def get(request):
""" Respond to the "/identity/get" API request.
"""
success,response = apiHelper.process_params(request,
required_params=["session_token"])
if not success: return response
params = response
# Find the desired session.
try:
session = Session.objects.get(token=params['session_token'])
except Session.DoesNotExist:
session = None
if session == None or not session.authenticated:
return HttpResponseForbidden("invalid session")
# Get a dictionary representation of this user's details.
response = session.user.to_dict()
# Finally, return the user details back to the caller.
return HttpResponse(json.dumps(response), status=200,
mimetype="application/json")
def get_profile(request):
""" Respond to the "/identity/get_profile" API request.
"""
success,response = apiHelper.process_params(request,
required_params=["username"])
if not success: return response
username = response['username']
# Find the user with that username.
try:
user = User.objects.get(username__iexact=username)
except User.DoesNotExist:
return HttpResponseNotFound()
# Find the user's profile.
try:
profile = UserProfile.objects.get(user=user).to_dict()
except UserProfile.DoesNotExist:
profile = {}
# Finally, return the user's profile back to the caller.
return HttpResponse(json.dumps(profile), status=200,
mimetype="application/json")
def create(request):
""" Respond to the "/identity/create" API request.
"""
start_time = time.time()
success,response = apiHelper.process_params(request,
required_params=["username",
"password"],
optional_params=["photo",
"name",
"email",
"website",
"location",
"bio"])
if not success: return response
params = response
# Check that the user doesn't already exist.
try:
existing_user = User.objects.get(username__iexact=params['username'])
except User.DoesNotExist:
existing_user = None
if existing_user != None:
return HttpResponseForbidden("duplicate username")
# Create the new user.
user = User()
user.username = params['username']
user.password_salt = uuid.uuid4().hex
user.password_hash = hashlib.md5(params['password'] +
user.password_salt).hexdigest()
user.save()
# Create the user's profile.
profile = UserProfile()
profile.user = user
if "photo" in params:
profile.save() # Have to save before we can upload a photo.
profile.photo_orig.save(params['photo'].name, params['photo'])
if "name" in params: profile.name = params['name']
if "email" in params: profile.email = params['email']
if "website" in params: profile.website = params['website']
if "location" in params: profile.location = params['location']
if "bio" in params: profile.bio = params['bio']
profile.save()
# Send information about the new user signup to the 3taps Stats API.
end_time = time.time()
time_taken = int(1000 * (end_time - start_time))
statsRecorder.record("IDCR", 1, time_taken)
# Finally, return the newly-created user back to the caller.
return HttpResponse(json.dumps(user.to_dict()), status=201,
mimetype="application/json")
def update(request):
""" Respond to the "/identity/update" API request.
"""
success,response = apiHelper.process_params(request,
required_params=["session_token"],
optional_params=["username",
"password",
"photo",
"name",
"email",
"website",
"location",
"bio"])
if not success: return response
params = response
# Find the desired session.
try:
session = Session.objects.get(token=params['session_token'])
except Session.DoesNotExist:
session = None
if session == None or not session.authenticated:
return HttpResponseForbidden("invalid session")
# If the caller supplied a new username or password, update the User record
# directly.
user = session.user
if "username" in params and params['username'] not in ["", None]:
# Check that the new username isn't already taken.
try:
existing_user = \
User.objects.get(username__iexact=params['username'])
except User.DoesNotExist:
existing_user = None
if existing_user != None and existing_user != user:
return HttpResponseForbidden("duplicate username")
user.username = params['username']
if "password" in params and params['password'] not in ["", None]:
user.password_hash = hashlib.md5(params['password'] +
user.password_salt).hexdigest()
user.save()
# Update the user's profile.
try:
profile = UserProfile.objects.get(user=user)
except UserProfile.DoesNotExist:
profile = UserProfile()
profile.user = user
profile.save()
if "photo" in params:
profile.photo_orig.save(params['photo'].name, params['photo'])
if "name" in params: profile.name = params['name']
if "email" in params: profile.email = params['email']
if "website" in params: profile.website = params['website']
if "location" in params: profile.location = params['location']
if "bio" in params: profile.bio = params['bio']
profile.save()
# Finally, return the updated user details back to the caller.
return HttpResponse(json.dumps(user.to_dict()), status=200,
mimetype="application/json")