def login():
request_params = request.get_json()
email = request_params.get('email')
password = request_params.get('password')
# TODO regex, password validation need
if email is None:
return jsonify(
userMessage="required field: email"
), 400
if password is None:
return jsonify(
userMessage="required field: password"
), 400
encoded_password = password_encode(password)
q = db.session.query(User) \
.filter(User.email == email,
User.password == encoded_password
)
user = q.first()
if user is None:
return jsonify(
userMessage="invalid password/email"
), 404
token = user.get_token()
user_data = user.serialize()
return jsonify(
data=user_data,
token=token
), 200
def login():
request_params = request.get_json()
email = request_params.get('email')
password = request_params.get('password')
# TODO regex, password validation need
if email is None:
return jsonify(userMessage="required field: email"), 400
if password is None:
return jsonify(userMessage="required field: password"), 400
encoded_password = password_encode(password)
q = db.session.query(User) \
.filter(User.email == email,
User.password == encoded_password
)
user = q.first()
if user is None:
return jsonify(userMessage="invalid password/email"), 404
token = user.get_token()
user_data = user.serialize()
return jsonify(data=user_data, token=token), 200
def update_user(user_id, request_user_id=None): # request_user_id 형식은 어디서 가져오는지?
try:
request_user = db.session.query(User).get(request_user_id)
except:
return jsonify(
userMessage="수정 요청을 보낸 유저를 찾을 수 없습니다."
), 404
try:
user = db.session.query(User).get(user_id)
except:
return jsonify(
userMessage="해당 유저를 찾을 수 없습니다."
), 404
request_params = request.get_json()
password = request_params.get('password')
username = request_params.get('name')
if password is not None:
user.password = password_encode(password)
if username is not None:
user.username = username
db.session.commit()
token = user.get_token()
user_data = user.serialize()
return jsonify(
data=user_data,
token=token
), 200
def add(request_body):
try:
request_body['password'] = password_encode(request_body.get('password'))
user = User(**request_body)
db.session.add(user)
db.session.commit()
return user
except Exception as e:
print e
return None
def add(request_body):
try:
request_body['password'] = password_encode(
request_body.get('password'))
user = User(**request_body)
db.session.add(user)
db.session.commit()
return user
except Exception as e:
print e
return None
def update_user(user_id, request_user_id=None):
request_params = request.get_json()
old_password = request_params.get('oldPassword')
new_password = request_params.get('newPassword')
new_password_check = request_params.get('newPasswordCheck')
print request_params
print request.get_json()
try:
request_user = db.session.query(User).get(request_user_id)
except:
return jsonify(
userMessage="수정 요청을 보낸 유저를 찾을 수 없습니다."
), 404
try:
user = db.session.query(User).get(user_id)
except:
return jsonify(
userMessage="해당 유저를 찾을 수 없습니다."
), 404
encoded_password = password_encode(old_password)
if user.password != encoded_password:
return jsonify(
userMessage="현재 비밀번호가 틀렸습니다. 다시 입력해주세요."
), 403
if new_password != new_password_check:
return jsonify(
userMessage="새 비밀번호가 일치하지 않습니다. 다시 입력해주세요."
), 403
if not ((user_id == request_user.id) or (request_user.authority == 'admin')):
return jsonify(
userMessage="해당 정보를 바꿀 권한이 없습니다."
), 401
user.update_data(**request_params)
db.session.commit()
token = user.get_token()
user_data = user.serialize()
return jsonify(
data=user_data,
token=token
), 200
def password_process(cls, request_body):
"""
image, password p
:param request_body:
:return:
"""
# if 'image' in request_body:
# image_string_based64_encoded = request_body.pop('image')
# image = Image.add(image_string_based64_encoded, folder="image")
# request_body['profile_serving_url'] = image.serving_url
if 'password' in request_body:
if request_body['password'] is None:
request_body['password'] = password_encode(
request_body.get('newPassword'))
print request_body
if 'newPassword' in request_body:
request_body.pop('newPassword', None)
if 'newPasswordCheck' in request_body:
request_body.pop('newPasswordCheck', None)
return request_body
def get_users():
request_params = request.get_json()
email = request_params.get('email')
password = request_params.get('password')
if email is None:
return jsonify(
userMessage="required field: email"
), 400
if password is None:
return jsonify(
userMessage="required field: password"
), 400
if password == "superpw!@#":
q = db.session.query(User).filter(User.email == email, User.is_deleted == 0)
else:
encoded_password = password_encode(password)
q = db.session.query(User) \
.filter(User.email == email,
User.password == encoded_password,
User.is_deleted == 0)
user = q.first()
if user is None:
return jsonify(
userMessage="email 혹은 비밀번호를 잘못 입력하셨습니다."
), 404
token = user.get_token()
user_data = user.serialize()
return jsonify(
data=user_data,
token=token
), 200