def create_session(self, **payload): _output = OutputManager() _validator_key = self.create_session.__name__ try: # Validate user inputs InputValidator(_validator_key).validate(payload) try: _account = self.__get_account(email=payload['email']) # Compare user password with hash if self.__verify_password_hash(payload['password'], _account.password): _new_token = binascii.hexlify( os.urandom(SessionBase.AUTH_TOKEN_LENGTH)) _new_token = _new_token.decode(encoding='utf-8') try: self.session_db.set(_new_token, _account.id) self.session_db.expire(_new_token, SessionBase.AUTH_TOKEN_TTL) self.session_db.rpush(_account.id, _new_token) self.session_db.ltrim(_account.id, 0, 999) return _output.output( status=ResponseCodes.OK['success'], data={'auth_token': _new_token}) except RedisError as e: return _output.output( status=ResponseCodes. INTERNAL_SERVER_ERROR['internalError']) else: return _output.output( status=ResponseCodes.UNAUTHORIZED['authError']) except (NoResultFound, MultipleResultsFound): return _output.output( status=ResponseCodes.UNAUTHORIZED['authError']) except SQLAlchemyError: return _output.output(status=ResponseCodes. INTERNAL_SERVER_ERROR['internalError']) except MultipleInvalid as e: error_parser = InputErrorParser() return _output.output( status=ResponseCodes.BAD_REQUEST['invalidQuery'], data=error_parser.translate_errors(e))
def delete_session(self): _output = OutputManager() try: self.protect() try: self.session_db.delete(self.auth_token) except RedisError: return _output.output(status=ResponseCodes. INTERNAL_SERVER_ERROR['internalError']) return _output.output(status=ResponseCodes.OK['success']) except InvalidSession: return _output.output( status=ResponseCodes.UNAUTHORIZED['authError'])
def create_account(self, **payload): _output = OutputManager() _validator_key = self.create_account.__name__ try: # Validate user inputs InputValidator(_validator_key).validate(payload) # Check if account already exists try: if self.__has_account(email=payload['email']): return _output.output( status=ResponseCodes.FORBIDDEN['accountExists'], data={ 'email': 'Email address is already associated with an existing account' }) except SQLAlchemyError: return _output.output(status=ResponseCodes. INTERNAL_SERVER_ERROR['internalError']) # Hash the received password payload['password'] = self.hash_password(payload['password']) try: # Create a new account _new_account = Account(**payload) self.puppet_db.add(_new_account) self.puppet_db.commit() return _output.output(status=ResponseCodes.OK['success']) except SQLAlchemyError: self.puppet_db.rollback() return _output.output(status=ResponseCodes. INTERNAL_SERVER_ERROR['internalError']) except MultipleInvalid as e: error_parser = InputErrorParser() return _output.output( status=ResponseCodes.BAD_REQUEST['invalidQuery'], data=error_parser.translate_errors(e))
def update_account(self, **payload): _output = OutputManager() try: self.protect() _validator_key = self.update_account.__name__ _update_list = {} try: # Validate user inputs InputValidator(_validator_key).validate(payload) if 'first_name' in payload: _update_list[Account.first_name] = payload['first_name'] if 'last_name' in payload: _update_list[Account.last_name] = payload['last_name'] if 'password' in payload: # Hash the received password _update_list[Account.password] = self.hash_password( payload['password']) if not _update_list: return _output.output( status=ResponseCodes.BAD_REQUEST['invalidQuery']) else: try: # Update table with new values self.puppet_db.query(Account).filter( Account.id == self.get_account_id()).update( _update_list) if 'password' in payload: try: self.delete_all_sessions() except SessionError: self.puppet_db.rollback() return _output.output( status=ResponseCodes. INTERNAL_SERVER_ERROR['internalError']) self.puppet_db.commit() return _output.output( status=ResponseCodes.OK['success']) except SQLAlchemyError: self.puppet_db.rollback() return _output.output( status=ResponseCodes. INTERNAL_SERVER_ERROR['internalError']) except MultipleInvalid as e: error_parser = InputErrorParser() return _output.output( status=ResponseCodes.BAD_REQUEST['invalidQuery'], data=error_parser.translate_errors(e)) except InvalidSession: return _output.output( status=ResponseCodes.UNAUTHORIZED['authError'])