def password_require(request):
username = request.json[
'username'] if 'username' in request.json else None
password = request.json[
'password'] if 'password' in request.json else None
if username and password:
user = userservice.get_user(username)
if user.verify_password(password):
return BaseController.send_response_api(None, "Password match")
else:
return BaseController.send_error_api(None,
"Password did not match")
else:
return BaseController.send_error_api(None, 'Password required')
def send_confirmation_email(request):
email = request.json['email'] if 'email' in request.json else None
if email:
user = userservice.get_user(email)
if user is None:
return BaseController.send_error_api(
None, 'User not found, register first')
if user.confirmed:
return BaseController.send_response_api(
None, 'This account has been confirmed, you can login now')
userservice.send_confirmation_email(user)
return BaseController.send_response_api(
None, 'Confirmation email has been sent to %s' % (email))
else:
return BaseController.send_error_api(None, 'Email required')
def send_reset_password(request):
email = request.json['email'] if 'email' in request.json else None
if email:
user = userservice.get_user(email)
if user is not None:
userservice.send_reset_password_email(user)
return BaseController.send_response_api(
None,
'Send Reset Password to %s success, you can check your email now'
% (email))
else:
return BaseController.send_error_api(
None,
'Email not found, Please send email which registered into your account before'
)
else:
return BaseController.send_error_api(None, 'Email required')
def ticket_transfer(request, user):
# password = request.json['password'] if 'password' in request.json else None
username = user['username']
if username:
auth = userservice.get_user(username)
receiver = request.json[
'receiver'] if 'receiver' in request.json else None
user_ticket_id = request.json[
'user_ticket_id'] if 'user_ticket_id' in request.json else None
if None in [user, receiver, user_ticket_id]:
return BaseController.send_error_api(None,
'payload is not valid')
result = tickettransferservice.transfer(user['id'], user_ticket_id,
receiver)
if result['error']:
return BaseController.send_error_api(result['data'],
result['message'])
else:
return BaseController.send_response_api(
result['data'], result['message'])
else:
return BaseController.send_error_api(None, "invalid payload")
def ticket_transfer(request, user): password = request.json['password'] if 'password' in request.json else None username = user['username'] if username and password: auth = userservice.get_user(username) if auth.verify_password(password): receiver = request.json['receiver'] if 'receiver' in request.json else None user_ticket_id = request.json['user_ticket_id'] if 'user_ticket_id' in request.json else None if None in [user, receiver, user_ticket_id]: return BaseController.send_error_api(None, 'payload is not valid') if user['role_id'] == ROLE['user']: result = tickettransferservice.transfer(user['id'], user_ticket_id, receiver) else: return BaseController.send_error_api(None, 'this operation is not valid for this type of user') if result['error']: return BaseController.send_error_api(result['data'], result['message']) else: return BaseController.send_response_api(result['data'], result['message']) else: return BaseController.send_error_api(None, "Password did not match") else: return BaseController.send_error_api(None, "Password required")
def login(request):
provider = request.json[
'provider'] if 'provider' in request.json else None
admin = request.json['admin'] if 'admin' in request.json else None
if provider is None:
username = request.json[
'username'] if 'username' in request.json else None
password = request.json[
'password'] if 'password' in request.json else None
if username and password:
# check if user exist
user = userservice.get_user(username)
if user is not None:
if admin is not None and admin:
if user.as_dict()['role_id'] != 1 and user.as_dict(
)['role_id'] != 8:
return BaseController.send_error_api(
{'unauthorized': True},
'unauthorized, must be admin to access this page.'
)
if user.verify_password(password):
token = userservice.save_token()
user = userservice.include_role_data(
user.include_photos().as_dict())
return BaseController.send_response_api(
{
'access_token': token['data'].access_token,
'refresh_token': token['data'].refresh_token
}, 'User logged in successfully', user)
else:
return BaseController.send_error_api(
{'wrong_credential': True}, 'wrong credentials')
else:
return BaseController.send_error_api(
{'not_registered': True}, 'username not found')
return BaseController.send_error_api(
{'payload_invalid': True}, 'username and password required')
else:
# social sign in
social_token = request.json[
'token'] if 'token' in request.json else None
if (social_token is None):
return BaseController.send_error_api(
{'payload_invalid': True}, 'social token is missing.')
if (provider == 'twitter'):
token_secret = request.json[
'token_secret'] if 'token_secret' in request.json else None
if (token_secret is None):
return BaseController.send_error_api(
{'payload_invalid': True}, 'token secret is missing.')
user_social_id = userservice.social_sign_in(
provider, social_token, token_secret)
else:
user_social_id = userservice.social_sign_in(
provider, social_token)
if (user_social_id is not None):
user = userservice.check_social_account(
provider, user_social_id)
if user is not None:
token = userservice.save_token(provider)
user = userservice.include_role_data(
user.include_photos().as_dict())
return BaseController.send_response_api(
{
'access_token': token['data'].access_token,
'refresh_token': token['data'].refresh_token
}, 'User logged in successfully', user)
else:
return BaseController.send_error_api(
{'not_registered': True}, 'user is not registered')
else:
return BaseController.send_error_api(
{'wrong_credential': True}, 'token is invalid')