def api_register_user(*, email, name, passwd): if not name or not name.strip(): raise apis.APIValueError('name') if not email or not _RE_EAMIL.match(email): raise apis.APIValueError('email') if not passwd or not _RE_SHA1.match(passwd): raise apis.APIValueError('passwd') users = yield from model.User.findAll('email=?', [email]) if len(users) > 0: raise apis.APIError('register;faild', 'email', 'email is already use') uid = model.next_id() sha1_pass = '******' % (uid, passwd) user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_pass.encode('utf-8')).hexdigest(), image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest()) yield from user.save() r = web.Response() r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True) user.passwd = '*******' r.content_type = 'application/json' r.body = json.dumps(user, ensure_ascii=False).encode('utf-8') return r
async def api_signin(*, email, passwd): if not email: raise apis.APIValueError('email', 'Invalid email') if not passwd: raise apis.APIValueError('passwd', 'Invalid password') users = await User.findAll('email=?', [email]) if len(users) == 0: raise apis.APIValueError('email', 'Email not exist') user = users[0] sha1 = hashlib.sha1() sha1.update(user.id.encode('utf-8')) sha1.update(b':') sha1.update(passwd.encode('utf-8')) if user.passwd != sha1.hexdigest(): raise apis.APIValueError('passwd', 'Invalid password.') # authenticate ok, set cookie r = web.Response() r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True) user.passwd = '******' r.content_type = 'application/json' r.body = json.dumps(user, ensure_ascii=False).encode('utf-8') return r
async def api_update_blog(id, request, *, name, summary, content): check_admin(request) blog = await Blog.find(id) if blog == None: raise apis.APIResourceNotFoundError('blog') if not name or not name.strip(): raise apis.APIValueError('name', 'name cannot be empty.') if not summary or not summary.strip(): raise apis.APIValueError('summary', 'summary cannot be empty.') if not content or not content.strip(): raise apis.APIValueError('content', 'content cannot be empty.') blog.name = name.strip() blog.summary = summary.strip() blog.content = content.strip() await blog.update() return blog
async def api_create_blog(request, *, name, summary, content): check_admin(request) if not name or not name.strip(): raise apis.APIValueError('name', 'name cannot be empty.') if not summary or not summary.strip(): raise apis.APIValueError('summary', 'summary cannot be empty.') if not content or not content.strip(): raise apis.APIValueError('content', 'content cannot be empty.') blog = Blog(user_id=request.__user__.id, user_name=request.__user__.name, user_image=request.__user__.image, name=name.strip(), summary=summary.strip(), content=content.strip()) await blog.save() return blog
def authenticate(*, email, passwd): if not email: raise apis.APIValueError('email', 'invalid eamil') if not passwd: raise apis.APIValueError('passwd', 'invalid passwd') users = yield from User.findAll('email=?', [email]) if len(users) == 0: raise apis.APIValueError('email', 'email is not exist') user = users[0] sha1 = hashlib.sha1() sha1.update(user.id.encode('utf-8')) sha1.update(passwd.encode('utf-8')) if user.passwd != sha1.hexdigest(): raise apis.APIValueError('passwd', 'invalid passwd') r = web.Response() r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True) user.passwd = "******" r.content_type = 'application/json' r.body = json.dumps(user, ensure_ascii=False).encode('utf-8') return r
async def api_create_comment(id, request, *, content): user = request.__user__ if user is None: raise apis.APIPermissionError('please signin first.') if not content: raise apis.APIValueError('content') blog = await Blog.find(id) if blog is None: raise apis.APIResourceNotFoundError('Blog') comment = Comment(blog_id=blog.id, user_id=user.id, user_name=user.name, user_image=user.image, content=content.strip()) await comment.save() return comment