def on_password(self, request):
res = {'error': 1}
if request.method == 'POST':
user_id = request.form.get('user_id')
session_id = request.form.get('session_id')
password = request.form.get('password')
new_password = request.form.get('new_password')
if new_password is None:
res['error_msg'] = 'new_password required'
else:
if cvtools.user_logged_in(user_id, session_id):
user = cvtools.get_user(user_id)
if len(user) > 0:
pw_user = str(user[0]['password'])
pw_input = str(hashlib.md5(password).hexdigest())
if pw_user != pw_input:
res['error_msg'] = 'incorrect password'
else:
cvtools.update_user_password(user_id, new_password)
res['error'] = 0
else:
res['found'] = 0
res['error_msg'] = 'user not found'
else:
res['error'] = 2
res['error_msg'] = 'session ended. please login'
else:
res['error_msg'] = 'request is not GET'
response_str = json.dumps([res])
return Response(response_str, mimetype='application/json')
def on_profile(self, request):
res = {'error': 1}
if request.method == 'POST':
user_id = request.form.get('user_id')
session_id = request.form.get('session_id')
find_user_id = request.form.get('find_user_id')
if find_user_id is None:
find_user_id = user_id
if cvtools.user_logged_in(user_id, session_id):
user = cvtools.get_user(find_user_id)
result = {}
if len(user) > 0:
res['found'] = 1
result['user_id'] = user[0]['id']
result['username'] = user[0]['username']
result['email'] = user[0]['email']
result['registered_at'] = user[0]['created_at'].isoformat()
else:
res['found'] = 0
res['error'] = 0
res['result'] = result
else:
res['error'] = 2
res['error_msg'] = 'session ended. please login'
else:
res['error_msg'] = 'request is not GET'
response_str = json.dumps([res])
return Response(response_str, mimetype='application/json')
