def generate_handler(user_id, subject_id):
token_data = generate_handler._token_data
tokenUserId = token_data.get('id')
if tokenUserId != int(user_id):
return HTTP_ERR(status=401, message='UNAUTHORIZED')
ticket_cnt, q_cnt, header, footer = getargs(request, 'ticket_cnt',
'question_cnt', 'header',
'footer')
if not ticket_cnt or not q_cnt:
return HTTP_ERR(status=400, message='BAD REQUEST')
try:
ticket_cnt = int(ticket_cnt)
q_cnt = int(q_cnt)
except:
return HTTP_ERR(status=400, message='parameters must be integer')
generate = Generate(subject_id, user_id, ticket_cnt, q_cnt, header, footer)
if q_cnt > generate.count:
return HTTP_ERR(status=400,
message='can only make {} questions per ticket'.format(
generate.count))
tickets = generate.getTickets()
if tickets['code'] != 200:
return HTTP_ERR(status=tickets['code'], message=tickets['message'])
filename = tickets['data']['filename']
del tickets['data']['filename']
return HTTP_OK(data=tickets['data'],
filename=filename,
download='/api/download?filename=' + filename)
def token_verification():
token = getargs(request, 'token')[0]
if not token:
return HTTP_ERR(status=401, message='bad token')
try:
data = extract_auth_token(token)
if data:
return HTTP_OK(data=data)
return HTTP_ERR(status=401, message='bad token')
except:
return HTTP_ERR(status=401, message='bad token')
def questionDelete():
question_id = getargs(request, 'question_id')[0]
if not question_id:
return HTTP_ERR(message='question id is missing', status=400)
try:
question_id = int(question_id)
except:
return HTTP_ERR(status=400)
deleted = questionAPI.delete(question_id)
if deleted['code'] != 200:
return HTTP_ERR(status=deleted['code'], message=deleted['message'])
return HTTP_OK()
def login():
email, password = getargs(request, 'email', 'password')
if not email or not password:
return abort(401)
exist = usersDB.getByEmail(email)
if exist['code'] == 404:
return HTTP_ERR(status=400, message='user does not exist')
if exist['code'] != 200:
return HTTP_ERR(status=500, message=exist['message'])
if password_verification(password, exist['data']['password']):
user = exist['data']
token = generate_auth_token(user).decode()
return HTTP_OK(data=user, token=token)
return HTTP_ERR(status=401, message='bad login')
def subjectDelete():
tokenData = subjectDelete._token_data
tokenUserId = tokenData.get('id')
subject_id = getargs(request, 'subject_id')[0]
if not subject_id:
return HTTP_ERR(status=400, message='subject id is missing')
try:
subject_id = int(subject_id)
except:
return HTTP_ERR(status=400)
deleted = subjectAPI.delete(subject_id)
if deleted['code'] != 200:
return HTTP_ERR(status=deleted['code'], message=deleted['message'])
return HTTP_OK()
def downloadHandler():
token_data = downloadHandler._token_data
tokenUserId = token_data.get('id')
filename = getargs(request, 'filename')[0]
if not filename:
return HTTP_ERR(status=400, message='file path required')
user_id, subject_id, tcnt, qcnt, date = filename.split('_')
if tokenUserId != int(user_id):
return HTTP_ERR(status=401, message='UNAUTHORIZED')
directory = "{}/{}/{}".format(FILES_PATH, user_id, subject_id)
if not os.path.isfile(directory + '/' + filename):
return HTTP_ERR(status=400, message='File Does Not Exists')
path = os.path.abspath(directory)
return send_from_directory(path, filename, as_attachment=True)
def register():
email, password = getargs(request, 'email', 'password')
if not email or not password:
return HTTP_ERR(message='parameter is missing', status=400)
exist = usersDB.getByEmail(email)
if exist['code'] == 200:
return HTTP_ERR(
message='user already exist by this email {}'.format(email),
status=401)
if exist['code'] != 404:
return HTTP_ERR(message=exist['message'])
data = {"email": email, "password": to_hash(password)}
response = usersDB.save(data)
if response['code'] != 200:
return HTTP_ERR(message=response['message'])
token = generate_auth_token(response['data'])
return HTTP_OK(token=token.decode(), data=response['data'])
def subject_list(user_id):
token_data = subject_list._token_data
tokenUserId = token_data.get('id')
try:
user_id = int(user_id)
except:
return HTTP_ERR(status=400, message='bad user id')
if tokenUserId != user_id:
return HTTP_ERR(status=401, message='unauthorized')
if request.method == 'GET':
sList = subjectAPI.getListByUser_id(user_id)
if sList['code'] != 200:
return HTTP_ERR(status=sList['code'], message=sList['message'])
return HTTP_OK(data=sList['data'])
id_, name = getargs(request, 'id', 'name')
if not name:
return HTTP_ERR(status=400, message='parameters is missing')
data = dict(name=name, user_id=user_id)
if id_:
data['id'] = id_
response = subjectAPI.update(data)
if response['code'] != 200:
return HTTP_ERR(status=response['code'],
message=response['message'])
return HTTP_OK()
response = subjectAPI.save(data)
if response['code'] != 200:
return HTTP_ERR(status=response['code'], message=response['message'])
return HTTP_OK()
def question_list(user_id, subject_id):
token_data = question_list._token_data
tokenUserId = token_data.get('id')
if tokenUserId != int(user_id):
return HTTP_ERR(status=401, message='unauthorized')
if request.method == 'GET':
qList = questionAPI.getListBySubject_id(subject_id, user_id)
if qList['code'] != 200:
return HTTP_ERR(status=qList['code'], message=qList['message'])
return HTTP_OK(data=qList['data'])
if request.method == 'POST':
text, hardness, id_ = getargs(request, 'text', 'hardness', 'id')
if not text or not hardness:
return HTTP_ERR(message='parameter is missing', status=400)
data = dict(text=text,
hardness=hardness,
user_id=user_id,
subject_id=subject_id)
if id_:
data['id'] = id_
response = questionAPI.update(data)
return HTTP_OK(data=response)
response = questionAPI.save(data)
return HTTP_OK(data=response)