def sign_in():
arg = request.args.to_dict() # Example: {'password': '******', 'email': 'a@a'}
email = arg.get('email', None)
password = arg.get('password', None)
user = database.get_user_data_by_email(email)
if user and user['password'] == password:
token = generate_token()
database.update_token(user['email'], token)
logged_in_users[token] = email
response = {'success': True, 'message': 'Successfully signed in.', 'token': token}
else:
response = {'success': False, 'message': 'Wrong username or password.'}
return jsonify(response)
def get_user_data_by_token():
arg = request.args.to_dict()
token = arg.get('token', None)
email = logged_in_users.get(token, None)
if email:
response = database.get_user_data_by_email(email)
if response:
del response['password']
response = {'success': True, 'message': 'User data retrieved.', 'data': response}
else:
response = {'success': False, 'message': 'No such user. Weird error.'}
else:
response = {'success': False, 'message': 'You are not signed in.'}
return jsonify(response)
def post_message():
arg = request.args.to_dict()
token = arg.get('token', None)
content = arg.get('content', None)
fromEmail = logged_in_users.get(token, None)
if fromEmail:
toEmail = arg.get('toEmail', None)
toEmail = toEmail if toEmail else fromEmail
if database.get_user_data_by_email(toEmail):
database.add_message(fromEmail, toEmail, content)
response = {'success': True, 'message': 'Message posted.'}
else:
response = {'success': False, 'message': 'No such user.'}
else:
response = {'success': False, 'message': 'You are not signed in.'}
return jsonify(response)
def change_password():
arg = request.args.to_dict()
token = arg.get('token', None)
oldPassword = arg.get('oldPassword', None)
newPassword = arg.get('newPassword', None)
print(arg)
if token in logged_in_users:
email = logged_in_users[token]
user = database.get_user_data_by_email(email)
if user['password'] == oldPassword:
database.update_password(email, newPassword)
response = {'success': True, 'message': 'Password changed.'}
else:
response = {'success': False, 'message': 'Wrong password.'}
else:
response = {'success': False, 'message': 'You are not logged in.'}
return jsonify(response)
def googlelogin():
token = request.form['idtoken']
try:
idinfo = client.verify_id_token(
token,
"662074927941-q2vfnrddgh6o59avpas4gfnp7d7ft1ro.apps.googleusercontent.com"
)
if idinfo['iss'] not in [
'accounts.google.com', 'https://accounts.google.com'
]:
return "Authentication Failure"
email = idinfo['email']
user_data = database.get_user_data_by_email(email)
if (user_data == None):
return "User with this e-mail not found!"
resp = make_response("Success")
resp.set_cookie('user', user_data[0])
resp.set_cookie('password_hash', user_data[1])
return resp
except crypt.AppIdentityError:
pass
return "Failure"