api = Blueprint('api', 'api', url_prefix='/api') @api.route('/polls', methods=['GET', 'POST']) # retrieves/adds polls from/to the database def api_polls(): if request.method == 'POST': # get the poll and save it in the database poll = request.get_json() # simple validation to check if all values are properly secret for key, value in poll.items(): if not value: return jsonify({'message': 'value for {} is empty'.format(key)}) title = poll['title'] options_query = lambda option:Options.query.filter(Options.name.like(option)) options = [Polls(option=Options(name=option)) if options_query(option).count() == 0 else Polls(option=options_query(option).first()) for option in poll['options'] ] new_topic = Topics(title=title, options=options) db.session.add(new_topic) db.session.commit() return jsonify({'message': 'Poll was created succesfully'}) else: # it's a GET request, return dict representations of the API polls = Topics.query.filter_by(status=1).join(Polls).order_by(Topics.id.desc()).all() all_polls = {'Polls': [poll.to_json() for poll in polls]} return jsonify(all_polls)
def set_options(): conveyancePreference = request.form.get('conveyancePreference') userVerification = request.form.get('userVerification') requireResidentKey = request.form.get('requireResidentKey') authenticatorAttachment = request.form.get('authenticatorAttachment') enableAttestationExcludeCredentials = request.form.get( 'enableAttestationExcludeCredentials') attestationExcludeCredentialsUsers = request.form.get( 'attestationExcludeCredentialsUsers') attestationExcludeCredentialsTransports = request.form.get( 'attestationExcludeCredentialsTransports') attestationExtensions = request.form.get('attestationExtensions', None) enableAssertionAllowCredentials = request.form.get( 'enableAssertionAllowCredentials') assertionAllowCredentialsUsers = request.form.get( 'assertionAllowCredentialsUsers') assertionAllowCredentialsTransports = request.form.get( 'assertionAllowCredentialsTransports') assertionExtensions = request.form.get('assertionExtensions', None) try: webauthn_options = webauthn.WebAuthnOptions() try: options = Options.query.filter_by(rp_id=RP_ID).first() if options is None: options = Options() options.rp_id = RP_ID options.version = CURRENT_OPTIONS_TBL_VERSION options.option_content = json.dumps(webauthn_options.get()) db.session.add(options) db.session.commit() else: if options.version != CURRENT_OPTIONS_TBL_VERSION: return make_response( jsonify({'fail': 'Options Table Version Error.'}), 400) except Exception as e: return make_response( jsonify({'fail': 'Options Database Error: {}'.format(e)}), 500) webauthn_options.set(json.loads(options.option_content)) if conveyancePreference in webauthn.WebAuthnOptions.SUPPORTED_CONVEYANCE_PREFARENCE: webauthn_options.conveyancePreference = conveyancePreference else: return make_response( jsonify( {'fail': 'Option Selection Error (conveyancePreference).'}), 400) if userVerification in webauthn.WebAuthnOptions.SUPPORTED_AUTHENTICATIONSELECTION_USERVERIFICATION: webauthn_options.userVerification = userVerification else: return make_response( jsonify({'fail': 'Option Selection Error (userVerification).'}), 400) if requireResidentKey in webauthn.WebAuthnOptions.SUPPORTED_REQUIRE_REDIDENTKEY: webauthn_options.requireResidentKey = requireResidentKey else: return make_response( jsonify( {'fail': 'Option Selection Error (requireResidentKey).'}), 400) if authenticatorAttachment in webauthn.WebAuthnOptions.SUPPORTED_AUTHENTICATIONSELECTION_ATTACHIMENT or authenticatorAttachment == '': webauthn_options.authenticatorAttachment = authenticatorAttachment else: return make_response( jsonify({ 'fail': 'Option Selection Error (authenticatorAttachment).' }), 400) if enableAttestationExcludeCredentials in webauthn.WebAuthnOptions.SUPPORTED_ENABLE_CREDENTIALS: webauthn_options.enableAttestationExcludeCredentials = enableAttestationExcludeCredentials else: return make_response( jsonify({ 'fail': 'Option Selection Error (enableAttestationExcludeCredentials).' }), 400) if re.sub(r'\d', '', re.sub(r'\s', '', attestationExcludeCredentialsUsers)) == '': webauthn_options.attestationExcludeCredentialsUsers = attestationExcludeCredentialsUsers.split( ' ') else: return make_response( jsonify({ 'fail': 'Option Selection Error (attestationExcludeCredentialsUsers).' }), 400) if set(attestationExcludeCredentialsTransports.split(' ')).issubset( webauthn.WebAuthnOptions.SUPPORTED_TRANSPORTS ) or attestationExcludeCredentialsTransports == '': webauthn_options.attestationExcludeCredentialsTransports = attestationExcludeCredentialsTransports.split( ' ') else: return make_response( jsonify({ 'fail': 'Option Selection Error (attestationExcludeCredentialsTransports).' }), 400) if attestationExtensions is not None: tmp_dict = {} for lineitem in attestationExtensions.splitlines(): item = [x.strip() for x in lineitem.split('=')] if len(item) == 2: tmp_dict[item[0]] = item[1] if len(tmp_dict) == len(attestationExtensions.splitlines()): webauthn_options.attestationExtensions = tmp_dict else: return make_response( jsonify({ 'fail': 'Option Format Error (attestationExtensions).' }), 400) if enableAssertionAllowCredentials in webauthn.WebAuthnOptions.SUPPORTED_ENABLE_CREDENTIALS: webauthn_options.enableAssertionAllowCredentials = enableAssertionAllowCredentials else: return make_response( jsonify({ 'fail': 'Option Selection Error (enableAssertionAllowCredentials).' }), 400) if re.sub(r'\d', '', re.sub(r'\s', '', assertionAllowCredentialsUsers)) == '': webauthn_options.assertionAllowCredentialsUsers = assertionAllowCredentialsUsers.split( ' ') else: return make_response( jsonify({ 'fail': 'Option Selection Error (assertionAllowCredentialsUsers).' }), 400) if set(assertionAllowCredentialsTransports.split(' ')).issubset( webauthn.WebAuthnOptions.SUPPORTED_TRANSPORTS ) or assertionAllowCredentialsTransports == '': webauthn_options.assertionAllowCredentialsTransports = assertionAllowCredentialsTransports.split( ' ') else: return make_response( jsonify({ 'fail': 'Option Selection Error (assertionAllowCredentialsTransports).' }), 400) if assertionExtensions is not None: tmp_dict = {} for lineitem in assertionExtensions.splitlines(): item = [x.strip() for x in lineitem.split('=')] if len(item) == 2: tmp_dict[item[0]] = item[1] if len(tmp_dict) == len(assertionExtensions.splitlines()): webauthn_options.assertionExtensions = tmp_dict else: return make_response( jsonify( {'fail': 'Option Format Error (assertionExtensions).'}), 400) except Exception as e: app.logger.debug('Options failed. Error: {}'.format(e)) return make_response( jsonify({'fail': 'Options failed. Error: {}'.format(e)}), 500) try: options.option_content = json.dumps(webauthn_options.get()) db.session.add(options) db.session.commit() except Exception as e: return make_response( jsonify({'fail': 'Options Database Error: {}'.format(e)}), 500) return make_response(jsonify({'success': 'Options successfully saved.'}), 200)
from app import db, app db.app = app db.init_app(app) db.create_all() from models import Options, Topics, Polls topic = Topics(title='Which side is going to win the EPL this season') arsenal = Options(name='Arsenal') spurs = Options(name='Spurs') poll = Polls(topic=topic, option=arsenal) poll1 = Polls(topic=topic, option=spurs) db.session.add(topic) db.session.commit() city = Options(name='Manchester city') liverpool = Options(name='Liverpool FC') liverpool = Polls(option=liverpool) city = Polls(option=city) new_topic = Topics(title='Whos better liverpool or city', options=[liverpool, city]) db.session.add(new_topic) db.session.commit()
def attestation_get_options(): username = request.form.get('username') display_name = request.form.get('displayName') if 'register_ukey' in session: del session['register_ukey'] if 'register_username' in session: del session['register_username'] if 'register_display_name' in session: del session['register_display_name'] if 'challenge' in session: del session['challenge'] if 'att_option' in session: del session['att_option'] if username == "" or username is None: username = util.random_username(8) if display_name == "" or display_name is None: display_name = username session['register_username'] = username session['register_display_name'] = display_name rp_name = RP_ID challenge = util.generate_challenge(32) ukey = util.generate_ukey() session['challenge'] = challenge session['register_ukey'] = ukey exclude_credentialids = [] webauthn_options = webauthn.WebAuthnOptions() try: options = Options.query.filter_by(rp_id=RP_ID).first() if options is None: options = Options() options.rp_id = RP_ID options.version = CURRENT_OPTIONS_TBL_VERSION options.option_content = json.dumps(webauthn_options.get()) db.session.add(options) db.session.commit() else: if options.version != CURRENT_OPTIONS_TBL_VERSION: return make_response( jsonify({'fail': 'Options Table Version Error.'}), 400) except Exception as e: return make_response( jsonify({'fail': 'Options Database Error: {}'.format(e)}), 500) webauthn_options.set(json.loads(options.option_content)) if webauthn_options.enableAttestationExcludeCredentials == 'true' and len( webauthn_options.attestationExcludeCredentialsUsers): users = Users.query.filter( Users.id.in_( webauthn_options.attestationExcludeCredentialsUsers)).all() for user in users: if not user.credential_id: app.logger.debug('Unknown credential ID.') return make_response( jsonify({'fail': 'Unknown credential ID.'}), 401) exclude_credentialids.append(str(user.credential_id)) make_credential_options = webauthn.WebAuthnMakeCredentialOptions( webauthn_options, exclude_credentialids, challenge, rp_name, RP_ID, ukey, username, display_name, 'https://example.com') reg_dict = json.dumps(make_credential_options.registration_dict, indent=2) session['att_option'] = reg_dict return make_response(jsonify(make_credential_options.registration_dict), 200)
def api_polls(): if request.method == 'POST': # get the poll and save it in the database poll = request.get_json() # simple validation to check if all values are properly set for key, value in poll.items(): if not value: return jsonify( {'message': 'value for {} is empty'.format(key)}) title = poll['title'] batch = poll['batch'] options_query = lambda option: Options.query.filter( Options.name.like(option)) options = [ Polls(option=Options( name=option)) if options_query(option).count() == 0 else Polls( option=options_query(option).first()) for option in poll['options'] ] eta = datetime.utcfromtimestamp(poll['close_date']) new_topic = Topics(title=title, poll_group=batch, options=options, close_date=eta) #poll_group = Polls() #db.session.add(poll_group) db.session.add(new_topic) db.session.commit() # run the task from tasks import close_poll close_poll.apply_async((new_topic.id, SQLALCHEMY_DATABASE_URI), eta=eta) return jsonify({'message': 'Poll was created succesfully'}) else: # it's a GET request, return dict representations of the API user = session['user'] # print('User:'******'NFKD', user).encode('ascii','ignore') # print('UpdatedUser:'******'User Info: ', user_info) # user_type = unicodedata.normalize('NFKD', user_info.user_group).encode('ascii','ignore') user_type = user_info.user_group polls = Topics.query.filter_by( status=True, poll_group=user_type).join(Polls).order_by(Topics.id.desc()).all() all_polls = Topics.query.filter_by( status=True, poll_group='all').join(Polls).order_by(Topics.id.desc()).all() for x in all_polls: polls.append(x) print(type(polls)) all_polls = {'Polls': [poll.to_json() for poll in polls]} return jsonify(all_polls)