def put(cls, id):
user_json = request.get_json()["user"]
user = UserModel.find_by_id (id)
if user:
if user.username != user_json.get("username") and UserModel.find_by_username(user_json.get("username")):
return {"message":"Username already exists"}, 400
if user.email != user_json.get("email") and UserModel.find_by_email(user_json.get("email")):
return {"message":"Username already exists"}, 400
user.username = user_json["username"]
user.email = user_json["email"]
user.role_id = user_json["role_id"]
if user_json["password"]:
hashed_password = custom_pbkdf2.hash(user_json["password"])
user.password = hashed_password
user.save_to_db()
return {"message":"Agent updated!", "user": user_schema.dump(user)}
return {"message":"not found"}, 404
def post(self):
data = self.token_parser.parse_args()
current_user_id = get_jwt_identity()
logged_in = current_user_id is not None
denied = []
tokens = {}
for app_id in data['ids']:
denied.append(app_id)
if logged_in:
current_user = UserModel.find_by_id(current_user_id)
if not current_user:
return {'message': 'Invalid token'}, 401
for app_id in denied:
if Purchase.find_purchase(current_user_id, app_id):
denied.remove(app_id)
tokens[app_id] = jwt.encode(
{
'sub': 'users/%d' % current_user_id,
'prefixes': [app_id],
'exp': datetime.utcnow() + longRepoTokenLifetime,
'name': 'auth.py',
},
repo_secret,
algorithm='HS256').decode('utf-8')
return {'denied': denied, 'tokens': tokens}
def identity(payload):
"""
:param payload:
:return:
"""
user_id = payload['identity']
return UserModel.find_by_id(user_id)
def wrapper(*args, **kwargs):
user_id = get_jwt_identity()
user = UserModel.find_by_id(user_id)
if user.role_id != Roles.ADMIN.value:
return {"message":"The current user do not have the privileges to acomplish this action"}, 401
return func(*args, **kwargs)
def whoami():
userid = get_jwt_identity()
user = UserModel.find_by_id(userid)
if not user:
return {'message': 'no such user.'}, 401
return {
'username': user.username,
'message': f'logged in as {user.username}.'
}
def delete(cls, id):
user = UserModel.find_by_id (id)
if user:
user.delete_from_db()
return {"message":"User deleted!"}
return {"message":"not found"}, 404
def put(cls):
user_id = get_jwt_identity()
user_json = request.get_json()["userProfile"]
user = UserModel.find_by_id(user_id)
user.username = user_json.get("username")
user.save_to_db()
return {"message":"User profile updated!", "user":user_schema.dump(user)}
def post(cls, slug):
"""Revoke like from article by logged in user."""
article = ArticleModel.find_by_slug(slug)
if not article:
return {"message": "Article not found"}, 404
user_id = get_jwt_identity()
user = UserModel.find_by_id(user_id)
if not user in article.likes:
return {"message": "You have to like this article before you can revoke like"}, 403
article.likes.remove(user)
article.save_to_db()
return {"message": "Article with id={} has been disliked by {}".format(article.id, user.username)}, 200
def put(cls):
user_id = get_jwt_identity()
email = request.get_json()["email"]
if UserModel.find_by_email(email):
return {"message":"Username already exists"}, 400
user = UserModel.find_by_id(user_id)
user.email = email
user.save_to_db()
return {"message":"Email updated!", "user":user_schema.dump(user)}
def post(cls, slug):
"""Like specific article instance by current logged in user."""
article = ArticleModel.find_by_slug(slug)
if not article:
return {"message": "Article not found"}, 404
user_id = get_jwt_identity()
user = UserModel.find_by_id(user_id)
if user == article.author:
return {"message": "You can't like your own article"}, 403
if user in article.likes:
return {"message": "You can't like this article twice"}, 403
article.likes.append(user)
article.save_to_db()
return {"message": "Article with id={} has been liked by {}".format(article.id, user.username)}, 200
def get(self):
import datetime as dt
out_entries = []
scoreboard = ScoreboardEntryModel.get_all_entries()
for sbentry in scoreboard:
user = UserModel.find_by_id(sbentry.user_id)
game = GameModel.find_by_id(sbentry.game_id)
elapsed_seconds = (sbentry.time_end - sbentry.time_begin).total_seconds() \
if sbentry.time_end else (dt.datetime.now() - sbentry.time_begin).total_seconds()
entry = {
"username": user.username,
"game": game.title,
"current_riddle": sbentry.current_riddle,
"finished": sbentry.finished,
"time_begin": int(sbentry.time_begin.timestamp() * 1000),
"elapsed_seconds": elapsed_seconds
}
out_entries.append(entry)
return {"entries": out_entries}
def get(self, id):
user = UserModel.find_by_id(id)
return {"username": user.username, "password": user.password}
def post(self):
# expenses
parser = reqparse.RequestParser()
parser.add_argument(
"user_id", help="This field cannot be blank", required=True, location="json"
)
parser.add_argument(
"total_amount",
help="This field cannot be blank",
required=True,
location="json",
)
parser.add_argument(
"expense_category",
help="This field cannot be blank",
required=True,
location="json",
)
parser.add_argument(
"divide_it",
help="This field cannot be blank",
required=False,
location="json",
)
data = parser.parse_args()
# Double check if userId is exists. Although JWT is doing this, still re-doing. unncessary
if UserModel.find_by_id(data["user_id"]):
# Insert to expenses
new_expense = ExpenseModel(
user_id=data["user_id"],
total_amount=data["total_amount"],
expense_category=data["expense_category"],
)
createdExpenseId = new_expense.save_to_db()
# TODO: check wether expense is divide amoung other?
if data["divide_it"] and len(data["divide_it"]) > 0:
# If its divided, checking existance of username.
divide_betweens = eval(data["divide_it"])
dataToBeInsert = []
# Divided amount must be equal to total amount
amount_should_equal = 0
for divide_between in divide_betweens:
if UserModel.find_by_id(divide_between["user_id"]):
a = DividedExpenseModel(
expense_id=createdExpenseId,
user_id=divide_between["user_id"],
amount=divide_between["amount"],
)
amount_should_equal = (
amount_should_equal + divide_between["amount"]
)
dataToBeInsert.append(a)
else:
# rollback created expense entry.
# TODO: handle error while deleting.
try:
ExpenseModel.delete_by_id(createdExpenseId)
return {
"message": "username: {} not found".format(
divide_between["user_id"]
)
}
except:
return {"message": "Something went wrong"}, 500
if int(amount_should_equal) == int(data["total_amount"]):
# For divident Expenses
for dataWillBeInsert in dataToBeInsert:
try:
dataWillBeInsert.save_to_db()
except:
return {"message": "Something went wrong"}, 500
else:
# rollback created expense entry.
# TODO: handle error while deleting.
try:
ExpenseModel.delete_by_id(createdExpenseId)
return {
"message": "total amount is not equal to divident amount"
}
except:
return {"message": "Something went wrong"}, 500
else:
return {"message": "length doesn't exist"}
return {
"message": "Expense created successfully for User id: {}".format(
data["user_id"]
)
}
else:
return {"message": "User doesn't exists"}
def identity(payload):
user_id = payload['identity']
return UserModel.find_by_id(user_id)
