/
users.py
93 lines (73 loc) · 2.21 KB
/
users.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
import flask, json, math
from hashlib import md5
from db import db
def run():
app = flask.Flask(__name__)
@app.route('/users/<id>', methods=['GET'])
def get_user(id):
q = "SELECT email, name, description, cv_id FROM users WHERE id = '" + id + "'"
query_result = db.exec_query(q).fetchone()
if not query_result:
flask.abort(404)
q = "SELECT name, profession, projects_id, videos_id, records_id, photos_id FROM CVs WHERE cv_id = '" + str(query_result[3]) + "'"
r = db.exec_query(q).fetchone()
user = {
'id': id,
'email': query_result[0],
'name': query_result[1],
'description': query_result[2]
}
if not r:
CV = {}
else:
CV = {
'name' : r[0],
'profession' : r[1],
'projects' : json.loads(r[2]),
'videos' : json.loads(r[3]),
'records' : json.loads(r[4]),
'photos' : json.loads(r[5])
}
return json.dumps({'user': user, "CV" : CV}), 200
@app.route('/cv/<id>', methods=['GET'])
def get_cv(id):
q = "SELECT name, profession, projects_id, videos_id, records_id, photos_id, image FROM CVs WHERE cv_id = '" + id + "'"
r = db.exec_query(q).fetchone()
if not r:
flask.abort(404)
return json.dumps({
'name' : r[0],
'profession' : r[1],
'projects' : json.loads(r[2]),
'videos' : json.loads(r[3]),
'records' : json.loads(r[4]),
'photos' : json.loads(r[5]),
'image' : r[6]
}), 200
@app.route('/users', methods=['POST'])
def users_post():
try:
email = flask.request.form['email']
password = flask.request.form['password']
name = flask.request.form['name']
except:
return flask.abort(400)
hash = md5((email+'salt'+password).encode('utf-8')).hexdigest()
id = md5((email+'salt').encode("utf-8")).hexdigest()
q = "SELECT id FROM users WHER id = '" + id + "'"
r = db.exec_query(q).fetchone()
if len(r) > 0:
return json.dumps({'reason': 'Wrong login or password'}), 403
q = "INSERT INTO users VALUES ('{}', '{}', '{}', '{}', '{}', '{}')".format(
id,
hash,
email,
name,
'',
''
)
db.exec_query(q)
db.commit()
return json.dumps({'reason':'Registration complete'}), 201
app.run(port=8002, debug=True)
run()