def get(self, **kwargs):
# TODO: order_id should be changed to 'report_id'
# TODO: report template for EAV table should be made
job_id = request.args.get('job_id')
user_id = kwargs.get('user_id')
res = {}
# user_id와 order_id(report_id)가 매칭되는지 비교
try:
query = text("SELECT user_id FROM job WHERE id=:job_id")
cursor = g.db.execute(query, job_id=job_id)
row = dict(cursor.fetchone().items())
if not int(row['user_id']) is int(user_id):
res['e_msg'] = bad_request('User, order id mismatched')
# 매칭되면 report 데이터 불러오기
cursor = g.db.execute(text("SELECT big_json FROM report_json WHERE job_id=:job_id"), job_id=job_id)
row = cursor.fetchone()
if len(row) == 0:
res['e_msg'] = not_found('Data not found')
except:
raise Exception
res['e_msg'] = success()
res['data'] = dict(row.items())
return res
def get(self, **kwargs):
res = {}
user_id = kwargs.get('user_id')
print "user_id : %s" % user_id
member_type = member_type_check(user_id)
if member_type == 'vc':
query = text(
"SELECT firm_name, status, runway, avg_burn_mon, cash_remaining \
FROM overview inner join firm_info on overview.firm_id = firm_info.firm_id"
)
res['data'] = g.db.execute(query).fetchall()
if res is None or len(res['data']) <= 0:
res['e_msg'] = not_found('Portfolio is not found')
return res
else:
res['data'] = [dict(i.items()) for i in res['data']]
res['e_msg'] = success()
else:
res['e_msg'] = bad_request('This page is only for VC')
return res
def get(self):
res = {}
try:
res['data'] = g.db.execute(
text("SELECT * FROM service")).fetchall()
except:
raise Exception
if res is None or len(res['data']) <= 0:
res['e_msg'] = not_found('Service id not found')
return res
res['data'] = [dict(i.items()) for i in res['data']]
res['e_msg'] = success()
return res
def get(self, **kwargs):
id = kwargs.get('user_id')
res = {}
try:
user_name = g.db.execute(
text(""" SELECT customer_user_cred FROM user WHERE id=:id"""),
id=id).fetchone()
except:
raise Exception
if user_name is not None:
res['data'] = dict(name=user_name[0])
res['e_msg'] = success()
return res
res['e_msg'] = not_found('Id not exists')
return res
def post(self, **kwargs):
attr = request.form.get('attribute')
to = request.form.get('to')
u_id = kwargs.get('user_id')
res = dict()
try:
if attr == 'pw':
query = "INSERT INTO credential (user_id, cred_key, cred_value) " \
"VALUES (:user_id, :cred_key, :cred_value) " \
"ON DUPLICATE KEY UPDATE cred_key=:cred_key, cred_value=:cred_value;"
g.db.execute(text(query),
user_id=u_id,
cred_key='local_pw',
cred_value=generate_password_hash(to))
res['e_msg'] = success()
else:
res['e_msg'] = not_found('User not found')
except:
raise Exception
return res
def post(self, **kwargs):
id, credcol = kwargs.get('user_id'), request.form.get('credcol')
res = {}
try:
credcols = g.db.execute(text("SELECT DISTINCT credcol FROM mand_credcol")).fetchall()
credcols = [i[0] for i in credcols]
if credcol is None or credcol not in credcols:
res['e_msg'] = bad_request('Invalid Credcol')
return res
rowcounted = g.db.execute(text("""DELETE FROM credential WHERE user_id=:id and cred_key=:cred_key """),
id=id, cred_key=credcol).rowcount
if rowcounted > 0:
res['e_msg'] = success()
else:
res['e_msg'] = not_found('Token not found')
except:
raise Exception()
return res
def post(self):
name = request.form.get('id')
pw = request.form.get('pw')
res = {}
try:
db_info = g.db.execute(text('''SELECT user.id, credential.cred_value
FROM credential JOIN user ON user_id=id
WHERE customer_user_cred=:name AND cred_key=:key'''),
name=name, key="local_pw").fetchone()
except:
raise Exception
if db_info is None:
res['e_msg'] = not_found('User not found')
else:
db_user_id = db_info[0]
db_pw = db_info[1]
# If user matched, get refresh token
if check_password_hash(db_pw, pw):
query = "SELECT cred_value FROM credential WHERE cred_key='login_refresh_token' AND user_id=:id"
refresh_token = g.db.execute(text(query), id=db_user_id).fetchone()[0]
res['refresh_token'] = refresh_token
# If scope verified, get access token
if jwt_scope_verify(str(refresh_token), app.config['SECRET_KEY']):
access_token = jwt_access_token(db_user_id, 31536000, app.config['SECRET_KEY'], 'master')
res['access_token'] = access_token
res['e_msg'] = success()
else:
res['e_msg'] = unauthorized('User id or password invalid, please try again')
return res