comments.dictify(exclude={'user.password', 'user.catalogs'}))
def edit(ctx, request):
post = Post.query.filter(Post.id == request.args['id']).first_or_404()
if post.author_id != request.principal.id:
raise exc.HTTPForbidden('it is not your post')
post.status = 0
db.session.add(post)
try:
db.session.commit()
except Exception as e:
logging.error(e)
db.session.rollback()
raise exc.HTTPInternalServerError(e)
return jsonify(
code=200,
post=post.dictify(exclude={'author.password', 'author.catalogs'}))
def like(ctx, request):
post = Post.query.filter(Post.id == request.args['id']).first_or_404()
user = request.principal
_like = Like.query.filter(Like.post_id == post.id).filter(
Like.user_id == user.id).first()
if _like is None:
_like = Like(post_id=post, user_id=user)
db.session.add(_like)
try:
db.session.commit()
except Exception as e:
logging.error(e)
db.session.rollback()
raise exc.HTTPInternalServerError(e)
return jsonify(code=200)
def login(ctx, request):
try:
payload = request.json()
mail = payload['mail']
password = payload['password']
except Exception as e:
raise HTTPBadRequest(e)
user = User.query.filter(User.email == mail).first_or_404('user {} not exist'.format(mail))
if bcrypt.hashpw(password.encode(), user.password.encode()) == user.password.encode():
key = ctx.config.get_string('auth.key')
exp = datetime.datetime.utcnow() + datetime.timedelta(hours=ctx.config.get_int('auth.exp'))
token = jwt.encode({'user': user.id, 'exp': exp}, key, 'HS512').decode()
return jsonify(code=200, token=token)
raise HTTPUnauthorized()
def create(ctx, request):
user = request.security.principal
catalog_id = int(request.params.get('catalog'))
catalog = Catalog.query.filter(
Catalog.id == catalog_id).first_or_404('catalog not found')
post = Post(author=user,
catalog=catalog,
timestamp=datetime.datetime.now())
db.session.add(post)
try:
db.session.commit()
return jsonify(code=200, post=post.dictify(relationships=False))
except Exception as e:
logging.error(e)
db.session.rollback()
raise exc.HTTPInternalServerError(e)
def add(ctx, request):
try:
name = request.json()['name']
except Exception as e:
raise exc.HTTPBadRequest(e)
user = request.principal
catalog = Catalog.query.filter(Catalog.user == user.id)\
.filter(Catalog.name == name).first()
if catalog is None:
catalog = Catalog(name=name, user=user.id)
db.session.add(catalog)
try:
db.session.commit()
except Exception as e:
logging.error(e)
db.session.rollback()
raise exc.HTTPInternalServerError(e)
return jsonify(code=200, catalog=catalog.dictify())
def update_post(request, status=0):
try:
payload = request.json()
post_id = payload['post']
content = payload.get('content')
title = payload.get('title')
catalog_id = payload.get('catalog')
except Exception as e:
raise exc.HTTPBadRequest(e)
post = Post.query.filter(Post.id == post_id).first_or_404()
if post.author_id != request.principal.id:
raise exc.HTTPForbidden('it is not your post')
if post.status != 0:
raise exc.HTTPBadRequest('post is published or deleted')
if title is not None:
post.title = title
if catalog_id is not None:
catalog = Catalog.query.filter(Catalog.id == catalog_id).first()
if catalog is not None:
post.catalog = catalog
if content is not None:
for line in content.splitlines():
m = img_re.search(line)
if m:
first_image = m.group(2)
post.image = first_image
break
post_content = PostContent.query.filter(
PostContent.id == post.id).first()
if post_content is None:
post_content = PostContent(content=content)
post_content.content = content
post.content = post_content
post.timestamp = datetime.datetime.now()
post.status = status
db.session.add(post)
try:
db.session.commit()
except Exception as e:
raise exc.HTTPInternalServerError(e)
return jsonify(
code=200,
post=post.dictify(exclude={'author.password', 'author.catalogs'}))
def get_all(ctx, request):
page = request.params.get('page', 1)
size = request.params.get('size', 50)
catalogs = Catalog.query.filter(Catalog.user == request.principal.id)\
.paginate(page, size)
return jsonify(code=200, catalogs=catalogs.dictify())
def reopen(ctx, request):
id = request.args.get('id')
ctx.storage.reopen(id)
return jsonify(code=200, id=id)
def done(app, request):
id = request.args.get('id')
app.storage.done(id)
return jsonify(code=200, id=id)
def list(ctx, request):
filter = request.args.get('filter')
todo = ctx.storage.list(filter)
return jsonify(code=200, todo=todo)
def add(ctx, request):
content = request.json()['content']
id = ctx.storage.add(content)
return jsonify(code=200, id=id)
def get(ctx, request):
name = request.args.get('name')
user = User.query.filter(User.name == name).first_or_404(
'user {} not exist'.format(name))
return jsonify(code=200, user=user.dictify())
