def api_user(user):
if request.method == 'GET':
return json.dumps(serializers.user(user))
else:
values = request.get_json(force=True)
validation = User.validate(values)
if validation == True:
user = User.from_values(values)
session['id'] = user.username
return response_success(serializers.user(user))
else:
return response_error(validation)
def post(self):
'''do the login :)'''
email = self.request.data.get('email')
password = self.request.data.get('password')
user = yield from db.users.find_one({
'email': email
})
if user:
password_hash = yield from utils.get_password_hash(
user['salt'],
password.encode()
)
if user['password'] == password_hash:
user['last_login'] = datetime.datetime.now()
yield from db.users.save(user)
user['token'] = yield from utils.generate_token(user)
yield from serializers.user(user)
self.response.set_content(user)
else:
self.invalid_response()
else:
self.invalid_response()
yield from self.response.close()
def get(self):
user = yield from self.get_user()
if user:
yield from serializers.user(user)
self.response.set_content(user)
yield from self.response.close()
def get(self):
user = yield from self.get_user()
if user:
yield from serializers.user(user)
self.response.set_content(user)
yield from self.response.close()
def api_user_new(values=None):
validation = User.validate(values)
if validation == True:
user = User.from_values(values)
session['id'] = user.username
return response_success(serializers.user(user))
else:
return response_error(validation)
def put(self):
user = yield from self.get_user()
if user:
data = self.request.data
fields_to_remove = ['email', '_id', 'salt']
for key in fields_to_remove:
if key in data:
del data[key]
user['modified'] = datetime.datetime.now()
user.update(data)
yield from db.users.save(user)
yield from serializers.user(user)
self.response.set_content(user)
yield from self.response.close()
def put(self):
user = yield from self.get_user()
if user:
data = self.request.data
fields_to_remove = ['email', '_id', 'salt']
for key in fields_to_remove:
if key in data:
del data[key]
user['modified'] = datetime.datetime.now()
user.update(data)
yield from db.users.save(user)
yield from serializers.user(user)
self.response.set_content(user)
yield from self.response.close()
def login(values):
address = request.remote_addr
if can_attempt_login(address):
username = values.get('id')
password = values.get('password')
user = User.with_username(username)
if user:
if user.matches_password(password):
session['id'] = username
return response_success(serializers.user(user))
else:
set_failed_login(address)
return response_error("username password combination incorrect")
else:
set_failed_login(address)
return response_error("username password combination incorrect")
else:
return response_error("maximum number of login attempts exceeded, please try again later")
def post(self):
''' This method is called on HTTP POST'''
user = self.request.data
is_valid = yield from self.validate_user(user)
if is_valid:
user['salt'] = yield from utils.generate_salt()
user['last_login'] = user['created'] = datetime.datetime.now()
user['modified'] = None
user['password'] = yield from utils.get_password_hash(
user['salt'], user['password'].encode())
db.users.insert(user)
yield from serializers.user(user)
# Generate the token
user['token'] = yield from utils.generate_token(user)
self.response.status_code = 201
self.response.set_content(user)
yield from self.response.close()
def post(self):
''' This method is called on HTTP POST'''
user = self.request.data
is_valid = yield from self.validate_user(user)
if is_valid:
user['salt'] = yield from utils.generate_salt()
user['last_login'] = user['created'] = datetime.datetime.now()
user['modified'] = None
user['password'] = yield from utils.get_password_hash(
user['salt'], user['password'].encode()
)
db.users.insert(user)
yield from serializers.user(user)
# Generate the token
user['token'] = yield from utils.generate_token(user)
self.response.status_code = 201
self.response.set_content(user)
yield from self.response.close()
def post(self):
'''do the login :)'''
email = self.request.data.get('email')
password = self.request.data.get('password')
user = yield from db.users.find_one({'email': email})
if user:
password_hash = yield from utils.get_password_hash(
user['salt'], password.encode())
if user['password'] == password_hash:
user['last_login'] = datetime.datetime.now()
yield from db.users.save(user)
user['token'] = yield from utils.generate_token(user)
yield from serializers.user(user)
self.response.set_content(user)
else:
self.invalid_response()
else:
self.invalid_response()
yield from self.response.close()
def init():
if 'id' in session:
user = User.with_username(session["id"])
if user:
return json.dumps(serializers.user(user))
return '', 200