def handler(data: ParsedRequest) -> dict:
action = data.action
if action == "get-leaderboard":
return generate_leaderboard()
user_id = get_current_user()
if action == "get-question":
if not user_id:
return get_question(0) # by default
else:
user_data: UserTable = get_user_by_id(user_id)
if not user_data:
return {"error": "Deleted.."}
return get_question(user_data.current_level)
if action == "answer-question" or action == "answer":
if not user_id:
return {"error": "You are logged out"}, DENIED
user_data: UserTable = get_user_by_id(user_id)
if not user_data:
return {"error": "Deleted"}
if user_data.is_disqualified:
return {"error": "Disqualified"}
return answer_question(user_data.current_level,
data.json.get("answer"), user_data)
def handler(data: ParsedRequest):
action = data.action
if action == "get-user-details":
return get_user_details(data.args.get("id"), is_logged_in())
if action == "add-user" or action == "create":
return {"umm": "no"}
# return add_user(data.json)
if action == "authenticate":
return authenticate(data.json)
if action == "edit":
return edit(data.json)
if action == "forgot-password":
return forgot_password(data.json)
if action == "check-password-token":
return check_password_token(data.json)
if action == "verify-email":
return send_verification_email(data.json)
if action == "check-email-token":
return check_email_token(data.json)
if action == "user-count":
return {"count": get_user_num()}
if action == "check-auth":
logged_in = is_logged_in()
user_details = None
if logged_in:
user_details = get_user_by_id(get_current_user())
if not user_details:
return {"is_logged_in": False}
user_details = user_details.as_json
return {"is_logged_in": bool(logged_in), "user_data": user_details}
def handler(data: ParsedRequest) -> dict:
action = data.action
if action == "create-admin-account":
return create_admin_account(data)
curr = get_current_user()
if not curr or is_not_admin(curr):
return (
{
"error":
"You do not have the permissions to access this content"
},
DENIED,
)
if action == "get-logs":
return get_log_from_file_system()
# if action == "clear-logs":
# clean_logs()
# return None
if action == "merge-logs":
merge_logs(data.json)
return SUCCESS
if action == "get-users":
return get_all_users()
if action == "get-questions":
return get_all_questions()
if action == "add-question":
return add_question(data.json)
if action == "get-latest-question-number":
q = get_latest_q_level()
qid = get_ques_by_id(q)
return {
"question_number": q,
"question_data": qid.as_json if qid is not None else qid,
}
if action == "edit-question":
return edit_question(data.json)
if not data.json:
return {"error": "Invalid"}
# if action == "elevate-status":
# return convert_to_admin_account(data.json)
user = get_user_by_id(data.json.get("user"))
post_level_up_webhook(
f"'{curr}' performed an admin action ({action} on {user.user})")
if action == "__edit__":
return admin_edit_user(user, data.json)
if action == "delete-user":
return delete_user(user)
if action == "disqualify":
return disqualify(user)
if action == "requalify":
return requalify(user)
def get_user_details(idx: str,
get_authenticated_data: bool,
get_class_instance: bool = False) -> dict:
data: UserTable = get_user_by_id(idx)
if get_authenticated_data and get_class_instance:
return data
curr = get_current_user()
is_admin = False
if curr:
is_admin = get_user_by_id(curr)
is_admin = is_admin.is_admin if is_admin else False
if data:
ret = data.as_json
if is_admin or (data.user == curr and get_authenticated_data):
return ret
else:
ret.pop("secure_data")
return ret
return None
def edit(js: dict) -> dict:
if not is_logged_in():
return {"error": "Not Authenticated"}
user = js.get("user", "").strip()
field = js.get("field", "").strip()
if field not in ["email", "school", "ig_user_id"]:
return {"error": "cannot edit specified field"}
new_value = js.get("new_value", "").strip()
if user != get_current_user():
return {"error": "Invalid credentials"}
invalid_data_arr = []
if not user:
invalid_data_arr.append("user")
if not field:
invalid_data_arr.append("column")
if not new_value:
invalid_data_arr.append("value")
if invalid_data_arr:
return {"error": f"Missing data: {', '.join(invalid_data_arr)}"}
user_table = get_user_by_id(user)
attr = getattr(user_table, field, sentinel)
if attr == sentinel:
return {"error": "Invalid field"}
if attr == new_value:
# prevent a useless write
return {"user_data": user_table.as_json}
try:
setattr(user_table, field, new_value)
if field == "email":
if not validate_email_address(new_value):
return {"error": "Invalid email"}
user_table.has_verified_email = False
save_to_db()
return {"user_data": user_table.as_json}
except:
return {
"error":
"Could not update" if field != "email" else
"Could not update email, maybe another account is using that address"
}
def handler(data: ParsedRequest):
action = data.action
ip = data.client_ip
current = get_current_user()
if action == "1":
return {"success": "Ok"}
js = data.json
type_ = js.pop("type")
user = current or None
log = Logs(type_, user, ip, js_time(), js)
add_to_db(log)
return {"success": "Ok"}
if action == "get":
return {}
if current is None:
return {"error": "Not authenticated"}
user = get_user_by_id(current)
if user is None or not user.is_admin:
return {"error": "Not authenticated"}
ret = query_all(Logs)
return map_to_list(lambda x: x.as_json, ret)