def get_user_for_update(request, response):
""" Utility function that does a bunch of the input validation required
for services that update user information."""
# Verify the gameid is valid:
gameid = request.get('gameid')
if gameid not in GAMES:
write_response(response, "4", None, "Gameid is invalid: %s" % gameid)
return None
# Get the user
name = request.get('name')
game = GAMES[gameid]['name']
user = GameUser.get_by_name(name, game)
if not user:
write_response(response, "6", None, "User %s does not exist" % name)
return None
# Ensure token is still valid
token = request.get('token')
if token != user.token:
logging.error(token + " != " + user.token)
write_response(response, "7", None, "Token %s is invalid" % token)
return None
exp_date = user.last_login_date + timedelta(seconds=user.expiration)
if exp_date < datetime.now():
write_response(response, "8", None,
"Token has expired. Log in again.")
return None
return user
def get_user_for_update(request, response):
""" Utility function that does a bunch of the input validation required
for services that update user information."""
# Verify the gameid is valid:
gameid = request.get('gameid')
if gameid not in GAMES:
write_response(response, "4", None, "Gameid is invalid: %s" % gameid)
return None
# Get the user
name = request.get('name')
game = GAMES[gameid]['name']
user = GameUser.get_by_name(name, game)
if not user:
write_response(response, "6", None,
"User %s does not exist" % name)
return None
# Ensure token is still valid
token = request.get('token')
if token != user.token:
logging.error(token + " != " + user.token)
write_response(response, "7", None, "Token %s is invalid" % token)
return None
exp_date = user.last_login_date + timedelta(seconds=user.expiration)
if exp_date < datetime.now():
write_response(response, "8", None, "Token has expired. Log in again.")
return None
return user
def post(self):
logging.debug("In LoginHandler")
self.response.headers['Content-Type'] = 'application/json'
# Verify the gameid is valid:
gameid = self.request.get('gameid')
if gameid not in GAMES:
write_response(self.response, "4", None, "Gameid is invalid.")
return
# Ensure name is valid
name = self.request.get('name')
user = GameUser.get_by_name(name, GAMES[gameid]['name'])
if not user:
write_response(self.response, "3", None,
"User name or password is invalid.")
return
# Ensure password matches one in DB
password = self.request.get('password')
encrypted_password, salt = saltedhash_hex(password, user.salt)
if encrypted_password != user.password:
write_response(self.response, "3", None,
"User name or Password is incorrect.")
return
# Ensure game matches one in DB
game = GAMES[gameid]['name']
if game != user.game:
write_response(self.response, "5", None,
"Gameid incorrect for this user %s." % name)
return
# Ensure user is verified
if user.status == USER_UNVERIFIED:
write_response(self.response, "14", None,
"User %s is unverified." % name)
return
#Generate token
token = get_token_str()
expiration = get_token_expiration(
int(self.request.get('expiration', 0)))
user.last_login_date = datetime.now()
user.token = token
user.expiration = expiration
user.put()
write_response(self.response, "0", json.dumps(dict(token=token)))
def post(self):
logging.debug("In LoginHandler")
self.response.headers['Content-Type'] = 'application/json'
# Verify the gameid is valid:
gameid = self.request.get('gameid')
if gameid not in GAMES:
write_response(self.response, "4", None, "Gameid is invalid.")
return
# Ensure name is valid
name = self.request.get('name')
user = GameUser.get_by_name(name, GAMES[gameid]['name'])
if not user:
write_response(self.response, "3", None,
"User name or password is invalid.")
return
# Ensure password matches one in DB
password = self.request.get('password')
encrypted_password, salt = saltedhash_hex(password, user.salt)
if encrypted_password != user.password:
write_response(self.response, "3", None,
"User name or Password is incorrect.")
return
# Ensure game matches one in DB
game = GAMES[gameid]['name']
if game != user.game:
write_response(self.response, "5", None,
"Gameid incorrect for this user %s." % name)
return
# Ensure user is verified
if user.status == USER_UNVERIFIED:
write_response(self.response, "14", None,
"User %s is unverified." % name)
return
#Generate token
token = get_token_str()
expiration = get_token_expiration(int(self.request.get('expiration', 0)))
user.last_login_date = datetime.now()
user.token = token
user.expiration = expiration
user.put()
write_response(self.response, "0", json.dumps(dict(token=token)))
def get(self, verification):
self.response.headers['Content-Type'] = 'text/plain'
logging.debug("In VerifyUserHandler")
# Only want one user, but COULD get multiple. Verify 'em all!
users = GameUser.get_by_verification(verification)
if users.count() == 0:
self.response.write("Invalid verification URL. Please contact support.")
elif users.count > 1:
logging.warning("Multiple users with verification code: %s" % verification)
for user in users:
user.status = USER_VERIFIED
user.put()
self.response.out.write("Verified!")
def post(self):
logging.debug("In ListUserHandler")
self.response.headers['Content-Type'] = 'application/json'
# Verify the gameid is valid:
gameid = self.request.get('gameid')
if gameid not in GAMES:
write_response(self.response, "4", None, "Gameid is invalid: %s" % gameid)
return
userlist = []
users = GameUser.list(GAMES[gameid]['name'])
for user in users:
userdict = user.to_dict()
userlist.append(userdict)
write_response(self.response, "0", json.dumps(userlist))
def get(self, verification):
self.response.headers['Content-Type'] = 'text/plain'
logging.debug("In VerifyUserHandler")
# Only want one user, but COULD get multiple. Verify 'em all!
users = GameUser.get_by_verification(verification)
if users.count() == 0:
self.response.write(
"Invalid verification URL. Please contact support.")
elif users.count > 1:
logging.warning("Multiple users with verification code: %s" %
verification)
for user in users:
user.status = USER_VERIFIED
user.put()
self.response.out.write("Verified!")
def post(self):
logging.debug("In ListUserHandler")
self.response.headers['Content-Type'] = 'application/json'
# Verify the gameid is valid:
gameid = self.request.get('gameid')
if gameid not in GAMES:
write_response(self.response, "4", None,
"Gameid is invalid: %s" % gameid)
return
userlist = []
users = GameUser.list(GAMES[gameid]['name'])
for user in users:
userdict = user.to_dict()
userlist.append(userdict)
write_response(self.response, "0", json.dumps(userlist))
def post(self):
logging.debug("In DeleteUserHandler")
self.response.headers['Content-Type'] = 'application/json'
# Verify the gameid is valid:
gameid = self.request.get('gameid')
if gameid not in GAMES:
write_response(self.response, "4", None, "gameid is invalid: %s" % gameid)
return
# Get the user
name = self.request.get('name')
game = GAMES[self.request.get('gameid')]['name']
user = GameUser.get_by_name(name, game)
if not user:
write_response(self.response, "6", None, "User %s does not exist" % name)
return
user.delete()
write_response(self.response, "0", {})
def post(self):
logging.debug("In DeleteUserHandler")
self.response.headers['Content-Type'] = 'application/json'
# Verify the gameid is valid:
gameid = self.request.get('gameid')
if gameid not in GAMES:
write_response(self.response, "4", None,
"gameid is invalid: %s" % gameid)
return
# Get the user
name = self.request.get('name')
game = GAMES[self.request.get('gameid')]['name']
user = GameUser.get_by_name(name, game)
if not user:
write_response(self.response, "6", None,
"User %s does not exist" % name)
return
user.delete()
write_response(self.response, "0", {})
def post(self):
logging.debug("In CreateUserHandler")
self.response.headers['Content-Type'] = 'application/json'
# Verify the gameid is valid:
gameid = self.request.get('gameid')
if gameid not in GAMES:
write_response(self.response, "4", None,
"gameid is invalid: %s" % gameid)
return
# Verify that this user name is unique
name = self.request.get('name')
game = GAMES[gameid]['name']
logging.debug("Email is: " + self.request.get('email'))
if not GameUser.name_is_available(name, game):
write_response(self.response, "2", None,
"User name %s already exists for this game." % name)
return
# Verify that this email is unique
if GAMES[gameid]['emailVerification']:
email = self.request.get('email')
if email == None or email == '':
write_response(self.response, "1", None,
"Required fields are missing: %s." % email)
game = GAMES[gameid]['name']
email = encrypt(email.lower())
if not GameUser.email_is_available(email, game):
write_response(
self.response, "13", None,
"Email address %s already exists for this game." % email)
return
else:
email = encrypt(self.request.get('email').lower())
user = GameUser()
user.password, user.salt = saltedhash_hex(self.request.get('password'))
user.name = name.lower()
user.game = game
logging.debug("Email NOW is: " + email)
user.email = email
user.phone = encrypt(self.request.get('phone'))
user.blob = self.request.get('blob')
# Perform email verification for those games that require it.
# Otherwise, just mark the user as verified.
if GAMES[gameid]['emailVerification']:
user.status = USER_UNVERIFIED
send_email(user, GAMES[gameid]['name'])
else:
user.status = USER_VERIFIED
user.put()
write_response(self.response, "0", {})
def post(self):
logging.debug("In CreateUserHandler")
self.response.headers['Content-Type'] = 'application/json'
# Verify the gameid is valid:
gameid = self.request.get('gameid')
if gameid not in GAMES:
write_response(self.response, "4", None, "gameid is invalid: %s" % gameid)
return
# Verify that this user name is unique
name = self.request.get('name')
game = GAMES[gameid]['name']
logging.debug("Email is: " + self.request.get('email'))
if not GameUser.name_is_available(name, game):
write_response(self.response, "2", None,
"User name %s already exists for this game." % name)
return
# Verify that this email is unique
if GAMES[gameid]['emailVerification']:
email = self.request.get('email')
if email == None or email == '':
write_response(self.response, "1", None,
"Required fields are missing: %s." % email)
game = GAMES[gameid]['name']
email = encrypt(email.lower())
if not GameUser.email_is_available(email, game):
write_response(self.response, "13", None,
"Email address %s already exists for this game." % email)
return
else:
email = encrypt(self.request.get('email').lower())
user = GameUser()
user.password, user.salt = saltedhash_hex(self.request.get('password'))
user.name = name.lower()
user.game = game
logging.debug("Email NOW is: " + email)
user.email = email
user.phone = encrypt(self.request.get('phone'))
user.blob = self.request.get('blob')
# Perform email verification for those games that require it.
# Otherwise, just mark the user as verified.
if GAMES[gameid]['emailVerification']:
user.status = USER_UNVERIFIED
send_email(user, GAMES[gameid]['name'])
else:
user.status = USER_VERIFIED
user.put()
write_response(self.response, "0", {})
