def render_delete_many(self, value, system, common_kw):
""" Render response for view `delete_many` method (collection DELETE)
"""
if isinstance(value, dict):
return JHTTPOk(extra=value)
msg = 'Deleted {} {}(s) objects'.format(value,
system['view'].Model.__name__)
return JHTTPOk(msg, **common_kw.copy())
def render_update_many(self, value, system, common_kw):
""" Render response for view `update_many` method
(collection PUT/PATCH)
"""
msg = 'Updated {} {}(s) objects'.format(value,
system['view'].Model.__name__)
return JHTTPOk(msg, **common_kw.copy())
def register(self):
""" Register new user by POSTing all required data. """
user, created = self.Model.create_account(self._json_params)
if not created:
raise JHTTPConflict('Looks like you already have an account.')
self.request._user = user
pk_field = user.pk_field()
headers = remember(self.request, getattr(user, pk_field))
return JHTTPOk('Registered', headers=headers)
def reset_token(self, **params):
""" Reset current token by POSTing 'login' and 'password'.
User's `Authorization` header value is returned in `WWW-Authenticate`
header.
"""
response = self.claim_token(**params)
if not self.user:
return response
self.user.api_key.reset_token()
headers = remember(self.request, self.user.username)
return JHTTPOk('Registered', headers=headers)
def register(self):
""" Register a new user by POSTing all required data.
User's `Authorization` header value is returned in `WWW-Authenticate`
header.
"""
user, created = self.Model.create_account(self._json_params)
if user.api_key is None:
raise JHTTPBadRequest('Failed to generate ApiKey for user')
if not created:
raise JHTTPConflict('Looks like you already have an account.')
self.request._user = user
headers = remember(self.request, user.username)
return JHTTPOk('Registered', headers=headers)
def claim_token(self, **params):
"""Claim current token by POSTing 'login' and 'password'.
User's `Authorization` header value is returned in `WWW-Authenticate`
header.
"""
self._json_params.update(params)
success, self.user = self.Model.authenticate_by_password(
self._json_params)
if success:
headers = remember(self.request, self.user.username)
return JHTTPOk('Token claimed', headers=headers)
if self.user:
raise JHTTPUnauthorized('Wrong login or password')
else:
raise JHTTPNotFound('User not found')
def login(self, **params):
self._json_params.update(params)
next = self._query_params.get('next', '')
if self.request.path in next:
next = '' # never use the login form itself as next
unauthorized_url = self._query_params.get('unauthorized', None)
success, user = self.Model.authenticate_by_password(self._json_params)
if success:
pk_field = user.pk_field()
headers = remember(self.request, getattr(user, pk_field))
if next:
raise JHTTPFound(location=next, headers=headers)
else:
return JHTTPOk('Logged in', headers=headers)
if user:
if unauthorized_url:
return JHTTPUnauthorized(location=unauthorized_url +
'?error=1')
raise JHTTPUnauthorized('Failed to Login.')
else:
raise JHTTPNotFound('User not found')
def render_delete(self, value, system, common_kw):
""" Render response for view `delete` method (item DELETE) """
return JHTTPOk('Deleted', **common_kw.copy())
def render_update(self, value, system, common_kw):
""" Render response for view `update` method (item PATCH) """
kw = self._get_create_update_kwargs(value, common_kw)
return JHTTPOk('Updated', **kw)
def logout(self):
next = self._query_params.get('next')
headers = forget(self.request)
if next:
return JHTTPFound(location=next, headers=headers)
return JHTTPOk('Logged out', headers=headers)