示例#1
0
def makeuser():
    username = request.form['username']
    password = request.form['password']
    conn = get_full_db_connection()
    cursor = conn.cursor()
    cursor.execute('SELECT 1 FROM users WHERE username = %s', (username, ))
    if cursor.rowcount != 0:
        return jsonify({'result': 'exists'})
    else:
        generate_user(conn, username, password)
        return jsonify({'result': 'success'})
示例#2
0
def validate_token(token):
    conn = get_full_db_connection()
    cursor = conn.cursor()
    cursor.execute('SELECT * FROM session WHERE token = %s', (token, ))
    result = cursor.fetchone()
    if result is None:
        return None
    token, user_id, expiration_time = result
    if expiration_time >= datetime.now():
        return user_id
    else:
        return None
示例#3
0
def update_post():
    try:
        timestamp = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime()) 
        conn = get_full_db_connection()
        cursor = conn.cursor()
        cursor.execute("UPDATE post SET post.posted_time = %s, post.title = %s, post.body = %s WHERE post.id = %s AND post.author_id = %s", (timestamp, request.form['title'], request.form['body'], request.form['id'], g.user_id))
        conn.commit()
    except:
        return ('', 401)
    finally:
        cursor.close()
        conn.close()

    return('', 204)
示例#4
0
def delete_post():
    try:
        post_id = request.form['post_id']
        conn = get_full_db_connection()
        cursor = conn.cursor()
        cursor.execute("DELETE FROM post WHERE post.id = %s AND post.author_id = %s", (post_id, g.user_id))
        conn.commit()
    except:
        return ('', 401)
    finally: 
        cursor.close()
        conn.close()
    
    return ('', 204)
示例#5
0
def post():
    try:
        timestamp = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime()) 
        conn = get_full_db_connection()
        cursor = conn.cursor()
        cursor.execute("INSERT INTO post(author_id, posted_time, title, body) VALUES (%s, %s, %s, %s)", (g.user_id, timestamp, request.form['title'], request.form['body'])) 
        conn.commit()
    except:
        return ('', 401)
    finally:
        cursor.close()
        conn.close()

    return ('', 204)
示例#6
0
def users():
    try:
        conn = get_full_db_connection()
        cursor = conn.cursor()
        cursor.execute("SELECT users.username FROM users")
        rows = cursor.fetchall()
    except:
        return ('', 401)
    finally:
        cursor.close()
        conn.close()

    usernames = map(lambda x: x[0], rows)

    return jsonify(users=list(usernames))
示例#7
0
def posts():
    try:
        username = request.args.get("username")
        conn = get_full_db_connection()
        cursor = conn.cursor()
        cursor.execute("SELECT post.id, users.username, unix_timestamp(post.posted_time), post.title, post.body FROM post, users WHERE post.author_id = users.id AND users.username = %(username)s", {'username': username}) 
        rows = cursor.fetchall()
    except:
        return ('', 401)
    finally:
        cursor.close()
        conn.close()

    data = map(lambda x: PostObject(x).to_dict(), rows)
    
    return jsonify(posts=list(data))
示例#8
0
def unfollow():
    unfollowed_username = request.form['username']
    try:
        conn = get_full_db_connection()
        cursor = conn.cursor()
        cursor.execute(
            "DELETE FROM follow WHERE follow.follower_id = %s AND follow.following_id = (SELECT users.id FROM users WHERE users.username = %s)",
            (g.user_id, unfollowed_username))
        conn.commit()
    except Exception as e:
        print(e)
        return ('', 401)
    finally:
        cursor.close()
        conn.close()

    return ('', 204)
示例#9
0
def follow():
    followed_username = request.form['username']
    try:
        conn = get_full_db_connection()
        cursor = conn.cursor()
        cursor.execute(
            "INSERT INTO follow (following_id, follower_id) VALUES ((SELECT users.id FROM users WHERE users.username = %s), %s)",
            (followed_username, g.user_id))
        conn.commit()
    except Exception as e:
        print(e)
        return ('', 401)
    finally:
        cursor.close()
        conn.close()

    return ('', 204)
示例#10
0
def get_following():
    try:
        conn = get_full_db_connection()
        cursor = conn.cursor()
        cursor.execute(
            "SELECT users.username FROM users, follow WHERE follow.follower_id = %(user_id)s AND users.id = following_id",
            {'user_id': g.user_id})
        rows = cursor.fetchall()
    except:
        return ('', 401)
    finally:
        cursor.close()
        conn.close()

    usernames = map(lambda x: x[0], rows)

    return jsonify(following=list(usernames))
示例#11
0
def login():
    username = request.form['username']
    password = request.form['password']
    conn = get_full_db_connection()
    cursor = conn.cursor()
    cursor.execute('SELECT * FROM users WHERE username = %s', (username, ))
    user = cursor.fetchone()

    if user is not None and check_password_hash(user[2], password):
        token = generate_session(conn, user[0])
        resp = make_response(jsonify({'result': 'success', 'token': token}))
        resp.set_cookie('token', token)
        return resp
    else:
        return jsonify({'result': 'failure'})

    return jsonify({'result': 'success'})