def register():
form = request.form
if request.method == 'POST':
user = models.user.User(email=form.get('email'),
first_name=form.get('first_name'),
last_name=form.get('last_name'),
classe=form.get('classe'))
user.create()
userAuth = UserAuth(username=form.get('username'),
password=user_manager.hash_password(
form.get('password')),
user=user)
userAuth.create()
return jsonify({'result': True, 'user': user}), 201
return jsonify({'result': False}), 400
async def remove_user(user_auth: UserAuth):
"""Delete user and all of their art collections."""
s, d = user_auth.authorize(art_json)
if s != status.HTTP_200_OK:
raise HTTPException(status_code=s, detail=d)
# Delete art collections
for aid in art_json["users"][user_auth.username]["the_art"]:
del art_json["arts"][aid]
# Delete user
del art_json["users"][user_auth.username]
save_the_art()
async def add_art(aid: str, user_auth: UserAuth, art_list: List[Art]):
"""Add works of art to assemblage by reference hosted location."""
s, d = user_auth.authorize(art_json)
if s != status.HTTP_200_OK:
raise HTTPException(status_code=s, detail=d)
if aid not in art_json["users"][user_auth.username]["the_art"]:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="This user does not own the collection of art")
art_json["arts"][aid]["art"] += [art.__dict__ for art in art_list]
save_the_art()
async def update_assemblage(aid: str, user_auth: UserAuth, a_name: str):
"""Change the name of the assemblage."""
s, d = user_auth.authorize(art_json)
if s != status.HTTP_200_OK:
raise HTTPException(status_code=s, detail=d)
if aid not in art_json["users"][user_auth.username]["the_art"]:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="This user does not own the collection of art")
art_json["arts"][aid]["name"] = a_name
save_the_art()
async def create_assemblage(user_auth: UserAuth, a_name: str):
"""Create new art assemblage under the authenticating user with the name `a_name`."""
s, d = user_auth.authorize(art_json)
if s != status.HTTP_200_OK:
raise HTTPException(status_code=s, detail=d)
a = Assemblage()
a.name = a_name
art_json["arts"][a.id] = a.__dict__
art_json["users"][user_auth.username]["the_art"].append(a.id)
save_the_art()
return {"id": a.id}
async def delete_assemblage(user_auth: UserAuth, aid: str):
"""Delete assemblage with `id = aid` if the authenticating user owns it."""
s, d = user_auth.authorize(art_json)
if s != status.HTTP_200_OK:
raise HTTPException(status_code=s, detail=d)
if aid not in art_json["users"][user_auth.username]["the_art"]:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="This user does not own the collection of art")
art_json["users"][user_auth.username]["the_art"].remove(aid)
del art_json["arts"][aid]
save_the_art()
async def update_user(user_auth: UserAuth, new_user_info: User):
"""Change username or password using an auth token. Username and password are both
needed in the `new_user_info`, even if only one is changing."""
s, d = user_auth.authorize(art_json)
if s != status.HTTP_200_OK:
raise HTTPException(status_code=s, detail=d)
new_user_info.encryptPassword()
# Change username and password if something is different
art_json["users"][new_user_info.username] = art_json["users"][
user_auth.username]
art_json["users"][
new_user_info.username]["password"] = new_user_info.password
save_the_art()
def get_jwt_user(token):
CLIENT_ID = environ['CLIENT_ID']
try:
userinfo = id_token.verify_oauth2_token(token, requests.Request(),
CLIENT_ID)
except Exception as e:
raise BadRequest(str(e))
name = userinfo['name']
email = userinfo['email']
auth = UserAuth.query.get(email)
if not auth:
user = UserService().create_user(name, email)
auth = UserAuth(email=email, user=user)
db.session.add(auth)
db.session.commit()
else:
user = UserService().get_user_by_email(email)
print(user._id is None)
return create_access_token(identity=user._id)
async def remove_art(aid: str, user_auth: UserAuth, art_list: List[str]):
"""Delete works of art by name or hosted location"""
s, d = user_auth.authorize(art_json)
if s != status.HTTP_200_OK:
raise HTTPException(status_code=s, detail=d)
if aid not in art_json["users"][user_auth.username]["the_art"]:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="This user does not own the collection of art")
to_remove = []
for art_id in art_list:
for i in range(len(art_json["arts"][aid]["art"])):
art: Art = art_json["arts"][aid]["art"][i]
if art_id == art["name"] or art_id == art["src"]:
to_remove.append(i)
break
to_remove.sort(reverse=True)
for r in to_remove:
del art_json["arts"][aid]["art"][r]
save_the_art()