def delete_task_by_id(task_id): if ("WebAPIToken" not in session): return _send_list_JSON({"error": "Login into system please"}, 403) jsonbody = db.todos.find_one({"_id": ObjectId(task_id)}) if jsonbody["user_id"] == session["WebAPIToken"]: db.todos.delete_one(jsonbody) return _send_list_JSON({"message": "task was deleted"}, 200)
def get_task_by_id(task_id): if ("WebAPIToken" not in session): return _send_list_JSON({"error": "Login into system please"}, 403) jsonbody = db.todos.find_one({"_id": ObjectId(task_id)}) del jsonbody["_id"] del jsonbody["user_id"] return _send_list_JSON(jsonbody)
def login(): jsonbody = request.get_json() document = dict() try: document["id"] = str(db.users.find_one(jsonbody)["_id"]) session["WebAPIToken"] = document["id"] encoded = jwt.encode(document, 'secret', algorithm='HS256') return _send_list_JSON({"WebAPIToken": encoded}) except: return _send_list_JSON({"error": "Login into system please"}, 403)
def tasks_list(): if ("WebAPIToken" not in session): return _send_list_JSON({"error": "Login into system please"}, 403) _items = db.todos.find({"user_id": session["WebAPIToken"]}) items = list() for item in _items: item["id"] = str(item["_id"]) del item["_id"] del item["user_id"] items.append(item) return _send_list_JSON(items)
def put_task_by_id(task_id): jsonbody = request.get_json() if ("WebAPIToken" not in session): return _send_list_JSON({"error": "Login into system please"}, 403) elif (jwt.decode(jsonbody['WebAPIToken'], 'secret', algorithms=['HS256'])['id'] == session["WebAPIToken"]): try: del jsonbody["WebAPIToken"] db.todos.update({"_id": ObjectId(task_id)}, {"$set": jsonbody}) updateresult = db.todos.find_one({"_id": ObjectId(task_id)}) del updateresult["_id"] return _send_list_JSON(updateresult) except Exception, e: return _send_list_JSON({"error": e}, 400)
def add_new_user(): jsonbody = request.get_json() if ("username" in jsonbody) and ("password" in jsonbody): result = db.users.insert_one(jsonbody) document = dict() document = db.users.find_one({"_id": result.inserted_id}) document["id"] = str(document["_id"]) del document["_id"] return _send_list_JSON(document, 201)
def add_task(): if ("WebAPIToken" not in session): return _send_list_JSON({"error": "Login into system please"}, 403) jsonbody = request.get_json() userToken = jwt.decode(jsonbody['WebAPIToken'], 'secret', algorithms=['HS256']) if (userToken["id"] == session["WebAPIToken"]): jsonbody["user_id"] = session["WebAPIToken"] del jsonbody['WebAPIToken'] try: db.todos.insert(jsonbody) jsonbody["id"] = str(jsonbody["_id"]) del jsonbody["_id"] del jsonbody["user_id"] return _send_list_JSON(jsonbody) except Exception as e: return _send_list_JSON({"error": e}, 400) else: return _send_list_JSON({"error": "Login into system please"}, 403)
return _send_list_JSON(jsonbody) @taskRouter.route('/api/tasks/<task_id>', methods=['PUT']) def put_task_by_id(task_id): jsonbody = request.get_json() if ("WebAPIToken" not in session): return _send_list_JSON({"error": "Login into system please"}, 403) elif (jwt.decode(jsonbody['WebAPIToken'], 'secret', algorithms=['HS256'])['id'] == session["WebAPIToken"]): try: del jsonbody["WebAPIToken"] db.todos.update({"_id": ObjectId(task_id)}, {"$set": jsonbody}) updateresult = db.todos.find_one({"_id": ObjectId(task_id)}) del updateresult["_id"] return _send_list_JSON(updateresult) except Exception, e: return _send_list_JSON({"error": e}, 400) else: return _send_list_JSON({"error": "Access forbiden"}, 403) @taskRouter.route('/api/tasks/<task_id>', methods=['DELETE']) def delete_task_by_id(task_id): if ("WebAPIToken" not in session): return _send_list_JSON({"error": "Login into system please"}, 403) jsonbody = db.todos.find_one({"_id": ObjectId(task_id)}) if jsonbody["user_id"] == session["WebAPIToken"]: db.todos.delete_one(jsonbody) return _send_list_JSON({"message": "task was deleted"}, 200)
def get_token(): session.pop("WebAPIToken", None) return _send_list_JSON({"message": "User logged out"})