Пример #1
0
def users_post_view(request):
    username = request.json_body.get('username')
    if not isinstance(username, basestring):
        request.response.status = 400
        return {
            'd':
            error_dict(
                'api_errors',
                'username, email, and password are all required string fields')
        }
    if username_in_use(request.json_body['username'], request.dbsession):
        request.response.status = 400
        return {
            'd':
            error_dict(
                'verification_error',
                'username already in use: %s' % request.json_body['username'])
        }

    requires = ['email', 'password']
    if not all(field in request.json_body for field in requires) \
       or not all(isinstance(request.json_body.get(field), basestring) for field in request.json_body):
        request.response.status = 400
        return {
            'd':
            error_dict(
                'api_errors',
                'username, email, and password are all required string fields')
        }

    user = User()
    user.salt = os.urandom(256)
    user.password = hash_password(request.json_body['password'], user.salt)
    user.username = request.json_body['username'].lower()
    user.email = request.json_body['email'].lower()
    user.origin = request.json_body.get('origin', None)
    user.authpin = '123456'

    request.dbsession.add(user)
    request.dbsession.flush()
    request.dbsession.refresh(user)

    s = Session()
    s.owner = user.id
    s.token = str(uuid4())
    request.dbsession.add(s)
    request.dbsession.flush()
    request.dbsession.refresh(s)
    result = dict_from_row(user, remove_fields=removals)
    result['session'] = dict_from_row(s, remove_fields=removals)

    return {'d': result}
Пример #2
0
    def create_session(self, spec_data=None, return_object=True):
        """
        Make a session object, return the actual object with spec_data overriding values for further manipulation unless set to false.
        :param spec_data: A dictionary containing the data keyed on db model object attribute
        :param return_object: Whether to return the object or not, defaulting to True
        :return: a session db model
        """
        s = Session()
        if spec_data is None:
            spec_data = {}
        sqlobj_from_dict(s, spec_data)

        if s.user_id is None:
            s.user_id = self.create_user(spec_data).id
        if s.token is None:
            s.token = uuid4()

        self.session.add(s)
        self.session.flush()
        self.session.refresh(s)
        if return_object:
            return s
        return s.id