def handler(event, context):
headers = event.get('headers') or {}
query_params = event.get('queryStringParameters') or {}
authorization = headers.get('Authorization')
try:
body = json.loads(event.get('body'))
except:
body = {}
decoded = jwt_decode(authorization)
keys = body.get('props') or split(query_params.get('props'))
verbose = body.get('verbose') or boolean(query_params.get('verbose'))
user_id = decoded.get('user_id')
email = body.get('email') or query_params.get('email')
username = body.get('username') or query_params.get('username')
raw_password = body.get('password') or query_params.get('password')
if raw_password is not None:
credential = (db.table('userProperty').or_where(db.query().where({
'key':
'email',
'value':
email,
'active':
True,
})).or_where(db.query().where({
'key': 'username',
'value': username,
'active': True,
})).first())
if credential is None:
return abort(400, new_error('invalid credentials', 2))
user_id = credential.get('userId')
user_password = get_props(user_id, keys=['password'])['password']
if password(raw_password) != user_password:
return abort(400, new_error('invalid credentials', 2))
if db.table('user').where('id', user_id).first() is None:
return abort(400, new_error('invalid token', 1))
data = get(user_id, keys=keys, verbose=verbose, is_me=True)
return {
'body': json.dumps({'data': data}),
'headers': {
'Access-Control-Allow-Origin': '*'
},
'statusCode': 200,
}
def handler(event, context):
headers = event.get('headers') or {}
authorization = headers.get('Authorization')
try:
body = json.loads(event.get('body'))
except:
body = {}
try:
decoded = jwt_decode(authorization)
except:
decoded = {}
props = body.get('props') or {}
verbose = body.get('verbose')
user_id = decoded.get('user_id')
unique_props = {k: v for k, v in props.items() if k in UNIQUE_KEYS}
custom_props = {k: v for k, v in props.items() if k not in unique_props}
if db.table('user').where('id', user_id).first() is None:
return abort(401, new_error('invalid token', 1))
if 'password' in custom_props:
custom_props['password'] = password(custom_props['password'])
try:
set_props(user_id, props=unique_props, unique=True)
set_props(user_id, props=custom_props)
except Exception as e:
return abort(400, parse_sql_error(e))
return {
'body': json.dumps({
'data': get(
user_id,
keys=props.keys(),
verbose=verbose,
),
}),
'headers': {'Access-Control-Allow-Origin': '*'},
'statusCode': 200,
}
def handler(event, context):
user_id = new_id()
while db.table('user').where({'id': user_id}).first():
user_id = new_id()
try:
body = json.loads(event.get('body'))
except:
body = {}
props = body.get('props') or {}
verbose = body.get('verbose')
unique_props = {k: v for k, v in props.items() if k in UNIQUE_KEYS}
custom_props = {k: v for k, v in props.items() if k not in unique_props}
if 'password' in custom_props:
custom_props['password'] = password(custom_props['password'])
try:
set_props(user_id, props=unique_props, unique=True)
set_props(user_id, props=custom_props)
db.table('user').insert(id=user_id)
except Exception as e:
return abort(400, parse_sql_error(e))
return {
'body':
dumps({
'data':
get(
user_id,
keys=props.keys(),
verbose=verbose,
is_me=True,
)
}),
'headers': {
'Access-Control-Allow-Origin': '*'
},
'statusCode':
201,
}
def test_me_by_email_and_password(self):
user_id = new_id()
db.table('user').insert(id=user_id)
set_props(user_id, props={
'key': 'value',
'email': '*****@*****.**',
'password': password('password'),
}, unique=True)
res = handler({
'body': json.dumps({
'email': '*****@*****.**',
'password': '******',
'props': ['key', 'anonymous'],
}),
}, None)
body = json.loads(res['body'])
self.assertEqual(res['statusCode'], 200)
self.assertEqual(body['data']['id'], user_id)
self.assertIsNotNone(body['data']['ssid'])
self.assertEqual(body['data']['props']['key'], 'value')
self.assertIsNone(body['data']['props']['anonymous'])
res = handler({
'queryStringParameters': {
'email': '*****@*****.**',
'password': '******',
'props': 'key,anonymous',
},
}, None)
body = json.loads(res['body'])
self.assertEqual(res['statusCode'], 200)
self.assertEqual(body['data']['id'], user_id)
self.assertIsNotNone(body['data']['ssid'])
self.assertEqual(body['data']['props']['key'], 'value')
self.assertIsNone(body['data']['props']['anonymous'])
def test_password(self):
self.assertNotEqual(password('password'), 'password')
self.assertEqual(password('password'), password('password'))
self.assertNotEqual(password('passwOrd'), password('password'))
self.assertEqual(password('비밀번호'), password('비밀번호'))
self.assertEqual(password('😘'), password('😘'))