Exemplo n.º 1
0
Arquivo: app.py Projeto: TiBiBa/hedy 
def delete_program (user, program_id):
    result = db_get ('programs', {'id': program_id})
    if not result or result ['username'] != user ['username']:
        return "", 404
    db_del ('programs', {'id': program_id})
    program_count = 0
    if 'program_count' in user:
        program_count = user ['program_count']
    db_update ('users', {'username': user ['username'], 'program_count': program_count - 1})
    return redirect ('/programs')
Exemplo n.º 2
0
Arquivo: auth.py Projeto: balath/hedy 
    def reset():
        body = request.json
        # Validations
        if not type_check(body, 'dict'):
            return 'body must be an object', 400
        if not object_check(body, 'username', 'str'):
            return 'body.username must be a string', 400
        if not object_check(body, 'token', 'str'):
            return 'body.token must be a string', 400
        if not object_check(body, 'password', 'str'):
            return 'body.password be a string', 400

        if len(body['password']) < 6:
            return 'password must be at least six characters long', 400

        # There's no need to trim or lowercase username, because it should come within a link prepared by the app itself and not inputted manually by the user.
        token = db_get('tokens', {'id': body['username']})
        if not token:
            return 'invalid username/token', 403
        if not check_password(body['token'], token['token']):
            return 'invalid username/token', 403

        hashed = hash(body['password'], make_salt())
        token = db_del('tokens', {'id': body['username']})
        db_set('users', {'username': body['username'], 'password': hashed})
        user = db_get('users', {'username': body['username']})

        if env:
            send_email_template('reset_password', user['email'],
                                requested_lang(), None)

        return '', 200
Exemplo n.º 3
0
Arquivo: auth.py Projeto: balath/hedy 
 def destroy(user):
     db_del('tokens', {'id': request.cookies.get(cookie_name)})
     db_del('users', {'username': user['username']})
     # The recover password token may exist, so we delete it
     db_del('tokens', {'id': user['username']})
     db_del_many('programs', {'username': user['username']}, True)
     return '', 200
Exemplo n.º 4
0
Arquivo: auth.py Projeto: balath/hedy 
 def logout():
     if request.cookies.get(cookie_name):
         db_del('tokens', {'id': request.cookies.get(cookie_name)})
     return '', 200
Exemplo n.º 5
0
Arquivo: app.py Projeto: PatWg/hedy 
def delete_program (user, program_id):
    result = db_get ('programs', {'id': program_id})
    if not result or result ['username'] != user ['username']:
        return "", 404
    db_del ('programs', {'id': program_id})
    return redirect ('/programs')