def verify_token(token):
try:
payload = jwt.decode(token, secret, algorithms="HS256")
return {
"success": True,
"payload": payload
}
except jwt.ExpiredSignatureError as err:
return std_response(False, message="expired token")
except jwt.DecodeError as err:
return std_response(False, message="decode error")
# easter egg :)
return std_response(False, message="python failed successfully!")
def exposed_update_handler(self, data):
op = data.get("op")
if op == "section":
if data.get("instructor_id"):
try:
cur.execute(
"UPDATE public.sections SET instructor_id_instructors=%s WHERE section_id = %s;",
[data["instructor_id"], data["section_id"]])
self.db_conn.commit()
cur.close()
return std_response(True,
message="Operation ended successfully")
except Exception as err:
self.db_conn.rollback()
return std_response(False, message="An error occur")
elif data.get("section_code"):
try:
cur.execute(
"UPDATE public.sections SET section_code=%s WHERE section_id = %s;",
[data["section_code"], data["section_id"]])
self.db_conn.commit()
cur.close()
return std_response(True,
message="Operation ended successfully")
except Exception as err:
self.db_conn.rollback()
return std_response(False, message="An error occur")
elif data.get("course_id"):
try:
cur.execute(
"UPDATE public.sections SET course_id_courses=%s WHERE section_id = %s;",
[data["course_id"], data["section_id"]])
self.db_conn.commit()
cur.close()
return std_response(True,
message="Operation ended successfully")
except Exception as err:
self.db_conn.rollback()
return std_response(False, message="An error occur")
elif op == "exam":
if data.get("type"):
try:
cur.execute(
"UPDATE public.exam SET type=%s WHERE exam_id=%s;",
[data["type"], data["exam_id"]])
self.db_conn.commit()
cur.close()
return std_response(True,
message="Operation ended successfully")
except Exception as err:
self.db_conn.rollback()
return std_response(False, message="An error occur")
else:
return std_response(False, message="Operation doesn't match")
def exposed_add_new_user(self, data):
cur = self.db_conn.cursor()
hash_password = self._take_care_password(data["password"], data["email"])
try:
cur.execute("INSERT INTO public.people(password, name, lastname, school_no, email) VALUES (%s, %s, %s, %s, %s);", [
hash_password,
data["name"],
data["lastname"],
data["school_no"],
data["email"]
])
except Exception as e:
self.db_conn.rollback()
cur.close()
return std_response(False, message="An error occur on operation")
self.db_conn.commit()
cur.close()
return std_response(True, message="new user added successfully")
def exposed_assign_handler(self, data):
cur = self.db_conn.cursor()
user_id = db_operations.get_user_row(["id"], data["email"])
user_id = user_id[0] if user_id and len(user_id) > 0 else None
user_id = user_id[0] if user_id and len(user_id) > 0 else None
if user_id is None:
return std_response(
False, "There is no user who has <%s> email" % (data["email"]))
if data["op"] == "instructor":
try:
cur.execute(
"INSERT INTO public.instructors(instructor_id, id_people, department_id_departments) VALUES (%s, %s, %s);",
[user_id, user_id, data["department_id"]])
self.db_conn.commit()
cur.close()
return std_response(True, "User becomes instructor")
except Exception as err:
print(err)
return std_response(False, message="Task failed")
elif data["op"] == "student":
try:
cur.execute(
"INSERT INTO public.students(student_id, id_people, department_id_departments) VALUES (%s, %s, %s);",
[user_id, user_id, data["department_id"]])
self.db_conn.commit()
cur.close()
return std_response(True, "User becomes student")
except Exception as err:
print(err)
return std_response(False, message="Task failed")
elif data["op"] == "admin":
try:
cur.execute(
"INSERT INTO public.admins(admin_id, id_people)VALUES (%s, %s);",
[user_id, user_id])
self.db_conn.commit()
cur.close()
return std_response(True, "User becomes admin")
except Exception as err:
print(err)
return std_response(False, message="Task failed")
else:
return std_response(False, message="Operation doesn't match")
def on_post(self, req, resp):
body = req.context.get("body")
if not body:
raise falcon.HTTPBadRequest(title="Body is empty")
user_type = take_user_type(req.context["user"]["email"])
if user_type is None:
raise falcon.HTTPBadRequest(title="No user")
if user_type not in [user_types[1], user_types[0]]:
raise falcon.HTTPBadRequest(title="Unauthorized user")
if body.get("exam_id") is None:
raise falcon.HTTPBadRequest(title="There is no exam_id key")
if body.get("exam_pdf") is None:
raise falcon.HTTPBadRequest(title="There is no exam_pdf key")
if len(body.get("exam_pdf")) == 0:
raise falcon.HTTPBadRequest(title="exam_pdf is empty")
data = {"exam_id": body.get("exam_id")}
file_service = connect_rpc(service=services["file_service"])
exam_uuid = file_service.root.exam_file(data)
if exam_uuid is None:
raise falcon.HTTPBadRequest(title="Task failed")
file_dir = os.path.join(data_path, str(exam_uuid))
os.makedirs(file_dir)
file_dir = os.path.join(file_dir, "original_file")
file = open(file_dir, "wb")
file.write(body.get("exam_pdf"))
file.close()
resp.context["result"] = std_response(
True, message="File transferred successfully")
def exposed_get_token(self, data):
cur = self.db_conn.cursor()
email = data["email"]
password = data["password"]
hash_password = self._take_care_password(password, email)
cur.execute("SELECT * FROM public.people WHERE email = %s AND password = %s", [email, hash_password])
rows = cur.fetchall()
cur.close()
response = []
for row in rows:
response.append(row)
if len(response) == 0:
return std_response(False, message="Wrong email or password")
response = response[0]
user_id = response[0]
token = jwt.encode({
"exp": datetime.datetime.utcnow() + datetime.timedelta(hours=2),
"name": response[2],
"lastname": response[3],
"school_no": response[4],
"email": response[5],
"expire_time": 2
}, secret, algorithm="HS256")
return {
"success": True,
"token_type": "jwt",
"token": token.decode()
}
def exposed_create_handler(self, data):
cur = self.db_conn.cursor()
if data["op"] == "exam":
try:
cur.execute(
"INSERT INTO public.exam(type) VALUES (%s) RETURNING exam_id;",
[data["type"]])
exam_id = cur.fetchone()[0]
section_ids = list(map(int, data["section_ids"].split(",")))
values = [[exam_id, v] for v in section_ids]
cur.executemany(
"INSERT INTO public.many_exam_has_many_sections(exam_id_exam, section_id_sections) VALUES (%s, %s);",
values)
self.db_conn.commit()
cur.close()
return std_response(True, "Exam added successfully")
except Exception as err:
print(err)
return std_response(False, "Task failed")
elif data["op"] == "section":
try:
cur.execute(
"INSERT INTO public.sections(section_code, course_id_courses, instructor_id_instructors) VALUES (%s, %s, %s);",
[
data["section_code"], data["course_id"],
data["instructor_id"]
])
self.db_conn.commit()
cur.close()
return std_response(True, "Section added successfully")
except Exception as err:
print(err)
return std_response(False, "Task failed")
elif data["op"] == "course":
try:
cur.execute(
"INSERT INTO public.courses(name, course_code, department_id_departments) VALUES (%s, %s, %s);",
[data["name"], data["course_code"], data["department_id"]])
self.db_conn.commit()
cur.close()
return std_response(True, "Course added successfully")
except Exception as err:
print(err)
return std_response(False, "Task failed")
elif data["op"] == "faculty":
try:
cur.execute(
"INSERT INTO public.faculties(name, university_id_universities) VALUES (%s, %s);",
[data["name"], data["university_id"]])
self.db_conn.commit()
cur.close()
return std_response(True, "Faculty added successfully")
except Exception as err:
print(err)
return std_response(False, "Task failed")
elif data["op"] == "department":
try:
cur.execute(
"INSERT INTO public.departments(name, faculty_id_faculties) VALUES (%s, %s);",
[data["name"], data["faculty_id"]])
self.db_conn.commit()
cur.close()
return std_response(True, "Department added successfully")
except Exception as err:
print(err)
return std_response(False, "Task failed")
elif data["op"] == "university":
try:
cur.execute(
"INSERT INTO public.universities(name, s_name) VALUES (%s, %s);",
[data["name"], data["s_name"]])
self.db_conn.commit()
cur.close()
return std_response(True, "University added successfully")
except Exception as err:
print(err)
return std_response(False, "Task failed")
else:
return std_response(False, message="Operation doesn't match")