def on_password(self, request): res = {'error': 1} if request.method == 'POST': user_id = request.form.get('user_id') session_id = request.form.get('session_id') password = request.form.get('password') new_password = request.form.get('new_password') if new_password is None: res['error_msg'] = 'new_password required' else: if cvtools.user_logged_in(user_id, session_id): user = cvtools.get_user(user_id) if len(user) > 0: pw_user = str(user[0]['password']) pw_input = str(hashlib.md5(password).hexdigest()) if pw_user != pw_input: res['error_msg'] = 'incorrect password' else: cvtools.update_user_password(user_id, new_password) res['error'] = 0 else: res['found'] = 0 res['error_msg'] = 'user not found' else: res['error'] = 2 res['error_msg'] = 'session ended. please login' else: res['error_msg'] = 'request is not GET' response_str = json.dumps([res]) return Response(response_str, mimetype='application/json')
def on_profile(self, request): res = {'error': 1} if request.method == 'POST': user_id = request.form.get('user_id') session_id = request.form.get('session_id') find_user_id = request.form.get('find_user_id') if find_user_id is None: find_user_id = user_id if cvtools.user_logged_in(user_id, session_id): user = cvtools.get_user(find_user_id) result = {} if len(user) > 0: res['found'] = 1 result['user_id'] = user[0]['id'] result['username'] = user[0]['username'] result['email'] = user[0]['email'] result['registered_at'] = user[0]['created_at'].isoformat() else: res['found'] = 0 res['error'] = 0 res['result'] = result else: res['error'] = 2 res['error_msg'] = 'session ended. please login' else: res['error_msg'] = 'request is not GET' response_str = json.dumps([res]) return Response(response_str, mimetype='application/json')