def get(self, data, token): if data is None: return throw_error(400, 'Data is null') email = data['email'] user = sess.query(User).filter(User.email==email).first() if user is None: return throw_error(400, 'No such user') returns = [] customfields = sess.query(CustomField).filter(CustomField.user_id==user.id).all() returns.append(\ {\ "firstname": user.firstname, "lastname": user.lastname, "email": user.email, "avatar_url": user.avatar_url, "password": user.password.decode(encoding='UTF-8'), "master" : user.master, "id": user.id, "created": user.created, "custom_fields":\ [{"key": field.key, "value": field.value} for field in customfields] } ) return {'status' : 200, 'users' : returns, "errors" : None}
def delete(self, data, token): user = sess.query(User).filter(User.id==data['id']).first() if user is not None: if user.token != token: return throw_error(400, 'Bad token') sess.delete(user) sess.commit() return throw_error(200, 'null') else: return throw_error(400, 'No such user')
def call(function): if request.method == 'GET': response_object = throw_error(400, 'GET is not allowed') result = jsonify(response_object) result.status_code = response_object['status'] return result klazz = function.split('.')[0].title() if klazz in valid_classes: response_object = getattr(globals()[klazz](), function.split('.')[1])(data=request.get_json(), token=token) result = jsonify(response_object) result.status_code = response_object['status'] return result else: abort(403)
def login(self, data, token): user_data = self.get(data, token) if 'users' in user_data: users = user_data['users'] if len(users) > 0: user = users[0] else: return throw_error(404, 'No matching users found') else: return throw_error(404, 'No matching users found') # Making sure we recieve a valid password if 'password' in data: request_pass = data['password'] else: throw_error(422, 'No password provided') if 'password' in user: real_pass = decrypt(user['password']) else: throw_error(500, 'Could not find a password for this user') # Validation for the password ok = (request_pass == real_pass) # We are signing in the user if the validation of the password is valid if ok is True: session['user_id'] = user['id'] return {'status': 200, 'user_id': session['user_id'] ,"errors": None} else: try: del session['user_id'] except KeyError: pass return throw_error(202, 'Wrong password')
def register(self, data, token): ids = [] if 'users' not in data: return throw_error(422, 'JSON missing users array') for user in data['users']: existing_user = sess.query(User).filter(User.email==user['email']).first() if existing_user is not None: return throw_error(202, 'User already exists') try: u = User(\ firstname=user['firstname'],\ lastname=user['lastname'],\ email=user['email'],\ avatar_url=user['avatar_url'],\ password=encrypt(user['password']),\ master=user['master'],\ token=token ) except KeyError: return throw_error(422, 'Invalid data') # Validating the password, is it equal to the confirmation password? if u.password != encrypt(user['password_confirm']): return throw_error(202, 'Passwords does not match!') # Validating each field of the user for attr, value in u.__dict__.items(): if value is '' or value is ' ' or value is None: return throw_error(422, 'Value of {attribute} is empty.'.format(attribute=attr)) # adding user to database sess.add(u) # flushing the session sess.flush() # refreshing the user object to obtain the new id sess.refresh(u) # collecting the id of the user ids.append(u.id) # Adding custom_fields if there are any if 'custom_fields' in user: print(user['custom_fields']) for field in user['custom_fields']: try: customfield = CustomField( key=field['key'], value=field['value'], user_id=u.id\ ) except (TypeError, KeyError): return throw_error(422, 'custom_fields is malformed') sess.add(customfield) # Finally, we are saving the user sess.commit() return {'status' : 201, 'ids' : ids, "errors" : None}