Exemple #1
0
    def on_post(self, req, res):
        session = req.context['session']
        user_req = self.load_request(req, res)

        if user_req is not None:
            auth_id = AUTH_ID_EMAIL % user_req['email']
            user = User()
            user.username = user_req['username']
            user.email = user_req['email']
            user.password = hash_password(user_req['password']).decode('utf-8')
            user.lat = user_req['lat']
            user.lng = user_req['lng']
            user.phone = user_req['phone']
            user.auth_id = auth_id
            user.token = encrypt_token(auth_id + ':' + uuid()).decode('utf-8')
            user.attr = user_req['attr']
            session.add(user)
            res.status = falcon.HTTP_201
            res.body = self.to_json({
                'meta': {
                    'code': 201
                }
            })
        else:
            self.abort(falcon.HTTP_400, "Invalid Parameter")
 def on_post(self, req, res):
     code = req.context['data']['code']
     password = hash_password(req.context['data']['password'])
     self.cursor.callproc('sp_reset_password', [code, password, ])
     result = self.cursor.fetchone()
     res.status = falcon.HTTP_200 if result[0] else falcon.HTTP_401
     res.body = json.dumps({})
Exemple #3
0
    def on_post(self, req, res):
        session = req.context["session"]
        user_req = req.context["data"]
        if user_req:
            user = User()
            user.username = user_req["username"]
            user.email = user_req["email"]
            user.password = hash_password(user_req["password"]).decode("utf-8")
            user.info = user_req["info"] if "info" in user_req else None
            sid = uuid()
            user.sid = sid
            user.token = encrypt_token(sid).decode("utf-8")
            session.add(user)

            userData = {
                "username": user.username,
                "email": user.email,
                "info": user.info,
                "_id": sid,
                "user_id": user.sid,
                "token": user.token
            }

            self.on_success(res, userData)
        else:
            raise InvalidParameterError(req.context["data"])
 def on_post(self, req, res):
     code = req.context["data"]["code"]
     password = hash_password(req.context["data"]["password"])
     self.cursor.callproc("sp_reset_password", [code, password])
     result = self.cursor.fetchone()
     res.status = falcon.HTTP_200 if result[0] else falcon.HTTP_401
     res.body = json.dumps({})
Exemple #5
0
 def on_post(self, req, res):
     user_doc = {
         'email': req.context['data']['email'],
         'password': hash_password(req.context['data']['password'])
     }
     try:
         new_user = self.add_user(user_doc)
     except IntegrityError:
         title = 'Conflict'
         description = 'Email in use'
         raise falcon.HTTPConflict(title, description)
     req.context['result'] = {'token': generate_token(new_user)}
     res.status = falcon.HTTP_CREATED
Exemple #6
0
 def on_post(self, req, res):
     user_doc = {
         'email': req.context['data']['email'],
         'password': hash_password(req.context['data']['password'])
     }
     try:
         new_user = self.add_user(user_doc)
     except IntegrityError:
         title = 'Conflict'
         description = 'Email in use'
         raise falcon.HTTPConflict(title, description)
     req.context['result'] = {'token': generate_token(new_user)}
     res.status = falcon.HTTP_CREATED
Exemple #7
0
 def on_post(self, req, res):
     session = req.context["session"]
     user_req = req.context["data"]
     if user_req:
         user = User()
         user.email = user_req["email"]
         user.password = hash_password(user_req["password"]).decode("utf-8")
         sid = uuid()
         user.sid = sid
         user.token = encrypt_token(sid).decode("utf-8")
         session.add(user)
         self.on_post_success(res, None)
     else:
         raise InvalidParameterError(req.context["data"])
    def on_post(self, req, res):
        email = req.context["data"]["email"]
        password = hash_password(req.context["data"]["password"])

        try:
            self.cursor.callproc("sp_user_insert", [email, password])
        except IntegrityError:
            title = "Conflict"
            description = "Email in use"
            raise falcon.HTTPConflict(title, description)

        result = self.cursor.fetchone()[0]

        res.status = falcon.HTTP_201
        res.body = json.dumps({"token": generate_token(result)})
 def on_post(self, req, res):
     session = req.context['session']
     user_req = req.context['data']
     if user_req:
         user = User()
         user.username = user_req['username']
         user.email = user_req['email']
         user.password = hash_password(user_req['password']).decode('utf-8')
         user.info = user_req['info'] if 'info' in user_req else None
         sid = uuid()
         user.sid = sid
         user.token = encrypt_token(sid).decode('utf-8')
         session.add(user)
         self.on_success(res, None)
     else:
         raise InvalidParameterError(req.context['data'])
Exemple #10
0
def load_admin_user(session):
    """
    Load the initial admin user if it doesn't exist.
    """
    count_admin = session.query(User).join(
        Role, User.role == Role.id).filter(Role.code == 'admin').count()
    if count_admin == 0:
        role_id = session.query(Role.id).filter_by(code='admin').one()
        u = User(fn='Admin',
                 ln='User',
                 email='*****@*****.**',
                 role=role_id,
                 password=hash_password('admin'))
        session.add(u)
        session.flush()
        session.commit()
Exemple #11
0
 def on_post(self, req, res):
     session = req.context['session']
     user_req = req.context['data']
     if user_req:
         user = User()
         user.username = user_req['username']
         user.email = user_req['email']
         user.password = hash_password(user_req['password']).decode('utf-8')
         user.info = user_req['info'] if 'info' in user_req else None
         sid = uuid()
         user.sid = sid
         user.token = encrypt_token(sid).decode('utf-8')
         session.add(user)
         self.on_success(res, None)
     else:
         raise InvalidParameterError(req.context['data'])
    def on_post(self, req, res):
        email = req.context['data']['email']
        password = hash_password(req.context['data']['password'])

        try:
            self.cursor.callproc('sp_user_insert', [email, password])
        except IntegrityError:
            title = 'Conflict'
            description = 'Email in use'
            raise falcon.HTTPConflict(title, description)

        result = self.cursor.fetchone()[0]

        res.status = falcon.HTTP_201
        res.body = json.dumps({
            'token': generate_token(result)
        })
Exemple #13
0
 def on_post(self, req, res):
     session = req.context['session']
     request = req.context['data']
     if request:
         data = Users()
         data.fullname=request['fullname']
         data.username = request['username']
         data.email = request['email']
         data.password = hash_password(request['password']).decode('utf-8')
         data.token = encrypt_token(request['password']).decode('utf-8')
         data.phone_number=request['phone_number']
         data.address=request['address']
         data.account_number=request['account_number']
         data.birth_date=request['birth_date']
         data.role_id=request['role_id']
         data.birth_place_city_id=request['birth_place_city_id']
         session.add(data)
         self.on_success(res, None)
     else:
         raise InvalidParameterError(req.context['data'])
Exemple #14
0
 def on_post(self, req, res):
     """
     Create a new user. Will test the data passed to the resource.
     """
     session = req.context['session']
     data = json.loads(req.bounded_stream.read().decode())
     result = UserSchema().load(data)
     if result.errors:
         res.status = falcon.HTTP_BAD_REQUEST
         res.body = self.to_json({'errors': result.errors})
     else:
         roles = get_roles()
         user = User(email=data['email'],
                     fn=data['fn'],
                     ln=data['ln'],
                     password=hash_password(data['password']),
                     role=roles['member'])
         session.add(user)
         session.flush()
         schema = UserSchema()
         res.status = falcon.HTTP_200
         res.body = self.to_json(schema.dump(user).data)
    def on_post(self, req, res):
        cmd = re.split('\\W+', req.path)[-1:][0]

        if cmd == 'create_superadmin':
            session = req.context['db.session']
            user_req = req.context['data']
            if user_req:
                user = User()
                user.username = user_req['username']
                user.email = user_req['email']
                user.password = hash_password(
                    user_req['password']).decode('utf-8')
                user.phone = user_req['phone'] if 'phone' in user_req else None
                user.is_active = user_req['is_active']
                session.add(user)
                roles = user_req['role']
                for role in roles:
                    permission = Permission.find_by_name(session, role)
                    if not permission:
                        permission = Permission()
                        permission.name = role
                        session.add(permission)
                    permission.User.append(user)
                self.on_success(res, user_req)
            else:
                raise InvalidParameterError(req.context['data'])

        elif cmd == 'create_user':
            user_auth = auth_required(req, res)
            session = req.context['db.session']
            email = user_auth['email']
            user_db = User.find_by_email(session, email)
            if user_db:
                user_req = req.context['data']
                if user_req:
                    user = User()
                    user.username = user_req['username']
                    user.email = user_req['email']
                    user.password = hash_password(
                        user_req['password']).decode('utf-8')
                    user.phone = user_req[
                        'phone'] if 'phone' in user_req else None
                    user.is_active = user_req['is_active']
                    session.add(user)

                    roles = user_req['role']
                    for role in roles:
                        permission = Permission.find_by_name(session, role)
                        if not permission:
                            permission = Permission()
                            permission.name = role
                            session.add(permission)
                        permission.User.append(user)

                    group_id = user_req['group_id']
                    for gid in group_id:
                        group = Group_.get_id(session, gid)
                        if group:
                            group.User.append(user)

                    owners = user_req['owner_id']
                    for owner_id in owners:
                        owner = Owner.get_id(session, owner_id)
                        if not owner:
                            owner = Owner()
                            owner.owner_id = owner_id
                            session.add(owner)
                        owner.User.append(user)

                    self.on_success(res, user_req)
                else:
                    raise InvalidParameterError(req.context['data'])
            else:
                raise UserNotExistsError('User email: %s' % email)

        elif cmd == 'create_group':
            session = req.context['db.session']
            user_auth = auth_required(req, res)
            email = user_auth['email']
            user_db = User.find_by_email(session, email)
            if user_db:
                grp_req = req.context['data']
                if grp_req:
                    group = Group_()
                    group.name = grp_req['name']
                    group.email = grp_req['email']
                    group.size = grp_req['size']
                    session.add(group)
                    group.User.append(user_db)
                    self.on_success(res, grp_req)
                else:
                    raise InvalidParameterError(req.context['data'])
            else:
                raise UserNotExistsError('User email: %s' % email)

        elif cmd == 'update_records':
            session = req.context['db.session']
            user_auth = auth_required(req, res)
            email = user_auth['email']
            user_db = User.find_by_email(session, email)
            if user_db:
                user_req = req.context['data']
                TableClass = Base().get_class_by_tablename(
                    user_req['table_name'])
                if TableClass == None:
                    raise TablelNotFound("Table %s not found" %
                                         user_req['table_name'])
                TableObject = {
                    k: v
                    for k, v in user_req.items() if k != 'table_name'
                }
                session.query(TableClass).filter_by(
                    email=user_req['email']).update(TableObject)
                self.on_success(res, {'status': 'updated'})
            else:
                raise UserNotExistsError('User email: %s' % email)

        elif cmd == 'delete_records':
            session = req.context['db.session']
            user_auth = auth_required(req, res)
            email = user_auth['email']
            user_db = User.find_by_email(session, email)
            if user_db:
                user_req = req.context['data']
                TableClass = Base().get_class_by_tablename(
                    user_req['table_name'])
                if TableClass == None:
                    raise TablelNotFound("Table %s not found" %
                                         user_req['table_name'])
                session.query(TableClass).filter_by(
                    email=user_req['email']).delete()
                self.on_success(res, {'status': 'deleted'})
            else:
                raise UserNotExistsError('User email: %s' % email)

        else:
            raise UrlNotFound(req.context['data'])