def usersignup():
data = request.json
user = data.get('user', None)
email = user.get('email', '')
password = data.get('password', None)
# Check that the email isn't in use.
existing_user = store.session.query(User).filter(
User.email==email, User.active==True).first()
if existing_user is not None:
response = base_routes.make_bad_request_response(
'That email address is already associated with an account.')
elif password is None:
response = base_routes.make_bad_request_response(
'A password was not specified.');
else:
user = User.admin_deserialize_add(user)
error_messages = user.set_password(password)
if error_messages:
error_message = ', '.join(error_messages)
response = base_routes.make_bad_request_response(error_message)
else:
store.session.add(user)
store.session.commit()
error_message = mail_actions.request_signup_email_confirmation(user)
secret = user.make_api_key()
serialized = user.serialize(user)
response_data = {
'data': serialized,
'apiKey': secret.key,
'warningMessage': 'Failed to send email confirmation: {0}'.format(error_message)
}
response = jsonify(response_data)
return response
def post_picture(user_id):
user = get_requesting_user()
if user_id != user.id:
return base_routes.make_not_authorized_response()
image_file = request.files['file']
if not image_file:
return base_routes.make_bad_request_response('missing image data')
image_data = image_file.read()
if not is_allowable_image(image_data):
return base_routes.make_bad_request_response('unallowed image type')
filename = image_to_user_filename(image_data, user_id)
store_image(image_file, filename)
user.picture_filename = filename
store.session.add(user)
store.session.commit()
logger.info('Saving image {!r}'.format(filename))
return base_routes.make_OK_response()
def post_picture(user_id):
user = get_requesting_user()
if user_id != user.id:
return base_routes.make_not_authorized_response()
image_file = request.files['file']
if not image_file:
return base_routes.make_bad_request_response('missing image data')
image_data = image_file.read()
if not is_allowable_image(image_data):
return base_routes.make_bad_request_response(
'unallowed image type')
filename = image_to_user_filename(image_data, user_id)
store_image(image_file, filename)
user.picture_filename = filename
store.session.add(user)
store.session.commit()
logger.info('Saving image {!r}'.format(filename))
return base_routes.make_OK_response()
def endpoint(requester):
data = request.get_json()
if data is None:
return make_bad_request_response(
'Please provide JSON payload for tracking')
next_path = data.get('next_path', '')[:255]
prev_path = data.get('prev_path', '')[:255]
if record_view(requester.id, next_path, prev_path):
return '', HTTPStatus.NO_CONTENT
return make_bad_request_response(
'Please provide non-empty `next_path` and `prev_path` to track')
def get_search_results(id, page):
page = int(page)
requester = get_requesting_user()
if requester is None:
response = base_routes.make_not_authorized_response()
elif not is_integer(id):
response = base_routes.make_bad_request_response()
else:
search = store.session.query(Search).filter_by(id=id).first()
if search is None:
response = base_routes.make_not_found_response()
else:
if search.has_admin_rights(requester):
matching_searches = search_utils.find_matching_searches(
search, page)
serialized = [
search.serialize(
requester,
exclude=[],
) for search in matching_searches
]
response_data = {'data': serialized}
response = jsonify(response_data)
else:
response = base_routes.make_forbidden_response()
return response
def get_search_results(id, page):
page = int(page)
requester = get_requesting_user()
if requester is None:
response = base_routes.make_not_authorized_response()
elif not is_integer(id):
response = base_routes.make_bad_request_response()
else:
search = store.session.query(Search).filter_by(id=id).first()
if search is None:
response = base_routes.make_not_found_response()
else:
if search.has_admin_rights(requester):
matching_searches = search_utils.find_matching_searches(search, page)
serialized = [
search.serialize(
requester,
exclude=[],
) for search in matching_searches
]
response_data = {'data': serialized}
response = jsonify(response_data)
else:
response = base_routes.make_forbidden_response()
return response
def usersignup():
data = request.json
user = data.get('user', None)
email = user.get('email', '')
password = data.get('password', None)
# Check that the email isn't in use.
existing_user = store.session.query(User)
existing_user = existing_user.filter(User.email == email,
User.active == True)
existing_user = existing_user.first()
if existing_user is not None:
response = base_routes.make_bad_request_response(
'That email address is already associated with an account.', )
elif password is None:
response = base_routes.make_bad_request_response(
'A password was not specified.')
else:
try:
user = User.admin_deserialize_add(user)
error_messages = user.set_password(password)
if error_messages:
error_message = ', '.join(error_messages)
response = base_routes.make_bad_request_response(
error_message)
else:
store.session.add(user)
store.session.commit()
error_message = mail_actions.request_signup_email_confirmation(
user)
secret = user.make_api_key()
serialized = user.serialize(user)
warning_message = 'Failed to send email confirmation: {0}'.format(
error_message)
response_data = {
'data': serialized,
'apiKey': secret.key,
'warningMessage': warning_message,
}
response = jsonify(response_data)
except ValidationException as e:
response = base_routes.make_bad_request_response(str(e))
return response
def reset_password():
data = request.json
key = data.get('key', '')
password = data.get('password', '')
if key == '':
response = base_routes.make_bad_request_response(
'Did not receive a key with password reset request.')
elif password == '':
response = base_routes.make_bad_request_response(
'Received password to reset to was blank.')
else:
user, error_messages = mail_actions.process_password_reset(key, password)
if error_messages:
error_message = ', '.join(error_messages)
response = base_routes.make_bad_request_response(error_message)
elif user is None:
response = base_routes.make_bad_request_response()
else:
response = base_routes.make_single_response(user, user)
return response
def reset_password():
data = request.json
key = data.get('key', '')
password = data.get('password', '')
if key == '':
response = base_routes.make_bad_request_response(
'Did not receive a key with password reset request.', )
elif password == '':
response = base_routes.make_bad_request_response(
'Received password to reset to was blank.', )
else:
user, error_messages = mail_actions.process_password_reset(
key, password)
if error_messages:
error_message = ', '.join(error_messages)
response = base_routes.make_bad_request_response(error_message)
elif user is None:
response = base_routes.make_bad_request_response()
else:
response = base_routes.make_single_response(user, user)
return response
def confirm_email():
data = request.json
key = data.get('key', '')
if key == '':
response = base_routes.make_bad_request_response(
'Did not receive a key with email confirmation.')
else:
user, error_messages = mail_actions.process_confirm_email(key)
if error_messages:
error_message = ', '.join(error_messages)
response = base_routes.make_bad_request_response(error_message)
elif user is None:
response = base_routes.make_bad_request_response()
else:
secret = user.make_api_key()
serialized = user.serialize(user)
response_data = {
'data': serialized,
'apiKey': secret.key,
}
response = jsonify(response_data)
return response
def confirm_email():
data = request.json
key = data.get('key', '')
if key == '':
response = base_routes.make_bad_request_response(
'Did not receive a key with email confirmation.', )
else:
user, error_messages = mail_actions.process_confirm_email(key)
if error_messages:
error_message = ', '.join(error_messages)
response = base_routes.make_bad_request_response(error_message)
elif user is None:
response = base_routes.make_bad_request_response()
else:
secret = user.make_api_key()
serialized = user.serialize(user)
response_data = {
'data': serialized,
'apiKey': secret.key,
}
response = jsonify(response_data)
return response
def post_picture(user_id):
requester = get_requesting_user()
if (user_id == requester.id):
user = requester
f = request.files['file']
if f:
filename = process_filename(f.filename, user_id)
if filename is None:
response = base_routes.make_bad_request_response()
else:
conn = tinys3.Connection(
config.S3_USERNAME, config.S3_KEY, tls=True)
# Upload it. Set cache expiry time to 1 hr.
conn.upload(filename, f, config.S3_BUCKETNAME,
expires=3600)
user.picture_filename = filename
store.session.add(user)
store.session.commit()
response = base_routes.make_OK_response()
else:
response = base_routes.make_bad_request_response()
else:
response = base.routes.make_forbidden_response()
return response