def auth_register():
if not request.is_json:
return Response('not_json')
try:
email = request.json.get('email', None)
password = request.json.get('password', None)
firstname = request.json.get('firstname', None)
lastname = request.json.get('lastname', None)
picture = request.json.get('picture', None)
except:
return Response('not_json')
if not email:
return jsonify({'error': 'E-mailová adresa nebola zadaná'}), 400
if not password:
return jsonify({'error': 'Heslo nebolo zadané'}), 400
if not firstname:
return jsonify({'error': 'Meno nebolo zadané'}), 400
if not lastname:
return jsonify({'error': 'Priezvisko nebolo zadané'}), 400
if not picture:
picture = Config['default_picture']
if not isinstance(email, str) or not isinstance(password, str):
return Response('invalid_format')
try:
models.Picture.get(models.Picture.uuid == picture)
except peewee.DoesNotExist:
return jsonify({'error': 'Obrázok neexistuje'}), 400
except:
return Response('server_error')
hashed_password = MakeHash(Sanitize(password),
os.urandom(Config['hash_salt_length']))
user = models.User(uuid=uuid.uuid4(),
email=Sanitize(email),
password=hashed_password,
firstname=Sanitize(firstname),
lastname=Sanitize(lastname),
picture=picture)
try:
user.save()
except peewee.IntegrityError:
return jsonify({'error': 'E-mailová adresa už bola použitá'}), 400
except:
return Response('server_error')
seed = os.urandom(128).hex()
models.Activation(user=user.uuid, seed=seed).save()
print('Please visit http://127.0.0.1:5000/auth/activate/%s' % seed)
return Response('empty')
def shelterneeds_add():
# get current user
current_user = get_jwt_identity()
try:
# if user does not exist in DB, forbidden
user = models.User.get(models.User.uuid == current_user)
except:
return Response('forbidden')
if not user.admin:
return Response('forbidden')
try:
category = request.json.get('category', None)
name = request.json.get('name', None)
details = request.json.get('details', None)
hide = request.json.get('hide', None)
except:
return Response('not_json')
if not category:
return jsonify({"error": "Kategória nebola zadaná"}), 400
if not name:
return jsonify({"error": "Názov nebol zadaný"}), 400
if not details:
return jsonify({"error": "Detailný popis nebol zadaný"}), 400
if not hide:
hide = False
shelterneed = models.ShelterNeeds(uuid=uuid.uuid4(),
category=Sanitize(category),
name=Sanitize(name),
details=Sanitize(details),
hide=hide)
try:
shelterneed.save()
except:
return Response('server_error')
return Response('empty')
def auth_login():
if not request.is_json:
return Response('not_json')
try:
email = request.json.get('email', None)
password = request.json.get('password', None)
except:
return Response('not_json')
if not email:
return jsonify({'error': 'E-mailová adresa nebola zadaná'}), 400
if not password:
return jsonify({'error': 'Heslo nebolo zadané'}), 400
if not isinstance(email, str) or not isinstance(password, str):
return Response('invalid_format')
# Try to get user by provided email
try:
match = models.User.get(models.User.email == Sanitize(email))
except peewee.DoesNotExist:
return jsonify({'error': 'Používateľ neexistuje'}), 400
except:
return Response('server_error')
if not match.activated:
return jsonify({'error': 'Účet nie je aktivovaný'}), 400
# Compare password hashes
salt = bytes.fromhex(match.password[:(Config['hash_salt_length'] * 2)])
if match.password == MakeHash(Sanitize(password), salt):
token = create_access_token(identity=match.uuid)
return jsonify({
'token': token,
'token_type': app.config['JWT_HEADER_TYPE'],
'expires': Config['jwt_expires'],
'uuid': match.uuid,
})
else:
return jsonify({'error': 'Nesprávne heslo'}), 400
def auth_activate(seed):
try:
match = models.Activation.get(models.Activation.seed == Sanitize(seed))
user = models.User.get(models.User.uuid == match.user)
user.activated = True
user.save()
match.delete_instance()
except peewee.DoesNotExist:
return Response('empty')
except:
return Response('server_error')
return Response('empty')
def donation():
# get current user
current_user = get_jwt_identity()
try:
# if user does not exist in DB, forbidden
models.User.get(models.User.uuid == current_user)
except:
return Response('forbidden')
try:
donator = request.json.get('donator', None)
amount = request.json.get('amount', None)
except:
return Response('not_json')
if not amount:
return jsonify({"error": "Suma nebola zadaná"}), 400
if not isinstance(amount, float) and not isinstance(amount, int):
return Response('invalid_format')
if donator:
try:
# if user does not exist in DB, error
models.User.get(models.User.uuid == donator)
except:
return jsonify({'error': 'Používateľ neexistuje'}), 400
donation = models.Donation(donator=Sanitize(donator), amount=amount)
try:
donation.save()
except:
return Response('server_error')
return Response('empty')
def cats_update(uuid):
# get current user
current_user = get_jwt_identity()
try:
# if user does not exist in DB, forbidden
user = models.User.get(models.User.uuid == current_user)
except:
return Response('forbidden')
if not user.admin:
return Response('forbidden')
try:
match = models.Cat.get(models.Cat.uuid == uuid)
except peewee.DoesNotExist:
return Response('invalid')
except:
return Response('server_error')
try:
name = request.json.get('name', None)
age = request.json.get('age', None)
sex = request.json.get('sex', None)
breed = request.json.get('breed', None)
health_status = request.json.get('health_status', None)
castrated = request.json.get('castrated', None)
vaccinated = request.json.get('vaccinated', None)
dewormed = request.json.get('dewormed', None)
colour = request.json.get('colour', None)
description = request.json.get('description', None)
health_log = request.json.get('health_log', None)
adoptive = request.json.get('adoptive', None)
pictures = request.json.get('pictures', None)
except:
return Response('not_json')
try:
request.json['health_log']
update_health_log = True
except KeyError:
update_health_log = False
if (not name) and (not age) and (sex == None) and (not breed) and (
not health_status) and (castrated == None) and (
vaccinated == None) and (dewormed == None) and (
not colour) and (not description) and (
health_log == None and not update_health_log) and (
adoptive == None) and (not pictures):
return Response('empty')
if name:
if not isinstance(name, str):
return Response('invalid_format')
match.name = Sanitize(name)
if age:
if not isinstance(age, int) or int(age) < 0 or int(age) > 300:
return jsonify({"error": "Neplatná hodnota veku"}), 400
match.age = age
if sex != None:
if not isinstance(sex, bool):
return Response('invalid_format')
match.sex = sex
if breed:
if not isinstance(breed, int):
return Response('invalid_format')
try:
models.Breed.get(models.Breed.id == breed)
match.breed = breed
except peewee.DoesNotExist:
return jsonify({"error": "Dané plemeno neexistuje"}), 400
except:
return Response('server_error')
if health_status:
if not isinstance(health_status, int):
return Response('invalid_format')
try:
models.HealthStatus.get(models.HealthStatus.id == health_status)
match.health_status = health_status
except peewee.DoesNotExist:
return jsonify({"error": "Daný zdravotný stav neexistuje"}), 400
except:
return Response('server_error')
if castrated != None:
if not isinstance(castrated, bool):
return Response('invalid_format')
match.castrated = castrated
if vaccinated != None:
if not isinstance(vaccinated, bool):
return Response('invalid_format')
match.vaccinated = vaccinated
if dewormed != None:
if not isinstance(dewormed, bool):
return Response('invalid_format')
match.dewormed = dewormed
if colour:
if not isinstance(colour, int):
return Response('invalid_format')
try:
models.Colour.get(models.Colour.id == colour)
match.colour = colour
except peewee.DoesNotExist:
return jsonify({"error": "Daná farba neexistuje"}), 400
except:
return Response('server_error')
if description:
if not isinstance(description, str):
return Response('invalid_format')
match.description = Sanitize(description, False)
if update_health_log:
if not isinstance(health_log, str):
return Response('invalid_format')
match.health_log = Sanitize(health_log, False)
if adoptive != None:
if not isinstance(adoptive, bool):
return Response('invalid_format')
match.adoptive = adoptive
if pictures:
if not isinstance(pictures, list):
return Response('invalid_format')
for p in pictures:
try:
models.Picture.get(models.Picture.uuid == p)
except peewee.DoesNotExist:
return jsonify({"error": "Daný obrázok neexistuje"}), 400
except:
return Response('server_error')
match.pictures = json.dumps(pictures)
try:
match.save()
except:
return jsonify({'error': 'Mačku nebolo možné uložiť'}), 400
return Response('empty')
def cats_add():
# get current user
current_user = get_jwt_identity()
try:
# if user does not exist in DB, forbidden
user = models.User.get(models.User.uuid == current_user)
except:
return Response('forbidden')
if not user.admin:
return Response('forbidden')
try:
name = request.json.get('name', None)
age = request.json.get('age', None)
sex = request.json.get('sex', None)
breed = request.json.get('breed', None)
health_status = request.json.get('health_status', None)
castrated = request.json.get('castrated', None)
vaccinated = request.json.get('vaccinated', None)
dewormed = request.json.get('dewormed', None)
colour = request.json.get('colour', None)
description = request.json.get('description', None)
health_log = request.json.get('health_log', '')
adoptive = request.json.get('adoptive', None)
pictures = request.json.get('pictures', None)
except:
return Response('not_json')
if not name:
return jsonify({"error": "Meno nebolo zadané"}), 400
if not age:
return jsonify({"error": "Vek nebol zadaný"}), 400
if sex == None:
return jsonify({"error": "Pohlavie nebolo zadané"}), 400
if not breed:
return jsonify({"error": "Plemeno nebolo zadané"}), 400
else:
try:
models.Breed.get(models.Breed.id == breed)
except peewee.DoesNotExist:
return jsonify({"error": "Dané plemeno neexistuje"}), 400
except:
return Response('server_error')
if not health_status:
return jsonify({"error": "Zdravotný stav nebol zadaný"}), 400
else:
try:
models.HealthStatus.get(models.HealthStatus.id == health_status)
except peewee.DoesNotExist:
return jsonify({"error": "Daný zdravotný stav neexistuje"}), 400
except:
return Response('server_error')
if not castrated:
castrated = False
if not vaccinated:
vaccinated = False
if not dewormed:
dewormed = False
if not colour:
return jsonify({"error": "Farba srsti nebola zadaná"}), 400
else:
try:
models.Colour.get(models.Colour.id == colour)
except peewee.DoesNotExist:
return jsonify({"error": "Daná farba neexistuje"}), 400
except:
return Response('server_error')
if not description:
return jsonify({"error": "Popis nebol zadaný"}), 400
if not adoptive:
adoptive = False
if not pictures:
return jsonify({"error": "Nebol pridaný žiadny obrázok"}), 400
if not isinstance(name, str) or not isinstance(age, int) or not isinstance(
sex, bool) or not isinstance(castrated, bool) or not isinstance(
vaccinated,
bool) or not isinstance(dewormed, bool) or not isinstance(
description,
str) or not isinstance(health_log, str) or not isinstance(
adoptive, bool) or not isinstance(pictures, list):
return Response('invalid_format')
if int(age) < 0 or int(age) > 300:
return jsonify({"error": "Neplatná hodnota veku"}), 400
for p in pictures:
try:
models.Picture.get(models.Picture.uuid == p)
except peewee.DoesNotExist:
return jsonify({"error": "Daný obrázok neexistuje"}), 400
except:
return Response('server_error')
cat = models.Cat(uuid=uuid.uuid4(),
name=Sanitize(name),
age=age,
sex=sex,
breed=breed,
health_status=health_status,
castrated=castrated,
vaccinated=vaccinated,
dewormed=dewormed,
colour=colour,
description=Sanitize(description, False),
health_log=Sanitize(health_log, False),
adoptive=adoptive,
pictures=json.dumps(pictures))
try:
cat.save()
except:
return Response('server_error')
return jsonify({'uuid': cat.uuid}), 200
def auth_update_user(uuid):
current_user = get_jwt_identity()
try:
user = models.User.get(models.User.uuid == current_user)
except:
return Response('forbidden')
if uuid != user.uuid and not user.admin:
return Response('forbidden')
try:
match = models.User.get(models.User.uuid == uuid)
except peewee.DoesNotExist:
return Response('invalid')
except:
return Response('server_error')
if not request.is_json:
return Response('not_json')
try:
password = request.json.get('password', None)
firstname = request.json.get('firstname', None)
lastname = request.json.get('lastname', None)
picture = request.json.get('picture', None)
activated = request.json.get('activated', None)
admin = request.json.get('admin', None)
except:
return Response('not_json')
if not password and not firstname and not lastname and not picture and activated == None and admin == None:
return Response('empty')
if admin and not user.admin:
return Response('forbidden')
if activated and not user.admin:
return Response('forbidden')
if password:
salt = bytes.fromhex(match.password[:(Config['hash_salt_length'] * 2)])
match.password = MakeHash(Sanitize(password), salt)
if firstname:
match.firstname = Sanitize(firstname)
if lastname:
match.lastname = Sanitize(lastname)
if picture:
try:
models.Picture.get(models.Picture.uuid == picture)
except peewee.DoesNotExist:
return jsonify({'error': 'Obrázok neexistuje'}), 400
except:
return Response('server_error')
match.picture = picture
if activated != None:
match.activated = True if activated else False
if admin != None:
match.admin = True if admin else False
try:
match.save()
except:
return Response('server_error')
return Response('empty')