-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathapp.py
155 lines (118 loc) · 4.57 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# encoding: utf-8
import hashlib
from flask import Flask, request, jsonify
app = Flask(__name__)
# user model:
# - email(string, primary key)
# - nick_name(string)
# - password(string)
users = dict() # email: `User`
# login tokens:
# - key: token
# - value: email
tokens = dict() # token: email
class User(object):
def __init__(self, email, password, nick_name):
self.email = email
self.password = password
self.nick_name = nick_name
def dict(self):
return {
"email": self.email,
"password": self.password,
"nick_name": self.nick_name,
}
def make_response(status_code, data):
resp = jsonify(data)
resp.status_code = status_code
return resp
@app.route("/register", methods=["POST"])
# TODO: use make response decorator
def register():
body = request.get_json()
if not body:
return make_response(400, {"code": 1, "err_msg": "no body"})
# check password
password = body.get("password", "")
password_repeat = body.get("password_repeat", "")
if password == "":
return make_response(400, {"code": 2, "err_msg": "no password"})
elif password != password_repeat:
return make_response(400, {"code": 4, "err_msg": "two passwords doesn't match"})
# TODO: check email syntax
email = body.get("email")
if email is None or email == "":
return make_response(400, {"code": 3, "err_msg": "email can not be empty"})
nick_name = body.get("nick_name", "")
if users.get(email) is not None:
return make_response(400, {"code": 5, "err_msg": "email has registered"})
users[email] = User(email, password, nick_name) # save user to db
# genereate users data
users_data = []
for email in users:
users_data.append(users[email].dict())
return make_response(200, {"result": "success", "code": 0, "users": users_data})
@app.route("/login", methods=["POST"])
def login():
body = request.get_json()
if not body:
return make_response(400, {"code": 1, "err_msg": "no body"})
# TODO:check email syntax
email = body.get("email", "")
if email == "":
return make_response(400, {"code": 3, "err_msg": "email is empty"})
password = body.get("password")
if password is None:
return make_response(400, {"code": 2, "err_msg": "no given password"})
user = users.get(email) # simluate that query user from db
if user is None:
return make_response(400, {"code": 6, "err_msg": "user not found"})
elif user.password != password:
return make_response(400, {"code": 7, "err_msg": "invalid user or password"})
else:
token = hashlib.sha256(email + password).hexdigest()
tokens[token] = email # note: consider concurrency safe
resp = make_response(200, {"result": "success", "code": 0})
resp.set_cookie("token", token) # reference: http://flask.pocoo.org/docs/0.12/quickstart/#cookies
return resp
@app.route("/profile", methods=["GET"])
def profile():
token = request.cookies.get("token")
if token is None or token not in tokens:
return make_response(400, {"code": 8, "err_msg": "need login first"})
email = tokens[token]
user = users[email]
return make_response(200, {"result": "success", "email": user.email, "nick_name": user.nick_name})
@app.route("/logout", methods=["POST"])
def logout():
token = request.cookies.get("token")
if token is None or token not in tokens:
return make_response(400, {"code": 8, "err_msg": "need login first"})
# expire token
resp = make_response(200, {"result": "success"})
resp.set_cookie("token", "", expires=0)
return resp
@app.route("/edit", methods=["PUT"])
def edit():
token = request.cookies.get("token")
if token is None or token not in tokens:
return make_response(400, {"code": 8, "err_msg": "need login first"})
email = tokens[token]
body = request.get_json()
new_nick_name = body.get("new_nick_name", "")
if new_nick_name == "":
return make_response(400, {"code": 9, "err_msg": "no new_nick_name"})
users[email].nick_name = new_nick_name
return make_response(200, {"user": users[email].nick_name})
@app.route("/delete", methods=["POST"])
def delete():
body = request.get_json()
if not body:
return make_response(400, {"code": 1, "err_msg": "no body"})
email = body.get("email", "")
del users[email]
return make_response(200, {"result": "success", "code": 0})
def main():
app.run(host="0.0.0.0", port=8080, debug=False)
if __name__ == "__main__":
main()