def post(self):
oauth_verifier = self.request.get("oauth_verifier",
default_value="None")
user_identifier = self.request.get("user_identifier", default_value="")
if not oauth_verifier == "":
key_verifier = "oauth_verifier_" + oauth_verifier
twitter_user_data = memcache.get(key_verifier)
if not twitter_user_data == None:
# Checks if the username was stored previously
stored_credentials = ndb_pb.searchToken(twitter_user_data["token_id"], "twitter")
if not stored_credentials == None:
# We store the new set of credentials
user_key = ndb_pb.modifyToken(twitter_user_data["token_id"],
twitter_user_data["access_token"], "twitter")
user_id = ndb_pb.getUserId(user_key)
session_id = self.login(user_key)
# Gets the user_id to generate the user cookie
user_id = ndb_pb.getUserId(user_key)
# Returns the session, social_network and user cookie
self.response.set_cookie("session", session_id,
path="/", domain=domain, secure=True)
self.response.set_cookie("social_network",
value="twitter", path="/", domain=domain,
secure=True)
self.response.set_cookie("user",
value=user_id, path="/", domain=domain,
secure=True)
# Builds the response
response = {"status": "User logged successfully", "user_id": user_id}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(200)
else:
response = \
{"error": "The token_id provided does not belong to a registered user in the system. Consider perform a signup request instead"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
else:
response = \
{"error": "There isn\"t any session in the system for the oauth_verifier value specified"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(404)
else:
response = \
{"error": "You must specify a value for the oauth_verifier param in the request"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
def post_login(self, social_network):
try:
# We get the params from the POST data
access_token = self.request.POST["access_token"]
token_id = self.request.POST["token_id"]
# Checks if the username was stored previously
stored_credentials = ndb_pb.searchToken(token_id,
social_network)
if not stored_credentials == None:
# We store the new set of credentials
user_key = ndb_pb.modifyToken(token_id,
access_token, social_network)
user_id = ndb_pb.getUserId(user_key)
session_id = self.login(user_key)
# Gets the user_id to generate the user cookie
user_id = ndb_pb.getUserId(user_key)
# Returns the session cookie
self.response.set_cookie("session", session_id, path="/", domain=domain, secure=True)
self.response.set_cookie("social_network", social_network, path="/", domain=domain, secure=True)
self.response.set_cookie("user", user_id, path="/", domain=domain, secure=True)
# Builds the response
response = {"status": "User logged successfully", "user_id": user_id}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(200)
else:
response = \
{"error": "The token_id provided does not belong to any user in the system. Consider perform a signup request instead"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
except KeyError:
response = \
{"error": "You must provide a valid pair of access_token and token_id in the request"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
def get_credentials(self, social_network, token_id):
cookie_value = self.request.cookies.get("session")
# Obtains info related to the user authenticated in the system
if not cookie_value == None:
logged_user = self.getUserInfo(cookie_value)
# Searchs for user"s credentials
if not logged_user == None:
# Obtains user info
logged_user_id = ndb_pb.getUserId(logged_user)
# Obtains user credentials
user_credentials = ndb_pb.getToken(token_id, social_network)
if not user_credentials == None:
if user_credentials["user_id"] == logged_user_id:
response = \
{"user_id": user_credentials["user_id"],
"access_token": user_credentials["token"]}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(200)
else:
response = {"user_id": user_credentials["user_id"]}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(200)
else:
response = \
{"error": "The active user does not have a pair of token_id" \
+ " and access_token in " + social_network + " stored in the system"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(404)
else:
response = \
{"error": "The cookie session provided does not belongs to any active user"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
# If we don't provide a cookie in the request, we search for the token in the system
# and return a 200 o 404 status. It is a request included in the login flow of the system
else:
user_credentials = ndb_pb.getToken(token_id,social_network)
if not user_credentials == None:
response = {"user_id": user_credentials["user_id"]}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(200)
else:
response = {"error": "Token not found in the system"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(404)
def get(self, user_id):
cookie_value = self.request.cookies.get("session")
component_info = self.request.get("component_info", default_value="reduced")
if not cookie_value == None:
# Obtains info related to the user authenticated in the system
user_logged_key = self.getUserInfo(cookie_value)
if not user_logged_key == None:
# Obtains the info related to the resource requested
component_detailed_info = True if component_info == "detailed" else False
user_info = ndb_pb.getUser(user_id, component_detailed_info)
if user_info == None:
self.response.content_type = "application/json"
self.response.write(json.dumps({"error": "The user requested does not exist"}))
self.response.set_status(404)
else:
# Obtains the user_id to check if the user active is the resource owner
user_logged_id = ndb_pb.getUserId(user_logged_key)
# Depending on the user making the request, the info returned will be one or another
if user_id == user_logged_id:
self.response.content_type = "application/json"
self.response.write(json.dumps(user_info))
self.response.set_status(200)
else:
user_dict = {"user_id": user_info["user_id"],
"description": user_info["description"],
"image": user_info["image"],
"website": user_info["website"],
"networks": user_info["nets"],
"components": user_info["components"]}
if user_info["private_email"] == False:
user_dict["email"] = user_info["email"]
if user_info["private_phone"] == False:
user_dict["phone"] = user_info["phone"]
self.response.content_type = "application/json"
self.response.write(json.dumps(user_dict))
self.response.set_status(200)
else:
self.response.content_type = "application/json"
self.response.write(json.dumps({"error": "The session cookie header does not belong to an active user in the system"}))
self.response.set_status(400)
# If the request doesn't come along a cookie, we search for the user_id in the system
# (We only return an object verifying that the user_id requested exists in the system)
else:
self.response.content_type = "application/json"
user = ndb_pb.getUser(user_id)
if not user == None:
self.response.set_status(200)
else:
self.response.write(json.dumps({"error": "User not found in the system"}))
self.response.set_status(404)
def post_credentials(self, social_network):
cookie_value = self.request.cookies.get("session")
if not cookie_value == None:
user = self.getUserInfo(cookie_value)
if not user == None:
try:
# Gets the data from the request form
access_token = self.request.POST["access_token"]
token_id = self.request.POST["token_id"]
# Checks if the username was stored previously
stored_credentials = ndb_pb.getToken(token_id,
social_network)
if stored_credentials == None:
# Adds the token to the user credentials list
ndb_pb.insertToken(user, social_network, access_token, token_id)
#Builds the response
user_id = ndb_pb.getUserId(user)
response = {"user_id": user_id}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(201)
else:
# We update the user credentials
user_id = ndb_pb.modifyToken(token_id, access_token,
social_network)
# Builds the response
response = {"user_id": stored_credentials["user_id"]}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(200)
except KeyError:
response = \
{"error": "You must provide a valid pair of access_token and token_id in the request"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
else:
response = \
{"error": "The cookie session provided does not belongs to any active user"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
else:
response = \
{"error": "You must provide a session cookie"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(401)
def delete_credentials(self, social_network, token_id):
cookie_value = self.request.cookies.get("session")
if not cookie_value == None:
# Searchs for user"s credentials
logged_user_key = self.getUserInfo(cookie_value)
if not logged_user_key == None:
logged_user_id = ndb_pb.getUserId(logged_user_key)
token = ndb_pb.getToken(token_id, social_network)
if not token == None:
token_owner_id = token['user_id']
if logged_user_id == token_owner_id:
# Deletes the token from the user
token_deleted = ndb_pb.deleteCredentials(logged_user_key, social_network, token_id)
if token_deleted:
response = \
{"status": "Credentials deleted successfully"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(204)
else:
response = \
{"error": "This token cannot be deleted, because it is being used as the only token " + \
"to perform the login action in the system"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(403)
else:
response = \
{"error": "You do not have permissions to perform this request"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(401)
else:
response = \
{"error": "Token not found in the system"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(404)
else:
response = \
{"error": "The cookie session provided does not belongs to any active user"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
else:
response = {"error": "You must provide a session cookie"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(401)
def delete(self, user_id):
cookie_value = self.request.cookies.get("session")
if not cookie_value == None:
user_logged_key = self.getUserInfo(cookie_value)
if not user_logged_key == None:
user_logged_id = ndb_pb.getUserId(user_logged_key)
# It is neccesary to get the parameters from the request
user_info = ndb_pb.getUser(user_id)
if user_info == None:
self.response.content_type = "application/json"
self.response.write(json.dumps({"error": "The user requested does not exist"}))
self.response.set_status(404)
elif not user_info == None and user_logged_id == user_id:
# Logout of the user in the system
logout_status = self.logout(cookie_value)
# Invalidates the cookie
self.response.delete_cookie("session")
# Deletes the user from the datastore
ndb_pb.deleteUser(user_logged_key)
# Builds the response
self.response.set_status(204)
else:
self.response.content_type = "application/json"
self.response.write(json.dumps({"error": "You do not have the proper rights to delete this resource" +
" (The cookie session header does not match with the resource requested)"}))
self.response.set_status(401)
else:
self.response.content_type = "application/json"
self.response.write(json.dumps({"error": "The session cookie header does not belong to an active user in the system"}))
self.response.set_status(400)
else:
self.response.content_type = "application/json"
self.response.write(json.dumps({"error": "The user is not authenticated"}))
self.response.set_status(401)
def post(self, user_id):
cookie_value = self.request.cookies.get("session")
if not cookie_value == None:
user_logged_key = self.getUserInfo(cookie_value)
if not user_logged_key == None:
user_logged_id = ndb_pb.getUserId(user_logged_key)
user_info = ndb_pb.getUser(user_id)
# Checks if the user active is the owner of the resource (if exists)
if user_info == None:
self.response.content_type = "application/json"
self.response.write(json.dumps({"error": "The user requested does not exist"}))
self.response.set_status(404)
elif not user_info == None and user_logged_id==user_id:
values = self.request.POST
# Dict that contains the user values and fields to be updated
update_data = {}
# We parse the data received in the request
if values.has_key("description"):
update_data["description"] = values.get("description")
if values.has_key("website"):
update_data["website"] = values.get("website")
if values.has_key("image"):
update_data["image"] = values.get("image")
if values.has_key("phone"):
update_data["phone"] = int(values.get("phone"))
if values.has_key("email"):
update_data["email"] = values.get("email")
if values.has_key("private_phone"):
# Checks if private_phone has a proper value
if values.get("private_phone") in ["True", "true"]:
private_phone = True
update_data["private_phone"] = private_phone
elif values.get("private_phone") in ["False", "false"]:
private_phone = False
update_data["private_phone"] = private_phone
if values.has_key("private_email"):
# Checks if private_email has a proper value
if values.get("private_email") in ["True", "true"]:
private_email = True
update_data["private_email"] = private_email
elif values.get("private_email")in ["False", "false"]:
private_email = False
update_data["private_email"] = private_email
if values.has_key("component"):
component_id = values.get("component")
component = ndb_pb.getComponent(user_logged_key, component_id)
# If the component_id provided in the request exists in the system and the user has not added it previously,
# we add the component_id provided to the list of user's data to be updated
if not component == None:
update_data["component"] = component_id
# Updates the resource
if not len(update_data) == 0:
updated_info = ndb_pb.updateUser(user_logged_key, update_data)
if not len(updated_info) == 0:
self.response.content_type = "application/json"
self.response.write(json.dumps({"details": "The update has been successfully executed", "status": "Updated", "updated": update_data.keys()}))
self.response.set_status(200)
else:
self.response.content_type = "application/json"
self.response.write(json.dumps({"details": "Resource not modified (check parameters and values provided)", "status": "Not Modified"}))
self.response.set_status(304)
else:
self.response.content_type = "application/json"
self.response.write(json.dumps({"details": "Resource not modified (check parameters and values provided)", "status": "Not Modified"}))
self.response.set_status(304)
else:
self.response.content_type = "application/json"
self.response.write(json.dumps({"error": "You don\"t have the proper rights to modify this resource" +
" (The cookie session header does not match with the resource requested)"}))
self.response.set_status(401)
else:
self.response.content_type = "application/json"
self.response.write(json.dumps({"error": "The session cookie header does not belong to an active user in the system"}))
self.response.set_status(400)
else:
self.response.content_type = "application/json"
self.response.write(json.dumps({"error": "The user is not authenticated"}))
self.response.set_status(401)
def get(self, user_id):
cookie_value = self.request.cookies.get("session")
if not cookie_value == None:
user_logged_key = self.getUserInfo(cookie_value)
if not user_logged_key == None:
user_logged_id = ndb_pb.getUserId(user_logged_key)
user_info = ndb_pb.getUser(user_id)
# Checks if the user active is the owner of the resource (if exists)
if user_info == None:
self.response.content_type = "application/json"
self.response.write(
json.dumps(
{"error": "The user requested does not exist"}))
self.response.set_status(404)
elif not user_info == None and user_logged_key == user_id:
cred_info = ndb_pb.getUserTokens(user_id)
if cred_info == None:
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"error":
"The user has not credentials added to his profile"
}))
self.response.set_status(404)
else:
self.response.content_type = "application/json"
self.response.write(cred_info)
self.response.set_status(200)
else:
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"error":
"You don\"t have the proper rights to modify this resource"
+
" (The cookie session header does not match with the resource requested)"
}))
self.response.set_status(401)
else:
# We invalidate the session cookies received
expire_date = datetime.datetime(1970, 1, 1, 0, 0, 0)
self.response.set_cookie("session",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
# We delete and invalidate other cookies received, like the user logged nickname
# and social network in which the user performed the login
if not self.request.cookies.get("social_network") == None:
self.response.set_cookie("social_network",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
if not self.request.cookies.get("user") == None:
self.response.set_cookie("user",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
# Builds the response
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"error":
"The session cookie header does not belong to an active user in the system"
}))
self.response.set_status(400)
else:
self.response.content_type = "application/json"
self.response.write(
json.dumps({"error": "The user is not authenticated"}))
self.response.set_status(401)
def post(self, user_id):
cookie_value = self.request.cookies.get("session")
if not cookie_value == None:
user_logged_key = self.getUserInfo(cookie_value)
if not user_logged_key == None:
users_logged_id = ndb_pb.getUserId(user_logged_key)
user_info = ndb_pb.getUser(user_id)
if user_info == None:
self.response.content_type = "application/json"
self.response.write(
{"error": "The requested user does not exist"})
self.response.set_status(404)
elif not user_info == None and user_logged_id == user_id:
values = self.request.POST
# Dictionary in which the updated data will be stored
updated_data = {}
if values.hasKey("age"):
updated_data["age"] = int(values.get("age"))
if values.hasKey("studies"):
updated_data["studies"] = values.get("studies")
if values.hasKey("tech_exp"):
updated_data["tech_exp"] = values.get("tech_exp")
if values.hasKey("social_nets_use"):
updated_data["social_nets_use"] = values.get(
"social_nets_use")
if values.hasKey("gender"):
updated_data["gender"] = values.get("gender")
if values.hasKey("name"):
updated_data["name"] = values.get("name")
if values.hasKey("surname"):
updated_data["surname"] = values.get("surname")
if not len(updated_data) == 0:
updated_info = ndb_pb.updateProfile(
user_id, updated_data)
if not len(updated_info) == 0:
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"details":
"The update has been successfully executed",
"status": "Updated",
"updated": update_data.keys()
}))
self.response.set_status(200)
else:
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"details":
"Resource not modified (check parameters and values provided)",
"status": "Not Modified"
}))
self.set_status(304)
else:
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"error":
"You don\"t have the proper rights to modify this resource"
+
" (The cookie session header does not match with the resource requested)"
}))
self.response.set_status(401)
else:
# We invalidate the session cookies received
expire_date = datetime.datetime(1970, 1, 1, 0, 0, 0)
self.response.set_cookie("session",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
# We delete and invalidate other cookies received, like the user logged nickname
# and social network in which the user performed the login
if not self.request.cookies.get("social_network") == None:
self.response.set_cookie("social_network",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
if not self.request.cookies.get("user") == None:
self.response.set_cookie("user",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
# Builds the response
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"error":
"The session cookie header does not belong to an active user in the system"
}))
self.response.set_status(400)
else:
self.response.content_type = "application/json"
self.response.write(
json.dumps({"error": "The user is not authenticated"}))
self.response.set_status(401)
def delete(self, user_id):
cookie_value = self.request.cookies.get("session")
if not cookie_value == None:
user_logged_key = self.getUserInfo(cookie_value)
if not user_logged_key == None:
user_logged_id = ndb_pb.getUserId(user_logged_key)
# It is neccesary to get the parameters from the request
user_info = ndb_pb.getUser(user_id)
if user_info == None:
self.response.content_type = "application/json"
self.response.write(
json.dumps(
{"error": "The user requested does not exist"}))
self.response.set_status(404)
elif not user_info == None and user_logged_id == user_id:
# Logout of the user in the system
logout_status = self.logout(cookie_value)
# Invalidates the cookie
self.response.delete_cookie("session")
# Deletes the user from the datastore
ndb_pb.deleteUser(user_logged_key)
# Builds the response
self.response.set_status(204)
else:
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"error":
"You do not have the proper rights to delete this resource"
+
" (The cookie session header does not match with the resource requested)"
}))
self.response.set_status(401)
else:
# We invalidate the session cookies received
expire_date = datetime.datetime(1970, 1, 1, 0, 0, 0)
self.response.set_cookie("session",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
# We delete and invalidate other cookies received, like the user logged nickname
# and social network in which the user performed the login
if not self.request.cookies.get("social_network") == None:
self.response.set_cookie("social_network",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
if not self.request.cookies.get("user") == None:
self.response.set_cookie("user",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
# Builds the response
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"error":
"The session cookie header does not belong to an active user in the system"
}))
self.response.set_status(400)
else:
self.response.content_type = "application/json"
self.response.write(
json.dumps({"error": "The user is not authenticated"}))
self.response.set_status(401)
def post(self, user_id):
cookie_value = self.request.cookies.get("session")
if not cookie_value == None:
user_logged_key = self.getUserInfo(cookie_value)
if not user_logged_key == None:
user_logged_id = ndb_pb.getUserId(user_logged_key)
user_info = ndb_pb.getUser(user_id)
# Checks if the user active is the owner of the resource (if exists)
if user_info == None:
self.response.content_type = "application/json"
self.response.write(
json.dumps(
{"error": "The user requested does not exist"}))
self.response.set_status(404)
elif not user_info == None and user_logged_id == user_id:
values = self.request.POST
# Dict that contains the user values and fields to be updated
update_data = {}
# We parse the data received in the request
if values.has_key("description"):
update_data["description"] = values.get("description")
if values.has_key("website"):
update_data["website"] = values.get("website")
if values.has_key("image"):
update_data["image"] = values.get("image")
if values.has_key("phone"):
update_data["phone"] = int(values.get("phone"))
if values.has_key("email"):
update_data["email"] = values.get("email")
if values.has_key("private_phone"):
# Checks if private_phone has a proper value
if values.get("private_phone") in ["True", "true"]:
private_phone = True
update_data["private_phone"] = private_phone
elif values.get("private_phone") in ["False", "false"]:
private_phone = False
update_data["private_phone"] = private_phone
if values.has_key("private_email"):
# Checks if private_email has a proper value
if values.get("private_email") in ["True", "true"]:
private_email = True
update_data["private_email"] = private_email
elif values.get("private_email") in ["False", "false"]:
private_email = False
update_data["private_email"] = private_email
if values.has_key("component"):
component_id = values.get("component")
component = ndb_pb.getComponent(
user_logged_key, component_id)
# If the component_id provided in the request exists in the system and the user has not added it previously,
# we add the component_id provided to the list of user's data to be updated
if not component == None:
update_data["component"] = component_id
# Updates the resource and return the proper response to the client
if not len(update_data) == 0:
updated_info = ndb_pb.updateUser(
user_logged_key, update_data)
if not len(updated_info) == 0:
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"details":
"The update has been successfully executed",
"status": "Updated",
"updated": update_data.keys()
}))
self.response.set_status(200)
# We return a custom error message if the request had as purpose adding a component to the user's dashboard
elif len(updated_info) == 0:
self.response.content_type = "application/json"
self.response.set_status(304)
if update_data.has_key("component_id"):
self.response.write(
json.dumps({
"details":
"Resource not modified (The component specified does not exists"
+
"or the user has not added to its account the social networks that consumes the component)",
"status":
"Not Modified"
}))
else:
self.response.write(
json.dumps({
"details":
"Resource not modified (check parameters and values provided)",
"status": "Not Modified"
}))
else:
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"details":
"Resource not modified (It hasn't been specified any valid parameter for this method)",
"status": "Not Modified"
}))
self.response.set_status(304)
# Status errors related to permission and user authentication
else:
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"error":
"You don\"t have the proper rights to modify this resource"
+
" (The cookie session header does not match with the resource requested)"
}))
self.response.set_status(401)
else:
# We invalidate the session cookies received
expire_date = datetime.datetime(1970, 1, 1, 0, 0, 0)
self.response.set_cookie("session",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
# We delete and invalidate other cookies received, like the user logged nickname
# and social network in which the user performed the login
if not self.request.cookies.get("social_network") == None:
self.response.set_cookie("social_network",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
if not self.request.cookies.get("user") == None:
self.response.set_cookie("user",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
# Builds the response
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"error":
"The session cookie header does not belong to an active user in the system"
}))
self.response.set_status(400)
else:
self.response.content_type = "application/json"
self.response.write(
json.dumps({"error": "The user is not authenticated"}))
self.response.set_status(401)
def get(self, user_id):
cookie_value = self.request.cookies.get("session")
component_info = self.request.get("component_info",
default_value="reduced")
if not cookie_value == None:
# Obtains info related to the user authenticated in the system
user_logged_key = self.getUserInfo(cookie_value)
if not user_logged_key == None:
# Obtains the info related to the resource requested
component_detailed_info = True if component_info == "detailed" else False
user_info = ndb_pb.getUser(user_id, component_detailed_info)
if user_info == None:
self.response.content_type = "application/json"
self.response.write(
json.dumps(
{"error": "The user requested does not exist"}))
self.response.set_status(404)
else:
# Obtains the user_id to check if the user active is the resource owner
user_logged_id = ndb_pb.getUserId(user_logged_key)
# Depending on the user making the request, the info returned will be one or another
if user_id == user_logged_id:
user_profile = ndb_pb.getProfile(user_id)
if user_profile == None:
user_info["age"] = ""
user_info["studies"] = ""
user_info["tech_exp"] = ""
user_info["social_nets_use"] = ""
user_info["gender"] = ""
user_info["name"] = ""
user_info["surname"] = ""
else:
user_profile = json.loads(user_profile)
user_info["age"] = user_profile["age"]
user_info["studies"] = user_profile["studies"]
user_info["tech_exp"] = user_profile["tech_exp"]
user_info["social_nets_use"] = user_profile[
"social_nets_use"]
user_info["gender"] = user_profile["gender"]
user_info["name"] = user_profile["name"]
user_info["surname"] = user_profile["surname"]
refs_list = []
components_list_js = ndb_pb.getUserComponentList(
user_id, component_detailed_info=True)
components_list = json.loads(components_list_js)
for comp in components_list["data"]:
ident = comp["component_id"]
# component = ndb_pb.getComponentEntity(ident)
version = comp["version"]
static = "/"
if str(ident) == "twitter-timeline":
static = "/static/"
ref = "/bower_components/" + \
str(ident) + "-" + str(version) + static + str(ident) + ".html"
refs_list.append(ref)
user_info["references"] = refs_list
self.response.content_type = "application/json"
self.response.write(json.dumps(user_info))
self.response.set_status(200)
else:
user_dict = {
"user_id": user_info["user_id"],
"description": user_info["description"],
"image": user_info["image"],
"website": user_info["website"],
"networks": user_info["nets"],
"components": user_info["components"],
"age": "",
"studies": "",
"tech_exp": "",
"social_nets_use": "",
"gender": ""
}
if user_info["private_email"] == False:
user_dict["email"] = user_info["email"]
if user_info["private_phone"] == False:
user_dict["phone"] = user_info["phone"]
for comp in user_info.components:
dict_comp = json.loads(comp)
ident = dict_comp["component_id"]
preversion = ndb_pb.getComponentEntity(
comp["component_id"])
version = preversion.version
static = "/"
if ident == "twitter-timeline": static = "/static/"
ref = "/bower_components/" + \
ident + "-" + version + static + ident + ".html"
refs_list.append(ref)
user_dict["references"] = refs_list
self.response.content_type = "application/json"
self.response.write(json.dumps(user_dict))
self.response.set_status(200)
else:
# We invalidate the session cookies received
expire_date = datetime.datetime(1970, 1, 1, 0, 0, 0)
self.response.set_cookie("session",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
# We delete and invalidate other cookies received, like the user logged nickname
# and social network in which the user performed the login
if not self.request.cookies.get("social_network") == None:
self.response.set_cookie("social_network",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
if not self.request.cookies.get("user") == None:
self.response.set_cookie("user",
"",
path="/",
domain=domain,
secure=True,
expires=expire_date)
# Builds the response
self.response.content_type = "application/json"
self.response.write(
json.dumps({
"error":
"The session cookie header does not belong to an active user in the system"
}))
self.response.set_status(400)
# If the request doesn't come along a cookie, we search for the user_id in the system
# (We only return an object verifying that the user_id requested exists in the system)
else:
self.response.content_type = "application/json"
user = ndb_pb.getUser(user_id)
if not user == None:
self.response.set_status(200)
else:
self.response.write(
json.dumps({"error": "User not found in the system"}))
self.response.set_status(404)