def makeuser():
username = request.form['username']
password = request.form['password']
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute('SELECT 1 FROM users WHERE username = %s', (username, ))
if cursor.rowcount != 0:
return jsonify({'result': 'exists'})
else:
generate_user(conn, username, password)
return jsonify({'result': 'success'})
def validate_token(token):
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute('SELECT * FROM session WHERE token = %s', (token, ))
result = cursor.fetchone()
if result is None:
return None
token, user_id, expiration_time = result
if expiration_time >= datetime.now():
return user_id
else:
return None
def update_post():
try:
timestamp = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime())
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute("UPDATE post SET post.posted_time = %s, post.title = %s, post.body = %s WHERE post.id = %s AND post.author_id = %s", (timestamp, request.form['title'], request.form['body'], request.form['id'], g.user_id))
conn.commit()
except:
return ('', 401)
finally:
cursor.close()
conn.close()
return('', 204)
def delete_post():
try:
post_id = request.form['post_id']
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute("DELETE FROM post WHERE post.id = %s AND post.author_id = %s", (post_id, g.user_id))
conn.commit()
except:
return ('', 401)
finally:
cursor.close()
conn.close()
return ('', 204)
def post():
try:
timestamp = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime())
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute("INSERT INTO post(author_id, posted_time, title, body) VALUES (%s, %s, %s, %s)", (g.user_id, timestamp, request.form['title'], request.form['body']))
conn.commit()
except:
return ('', 401)
finally:
cursor.close()
conn.close()
return ('', 204)
def users():
try:
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute("SELECT users.username FROM users")
rows = cursor.fetchall()
except:
return ('', 401)
finally:
cursor.close()
conn.close()
usernames = map(lambda x: x[0], rows)
return jsonify(users=list(usernames))
def posts():
try:
username = request.args.get("username")
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute("SELECT post.id, users.username, unix_timestamp(post.posted_time), post.title, post.body FROM post, users WHERE post.author_id = users.id AND users.username = %(username)s", {'username': username})
rows = cursor.fetchall()
except:
return ('', 401)
finally:
cursor.close()
conn.close()
data = map(lambda x: PostObject(x).to_dict(), rows)
return jsonify(posts=list(data))
def unfollow():
unfollowed_username = request.form['username']
try:
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute(
"DELETE FROM follow WHERE follow.follower_id = %s AND follow.following_id = (SELECT users.id FROM users WHERE users.username = %s)",
(g.user_id, unfollowed_username))
conn.commit()
except Exception as e:
print(e)
return ('', 401)
finally:
cursor.close()
conn.close()
return ('', 204)
def follow():
followed_username = request.form['username']
try:
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute(
"INSERT INTO follow (following_id, follower_id) VALUES ((SELECT users.id FROM users WHERE users.username = %s), %s)",
(followed_username, g.user_id))
conn.commit()
except Exception as e:
print(e)
return ('', 401)
finally:
cursor.close()
conn.close()
return ('', 204)
def get_following():
try:
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute(
"SELECT users.username FROM users, follow WHERE follow.follower_id = %(user_id)s AND users.id = following_id",
{'user_id': g.user_id})
rows = cursor.fetchall()
except:
return ('', 401)
finally:
cursor.close()
conn.close()
usernames = map(lambda x: x[0], rows)
return jsonify(following=list(usernames))
def login():
username = request.form['username']
password = request.form['password']
conn = get_full_db_connection()
cursor = conn.cursor()
cursor.execute('SELECT * FROM users WHERE username = %s', (username, ))
user = cursor.fetchone()
if user is not None and check_password_hash(user[2], password):
token = generate_session(conn, user[0])
resp = make_response(jsonify({'result': 'success', 'token': token}))
resp.set_cookie('token', token)
return resp
else:
return jsonify({'result': 'failure'})
return jsonify({'result': 'success'})