def post(self):
if not request.json or 'name' not in request.json:
abort(400)
user = User.objects(email=request.json['email'])
if len(user) > 0:
return jsonify(
ok=False,
errors=['Email already in use. Account creation failed']), 403
new_user = User(name=request.json['name'],
email=request.json['email'],
alive=True)
new_user.description = request.json.get('description', None)
new_user.location = request.json.get('location', None)
new_user.phone = request.json.get('phone', None)
new_user.public = True
new_user.save()
if 'password' in request.json:
auth = Auth(user=new_user,
password=request.json['password'],
alive=False)
auth.password = auth.hash_password(request.json['email'],
request.json['password'])
auth.save()
return jsonify(ok=True, objects=[new_user.to_json()]), 201
def post(self):
if not request.json or 'name' not in request.json :
abort(400)
user = User.objects(email= request.json['email'])
if len(user) > 0 :
return jsonify(
ok=False,
errors=['Email already in use. Account creation failed']
), 403
new_user = User(name= request.json['name'],
email= request.json['email'],
alive=True
)
new_user.description = request.json.get('description', None )
new_user.location = request.json.get('location', None )
new_user.phone = request.json.get('phone', None )
new_user.public = True
new_user.save()
if 'password' in request.json :
auth = Auth( user= new_user, password=request.json['password'], alive=False )
auth.password = auth.hash_password(
request.json['email'],
request.json['password'])
auth.save()
return jsonify(ok=True, objects=[new_user.to_json()]), 201
def put(self, id):
""" Update a user's details """
user = User.objects.get_or_404(id=id)
#prevent non authorised users from editing other user's details
_currentUser = Auth.getUser()
if _currentUser != user :
abort(401)
if 'user' in request.json:
# save the old details in history
user.history.append( user )
user.name = request.json['user']['name']
user.description = request.json['user']['description']
user.location = request.json['user']['location']
user.phone = request.json['user']['phone']
user.links = request.json['user'].get('links', [])
user.alive = True
user.save()
# create an Auth account if it doesn't exist or
# update the password if it does
if 'password' in request.json['user'] :
try:
auth = Auth.objects.get(user=user)
except(Exception):
auth = Auth(user=user,
password=request.json['user']['password'],
alive=True
)
auth.password = Auth.hash_password(user.email, auth.password)
auth.save()
return jsonify(ok=True),200
abort(401)
def put(self, id):
""" Update a user's details """
user = User.objects.get_or_404(id=id)
#prevent non authorised users from editing other user's details
_currentUser = Auth.getUser()
if _currentUser != user:
abort(401)
if 'user' in request.json:
# save the old details in history
user.history.append(user)
user.name = request.json['user']['name']
user.description = request.json['user']['description']
user.location = request.json['user']['location']
user.phone = request.json['user']['phone']
user.links = request.json['user'].get('links', [])
user.alive = True
user.save()
# create an Auth account if it doesn't exist or
# update the password if it does
if 'password' in request.json['user']:
try:
auth = Auth.objects.get(user=user)
except (Exception):
auth = Auth(user=user,
password=request.json['user']['password'],
alive=True)
auth.password = Auth.hash_password(user.email, auth.password)
auth.save()
return jsonify(ok=True), 200
abort(401)
def post (self):
if not request.json :
abort(400)
email = request.json.get('email', None)
password = request.json.get('password', None)
if email == None or password == None :
abort(400)
''' check authentication '''
try:
user = User.objects.get(email=email)
password = Auth.hash_password(user.email, password)
auth = Auth.objects.get(user=user, password=password)
''' setup a new session '''
_session = Session(auth_id=str(auth.id),alive=True)
_session.save()
auth.sessions.append( _session )
auth.alive = True
auth.hash = str(auth.id) + str(_session.id)
auth.save()
response = make_response(jsonify(ok=True), 200 )
response.set_cookie('yearplan_user', value=auth.hash)
response.headers['X-yearplan-user'] = auth.hash
return response
except:
pass
return jsonify(ok=False,objects=['Invalid email and password combination']), 401