def users():
error = ""
if request.method == 'POST':
user, username, email, password = None, None, None, None
if 'username' in request.json:
username = request.json['username']
else:
error = "Username is required."
if 'email' in request.json:
email = request.json['email']
else:
error = "Email is required."
if 'password' in request.json:
password = request.json['password']
else:
error = "Password is required."
if error is '' and email and not validate_email(email):
error = "Email is not a valid format."
if error is '' and not validate_username(username):
error = "Username must contain only letters, numbers or underscore"
if error is '' and User.username_exists(username):
error = "Username already used."
if error is '' and User.email_exists(email):
error = "Email already used."
if username and email and password:
user = User(username, email, password)
if user is not None and error == '':
db.session.add(user)
db.session.commit()
return jsonify(status="success", data={},
message="User successfully registered.", code=200), 200
else:
return jsonify(status="error", data={},
message=error,
code=400), 400
else:
users = []
for user in User.query.all():
users.append(user.to_json())
if is_json(request):
return jsonify(status="success", data={'users': users},
message="", code=200), 200
else:
return render_template('users.html', users=User.query.all())
def validate(self):
if not Form.validate(self):
return False
if User.email_exists(self.email.data):
self.email.errors.append("That email is already taken")
return False
if User.username_exists(self.username.data):
self.username.errors.append("That username is already taken")
return False
return True
def get(self,emailAddr):
try:
if User.email_exists(emailAddr):
return {'status':'success',
'code':'0',
'description':'Email already exists'}, 200
else:
return {'status':'success',
'code':'1',
'description':'Available Email Address'}, 200
except:
return {'status':'error',
'description':'Something went wrong'}, 500
def modify_user(username=None, id=None):
email, error = None, ''
if username:
user = User.query.filter_by(username = username).first()
elif id:
user = User.query.filter_by(id = id).first()
if not user or user.id is not g.user.id:
return jsonify(status="error", data={},
message="Unauthorized to modify the specified user.",
code=400), 400
if request.method == 'PUT':
if 'username' in request.json:
error = "Username can not be modified."
if 'email' in request.json:
email = request.json['email']
if error is '' and email and not validate_email(email):
error = "Email is not a valid format."
if error is '' and email and User.email_exists(email):
error = "Email already used."
if email:
user.email = email
if 'password' in request.json:
user.get_hashed_password(request.json['password'])
if error is not '':
return jsonify(status="error", data={},
message=error,
code=400), 400
else:
db.session.add(user)
db.session.commit()
return jsonify(status="success", data={},
message="User successfully updated.",
code=200), 200
else:
db.session.delete(user)
db.session.commit()
return jsonify(status="success", data={},
message="User successfully deleted.",
code=200), 200
def post(self):
if request.json:
params = request.json
elif request.form:
params = request.form
else:
return {'status':'error',
'description':'Request Failed!'}, 400
# Check Requirements <Email, Password>
if not 'email' in params:
return {'status':'error',
'description':'Email Address input error!'}, 400
elif not 'password' in params:
return {'status':'error',
'description':'Password Missing'}, 400
# Check email address is unique
if User.email_exists(params['email']):
return {'status':'error',
'description':'Already registered Email address'}, 400
# Make username based on email address when it was not submitted.
if not 'username' in params or params['username'] == "" or params['username'] == None:
username = params['email'].split('@')[0]
username = User.make_valid_username(username)
# username = User.make_unique_username(username)
else:
username = params['username']
if User.username_exists(username):
return {'status':'error',
'description':'Username already exists.'}, 400
# Check User Birthday
if not 'birthday' in params or params['birthday']=="":
birthday = None
else:
birthday = params['birthday']
u = User(email=params['email'],
username=username,
fb_id=None,
birthday=birthday)
# Password Hashing
u.hash_password(params['password'])
u.key = md5('ACTIVATION'+str(int(random.random()*10000))).hexdigest()
# Database Insert/Commit
try:
db.session.add(u)
db.session.commit()
except:
return {'status':'error',
'description':'Something went wrong.'}, 500
send_awaiting_confirm_mail(u)
g.user = u
token = g.user.generate_auth_token()
return {'status':'success',
'data':{'user':{'id': g.user.id,
'username': g.user.username,
'email': g.user.email,
'birthday': g.user.birthday,
'confirmed_at':g.user.confirmed_at.strftime("%Y-%m-%d %H:%M:%S") if g.user.confirmed_at else None},
'token': token.decode('ascii')}}, 201
