def on_put(self, req, res): username = req.get_json('username', dtype=str, min=3, max=20) password = req.get_json('password', dtype=str, min=8, max=20) new_password = req.get_json('new_password', dtype=str, min=8, max=20) users = db.fetch_users(username) user_id = str(uuid.uuid4()) pasword = make_password_hashing(new_password) if len(users) == 1: if not checking_password_hash(password, users[0]['password']): error = { 'description': 'Incorrect password entered', } LOG.error(error) raise generic_error_handler(401, req=req, error_override=error) else: db.replace_user_info(user_id, username, pasword) elif len(users) > 1: error = { 'description': f"There was more than 1 user found for username: '******'" } LOG.error(error) raise generic_error_handler(400, req=req, error_override=error) else: db.create_user(user_id, username, pasword) data = { 'id': user_id, 'username': username } self.on_success(res, data)
def on_get(self, req, res, user_id=None): if req.get_header('SUPER-ADMIN-KEY') == SUPER_ADMIN_KEY: if user_id: users = db.fetch_users(user_id=user_id, hide_pass=True) if users: data = { 'id': user_id, 'username': users[0]['username'] } else: error = { 'description': 'Invalid user_id', 'details': f"{user_id} doesn't exist." } LOG.error(error) raise generic_error_handler(404, req=req, error_override=error) else: username = req.params.get('username') user_id = req.params.get('id') users = db.fetch_users(username=username, user_id=user_id, hide_pass=True) data = {'count': len(users),'items': users} self.on_success(res, data) else: error = { 'description': 'Unauthorized', 'details': "Permission Denied" } LOG.error(error) raise generic_error_handler(401, req=req, error_override=error)
def on_post(self, req, res): if "multipart/form-data" in req.content_type: username = req.params.get('username') password = req.params.get('password') elif "application/json" in req.content_type: username = req.get_json('username', dtype=str, min=3, max=20) password = req.get_json('password', dtype=str, min=8, max=20) else: error = { 'description': 'Invalid content-type', 'details': 'Only \'multipart/form-data\' and \'json/application\' allowed' } LOG.error(error) raise generic_error_handler(415, req=req, error_override=error) users = db.fetch_users(username) if len(users) >= 1: error = { 'description': 'Invalid username', 'details': f"user '{username}' already exists." } LOG.error(error) raise generic_error_handler(400, req=req, error_override=error) else: user_id = str(uuid.uuid4()) pasword = make_password_hashing(password) db.create_user(user_id, username, pasword) data = { 'id': user_id, 'username': username } self.on_created(res, data)
def on_post(self, req, res): username = req.get_json('username', dtype=str) password = req.get_json('password', dtype=str) users = db.fetch_users(username) if len(users) == 1: if not checking_password_hash(password, users[0]['password']): error = { 'description': 'either username or password is invalid' } LOG.error(error) raise generic_error_handler(401, req=req, error_override=error) else: payload = OrderedDict() payload['id'] = users[0]['id'] payload['username'] = username data = jwt_payload_handler(payload) payload = {**payload, **data} self.on_success(res, payload) elif len(users) > 1: error = { 'description': f"There was more than 1 user found for username: '******'" } LOG.error(error) raise generic_error_handler(401, req=req, error_override=error) else: error = {'description': 'either username or password is invalid'} LOG.error(error) raise generic_error_handler(401, req=req, error_override=error)
def on_delete(self, req, res, user_id=None): if user_id: users = db.fetch_users(None, user_id=user_id, hide_pass=True) if users: if req.get_header('SUPER_ADMIN_KEY') == SUPER_ADMIN_KEY: db.delete_from_table('users', user_id) if req.params.get('details') == 'true': data = users[0] data['meta'] = {'action': f'user \'{users[0]["username"]}\' has been deleted'} self.on_success(res, data) else: self.on_no_content(res, {}) else: error = { 'description': 'Unauthorized', 'details': "Permission Denied" } LOG.error(error) raise generic_error_handler(401, req=req, error_override=error) else: error = { 'description': 'Invalid user_id', 'details': f"{user_id} doesn't exist." } LOG.error(error) raise generic_error_handler(404, req=req, error_override=error) else: raise generic_error_handler(500, req=req)
def process_request(self, req, resp): if not req.client_accepts_json: error = { "description": "This API only supports responses encoded as JSON." } raise generic_error_handler(400, req=req, error_override=error) if req.method not in ('OPTIONS') and req.method not in ( 'GET') and req.method not in ('DELETE'): if not req.content_type: error = { "title": "Unsupported media type", "description": "Malformed JSON" } raise generic_error_handler(415, req=req, error_override=error) elif "multipart/form-data" not in req.content_type: if 'application/json' not in req.content_type: error = { "title": "Unsupported media type", "description": "Missing required header", "details": { "choices": ["multipart/form-data", "application/json"] } } raise generic_error_handler(415, req=req, error_override=error)
def on_post(self, req, res): skills = req.get_json('skills') if not isinstance(skills, list): error = { 'description': 'invalid skills', 'details': f"'skills' field needs to be an array/list" } LOG.error(error) raise generic_error_handler(400, req=req, error_override=error) astronaut = { 'id': str(uuid.uuid4()), 'active': True, 'firstName': req.get_json('firstName', dtype=str, min=3, max=20), 'lastName': req.get_json('lastName', dtype=str, min=3, max=20), 'skills': skills, 'hoursInSpace': req.get_json('hoursInSpace', dtype=int, min=0), 'picture': req.get_json('picture', dtype=str, min=3) } try: db.add_astronauts_bulk([astronaut]) except Exception as ex: error = {'description': ex} LOG.error(error) raise generic_error_handler(400, req=req, error_override=error) self.on_created(res, astronaut)
def validate_token(req, resp, resource, params): LOG.debug('JWT Validation') token = req.get_header('Authorization') if token is None: error = { "description": "Please provide JWT token as part of the request." } raise generic_error_handler(401, error_override=error) try: token_is_valid(req, token) except Exception as ex: error = {"description": "invalid token, try again", "details": str(ex)} raise generic_error_handler(401, error_override=error)
def on_get(self, req, res, **kwargs): if req.path in ['/', '/healthcheck']: res.status = falcon.HTTP_200 data = self.BASE_TEMPLATE meta = {'code': 200, 'message': 'OK'} data['meta'] = meta res.json = data else: raise generic_error_handler(500, req=req)
def on_patch(self, req, res): username = req.get_json('username', dtype=str, min=3, max=20) password = req.get_json('password', dtype=str, min=8, max=20) new_password = req.get_json('new_password', dtype=str, min=8, max=20) pasword = make_password_hashing(new_password) users = db.fetch_users(username) if len(users) == 1: if not checking_password_hash(password, users[0]['password']): error = { 'description': 'Incorrect password entered', } LOG.error(error) raise generic_error_handler(401, req=req, error_override=error) else: db.update_password(users[0]['id'], pasword) data = { 'id': users[0]['id'], 'username': username } self.on_success(res, data) elif len(users) > 1: error = { 'description': f"There was more than 1 user found for username: '******'" } LOG.error(error) raise generic_error_handler(400, req=req, error_override=error) else: error = { 'description': 'Invalid username', 'details': f"{username} doesn't exist." } LOG.error(error) raise generic_error_handler(404, req=req, error_override=error)
def on_patch(self, req, res, id_): params = {'id_': id_} astronauts = db.fetch_astronauts(filters=params) if astronauts: data = astronauts[0] payload = OrderedDict() payload["active"] = req.get_json("active", default=data['active']) payload["firstName"] = req.get_json("firstName", default=data['firstName']) payload["lastName"] = req.get_json("lastName", default=data['lastName']) skills = req.get_json("skills", default=data['skills']) if not isinstance(skills, list): error = { 'description': 'invalid skills', 'details': f"'skills' field needs to be an array/list" } LOG.error(error) raise generic_error_handler(400, req=req, error_override=error) payload["skills"] = skills payload["hoursInSpace"] = req.get_json( "hoursInSpace", default=data['hoursInSpace']) payload["picture"] = req.get_json("picture", default=data['picture']) db.update_astronaut_info(id_, fields=payload) else: error = { 'description': 'Invalid astronaut', 'details': f"An astronaut with id '{id_}' doesn't exist." } LOG.error(error) raise generic_error_handler(404, req=req, error_override=error) payload = {**{'id': id_}, **payload} self.on_success(res, payload)
def on_get(self, req, res, id_): params = {'id_': id_} astronauts = db.fetch_astronauts(filters=params) if astronauts: data = astronauts[0] else: error = { 'description': 'Invalid astronaut', 'details': f"An astronaut with id '{id_}' doesn't exist." } LOG.error(error) raise generic_error_handler(404, req=req, error_override=error) self.on_success(res, data)
def on_delete(self, req, res, id_): params = {'id_': id_} astronauts = db.fetch_astronauts(filters=params) if astronauts: data = astronauts[0] astronaut_id = astronauts[0]['id'] db.delete_from_table('astronauts', astronaut_id) else: error = { 'description': 'Invalid astronaut', 'details': f"An astronaut with id '{id_}' doesn't exist." } LOG.error(error) raise generic_error_handler(404, req=req, error_override=error) if req.params.get('details') == 'true': data['meta'] = { 'action': f'astronaut {astronauts[0]["firstName"]} {astronauts[0]["lastName"]} has been deleted' } self.on_success(res, data) else: self.on_no_content(res, {})
def on_delete(self, req, res, **kwargs): raise generic_error_handler(405, req=req)