def subject_list(user_id): token_data = subject_list._token_data tokenUserId = token_data.get('id') try: user_id = int(user_id) except: return HTTP_ERR(status=400, message='bad user id') if tokenUserId != user_id: return HTTP_ERR(status=401, message='unauthorized') if request.method == 'GET': sList = subjectAPI.getListByUser_id(user_id) if sList['code'] != 200: return HTTP_ERR(status=sList['code'], message=sList['message']) return HTTP_OK(data=sList['data']) id_, name = getargs(request, 'id', 'name') if not name: return HTTP_ERR(status=400, message='parameters is missing') data = dict(name=name, user_id=user_id) if id_: data['id'] = id_ response = subjectAPI.update(data) if response['code'] != 200: return HTTP_ERR(status=response['code'], message=response['message']) return HTTP_OK() response = subjectAPI.save(data) if response['code'] != 200: return HTTP_ERR(status=response['code'], message=response['message']) return HTTP_OK()
def generate_handler(user_id, subject_id): token_data = generate_handler._token_data tokenUserId = token_data.get('id') if tokenUserId != int(user_id): return HTTP_ERR(status=401, message='UNAUTHORIZED') ticket_cnt, q_cnt, header, footer = getargs(request, 'ticket_cnt', 'question_cnt', 'header', 'footer') if not ticket_cnt or not q_cnt: return HTTP_ERR(status=400, message='BAD REQUEST') try: ticket_cnt = int(ticket_cnt) q_cnt = int(q_cnt) except: return HTTP_ERR(status=400, message='parameters must be integer') generate = Generate(subject_id, user_id, ticket_cnt, q_cnt, header, footer) if q_cnt > generate.count: return HTTP_ERR(status=400, message='can only make {} questions per ticket'.format( generate.count)) tickets = generate.getTickets() if tickets['code'] != 200: return HTTP_ERR(status=tickets['code'], message=tickets['message']) filename = tickets['data']['filename'] del tickets['data']['filename'] return HTTP_OK(data=tickets['data'], filename=filename, download='/api/download?filename=' + filename)
def token_verification(): token = getargs(request, 'token')[0] if not token: return HTTP_ERR(status=401, message='bad token') try: data = extract_auth_token(token) if data: return HTTP_OK(data=data) return HTTP_ERR(status=401, message='bad token') except: return HTTP_ERR(status=401, message='bad token')
def questionDelete(): question_id = getargs(request, 'question_id')[0] if not question_id: return HTTP_ERR(message='question id is missing', status=400) try: question_id = int(question_id) except: return HTTP_ERR(status=400) deleted = questionAPI.delete(question_id) if deleted['code'] != 200: return HTTP_ERR(status=deleted['code'], message=deleted['message']) return HTTP_OK()
def login(): email, password = getargs(request, 'email', 'password') if not email or not password: return abort(401) exist = usersDB.getByEmail(email) if exist['code'] == 404: return HTTP_ERR(status=400, message='user does not exist') if exist['code'] != 200: return HTTP_ERR(status=500, message=exist['message']) if password_verification(password, exist['data']['password']): user = exist['data'] token = generate_auth_token(user).decode() return HTTP_OK(data=user, token=token) return HTTP_ERR(status=401, message='bad login')
def question_list(user_id, subject_id): token_data = question_list._token_data tokenUserId = token_data.get('id') if tokenUserId != int(user_id): return HTTP_ERR(status=401, message='unauthorized') if request.method == 'GET': qList = questionAPI.getListBySubject_id(subject_id, user_id) if qList['code'] != 200: return HTTP_ERR(status=qList['code'], message=qList['message']) return HTTP_OK(data=qList['data']) if request.method == 'POST': text, hardness, id_ = getargs(request, 'text', 'hardness', 'id') if not text or not hardness: return HTTP_ERR(message='parameter is missing', status=400) data = dict(text=text, hardness=hardness, user_id=user_id, subject_id=subject_id) if id_: data['id'] = id_ response = questionAPI.update(data) return HTTP_OK(data=response) response = questionAPI.save(data) return HTTP_OK(data=response)
def subjectDelete(): tokenData = subjectDelete._token_data tokenUserId = tokenData.get('id') subject_id = getargs(request, 'subject_id')[0] if not subject_id: return HTTP_ERR(status=400, message='subject id is missing') try: subject_id = int(subject_id) except: return HTTP_ERR(status=400) deleted = subjectAPI.delete(subject_id) if deleted['code'] != 200: return HTTP_ERR(status=deleted['code'], message=deleted['message']) return HTTP_OK()
def register(): email, password = getargs(request, 'email', 'password') if not email or not password: return HTTP_ERR(message='parameter is missing', status=400) exist = usersDB.getByEmail(email) if exist['code'] == 200: return HTTP_ERR( message='user already exist by this email {}'.format(email), status=401) if exist['code'] != 404: return HTTP_ERR(message=exist['message']) data = {"email": email, "password": to_hash(password)} response = usersDB.save(data) if response['code'] != 200: return HTTP_ERR(message=response['message']) token = generate_auth_token(response['data']) return HTTP_OK(token=token.decode(), data=response['data'])