def make_admin_user_for_ui_test():
try:
post_data = request.get_json()
email = expect(post_data['email'], str, 'email')
name = expect(post_data['name'], str, 'name')
password = expect(post_data['password'], str, 'password')
except Exception as e:
jsonify({'error': str(e)}), 400
errors = {}
if len(password) < 8:
errors['password'] = "******"
if len(name) <= 3:
errors['name'] = "You must specify a name of at least 3 characters."
if len(errors.keys()) != 0:
response_object = {'status': 'fail', 'error': errors}
return jsonify(response_object), 411
insertionresult = add_user(
name, email,
bcrypt.generate_password_hash(
password=password.encode('utf8')).decode("utf-8"))
if 'error' in insertionresult:
errors['email'] = insertionresult["error"]
make_admin(email)
userdata = get_user(email)
if not userdata:
errors['general'] = "Internal error, please try again later."
if len(errors.keys()) != 0:
response_object = {'status': 'fail', 'error': errors}
return make_response(jsonify(response_object)), 400
else:
userdata = {
"email": userdata['email'],
"name": userdata['name'],
"preferences": userdata.get('preferences'),
"isAdmin": True
}
user = User(userdata)
jwt = create_access_token(user.to_json())
try:
login_user(user.email, jwt)
response_object = {
'status': 'success',
'auth_token': jwt,
'info': userdata
}
return make_response(jsonify(response_object)), 201
except Exception as e:
response_object = {'status': 'fail', 'error': {'internal': e}}
return make_response(jsonify(response_object)), 500
def make_admin_user_for_ui_test():
try:
post_data = request.get_json()
email = expect(post_data["email"], str, "email")
name = expect(post_data["name"], str, "name")
password = expect(post_data["password"], str, "password")
except Exception as e:
jsonify({"error": str(e)}), 400
errors = {}
if len(password) < 8:
errors["password"] = "******"
if len(name) <= 3:
errors["name"] = "You must specify a name of at least 3 characters."
if len(errors.keys()) != 0:
response_object = {"error": errors}
return jsonify(response_object), 411
insertionresult = add_user(
name,
email,
bcrypt.generate_password_hash(
password=password.encode("utf8")).decode("utf-8"),
)
if "error" in insertionresult:
errors["email"] = insertionresult["error"]
make_admin(email)
userdata = get_user(email)
if not userdata:
errors["general"] = "Internal error, please try again later."
if len(errors.keys()) != 0:
response_object = {"error": errors}
return make_response(jsonify(response_object)), 400
else:
userdata = {
"email": userdata["email"],
"name": userdata["name"],
"preferences": userdata.get("preferences"),
"isAdmin": True,
}
user = User(userdata)
jwt = create_access_token(user.to_json())
try:
login_user(user.email, jwt)
response_object = {"auth_token": jwt, "info": userdata}
return make_response(jsonify(response_object)), 201
except Exception as e:
response_object = {"error": {"internal": str(e)}}
return make_response(jsonify(response_object)), 500
def login():
email = ""
password = ""
try:
post_data = request.get_json()
email = expect(post_data['email'], str, 'email')
password = expect(post_data['password'], str, 'email')
except Exception as e:
jsonify({'error': str(e)}), 400
userdata = get_user(email)
if not userdata:
response_object = {
'status': 'fail',
'error': {
'email': 'Make sure your email is correct.'
}
}
return make_response(jsonify(response_object)), 401
#if not bcrypt.check_password_hash(userdata['password'], password):
if not bcrypt.check_password_hash(userdata['password'], password):
response_object = {
'status': 'fail',
'error': {
'password': '******'
}
}
return make_response(jsonify(response_object)), 401
userdata = {
"email": userdata['email'],
"name": userdata['name'],
"preferences": userdata.get('preferences'),
"isAdmin": userdata.get('isAdmin', False)
}
user = User(userdata)
jwt = create_access_token(user.to_json())
try:
login_user(user.email, jwt)
response_object = {
'status': 'success',
'auth_token': jwt,
'info': userdata,
}
return make_response(jsonify(response_object)), 201
except Exception as e:
response_object = {'status': 'fail', 'error': {'internal': e}}
return make_response(jsonify(response_object)), 500
def api_delete_comment():
"""
Delete a comment. Requires a valid JWT
"""
claims = get_jwt_claims()
user_email = User.from_claims(claims).email
post_data = request.get_json()
try:
comment_id = expect(post_data.get('comment_id'), str, 'comment_id')
movie_id = expect(post_data.get('movie_id'), str, 'movie_id')
delete_comment(comment_id, user_email)
updated_comments = get_movie(movie_id).get('comments')
return jsonify({'comments': updated_comments}), 200
except Exception as e:
return jsonify({'error': str(e)}), 400
def api_post_comment():
"""
Posts a comment about a specific movie. Validates the user is logged in by
ensuring a valid JWT is provided
"""
claims = get_jwt_claims()
user = User.from_claims(claims)
post_data = request.get_json()
try:
movie_id = expect(post_data.get('movie_id'), str, 'movie_id')
comment = expect(post_data.get('comment'), str, 'comment')
add_comment(movie_id, user, comment, datetime.now())
updated_comments = get_movie(movie_id).get('comments')
return jsonify({"comments": updated_comments}), 200
except Exception as e:
return jsonify({'error': str(e)}), 400
def delete():
claims = get_jwt_claims()
user = User.from_claims(claims)
try:
password = expect(request.get_json().get('password'), str, 'password')
userdata = get_user(user.email)
if (not user.email == userdata['email'] and not
bcrypt.check_password_hash(userdata['password'], password)):
response_object = {
'status': 'fail',
'error': {'password': '******'}
}
return make_response(jsonify(response_object)), 401
else:
delete_user(user.email)
response_object = {
'status': 'success'
}
return make_response(jsonify(response_object)), 201
except Exception as e:
response_object = {
'status': 'fail',
'error': {'internal': e}
}
return make_response(jsonify(response_object)), 500
def login():
email = ""
password = ""
try:
post_data = request.get_json()
email = expect(post_data["email"], str, "email")
password = expect(post_data["password"], str, "email")
except Exception as e:
jsonify({"error": str(e)}), 400
userdata = get_user(email)
if not userdata:
response_object = {
"error": {
"email": "Make sure your email is correct."
}
}
return make_response(jsonify(response_object)), 401
if not bcrypt.check_password_hash(userdata["password"], password):
response_object = {
"error": {
"password": "******"
}
}
return make_response(jsonify(response_object)), 401
userdata = {
"email": userdata["email"],
"name": userdata["name"],
"preferences": userdata.get("preferences"),
"isAdmin": userdata.get("isAdmin", False),
}
user = User(userdata)
jwt = create_access_token(user.to_json())
try:
login_user(user.email, jwt)
response_object = {
"auth_token": jwt,
"info": userdata,
}
return make_response(jsonify(response_object)), 201
except Exception as e:
response_object = {"error": {"internal": e}}
return make_response(jsonify(response_object)), 500
def api_update_comment():
"""
Updates a user comment. Validates the user is logged in by ensuring a
valid JWT is provided
"""
claims = get_jwt_claims()
user_email = User.from_claims(claims).email
post_data = request.get_json()
try:
comment_id = expect(post_data.get('comment_id'), str, 'comment_id')
updated_comment = expect(post_data.get('updated_comment'), str,
'updated_comment')
movie_id = expect(post_data.get('movie_id'), str, 'movie_id')
update_comment(comment_id, user_email, updated_comment, datetime.now())
updated_comments = get_movie(movie_id).get('comments')
return jsonify({"status": "success", "comments": updated_comments})
except Exception as e:
return jsonify({'status': 'fail', 'error': str(e)})
def api_update_comment():
"""
Updates a user comment. Validates the user is logged in by ensuring a
valid JWT is provided
"""
claims = get_jwt_claims()
user_email = User.from_claims(claims).email
post_data = request.get_json()
try:
comment_id = expect(post_data.get('comment_id'), str, 'comment_id')
updated_comment = expect(post_data.get('updated_comment'), str,
'updated_comment')
movie_id = expect(post_data.get('movie_id'), str, 'movie_id')
edit_result = update_comment(comment_id, user_email, updated_comment,
datetime.now())
if edit_result.modified_count == 0:
raise ValueError("no document updated")
updated_comments = get_movie(movie_id).get('comments')
return jsonify({"comments": updated_comments}), 200
except Exception as e:
return jsonify({'error': str(e)}), 400
def save():
claims = get_jwt_claims()
user = User.from_claims(claims)
body = request.get_json()
prefs = expect(body.get('preferences'), dict, 'preferences')
try:
# get an updated user, remove the password
update_prefs(user.email, prefs)
updated_user = User(get_user(user.email))
del updated_user.password
updated_jwt = create_access_token(updated_user.to_json())
# lastly, update the user's session
response_object = {
'auth_token': updated_jwt,
'info': updated_user.to_json(),
}
return make_response(jsonify(response_object)), 201
except Exception as e:
response_object = {'error': {'internal': str(e)}}
return make_response(jsonify(response_object)), 500
def delete():
claims = get_jwt_claims()
user = User.from_claims(claims)
try:
password = expect(request.get_json().get("password"), str, "password")
userdata = get_user(user.email)
if not user.email == userdata[
"email"] and not bcrypt.check_password_hash(
userdata["password"], password):
response_object = {
"error": {
"password": "******"
}
}
return make_response(jsonify(response_object)), 401
else:
delete_user(user.email)
response_object = {"status": "deleted"}
return make_response(jsonify(response_object)), 201
except Exception as e:
response_object = {"error": {"internal": str(e)}}
return make_response(jsonify(response_object)), 500
