def login():
body = flask.request.get_json()
username = body['username']
password = body['password']
user = db.query_fetchone('get_user_by_username', {'username': username})
if security.check_password_hash(user['hashed_password'], password):
return _create_user_response(user)
flask.abort(400, 'incorrect username or password')
def set_tag_of_post():
body = flask.request.get_json()
user_id = jwt.get_jwt_identity()
post_id = int(body['post_id'])
tags = [{'post_id': post_id, 'tag': tag_name} for tag_name in body['tags']]
# check if is owner or moderator and above
post = db.query_fetchone('get_post_by_id', {'id': post_id})
user = db.query_fetchone('get_user_by_id', {'id': user_id})
if user_id != post['uploader_id'] and user['authority'] > 2:
flask.abort(401)
# delete all created post_tag
db.do_query('delete_post_tags_by_post_id', {
'post_id': post_id,
})
# insert new
db.do_query('insert_tag', tags)
return flask.jsonify({'post_id': post_id})
def info_change():
body = flask.request.get_json()
display_name = body['display_name']
old_password = body['old_password']
new_password = body['new_password']
user_id = jwt.get_jwt_identity()
user = db.query_fetchone('get_user_by_id', {'id': user_id})
if not security.check_password_hash(user['hashed_password'], old_password):
flask.abort(401)
hash_password = user['hashed_password']
if new_password:
hash_password = security.generate_password_hash(new_password,
salt_length=32)
user = db.query_fetchone('update_user_info', {
'display_name': display_name,
'hashed_password': hash_password,
})
return _create_user_response(user)
def clap_on_post():
body = flask.request.get_json()
user_id = jwt.get_jwt_identity()
post_id = int(body['post_id'])
amount = int(body['amount'])
result = db.query_fetchone('upsert_clap', {
'user_id': user_id,
'post_id': post_id,
'amount': amount,
})
return flask.jsonify(result)
def comment_on_post():
body = flask.request.get_json()
user_id = jwt.get_jwt_identity()
post_id = int(body['post_id'])
content = body['content']
time = datetime.utcnow()
result = db.query_fetchone('insert_comment', {
'user_id': user_id,
'post_id': post_id,
'content': content,
'time': time,
})
return flask.jsonify(result)
def register():
body = flask.request.get_json()
username = body['username']
password = body['password']
display_name = body['display_name']
user = db.query_fetchone(
'insert_user', {
'username':
username,
'hashed_password':
security.generate_password_hash(password, salt_length=32),
'display_name':
display_name,
'authority':
4,
})
return _create_user_response(user)
def create_post():
body = flask.request.get_json()
query = ''
params = {
'hidden': False,
'time': datetime.utcnow(),
'uploader_id': jwt.get_jwt_identity(),
'title': body['title'],
'total_claps': 0,
}
if body['type'] == 1:
params['status'] = 'queue'
query = 'insert_image_post'
elif body['type'] == 2:
params['content'] = body['content']
query = 'insert_discuss_post'
data = db.query_fetchone(query, params)
if body['type'] == 1:
file.write_base64_image_to_file(str(data['post_id']), body['file_b64'])
return flask.jsonify(data)
def get_user_info():
user_id = jwt.get_jwt_identity()
user = db.query_fetchone('get_user_by_id', {'id': user_id})
return _create_user_response(user)
def get_post_detail():
post_id = int(flask.request.args.get('post_id'))
data = db.query_fetchone('get_post_by_id', {'id': post_id})
return flask.jsonify(data)