def login(): session.clear() request_data = return_request_data() if not request_data.get("username", None): return make_error(400, description="[username] is required.") if not request_data.get("password", None): return make_error(400, description="[password] is required.") if users.find_one({"username": request_data.get('username')}) is None: return make_error( 400, description="Username is not exist, please choose another.") if users.find_one({"password": request_data.get('password')}) is None: return make_error(400, description="password is wrong") data_user = users.find_one({"username": request_data.get("username")}) payload = { "username": request_data.get("username"), "exp": datetime.utcnow() + timedelta(seconds=JWTConfig.JWT_EXP_DELTA_SECONDS) } jwt_token = jwt.encode(payload, JWTConfig.JWT_SECRET, JWTConfig.JWT_ALGORITHM) return Utils.return_jsonify({'token': jwt_token.decode('utf-8')})
def create(cls, postId=None): request_data = return_request_data() coll = db[cls.collection] v = Validator(cls.schema) if not v.validate(request_data): return make_error(status=400, description=v.errors) else: if cls.__name__ == "User": if users.find_one({"username": request_data.get('username')}) is not None: return make_error( 400, description="Username is exist, please choose another." ) request_data["birthday"] = datetime.strptime( request_data.get("birthday"), format_str) elif cls.__name__ == "Post": request_data["user"] = session.get("username") request_data["_create"] = datetime.now() elif cls.__name__ == "Comment": request_data["postId"] = ObjectId(postId) request_data["userId"] = session.get("username") result = coll.insert_one(request_data) post = coll.find_one({'_id': result.inserted_id}) logger.warn('Update %r', post) return Utils.return_jsonify(post)
def get_item(self, _id=None, postId=None): try: coll = db[self.collection] query = {"_id": ObjectId(_id)} if request.args.get("embedded", None) is not None: return Utils.embedded_comments(_id) if postId is not None: query = {"_id": ObjectId(_id), "postId": ObjectId(postId)} if coll.find(query) is not None: return Utils.return_jsonify(list(coll.find(query))) else: return make_error(status=400, description="Not found") except Exception as e: return make_error(status=400, description=str(e))
def delete_item(self, _id=None, postId=None): query = {"_id": ObjectId(_id)} coll = db[self.collection] if coll.find_one(query) is None: return make_error(status=400, description="It's not yours") result = coll.delete_one(query) return str(result)
def get_item(cls, postId=None): check = request.args.get("comments", "") if check != "": return Utils.embedded_comments(postId) else: query = {} try: coll = db[cls.collection] if cls.__name__ == "Post": query = {"_id": ObjectId(postId)} elif cls.__name__ == "Comment": query = {"postId": ObjectId(postId)} if coll.find(query) is not None: return Utils.return_jsonify(list(coll.find(query))) else: return make_error(status=400, description="Not found") except Exception as e: return make_error(status=400, description=str(e))
def update(self, _id=None, postId=None): request_data = return_request_data() query = {"_id": ObjectId(_id)} coll = db[self.collection] if coll.find_one(query) is None: return make_error(status=400, description="it's not yours") request_data["_updated"] = datetime.now() result = coll.find_one_and_update(query, {'$set': request_data}) result = coll.find_one(query) return Utils.return_jsonify(result)
def update(cls, _id=None): request_data = return_request_data() query = {} if cls.__name__ == "Post": request_data["_updated"] = datetime.now() try: query = {"_id": ObjectId(_id), "user": session.get("username")} except Exception as e: return make_error(status=400, description=str(e)) elif cls.__name__ == "User": if request_data.get("birthday", None) is not None: request_data["birthday"] = datetime.strptime( request_data.get("birthday"), format_str) query = {"username": session.get("username")} coll = db[cls.collection] if coll.find_one(query) is None: return make_error(status=400, description="it's not yours") result = coll.find_one_and_update(query, {'$set': request_data}) return Utils.return_jsonify(result)
def update(cls, _id=None): request_data = return_request_data() if request_data.get("birthday", None) is not None: request_data["birthday"] = datetime.strptime( request_data.get("birthday"), format_str) query = {"username": session.get("username")} coll = db[cls.collection] if coll.find_one(query) is None: return make_error(status=400, description="it's not yours") result = coll.find_one_and_update(query, {'$set': request_data}) return Utils.return_jsonify(result)
def load_logged_in_user(): g.user = None jwt_token = request.headers.get('Authorization', None) if jwt_token: try: payload = jwt.decode(jwt_token, JWTConfig.JWT_SECRET, algorithms=[JWTConfig.JWT_ALGORITHM]) except (jwt.DecodeError, jwt.ExpiredSignatureError): return make_error(status=400, description="Token is invalid") g.user = payload["username"] session["username"] = payload["username"]
def delete_item(cls, postId=None, comment_id=None): query = {} if cls.__name__ == "Post": query = {"_id": ObjectId(postId), "user": session.get("username")} else: query = { "_id": ObjectId(comment_id), "userId": session.get("username") } coll = db[cls.collection] if coll.find_one(query) is None: return make_error(status=400, description="It's not yours") result = coll.delete_one(query) return str(result)
def create(self, postId=None): request_data = return_request_data() coll = db[self.collection] v = Validator(self.schema) if not v.validate(request_data): return make_error(status=400, description=v.errors) else: if postId is not None: request_data["postId"] = ObjectId(postId) request_data["_create"] = datetime.now() request_data["_updated"] = datetime.now() result = coll.insert_one(request_data) post = coll.find_one({'_id': result.inserted_id}) logger.warn('Update %r', post) return Utils.return_jsonify(post)
def wrapped_view(**kwargs): if g.user is None: return make_error(status=400, description="You have to login") return view(**kwargs)