def api_register_user(*, email, name, passwd):
if not name or not name.strip():
raise apis.APIValueError('name')
if not email or not _RE_EAMIL.match(email):
raise apis.APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise apis.APIValueError('passwd')
users = yield from model.User.findAll('email=?', [email])
if len(users) > 0:
raise apis.APIError('register;faild', 'email', 'email is already use')
uid = model.next_id()
sha1_pass = '******' % (uid, passwd)
user = User(id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_pass.encode('utf-8')).hexdigest(),
image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
hashlib.md5(email.encode('utf-8')).hexdigest())
yield from user.save()
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '*******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_signin(*, email, passwd):
if not email:
raise apis.APIValueError('email', 'Invalid email')
if not passwd:
raise apis.APIValueError('passwd', 'Invalid password')
users = await User.findAll('email=?', [email])
if len(users) == 0:
raise apis.APIValueError('email', 'Email not exist')
user = users[0]
sha1 = hashlib.sha1()
sha1.update(user.id.encode('utf-8'))
sha1.update(b':')
sha1.update(passwd.encode('utf-8'))
if user.passwd != sha1.hexdigest():
raise apis.APIValueError('passwd', 'Invalid password.')
# authenticate ok, set cookie
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_update_blog(id, request, *, name, summary, content):
check_admin(request)
blog = await Blog.find(id)
if blog == None:
raise apis.APIResourceNotFoundError('blog')
if not name or not name.strip():
raise apis.APIValueError('name', 'name cannot be empty.')
if not summary or not summary.strip():
raise apis.APIValueError('summary', 'summary cannot be empty.')
if not content or not content.strip():
raise apis.APIValueError('content', 'content cannot be empty.')
blog.name = name.strip()
blog.summary = summary.strip()
blog.content = content.strip()
await blog.update()
return blog
async def api_create_blog(request, *, name, summary, content):
check_admin(request)
if not name or not name.strip():
raise apis.APIValueError('name', 'name cannot be empty.')
if not summary or not summary.strip():
raise apis.APIValueError('summary', 'summary cannot be empty.')
if not content or not content.strip():
raise apis.APIValueError('content', 'content cannot be empty.')
blog = Blog(user_id=request.__user__.id,
user_name=request.__user__.name,
user_image=request.__user__.image,
name=name.strip(),
summary=summary.strip(),
content=content.strip())
await blog.save()
return blog
def authenticate(*, email, passwd):
if not email:
raise apis.APIValueError('email', 'invalid eamil')
if not passwd:
raise apis.APIValueError('passwd', 'invalid passwd')
users = yield from User.findAll('email=?', [email])
if len(users) == 0:
raise apis.APIValueError('email', 'email is not exist')
user = users[0]
sha1 = hashlib.sha1()
sha1.update(user.id.encode('utf-8'))
sha1.update(passwd.encode('utf-8'))
if user.passwd != sha1.hexdigest():
raise apis.APIValueError('passwd', 'invalid passwd')
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = "******"
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_create_comment(id, request, *, content):
user = request.__user__
if user is None:
raise apis.APIPermissionError('please signin first.')
if not content:
raise apis.APIValueError('content')
blog = await Blog.find(id)
if blog is None:
raise apis.APIResourceNotFoundError('Blog')
comment = Comment(blog_id=blog.id,
user_id=user.id,
user_name=user.name,
user_image=user.image,
content=content.strip())
await comment.save()
return comment