def signup():
form = request.form
email = form.get('email')
password = form.get('password')
nickname = form.get('nickname')
phone = form.get('phone')
age = form.get('age')
if not (email and password and nickname and phone and age):
return error(40000)
user = User.query.filter(
or_(User.email == email, User.nickname == nickname)).first()
if user:
return error(40000)
password = hashlib.sha256(password.encode('utf-8')).hexdigest()
user = User(email=email,
nickname=nickname,
password=password,
phone_number=phone,
age=age)
db.session.add(user)
db.session.commit()
return ok()
def wrapper(*args, **kwargs):
token = request.args.get('token')
if not token:
return error(40000)
user = User.query.filter_by(token=token).first()
if not user:
return error(40000)
return func(*args, **kwargs)
def delete_post(post_id):
post = Post.query.filter(Post.id == post_id).first()
if not post:
return error(40400)
if current_user.id != post.user_id:
return error(40300)
Tag.query.filter(Tag.post_id == post_id).delete()
View.query.filter(View.post_id == post_id).delete()
Comment.query.filter(Comment.post_id == post_id).delete()
db.session.delete(post)
db.session.commit()
return ok()
def update_post(post_id):
form = request.form
title = form['title']
content = form['content']
tags = form['tags']
post = Post.query.filter(Post.id == post_id).first()
if not post:
return error(40400)
if current_user.id != post.user_id:
return error(40300)
Tag.query.filter(Tag.post_id == post_id).delete()
post.title = title
post.content = content
post.tags = [Tag(title=tag) for tag in tags.split(',')]
db.session.commit()
return ok()
def signin():
form = request.form
email = form.get('email')
password = form.get('password')
if not (email and password):
return error(40000)
password = hashlib.sha256(password.encode('utf-8')).hexdigest()
user = User.query.filter_by(email=email, password=password).first()
if not user:
return error(40400)
res = {
'nickname': user.nickname,
'email': user.email,
'age': user.age,
'phone_number': user.phone_number,
'profile_url': user.profile_url,
'token': user.token
}
return ok(res)
def callback():
id_token = request.form.get('id_token')
if not id_token:
return error(50000, 'required id_token')
try:
id_info = google_id_token.verify_oauth2_token(
id_token, google_requests.Request(), Config.GOOGLE_CLIENT_ID)
except ValueError:
# wrong id_token
return error(50000, 'wrong id_token')
# wrong issuer
if id_info['iss'] not in [
'accounts.google.com', 'https://accounts.google.com'
]:
return error(50000, 'wrong issuer')
res = requests.get('https://www.googleapis.com/oauth2/v3/tokeninfo',
{'id_token': id_token})
data = res.json()
user = User.query.filter_by(email=data['email']).first()
if not user:
user = User(email=data['email'],
nickname=data['name'],
profile_url=data['picture'])
db.session.add(user)
db.session.commit()
res = {
'nickname': user.nickname,
'email': user.email,
'age': user.age,
'phone_number': user.phone_number,
'profile_url': user.profile_url,
'token': user.token
}
return ok(res)
def proxy():
args = request.args
form = request.form
url = args.get('url')
if not url:
return error(50000)
if request.method == 'GET':
res = requests.get(url=url)
else:
res = requests.post(url=url, data=form)
return ok(dict(url=res.url, data=res.text, code=res.status_code))
def create():
form = request.form
theater_id = form['theater_id']
showtime_id = form['showtime_id']
x = form['x']
y = form['y']
showtime = Showtime.query.filter_by(id=showtime_id,
theater_id=theater_id).first()
if not showtime:
return error(40400)
theater_ticket = TheaterTicket(theater_id=theater_id,
showtime_id=showtime_id,
x=x,
y=y)
db.session.add(theater_ticket)
db.session.commit()
return ok()
def detail(theater_id, showtime_id):
showtime = Showtime.query.filter_by(id=showtime_id,
theater_id=theater_id).first()
if not utc2local(showtime.start_time) > current_time():
return error(40400)
theater = Theater.query.filter_by(id=theater_id).first()
seats = []
x, y = 1, 1
for _ in range(theater.seat):
data = {'seat_number': '{}-{}'.format(x, y), 'selected_seat': False}
theater_tickets = TheaterTicket.query.filter_by(
theater_id=theater_id, showtime_id=showtime_id).all()
for theater_ticket in theater_tickets:
if theater_ticket.x == x and theater_ticket.y == y:
data['selected_seat'] = True
seats.append(data)
if y > 9:
y = 0
x += 1
y += 1
return ok(dict(seats=seats, theater_id=theater_id,
showtime_id=showtime_id))
def wrapper(*args, **kwargs):
if not current_user.is_authenticated:
return error(40300)
return func(*args, **kwargs)
def internal_server_error(err):
return error(50000)
def gone(err):
return error(41000)
def page_not_found(err):
return error(40400)
def forbidden(err):
return error(40300)