def kid(): form = AddKidForm(request.form) if form.validate_on_submit() and request.method == 'POST': if 'bus' in request.form: rand_pass = utils.rand(6) # store parent and get its unique id to store it in Kid table # BUT BUT ,if parent already register then don't re-register instead add this kid to previously added parent p = Parent(name=form.parent_name.data, password=rand_pass, email=form.email.data) p_id = p.add_or_get() k = Kid(name=form.kid_name.data, section=form.kid_section.data, bus_id=request.form['bus'], parent_id=p_id) from sqlite3 import IntegrityError k.add() # clear form field form.parent_name.data = form.email.data = form.kid_name.data = form.kid_section.data = form.parent_name.data = '' # TODO: Send this generated password to Parent email else: all_parent_kid = Parent.get_all_parent_kid_with_bus() all_bus = Bus().get_all() return render_template('admin/kid.html', form=form, bus_data=all_bus, bus_error='Must Select a Bus', all_parent_kid=all_parent_kid) all_parent_kid = Parent.get_all_parent_kid_with_bus() all_bus = Bus().get_all() return render_template('admin/kid.html', form=form, bus_data=all_bus, all_parent_kid=all_parent_kid)
def login(): js = request.json if js is not None: if 'username' in js and 'password' in js: email = js['username'] _pass = js['password'] parent = Parent.get_user(email) if parent is None: return make_response( jsonify(status='error', message='invalid user'), 403) name = parent[1] phone = parent[3] pass_hash = parent[4] if pass_hash is not False and SessionHelper.is_password_correct( pass_hash, _pass): # ok correct user m_token = utils.rand(40) m_expire = utils.get_expiry_date_full() # update this token Parent.update_token(email, m_token, m_expire) return jsonify(status='ok', message='ok login', token=m_token, expires=m_expire, name=name, phone=phone, email=email) else: return make_response( jsonify(status='error', message='invalid user'), 403) else: return jsonify(status='error', message='incorrect parameters') else: return jsonify(status='error', message='only json body is allowed')
def decorated_function(*args, **kwargs): if 'token' in request.args and Parent.is_valid_token( request.args['token']): pass else: return make_response( jsonify(status='error', message='unauthorized user'), 403) return f(*args, **kwargs)
def arriving_buses(self): kids = Parent.get_kids(self.token) # iterate for each kid arr = [] for k in kids: k_id = k['kid']['id'] b_id = k['bus']['bus_id'] res = self.__get_journey__(k_id, b_id) if res is not None: res['name'] = k['kid']['name'] arr.append(res) return arr
def get_recent_ride(): # requires param kid_id if 'kid_id' in request.args: kid_id = request.args['kid_id'] token = request.args['token'] # if parent is authorised for this kid if not Parent.is_kidOf(kid_id, token): return make_response( jsonify(status='error', message='un-authorized access'), 403) try: a = ActiveRide(token) return jsonify(rides=a.get_recent_rides(kid_id), status='ok', message='fetched recent rides') except: return make_response(jsonify(status='error'), 403) else: return jsonify(status='error', message='incorrect request')
def get_active_ride(self): kids = Parent.get_kids(self.token) # may be None if kids is None: raise ValueError('invalid token') # error 403 rides = [] for kid_bus in kids: kid = kid_bus['kid'] res = self.__sql__(kid['id']) if res is not None: rides.append({ "kid": kid, "journey_id": res[0], "journey_type": res[1], "current_gps": res[2], "start_time": res[3], "start_gps": res[4] }) return rides
def feedback(): js = request.json if 'title' in js and 'detail' in js: token = request.args['token'] title = js['title'] detail = js['detail'] date = utils.get_date_full() p = Parent.get_parent_id(token) p_id = p[0] name = p[1] email = p[2] f = Feedback(name=name, email=email, title=title, message=detail, date=date, p_id=p_id) f.add() return jsonify(status='ok', message='feedback sent') else: return jsonify(status='error', message='incorrect request')
def get_my_kids(): return jsonify(kids=Parent.get_kids(request.args['token']), status='ok', message='ok')