def create_session(self, **payload):
_output = OutputManager()
_validator_key = self.create_session.__name__
try:
# Validate user inputs
InputValidator(_validator_key).validate(payload)
try:
_account = self.__get_account(email=payload['email'])
# Compare user password with hash
if self.__verify_password_hash(payload['password'],
_account.password):
_new_token = binascii.hexlify(
os.urandom(SessionBase.AUTH_TOKEN_LENGTH))
_new_token = _new_token.decode(encoding='utf-8')
try:
self.session_db.set(_new_token, _account.id)
self.session_db.expire(_new_token,
SessionBase.AUTH_TOKEN_TTL)
self.session_db.rpush(_account.id, _new_token)
self.session_db.ltrim(_account.id, 0, 999)
return _output.output(
status=ResponseCodes.OK['success'],
data={'auth_token': _new_token})
except RedisError as e:
return _output.output(
status=ResponseCodes.
INTERNAL_SERVER_ERROR['internalError'])
else:
return _output.output(
status=ResponseCodes.UNAUTHORIZED['authError'])
except (NoResultFound, MultipleResultsFound):
return _output.output(
status=ResponseCodes.UNAUTHORIZED['authError'])
except SQLAlchemyError:
return _output.output(status=ResponseCodes.
INTERNAL_SERVER_ERROR['internalError'])
except MultipleInvalid as e:
error_parser = InputErrorParser()
return _output.output(
status=ResponseCodes.BAD_REQUEST['invalidQuery'],
data=error_parser.translate_errors(e))
def create_account(self, **payload):
_output = OutputManager()
_validator_key = self.create_account.__name__
try:
# Validate user inputs
InputValidator(_validator_key).validate(payload)
# Check if account already exists
try:
if self.__has_account(email=payload['email']):
return _output.output(
status=ResponseCodes.FORBIDDEN['accountExists'],
data={
'email':
'Email address is already associated with an existing account'
})
except SQLAlchemyError:
return _output.output(status=ResponseCodes.
INTERNAL_SERVER_ERROR['internalError'])
# Hash the received password
payload['password'] = self.hash_password(payload['password'])
try:
# Create a new account
_new_account = Account(**payload)
self.puppet_db.add(_new_account)
self.puppet_db.commit()
return _output.output(status=ResponseCodes.OK['success'])
except SQLAlchemyError:
self.puppet_db.rollback()
return _output.output(status=ResponseCodes.
INTERNAL_SERVER_ERROR['internalError'])
except MultipleInvalid as e:
error_parser = InputErrorParser()
return _output.output(
status=ResponseCodes.BAD_REQUEST['invalidQuery'],
data=error_parser.translate_errors(e))
def update_account(self, **payload):
_output = OutputManager()
try:
self.protect()
_validator_key = self.update_account.__name__
_update_list = {}
try:
# Validate user inputs
InputValidator(_validator_key).validate(payload)
if 'first_name' in payload:
_update_list[Account.first_name] = payload['first_name']
if 'last_name' in payload:
_update_list[Account.last_name] = payload['last_name']
if 'password' in payload:
# Hash the received password
_update_list[Account.password] = self.hash_password(
payload['password'])
if not _update_list:
return _output.output(
status=ResponseCodes.BAD_REQUEST['invalidQuery'])
else:
try:
# Update table with new values
self.puppet_db.query(Account).filter(
Account.id == self.get_account_id()).update(
_update_list)
if 'password' in payload:
try:
self.delete_all_sessions()
except SessionError:
self.puppet_db.rollback()
return _output.output(
status=ResponseCodes.
INTERNAL_SERVER_ERROR['internalError'])
self.puppet_db.commit()
return _output.output(
status=ResponseCodes.OK['success'])
except SQLAlchemyError:
self.puppet_db.rollback()
return _output.output(
status=ResponseCodes.
INTERNAL_SERVER_ERROR['internalError'])
except MultipleInvalid as e:
error_parser = InputErrorParser()
return _output.output(
status=ResponseCodes.BAD_REQUEST['invalidQuery'],
data=error_parser.translate_errors(e))
except InvalidSession:
return _output.output(
status=ResponseCodes.UNAUTHORIZED['authError'])
