def logout():
token = get_token(request)
if token is None:
return app.response_class(status=status.HTTP_304_NOT_MODIFIED,
response=json.dumps(
{'error': 'No user logged in'}),
mimetype='application/json')
query(db.logout_user, token)
resp = app.response_class()
resp.set_cookie('token', '', expires=0)
return resp
def save_individual_story(storyid):
token = get_token(request)
if token is None:
return app.response_class(status=status.HTTP_403_FORBIDDEN)
try:
query(db.update_story, token, storyid, request.json)
return app.response_class()
except DBError as e:
return app.response_class(status=e.status,
response=e.response,
mimetype='application/json')
def submit_story_for_review(storyid):
token = get_token(request)
if token is None:
return app.response_class(status=status.HTTP_403_FORBIDDEN)
if storyid is None:
return app.response_class(status=status.HTTP_400_BAD_REQUEST)
try:
query(db.compile_and_submit_story, token, storyid)
return app.response_class(status=200)
except DBError as e:
return app.response_class(status=e.status,
response=e.response,
mimetype='application/json')
def delete_story(storyid):
token = get_token(request)
if token is None:
return app.response_class(status=status.HTTP_403_FORBIDDEN,
response=json.dumps({
'error':
'No authorization token was provided'
}),
mimetype='application/json')
try:
query(db.delete_story, token, storyid)
return app.response_class() # 200 OK
except DBError as e:
return app.response_class(status=e.status,
response=e.response,
mimetype='application/json')
def login_token():
code = request.json.get('code')
if code:
payload = {
'grant_type': 'authorization_code',
'code': code,
'client_id':
'amzn1.application-oa2-client.8497a1c842f24fd6b54cd7afef9ea32a',
'client_secret': CLIENT_SECRET
}
r = requests.post('https://api.amazon.com/auth/o2/token', data=payload)
if r.status_code == 200:
response = r.json()
user_info = requests.get(
'https://api.amazon.com/user/profile?access_token=%s' %
response['access_token'])
if user_info.status_code == 200:
user_data = user_info.json()
token = secrets.token_urlsafe(32)
query(db.cache_login, user_data['user_id'], user_data['name'],
user_data['email'], token, 86400)
resp = app.response_class(status=200)
resp.set_cookie('token',
value=token,
max_age=86400,
httponly=True) # , domain='storyseeker.fun')
resp.set_cookie('name',
value=user_data['name'],
max_age=86400,
httponly=True) # , domain='storyseeker.fun')
return resp
else:
return app.response_class(
status=status.HTTP_503_SERVICE_UNAVAILABLE,
response=json.dumps({
'error':
' Unable to get user information from Amazon'
}),
mimetype='application/json')
return app.response_class(status=400,
response=json.dumps({
'error':
'No code was provided for authentication'
}),
mimetype='application/json')
def author_details():
token = get_token(request)
if token is None:
return json_response({'error': 'No authentication provided'},
status.HTTP_403_FORBIDDEN)
try:
user = query(db.get_user_details, token)
return json_response(user)
except DBError as e:
return json_response(e.response, e.status)
def validate_title(title: str) -> bool:
title = clean_title(title)
if len(title) < 3:
return "Title must be at least 3 characters long"
for char in title:
if not char.isalpha() and not char in {"'", " ", ":"}:
return "%s is not allowed in a title" % char
if (db.query(db.title_exists, title)):
return "A story called %s already exists" % title
return None
def save_story_content(storyid):
token = get_token(request)
if token is None:
return app.response_class(status=status.HTTP_403_FORBIDDEN,
response=json.dumps({
'error':
'No authhorization code was provided'
}),
mimetype='application/json')
if storyid is None:
return app.response_class(
status=status.HTTP_404_NOT_FOUND,
response=json.dumps({'error': 'No story id was given to find'}),
mimetype='application/json')
content = request.json
try:
query(db.save_story_content, token, storyid, content)
return app.response_class() # 200 OK
except DBError as e:
return app.response_class(status=e.status,
response=e.response,
mimetype='application/json')
def get_loggedin_user():
token = get_token(request)
if token is None:
return app.response_class(response=json.dumps({'user': None}),
mimetype='application/json')
try:
user = query(db.get_name_from_token, token)
return app.response_class(response=json.dumps({'user': user}),
mimetype='application/json')
except DBError as e:
return app.response_class(status=e.status,
response=e.response,
mimetype='application/json')
def get_preview(storyid):
token = get_token(request)
if token is None:
return app.response_class(status=status.HTTP_403_FORBIDDEN)
if storyid is None:
return app.response_class(status=status.HTTP_400_BAD_REQUEST)
try:
story = query(db.get_story_preview, token, storyid)
return app.response_class(response=json.dumps(story),
mimetype='application/json')
except DBError as e:
return app.response_class(status=e.status,
response=e.response,
mimetype='application/json')
def create_story():
token = get_token(request)
if token is None:
return app.response_class(status=status.HTTP_403_FORBIDDEN)
values = request.json
a = utils.validate_title(values['title'])
if a:
return app.response_class(status=status.HTTP_400_BAD_REQUEST,
response=json.dumps({'error': a}),
mimetype='application/json')
title = utils.clean_title(values['title'])
try:
index = query(db.create_story, token, title)
return app.response_class(status=status.HTTP_201_CREATED,
response=json.dumps({'id': index}),
mimetype='application/json')
except DBError as e:
return app.response_class(status=e.status,
response=e.response,
mimetype='application/json')
def get_all_stories():
token = get_token(request)
if token is None:
return app.response_class(status=status.HTTP_403_FORBIDDEN,
response=json.dumps({
'error':
'No authhorization code was provided'
}),
mimetype='application/json')
all_stories = query(db.get_all_stories, token)
if all_stories is None:
return app.response_class(status=status.HTTP_403_FORBIDDEN,
response=json.dumps({
'error':
'Token was either invalid or expired'
}),
mimetype='application/json')
return app.response_class(status=status.HTTP_200_OK,
response=json.dumps(all_stories),
mimetype='application/json')
def get_individual_story(storyid):
token = get_token(request)
if token is None:
return app.response_class(status=status.HTTP_403_FORBIDDEN,
response=json.dumps({
'error':
'No authhorization code was provided'
}),
mimetype='application/json')
if storyid is None:
return app.response_class(
status=status.HTTP_403_FORBIDDEN,
response=json.dumps({'error': 'No story id was given to find'}),
mimetype='application/json')
try:
story_overview = query(db.get_story_overview, token, storyid)
return app.response_class(response=json.dumps(story_overview),
mimetype='application/json')
except DBError as e:
return app.response_class(status=e.status,
response=e.response,
mimetype='application/json')