def doctors_by_email(request, email):
if request.method == "GET":
doctors = Doctor.objects.filter(email=email)
if len(doctors) < 1:
return HttpResponseNotFound("No Doctors with that email")
return HttpResponse(json.dumps(doctors.first().to_dict()),
content_type="application/json")
elif request.method == "POST":
request_params = json.loads(request.body)
doctor = Doctor.objects.get(email=email)
if not doctor:
return HttpResponseNotFound("Unable to find doctor")
first_name = request_params.get("first_name", None)
last_name = request_params.get("last_name", None)
email = request_params.get("email", None)
password = request_params.get("password", None)
if first_name:
doctor.first_name = first_name
if last_name:
doctor.last_name = last_name
if email:
doctor.email = email
if password:
doctor.password = BCryptPasswordHasher().encode(
password=password, salt=BCryptPasswordHasher().salt())
doctor.save()
return HttpResponse(json.dumps(doctor.to_dict()),
content_type="application/json")
def authenticate(request):
if request.method == "POST":
request_params = json.loads(request.body)
email = request_params.get("email", None)
password = request_params.get("password", None)
if not email or not password:
return HttpResponseBadRequest("Missing email or password")
if "@medibook.ca" in email:
doctor = Doctor.objects.get(email=email)
if BCryptPasswordHasher().verify(password, doctor.password):
response = dict(token=random.getrandbits(64), is_doctor=1)
return HttpResponse(json.dumps(response),
content_type="application/json")
else:
return HttpResponseNotAllowed("Invalid email/password")
user = User.objects.get(email=email)
if not user:
return HttpResponseNotFound("User does not exist")
if BCryptPasswordHasher().verify(password, user.password):
response = dict(token=random.getrandbits(64), is_doctor=0)
return HttpResponse(json.dumps(response),
content_type="application/json")
else:
return HttpResponseNotAllowed("Invalid email/password")
def users_by_id(request, user_id):
if request.method == "GET":
user = User.objects.filter(id=user_id)
if len(user) < 1:
return HttpResponseNotFound(json.dumps(
dict(error="User not found")),
content_type="application/json")
return HttpResponse(json.dumps(user.first().to_dict()),
content_type="application/json")
elif request.method == "POST":
request_params = json.loads(request.body)
user = User.objects.get(id=user_id)
if not user:
return HttpResponseNotFound("Unable to find doctor")
first_name = request_params.get("first_name", None)
last_name = request_params.get("last_name", None)
address = request_params.get("address", None)
gender = request_params.get("gender", None)
birthday = request_params.get("birthday", None)
email = request_params.get("email", None)
password = request_params.get("password", None)
healthcard = request_params.get("healthcard", None)
doctor_id = request_params.get("doctor_id", None)
doctor = None
if doctor_id:
doctor = Doctor.objects.get(id=doctor_id)
if not doctor:
return HttpResponseNotFound("Unable to find doctor")
if first_name:
user.first_name = first_name
if last_name:
user.last_name = last_name
if address:
user.address = address
if gender:
user.gender = gender
if birthday:
birthday = datetime.fromtimestamp(birthday)
user.birthday = birthday
if email:
user.email = email
if password:
user.password = BCryptPasswordHasher().encode(
password=password, salt=BCryptPasswordHasher().salt())
if healthcard:
user.healthcard = healthcard
if doctor:
user.doctor = doctor
user.save()
return HttpResponse(json.dumps(user.to_dict()),
content_type="application/json")
def users(request):
if request.method == "GET":
query = User.objects.all()
request_params = request.GET
email = request_params.get("email", None)
if email:
query = query.filter(email=email)
serialized_json = serializers.serialize("json", query)
return HttpResponse(serialized_json, content_type="application/json")
elif request.method == "PUT":
request_params = json.loads(request.body)
first_name = request_params.get("first_name", "")
last_name = request_params.get("last_name", "")
address = request_params.get("address", "")
gender = request_params.get("gender", "N")
birthday = request_params.get("birthday", time.time())
birthday = datetime.fromtimestamp(birthday)
email = request_params.get("email", "")
password = request_params.get("password", "wordpass")
healthcard = request_params.get("healthcard", "")
doctor_id = request_params.get("doctor_id", None)
if not doctor_id:
return HttpResponseBadRequest("Empty Doctor ID")
doctor = Doctor.objects.get(id=doctor_id)
if not doctor:
return HttpResponseNotFound("Unable to find doctor")
user = User(first_name=first_name,
last_name=last_name,
address=address,
gender=gender,
birthday=birthday,
email=email,
password=BCryptPasswordHasher().encode(
password=password, salt=BCryptPasswordHasher().salt()),
healthcard=healthcard,
doctor=doctor)
user.save()
return HttpResponse(json.dumps(user.to_dict()),
content_type="application/json")
def doctors(request):
if request.method == "GET":
query = Doctor.objects.all()
serialized_json = serializers.serialize("json", query)
return HttpResponse(serialized_json, content_type="application/json")
elif request.method == "PUT":
request_params = json.loads(request.body)
first_name = request_params.get("first_name", "")
last_name = request_params.get("last_name", "")
email = request_params.get("email", "*****@*****.**")
password = request_params.get("password", "wordpass")
doctor = Doctor(first_name=first_name,
last_name=last_name,
email=email,
password=BCryptPasswordHasher().encode(
password=password,
salt=BCryptPasswordHasher().salt()))
doctor.save()
return HttpResponse(json.dumps(doctor.to_dict()),
content_type="application/json")
def test_bcrypt_salt_check(self):
hasher = BCryptPasswordHasher()
encoded = hasher.encode("lètmein", hasher.salt())
self.assertIs(hasher.must_update(encoded), False)