def oauth_redirect(request, response):
# Take email to authenticate, then when user is authenticated generate session and store session.
data = request.data
code_grant = data["code_grant"]
code = exchange_token(code_grant)
if code is not None:
jwt_id_token = code["id_token"]
id_token = jwt.decode(jwt_id_token.encode("utf-8"),
options={"verify_signature": False})
user_id = id_token["email"]
sessionToken = str(uuid4())
store_session(sessionToken, user_id)
user_info = get_user_info(user_id)
new_user = False
if user_info is None:
new_user = True
response.body = {"new_user": new_user}
response.set_session(sessionToken)
else:
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message="Invalid credentials")
return response
def create_checkout_session(request, response):
priceID = request.data["priceId"]
domain_url = os.environ["URL"]
try:
# Create new Checkout Session for the order
# Other optional params include:
# [billing_address_collection] - to display billing address details on the page
# [customer] - if you have an existing Stripe Customer ID
# [customer_email] - lets you prefill the email input in the form
# ?session_id={CHECKOUT_SESSION_ID} means the redirect will have the session ID set as a query param
checkout_session = stripe.checkout.Session.create(
success_url=domain_url +
"/Success.html?session_id={CHECKOUT_SESSION_ID}",
cancel_url=domain_url + "/Cancel.html",
payment_method_types=["card"],
mode="subscription",
line_items=[{
"price": priceID,
"quantity": 1
}],
)
# line_items = stripe.checkout.Session.list_line_items(checkout_session["id"])
# response.body = line_items
response.body = {"sessionId": checkout_session["id"]}
return response
except Exception as e:
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message=str(e)) from e
def updateTalent(request, response):
data = request.data
file = data["photo"]
image = base64.b64decode(str(file))
URL = data["url"]
targetKey = getUUID(URL)
# Setting other values
talent_name = data["talentName"]
talent_bio = data["talentBio"]
# UPDATE THIS 2 VARIABLES TO NOT BE HARDCODED
bucketName = "csc-assignment-photo-bucket-aloy"
bucketRegion = "us-east-1"
try:
s3Response = init_client().upload_fileobj(image, bucketName, targetKey)
logging.info("updateTalentImage -- S3 Update response: %s", s3Response)
# Set the s3 URL to current Image
URL = "https://" + bucketName + ".s3." + bucketRegion + ".amazonaws.com/" + targetKey
# Update mySql table
updateQuery = "UPDATE talent SET UrlLink='%s', Name='%s', Bio='%s' WHERE UrlLink LIKE '%s'", (
URL, talent_name, talent_bio, targetKey)
uploadToSql(updateQuery)
except ClientError as e:
logging.error("updateTalentImage -- %s", e)
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message=str(e)) from e
return response
def init_client():
try:
return boto3.client('s3', region_name='us-east-1')
except ClientError as e:
logging.error("init_client -- %s", e)
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message=str(e)) from e
def resolve_function(self):
self.function = APILIST.get(self.method, {}).get(self.endpoint, None)
if not self.function:
raise WebException(status_code=HTTPStatus.NOT_FOUND,
message="Invalid API")
return self
def retrieve_user(self):
session_cookie = self.cookies.get("session", None)
if session_cookie is None:
self.session_token = None
else:
self.session_token = session_cookie.value
if self.endpoint in [
"create-checkout-session",
"get-publishable-key",
"customer-portal",
"manage-billing",
"create-comment",
"checkout-session",
"logout",
]:
print("Logged In Method Invoked")
self.username = get_session_username(self.session_token)
print(self.username)
if not self.username:
raise WebException(
status_code=HTTPStatus.UNAUTHORIZED, message="Unauthenticated User"
)
user_info = get_user_info(self.username)
if user_info is None:
self.paiduser = False
else:
self.paiduser = (
True if user_info["subscription_type"] == "Paid" else False
)
print(self.paiduser)
return self
def parse_data(self):
if self.method in ["GET", "DELETE"]:
qsp = self.event.get("queryStringParameters", {})
self.data = {} if qsp is None else qsp
elif self.method in ["POST", "PUT"]:
body = self.event.get("body", "{}")
body = "{}" if not body else body
try:
self.data = json.loads(body)
except Exception as ex:
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message="Invalid JSON") from ex
return self
def init_client():
try:
connection = pymysql.connect(
host=os.environ["RDS_HOST"],
user=os.environ["RDS_USER"],
password=os.environ["RDS_PASSWORD"],
database=os.environ["RDS_DATABASE"],
)
logging.info("Connection to mySql server successful!")
return connection
except WebException as e:
logging.exception("RDS MySQL Connection Failed")
raise WebException()
def webhook_received(request, response):
webhook_secret = os.environ["STRIPE_WEBHOOK_SECRET"]
raw_body = request.event.get("body", "")
request_data = request.data
if webhook_secret:
# Retrieve the event by verifying the signature using the raw body and secret if webhook signing is configured.
signature = request.headers.get("stripe-signature")
try:
event = stripe.Webhook.construct_event(raw_body, signature,
webhook_secret)
data = event["data"]
except Exception as e:
print(e)
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message=str(e)) from e
# Get the type of webhook event sent - used to check the status of PaymentIntents.
event_type = event["type"]
else:
data = request_data["data"]
event_type = request_data["type"]
data_object = data["object"]
# print(data_object)
now = datetime.now()
customer_id = data_object["customer"]
username = get_username_from_customerid(customer_id)
subscription_plan = ""
subscription_id = data_object["items"]["data"][0]["price"]["id"]
if subscription_id == os.environ["FREE_PRICE_ID"]:
subscription_plan = "Free"
elif subscription_id == os.environ["PRO_PRICE_ID"]:
subscription_plan = "Paid"
print("event " + event_type)
if event_type in [
"customer.subscription.updated", "invoice.payment_succeeded"
]:
lastPayment = now.strftime("%d/%m/%Y %H:%M:%S")
create_or_update_user_info(username, customer_id, subscription_plan,
lastPayment)
mysql_lastPayment = now.strftime("%Y-%m-%d %H:%M:%S")
updateUserData(username, subscription_plan, mysql_lastPayment)
print("Payment updated!")
if event_type == "customer.subscription.deleted":
delete_item(username)
print("Subscription deleted!")
return response
def get_talent_detail(request, response):
data = request.data
try:
getTalentData = f"Select * from talent where TalentId = {data['talentId']}"
talentResult = getResult(getTalentData)
oneResult = talentResult[0]
talentDict = {
"urlLink": oneResult["UrlLink"],
"name": oneResult["Name"],
"bio": oneResult["Bio"],
}
response.body = talentDict
return response
except Exception as e:
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message=str(e)) from e
def uploadImage(request, response):
# Load file
data = request.data
print(data)
file = data["photo"]
image = base64.b64decode(str(file))
# Validations
# if (containsHumanFace(file) == False):
# raise WebException(status_code=HTTPStatus.BAD_REQUEST, message="uploadImage -- File failed Validations.")
# Setting UUID for this file
objectKey = str(uuid.uuid4())
logging.info("uploadImage -- New UUID: %s", objectKey)
# Setting other values
talent_name = data["talentName"]
talent_bio = data["talentBio"]
# UPDATE THIS 2 VARIABLES TO NOT BE HARDCODED
bucketName = "csc-assignment-2-photo-bucket-aloy"
bucketRegion = "us-east-1"
try:
# Uploading file to S3
s3 = boto3.resource('s3')
# obj = s3.Object(bucketName, objectKey)
# obj.put(Body=file)
s3.Bucket(bucketName).put_object(key=object, Body=file)
# Set the s3 URL to current Image
URL = "https://" + bucketName + ".s3." + bucketRegion + ".amazonaws.com/" + objectKey
# Upload to mySql table
insertQuery = "INSERT INTO talent (UrlLink, Name, Bio) VALUES (%s, %s, %s)", (
URL, talent_name, talent_bio)
uploadToSql(insertQuery)
except Exception as e:
logging.error("uploadImage -- %s", e)
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message=str(e)) from e
return response
def getAllTalents(request, response):
connection = pymysql.connect(host=os.environ["RDS_HOST"],
user=os.environ["RDS_USER"],
password=os.environ["RDS_PASSWORD"],
database=os.environ["RDS_DATABASE"])
logging.info("getAllTalents -- Connection to mySql server successful!")
try:
cur = connection.cursor()
rows = cur.fetchall()
allTalentsJson = json.dumps(rows)
response.body = allTalentsJson
return response
except ClientError as e:
logging.error(e)
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message="uploadImage -- File failed Validations.")
finally:
logging.info("uploadToSql -- Closing mySql connection")
connection.close()
def deleteTalent(request, response):
data = request.data
URL = data["url"]
targetKey = getUUID(URL)
# UPDATE THIS VARIABLE TO NOT BE HARDCODED
bucketName = "csc-assignment-photo-bucket-aloy"
try:
s3Response = init_client().delete_object(bucketName, targetKey)
logging.info("deleteTalent -- S3 Delete response: %s", s3Response)
# Delete mySql table
deleteQuery = "DELETE FROM talents WHERE UrlLink LIKE '%s'", (
targetKey)
uploadToSql(deleteQuery)
except ClientError as e:
logging.error("deleteTalent -- %s", e)
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message=str(e)) from e
return response
def create_comment(request, response):
data = request.data
now = datetime.now()
count = 0
paId = ""
try:
insert_comment_query = "Insert into comment_management (UserId, TalentId, Comment, ParentId, CreatedAt, UpdatedAt) Values (%s, %s, %s, %s, %s, %s);"
getNewCommentId = "Select LAST_INSERT_ID();"
userId = int(data["userId"])
comment = data["content"]
createdAt = now.strftime("%Y-%m-%d %H:%M:%S")
updatedAt = now.strftime("%Y-%m-%d %H:%M:%S")
parentId = 0
if not data["parent"] is None:
parentId = int(data["parent"])
else:
parentId = None
talentId = int(data["talentId"])
commentId = insertComment(
insert_comment_query,
getNewCommentId,
(userId, talentId, comment, parentId, createdAt, updatedAt),
)
count = 1
id = [id[0] for id in commentId]
if count == 1:
get_new_comment_query = f"Select CommentId, c.UserId, Comment, ParentId, c.CreatedAt, c.UpdatedAt, UrlLink, Name, Bio, FullName, us.Subscription from talent t, comment_management c, users u, user_subscription us where c.TalentId = {data['talentId']} and CommentId = {id[0]} and c.TalentId = t.TalentId and u.Id = c.UserId and u.Subscription = us.Id;"
comment_result = getResult(get_new_comment_query)
oneResult = comment_result[0]
if oneResult["ParentId"] is None:
paId = None
else:
paId = int(oneResult["ParentId"])
createdBy = ""
createdByCurrentUser = True
if int(oneResult["UserId"]) == int(data["userId"]):
createdBy = "You"
createdByCurrentUser = True
else:
createdBy = oneResult["FullName"]
createdByCurrentUser = False
commentDict = {
"id": int(oneResult["CommentId"]),
"parent": paId,
"content": oneResult["Comment"],
"fullname": createdBy,
"created": str(oneResult["CreatedAt"]),
"modified": str(oneResult["UpdatedAt"]),
"createdByCurrentUser": createdByCurrentUser,
}
response.body = commentDict
return response
except Exception as e:
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message=str(e)) from e
def init_client():
try:
return boto3.client("dynamodb", region_name="us-east-1")
except ClientError as ce:
logging.exception("DynamoDB Failed")
raise WebException()
def create_comment(request, response):
data = request.data
now = datetime.now()
count = 0
paId = ""
username = get_session_username(data["session"])
try:
getUserDetails = f"Select * from user_data where UserName = '******';"
userData = getResult(getUserDetails)
oneUserDetail = userData[0]
insert_comment_query = "Insert into comment (UserId, TalentId, Comment, ParentId, CreatedAt, UpdatedAt) Values (%s, %s, %s, %s, %s, %s);"
getNewCommentId = "Select LAST_INSERT_ID();"
userId = oneUserDetail["Id"]
comment = data["content"]
createdAt = now.strftime("%Y-%m-%d %H:%M:%S")
updatedAt = now.strftime("%Y-%m-%d %H:%M:%S")
parentId = 0
if not data["parent"] is None:
parentId = int(data["parent"])
else:
parentId = None
talentId = int(data["talentId"])
commentId = insertComment(
insert_comment_query,
getNewCommentId,
(userId, talentId, comment, parentId, createdAt, updatedAt),
)
count = 1
id = [id[0] for id in commentId]
if count == 1:
get_new_comment_query = f"Select CommentId, UserId, Comment, ParentId, CreatedAt, UpdatedAt, UserName from comment c, user_data u where c.TalentId = {data['talentId']} and CommentId = {id[0]} and u.Id = c.UserId;"
comment_result = getResult(get_new_comment_query)
oneResult = comment_result[0]
if oneResult["ParentId"] is None:
paId = None
else:
paId = int(oneResult["ParentId"])
createdBy = ""
createdByCurrentUser = True
if oneResult["UserName"] == str(username):
createdBy = "You"
createdByCurrentUser = True
else:
createdBy = oneResult["UserName"]
createdByCurrentUser = False
commentDict = {
"id": int(oneResult["CommentId"]),
"parent": paId,
"content": oneResult["Comment"],
"fullname": createdBy,
"created": str(oneResult["CreatedAt"]),
"modified": str(oneResult["UpdatedAt"]),
"createdByCurrentUser": createdByCurrentUser,
}
response.body = commentDict
return response
except Exception as e:
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message=str(e)) from e
def get_comments(request, response):
data = request.data
username = get_session_username(data["session"])
commentList = []
try:
createdBy = ""
createdByCurrentUser = True
getUserDetails = f"Select SubscriptionPlan from user_data where UserName = '******';"
getCommentOfTalent = f"Select CommentId, c.UserId, Comment, ParentId, c.CreatedAt, c.UpdatedAt, UserName from talent t, comment c, user_data u where c.TalentId = {data['talentId']} and c.TalentId = t.TalentId and u.Id = c.UserId;"
userData = getResult(getUserDetails)
oneUserDetail = userData[0]
allCommentsResult = getResult(getCommentOfTalent)
for oneComment in allCommentsResult:
if not oneComment["ParentId"] is None:
if str(oneComment["UserName"]) in str(username):
createdBy = "You"
createdByCurrentUser = True
else:
createdBy = str(oneComment["UserName"])
createdByCurrentUser = False
commentDict = {
"id": int(oneComment["CommentId"]),
"createdByCurrentUser": createdByCurrentUser,
"content": oneComment["Comment"],
"fullname": createdBy,
"parent": oneComment["ParentId"],
"created": str(oneComment["CreatedAt"]),
"modified": str(oneComment["UpdatedAt"]),
}
commentList.append(commentDict)
else:
if str(oneComment["UserName"]) in str(username):
createdBy = "You"
createdByCurrentUser = True
else:
createdBy = oneComment["UserName"]
createdByCurrentUser = False
commentDict = {
"id": int(oneComment["CommentId"]),
"createdByCurrentUser": createdByCurrentUser,
"content": oneComment["Comment"],
"fullname": createdBy,
"parent": None,
"created": str(oneComment["CreatedAt"]),
"modified": str(oneComment["UpdatedAt"]),
}
commentList.append(commentDict)
response.body = {
"commentResult": commentList,
"SubscriptionPlan": oneUserDetail["SubscriptionPlan"],
}
return response
except Exception as e:
raise WebException(status_code=HTTPStatus.BAD_REQUEST,
message=str(e)) from e
