def post(self):
data = Sec.encode_data(parser.parse_args())
try:
pass_ = sha512(data['pass_'].encode()).hexdigest()
cur.execute(
"SELECT * FROM librarians.user WHERE email=%s AND haslo=%s;",
(data['login'].lower(), pass_))
resp = cur.fetchone()
if resp:
d = date.today() - resp[6]
print(d.days)
if d.days >= 30:
d = '1'
else:
d = '0'
cache = ''.join(
random.sample('qwertyuiopasdfghjklzxcvbnm123456789', 32))
auth_k.append((cache, resp[0]))
open('pem/' + cache + '.pem', 'wb').write(data['publicKey'])
return {
'auth': Sec.encrypt_(cache, Sec.get_public()),
'master': Sec.encrypt_(str(resp[5]), data['publicKey']),
'data': Sec.encrypt_(d, data['publicKey'])
}, 200
else:
return {'status': 'zle dane'}, 406
except:
return {'status': 'blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
name = data['arg1'].split('/')
cur.execute(
"SELECT * FROM librarians.user WHERE imie=%s AND nazwisko=%s AND email=%s;",
(name[0], name[1], data['arg2']))
resp = cur.fetchall()
if resp:
return {'status': 'istnieje'}, 507
else:
if data['arg3'] == 'True': data['arg3'] = '1'
else: data['arg3'] = '0'
d = date.today()
password = ''.join(
random.sample('qwertyuiopasdfghjklzxcvbnm1234567890', 8))
cur.execute(
"INSERT INTO librarians.user VALUES (default, %s, %s, %s, %s, %s, %s);",
(name[0], name[1], data['arg2'],
sha512(password.encode('UTF-8')).hexdigest(),
data['arg3'], d.isoformat()))
pub = open('pem/' + data['key'] + '.pem', 'rb').read()
return {
'status': 'dodano',
'data': Sec.encrypt_(password, pub)
}, 201
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("""
SELECT bor.rented, re.name, bo.title, bor.give_back, bor.id_br
FROM librarians.borrows AS bor, librarians.books AS bo, librarians.readers AS re
WHERE bor.name_id=re.id_r AND bor.book_id=bo.id_b
ORDER BY bor.id_br ASC;
""")
resp = cur.fetchall()
if resp:
ret = {}
pub = open('pem/' + data['key'] + '.pem', 'rb').read()
for borrow in range(len(resp)):
cache = (resp[borrow][0].isoformat(), resp[borrow][1],
resp[borrow][2], resp[borrow][3], resp[borrow][4])
ret.update({
borrow:
[Sec.encrypt_(str(value), pub) for value in cache]
})
return ret, 200
else:
return {'status': 'brak danych'}, 204
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
accept = False
for key in auth_k:
if key[0] == data['key']:
accept = str(key[1])
break
if accept:
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("SELECT master FROM librarians.user WHERE id=%s ORDER BY id ASC;", (accept, ))
resp = cur.fetchone()
if resp:
cur.execute("SELECT * FROM librarians.user;")
resp = cur.fetchall()
ret = {}
pub = open('pem/'+data['key']+'.pem', 'rb').read()
for user in range(len(resp)):
ret.update({user: [Sec.encrypt_(str(value), pub) for value in resp[user]]})
return ret, 200
else:
return {'status': 'brak autoryzacji'}, 401
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("SELECT * FROM librarians.books ORDER BY id_b ASC;")
resp = cur.fetchall()
if resp:
ret = {}
pub = open('pem/' + data['key'] + '.pem', 'rb').read()
for reader in range(len(resp)):
ret.update({
reader + 1: [
Sec.encrypt_(str(value), pub)
for value in resp[reader]
]
})
return ret, 200
else:
return {'status': 'brak danych'}, 204
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
user_id = str([x[1] for x in auth_k if x[0] == data['key']][0])
if not user_id:
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute(
"SELECT imie, nazwisko, email, master FROM librarians.user WHERE id=%s;",
(user_id, ))
resp = cur.fetchone()
if resp:
pub = open('pem/' + data['key'] + '.pem', 'rb').read()
return {
'data': [Sec.encrypt_(str(value), pub) for value in resp]
}, 200
else:
return {'status': 'brak danych'}, 204
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("SELECT * FROM librarians.readers WHERE name=%s AND addres=%s;", (data['arg1'], data['arg2']))
resp = cur.fetchall()
if resp:
return {'status': 'istnieje'}, 507
else:
password = ''.join(random.sample('qwertyuiopasdfghjklzxcvbnm1234567890', 8))
cur.execute("INSERT INTO librarians.readers VALUES (default ,%s, %s, 'null', %s, 'false', %s);",
(data['arg1'], data['arg2'], sha512(password.encode('UTF-8')).hexdigest(), data['login']))
pub = open('pem/'+data['key']+'.pem', 'rb').read()
return {'status': 'dodano', 'login': Sec.encrypt_(data['arg1'], pub),
'haslo': Sec.encrypt_(password, pub)}, 201
except Exception:
return {'status': 'wystapil blad'}, 500
def post(self):
data = Sec.encode_data(parser.parse_args())
if not login_required(data):
return {'status': 'brak autoryzacji'}, 401
try:
cur.execute("SELECT * FROM librarians.readers WHERE id_r=%s;",
(data['arg1'], ))
resp = cur.fetchone()
if resp:
pub = open('pem/' + data['key'] + '.pem', 'rb').read()
return {
'data': [Sec.encrypt_(str(value), pub) for value in resp]
}, 200
else:
return {'status': 'brak danych'}, 204
except Exception:
return {'status': 'wystapil blad'}, 500