def makeuser(): username = request.form['username'] password = request.form['password'] conn = get_full_db_connection() cursor = conn.cursor() cursor.execute('SELECT 1 FROM users WHERE username = %s', (username, )) if cursor.rowcount != 0: return jsonify({'result': 'exists'}) else: generate_user(conn, username, password) return jsonify({'result': 'success'})
def validate_token(token): conn = get_full_db_connection() cursor = conn.cursor() cursor.execute('SELECT * FROM session WHERE token = %s', (token, )) result = cursor.fetchone() if result is None: return None token, user_id, expiration_time = result if expiration_time >= datetime.now(): return user_id else: return None
def update_post(): try: timestamp = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime()) conn = get_full_db_connection() cursor = conn.cursor() cursor.execute("UPDATE post SET post.posted_time = %s, post.title = %s, post.body = %s WHERE post.id = %s AND post.author_id = %s", (timestamp, request.form['title'], request.form['body'], request.form['id'], g.user_id)) conn.commit() except: return ('', 401) finally: cursor.close() conn.close() return('', 204)
def delete_post(): try: post_id = request.form['post_id'] conn = get_full_db_connection() cursor = conn.cursor() cursor.execute("DELETE FROM post WHERE post.id = %s AND post.author_id = %s", (post_id, g.user_id)) conn.commit() except: return ('', 401) finally: cursor.close() conn.close() return ('', 204)
def post(): try: timestamp = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime()) conn = get_full_db_connection() cursor = conn.cursor() cursor.execute("INSERT INTO post(author_id, posted_time, title, body) VALUES (%s, %s, %s, %s)", (g.user_id, timestamp, request.form['title'], request.form['body'])) conn.commit() except: return ('', 401) finally: cursor.close() conn.close() return ('', 204)
def users(): try: conn = get_full_db_connection() cursor = conn.cursor() cursor.execute("SELECT users.username FROM users") rows = cursor.fetchall() except: return ('', 401) finally: cursor.close() conn.close() usernames = map(lambda x: x[0], rows) return jsonify(users=list(usernames))
def posts(): try: username = request.args.get("username") conn = get_full_db_connection() cursor = conn.cursor() cursor.execute("SELECT post.id, users.username, unix_timestamp(post.posted_time), post.title, post.body FROM post, users WHERE post.author_id = users.id AND users.username = %(username)s", {'username': username}) rows = cursor.fetchall() except: return ('', 401) finally: cursor.close() conn.close() data = map(lambda x: PostObject(x).to_dict(), rows) return jsonify(posts=list(data))
def unfollow(): unfollowed_username = request.form['username'] try: conn = get_full_db_connection() cursor = conn.cursor() cursor.execute( "DELETE FROM follow WHERE follow.follower_id = %s AND follow.following_id = (SELECT users.id FROM users WHERE users.username = %s)", (g.user_id, unfollowed_username)) conn.commit() except Exception as e: print(e) return ('', 401) finally: cursor.close() conn.close() return ('', 204)
def follow(): followed_username = request.form['username'] try: conn = get_full_db_connection() cursor = conn.cursor() cursor.execute( "INSERT INTO follow (following_id, follower_id) VALUES ((SELECT users.id FROM users WHERE users.username = %s), %s)", (followed_username, g.user_id)) conn.commit() except Exception as e: print(e) return ('', 401) finally: cursor.close() conn.close() return ('', 204)
def get_following(): try: conn = get_full_db_connection() cursor = conn.cursor() cursor.execute( "SELECT users.username FROM users, follow WHERE follow.follower_id = %(user_id)s AND users.id = following_id", {'user_id': g.user_id}) rows = cursor.fetchall() except: return ('', 401) finally: cursor.close() conn.close() usernames = map(lambda x: x[0], rows) return jsonify(following=list(usernames))
def login(): username = request.form['username'] password = request.form['password'] conn = get_full_db_connection() cursor = conn.cursor() cursor.execute('SELECT * FROM users WHERE username = %s', (username, )) user = cursor.fetchone() if user is not None and check_password_hash(user[2], password): token = generate_session(conn, user[0]) resp = make_response(jsonify({'result': 'success', 'token': token})) resp.set_cookie('token', token) return resp else: return jsonify({'result': 'failure'}) return jsonify({'result': 'success'})