def get(self, user_id):
user = User(user_id)
info = user.get_info()
if info is None:
return {'message': "Resource not found"}, 404
else:
return {
'user_id': int(user_id),
'username': info.username,
'email': info.email,
'admin': int(info.admin),
}, 200
def get(self):
# Get user_id from token
token = request.headers.get('AUTH-TOKEN')
token_info = jwt.decode(token, SECRET_KEY, algorithms='HS256')
user_id = token_info['id']
user = User(user_id)
info = user.get_info()
if info is None:
return {'message': "Resource not found"}, 404
else:
return {
'user_id': int(user_id),
'username': info.username,
'email': info.email,
'admin': int(info.admin),
}, 200
def put(self):
info = request.json
new_email = info['email']
# input cannot be empty string
if new_email == "":
return {
'message': 'Update failed. new username cannot be empty'
}, 401
if User.is_user_exists_by_email(new_email):
return {'message': 'This email already been registered'}, 401
# Get user's detail from token
token = request.headers.get('AUTH-TOKEN')
token_info = jwt.decode(token, SECRET_KEY, algorithms='HS256')
# Get user object
id = token_info['id']
user = User(id)
try:
user.update_email(new_email)
except pymysql.Error as e:
return {'message': e.args[1]}, 500
return {'message': 'Change email address successfully'}, 200
def new_review(user_id, book_id, rating, content):
user = User(user_id)
username = user.get_username()
# SQL
conn = connect_sys_db()
query = "SELECT * FROM review_rate WHERE (user_id = \'{user_id}\' AND book_id = \'{book_id}\')".format(
user_id=user_id, book_id=book_id)
db_result = read_sql(sql=query, con=conn)
# If review does not exist
if db_result.empty:
query = "INSERT INTO review_rate VALUES(\'{book_id}\',\'{user_id}\',\'{username}\',\'{rating}\',\'{content}\',\'{time}\')".format(
user_id=user_id,
book_id=book_id,
username=username,
rating=rating,
content=content,
time=datetime.datetime.utcnow())
with mysql(conn) as cursor:
cursor.execute(query)
return True
else:
return False
def put(self):
info = request.json
new_password = info['new_password']
old_password = info['old_password']
# new password cannot be empty string
if new_password == "" or old_password == "":
return {
'message':
'Update failed. Both old password and new password cannot be empty'
}, 401
# Get user's detail from token
token = request.headers.get('AUTH-TOKEN')
token_info = jwt.decode(token, SECRET_KEY, algorithms='HS256')
# Get user object
id = token_info['id']
user = User(id)
try:
if not user.update_password(old_password, new_password):
return {'message': 'Old password is wrong'}, 401
else:
return {'message': 'Change password successfully'}, 200
except pymysql.Error as e:
return {'message': e.args[1]}, 500