def event_add_participant(user, event, data): if not db_connector.add_participant(user["name"], event["id"]): return make_response(BAD_REQUEST, "You already participated in this event") return make_response( OK, "User {0} participated in event {1}".format(user["name"], event["id"]))
def create_event(user, data): if user["role"] != 1: return make_response(UNAUTHORIZED, "Unauthorized!") try: validate(data, new_event_schema) event = db_connector.new_event(user["name"], data) return make_response(OK, "ok", event) except ValidationError: return make_response(BAD_REQUEST, "Bad request")
def upload_photo(request): headers = request.META if 'HTTP_TOKEN' not in headers: return make_response(UNAUTHORIZED, "Unauthorized!") token = headers.get('HTTP_TOKEN') user = db_connector.get_session(token) if user["role"] != 1: return make_response(UNAUTHORIZED, "Unauthorized!") try: image = request.FILES["image"] ext = str(image.name).split('.')[-1] name = random_string() + '.' + ext url = '/static/images/' + name with open(STATIC_URL + 'images/' + name, 'wb+') as destination: destination.write(image.read()) return make_response(0, "ok", {"photo_url": url}) except Exception as e: return make_response(BAD_REQUEST, str(e))
def event_get_list(user, data): try: validate(data, events_schema) offset = data.get('offset') size = data.get('size') category = data.get('category') start_date = data.get('start_date') end_date = data.get('end_date') if category: events_list = db_connector.get_events_by_category( offset, size, category) elif start_date and end_date: events_list = db_connector.get_events_by_date( offset, size, start_date, end_date) else: events_list = db_connector.get_all_events(offset, size) return make_response(OK, "ok", events_list) except ValidationError: return make_response(BAD_REQUEST, "Bad request!")
def login(request): data = json.loads(request.body) try: validate(data, login_schema) username = data.get('username') password = data.get('password') if password: key = cache.get(username + "_key") cache.delete(username + "_key") user = db_connector.get_user(username) try: raw_password = decrypt(password, key) hash_password = sha(raw_password + user.salt) except: return make_response(BAD_REQUEST, "Password Incorrect") if hash_password != user.password: return make_response(BAD_REQUEST, "Password Incorrect") return make_response(OK, "Login Successfully", db_connector.new_session(user)) else: user = db_connector.get_user(username) if not user: return make_response(BAD_REQUEST, "User does not exist!") key = random_string(32) cache.set(username + "_key", key, 60) return make_response(OK, "ok", {"key": key}) except ValidationError: return make_response(BAD_REQUEST, "Bad request")
def event_get_comments(user, event, data): comments = db_connector.get_comments(event["id"], data.get('offset'), data.get('size')) return make_response(OK, "ok", comments)
def event_add_comment(user, event, data): content = data.get("content") if (not content) or (content and not isinstance(content, basestring)): return make_response(BAD_REQUEST, "Bad request") db_connector.add_comment(user["name"], event["id"], content) return make_response(OK, "Comment added to event {0}".format(event["id"]))
def event_get_detail(user, event, data): return make_response(OK, "ok", event)
def event_get_likes(user, event, data): likes = db_connector.get_likes(event["id"], data.get('offset'), data.get('size')) return make_response(OK, "ok", likes)