def post_orders():
access_token = request.headers.get('Authorization', '')[len('Bearer '):]
if not db.token(access=access_token) or db.token(access=access_token)[0]['expire_time'] < datetime.now():
return '', 403
user_id = db.token(access=access_token)[0]['user_id']
try:
order = request.json
for clothes in order['clothes']:
if clothes['id'] not in db.clothes:
raise Exception()
if 'delivery_location' not in order:
raise Exception()
except:
return '', 400
id = db.order.insert(user_id=user_id,
clothes=order['clothes'],
delivery_location=order['delivery_location'],
time_placed=datetime.now())
db.order.commit()
return '', 201, {
'Location': '/orders/{}'.format(id)
}
def put_order_item(id):
access_token = request.headers.get('Authorization', '')[len('Bearer '):]
if not db.token(access=access_token) or db.token(access=access_token)[0]['expire_time'] < datetime.now():
return '', 403
user_id = db.token(access=access_token)[0]['user_id']
try:
id = int(id)
if id not in db.order or db.order[id]['user_id'] != user_id:
raise Exception()
except:
return '', 404
try:
order = request.json
for clothes in order['clothes']:
if clothes['id'] not in db.clothes:
raise Exception()
if 'delivery_location' not in order:
raise Exception()
except:
return '', 400
db.order.update(db.order[id], clothes=order['clothes'],
delivery_location=order['delivery_location'],
time_placed=datetime.now())
db.order.commit()
return '', 200
def get_me():
access_token = request.headers.get('Authorization', '')[len('Bearer '):]
if not db.token(access=access_token) or db.token(access=access_token)[0]['expire_time'] < datetime.now():
return '', 403
user_id = db.token(access=access_token)[0]['user_id']
return json.dumps({
'login': db.user[user_id]['login'],
'name': db.user[user_id]['name'],
'email': db.user[user_id]['email'],
'phone': db.user[user_id]['phone'],
}, indent=4), 200, {
'Content-Type': 'application/json;charset=UTF-8',
}
def delete_order_item(id):
access_token = request.headers.get('Authorization', '')[len('Bearer '):]
if not db.token(access=access_token) or db.token(access=access_token)[0]['expire_time'] < datetime.now():
return '', 403
user_id = db.token(access=access_token)[0]['user_id']
try:
id = int(id)
if id not in db.order or db.order[id]['user_id'] != user_id:
raise Exception()
except:
return '', 404
db.order.delete(db.order[id])
db.order.commit()
return '', 200
def get_orders():
access_token = request.headers.get('Authorization', '')[len('Bearer '):]
if not db.token(access=access_token) or db.token(access=access_token)[0]['expire_time'] < datetime.now():
return '', 403
user_id = db.token(access=access_token)[0]['user_id']
try:
per_page = int(request.args.get('per_page', 20))
if per_page < 20 or per_page > 100:
raise Exception()
page = int(request.args.get('page', 0))
if page < 0 or page > len(db.order(user_id=user_id)) // per_page:
raise Exception()
except:
return '', 400
items = []
for i, order in enumerate(db.order(user_id=user_id)):
if i < page * per_page:
continue
if i >= (page + 1) * per_page:
break
items.append({
'id': order['__id__'],
'clothes': order['clothes'],
'delivery_location': order['delivery_location'],
'time_placed': order['time_placed'].isoformat(),
'time_delivered': None if order['time_delivered'] is None else order['time_delivered'].isoformat(),
})
return json.dumps({
'items': items,
'per_page': per_page,
'page': page,
'page_count': math.ceil(len(db.order) / per_page)
}, indent=4), 200, {
'Content-Type': 'application/json;charset=UTF-8',
}
def get_orders_item(id):
access_token = request.headers.get('Authorization', '')[len('Bearer '):]
if not db.token(access=access_token) or db.token(access=access_token)[0]['expire_time'] < datetime.now():
return '', 403
user_id = db.token(access=access_token)[0]['user_id']
try:
id = int(id)
if id not in db.order or db.order[id]['user_id'] != user_id:
raise Exception()
except:
return '', 404
order = db.order[id]
return json.dumps({
'id': order['__id__'],
'clothes': order['clothes'],
'delivery_location': order['delivery_location'],
'time_placed': order['time_placed'].isoformat(),
'time_delivered': None if order['time_delivered'] is None else order['time_delivered'].isoformat(),
}, indent=4), 200, {
'Content-Type': 'application/json;charset=UTF-8',
}
def token():
try:
grant_type = request.form.get('grant_type')
client_id = request.form.get('client_id')
client_secret = request.form.get('client_secret')
except KeyError:
return json.dumps({'error': 'invalid_request'}), 400, {
'Content-Type': 'application/json;charset=UTF-8',
}
try:
client_id = int(client_id)
except:
client_id = None
print(client_id, client_secret, db.client[client_id]['secret'])
if client_id not in db.client or db.client[client_id]['secret'] != client_secret:
return json.dumps({'error': 'invalid_client'}), 400, {
'Content-Type': 'application/json;charset=UTF-8',
}
if grant_type == 'authorization_code':
try:
code = request.form.get('code')
except KeyError:
return json.dumps({'error': 'invalid_request'}), 400, {
'Content-Type': 'application/json;charset=UTF-8',
}
if not db.authorization_code(code=code) or db.authorization_code(code=code)[0]['expire_time'] < datetime.now():
return json.dumps({'error': 'invalid_grant'}), 400, {
'Content-Type': 'application/json;charset=UTF-8',
}
user_id = db.authorization_code(code=code)[0]['user_id']
db.authorization_code.delete(db.authorization_code(code=code))
db.authorization_code.commit()
elif grant_type == 'refresh_token':
try:
refresh_token = request.form.get('refresh_token')
except KeyError:
return json.dumps({'error': 'invalid_request'}), 400, {
'Content-Type': 'application/json;charset=UTF-8',
}
if not db.token(refresh=refresh_token):
return json.dumps({'error': 'invalid_grant'}), 400, {
'Content-Type': 'application/json;charset=UTF-8',
}
user_id = db.token(refresh=refresh_token)[0]['user_id']
db.token.delete(db.token(refresh=refresh_token))
db.token.commit()
else:
return json.dumps({'error': 'unsupported_grant_type'}), 400, {
'Content-Type': 'application/json;charset=UTF-8',
}
access_token = sha256(str(uuid4()).encode('UTF-8')).hexdigest()
# expire_time = datetime.now() + timedelta(hours=1)
expire_time = datetime.now() + timedelta(minutes=1)
refresh_token = sha256(str(uuid4()).encode('UTF-8')).hexdigest()
db.token.insert(user_id=user_id,
access=access_token,
expire_time=expire_time,
refresh=refresh_token)
db.token.commit()
return json.dumps({
'access_token': access_token,
'token_type': 'bearer',
'expires_in': 3600,
'refresh_token': refresh_token,
}), 200, {
'Content-Type': 'application/json;charset=UTF-8',
'Cache-Control': 'no-store',
'Pragma': 'no-cache',
}
