def verify_token(token): try: payload = jwt.decode(token, secret, algorithms="HS256") return { "success": True, "payload": payload } except jwt.ExpiredSignatureError as err: return std_response(False, message="expired token") except jwt.DecodeError as err: return std_response(False, message="decode error") # easter egg :) return std_response(False, message="python failed successfully!")
def exposed_update_handler(self, data): op = data.get("op") if op == "section": if data.get("instructor_id"): try: cur.execute( "UPDATE public.sections SET instructor_id_instructors=%s WHERE section_id = %s;", [data["instructor_id"], data["section_id"]]) self.db_conn.commit() cur.close() return std_response(True, message="Operation ended successfully") except Exception as err: self.db_conn.rollback() return std_response(False, message="An error occur") elif data.get("section_code"): try: cur.execute( "UPDATE public.sections SET section_code=%s WHERE section_id = %s;", [data["section_code"], data["section_id"]]) self.db_conn.commit() cur.close() return std_response(True, message="Operation ended successfully") except Exception as err: self.db_conn.rollback() return std_response(False, message="An error occur") elif data.get("course_id"): try: cur.execute( "UPDATE public.sections SET course_id_courses=%s WHERE section_id = %s;", [data["course_id"], data["section_id"]]) self.db_conn.commit() cur.close() return std_response(True, message="Operation ended successfully") except Exception as err: self.db_conn.rollback() return std_response(False, message="An error occur") elif op == "exam": if data.get("type"): try: cur.execute( "UPDATE public.exam SET type=%s WHERE exam_id=%s;", [data["type"], data["exam_id"]]) self.db_conn.commit() cur.close() return std_response(True, message="Operation ended successfully") except Exception as err: self.db_conn.rollback() return std_response(False, message="An error occur") else: return std_response(False, message="Operation doesn't match")
def exposed_add_new_user(self, data): cur = self.db_conn.cursor() hash_password = self._take_care_password(data["password"], data["email"]) try: cur.execute("INSERT INTO public.people(password, name, lastname, school_no, email) VALUES (%s, %s, %s, %s, %s);", [ hash_password, data["name"], data["lastname"], data["school_no"], data["email"] ]) except Exception as e: self.db_conn.rollback() cur.close() return std_response(False, message="An error occur on operation") self.db_conn.commit() cur.close() return std_response(True, message="new user added successfully")
def exposed_assign_handler(self, data): cur = self.db_conn.cursor() user_id = db_operations.get_user_row(["id"], data["email"]) user_id = user_id[0] if user_id and len(user_id) > 0 else None user_id = user_id[0] if user_id and len(user_id) > 0 else None if user_id is None: return std_response( False, "There is no user who has <%s> email" % (data["email"])) if data["op"] == "instructor": try: cur.execute( "INSERT INTO public.instructors(instructor_id, id_people, department_id_departments) VALUES (%s, %s, %s);", [user_id, user_id, data["department_id"]]) self.db_conn.commit() cur.close() return std_response(True, "User becomes instructor") except Exception as err: print(err) return std_response(False, message="Task failed") elif data["op"] == "student": try: cur.execute( "INSERT INTO public.students(student_id, id_people, department_id_departments) VALUES (%s, %s, %s);", [user_id, user_id, data["department_id"]]) self.db_conn.commit() cur.close() return std_response(True, "User becomes student") except Exception as err: print(err) return std_response(False, message="Task failed") elif data["op"] == "admin": try: cur.execute( "INSERT INTO public.admins(admin_id, id_people)VALUES (%s, %s);", [user_id, user_id]) self.db_conn.commit() cur.close() return std_response(True, "User becomes admin") except Exception as err: print(err) return std_response(False, message="Task failed") else: return std_response(False, message="Operation doesn't match")
def on_post(self, req, resp): body = req.context.get("body") if not body: raise falcon.HTTPBadRequest(title="Body is empty") user_type = take_user_type(req.context["user"]["email"]) if user_type is None: raise falcon.HTTPBadRequest(title="No user") if user_type not in [user_types[1], user_types[0]]: raise falcon.HTTPBadRequest(title="Unauthorized user") if body.get("exam_id") is None: raise falcon.HTTPBadRequest(title="There is no exam_id key") if body.get("exam_pdf") is None: raise falcon.HTTPBadRequest(title="There is no exam_pdf key") if len(body.get("exam_pdf")) == 0: raise falcon.HTTPBadRequest(title="exam_pdf is empty") data = {"exam_id": body.get("exam_id")} file_service = connect_rpc(service=services["file_service"]) exam_uuid = file_service.root.exam_file(data) if exam_uuid is None: raise falcon.HTTPBadRequest(title="Task failed") file_dir = os.path.join(data_path, str(exam_uuid)) os.makedirs(file_dir) file_dir = os.path.join(file_dir, "original_file") file = open(file_dir, "wb") file.write(body.get("exam_pdf")) file.close() resp.context["result"] = std_response( True, message="File transferred successfully")
def exposed_get_token(self, data): cur = self.db_conn.cursor() email = data["email"] password = data["password"] hash_password = self._take_care_password(password, email) cur.execute("SELECT * FROM public.people WHERE email = %s AND password = %s", [email, hash_password]) rows = cur.fetchall() cur.close() response = [] for row in rows: response.append(row) if len(response) == 0: return std_response(False, message="Wrong email or password") response = response[0] user_id = response[0] token = jwt.encode({ "exp": datetime.datetime.utcnow() + datetime.timedelta(hours=2), "name": response[2], "lastname": response[3], "school_no": response[4], "email": response[5], "expire_time": 2 }, secret, algorithm="HS256") return { "success": True, "token_type": "jwt", "token": token.decode() }
def exposed_create_handler(self, data): cur = self.db_conn.cursor() if data["op"] == "exam": try: cur.execute( "INSERT INTO public.exam(type) VALUES (%s) RETURNING exam_id;", [data["type"]]) exam_id = cur.fetchone()[0] section_ids = list(map(int, data["section_ids"].split(","))) values = [[exam_id, v] for v in section_ids] cur.executemany( "INSERT INTO public.many_exam_has_many_sections(exam_id_exam, section_id_sections) VALUES (%s, %s);", values) self.db_conn.commit() cur.close() return std_response(True, "Exam added successfully") except Exception as err: print(err) return std_response(False, "Task failed") elif data["op"] == "section": try: cur.execute( "INSERT INTO public.sections(section_code, course_id_courses, instructor_id_instructors) VALUES (%s, %s, %s);", [ data["section_code"], data["course_id"], data["instructor_id"] ]) self.db_conn.commit() cur.close() return std_response(True, "Section added successfully") except Exception as err: print(err) return std_response(False, "Task failed") elif data["op"] == "course": try: cur.execute( "INSERT INTO public.courses(name, course_code, department_id_departments) VALUES (%s, %s, %s);", [data["name"], data["course_code"], data["department_id"]]) self.db_conn.commit() cur.close() return std_response(True, "Course added successfully") except Exception as err: print(err) return std_response(False, "Task failed") elif data["op"] == "faculty": try: cur.execute( "INSERT INTO public.faculties(name, university_id_universities) VALUES (%s, %s);", [data["name"], data["university_id"]]) self.db_conn.commit() cur.close() return std_response(True, "Faculty added successfully") except Exception as err: print(err) return std_response(False, "Task failed") elif data["op"] == "department": try: cur.execute( "INSERT INTO public.departments(name, faculty_id_faculties) VALUES (%s, %s);", [data["name"], data["faculty_id"]]) self.db_conn.commit() cur.close() return std_response(True, "Department added successfully") except Exception as err: print(err) return std_response(False, "Task failed") elif data["op"] == "university": try: cur.execute( "INSERT INTO public.universities(name, s_name) VALUES (%s, %s);", [data["name"], data["s_name"]]) self.db_conn.commit() cur.close() return std_response(True, "University added successfully") except Exception as err: print(err) return std_response(False, "Task failed") else: return std_response(False, message="Operation doesn't match")