def make_admin_user_for_ui_test(): try: post_data = request.get_json() email = expect(post_data['email'], str, 'email') name = expect(post_data['name'], str, 'name') password = expect(post_data['password'], str, 'password') except Exception as e: jsonify({'error': str(e)}), 400 errors = {} if len(password) < 8: errors['password'] = "******" if len(name) <= 3: errors['name'] = "You must specify a name of at least 3 characters." if len(errors.keys()) != 0: response_object = {'status': 'fail', 'error': errors} return jsonify(response_object), 411 insertionresult = add_user( name, email, bcrypt.generate_password_hash( password=password.encode('utf8')).decode("utf-8")) if 'error' in insertionresult: errors['email'] = insertionresult["error"] make_admin(email) userdata = get_user(email) if not userdata: errors['general'] = "Internal error, please try again later." if len(errors.keys()) != 0: response_object = {'status': 'fail', 'error': errors} return make_response(jsonify(response_object)), 400 else: userdata = { "email": userdata['email'], "name": userdata['name'], "preferences": userdata.get('preferences'), "isAdmin": True } user = User(userdata) jwt = create_access_token(user.to_json()) try: login_user(user.email, jwt) response_object = { 'status': 'success', 'auth_token': jwt, 'info': userdata } return make_response(jsonify(response_object)), 201 except Exception as e: response_object = {'status': 'fail', 'error': {'internal': e}} return make_response(jsonify(response_object)), 500
def make_admin_user_for_ui_test(): try: post_data = request.get_json() email = expect(post_data["email"], str, "email") name = expect(post_data["name"], str, "name") password = expect(post_data["password"], str, "password") except Exception as e: jsonify({"error": str(e)}), 400 errors = {} if len(password) < 8: errors["password"] = "******" if len(name) <= 3: errors["name"] = "You must specify a name of at least 3 characters." if len(errors.keys()) != 0: response_object = {"error": errors} return jsonify(response_object), 411 insertionresult = add_user( name, email, bcrypt.generate_password_hash( password=password.encode("utf8")).decode("utf-8"), ) if "error" in insertionresult: errors["email"] = insertionresult["error"] make_admin(email) userdata = get_user(email) if not userdata: errors["general"] = "Internal error, please try again later." if len(errors.keys()) != 0: response_object = {"error": errors} return make_response(jsonify(response_object)), 400 else: userdata = { "email": userdata["email"], "name": userdata["name"], "preferences": userdata.get("preferences"), "isAdmin": True, } user = User(userdata) jwt = create_access_token(user.to_json()) try: login_user(user.email, jwt) response_object = {"auth_token": jwt, "info": userdata} return make_response(jsonify(response_object)), 201 except Exception as e: response_object = {"error": {"internal": str(e)}} return make_response(jsonify(response_object)), 500
def login(): email = "" password = "" try: post_data = request.get_json() email = expect(post_data['email'], str, 'email') password = expect(post_data['password'], str, 'email') except Exception as e: jsonify({'error': str(e)}), 400 userdata = get_user(email) if not userdata: response_object = { 'status': 'fail', 'error': { 'email': 'Make sure your email is correct.' } } return make_response(jsonify(response_object)), 401 #if not bcrypt.check_password_hash(userdata['password'], password): if not bcrypt.check_password_hash(userdata['password'], password): response_object = { 'status': 'fail', 'error': { 'password': '******' } } return make_response(jsonify(response_object)), 401 userdata = { "email": userdata['email'], "name": userdata['name'], "preferences": userdata.get('preferences'), "isAdmin": userdata.get('isAdmin', False) } user = User(userdata) jwt = create_access_token(user.to_json()) try: login_user(user.email, jwt) response_object = { 'status': 'success', 'auth_token': jwt, 'info': userdata, } return make_response(jsonify(response_object)), 201 except Exception as e: response_object = {'status': 'fail', 'error': {'internal': e}} return make_response(jsonify(response_object)), 500
def api_delete_comment(): """ Delete a comment. Requires a valid JWT """ claims = get_jwt_claims() user_email = User.from_claims(claims).email post_data = request.get_json() try: comment_id = expect(post_data.get('comment_id'), str, 'comment_id') movie_id = expect(post_data.get('movie_id'), str, 'movie_id') delete_comment(comment_id, user_email) updated_comments = get_movie(movie_id).get('comments') return jsonify({'comments': updated_comments}), 200 except Exception as e: return jsonify({'error': str(e)}), 400
def api_post_comment(): """ Posts a comment about a specific movie. Validates the user is logged in by ensuring a valid JWT is provided """ claims = get_jwt_claims() user = User.from_claims(claims) post_data = request.get_json() try: movie_id = expect(post_data.get('movie_id'), str, 'movie_id') comment = expect(post_data.get('comment'), str, 'comment') add_comment(movie_id, user, comment, datetime.now()) updated_comments = get_movie(movie_id).get('comments') return jsonify({"comments": updated_comments}), 200 except Exception as e: return jsonify({'error': str(e)}), 400
def delete(): claims = get_jwt_claims() user = User.from_claims(claims) try: password = expect(request.get_json().get('password'), str, 'password') userdata = get_user(user.email) if (not user.email == userdata['email'] and not bcrypt.check_password_hash(userdata['password'], password)): response_object = { 'status': 'fail', 'error': {'password': '******'} } return make_response(jsonify(response_object)), 401 else: delete_user(user.email) response_object = { 'status': 'success' } return make_response(jsonify(response_object)), 201 except Exception as e: response_object = { 'status': 'fail', 'error': {'internal': e} } return make_response(jsonify(response_object)), 500
def login(): email = "" password = "" try: post_data = request.get_json() email = expect(post_data["email"], str, "email") password = expect(post_data["password"], str, "email") except Exception as e: jsonify({"error": str(e)}), 400 userdata = get_user(email) if not userdata: response_object = { "error": { "email": "Make sure your email is correct." } } return make_response(jsonify(response_object)), 401 if not bcrypt.check_password_hash(userdata["password"], password): response_object = { "error": { "password": "******" } } return make_response(jsonify(response_object)), 401 userdata = { "email": userdata["email"], "name": userdata["name"], "preferences": userdata.get("preferences"), "isAdmin": userdata.get("isAdmin", False), } user = User(userdata) jwt = create_access_token(user.to_json()) try: login_user(user.email, jwt) response_object = { "auth_token": jwt, "info": userdata, } return make_response(jsonify(response_object)), 201 except Exception as e: response_object = {"error": {"internal": e}} return make_response(jsonify(response_object)), 500
def api_update_comment(): """ Updates a user comment. Validates the user is logged in by ensuring a valid JWT is provided """ claims = get_jwt_claims() user_email = User.from_claims(claims).email post_data = request.get_json() try: comment_id = expect(post_data.get('comment_id'), str, 'comment_id') updated_comment = expect(post_data.get('updated_comment'), str, 'updated_comment') movie_id = expect(post_data.get('movie_id'), str, 'movie_id') update_comment(comment_id, user_email, updated_comment, datetime.now()) updated_comments = get_movie(movie_id).get('comments') return jsonify({"status": "success", "comments": updated_comments}) except Exception as e: return jsonify({'status': 'fail', 'error': str(e)})
def api_update_comment(): """ Updates a user comment. Validates the user is logged in by ensuring a valid JWT is provided """ claims = get_jwt_claims() user_email = User.from_claims(claims).email post_data = request.get_json() try: comment_id = expect(post_data.get('comment_id'), str, 'comment_id') updated_comment = expect(post_data.get('updated_comment'), str, 'updated_comment') movie_id = expect(post_data.get('movie_id'), str, 'movie_id') edit_result = update_comment(comment_id, user_email, updated_comment, datetime.now()) if edit_result.modified_count == 0: raise ValueError("no document updated") updated_comments = get_movie(movie_id).get('comments') return jsonify({"comments": updated_comments}), 200 except Exception as e: return jsonify({'error': str(e)}), 400
def save(): claims = get_jwt_claims() user = User.from_claims(claims) body = request.get_json() prefs = expect(body.get('preferences'), dict, 'preferences') try: # get an updated user, remove the password update_prefs(user.email, prefs) updated_user = User(get_user(user.email)) del updated_user.password updated_jwt = create_access_token(updated_user.to_json()) # lastly, update the user's session response_object = { 'auth_token': updated_jwt, 'info': updated_user.to_json(), } return make_response(jsonify(response_object)), 201 except Exception as e: response_object = {'error': {'internal': str(e)}} return make_response(jsonify(response_object)), 500
def delete(): claims = get_jwt_claims() user = User.from_claims(claims) try: password = expect(request.get_json().get("password"), str, "password") userdata = get_user(user.email) if not user.email == userdata[ "email"] and not bcrypt.check_password_hash( userdata["password"], password): response_object = { "error": { "password": "******" } } return make_response(jsonify(response_object)), 401 else: delete_user(user.email) response_object = {"status": "deleted"} return make_response(jsonify(response_object)), 201 except Exception as e: response_object = {"error": {"internal": str(e)}} return make_response(jsonify(response_object)), 500