def login():
"""login as our user.
input: LoginRequest (if POST)
output: ok.
Request:
?email=xx&password=xx[&remember_me=1] (if GET, else arguments in LoginRequest)
"""
if request.method == "POST":
input_pb = protobuf_json.json2pb(all_pbs.LoginRequest(),
request.get_json())
else:
input_pb = all_pbs.LoginRequest()
input_pb.email = request.args.get("email", "")
input_pb.password = request.args.get("password", "")
input_pb.remember = request.args.get("remember", "") == "1"
table = data_models.GetTable(data_models.RW_USERS)
user_pb = data_models.ToProto(
table.find_one({"info.email": input_pb.email}), data_models.RW_USERS)
if not user_pb or user_pb.info.password != input_pb.password:
abort(400)
user = user_util.FLUser(user_pb)
flogin.login_user(user, remember=input_pb.remember)
session.permanent = True
return 'ok'
def get_all_product():
"""Gets all products in the db.
output: [Product] as json.
"""
table = data_models.GetTable(data_models.RW_PRODUCTS)
product_pbs = data_models.ToProtos(table.find())
return json.dumps(data_models.ToArray(product_pbs))
def load_user(userid):
"""Used by Flask to make a FLUser from our user id, for auto login sessions from cookie etc."""
try:
user_id = int(userid)
table = data_models.GetTable(data_models.RW_USERS)
user_pb = data_models.ToProto(table.find_one({"_id": user_id}), data_models.RW_USERS)
if not user_pb: return None
return FLUser(user_pb)
except:
return None
def open_session(self, app, request):
sid = request.cookies.get(app.session_cookie_name)
if sid:
stored_session = data_models.GetTable(
data_models.RW_SESSIONS).find_one({'sid': sid})
if stored_session:
if stored_session.get('expiration') > datetime.utcnow():
return MongoSession(initial=stored_session['data'],
sid=stored_session['sid'])
sid = str(uuid4())
return MongoSession(sid=sid)
def save_product():
"""Takes an array of Product as json and saves them all in the db, overwriting the existing ones.
input: [Product]
output: 'ok'
"""
inp = request.get_json()
pbs = data_models.ArrayToProto(all_pbs.Product, inp)
# WARNING: this is really to showcase the app, don't do this of course!
data_models.GetTable(data_models.RW_PRODUCTS).drop()
data_models.SaveProtos(pbs, data_models.RW_PRODUCTS)
return 'ok'
def debug_login():
"""Auto login with no password.
?user_id=2
"""
if app.config[Constants.KEY_MODE] == Constants.PROD:
abort(401)
table = data_models.GetTable(data_models.RW_USERS)
user_pb = data_models.ToProto(
table.find_one({"_id": int(request.args.get('user_id'))}),
data_models.RW_USERS)
if not user_pb:
return "error"
user = user_util.FLUser(user_pb)
flogin.login_user(user, remember=True)
return 'ok'
def save_session(self, app, session, response):
domain = self.get_cookie_domain(app)
if not session:
response.delete_cookie(app.session_cookie_name, domain=domain)
return
if self.get_expiration_time(app, session):
expiration = self.get_expiration_time(app, session)
else:
expiration = datetime.utcnow() + timedelta(days=15)
data_models.GetTable(data_models.RW_SESSIONS).update(
{'sid': session.sid}, {
'sid': session.sid,
'data': session,
'expiration': expiration
}, True)
response.set_cookie(app.session_cookie_name,
session.sid,
expires=self.get_expiration_time(app, session),
httponly=True,
domain=domain)
def forgot_password():
"""Sends an email.
output: "ok".
Request
[email protected]
"""
table = data_models.GetTable(data_models.RW_USERS)
user_pb = data_models.ToProto(
table.find_one({"info.email": request.args.get("email", "")}),
data_models.RW_USERS)
if not user_pb:
abort(401)
utils.SendMail(email_from="no-reply",
to=user_pb.info.email,
obj="Credentials",
body="Your login credentials :\n%s\n%s" %
(user_pb.info.email, user_pb.info.password))
return "ok"
def doesEmailExist(email):
"""Returns true if a user exist with this email."""
table = data_models.GetTable(data_models.RW_USERS)
user_pb = data_models.ToProto(table.find_one({"info.email": email}), data_models.RW_USERS)
return user_pb is not None