def register_user(username, email, password, password_confirmed):
# Note: emails are blindly accepted, no assumption is even made that the
# frontend validated them. Emails are validated with the confirmation
# pattern rather than some attempt at a regex or something.
u_check = User.query.filter_by(username=username).first()
if u_check is not None:
return error_response(409, 'Username in use')
u_check = User.query.filter_by(email=email).first()
if u_check is not None:
return error_response(409, 'Email is use')
if password != password_confirmed:
return error_response(422, 'Passwords do not match')
new_user = User(username=username, email=email, password=password)
db.session.add(new_user)
# BetaCode specific. Because the requirement to use beta codes is switched
# with a config param, the validation must occur in this route, rather than
# at the JSON schema level.
registration_json = request.get_json()
if current_app.config['BETA_KEYS_REQUIRED']:
if 'beta_code' not in registration_json:
db.session.rollback()
return error_response(
400, 'Beta codes are currently required for registration')
beta_code = registration_json['beta_code']
if not check_and_assign_beta_code(beta_code, new_user):
db.session.rollback()
return error_response(422, 'Invalid beta code')
db.session.commit()
return {
'message': 'Successfully registered user',
'user': new_user.as_dict()
}
def change_password(id, current_password, new_password):
u = User.query.get_or_404(id)
if not u.check_password(current_password):
return error_response(403, 'Current password incorrect')
u.set_password(new_password)
db.session.commit()
return {'message': 'Successfully changed password', 'user': u.as_dict()}
def accept_match_invite(id):
invite = MatchInvite.query.get_or_404(id)
if invite.inviter_id == g.current_user.id:
return error_response(400, 'Player cannot accept own invite')
if invite.accepted:
return error_response(410, 'Match invite has already been accepted')
acceptor = g.current_user
if invite.invited_id != acceptor.id and not invite.open:
return error_response(403, 'Invite not open, and not for player')
if invite.open:
invite.invited = acceptor
new_match = Match()
db.session.add(new_match)
new_match.join(invite.inviter)
new_match.join(acceptor)
db.session.flush()
invite.match = new_match
db.session.commit()
return {
'message': 'Successfully accepted invite',
'match_invite': invite.as_dict(),
'match': new_match.as_dict()
}
def make_move(uci_string, id):
match = Match.query.get_or_404(id)
player = g.current_user
if not match.playing(player):
return error_response(403, 'Player not playing this match')
if not match.players_turn(player):
return error_response(409, 'Not your turn')
req_json = request.get_json()
if not match.attempt_move(player, uci_string):
return error_response(422, 'Move not possible')
db.session.commit()
ws_events.broadcast_move_made(player=player,
move=uci_string,
current_fen=match.current_fen,
connection_token=match.connection_token)
if match.is_finished:
# Should this be handled by the match?
# match.update_stats()
match.player_white.stat_block.add_match(match)
match.player_black.stat_block.add_match(match)
db.session.commit()
ws_events.broadcast_match_finish(
winning_player=player, connection_token=match.connection_token)
return {'message': 'Move successfully made', 'match': match.as_dict()}
def accept_friend_invite(id):
u = User.query.get_or_404(id)
if u not in g.current_user.friend_invites:
return error_response(
400, 'You don\'t have a friend invite from this player')
if u in g.current_user.friends:
return {
'message': 'You are already friends with this user',
'user': u.as_dict()
}, 201
g.current_user.accept_friend(u)
db.session.commit()
return {
'message': 'Successfully accepted friend invite',
'user': u.as_dict()
}
def token_auth_error():
return error_response(401)