def user_info(variables={}, request={}):
result = {}
try:
user_id = Token.Token().query('USERID').where(
'TOKEN', '=', request.params['token']).get()[0]['USERID']
user_query = User.User()\
.query('USERS.ID', 'USERS.USERNAME', 'USERS.FIRSTNAME', 'USERS.LASTNAME', 'USERS.EMAIL')\
.where('USERS.ID', '=', user_id).get()[0]
locations = Location.Location()\
.query('LOCATIONS.COUNTRY', 'LOCATIONS.CITY', 'LOCATIONS.STREET')\
.where('USERID', '=', user_id).get()
if locations:
locations = locations[0]
else:
locations = dict()
prefs = Preference.Preference().query('*').where(
'USERID', '=', user_id).get()
if prefs:
prefs = prefs[0]
else:
prefs = dict()
result['firstname'] = user_query['USERS.FIRSTNAME']
result['lastname'] = user_query['USERS.LASTNAME']
result['email'] = user_query['USERS.EMAIL']
result['country'] = locations.get('LOCATIONS.COUNTRY', '')
result['city'] = locations.get('LOCATIONS.CITY', '')
result['street'] = locations.get('LOCATIONS.STREET', '')
result['title_preferences'] = prefs.get('PREFERENCE', '')
except UserWarning, e:
logging.exception('User warning')
return Controller.response_json({'status': 'error', 'message': str(e)})
def token_valid(variables={}, request={}):
status = 'success'
message = ''
token_ok = False
if not 'token' in request.params:
status = 'error'
message = 'token must be present for this api'
else:
token = Token.Token()
user_token = request.params['token']
count = len(token.query('ID').where('TOKEN', '=', user_token).get())
if count == 0:
status = 'error'
message = 'invalid user token'
else:
token_ok = True
if token_ok:
return (True, None)
else:
result = {
'status' : status,
'message' : message
}
return (False, Controller.response_json(result))
def propose_exchange(variables={}, request={}):
status = 'success'
message = ''
token = request.params['token']
book_id = request.params['bookid']
dict_book = Book.Book().query("DELETED").where("ID", "=", book_id).get()
if not dict_book:
status = 'error'
message = 'the book does not exist'
elif (dict_book[0]['DELETED'] == 1):
status = 'error'
message = 'the book is not available for exchange'
else:
dict_receiver = Token.Token().query("USERID").where(
"TOKEN", "=", token).get()
dict_owner = UserBook.UserBook().query("USERID").where(
"BOOKID", "=", book_id).get()
logging.debug(dict_owner)
if (dict_receiver[0]['USERID'] == dict_owner[0]['USERID']):
status = 'error'
message = 'users cannot send requests to themselves'
else:
dict_exchange = Exchange.Exchange().query('ID').where("OWNERID", "=", dict_owner[0]['USERID']). \
condition("AND", "RECEIVERID", "=", dict_receiver[0]['USERID']). \
condition("AND", "BOOKID1", "=", book_id).get()
if (dict_exchange):
status = 'error'
message = 'the exchange already exists'
else:
date = datetime.datetime.now().strftime("%Y-%m-%d")
insert_dict = {
'OWNERID': dict_owner[0]['USERID'],
'RECEIVERID': dict_receiver[0]['USERID'],
'BOOKID1': book_id,
'EXCHANGEDATE': date,
'ISFINISHED': 0,
'HASSUCCEEDED': 0
}
message = 'the request has been registered'
Exchange.Exchange().insert(insert_dict)
result = {'status': status, 'message': message}
return Controller.response_json(result)
def register(variables={}, request={}):
status = 'success'
message = ''
username = request.params['username']
password = request.params['password']
user = User.User()
response_dict_user = user.query("ID").where("USERNAME", "=",
username).condition(
"OR", "EMAIL", "=",
username).get()
if not response_dict_user:
message = 'incorrect username or password'
status = 'error'
else:
response_dict_pass = user.query("PASSWORD", "SALT").where(
"USERNAME", "=", username).condition("OR", "EMAIL", "=",
username).get()
input_pass_hash = bcrypt.hashpw(password.encode('utf8'),
response_dict_pass[0]["SALT"])
if input_pass_hash != response_dict_pass[0]["PASSWORD"]:
message = 'incorrect username or password'
status = 'error'
else:
token = Token.Token()
response_dict_token = token.query("TOKEN").where(
"USERID", "=",
response_dict_user[0]["ID"]).condition("AND", "TOKENTYPE", "=",
"booxtoken").get()
message = 'log in successful'
status = 'success'
if status == 'success':
response = {
'token': response_dict_token[0]['TOKEN'],
'id': response_dict_user[0]['ID']
}
result = {'status': status, 'message': message, 'response': response}
else:
result = {'status': status, 'message': message}
return Controller.response_json(result)
def match_book(variables={}, request={}):
status = 'success'
message = ''
token = request.params['token']
receiver_id = request.params['receiverid']
book_id1 = request.params['bookid1']
book_id2 = request.params['bookid2']
user_dict = Token.Token().query("USERID").where("TOKEN", "=", token).get()
book1_dict = Book.Book().query("TITLE").where("ID", "=", book_id1).get()
book2_dict = Book.Book().query("TITLE").where("ID", "=", book_id2).get()
if not book1_dict or not book2_dict:
status = 'error'
message = 'one of the books does not exist'
else:
exchange_dict = Exchange.Exchange().query("*").where("OWNERID", "=", user_dict[0]['USERID']). \
condition("AND", "BOOKID1", "=", book_id1). \
condition("AND", "RECEIVERID", "=", receiver_id).get()
if not exchange_dict:
status = 'error'
message = 'the exchange does not exist'
else:
if exchange_dict[0]['ISFINISHED'] == 1:
status = 'error'
message = 'the exchange has already been approved/denied'
else:
if exchange_dict[0]['BOOKID2'] != None:
status = 'error'
message = 'you cannot respond to this exchange'
else:
Exchange.Exchange().update({ 'BOOKID2' : book_id2 }). \
where("OWNERID", "=", user_dict[0]['USERID']). \
condition("AND", "BOOKID1", "=", book_id1). \
condition("AND", "RECEIVERID", "=", receiver_id).execute()
status = 'success'
message = 'user responded to the exchange'
result = {'status': status, 'message': message}
return Controller.response_json(result)
def list_offers(variables={}, request={}):
status = 'success'
message = ''
exchange_status = ''
token = request.params['token']
user_dict = Token.Token().query("USERID").where("TOKEN", "=", token).get()
exchange_dict = Exchange.Exchange().query("EXCHANGES.OWNERID", "EXCHANGES.RECEIVERID", "EXCHANGES.BOOKID1", "EXCHANGES.BOOKID2", "EXCHANGES.ISFINISHED"). \
where("EXCHANGES.OWNERID", "=", user_dict[0]['USERID']). \
condition("OR", "EXCHANGES.RECEIVERID", "=", user_dict[0]['USERID']).get()
result = None
if not exchange_dict:
status = 'success'
message = 'no entries found'
result = {'status': status, 'message': message}
else:
status = 'success'
message = 'entries found'
response = exchange_dict
for exchange in exchange_dict:
if exchange['EXCHANGES.ISFINISHED'] == 1:
exchange['exchange_status'] = 'exchange_finished'
else:
if exchange['EXCHANGES.BOOKID2'] == None:
exchange['exchange_status'] = 'pending_match'
else:
exchange['exchange_status'] = 'request_sent'
if user_dict[0]['USERID'] == exchange['EXCHANGES.OWNERID']:
exchange['user_status'] = 'owner'
else:
exchange['user_status'] = 'receiver'
result = {'status': status, 'message': message, 'response': response}
return Controller.response_json(result)
def get_user_by_token(variables={}, request={}):
status = 'success'
message = ''
token = request
user_dict = Token.Token().query("TOKENS.USERID").where(
"TOKENS.TOKEN", "=", request.params['token']).get()
if not user_dict:
status = 'error'
message = 'invalid token'
else:
status = 'success'
message = 'valid token'
if user_dict:
response = {'userid': user_dict[0]['TOKENS.USERID']}
else:
response = []
result = {'status': status, 'message': message, 'response': response}
return Controller.response_json(result)
def add_book(variables={}, request={}):
status = 'success'
message = ''
values = {}
#title = request.params['title']
#author = request.params['author']
expires = request.params['expires']
genre = request.params['genre']
goodreads_id = request.params['goodreads_id']
ok, error_message = Validator.validate([
#(title, r'^[A-Za-z0-9\s\-_,\.;:()]+$', 'title value is invalid'),
#(author, r'^[a-zA-Z0-9 ,.\'-]+$', 'author value is invalid'),
(genre, r'^(%s)$' % ('|'.join(genres)), 'genre value is invalid'),
(expires,
r'^([1-9]|([012][0-9])|(3[01]))\-([0]{0,1}[1-9]|1[012])\-\d\d\d\d$',
'expires value is invalid'),
(goodreads_id, r'^[0-9]|[1-9][0-9]+$',
'goodreads_id value is invalid'),
])
try:
if not ok:
raise UserWarning(error_message)
book = Goodreads.find_book_by_id(int(goodreads_id))
if not book:
raise UserWarning('no book with such id was found')
current_user_id = Token.Token().query('USERID').where(
'TOKEN', '=', request.params['token']).get()[0]['USERID']
if not current_user_id or current_user_id == 0:
raise UserWarning('invalid user connected to token')
created_author = Author.Author().update_or_create(
{'NAME': book['author']}, {'NAME': book['author']})
if not created_author:
raise UserWarning('unable to create or update the book author')
datetime_object = datetime.strptime(expires, '%d-%m-%Y')
created_book = Book.Book().insert({
'ISBN':
book['isbn'],
'GOODREADSID':
int(goodreads_id),
'TITLE':
book['title'],
'GENRE':
genre,
'COVER':
book['image_url'],
'EXPIRES':
datetime_object.strftime('%Y-%m-%d'),
'AUTHORID':
created_author['ID']
})
if not created_book:
raise UserWarning('unable to add book to the database')
created_user_book = UserBook.UserBook().insert({
'BOOKID':
created_book['ID'],
'USERID':
current_user_id
})
if not created_user_book:
raise UserWarning('unable to connect user to book')
message = 'the book has been added'
values['book_id'] = created_book['ID']
values['user_id'] = current_user_id
values['author_id'] = created_author['ID']
except UserWarning, e:
logging.exception('User Warning')
return Controller.response_json({'status': 'error', 'message': str(e)})
def user_edit(variables={}, request={}):
status = 'success'
message = ''
fname = request.params.get('fname', '')
lname = request.params.get('lname', '')
email = request.params.get('email', '')
password = request.params.get('password', None)
new_password = request.params.get('npassword', None)
confirm_new_password = request.params.get('cnpassword', None)
country = request.params.get('country', '')
city = request.params.get('city', '')
street = request.params.get('street', '')
title_prefs = request.params.get('title_preferences', '')
result = None
try:
if not fname or not lname or not email:
raise UserWarning(
'firstname, lastname and email are mandatory fields')
user_id = Token.Token().query('USERID').where(
'TOKEN', '=', request.params['token']).get()[0]['USERID']
User.User().update({
'FIRSTNAME': fname,
'LASTNAME': lname,
'EMAIL': email
}).where('ID', '=', user_id).execute()
user = User.User().query('*').where('ID', '=', user_id).get()[0]
Preference.Preference().update_or_create(
{
'USERID': user_id,
'PREFERENCETYPE': 'bookname'
}, {
'USERID': user_id,
'PREFERENCETYPE': 'bookname',
'PREFERENCE': title_prefs
})
if country or city or street:
Location.Location().update_or_create({'USERID': user_id}, {
'USERID': user_id,
'COUNTRY': country,
'CITY': city,
'STREET': street
})
if password:
old_password_hash = bcrypt.hashpw(password.encode('utf8'),
user['SALT'])
if old_password_hash != user['PASSWORD']:
raise UserWarning('password incorrect')
if new_password != confirm_new_password:
raise UserWarning(
'new password and confirm password don\'t match')
else:
new_password_hash = bcrypt.hashpw(new_password.encode('utf8'),
user['SALT'])
User.User().update({
'PASSWORD': new_password_hash
}).where('ID', '=', user_id).execute()
except UserWarning, e:
logging.exception('User warning')
return Controller.response_json({'status': 'error', 'message': str(e)})
def notify_users(token, bookname, bookid):
status = 'success'
message = ''
#token = request.params['token']
#bookname = request.params['bookname']
#bookid = request.params['bookid']
user_dict = Token.Token().query("USERID").where("TOKEN", "=", token).get()
owner_location_dict = Location.Location().query("COUNTRY", "CITY", "STREET"). \
where("USERID", "=", user_dict[0]['USERID']).get()
owncountry = owner_location_dict[0]['COUNTRY']
owncity = owner_location_dict[0]['CITY']
ownstreet = owner_location_dict[0]['STREET']
if owncountry == "" or owncity == "" or ownstreet == "":
status = 'error'
message = 'the sender is missing location information'
else:
apiURL = "https://maps.google.com/maps/api/geocode/json?address="
apiURL = "%s %s,%s,%s" % (apiURL, owncountry, owncity, ownstreet)
apiURL = "%s&key=%s" % (apiURL,
App.config.get('GOOGLE', 'geocoding_key'))
api_response = requests.get(apiURL)
api_status = api_response.json()['status']
if api_status == 'ZERO_RESULTS':
status = 'error'
message = 'sender address not found'
else:
own_lat = api_response.json(
)['results'][0]['geometry']['location']['lat']
own_lng = api_response.json(
)['results'][0]['geometry']['location']['lng']
#print("owner %s %s") % (str(own_lat), str(own_lng))
dict_preference = Preference.Preference().query("USERID").where("PREFERENCETYPE", "=", "bookname"). \
condition("AND","PREFERENCE", "=", bookname).get()
for preference in dict_preference:
location_dict = Location.Location().query("COUNTRY", "CITY", "STREET"). \
where("USERID", "=", preference['USERID']).get()
reccountry = location_dict[0]['COUNTRY']
reccity = location_dict[0]['CITY']
recstreet = location_dict[0]['STREET']
if reccountry != "" and reccity != "" and recstreet != "":
apiURL = "https://maps.google.com/maps/api/geocode/json?address="
apiURL = "%s %s,%s,%s" % (apiURL, reccountry, reccity,
recstreet)
apiURL = "%s&key=%s" % (
apiURL, App.config.get('GOOGLE', 'geocoding_key'))
api_response = requests.get(apiURL)
api_status = api_response.json()['status']
if api_status != 'ZERO_RESULTS':
rec_lat = api_response.json(
)['results'][0]['geometry']['location']['lat']
rec_lng = api_response.json(
)['results'][0]['geometry']['location']['lng']
#print "receiver %s %s" % (str(rec_lat), str(rec_lng))
R = 6373.0
lat1 = radians(own_lat)
lon1 = radians(own_lng)
lat2 = radians(rec_lat)
lon2 = radians(rec_lng)
dlat = lat2 - lat1
dlon = lon2 - lon1
a = sin(dlat / 2)**2 + cos(lat1) * cos(lat2) * sin(
dlon / 2)**2
c = 2 * atan2(sqrt(a), sqrt(1 - a))
distance = R * c
if (distance <= 5):
dict_insert = {
"BOOKID": bookid,
"OWNERID": user_dict[0]['USERID'],
"RECEIVERID": preference['USERID']
}
Notification.Notification().insert(dict_insert)
status = 'success'
message = 'users have been notified'
result = {'status': status, 'message': message}
return result
def register(variables={}, request={}):
status = 'success'
message = ''
username = request.params['username']
password = request.params['password']
cpassword = request.params['cpassword']
fname = request.params['fname']
lname = request.params['lname']
email = request.params['email']
ok, error_message = Validator.validate([
(username, r'^[A-Za-z][A-Za-z0-9]+$',
'The username should be only small and big letters with numbers'),
(password, r'^.{7,}$', 'Password should be longer than 6 characters'),
(cpassword, r'^.{7,}$',
'Password confirm should be longer than 6 characters'),
(fname, r'^[\w,-\']+$', 'first name value is invalid'),
(lname, r'^[\w,-\']+$', 'last name value is invalid'),
(email,
r"""^(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])$""",
'email value is invalid'),
])
try:
if not ok:
raise UserWarning(error_message)
user = User.User()
token = Token.Token()
response_dict_list = user.query("ID").where("USERNAME", "=",
username).condition(
"OR", "EMAIL", "=",
email).get()
if not response_dict_list:
if (password != cpassword):
raise UserWarning('passwords do no match')
generated_token = strgen.StringGenerator("[\w\d]{20}").render()
salt = bcrypt.gensalt()
password_hash = bcrypt.hashpw(password.encode('utf8'), salt)
insert_user_dict = {
"USERNAME": username,
"PASSWORD": password_hash,
"SALT": salt,
"FIRSTNAME": fname,
"LASTNAME": lname,
"EMAIL": email,
"ISADMINISTRATOR": 0
}
inserted_user = user.insert(insert_user_dict)
insert_token_dict = {
"USERID": inserted_user["ID"],
"TOKENTYPE": "booxtoken",
"TOKEN": generated_token
}
token.insert(insert_token_dict)
message = 'user registered successfully'
else:
raise UserWarning('username already exists')
except UserWarning, e:
logging.exception('User warning')
return Controller.response_json({'status': 'error', 'message': str(e)})
