示例#1
0
 def password_require(request):
     username = request.json[
         'username'] if 'username' in request.json else None
     password = request.json[
         'password'] if 'password' in request.json else None
     if username and password:
         user = userservice.get_user(username)
         if user.verify_password(password):
             return BaseController.send_response_api(None, "Password match")
         else:
             return BaseController.send_error_api(None,
                                                  "Password did not match")
     else:
         return BaseController.send_error_api(None, 'Password required')
 def send_confirmation_email(request):
     email = request.json['email'] if 'email' in request.json else None
     if email:
         user = userservice.get_user(email)
         if user is None:
             return BaseController.send_error_api(
                 None, 'User not found, register first')
         if user.confirmed:
             return BaseController.send_response_api(
                 None, 'This account has been confirmed, you can login now')
         userservice.send_confirmation_email(user)
         return BaseController.send_response_api(
             None, 'Confirmation email has been sent to %s' % (email))
     else:
         return BaseController.send_error_api(None, 'Email required')
 def send_reset_password(request):
     email = request.json['email'] if 'email' in request.json else None
     if email:
         user = userservice.get_user(email)
         if user is not None:
             userservice.send_reset_password_email(user)
             return BaseController.send_response_api(
                 None,
                 'Send Reset Password to %s success, you can check your email now'
                 % (email))
         else:
             return BaseController.send_error_api(
                 None,
                 'Email not found, Please send email which registered into your account before'
             )
     else:
         return BaseController.send_error_api(None, 'Email required')
示例#4
0
    def ticket_transfer(request, user):
        # password = request.json['password'] if 'password' in request.json else None
        username = user['username']
        if username:
            auth = userservice.get_user(username)
            receiver = request.json[
                'receiver'] if 'receiver' in request.json else None
            user_ticket_id = request.json[
                'user_ticket_id'] if 'user_ticket_id' in request.json else None
            if None in [user, receiver, user_ticket_id]:
                return BaseController.send_error_api(None,
                                                     'payload is not valid')
            result = tickettransferservice.transfer(user['id'], user_ticket_id,
                                                    receiver)

            if result['error']:
                return BaseController.send_error_api(result['data'],
                                                     result['message'])
            else:
                return BaseController.send_response_api(
                    result['data'], result['message'])
        else:
            return BaseController.send_error_api(None, "invalid payload")
示例#5
0
	def ticket_transfer(request, user):
		password = request.json['password'] if 'password' in request.json else None
		username = user['username']
		if username and password:
			auth = userservice.get_user(username)
			if auth.verify_password(password):
				receiver = request.json['receiver'] if 'receiver' in request.json else None
				user_ticket_id = request.json['user_ticket_id'] if 'user_ticket_id' in request.json else None
				if None in [user, receiver, user_ticket_id]:
					return BaseController.send_error_api(None, 'payload is not valid')
				if user['role_id'] == ROLE['user']:
					result = tickettransferservice.transfer(user['id'], user_ticket_id, receiver)
				else:
					return BaseController.send_error_api(None, 'this operation is not valid for this type of user')

				if result['error']:
					return BaseController.send_error_api(result['data'], result['message'])
				else:			
					return BaseController.send_response_api(result['data'], result['message'])
			else:
				return BaseController.send_error_api(None, "Password did not match")
		else:
			return BaseController.send_error_api(None, "Password required")
    def login(request):
        provider = request.json[
            'provider'] if 'provider' in request.json else None

        admin = request.json['admin'] if 'admin' in request.json else None
        if provider is None:
            username = request.json[
                'username'] if 'username' in request.json else None
            password = request.json[
                'password'] if 'password' in request.json else None
            if username and password:
                # check if user exist
                user = userservice.get_user(username)

                if user is not None:
                    if admin is not None and admin:
                        if user.as_dict()['role_id'] != 1 and user.as_dict(
                        )['role_id'] != 8:
                            return BaseController.send_error_api(
                                {'unauthorized': True},
                                'unauthorized, must be admin to access this page.'
                            )
                    if user.verify_password(password):
                        token = userservice.save_token()
                        user = userservice.include_role_data(
                            user.include_photos().as_dict())
                        return BaseController.send_response_api(
                            {
                                'access_token': token['data'].access_token,
                                'refresh_token': token['data'].refresh_token
                            }, 'User logged in successfully', user)
                    else:
                        return BaseController.send_error_api(
                            {'wrong_credential': True}, 'wrong credentials')
                else:
                    return BaseController.send_error_api(
                        {'not_registered': True}, 'username not found')
            return BaseController.send_error_api(
                {'payload_invalid': True}, 'username and password required')
        else:
            # social sign in
            social_token = request.json[
                'token'] if 'token' in request.json else None

            if (social_token is None):
                return BaseController.send_error_api(
                    {'payload_invalid': True}, 'social token is missing.')

            if (provider == 'twitter'):
                token_secret = request.json[
                    'token_secret'] if 'token_secret' in request.json else None
                if (token_secret is None):
                    return BaseController.send_error_api(
                        {'payload_invalid': True}, 'token secret is missing.')
                user_social_id = userservice.social_sign_in(
                    provider, social_token, token_secret)
            else:
                user_social_id = userservice.social_sign_in(
                    provider, social_token)

            if (user_social_id is not None):
                user = userservice.check_social_account(
                    provider, user_social_id)
                if user is not None:
                    token = userservice.save_token(provider)
                    user = userservice.include_role_data(
                        user.include_photos().as_dict())
                    return BaseController.send_response_api(
                        {
                            'access_token': token['data'].access_token,
                            'refresh_token': token['data'].refresh_token
                        }, 'User logged in successfully', user)
                else:
                    return BaseController.send_error_api(
                        {'not_registered': True}, 'user is not registered')
            else:
                return BaseController.send_error_api(
                    {'wrong_credential': True}, 'token is invalid')