def user_edit_route():
error_message = []
message = []
if 'username' not in session:
return redirect(
url_for('index.login_route') + '?url=' +
url_for('user.user_edit_route'))
username = session['username']
this_user = extensions.get_user(username)
return render_template('user_edit.html',
error_mess=error_message,
user=extensions.get_user(username))
def get_api_user_helper(username):
user = extensions.get_user(username)
response = {}
response['username'] = user.get_username()
response['firstname'] = user.get_firstname()
response['lastname'] = user.get_lastname()
response['email'] = user.get_email()
return jsonify(response), 201
def albums_route():
name = request.args.get('username')
if 'username' not in session:
if name == '':
return (redirect(
url_for('index.login_route') + '?url=' +
url_for('albums.albums_route')))
else:
publicAlbums = extensions.get_all_public_albums_individual(name)
return render_template('album_list_nosession.html',
name=name,
publicAlbums=publicAlbums)
username = session['username']
user = extensions.get_user(username)
return render_template('album_list.html', user=user)
def albums_edit_route():
if 'username' not in session:
return (redirect(
url_for('index.login_route') + '?url=' +
url_for('albums.albums_edit_route')))
username = session['username']
if request.method == 'POST':
if request.form['op'] == 'delete':
extensions.delete_album(request.form['albumid'])
elif request.form['op'] == 'add':
extensions.create_album(request.form['username'],
request.form['title'])
user = extensions.get_user(username)
return render_template('album_list_edit.html', user=user)
def user_api():
username = ''
print 'got to func'
print 'got hereereee'
if request.method == 'POST':
req = request.get_json(force=True)
errors = []
if ('username' not in req) or ('firstname' not in req) or (
'lastname' not in req) or ('email' not in req) or (
'password1' not in req) or ('password2' not in req):
errors.append('You did not provide the necessary fields')
return jsonify(generate_error_response(errors)), 422
if (req['username'] == '') or (req['email'] == '') or (
req['password1'] == '') or (req['password2'] == ''):
errors.append('You did not provide the necessary fields')
return jsonify(generate_error_response(errors)), 422
if req['password1'] != req['password2']:
errors.append('Passwords do not match')
user = User(req['username'], req['firstname'], req['lastname'],
req['password1'], req['email'])
errors = errors + user.validate()
temp_user = extensions.get_user(req['username'])
if temp_user != None:
errors.append('This username is taken')
if errors != []:
return jsonify(generate_error_response(errors)), 422
user.create_salt()
user.hash_pass()
extensions.add_user(user)
username = req['username']
if username == '':
if 'username' not in session:
return send_401()
return get_api_user_helper(username)
print "GOT HERE"
if 'username' not in session:
return send_401()
username = session['username']
return get_api_user_helper(username)
def user_edit_api():
if 'username' not in session:
return send_401()
req = request.get_json(force=True)
username = session['username']
this_user = extensions.get_user(username)
if (req['username'] != this_user.get_username()):
return send_403()
if ('username' not in req) or ('firstname' not in req) or (
'lastname' not in req) or ('email' not in req) or (
'password1' not in req) or ('password2' not in req):
errors.append('You did not provide the necessary fields')
return jsonify(generate_error_response(errors)), 422
if (req['username'] == '') or (req['email'] == ''):
errors.append('You did not provide the necessary fields')
return jsonify(generate_error_response(errors)), 422
errors = []
if req['password1'] != req['password2']:
errors.append('Passwords do not match')
this_user.set_firstname(req['firstname'])
this_user.set_lastname(req['lastname'])
this_user.set_email(req['email'])
if req['password1'] != '' and req['password2'] != '':
print 'CHANGED PASSWORD'
this_user.set_password(req['password1'])
errors = errors + this_user.validate()
if errors != []:
return jsonify(generate_error_response(errors)), 422
elif req['password1'] != '':
this_user.create_salt()
this_user.hash_pass()
extensions.update_user(this_user)
print 'will return now'
session['firstname'] = this_user.get_firstname()
session['lastname'] = this_user.get_lastname()
return user_api()
def login_api():
print 'Api login'
req = request.get_json(force=True)
errors = []
if (req['username'] == '') or (req['password'] == ''):
errors.append("You did not provide the necessary fields")
return jsonify(generate_error_response(errors)), 422
if ('username' not in req) or ('password' not in req):
errors.append("You did not provide the necessary fields")
return jsonify(generate_error_response(errors)), 422
user = extensions.get_user(req['username'])
if user == None:
errors.append("Username does not exist")
return jsonify(generate_error_response(errors)), 404
user_pass = req['password']
if user.check_pass(user_pass):
session['username'] = user.get_username()
session['firstname'] = user.get_firstname()
session['lastname'] = user.get_lastname()
result = {}
result['username'] = user.get_username()
return jsonify(result), 200
errors.append("Password is incorrect for the specified username")
return jsonify(generate_error_response(errors)), 422