def get_user_profile(): try: payload = get_payload() except jwt.exceptions.PyJWTError: # TODO: explain the error more obviously return format_response(data=None, success=False, message=_('You are not authorized'), status_code=401) user_id = payload['id'] connect_db() user = g.db.execute(sa.select([User ]).where(User.c.id == user_id)).fetchone() result = { 'username': user.username, 'name': user.name, 'email': user.email, 'referral_code': user.referral_code, 'registered_at': user.created.strftime('%Y-%m-%d %H:%M:%S') if user.created is not None else None } return format_response(data=result)
def update_user_profile(): try: payload = get_payload() except jwt.exceptions.PyJWTError: # TODO: explain the error more obviously return format_response(data=None, success=False, message=_('You are not authorized'), status_code=401) user_id = payload['id'] connect_db() user = g.db.execute(sa.select([User ]).where(User.c.id == user_id)).fetchone() form = ProfileForm(context={'user': user}, partial=True) data = form.load(request.json or {}) values_to_update = {'modified': sa.func.NOW()} for key in data: if key in ['username', 'name', 'email']: values_to_update.update({key: data[key]}) elif key == 'password': values_to_update.update( {'password': generate_password_hash(data[key])}) transaction = g.db.begin() g.db.execute( User.update().values(**values_to_update).where(User.c.id == user_id)) transaction.commit() return format_response(data=None)
def validate_referral_code(self, referral_code): connect_db() check = g.db.execute( sa.select([ User.c.id ]).where(User.c.referral_code == referral_code)).scalar() if not check: raise ValidationError(_('Invalid referral code'))
def validate_email(self, email): connect_db() check = g.db.execute( sa.select([User.c.id]).where(User.c.email == email)).scalar() if check: raise ValidationError( _('Email %(email)s already exists. Please input another email.', email=email))
def validate_username(self, username): connect_db() check = g.db.execute( sa.select([User.c.id ]).where(User.c.username == username)).scalar() if check: raise ValidationError( _('Username %(username)s already exists. Please input another username.', username=username))
def validate_username(self, data, **kwargs): connect_db() user = g.db.execute( sa.select( [User]).where(User.c.username == data['username'])).fetchone() if not user: raise ValidationError(_('Invalid username'), 'username') if not check_password_hash(user.password, data['password']): raise ValidationError(_('Invalid password'), 'password') self.context['user'] = user
def validate_email(self, email): user = self.context.get('user') connect_db() check = g.db.execute( sa.select([User.c.id]).where( sa.and_( User.c.email == email, User.c.id != user.id ) ) ).scalar() if check: raise ValidationError(_('Email %(email)s already exists. Please input another email.', email=email))
def validate_username(self, username): user = self.context.get('user') connect_db() check = g.db.execute( sa.select([User.c.id]).where( sa.and_( User.c.username == username, User.c.id != user.id ) ) ).scalar() if check: raise ValidationError(_('Username %(username)s already exists. Please input another username.', username=username))
def get_user_list(): # TODO: pagination try: get_payload() except jwt.exceptions.PyJWTError: # TODO: explain the error more obviously return format_response(data=None, success=False, message=_('You are not authorized'), status_code=401) redis = connect_redis() q = '' if request.method == 'POST': try: params = request.json or {} q = params.get('q', '') except: # TODO: except more correctly q = '' redis_key = f'user-list:q-{q}' if redis.exists(redis_key): result = redis.get(redis_key) else: connect_db() sql = sa.select([User]).order_by(sa.desc(User.c.created)) if q: sql = sql.where( sa.or_( User.c.name.like(f'%%{q}%%'), User.c.username.like(f'%%{q}%%') ) ) user_list = g.db.execute(sql).fetchall() result = [] for user in user_list: result.append({ 'id': user.id, 'username': user.username, 'name': user.name, 'registered_at': user.created.strftime('%Y-%m-%d %H:M:S') if user.created is None else None }) redis.set(redis_key, result) return format_response(data=result)
def get_user_detail(username): try: get_payload() except jwt.exceptions.PyJWTError: # TODO: explain the error more obviously return format_response(data=None, success=False, message=_('You are not authorized'), status_code=401) # TODO: redis redis = connect_redis() redis_key = f'user-detail-{username}' if redis.exists(redis_key): result = redis.get(redis_key) else: connect_db() user = g.db.execute( sa.select([User]).where(User.c.username == username)).fetchone() if not user: return format_response(data=None, success=False, message=_('User not found'), status_code=404) result = { 'username': user.username, 'name': user.name, 'email': user.email, # 'referral_code': user.referral_code, 'registered_at': user.created.strftime('%Y-%m-%d %H:%M:%S') if user.created is not None else None # TODO: may other users see this? } redis.set(redis_key, result) return format_response(data=result)
def register(): form = RegistrationForm() data = form.load(auto_trim(request.json or {})) connect_db() transaction = g.db.begin() referral_code = generate_referrral_code() password = generate_password_hash(data['password']) user_id = g.db.execute(User.insert().values( username=data['username'], password=password, name=data['name'], email=data['email'], referral_code=referral_code).returning(User.c.id)).scalar() # save referral code # get user_id by referral code referral_code = data.get('referral_code') if referral_code: redeemed_user_id = g.db.execute( sa.select([ User.c.id ]).where(User.c.referral_code == data['referral_code'])).scalar() g.db.execute(UserHasReferralCodes.insert().values( redeemed_referral_code=data['referral_code'], redeemed_user_id=redeemed_user_id, redeemer_user_id=user_id)) transaction.commit() result = { 'id': user_id, 'username': data['username'], 'name': data['name'], 'email': data['email'], 'referral_code': referral_code } return format_response(data=result)
def validate_referral_code(self, referral_code): # check if user has redeemed referral code before user_id = self.context.get('user_id') uhrc = UserHasReferralCodes.alias('uhrc') connect_db() user_has_redeemed = g.db.execute( sa.select([uhrc.c.id]).where(uhrc.c.redeemer_user_id == user_id) ).fetchone() if user_has_redeemed: raise ValidationError(_('You already redeemed referral code')) # check the owner of referral code user_referral_code = g.db.execute( sa.select([User.c.id]).where(User.c.referral_code == referral_code) ).scalar() if not user_referral_code: raise ValidationError(_('Invalid referral code')) if user_id == user_referral_code: raise ValidationError(_('You cannot redeem your own referral code')) self.context['user_referral_code'] = user_referral_code
#! /usr/bin/env python3 from app import app import sys if __name__ == '__main__': args = sys.argv if len(args) > 1: if args[1] == 'create-table': from app.models import meta_db from app.utils.connect_db import connect_db from flask import g with app.app_context(): connect_db() meta_db.create_all(g.db) else: app.run(host='0.0.0.0', port=app.config['PORT'])