def authenticate_user(): if not request.json: raise InvalidUsage('Something went wrong, please try again.', status_code=400) req_data = request.json if not req_data['email']: raise InvalidUsage('Email field is empty.', status_code=400) if not req_data['password']: raise InvalidUsage('Password field is empty.', status_code=400) user = User.get_user_by_email(req_data['email']) #u = User(email='*****@*****.**') #u.set_password('pass') if user is None or not user.check_password(req_data['password']): raise InvalidUsage('Invalid email or password.', status_code=401) # Create the tokens we will be sending back to the user access_token = create_access_token(identity=user.id) refresh_token = create_refresh_token(identity=user.id) # Set the JWT cookies in the response resp = jsonify({'login': True}) set_access_cookies(resp, access_token) set_refresh_cookies(resp, refresh_token) return resp, 200
def send_email(): if not has_args(request.json, ['email']): raise InvalidUsage('Missing email.') if not has_args(request.json, ['password']): raise InvalidUsage('Missing password.') if not has_args(request.json, ['name']): raise InvalidUsage('Missing name.') if not has_args(request.json, ['state']): raise InvalidUsage('Missing state.') if not has_args(request.json, ['county']): raise InvalidUsage('Missing county.') sender = Sender() state = request.json['state'] county = request.json['county'] email = unquote(request.json['email']) password = unquote(request.json['password']) print(email) recv = sender.get_recipients(state, county) num_sent = sender.send_email(recv, request.json['name'], email, password) return jsonify({'number of emails sent': num_sent})
def get_required_param(json, param): if json is None: logger.info("Request is not a valid json") raise InvalidUsage("Request is not a valid json") value = json.get(param, None) if (value is None) or (value == '') or (value == []): logger.info("A required request parameter '{}' had value {}".format(param, value)) raise InvalidUsage("A required request parameter '{}' was not provided".format(param)) return value
def reccomend_book(): if not has_args(request.json, ['numResponses']): raise InvalidUsage( 'Please provide the number of responses you want to recieve.') if not has_args(request.json, ['query']): raise InvalidUsage('Please provide a query to match with.') query, titles = matching_score(request.json['numResponses'], request.json['query']) return jsonify({'query': query, 'query': titles})
def get_recipient_prof(): if not has_args(request.args, ['idtoken']): raise InvalidUsage('note all paramenters present') try: # Specify the CLIENT_ID of the app that accesses the backend: CLIENT_ID = os.environ.get('CARE37_GOOGLE_CLIENT_ID') idinfo = id_token.verify_oauth2_token(request.args['idtoken'], requests.Request(), CLIENT_ID) if idinfo['iss'] not in [ 'accounts.google.com', 'https://accounts.google.com' ]: raise ValueError('Wrong issuer.') if CLIENT_ID not in idinfo['aud']: print("clientid was not in aud field from google response") return 400 # ID token is valid. Get the user's Google Account ID from the decoded token. email = idinfo['email'] profile_dict = get_recipient_profile(email) return jsonify(profile_dict), 200 except ValueError: # Invalid token print("invalid login") return 400
def getIsVerified(): print(request) # check all the args are there if not has_args(request.args, ['email']): raise InvalidUsage('note all paramenters present') is_verified = get_is_verified(request.args['email']) return jsonify(is_verified), 200
def deleteUser(): if not has_args(request.json, ['idtoken']): raise InvalidUsage('missing parameters') try: # Specify the CLIENT_ID of the app that accesses the backend: CLIENT_ID = os.environ.get('CARE37_GOOGLE_CLIENT_ID') idinfo = id_token.verify_oauth2_token(request.json['idtoken'], requests.Request(), CLIENT_ID) if idinfo['iss'] not in [ 'accounts.google.com', 'https://accounts.google.com' ]: raise ValueError('Wrong issuer.') if CLIENT_ID not in idinfo['aud']: print("clientid was not in aud field from google response") return 400 # ID token is valid. Get the user's Google Account ID from the decoded token. # delete the user email = idinfo['email'] delete_user_output = delete_user(email) return delete_user_output, 200 except ValueError: # Invalid token print("invalid login") return 400
def delete_deposit(self, ticker, date): if ticker not in self.portfolio: raise InvalidUsage("%s is not registered in the portfolio" % ticker) return self.portfolio[ticker].delete_deposit( self._string_to_date(date))
def deposit(self, amount, date): date = self._string_to_date(date) if self.get_deposit_by_date(date): raise InvalidUsage("A deposit for that date is already registered") updated_deposits = self.deposits + [{"amount": amount, "date": date}] self.deposits = sorted(updated_deposits, key=lambda deposit: deposit["date"])
def addPhoneNumber(): # check all the args are there if not has_args(request.json, ['email', 'phone_number']): raise InvalidUsage('note all paramenters present') # add the phone number to the DB entry respone = add_phone_number(request.json['email'], request.json['phone_number']) return str(respone), 200
def sendToTwitter(): # get params with: request.json['dialSetting'] if not has_args(request.args, ['file_name', 'file_path']): raise InvalidUsage("Missing necessary parameters.") twitter_obj = twitter.get_twitter_obj(session['oauth_token'], session['oauth_token_secret']) return twitter.tweet_audio_as_video(twitter_obj, request.args['file_path'], request.args['file_name'])
def getPhoneNumber(): print(request.args) # check all the args are there if not has_args(request.args, ['email']): raise InvalidUsage('note all paramenters present') # get the phone number phone_number = get_phone_number(request.args['email']) return jsonify(phone_number), 200
def resume_node(): hostname = request.args.get('hostname') if not hostname: raise InvalidUsage('Hostname is Null', status_code=500) query_string = 'ansible-playbook -i /home/prateek/slurm_interactor/inventory/hosts --extra-vars compute="'+hostname+'" /home/prateek/slurm_interactor/roles/common/tasks/resume-compute.yml' proc = subprocess.Popen(query_string, stdout=subprocess.PIPE,stderr=subprocess.STDOUT, shell=True) out = proc.communicate() return out
def delete_deposit(self, date): date = self._string_to_date(date) num_deposits_before = len(self.deposits) self.deposits = filter(lambda x: x["date"] != date, self.deposits) num_deposits_after = len(self.deposits) num_deleted = num_deposits_before - num_deposits_after if num_deleted is not 1: raise InvalidUsage("failed to delete deposit (%s)" % num_deleted)
def create_opening(request_body): opening_id = openings.insert(request_body) new_opening = openings.find_one({'_id': opening_id}) if new_opening: new_opening['_id'] = str(new_opening['_id']) return jsonify(new_opening) else: raise InvalidUsage('Something went wrong. Your opening was not saved!', status_code=400)
def test(): """Handles cutting a string. A return strign is sent back containing every third character of the request string. If request isn't valid an error is sent as response. """ req_string = request.json.get('string_to_cut', None) if req_string is None: raise InvalidUsage( "\"string_to_cut\" key not provided in body of request", 400) if type(req_string) is not str: raise InvalidUsage("The value you provided is not a string", 400) res_string = cut_string(req_string) return jsonify(return_string=res_string)
def check_if_valid_session_key(): if request.method == "OPTIONS": return None if request.endpoint in ["login", "authorized", "login_verify"]: return None session_key = request.headers.get("api-key") if not session_key or not repo.valid_session_key(session_key): raise InvalidUsage("invalid session key", status_code=401)
def storeApplication(): application_id = applications.insert(request.json) new_application = applications.find_one({'_id': application_id}) if new_application: new_application['_id'] = str(new_application['_id']) return jsonify(new_application) else: raise InvalidUsage( 'Something went wrong. Your application was not saved!', status_code=400)
def get_organzation_by_id(self, id): try: with DB.cursor() as cursor: # Read a single record query = "SELECT * FROM organizations WHERE id='" + id + "'" cursor.execute(query) result = cursor.fetchone() return Organization(result) DB.commit() except Exception as e: raise InvalidUsage("Failed to find org with id " + id)
def get_quotes(self): if not self.quotes: self.quotes = self._get_from_cache( ) or self._get_quotes_from_remote() if not self.quotes: raise InvalidUsage("%s is not a valid ticker" % self.ticker) if self._quotes_has_expired(self.quotes): self.quotes = self._get_quotes_from_remote() return self._fill_date_holes_in_quotes(self.quotes["quotes"][::-1])
def normal(): params = request.args if 'address' in request.args: return str(do_expand(request.args.get('address', ''))) elif 'addresses' in request.args: addresses_requested = json.loads(params.get('addresses')) num_addresses = len(addresses_requested) if num_addresses > __max_addresses: raise InvalidUsage(message="too many addresses (received %d max %d)" % (num_addresses, __max_addresses)) addresses = list([do_expand(address) for address in addresses_requested]) return str(json.dumps(addresses))
def runSplice(): # get params with: request.json['dialSetting'] if not has_args( request.json, ['file_name', 'file_path', 'startMin', 'startSec', 'endMin', 'endSec' ]): raise InvalidUsage("Missing necessary parameters.") return splice(request.json['file_name'], request.json['file_path'], request.json['startMin'], request.json['startSec'], request.json['endMin'], request.json['endSec'])
def get_optional_param(json, param, default): if json is None: logger.info("Request is not a valid json") raise InvalidUsage("Request is not a valid json") value = json.get(param, None) if (value is None) or (value == '') or (value == []): logger.info( "An optional request parameter '{}' had value {} and was replaced with default value {}".format(param, value, default)) value = default return value
def loginToLinkedInCallback(): code = request.args.get("code") csrf_state = request.args.get("state") error = request.args.get("error") if session["linkedin-hash"] != csrf_state: raise InvalidUsage("401 Unauthorized") if error is not None: raise InvalidUsage("Error occured") auth = linkedin.LinkedInAuthentication( keys.LINKEDIN_CLIENT_ID, keys.LINKEDIN_CLIENT_SECRET, keys.LINKEDIN_CALLBACK, permissions=["w_member_social", "r_liteprofile"]) print(keys.LINKEDIN_CALLBACK) auth.state = csrf_state auth.authorization_code = code session["linkedin-access-token"] = auth.get_access_token() return redirect("/")
def updateOpenPrices(): print(request) print(request.json) if not has_args(request.json, ['ticker']): raise InvalidUsage('Please provide ticker to get the open price for.') # response = jsonify(error.to_dict()) # response.status_code = error.status_code # updates the opening prices dictionary in stockFilter data = get_all_data(request.json['ticker']) data_json = jsonify(data) return data_json
def __init__(self, ticker=None, name=None, deposits=[]): if not ticker: raise InvalidUsage( "Ticker must contain a valid ticker (was {})".format(ticker)) self.ticker = ticker self.name = name self.fond_quotes = Investment("%s.FOND" % self.ticker) self.deposits = map( lambda x: { "date": datetime.datetime.strptime(x["date"], "%Y-%m-%d").date( ), "amount": int(x["amount"]) }, deposits)
def add_fond(): if not validate_addfond(request): raise InvalidUsage("invalid input") session_token = request.headers.get("api-key") fond_data = request.get_json() portfolio = repo.get_portfolio(session_token) portfolio.add_fond(fond_data["ticker"], fond_data["name"]) repo.put_portfolio(portfolio) return Response(status=204)
def __init__(self, request, db): fields = ["name", "intra_id", "projects"] if not request.json or request.content_type != 'application/json': raise InvalidUsage() # Don't accept requests without "name" or "intra_id" if not all([i in request.json.keys() for i in ["name", "intra_id"]]): raise InvalidUsage() # Don't accept requests with not defined fields if any([i for i in request.json.keys() if i not in fields]): raise InvalidUsage() if self.__intraid_exists(request.json["intra_id"], db): raise InvalidUsage('Not Authorized', 401) self.json = request.json if "projects" not in self.json: self.json["projects"] = [] if not all([isinstance(i, str) for i in self.json["projects"]]): raise InvalidUsage() self.json["id"] = self.__auto_increment("id", db.counter) pass
def loginToTwitterCallback(): if not has_args( session, ['oauth_token_manual_login', 'oauth_token_secret_manual_login']): raise InvalidUsage("Log in to Twitter first.") oauth_token, oauth_token_secret = twitter.login( session['oauth_token_manual_login'], session['oauth_token_secret_manual_login'], request.args.get('oauth_verifier')) session['oauth_token'] = oauth_token session['oauth_token_secret'] = oauth_token_secret return str(200)
def authenticate(): if not has_args(request.form, ['username', 'password']): raise InvalidUsage("Bad request. Please use the proper login page.") username = request.form['username'].lower() # our password is NOT encrypted in transit.. # we need to implement client slide encryption password = request.form['password'] user = User.login_user(username, password) if not user: return redirect("./login?login_failed=true", code=302) else: login_user(user) return redirect("./", code=302)