async def on_post(self, req, resp, *, idx):
session = db_helper.session()
me = current_user(resp, session)
if me is None:
resp.status_code = 401
resp.html = render_template(resp, "401.html")
session.close()
return
try:
idx = int(idx)
user = session.query(User).get(idx)
except ValueError:
user = None
if user is None or me.id != user.id:
resp.status_code = 403
resp.html = render_template(resp, "403.html")
session.close()
return
params = await req.media()
if "_method" in params:
if params["_method"] == "patch":
self.on_patch(req, resp, session, me, user, params)
elif params["_method"] == "delete":
self.on_delete(req, resp, session, user)
session.close()
async def on_post(self, req, resp):
params = await req.media()
valid, msg = self._validate(params)
if not valid:
resp.status_code = 422
resp.html = render_template(resp, "sessions/new.html", messages=msg)
return
is_auth, user = self._authenticate(params["email"], params["password"])
if not is_auth:
msg = ["Authentication failed."]
resp.status_code = 403
resp.html = render_template(resp, "sessions/new.html", messages=msg)
return
# Login
login(resp, user.id)
redirect_to(resp, "/", 303)
resp.status_code = 303
async def on_post(self, req, resp):
params = await req.media()
validator = SignupValidator(params)
if not validator.valid:
resp.status_code = 422
resp.html = render_template(resp,
"signup/join.html",
messages=validator.messages)
return
session = db_helper.session()
err_msg = []
try:
hashed_pass = hash_password(params["password"])
user = User(
name=params["name"],
email=params["email"],
encrypted_password=hashed_pass,
)
session.add(user)
session.commit()
user = session.query(User).filter(
User.email == params["email"]).first()
except SQLAlchemyError as e:
print(e)
err_msg.append("Internal Server Error")
session.rollback()
except Exception as e:
print(e)
err_msg.append("Internal Server Error")
session.rollback()
finally:
session.close()
if len(err_msg) > 0:
resp.status_code = 500
resp.html = render_template(resp,
"signup/join.html",
messages=err_msg)
else:
login(resp, user.id)
resp.status_code = 201
resp.html = render_template(resp, "signup/registered.html")
async def on_get(self, req, resp, *, idx):
session = db_helper.session()
try:
idx = int(idx)
user = session.query(User).get(idx)
except ValueError:
user = None
me = current_user(resp, session)
if user:
resp.status_code = 200
resp.html = render_template(resp,
"users/show.html",
user=user,
me=me)
else:
resp.status_code = 404
resp.html = render_template(resp, "404.html")
def on_delete(self, req, resp, db_session, user):
ok = False
try:
db_session.delete(user)
db_session.commit()
logout(resp)
ok = True
except SQLAlchemyError as e:
print(e)
db_session.rollback()
except Exception as e:
print(e)
db_session.rollback()
finally:
db_session.close()
if ok:
resp.status_code = 200
resp.html = render_template(resp, "users/deleted.html")
else:
resp.status_code = 500
resp.html = render_template(resp, "500.html")
def on_patch(self, req, resp, db_session, me, user, params):
validator = UserValidator("update", params)
if not validator.valid:
resp.status_code = 422
resp.html = render_template(resp,
"users/show.html",
user=user,
me=me,
messages=validator.messages)
return
user.name = params.get("name", user.name)
user.profile = params.get("profile", user.profile)
user.location = params.get("location", user.location)
if "password" in params:
user.encrypted_password = hash_password(params["password"])
has_err = False
try:
db_session.commit()
except SQLAlchemyError as e:
print(e)
db_session.rollback()
has_err = True
except Exception as e:
print(e)
db_session.rollback()
has_err = True
if has_err:
resp.status_code = 500
resp.html = render_template(resp, "500.html")
else:
resp.status_code = 200
resp.html = render_template(resp,
"users/show.html",
user=user,
me=user)
async def on_get(self, req, resp):
resp.html = render_template(resp, "sessions/new.html")
async def on_get(self, req, resp):
resp.html = render_template(resp, "signup/join.html")
async def on_get(self, req, resp):
session = db_helper.session()
users = session.query(User).all()
resp.status_code = 200
resp.html = render_template(resp, "users/index.html", users=users)
def root_path(req, resp):
from app.helpers.api_helper import render_template
resp.html = render_template(resp, "index.html")