def get_comments(post_id):
if request.method == 'GET':
try:
results = UsersRDB.get_comments_of_post(post_id)
rsp_status = 200
except Exception as e:
results = "Not Found"
rsp_status = 404
full_rsp = Response(results,
status=rsp_status,
content_type="application/json")
return full_rsp
elif request.method == 'POST':
curr_user = g.user
content = {
'author': curr_user,
'to_post': post_id,
'content': request.json['content'],
'date': request.json['date']
}
try:
results = UsersRDB.create_comment(content)
rsp_status = 200
except Exception as exp:
results = "Not Found"
rsp_status = 404
full_rsp = Response(results,
status=rsp_status,
content_type="application/json")
return full_rsp
def activate_user(cls, user_info):
v = user_info.get('email', None)
res = UsersRDB.get_user_by_email(v)
if res is None:
raise ServiceException(ServiceException.bad_data,
"Email not in database: " + v)
template = {'email': v}
result = UsersRDB.update_user(user_info=user_info, template=template)
return result
def update_user(cls, data):
v = data["email"]
res = UsersRDB.get_user_by_email(v)
if res is None:
raise ServiceException(ServiceException.bad_data,
"Email not in database: " + v)
# server_etag = to_etag(res)
# if client_etag == server_etag:
template = {"email": v}
result = UsersRDB.update_user(user_info=data, template=template)
# else:
result = "No action done due to Etag mismatch. This is usually because your info was modified during " \
"your updating. "
return result
def get_resource_by_columns():
args = dict(request.args)
args = handle_args(args)
fields = request.args.get("f")
if fields:
fields = fields.split(",")
args.pop("f")
else:
fields = None
try:
res = UsersRDB.get_by_columns(args, fields=fields)
rsp_txt = json.dumps(res)
full_rsp = Response(rsp_txt,
status=200,
content_type="json/application")
except Exception as e:
log_msg = "/user: Exception = " + str(e)
logger.error(log_msg)
rsp_status = 500
rsp_txt = "INTERNAL SERVER ERROR when running get_resource"
full_rsp = Response(rsp_txt,
status=rsp_status,
content_type="text/plain")
return full_rsp
def create_user(cls, user_info):
for f in UsersService.required_create_fields:
v = user_info.get(f, None)
if v is None:
raise ServiceException(ServiceException.missing_field,
"Missing field = " + f)
if f == 'email':
if v.find('@') == -1:
raise ServiceException(ServiceException.bad_data,
"Email looks invalid: " + v)
user_info['id'] = str(uuid.uuid4())
user_info["status"] = "PENDING"
result = UsersRDB.create_user(user_info=user_info)
print(os.environ['region_name'])
print(os.environ['aws_access_key_id'])
print(os.environ['aws_secret_access_key'])
client = boto3.client(
'sns',
region_name=os.environ['region_name'],
aws_access_key_id=os.environ['aws_access_key_id'],
aws_secret_access_key=os.environ['aws_secret_access_key'])
response = client.publish(
TopicArn=
'arn:aws:sns:ca-central-1:969112874411:E6156CustomerChange',
Subject='New Registration',
Message='{"customers_email":"%s"}' % user_info['email'],
)
return result
def before_decorator():
rule = request.endpoint
try:
if request.method == 'OPTIONS' or rule is 'registration' or rule is 'login' or request.headers.get(
"pass") == 'sL36KjRf5oAc79ifhPJAz1bqi03WQPCC':
pass
else:
token = request.headers.get("Token")
fblogin = False
if request.headers.has_key("X-Api-Key"):
fblogin = json.loads(request.headers["X-Api-Key"])
if fblogin:
user = token
else:
tmp = jwt.decode(request.headers["Token"],
'secret',
algorithms=['HS256'])
user = tmp.get("user")
password = tmp.get("password")
res = UsersRDB.validate_info(user)
if not check_password_hash(res, password):
raise ValueError("Your information cannot be identify!")
g.user = user
except Exception as exp:
rsp_txt = "ERROR: Unauthorized user. Login required.\n{}".format(exp)
rsp_status = 504
full_rsp = Response(rsp_txt,
status=rsp_status,
content_type="application/json")
return full_rsp
def get_resource_by_primary_key(primary_key):
fields = request.args.get("f")
if fields:
fields = fields.split(",")
else:
fields = None
if not primary_key:
return Response("Please provide primary key",
status=400,
content_type="text/plain")
try:
user_data = UsersRDB.get_by_id(primary_key, fields)
rsp_txt = json.dumps(user_data)
full_rsp = Response(rsp_txt,
status=200,
content_type="json/application")
except Exception as e:
log_msg = "/user: Exception = " + str(e)
logger.error(log_msg)
rsp_status = 500
rsp_txt = "INTERNAL SERVER ERROR when running get_resource"
full_rsp = Response(rsp_txt,
status=rsp_status,
content_type="text/plain")
return full_rsp
def create_user(cls, user_info):
for f in UsersService.required_create_fields:
v = user_info.get(f, None)
if v is None:
raise ServiceException(ServiceException.missing_field,
"Missing field = " + f)
if f == 'email':
if v.find('@') == -1:
raise ServiceException(ServiceException.bad_data,
"Email looks invalid: " + v)
if "id" not in user_info:
id1 = str(uuid.uuid1())
user_info['id'] = id1
result = UsersRDB.create_user(user_info=user_info)
print("RESULT FOR CREATE USER")
print(result)
if result is not None:
# publish email to the SNS topic
# sns = boto3.client('sns', region_name='us-east-1')
# resp = sns.publish(
# TopicArn = 'arn:aws:sns:us-east-1:211747076064:tse-email-notif',
# Message=user_info['email']
# )
resp = publish_it(user_info['email'])
print(resp)
return result
def create_user(cls, user_info, sns=None):
for f in UsersService.required_create_fields:
v = user_info.get(f, None)
if v is None:
raise ServiceException(ServiceException.missing_field,
"Missing field = " + f)
if f == 'email':
if v.find('@') == -1:
raise ServiceException(ServiceException.bad_data,
"Email looks invalid: " + v)
user_email = user_info.get('email', None)
if user_email is not None and sns is not None:
sns.client.subscribe(
TopicArn=sns.topic_arn,
Protocol='lambda',
# Endpoint='arn:aws:lambda:us-east-2:086478487177:function:Handler'
Endpoint=
'arn:aws:lambda:us-east-2:086478487177:function:lambda_jwt')
sns.client.publish(Message=json.dumps({'email': user_email}),
TopicArn=sns.topic_arn)
result = UsersRDB.create_user(user_info=user_info)
return result
def get_profile_by_id(cls, pid):
result = UsersRDB.get_profile_by_id(pid)
profile = {}
if len(result) > 0:
profile["profile_id"] = result[0]["profile_id"]
profile["user_id"] = result[0]["user_id"]
profile["profile_entries"] = UsersService.filter_profile(result)
return profile
def update_user(cls, email, data):
# hash password before updating
if 'password' in data:
data['password'] = security.hash_password({"password" : data['password']})
if 'status' in data:
print('updating status to', data['status'])
result = UsersRDB.update_user(email=email, data=data)
return result
def update_user(cls, email, user_info):
v = user_info.get('email', None)
if v.find('@') == -1:
raise ServiceException(ServiceException.bad_data,
"Email looks invalid: " + v)
result = UsersRDB.update_user(email=email, user_info=user_info)
return result
def get_articles():
if request.method == 'GET':
try:
curr_user = g.user
results = UsersRDB.find_post_by_authors(curr_user)
rsp_status = 200
full_rsp = Response(results,
status=rsp_status,
content_type="application/json")
return full_rsp
except Exception as e:
rsp_txt = "Not Found"
rsp_status = 404
full_rsp = Response(rsp_txt,
status=rsp_status,
content_type="application/json")
return full_rsp
elif request.method == 'POST':
curr_user = g.user
content = {
'author': curr_user,
'content': request.json['text'],
'image': request.json['image'],
'date': request.json['date']
}
try:
result = UsersRDB.create_post(content)
print(result)
if result != 0:
results = UsersRDB.find_post_by_authors(curr_user)
else:
results = []
rsp_status = 200
except Exception as e:
results = "Cannot create the post! Please try again."
rsp_status = 404
full_rsp = Response(results,
status=rsp_status,
content_type="application/json")
return full_rsp
def update_email(cls, user_info, email):
for f in UsersService.required_email_fields:
v = user_info.get(f, None)
if v is None:
raise ServiceException(ServiceException.missing_field,
"Missing field = " + f)
result = UsersRDB.update_email(user_info, email)
return result
def delete_user(cls, user_info):
for f in UsersService.required_delete_fields:
v = user_info.get(f, None)
if v is None:
raise ServiceException(ServiceException.missing_field,
"Missing field = " + f)
result = UsersRDB.delete_user(user_info)
return result
def t2():
usr = {
"last_name": "Baggins",
"first_name": "Frodo",
"id": str(uuid4()),
"email": "*****@*****.**",
"status": "PENDING",
"password": "******"
}
res = UsersRDB.create_user(user_info=usr)
print("Res = ", res)
def update_user(cls, user_info):
for f in UsersService.required_create_fields:
v = user_info.get(f, None)
if f == 'email':
if v.find('@') == -1:
raise ServiceException(ServiceException.bad_data,
"Email looks invalid: " + v)
result = UsersRDB.update_user(user_info=user_info)
return result
def t2():
pwd = security.hash_password({"password": '******'})
usr = {
"last_name": "Baggins",
"first_name": "Frodo",
"id": str(uuid.uuid4()),
"email": "*****@*****.**",
"status": "PENDING",
"password": pwd
}
res = UsersRDB.create_user(user_info=usr)
def get_following_users():
try:
results = UsersRDB.get_following_users(g.user)
rsp_status = 200
except Exception as exp:
results = "Not Found"
rsp_status = 404
full_rsp = Response(results,
status=rsp_status,
content_type="application/json")
return full_rsp
def t4():
usr = {
"last_name": "testupdate",
"email": "*****@*****.**",
}
res = UsersRDB.update_user(user_info=usr)
print("Res = ", res)
#t1()
#t2()
#t3()
#t4()
def login():
"""
request_body_example = {
"username":"******",
"password":"******"
}
"""
user = request.json['username']
password = request.json['password']
print(generate_password_hash(password))
res = Authentication.validate({user: password})
if res:
encoded_password = jwt.encode({
'password': password,
'user': user
},
'secret',
algorithm='HS256').decode('utf-8')
rsp_data = {"result": res, "Token": encoded_password}
status = UsersRDB.get_user_status(user)
if status == 'ACTIVE':
rsp_status = 200
rsp_txt = json.dumps(rsp_data)
full_rsp = Response(rsp_txt,
status=rsp_status,
content_type="application/json")
full_rsp.headers["Token"] = encoded_password
else:
rsp_status = 403
rsp_txt = "User not Activated."
full_rsp = Response(rsp_txt,
status=rsp_status,
content_type="application/json")
else:
error = 'Invalid Credentials. Please try again.'
rsp_data = {"result": res, "error": error}
rsp_status = 504
rsp_txt = json.dumps(rsp_data)
full_rsp = Response(rsp_txt,
status=rsp_status,
content_type="application/json")
full_rsp.headers["Access-Control-Allow-Origin"] = allowed_url
full_rsp.headers["Access-Control-Allow-Headers"] = "Content-Type"
full_rsp.headers["Access-Control-Allow-Methods"] = "POST"
full_rsp.headers["Access-Control-Allow-Credentials"] = "true"
full_rsp.headers["Access-Control-Expose-Headers"] = "Token"
return full_rsp
def activate(email):
token = request.headers.get("Lambda-Token")
if token != security_middleware._secret:
# logger.debug("Invalid token: " + str(token) + " VS " + str(security_middleware._secret))
# logger.debug("Header received:\n" + str(request.headers))
return Response("Invalid Authorization Token",
status=401,
content_type="text/plain")
try:
user_data = UsersRDB.get_by_email(email, include_deleted=False)
if not user_data:
return Response("No such user found",
status=400,
content_type="text/plain")
if user_data["status"] == "ACTIVE":
return Response("User already activated",
status=200,
content_type="text/plain")
user_data["status"] = "ACTIVE"
UsersRDB.update(user_data)
full_rsp = Response("User successfully activated",
status=200,
content_type="text/plain")
except Exception as e:
log_msg = "/activate: Exception = " + str(e)
logger.error(log_msg)
rsp_status = 500
rsp_txt = "/activate INTERNAL SERVER ERROR."
full_rsp = Response(rsp_txt,
status=rsp_status,
content_type="text/plain")
return full_rsp
def get_by_uid(cls, uid):
result = {}
profiles = ProfileRDB.get_by_uid(uid)
if profiles is None:
result = "PROFILE NOT EXISTED"
else:
email = UsersRDB.query_by_parameters(params={"id": uid},
fields="email")
result["links"] = [{
"rel": "user",
"href": "/api/user/" + email[0]["email"],
"method": "GET"
}]
result["profiles"] = profiles
return result
def create_user(cls, user_info):
for f in UsersService.required_create_fields:
v = user_info.get(f, None)
if v is None:
raise ServiceException(ServiceException.missing_field,
"Missing field = " + f)
if f == 'email':
if v.find('@') == -1:
raise ServiceException(ServiceException.bad_data,
"Email looks invalid: " + v)
user_info['id'] = str(uuid.uuid4())
result = UsersRDB.create_user(user_info=user_info)
return result
def update_profile_by_id(cls, pid, profile):
new_values = []
uid, entries = profile['user_id'], profile['profile_entries']
if entries:
for entry in entries:
new_values.append({
"profile_id": pid,
"user_id": uid,
"element_type": entry["type"],
"element_subtype": entry["subtype"],
"element_value": entry["value"],
})
result = UsersRDB.update_profile_by_id(pid, new_values)
return result
def create_user(cls, user_info):
for f in UsersService.required_create_fields:
v = user_info.get(f, None)
if v is None:
raise ServiceException(ServiceException.missing_field,
"Missing field = " + f)
if f == 'email':
if v.find('@') == -1:
raise ServiceException(ServiceException.bad_data,
"Email looks invalid: " + v)
result = UsersRDB.create_user(user_info=user_info)
# Publish a simple message to the specified SNS topic
email = {'customers_email': user_info.get('email')}
publish_it(json.dumps(email))
return result
def create_user(cls, user_info):
for f in UsersService.required_create_fields:
v = user_info.get(f, None)
if v is None:
raise ServiceException(ServiceException.missing_field,
"Missing field = " + f)
if f == 'email':
if v.find('@') == -1:
raise ServiceException(ServiceException.bad_data,
"Email looks invalid: " + v)
result = UsersRDB.create_user(user_info=user_info)
email = user_info.get("email", None)
msg = {"email": email}
notification.publish_it(msg)
return result
def create_user(cls, user_info):
for f in UsersService.required_create_fields:
v = user_info.get(f, None)
if v is None:
raise ServiceException(ServiceException.missing_field,
"Missing field = " + f)
if f == 'email':
if v.find('@') == -1:
raise ServiceException(ServiceException.bad_data, "Email looks invalid: " + v)
result = UsersRDB.create_user(user_info=user_info)
email = user_info.get('email', None)
response = boto3.client('sns',region_name='us-east-1').publish(
TopicArn='arn:aws:sns:us-east-1:270598185649:user_created',
Message = json.dumps({'customers_email' : email }),
)
# # Print out the response
# print(response)
return result
def login():
email = request.args.get("email")
password = request.args.get("password")
valid = all([email, password])
if not valid:
return Response("Invalid Argument",
status=400,
content_type="text/plain")
try:
user_data = UsersRDB.get_by_email(email, include_deleted=False)
if not user_data:
return Response("No such user found",
status=400,
content_type="text/plain")
if user_data.get("password", None) != password:
return Response("Incorrect password",
status=400,
content_type="text/plain")
token = security_middleware.generate_token(user_data)
header = {"Login-Token": token}
full_rsp = Response(json.dumps(user_data),
status=200,
content_type="json/application",
headers=header)
# full_rsp = Response("Login Successful: " + user_data.get("first_name", "user") + " " +
# user_data.get("last_name", "user") + "\nSTATUS: " + user_data.get("status", "PENDING"),
# status=200, content_type="text/plain", headers=header)
except Exception as e:
logger.error("Login error: " + str(e))
rsp_txt = "INTERNAL SERVER ERROR when running login"
full_rsp = Response(rsp_txt, status=500, content_type="text/plain")
return full_rsp
def validate(cls, info):
(user_email, user_password), = info.items()
res = UsersRDB.validate_info(user_email)
return check_password_hash(res, user_password)
