def register(): """Register a new user. Validates that the username is not already taken. Hashes the password for security. """ db = get_db() error = None data = request.get_json() username = data.get('username', '') password = data.get('password', '') if not username: error = "Username is required." elif not password: error = "Password is required." elif get_user_by_username(db, username) is not None: error = "User {0} is already registered.".format(username) if error: error = json.dumps({"error": error}) return Response(error, status=400, mimetype="application/json") create_user(db, username, password) user = get_user_by_username(db, username) data = {"user_id": user["id"], "username": user["username"]} data = json.dumps(data) return Response(data, status=200, mimetype="application/json")
def register(): """Register a new user. Validates that the username is not already taken. Hashes the password for security. """ db = get_db() error = None json_data = request.get_json() username = json_data['username'] password = json_data['password'] if not username: error = "Username is required." elif not password: error = "Password is required." elif get_user_by_username(db, username) is not None: error = "User {0} is already registered.".format(username) if error is None: create_user(db, username, password) user = get_user_by_username(db, username) register = {"user_id": user['id'], "username": user['username']} data = json.dumps(register) return Response(data, status=200) error = json.dumps({'error': error}) return Response(error, status=400)
def verify_password(username, password): db = get_db() user = get_user_by_username(db, username) if user is None: return False return check_password_hash(user['password'], password)
def register(): """Register a new user. Validates that the username is not already taken. Hashes the password for security. """ if request.method == "POST": db = get_db() error = None json = request.get_json() username = json['username'] password = json['password'] if not username: error = "Username is required." elif not password: error = "Password is required." elif get_user_by_username(db, username) is not None: error = "User {0} is already registered.".format(username) if not error: create_user(db, username, password) return Response("200 user was created", status=200) return Response("400 %s" % error, status=400) return Response("405 need POST method", status=405)
def check_comment(id, check_author=True): """Get a comment, its author and post by id. Checks that the id exists and optionally that the current user is the author. :param id: id of comment to get :param check_author: require the current user to be the author :return: the comment with author and post information :raise 404: if a comment with the given id doesn't exist :raise 403: if the current user isn't the author """ comment = get_comment(get_db(), id) if comment is None: abort(404, "Comment id {0} doesn't exist.".format(id)) username = auth.username() user = get_user_by_username(get_db(), username) if not user: abort(403) if check_author and comment["author_id"] != user["id"]: abort(403) return comment
def register(): """Register a new user. Validates that the username is not already taken. Hashes the password for security. """ if request.method == "POST": db = get_db() error = None json = request.get_json() username = json['username'] password = json['password'] if not username: error = "Username is required." elif not password: error = "Password is required." elif get_user_by_username(db, username) is not None: error = "User {0} is already registered.".format(username) if error is None: # the name is available, store it in the database and go to # the login page create_user(db, username, password) return redirect(url_for("auth.login")) flash(error) # return render_template("auth/register.html") return jsonify(username=g.user.username, password=g.user.password)
def login(): """Log in a registered user by adding the user id to the session.""" if request.method == "POST": db = get_db() error = None username = request.form['username'] password = request.form['password'] user = get_user_by_username(db, username) if user is None: error = "Incorrect username." elif not check_password_hash(user["password"], password): error = "Incorrect password." if error is None: # store the user id in a new session and return to the index session.clear() session["user_id"] = user["id"] return redirect(url_for("index")) flash(error) return render_template("auth/login.html")
def new_user(): db = get_db() username = request.json.get('username') password = request.json.get('password') if username is None or password is None: abort(400) if get_user_by_username(db, username) is not None: abort(400, 'User with the same username already exists') create_user(db, username, password) user = get_user_by_username(db, username) return jsonify({'username': user['username']}), 201
def verify_password(username, password): db = get_db() user = get_user_by_username(db, username) if user and check_password_hash(user['password'], password): g.user = user return True
def verify_password(username, password): """returns True if username and password is valid""" db = get_db() user = get_user_by_username(db, username) if user: return check_password_hash(user['password'], password) else: return False
def check_comment(id, check_author=True): comment = get_comment(get_db(), id) if comment is None: abort(404, description=f"Comment id {id} doesn't exist.") user_id = get_user_by_username(get_db(), auth.username())['id'] if check_author and comment["author_id"] != user_id: abort(403) return comment
def check_comment(id, check_author=True): """Get a comment and its author by id. Checks that the id exists and optionally that the current user is the author. """ db = get_db() comment = get_comment(db, id) if not comment: abort(404, "Comment id {0} doesn't exist.".format(id)) if check_author: if get_user_by_username(db, comment['username']) != get_user_by_username( db, auth.username()): abort(403) return comment
def create(post_id): """Create a new comment""" json = request.get_json() if json.get('text'): text = json['text'] user_id = get_user_by_username(get_db(), auth.username())['id'] create_comment(get_db(), post_id, user_id, text) return Response("Success: comment was created", 200) abort(400, description='Error: Text and body is required')
def create(): """Create a new post for the current user.""" json = request.get_json() if json.get('title') and json.get('body'): title, body = json['title'], json['body'] user_id = get_user_by_username(get_db(), auth.username())['id'] create_post(get_db(), title, body, user_id) return Response("Success: post was created", 200) abort(400, description='Error: Title and body is required')
def create(): """Create a new comment for the current user.""" if request.method == "POST": error = None db = get_db() json_data = request.get_json() body = json_data['body'] user = get_user_by_username(db, request.authorization['username']) create_comment(db, body, user['id']) return Response("Comment successfully created", status=200) return Response("Method is not POST",status=401)
def register(): """Register a new user""" json = request.get_json() if json.get('username') and json.get('password'): username, password = json['username'], json['password'] if get_user_by_username(get_db(), username) is not None: abort(409, description=f"User {username} is already registered.") create_user(get_db(), username, password) return Response("Success: user was registered", 200) abort(400, description="Error: Username and Password is required.")
def create(post_id: int): """Create a new comment for the current user.""" if request.method == "POST": json_data = request.get_json() author_id = get_user_by_username(get_db(), auth.username())['id'] if check_attrs_in_json(json_data, 'body'): body = json_data['body'] create_comment(get_db(), body, author_id, post_id) return Response("comment was added", status=200) else: error = 'incorrect json' flash(error) return Response('%s' % error, status=400) return Response("need POST method", status=405)
def check_comment(id, check_author=True): """Get a post and its author by id. Checks that the id exists and optionally that the current user is the author. :param id: id of post to get :param check_author: require the current user to be the author :return: the post with author information :raise 404: if a post with the given id doesn't exist :raise 403: if the current user isn't the author """ comment = get_comment(get_db(), id) if comment is None: abort(404, "Comment id {0} doesn't exist.".format(id)) user = get_user_by_username(db, request.authorization['username']) if check_author and comment["author_id"] != user["id"]: abort(403) return comment
def check_post(id, check_author=True): """Get a post and its author by id. Checks that the id exists and optionally that the current user is the author. :param id: id of post to get :param check_author: require the current user to be the author :return: the post with author information :raise 404: if a post with the given id doesn't exist :raise 403: if the current user isn't the author """ post = get_post(get_db(), id) if post is None: abort(404, description=f"Post id {id} doesn't exist.") user_id = get_user_by_username(get_db(), auth.username())['id'] if check_author and post["author_id"] != user_id: abort(403) return post
def create(): """Create a new post""" if request.method == "POST": error = None json = request.get_json() if check_attrs_in_json(json, 'title', 'body'): db = get_db() title = json['title'] body = json['body'] create_post(db, title, body, get_user_by_username(db, auth.username())['id']) return Response("post was added", status=200) else: error = 'incorrect json' flash(error) return Response('%s' % error, status=400) return Response("need POST method", status=405)
def check_post(id, check_author=True): """Get a post and its author by id. Checks that the id exists and optionally that the current user is the author. :param id: id of post to get :param check_author: require the current user to be the author :return: the post with author information :raise 404: if a post with the given id doesn't exist :raise 403: if the current user isn't the author """ db = get_db() post = get_post(db, id) if not post: abort(404, "Post id {0} doesn't exist.".format(id)) if check_author: if get_user_by_id(db, post['author_id']) != get_user_by_username( db, auth.username()): abort(403) return post
def verify_password(username, password): user = get_user_by_username(get_db(), username) if user: return check_password_hash(user["password"], password) return False
def post_list(): db = get_db() error = None # get all posts if request.method == "GET": posts = list(posts_list(db)) if not posts: error = json.dumps({"error": "No posts available."}) if error: return Response( error, status=404, mimetype="application/json" ) data = list() for post in posts: post = dict(post) post['created'] = post['created'].strftime("%d-%b-%Y (%H:%M:%S)") data.append(post) data = json.dumps(data) return Response( data, status=200, mimetype="application/json" ) # create new post elif request.method == "POST": data = request.get_json() title = data.get('title', '') body = data.get('body', '') if not title: error = json.dumps({"error": "Title is required"}) if error: return Response( error, status=400, mimetype="application/json" ) db = get_db() username = auth.username() user = get_user_by_username(username) create_post(db, title, body, user["id"]) data = json.dumps({'title': title,'body': body, 'user_id': user["id"]}) return Response( data, status=201, mimetype="application/json" ) error = json.dumps({"error": 'Unknown method'}) return Response( error, stauts=405, mimetype="application/json" )
def comment_list(post_id): db = get_db() error = None # get all comments if request.method == "GET": comments = list(comments_list(db)) if not comments: error = json.dumps({"error": "No comments available."}) if error: return Response( error, status=404, mimetype="application/json" ) data = list() for comment in comments: comment = dict(comment) comment['created'] = comment['created'].strftime("%d-%b-%Y (%H:%M:%S)") data.append(comment) data = json.dumps(data) return Response( data, status=200, mimetype="application/json" ) # create new comment elif request.method == "POST": data = request.get_json() body = data.get('body', '') if not body: error = json.dumps({"error": "Body is required"}) if error: return Response( error, status=400, mimetype="application/json" ) db = get_db() username = auth.username() user = get_user_by_username(username) create_comment(db, body, user["id"], post_id) data = json.dumps({'body': body, 'post_id': post_id, 'author_id': user["id"]}) return Response( data, status=201, mimetype="application/json" ) error = json.dumps({"error": 'Unknown method'}) return Response( error, stauts=405, mimetype="application/json" )