def delete_program (user, program_id): result = db_get ('programs', {'id': program_id}) if not result or result ['username'] != user ['username']: return "", 404 db_del ('programs', {'id': program_id}) program_count = 0 if 'program_count' in user: program_count = user ['program_count'] db_update ('users', {'username': user ['username'], 'program_count': program_count - 1}) return redirect ('/programs')
def reset(): body = request.json # Validations if not type_check(body, 'dict'): return 'body must be an object', 400 if not object_check(body, 'username', 'str'): return 'body.username must be a string', 400 if not object_check(body, 'token', 'str'): return 'body.token must be a string', 400 if not object_check(body, 'password', 'str'): return 'body.password be a string', 400 if len(body['password']) < 6: return 'password must be at least six characters long', 400 # There's no need to trim or lowercase username, because it should come within a link prepared by the app itself and not inputted manually by the user. token = db_get('tokens', {'id': body['username']}) if not token: return 'invalid username/token', 403 if not check_password(body['token'], token['token']): return 'invalid username/token', 403 hashed = hash(body['password'], make_salt()) token = db_del('tokens', {'id': body['username']}) db_set('users', {'username': body['username'], 'password': hashed}) user = db_get('users', {'username': body['username']}) if env: send_email_template('reset_password', user['email'], requested_lang(), None) return '', 200
def destroy(user): db_del('tokens', {'id': request.cookies.get(cookie_name)}) db_del('users', {'username': user['username']}) # The recover password token may exist, so we delete it db_del('tokens', {'id': user['username']}) db_del_many('programs', {'username': user['username']}, True) return '', 200
def logout(): if request.cookies.get(cookie_name): db_del('tokens', {'id': request.cookies.get(cookie_name)}) return '', 200
def delete_program (user, program_id): result = db_get ('programs', {'id': program_id}) if not result or result ['username'] != user ['username']: return "", 404 db_del ('programs', {'id': program_id}) return redirect ('/programs')