def POST(self): """ :param str csid_from_client: Csid string from client :param str logintoken: Logintoken :response_data: 'id', 'name', 'about', 'city', 'country','hometown', 'about', 'email', 'pic', 'website', 'facebook', 'twitter', 'getlist_privacy_level', 'private', 'bg', 'bgx', 'bgy', 'show_views', 'views', 'username', 'zip', 'linkedin', 'gplus', 'bg_resized_url', 'headerbgy', 'headerbgx' :to test: curl --data "logintoken=UaNxct7bJZ&csid_from_client=123" http://localhost:8080/api/profile/userinfo/get """ request_data = web.input() if not self.is_request_valid(request_data): return api_response(data={}, status=405, error_code="Required args are missing") status, response_or_user = self.authenticate_by_token( request_data.pop('logintoken')) # User id contains error code if not status: return response_or_user response = {field: response_or_user[field] for field in self._fields} response['resized_url'] = photo_id_to_url(response['pic_id']) response['bg_resized_url'] = photo_id_to_url(response['bg_id']) csid_from_client = request_data.pop('csid_from_client') csid_from_server = response_or_user['seriesid'] self.format_birthday(response_or_user, response) return api_response(data=response, csid_from_client=csid_from_client, csid_from_server=csid_from_server)
def POST(self): """ Change user password and get/store new logintoken :param str csid_from_client: Csid string from client :param str logintoken: Logintoken :param str old_password: current password of the user :param str new_password, new_password2: The new password typed 2 times :response_data: new clinet token :to test: """ request_data = web.input() save_api_request(request_data) client_token = request_data.get("logintoken") status, response_or_user = self.authenticate_by_token(client_token) if not status: return response_or_user old_password = request_data.get("old_password") new_password = request_data.get("new_password") new_password2 = request_data.get("new_password2") pw_salt = response_or_user['pw_salt'] pw_hash = response_or_user['pw_hash'] status, error = self.passwords_validation(pw_salt, pw_hash, old_password, new_password, new_password2, response_or_user["username"], response_or_user["email"]) if status: new_password_hash = self.create_password(pw_salt, new_password) db.update('users', pw_hash=new_password_hash, vars={'id': response_or_user["id"]}, where="id=$id") # re_login user with new password sess = session.get_session() auth.login_user(sess, response_or_user["id"]) user = db.select('users', {'id': response_or_user["id"]}, where='id=$id')[0] response = api_response( client_token=user.get('logintoken'), csid_from_client=request_data.get("csid_from_client"), csid_from_server=user.get('seriesid')) else: data = {} user = db.select('users', {'id': response_or_user["id"]}, where='id=$id')[0] csid_from_server = user.get('seriesid') csid_from_client = request_data.get("csid_from_client") response = api_response(data=data, status=400, error_code=error, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): """ :param str csid_from_client: Csid string from client :param str logintoken: logintoken of user :param file file: file for saving :response data: returns id, original_url, resized_url of saved picture :to test: curl -F "csid_from_client=1" -F "logintoken=AmWG6AhgPO" -F "file=@/image/for/test.jpg" http://localhost:8080/api/profile/userinfo/upload_bg """ data = {} status = 200 csid_from_server = None error_code = "" request_data = web.input(file={}) logintoken = request_data.get('logintoken') user_status, user = self.authenticate_by_token(logintoken) # User id contains error code if not user_status: return user csid_from_server = user['seriesid'] csid_from_client = request_data.get("csid_from_client") file_obj = request_data.get('file') # For some reason, FileStorage object treats itself as False if type(file_obj) == dict: return api_response(data={}, status=405, error_code="Required args are missing") album, album_created = self._get_or_create_album( user['id'], 'backgrounds') photo = self._save_in_database(file_obj, 1100, album.id) user_to_update = web.ctx.orm.query(User)\ .filter(User.id == user['id'])\ .first() user_to_update.bg = photo if album_created: album.cover = photo web.ctx.orm.commit() data['id'] = photo.id data['original_url'] = photo.original_url data['resized_url'] = photo.resized_url response = api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): """ :param str csid_from_client: Csid string from client :param str logintoken: Logintoken :param str username: Username :param str username: id :response_data: 'id', 'name', 'about', 'city', 'country','hometown', 'about', 'email', 'pic', 'website', 'facebook', 'twitter', 'getlist_privacy_level', 'private', 'bg', 'bgx', 'bgy', 'show_views', 'views', 'username', 'zip', 'linkedin', 'gplus', 'bg_resized_url', 'headerbgy', 'headerbgx' :to test: - curl --data "csid_from_client=11&id=78&logintoken=RxPu7fLYgv" http://localhost:8080/api/profile/userinfo/info - curl --data "csid_from_client=11&username=Oleg&logintoken=RxPu7fLYgv" http://localhost:8080/api/profile/userinfo/info """ request_data = web.input() profile = request_data.get("username", "") user_id = request_data.get("id", 0) logintoken = request_data.get("logintoken", "") if not self.is_request_valid(request_data): return api_response(data={}, status=405, error_code="Required args are missing") if not profile and not user_id: error_code = "This function requires either profile or user_id" return api_response(data={}, status=405, error_code=error_code) status, response_or_user = self.authenticate_by_token(logintoken) if not status: return api_response(data={}, status=405, error_code="You need to log in first") user = UserProfile.query_user(profile=profile, user_id=user_id) if not user: return api_response(data={}, status=405, error_code="User was not found") followers = UserProfile\ .query_followed_by(profile_owner=user.id, current_user=response_or_user["id"]) user.follower_count = len(followers) follow = UserProfile\ .query_following(profile_owner=user.id, current_user=response_or_user["id"]) user.follow_count = len(follow) csid_from_client = request_data.pop('csid_from_client') csid_from_server = "" return api_response(data=user.to_serializable_dict(), csid_from_client=csid_from_client, csid_from_server=csid_from_server)
def POST(self): """ Updates profile with fields sent from the client, returns saved fields. :param str csid_from_client: Csid string from client :param str logintoken: Logintoken :param str <field>: The field which will be changed :response_data: returns changed field :to test: curl --data "logintoken=UaNxct7bJZ&twitter=1&csid_from_client=1" http://localhost:8080/api/profile/userinfo/update """ request_data = web.input() if not self.is_request_valid(request_data): return api_response(data={}, status=405, error_code="Required args are missing") csid_from_client = request_data.pop('csid_from_client') status, response_or_user = self.authenticate_by_token( request_data.pop('logintoken')) # Login was not successful if not status: return response_or_user to_insert = {} birthday = [ value for key, value in request_data.items() if key in self._birthday_fields ] if len(birthday) in [1, 2]: error_code = "Birthday date incomplete" return api_response(data={}, status=405, error_code=error_code) elif len(birthday) == 3: to_insert['birthday'] = datetime.strptime("-".join(birthday), "%Y-%d-%m") for field in self._fields: item = request_data.get(field) if item: to_insert[field] = item if len(to_insert) > 0: db.update('users', where='id = %s' % (response_or_user['id']), **to_insert) csid_from_server = response_or_user['seriesid'] return api_response(data=request_data, csid_from_client=csid_from_client, csid_from_server=csid_from_server)
def POST(self): """ :param str csid_from_client: Csid string from client :param str logintoken: username_or_email :response data: returns 'ok' or 'notfound' :to test: curl --data "csid_from_client=1&username_or_email=oleg" http://localhost:8080/api/profile/test-username """ request_data = web.input() username_or_email = request_data.get('username_or_email') vars = {'username_or_email': username_or_email} # Trying to find a user with same username result = db.select('users', vars=vars, where='username=$username_or_email') # Fallback, trying to find user with same email if len(result.list()) == 0: result = db.select('users', vars=vars, where='email=$username_or_email') if len(result.list()) == 0: status = 'notfound' else: status = 'ok' csid_from_client = request_data.get('csid_from_client') csid_from_server = "" return api_response(data=status, csid_from_server=csid_from_server, csid_from_client=csid_from_client)
def POST(self, query_type): """ Depending on query_type returns a list of users, following or followed by current user :param str logintoken: Login token to authenticate current user :param str user_id: Quieried user id. :to test: curl --data "csid_from_client=1&user_id=78&logintoken=RxPu7fLYgv" http://localhost:8080/api/social/query/following :to test: curl --data "csid_from_client=1&user_id=78&logintoken=RxPu7fLYgv" http://localhost:8080/api/social/query/followed-by :response data: list of users """ data = web.input() user_id = data.get("user_id") logintoken = data.get("logintoken", "") status, response_or_user = self.authenticate_by_token(logintoken) # Login was not successful if not status: return response_or_user if not user_id: return e_response('user_id is required', 400) if 0 == web.ctx.orm.query(User).filter(User.id == user_id).count(): return e_response('User with id %s is not found' % user_id, 404) if "followed-by" == query_type: follows = UserProfile.query_followed_by(user_id, response_or_user.id) else: follows = UserProfile.query_following(user_id, response_or_user.id) csid_from_client = data.pop('csid_from_client') return api_response(data=follows, csid_from_client=csid_from_client, csid_from_server="")
def access_denied(error_code="Default error: access_denied"): """ Access denied errors """ data = {} status = 405 return api_response(data=data, status=status, error_code=error_code)
def POST(self): """ Updates profile with fields sent from the client, returns saved fields. :param str csid_from_client: csid from client key :param str getlist_privacy_level/private: controls privacy level :param str logintoken: logintoken :response_data: Returns api response with 'getlist_privacy_level/private.' :to test: curl --data "logintoken=UaNxct7bJZ&twitter=1&csid_from_client=1" http://localhost:8080/api/profile/userinfo/update """ request_data = web.input() # Adding field to the list of required fields # self.required.append('getlist_privacy_level') if not self.is_request_valid(request_data): return api_response(data={}, status=405, error_code="Required args are missing") csid_from_client = request_data.pop('csid_from_client') data = {} privacy_level = request_data.get('getlist_privacy_level') private = request_data.get('private') if privacy_level: data['getlist_privacy_level'] = privacy_level if private: data['private'] = private status, response_or_user = self.authenticate_by_token( request_data.pop('logintoken')) # Login was not successful if not status: return response_or_user if len(data) > 0: db.update('users', where='id = %s' % (response_or_user['id']), **data) csid_from_server = response_or_user['seriesid'] return api_response(data=data, csid_from_client=csid_from_client, csid_from_server=csid_from_server)
def POST(self): """ :param str logintoken: Logintoken used fo authentication :param str content: Content of the message :param str user_id_list: List of user ids :param str csid_from_client: CSID from client :response data: empty """ request_data = web.input(user_id_list=[], ) data = {} status = 200 csid_from_server = None error_code = "" # Get data from request user_id_list = map(int, request_data.get("user_id_list")) content = request_data.get("content") csid_from_client = request_data.get('csid_from_client') logintoken = request_data.get('logintoken') user_status, user = self.authenticate_by_token(logintoken) if not content: status = 400 error_code = "Content cannot be empty" # User id contains error code if not user_status: return user csid_from_server = user['seriesid'] from_user_id = user['id'] if status == 200: for to_user_id in user_id_list: ids = sorted([to_user_id, from_user_id]) convo = db.select('convos', where='id1 = $id1 and id2 = $id2', vars={'id1': ids[0], 'id2': ids[1]})\ .list() if convo: convo_id = convo[0].id else: convo_id = db.insert('convos', id1=ids[0], id2=ids[1]) db.insert('messages', convo_id=convo_id, sender=from_user_id, content=content) response = api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): """ :param str logintoken: Logintoken used fo authentication :param str comment: Comment body :param str picture_id: Id if the photo to comment :param str csid_from_client: CSID from client :response data: echoes given comment """ request_data = web.input() data = {} status = 200 csid_from_server = None error_code = "" # Get data from request comment = request_data.get("comment") picture_id = request_data.get("picture_id") csid_from_client = request_data.get('csid_from_client') logintoken = request_data.get('logintoken') user_status, user = self.authenticate_by_token(logintoken) if not comment: status = 400 error_code = "Comment cannot be empty" if not picture_id: status = 400 error_code = "picture_id cannot be empty" # User id contains error code if not user_status: return user csid_from_server = user['seriesid'] from_user_id = user['id'] if status == 200: try: comment = PictureComment(picture_id, from_user_id, comment) web.ctx.orm.add(comment) web.ctx.orm.commit() if comment.id: data['comment'] = comment.to_serializable_dict() except IntegrityError as ex: web.ctx.orm.rollback() status = 502 error_code = ex.message response = api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): return api_response({ 'categories_list': list( db.select('categories', order='position desc, name', where='parent is null')) })
def POST(self): """ Returns all boards associated with a given user :param str csid_from_client: Csid string from client :param str user_id: id of the queried user :param str current_user_id: id of current user :response_data: returns all boards of a given user as a list :to test: curl --data "user_id=2&csid_from_client=1" http://localhost:8080/api/profile/userinfo/boards """ request_data = web.input() csid_from_client = request_data.get('csid_from_client') csid_from_server = "" current_user_id = request_data.get('current_user_id', 0) user_id = request_data.get('user_id') if not user_id: return api_response(data={}, status=405, error_code="Missing user_id") boards_query = """ SELECT b.id, b.name, b.description, bf.follower_id is not null as is_following FROM boards b LEFT JOIN boards_followers bf on bf.board_id = b.id and bf.follower_id = $cid WHERE b.user_id=$uid; """ boards_tmp = db.query(boards_query, vars={ 'uid': user_id, 'cid': current_user_id }) boards = [] for board in boards_tmp: pins_from_board = db.select('pins', where='board_id=$board_id', vars={'board_id': board['id']}) board['pins_ids'] = [] for pin_from_board in pins_from_board: if pin_from_board['id'] not in board['pins_ids']: board['pins_ids'].append(pin_from_board['id']) boards.append(board) return api_response(data=boards, csid_from_server=csid_from_server, csid_from_client=csid_from_client)
def POST(self): """ Share pins to social network Method PostingOnUserPage must receive next required params: :param str share_list: list of pin's ids :param str access_token: access token for social network :param str social_network: name of social network (for example 'facebook') :response data: list of pin ids to share, e.g. [10, 20, 30] """ request_data = web.input(share_list=[], ) # Get data from request share_list = map(int, request_data.get("share_list")) access_token = request_data.get("access_token") social_network = request_data.get("social_network") csid_from_client = request_data.get('csid_from_client') logintoken = request_data.get('logintoken') user_status, user = self.authenticate_by_token(logintoken) # User id contains error code if not user_status: return user csid_from_server = user['seriesid'] # Initialize default posted pins list posted_pins = [] # Setting default status code as 200 status = 200 # Setting empty error error_code = "" # Check input data and set appropriate code if not valid if not access_token or not social_network: status = 400 error_code = "Invalid input data" else: posted_pins, status, error_code = share( access_token, share_list, social_network, ) # Setting data for return data = {"posted_pins": posted_pins} response = api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): """ :param str logintoken: Logintoken used fo authentication :param str csid_from_client: CSID from client :param str pin_id: Identifier of the pin :response data: returns status: success, if like was added :example usage: curl --data "csid_from_client=1&logintoken=RxPu7fLYgv&pin_id=46" http://localhost:8080/api/social/pin/like-unlike """ request_data = web.input() csid_from_client = request_data.get('csid_from_client') logintoken = request_data.get('logintoken') status, user_or_response = self.authenticate_by_token(logintoken) if not status: return user_or_response csid_from_server = user_or_response['seriesid'] pin_id = request_data.get('pin_id') if not pin_id: error_code = "pin_id can't be empty" return api_response(data={}, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) if 0 == db.query('select count(*) as num from pins where id=$id', vars={'id': pin_id})[0].num: return e_response('Pin with id=%s nof found' % pin_id, 404) try: db.insert('likes', user_id=user_or_response["id"], pin_id=pin_id) except Exception: db.delete('likes', where='user_id = $uid and pin_id = $pid', vars={ 'uid': user_or_response["id"], 'pid': pin_id }) return api_response(data={'status': 'success'}, csid_from_client=csid_from_client, csid_from_server=csid_from_server)
def POST(self, profile): """ :param str csid_from_client: Csid string from client :param str profile: must be in url :response_data: returns a dict with 'status' key :to test: curl --data "csid_from_client=11&logintoken=RxPu7fLYgv" http://localhost:8080/api/profile/updateviews/oleg """ request_data = web.input() if not self.is_request_valid(request_data): return api_response(data={}, status=405, error_code="Required args are missing") data = {} error_code = '' # Checking if user has a valid logintoken status, response_or_user = self.authenticate_by_token( request_data.pop('logintoken')) # Login was not successful if not status: return response_or_user updated = db.update('users', where='username = $username', vars={'username': profile}, views=web.SQLLiteral('views + 1')) if 0 == updated: status = 404 error_code = 'User %s not found' % profile else: data["status"] = "success" csid_from_client = request_data.pop('csid_from_client') csid_from_server = "" return api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server)
def POST(self): """ :param str logintoken: Logintoken used fo authentication :param str csid_from_client: CSID from client :response data: returns a list of conversations """ request_data = web.input() data = {} status = 200 csid_from_server = None error_code = "" # Get data from csid_from_client = request_data.get('csid_from_client') logintoken = request_data.get('logintoken') user_status, user = self.authenticate_by_token(logintoken) # User id contains error code if not user_status: return user csid_from_server = user['seriesid'] from_user_id = user['id'] if status == 200: convos = db.query(''' select convos.*, users.name from convos join users on users.id = (case when convos.id1 = $id then convos.id2 else convos.id1 end) where id1 = $id or id2 = $id''', vars={'id': from_user_id})\ .list() if len(convos) > 0: data['conversations'] = convos else: data['conversations'] = [] response = api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): """ :param str csid_from_client: Csid string from client :param str logintoken: logintoken of user :param int picture_id: id of photo that you wish tis set as xover :response data: no extra rsponse :to test: curl --data "csid_from_client=1&picture_id=5&logintoken=XXXXXXX" http://localhost:8080/api/profile/userinfo/album_default_picture """ data = {} status = 200 csid_from_server = None error_code = "" request_data = web.input() logintoken = request_data.get('logintoken') picture_id = request_data.get('picture_id') user_status, user = self.authenticate_by_token(logintoken) # User id contains error code if not user_status: return user if not (picture_id and picture_id.isdigit()): return e_response('picture_id is required', 400) csid_from_server = user['seriesid'] csid_from_client = request_data.get("csid_from_client") if not self._set_picture(user['id'], picture_id): return e_response('Picture with id %s not found' % picture_id, 404) response = api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): """ :param str csid_from_client: Csid string from client :param str logintoken: logintoken of user :param int picture_id: id of photo that you wish to remove :response data: no extra rsponse :to test: curl --data "csid_from_client=1&picture_id=5&logintoken=XXXXXXX" http://localhost:8080/api/profile/userinfo/remove_pic """ request_data = web.input() logintoken = request_data.get('logintoken') picture_id = request_data.get('picture_id') user_status, user = self.authenticate_by_token(logintoken) # User id contains error code if not user_status: return user if not (picture_id and picture_id.isdigit()): return e_response('picture_id is required', 400) if not self._delete_picture(user['id'], picture_id): return e_response('Picture with id %s not found' % picture_id, 404) return api_response( csid_from_client=request_data.get("csid_from_client"), csid_from_server=user['seriesid'])
def POST(self): request_data = web.input() data = {} status = 200 csid_from_server = None error_code = "" csid_from_client = request_data.get('csid_from_client') logintoken = request_data.get('logintoken') user_status, user = self.authenticate_by_token(logintoken) # User id contains error code if not user_status: return user activation = user['activation'] if activation == 0: status = 400 error_code = "Your account is already activated" else: user_id = user['id'] email = user['email'] hashed = hash(str(activation)) send_activation_email(email, hashed, user_id) response = api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): """ Manage list of user products: sharing, add, remove Method for image_id_share_list must additional receive next :param str csid_from_client: Csid string from client :param str logintoken: Logintoken :param str social_network: e.g. facebook :response_data: returns added/removed/shared getlists """ request_data = web.input( image_id_remove_list=[], image_id_share_list=[], image_id_add_list=[], ) # Setting default status code as 200 status = 200 # Setting empty error error_code = "" save_api_request(request_data) login_token = request_data.get("logintoken") status_success, response_or_user = self.authenticate_by_token( login_token) if not status_success: return response_or_user csid_from_client = request_data.get('csid_from_client') access_token = request_data.get("access_token") social_network = request_data.get("social_network") image_id_add_list = map(int, request_data.get("image_id_add_list")) add_list_result = [] if len(image_id_add_list) > 0: add_list_result = self.add(response_or_user["id"], image_id_add_list) image_id_remove_list = map(int, request_data.get("image_id_remove_list")) remove_list_result = [] if len(image_id_remove_list) > 0: remove_list_result = self.remove(response_or_user["id"], image_id_remove_list) image_id_share_list = map(int, request_data.get("image_id_share_list")) share_list_result = [] if len(image_id_share_list) > 0: # Check input social data for posting if not access_token or not social_network: status = 400 error_code = "Invalid input data" else: share_list_result, status, error_code = self.sharing( access_token, social_network, image_id_share_list) csid_from_server = response_or_user.get('seriesid') data = { "added": add_list_result, "removed": remove_list_result, "shared": share_list_result, } response = api_response(data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): """ Returns all pins associated with a given user :param str csid_from_client: Csid string from client :param str user_id: id of the queried user :response_data: Returns list of pins of a current user :to test: curl --data "user_id=78&csid_from_client=1" http://localhost:8080/api/profile/userinfo/pins """ query = ''' select tags.tags, pins.*, users.pic_id as user_pic, users.username as user_username, users.name as user_name, count(distinct p1) as repin_count, count(distinct l1) as like_count from users left join pins on pins.user_id = users.id left join tags on tags.pin_id = pins.id left join pins p1 on p1.repin = pins.id left join likes l1 on l1.pin_id = pins.id where users.id = $id group by tags.tags, pins.id, users.id order by timestamp desc''' request_data = web.input() csid_from_client = request_data.get('csid_from_client') csid_from_server = "" user_id = request_data.get('user_id') if not user_id: return api_response(data={}, status=405, error_code="Missing user_id") results = db.query(query, vars={'id': user_id}) pins = [] current_row = None pins_counter = 0 owned_pins_counter = 0 for row in results: if not row.id: continue if not current_row or current_row.id != row.id: current_row = row tag = row.tags current_row.tags = [] if tag: current_row.tags.append(tag) current_row_dt = datetime.fromtimestamp(current_row.timestamp) pins.append(current_row) if not current_row.get("repin"): owned_pins_counter += 1 else: tag = row.tags if tag not in current_row.tags: current_row.tags.append(tag) pins_counter += 1 data = {"total": pins_counter, "total_owned": owned_pins_counter} page = int(request_data.get("page", 1)) if page is not None: items_per_page = int(request_data.get("items_per_page", 10)) if items_per_page < 1: items_per_page = 1 data['pages_count'] = math.ceil( float(len(pins)) / float(items_per_page)) data['pages_count'] = int(data['pages_count']) data['page'] = page data['items_per_page'] = items_per_page start = (page - 1) * items_per_page end = start + items_per_page data['pins_list'] = pins[start:end] else: data['pins_list'] = pins return api_response(data=data, csid_from_server=csid_from_server, csid_from_client=csid_from_client)
def POST(self): """ Method register must receive next additional params: uname - user name pwd - user password email - user email complete_name - user first name language - user language output response also included: login_token for new user, hashed_activation for activation-email """ request_data = web.input() data = {} save_api_request(request_data) csid_from_client = request_data.get('csid_from_client') uname = request_data.get("uname") pwd = request_data.get("pwd") email = request_data.get("email") complete_name = request_data.get("complete_name") # last_name = request_data.get("last_name") language = str(request_data.get("language", "en")) status_error = 200 error_code = "" status, error_code = self.register_validation(uname, pwd, email, complete_name) if status: activation = random.randint(1, 10000) hashed = hash(str(activation)) user_id = auth.create_user(email, pwd, name=complete_name, username=uname, activation=activation, locale=language) add_default_lists(user_id) send_activation_email(email, hashed, user_id) sess = session.get_session() auth.login_user(sess, user_id) user = db.select('users', {'id': user_id}, where='id=$id')[0] login_token = user.get('logintoken') data.update({ "logintoken": login_token, # "hashed_activation": hashed, }) else: status_error = 405 response = api_response( data, status=status_error, error_code=error_code, csid_from_client=csid_from_client,) return response
def POST(self): """ :param str logintoken: Logintoken used fo authentication :param str picture_id: Id if the photo to comment :param str csid_from_client: CSID from client :param str action: action for picture (like|dislike) :response data: returns list of likes and them quantity """ request_data = web.input() data = {} status = 200 csid_from_server = None error_code = "" # Get data from request picture_id = request_data.get("picture_id") action = request_data.get("action", "like") csid_from_client = request_data.get('csid_from_client') logintoken = request_data.get('logintoken') user_status, user = self.authenticate_by_token(logintoken) if not picture_id: status = 400 error_code = "picture_id cannot be empty" # pictures = web.ctx.orm.query(Picture).filter( # Picture.id == picture_id).all() # if 0 == len(pictures): # status = 404 # error_code = "Picture with id %s not found" % picture_id # User id contains error code if not user_status: return user csid_from_server = user['seriesid'] user_id = user['id'] likes = [] if status == 200: try: if not action or action == "like": likes = web.ctx.orm.query(PictureLike).filter( PictureLike.picture_id == picture_id, PictureLike.user_id == user_id).all() if len(likes) == 0: like = PictureLike(picture_id, user_id) web.ctx.orm.add(like) web.ctx.orm.commit() data['action'] = 'like' else: likes = web.ctx.orm.query(PictureLike).filter( PictureLike.picture_id == picture_id, PictureLike.user_id == user_id).all() for like in likes: web.ctx.orm.delete(like) web.ctx.orm.commit() data['action'] = 'dislike' likes = web.ctx.orm.query(PictureLike).filter( PictureLike.picture_id == picture_id).all() except IntegrityError as ex: web.ctx.orm.rollback() status = 502 error_code = ex.message data['likes'] = \ [like.to_serializable_dict() for like in likes] data['count_likes'] = len(likes) response = api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): """ :param str csid_from_client: Csid string from client :param str logintoken: logintoken of user (is not required) :param int user_id: id of user :param str album_type: type of pictures (photos|backgrounds) :response data: returns photos - list of pictures :to test: curl --data "csid_from_client=1&user_id=93&album_type=photos" http://localhost:8080/api/profile/userinfo/get_pictures """ request_data = web.input() update_data = {} data = {} status = 200 csid_from_server = None error_code = "" # Get data from request user_id = request_data.get("user_id") album_type = request_data.get("album_type") # This if is a monkeypatch, which allows to map # photos to any other non background slug # TODO: replace this code if album_type != "backgrounds": album_type = "photos" csid_from_client = request_data.get('csid_from_client') current_user_id = None logintoken = request_data.get('logintoken', None) if logintoken: user_status, user = self.authenticate_by_token(logintoken) if user_status: current_user_id = user['id'] album = web.ctx.orm.query(Album).filter( Album.user_id == user_id, Album.slug == album_type).first() data['photos'] = [] if album: pictures = web.ctx.orm.query(Picture).filter( Picture.album_id == album.id).all() for picture in pictures: if not picture.resized_url: continue picture = picture.to_serializable_dict() picture['likes_count'] = len(picture['likes']) if current_user_id: for like in picture['likes']: if like['user_id'] == current_user_id: picture['liked'] = True break else: picture['liked'] = False data['photos'].append(picture) response = api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response
def POST(self): """ :param str logintoken: Logintoken used fo authentication :param str conversation_id: Conversation id :param str csid_from_client: CSID from client :response data: list of all messages, for a given conversation """ request_data = web.input() data = {} status = 200 csid_from_server = None error_code = "" # Get data from conversation_id = request_data.get('conversation_id', False) csid_from_client = request_data.get('csid_from_client') logintoken = request_data.get('logintoken') user_status, user = self.authenticate_by_token(logintoken) # User id contains error code if not user_status: return user csid_from_server = user['seriesid'] from_user_id = user['id'] if not conversation_id: status = 400 error_code = "conversation_id cannot be empty" if status == 200: convo = db.query(''' select convos.id, users.id as user_id, users.name from convos join users on users.id = (case when convos.id1 = $id then convos.id2 else convos.id1 end) where (convos.id = $convo_id and convos.id1 = $id or convos.id2 = $id)''', vars={'convo_id': conversation_id, 'id': from_user_id})\ .list() if not convo: status = 400 error_code = "conversation not found" else: data['conversation'] = convo[0] messages = db.query(''' select messages.*, users.name from messages join users on users.id = messages.sender where messages.convo_id = $convo_id''', vars={'convo_id': conversation_id})\ .list() if len(messages) > 0: data['messages'] = messages else: data['messages'] = [] response = api_response(data=data, status=status, error_code=error_code, csid_from_client=csid_from_client, csid_from_server=csid_from_server) return response