def handleFacebookUser(): fb_response = request.json.get(Labels.FbResponse) guest_jwt = request.json.get(Labels.Jwt) guest_user = JwtUtil.getUserInfoFromJwt(guest_jwt) fb_id = fb_response.get(Labels.Id) if fb_id == None: return JsonUtil.failure() fb_user = User.query.filter_by(fb_id=fb_response.get(Labels.Id)).first() # if the fb_user already has an account if fb_user: fb_user.transferGuestCart(guest_user) user_jwt = JwtUtil.create_jwt(fb_user.toJwtDict()) user_info = fb_user.toPublicDictFast() output = {Labels.User: user_info, Labels.Jwt: user_jwt} return JsonUtil.successWithOutput(output) register_user_response = User.registerFacebookUser(fb_response, guest_user) if register_user_response.get(Labels.Success): register_user_response[Labels.Jwt] = JwtUtil.create_jwt( register_user_response[Labels.Jwt]) return JsonUtil.successWithOutput(register_user_response) else: return JsonUtil.failureWithOutput(register_user_response) return JsonUtil.failure()
def updateProductInfo(admin_user): product_id = request.json.get(Labels.ProductId) product = request.json.get(Labels.Product) sale_end_date = product.get('sale_end_date') print(sale_end_date) name = request.json.get(Labels.Name) tags = request.json.get(Labels.Tags) this_product = MarketProduct.query.filter_by(product_id=product_id).first() if product == None: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("There was no input") if this_product == None: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("Error retrieving product information") for key in product.keys(): try: if key in MarketProduct.INTEGER_INPUTS: if product.get(key): value = int(product.get(key)) else: value = None else: value = product.get(key) if key == Labels.ProductListingTags: tag_list = value.split(',') print(tag_list) this_product.updateProductListingTags(tag_list) if key == Labels.ProductSearchTags: tag_list = value.split(',') this_product.updateProductSearchTags(tag_list) if key == Labels.RelatedProductTags: tag_list = value.split(',') this_product.updateRelatedProductTags(tag_list) elif value != None: setattr(this_product, key, value) except: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure(key + " input is invalid") db.session.commit() AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=True) return JsonUtil.success(Labels.Product, this_product.toPublicDict())
def setMainProductPhoto(admin_user): product_id = request.json.get(Labels.ProductId) image_id = request.json.get(Labels.ImageId) this_product = MarketProduct.query.filter_by(product_id=product_id).first() if this_product == None: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("Error retrieving product information") this_image = ProductImage.query.filter_by(image_id=image_id).first() if this_image == None: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("Error retrieving image") this_product.main_image = image_id db.session.commit() AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=True) return JsonUtil.success(Labels.Product, this_product.toPublicDict())
def checkAdminLogin(): ip = request.remote_addr username = request.json.get(Labels.Username) password = request.json.get(Labels.Password) if LoginAttempt.blockIpAddress(ip): LoginAttempt.addLoginAttempt(username, ip, success=False, is_admin=True) return JsonUtil.failure(ErrorMessages.IpBlocked) if AdminUser.checkLogin(username, password): admin_user = AdminUser.query.filter_by(username=username).first() admin_jwt = JwtUtil.create_jwt(admin_user.toPublicDict()) LoginAttempt.addLoginAttempt(username, ip, success=True, is_admin=True) return JsonUtil.successWithOutput({ Labels.User: admin_user.toPublicDict(), "jwt": admin_jwt }) else: LoginAttempt.addLoginAttempt(username, ip, success=False, is_admin=True) return JsonUtil.failure(ErrorMessages.InvalidCredentials)
def updateVariant(admin_user): product_id = request.json.get(Labels.ProductId) this_product = MarketProduct.query.filter_by(product_id=product_id).first() if this_product == None: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("Invalid submission") variant = request.json.get(Labels.Variant) if not variant: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("Invalid variant") this_variant = ProductVariant.query.filter_by( variant_id=variant[Labels.VariantId]).first() if not this_variant: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("Invalid variant") this_variant.updateVariant(variant) AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=True) return JsonUtil.success()
def updateHomeImage(admin_user): image_id = request.json.get(Labels.ImageId) live = request.json.get(Labels.Live) image_text = request.json.get(Labels.ImageText) if not image_id: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("Bad home image input") home_image = HomeImage.query.filter_by(image_id=image_id).first() if not home_image: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("Bad home image input") home_image.updateHomeImage(live, image_text) AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=True) return JsonUtil.success()
def checkRecoveryInformation(): recovery_pin = request.json.get(Labels.RecoveryPin) user = User.query.filter_by(recovery_pin=recovery_pin).first() if user: if datetime.datetime.now() > user.recovery_pin_expiration: return JsonUtil.failure(ErrorMessages.ExpiredLink) else: return JsonUtil.success() else: return JsonUtil.failure(ErrorMessages.ExpiredLink)
def setRecoveryPin(): email = request.json.get(Labels.Email) if email == None or email == "": return JsonUtil.failure(ErrorMessages.BlankEmail) user = User.query.filter_by(email=email).first() if user: user.setRecoveryPin() EmailLib.sendRecoveryEmail(user) return JsonUtil.success() else: return JsonUtil.failure()
def getMarketProductInfo(): product_id = request.json.get(Labels.ProductId) if not product_id: return JsonUtil.failure("Bad Product Id") if not product_id.isdigit(): return JsonUtil.failure("Bad Product Id") market_product = MarketProduct.query.filter_by(product_id = product_id).first() if market_product == None: return JsonUtil.failure("Error retrieving product information") else: return JsonUtil.success(Labels.Product, market_product.toPublicDict())
def confirmProductRequest(): confirmation_id = request.json.get(Labels.ConfirmationId) if confirmation_id == None: return JsonUtil.failure("No confirmation id sent or bad input") this_request = Request.query.filter_by(confirmation_id = confirmation_id).first() if this_request == None: return JsonUtil.failure("Bad confirmation id") this_request.confirmed = True db.session.commit() return JsonUtil.success()
def softDeleteAccount(this_user): if this_user.fb_id: this_user.softDeleteAccount() else: password = request.json.get(Labels.Password) password_confirm = request.json.get(Labels.PasswordConfirm) if password != password_confirm: return JsonUtil.failure(ErrorMessages.InvalidCredentials) if not this_user.checkLogin(password): return JsonUtil.failure(ErrorMessages.InvalidCredentials) this_user.softDeleteAccount() return JsonUtil.success()
def signUpForLandingList(): email = request.json.get(Labels.Email) email_matches = LaunchListEmail.query.filter_by(email=email).first() if email_matches: return JsonUtil.failure("You've already subscribed") if not validate_email(email): return JsonUtil.failure("Invalid email, please try again") try: EmailLib.sendLaunchListEmail(email) except Exception as e: return JsonUtil.failure("Error sending email, please try again") return JsonUtil.success()
def subscribeUserToEmailList(): email_list_id = request.json.get(Labels.EmailListId) email = request.json.get(Labels.Email) new_sub = EmailSubscription.addEmailSubscription(email, email_list_id) if not new_sub: return JsonUtil.failure() return JsonUtil.success()
def changePassword(this_user): old_password = request.json.get(Labels.OldPassword) new_password = request.json.get(Labels.Password) new_password_confirm = request.json.get(Labels.PasswordConfirm) if new_password == new_password_confirm: valid_password = this_user.changePassword(old_password, new_password) if valid_password: output = { Labels.User: this_user.toPublicDict(), Labels.Jwt: JwtUtil.create_jwt(this_user.toJwtDict()) } return JsonUtil.successWithOutput(output) else: return JsonUtil.failure(ErrorMessages.InvalidCredentials) else: return JsonUtil.failure(ErrorMessages.InvalidCredentials)
def deleteUserCreditCard(this_user): card_id = request.json.get(Labels.StripeCardId) try: this_user.deleteCreditCard(card_id) return JsonUtil.success() except: return JsonUtil.failure(ErrorMessages.CardDeleteError)
def deleteUserAddress(this_user): address_id = request.json.get(Labels.AddressId) try: this_user.deleteAddress(address_id) return JsonUtil.success() except: return JsonUtil.failure(ErrorMessages.AddressDeleteError)
def getEmailListInfo(admin_user): email_list_id = request.json.get(Labels.EmailListId) email_list_info = EmailList.getEmailListInfo(email_list_id) if not email_list_info: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success = False) return JsonUtil.failure() AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success = True) return JsonUtil.successWithOutput({Labels.EmailList : email_list_info.toPublicDict()})
def unsubscribeUserFromEmailList(): unsubscribe_id = request.json.get(Labels.UnsubscribeId) email_subscriber = EmailSubscription.query.filter_by(unsubscribe_id = unsubscribe_id).first() if not email_subscriber: return JsonUtil.failure() db.session.delete(email_subscriber) db.session.commit() return JsonUtil.successWithOutput({Labels.EmailList : email_list_info.toPublicDict()})
def updateSettings(this_user): new_settings = request.json.get(Labels.NewSettings) if not User.isValidEmail(new_settings[Labels.Email]): return JsonUtil.failure( ErrorMessages.invalidEmail(new_settings[Labels.Email])) if new_settings.get(Labels.Name) == "": return JsonUtil.failure(ErrorMessages.BlankName) if not isinstance(new_settings.get(Labels.Name), str): return JsonUtil.failure(ErrorMessages.InvalidName) if len(new_settings.get(Labels.Name)) > User.NAME_MAX_LENGTH: return JsonUtil.failure(ErrorMessages.LongName) if not validate_email(new_settings.get(Labels.Email)): return JsonUtil.failure(ErrorMessages.InvalidEmail) email_match = User.query.filter_by( email=new_settings[Labels.Email].lower()).first() if email_match: if email_match.account_id != this_user.account_id: return JsonUtil.failure( ErrorMessages.inUseEmail(new_settings[Labels.Email])) if new_settings[Labels.Name] == "": return JsonUtil.failure(ErrorMessages.BlankName) # if not all(x.isalpha() or x.isspace() for x in new_settings[Labels.Name]): # return JsonUtil.failure(ErrorMessages.InvalidName) response = this_user.updateSettings(new_settings) return JsonUtil.successWithOutput(response)
def addFeedback(): email = request.json.get(Labels.Email) name = request.json.get(Labels.Name) feedback_content = request.json.get(Labels.FeedbackContent) category = request.json.get(Labels.Category) order_id = request.json.get(Labels.OrderId) if category == "": return JsonUtil.failure(ErrorMessages.BlankCategory) if feedback_content == "": return JsonUtil.failure(ErrorMessages.BlankMessage) this_feedback = Feedback(email, name, feedback_content, category, order_id) db.session.add(this_feedback) db.session.commit() # then email us about the feedback EmailLib.sendFeedbackEmailNotification(this_feedback) return JsonUtil.success()
def wrapper(): jwt = request.json.get(Labels.Jwt) admin_user = JwtUtil.decodeAdminJwt(jwt) if not admin_user: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure(ErrorMessages.InvalidCredentials) return func(admin_user)
def softDeleteProductRequestByRequestId(): jwt = request.json.get(Labels.Jwt) decoded_jwt = JwtUtil.decodeAdminJwt(jwt) if not decoded_jwt: AdminAction.addAdminAction(decoded_jwt, request.path, request.remote_addr, success = False) return JsonUtil.jwt_failure() request_id = request.json.get(Labels.RequestId) if request_id == None: AdminAction.addAdminAction(decoded_jwt, request.path, request.remote_addr, success = False) return JsonUtil.failure("Bad input") this_request = Request.query.filter_by(request_id = request_id).first() if this_request == None: AdminAction.addAdminAction(decoded_jwt, request.path, request.remote_addr, success = False) return JsonUtil.failure("This request id doesn't exist") this_request.soft_deleted = True db.session.commit() AdminAction.addAdminAction(decoded_jwt, request.path, request.remote_addr, success = True) return JsonUtil.success()
def addNewEmailList(admin_user): new_email_list_name = request.json.get(Labels.NewEmailListName) matching_list = EmailList.query.filter_by(email_list_name = new_email_list_name).first() if matching_list: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success = False) return JsonUtil.failure(ErrorMessages.EmailListNameTaken) EmailList.addNewEmailList(new_email_list_name) AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success = True) return JsonUtil.successWithOutput()
def checkPassword(this_user): input_password = request.json.get(Labels.Password) if this_user.checkLogin(input_password): output = { Labels.User: this_user.toPublicDict(), Labels.Jwt: JwtUtil.create_jwt(this_user.toJwtDict()) } return JsonUtil.successWithOutput(output) else: return JsonUtil.failure(ErrorMessages.InvalidCredentials)
def getRelatedProductsByTag(): product_id = request.json.get(Labels.ProductId) this_product = MarketProduct.query.filter_by(product_id = product_id).first() if not this_product: return JsonUtil.failure() matching_products = this_product.getRelatedProductsByTag() return JsonUtil.successWithOutput({ Labels.Products : [product.toPublicDict() for product in matching_products] })
def recoverySetPassword(): password = request.json.get(Labels.Password) password_confirm = request.json.get(Labels.PasswordConfirm) recovery_pin = request.json.get(Labels.RecoveryPin) user = User.query.filter_by(recovery_pin=recovery_pin).first() if not password or password == "" or not password_confirm or password_confirm == "": return JsonUtil.failure(ErrorMessages.BlankPassword) if password != password_confirm: return JsonUtil.failure(ErrorMessages.PasswordConfirmMismatch) if user: if user.recovery_pin_expiration: if datetime.datetime.now() > user.recovery_pin_expiration: return JsonUtil.failure(ErrorMessages.ExpiredLink) else: is_valid_password = User.validatePasswordSubimssion(password) if is_valid_password[Labels.Success]: user.setPasswordWithRecovery(password) return JsonUtil.success() else: return JsonUtil.failure(is_valid_password[Labels.Error]) else: return JsonUtil.failure(ErrorMessages.ExpiredLink) else: return JsonUtil.failure(ErrorMessages.ExpiredLink)
def confirmEmail(): email_confirmation_id = request.json.get(Labels.EmailConfirmationId) this_user = User.query.filter_by( email_confirmation_id=email_confirmation_id).first() if this_user == None: return JsonUtil.failure() else: this_user.confirmEmail() return JsonUtil.successWithOutput({ Labels.User: this_user.toPublicDict(), Labels.Jwt: JwtUtil.create_jwt(this_user.toJwtDict()) })
def uploadManufacturerLogo(admin_user): product_id = request.json.get(Labels.ProductId) image_data = request.json.get(Labels.ImageData) if image_data == None: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("No image has been uploaded!") image_bytes = image_data.encode('utf-8') image_decoded = base64.decodestring(image_bytes) this_product = MarketProduct.query.filter_by(product_id=product_id).first() if this_product == None: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("Product doesn't exist") this_product.addManufacturerLogo(image_decoded) AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=True) return JsonUtil.success()
def getAdminMarketProductInfo(admin_user): product_id = request.json.get(Labels.ProductId) market_product = MarketProduct.query.filter_by( product_id=product_id).first() if market_product == None: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("Error retrieving product information") else: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=True) return JsonUtil.success(Labels.Product, market_product.toPublicDict())
def uploadHomeImage(admin_user): image_data = request.json.get(Labels.ImageData) if image_data == None: AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=False) return JsonUtil.failure("No image has been uploaded!") image_bytes = image_data.encode('utf-8') image_decoded = base64.decodestring(image_bytes) HomeImage.addHomeImage(image_decoded) AdminAction.addAdminAction(admin_user, request.path, request.remote_addr, success=True) return JsonUtil.success()